commit: 6b2ca8a - #414 (2014-03-05 12:54:44 -0500)
Good points. Said that I haven't seen a case yet where Inbound has used these powers. I'd feel better though without giving them to Inbound too.
Out of the 54 apps (I'll have to trim down) that have access to my twitter account with read and write access, not a single one has ever posted on my behalf without me explicitly knowing about it beforehand. This is probably why I'm happy to give so many of them access, including Inbound.org, but I'd soon stop if they did start posting.
I'm sure Inbound is pretty secure and all, but it occurs to me that if someone was able to get into break into the backend, they'd be able to hijack the twitter accounts of many of the key influencers in the industry.
We should fix it. Ed Fry's on the case, so I think he'll get this sorted soon.
We've updated the twitter permissions to read-only, so we'll only grab data we need to fill out your profile here. And we can't now post tweets, update your profile and run your account for you :)
I personally would like to thank inbound for all the tweets from my account that sounded halfway intelligent. Pretty sure they didn't come from me directly. The other ones were my fault.