NY Comic Con Takes Over Attendees' Twitter Accounts To Praise Itself

← Back to Stories (view on slashdot.org)

NY Comic Con Takes Over Attendees' Twitter Accounts To Praise Itself

Posted by timothy on Saturday October 12, 2013 @01:25AM from the you're-loving-it dept.

Okian Warrior writes "Attendees to this year's New York Comic Con convention were allowed to pre-register their RFID-enabled badges online and connect their social media profiles to their badges — something, the NYCC registration site explained, that would make the 'NYCC experience 100x cooler! For realz.' Most attendees didn't expect "100x cooler" to translate into 'we'll post spam in your feed as soon as the RFID badge senses that you've entered the show,' but that seems to be what happened."

17 of 150 comments (clear)

Min score:

Reason:

Sort:

Ooops! Sorry by Anonymous Coward · 2013-10-12 01:28 · Score: 5, Insightful

ReedPop's apology was insincere and showed no remorsefulness. They've done it before and they'll do it again.
Morale of the story: don't use your social media accounts for any type of authentication.
1. Re:Ooops! Sorry by Joining+Yet+Again · 2013-10-12 01:29 · Score: 5, Funny
  
  Morale of the story: low.
2. Re:Ooops! Sorry by Nerdfest · 2013-10-12 01:31 · Score: 4, Informative
  
  When you use your Twitter account for authentication, it doesn't need to be authorised for tweeting. You only need to avoid places that request that permission.
3. Re:Ooops! Sorry by Jawnn · 2013-10-12 01:35 · Score: 4, Insightful
  
  Well..., yeah. But that's asking an awful lot of a great many Twitter users.
4. Re:Ooops! Sorry by Anonymous Coward · 2013-10-12 01:35 · Score: 4, Insightful
  
  They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.
5. Re:Ooops! Sorry by gl4ss · 2013-10-12 01:45 · Score: 5, Informative
  
  They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.
  more importantly YOU CAN NOT give just partial access to an app in twitter. you either give it all it's requesting or nothing and you can not go into your app settings and change. you can only revoke the whole app.
  but the guys attending should really have smelled something funny when they were requesting post permissions along with other perms.
  
  --
  world was created 5 seconds before this post as it is.
6. Re:Ooops! Sorry by hawguy · 2013-10-12 01:46 · Score: 4, Interesting
  
  They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.
  When you grant a third party access to sent Tweets on your behalf, don't you click through a warning telling you that? Why would you give a convention permission to send Tweets as you, and if you do, why would you be surprised when they do?
7. Re:Ooops! Sorry by Rich0 · 2013-10-12 02:47 · Score: 5, Informative
  
  They didn't "ask" for permission. They inferred it from people providing their twitter account info. There wasn't even an "opt-out" option because people didn't know this was going to happen.
  When you grant a third party access to sent Tweets on your behalf, don't you click through a warning telling you that? Why would you give a convention permission to send Tweets as you, and if you do, why would you be surprised when they do?
  The problem is that there is a growing trend towards letting apps request permissions, and then giving the user two choices - accept all the permissions the app requests, or don't use the app at all. That is true of many online services, and it is true of Android as well (and likely other mobile OSes).
  The better solution is to allow the application to request a default list of permissions, and then give the user the opportunity to accept or modify them. The application would still work if the permissions are modified, though with limited functionality. I'd probably go a step further and not make it possible for the application to know what permissions were granted, so that app authors don't just force the all-or-nothing situation back on users by refusing to run if full permissions are not granted. 99% of the time partial permissions only cause failure modes that the application has to handle gracefully anyway (no access to contacts is no different than a user who has no contacts, no access to location/network is no different than a user in a building, etc).
  The all-or-nothing approach just gives app authors a club to hit users with - it puts the app author in control of the device, and not the user. Not running mobile apps really isn't an acceptable alternative.
8. Re:Ooops! Sorry by Anonymous Coward · 2013-10-12 04:37 · Score: 4, Informative
  
  iOS does it on a permission as needed basis. Twitter wants to use my location? Okay, I'm fine with my tweets indicating my location. Twitter wants to use my contacts? No, thank you Twitter, I'll spam people myself.
9. Re:Ooops! Sorry by Anonymous Coward · 2013-10-12 04:47 · Score: 4, Informative
  
  The better solution is to allow the application to request a default list of permissions, and then give the user the opportunity to accept or modify them. The application would still work if the permissions are modified, though with limited functionality.
  You know what security model you're referring to? Blackberry.
  My ancient (2 year old) blackberry lets me selectively grant or deny application permissions on a granular basis. I can even selectively grant or deny network connectivity, so that an application can connect to an ip address using https, but can't connect to a different ip address by http.
  The Blackberry security model has been thought out by some very smart people at RIM.
  Unfortunately, the market really doesn't seem interested in security, even as more people put their entire life on their smartphone.
  Sad.
And Nerds, please, shower! by SternisheFan · 2013-10-12 01:48 · Score: 4, Interesting

In a message pasted on the event’s official website, Comic Con demands that nerdy attendees wash themselves and use deodorant after they emerge from their moms’ basements to attend the event.In a message pasted on the event’s official website, Comic Con demands that nerdy attendees wash themselves and use deodorant after they emerge from their moms’ basements to attend the event.
Apparently this is such a problem Comic Con listed “shower” as item No. 3 on its event “survival” checklist.
“Things tend to get hot at NYCC with so many fans around and you don’t want to be the stinky one!” the organizers wrote. “Do everyone a favor and shower before and wear clean clothes!”
Apparently this is such a problem Comic Con listed “shower” as item No. 3 on its event “survival” checklist.
“Things tend to get hot at NYCC with so many fans around and you don’t want to be the stinky one!” the organizers wrote. “Do everyone a favor and shower before and wear clean clothes!” http://nypost.com/2013/10/10/comic-con-plea-shower/
Re:Prosecute them ... by Barny · 2013-10-12 02:16 · Score: 4, Insightful

The people allowed the app, complete with special warning, to 'post tweets on their behalf'.
There comes a time in your life where you take responsibility for your own actions. For the most part, we call this adulthood.

--
...
/me sighs
Stupid users to lazy to read by mark-t · 2013-10-12 02:19 · Score: 4, Insightful

When you connect your social media account to somethiing, it's reasonable to expect that every permission that they describe they are requesting they are actually going to use. If you're not comfortable with this, then don't connect the account to the service. Period.

--
File under 'M' for 'Manic ranting'
1. Re:Stupid users to lazy to read by Rich0 · 2013-10-12 02:49 · Score: 4, Insightful
  
  If you're not comfortable with this, then don't connect the account to the service. Period.
  Why does it need to be this way? Why not give the user granular access to permissions? Platforms like Twitter/Android/etc give way too much control to apps and not enough to the user - the user shouldn't be given all-or-nothing choices like this.
Re:Prosecute them ... by Oligonicella · 2013-10-12 02:42 · Score: 4, Insightful

But they didn't steal an identity. Just requested allowance to post on a Twitter feed. Unless they did something other than what the article said, there's no identity theft going on. Giving someone access to use your broadcast mechanism is hardly equal to slavery.
"hawkguy is at nycc" vs. their lies. abused access by raymorris · 2013-10-12 03:43 · Score: 4, Interesting

In the few cases an app has posted on my social media accounts, it's been a benign (and true) message like "raymorris is at NY Comic Con". That's what a respectable organization might do and what I'd expect from a company that wants to keep my business.
On the other hand, what they did is misleading and they are assholes for doing it. Just because I give someone access to something doesn't excuse them for abusing that access. One of my employees has access to the company checkbook. If she abuses that access she could go to jail.
Re:"hawkguy is at nycc" vs. their lies. abused acc by NoMaster · 2013-10-12 13:34 · Score: 4, Insightful

In ten pages of google scholar results, I couldn't find a single one where someone had actually performed the famous "boiling frog experiment."
Sedgwick, W.T., 1888, On Variations Of Reflex-Exciteablilty In The Frog, Induced By Changes Of Temperature. Studies From The Biological Laboratory, pp385-410.

--
What part of "a well regulated militia" do you not understand?