Sophos’ security blog, Naked Security, picked up on it here – and highlighted the madness of some people who are registering with a service that does not say what it actually does. Especially when you need to hand over the keys to your LinkedIn, Twitter or Facebook account to them to get in. Surely these people have seen what can happen when any of these accounts get compromised?
I’m pleased that Sophos actually had a response from the people behind connect.me, but it still doesn’t exactly fill me with confidence. This feels decidedly dodgy to me. Anything that doesn’t explain exactly what they are offering before I have to register, or give me a way to register with some other details is a big no-no for me.
What really shocks me a little is actually the people that are registering for this service. I have seen a number of exceptionally technical people fire off the automated tweet saying they have “reserved their username” on connect.me. And some of these people should really know better than to trust an unknown entity with their identity. (Hey, that rhymes!)
Needless to say, I’ll be keeping well clear until their intentions are well known.
UPDATE: I’ve just come across this article on Mashable. To me, it feels like they are trying to justify the approach connect.me has taken, by arguing that they are in “Startup Stealth Mode”. Well, if that is the case, why would they post it on Facebook in the first place, and why on earth would you have a viral hook in there to hit twitter etc when people signed up? Does not seem terribly stealthy to me. I have to say, I’m still not comfortable with their approach – it’s one thing to collect email addresses, its another to collect social media details.