Splatforms and Security

Posted on July 1, 2010
Filed Under Splatforms | 2 Comments | Share this post via splatforms.com

It seems as if more and more web sites are asking you for the keys to your other accounts.

“Just give us your Gmail address and your password and we’ll go through your contacts and hook you up with all of your friends here.”

“Give us your Twitter username and password and we’ll send out your current status as a Tweet every time you post an update.”

Sites that do Social Bookmarking want the keys to virtually all of your accounts, and not just for bookmarking sites like Digg or Delicious, but even your major Social Networking accounts on places like Facebook and MySpace.

I have to be honest: I’m a little uncomfortable turning over the credentials needed to log on to the Internet as me to all of these different web sites. It’s not so much that I don’t trust them as it is that I don’t know them. I don’t know their hiring practices. I don’t know what kind of background checks they do on their contractors. I don’t whether or not they encrypt my data. I don’t know what kind of procedures they have in place to restrict access to the database where they retain this information. I just don’t know, and that makes me uncomfortable.

I don’t envy their position, though, and I certainly wouldn’t want to be in their shoes. If I ran a web site or business that accumulated this kind of data, I would not want the liability that comes along with it. Being the potential source of the username and password for a person’s personal e-mail account, private photos, public blog, or social networking space is not something to which I would aspire. Once you collect this kind of data, you have an obligation to protect it, which is not necessarily as easy as it might seem. It just seems far safer and easier to me to simply not collect it in the first place. After all, no one can take from you that which you do not have.

Which is precisely why we here at Splatforms.com will never store, collect, solicit, or require any such information from our users. To do so would not be good for them, and it would certainly not be good for us. Granted, such information is necessary for the successful completion virtually all of the Tasks that can be carried out with *forms data, but we have engineered our process to function in a manner that does not depend on our servers retaining, distributing, knowing, or handling that data in any way.

The key to making that work is your *forms Local Agent, which is installed on your local machine. Your Local Agent collects your user ids and passwords for target sites, and stores that information on your local machine, not on our servers. The dispatcher on our site will transmit instructions to your Local Agent without any user id and password information included, and then your Local Agent will add any such information as needed from your local machine before it carries out those instructions. By providing a means for your Local Agent to augment these instructions with user and password information after the instructions have been sent out, we have eliminated the need for our site to collect, maintain, or even know, any of your user id and password information.

If you elect to utilize the services of Splatforms.com, we just want you to know that your information is safe. And it’s not because we take such great care in protecting it; it’s because we never had it in our possession to begin with, and we don’t ever need to have it to provide the service.

I know that I sleep better because of that, and hopefully you will, too.


2 Responses to “Splatforms and Security”

  1. More Sites, More Tasks, More Fun! : Splatforms on January 19th, 2011 12:08 pm

    […] though we have plenty to do to get the Local Agent in shape for prime time, and we have even more to do to wrap up work on the main site and finally […]

  2. Getting Started with Splatforms (cont) : Splatforms on July 29th, 2011 12:14 pm

    […] about the security of your target web site credentials, you should really check this out as well: Splatforms and Security. We really have no interest in any of your usernames or passwords; you keep those on your own […]