On Fri, Jul 24, 2009 at 2:23 AM, Tei<oscar.vives(a)gmail.com> wrote:
I dunno, a third input box name="botname"?
<input type="hidden" name="botname" />
I'm talking about in the case of a possibly malicious service, and
only if it's using OAuth (or whatever). Presumably if it's using
OAuth the user already gave it some unique identification token that
we can just revoke, so I don't think the hard part here would be the
identification itself. The hard part would be the rest: making it
immediately obvious to everyone that a given change was made through a
specific web service, and allowing admins to block such services
easily. And implementing something like OAuth to begin with.