You see Facebook is insecure by design and privacy is given only a minimal amount of programming and lip-service. Sure, you can make your Facebook information safe, well safer, anyway, but who has the time to be constantly plugging in Facebook's privacy holes? Especially since Facebook keeps opening up more and more or your personal information to vendors.
Facebook has back off a bit on this. While still insisting that "you need to explicitly choose to share this data before any application or website can access it, and you can not share your friends' address or mobile number with applications," Facebook also acknowledged though that they need to make "people more clearly aware of when they are granting access to this data. … [and] are making changes to help ensure you only share this information when you intend to do so. We'll be working to launch these updates as soon as possible, and will be temporarily disabling this feature until those changes are ready. We look forward to re-enabling this improved feature in the next few weeks."
I started noticing this myself in the last few weeks as I kept stumbling over more and more sites, such as the Internet Movie Database (IMDB) and ESPN, that would let me login into them using Facebook. I was beginning to think about looking about this trend, when I found that others were already looking into it.
Worse still, besides Facebook's privacy problems, Facebook's login and password system still has two major security holes: its use of a single user name and password and an unencrypted tracking cookie. It's that last that enables Firesheep, the easy to use network eaves-dropper program, to snoop on your Facebook sessions. And, oh yes, if you login into a site using Facebook Connect, those Web sessions as well.
So, what can you do? Well, for starters if you're going to use Facebook, lock it down using ZDNet's The Definitive Facebook Lockdown Guide and every time Facebook asks you for some new permission to share your data, just say no.
As for using Facebook to access other sites, are you crazy? It's bad enough that Facebook is such a security mess, but to trust it to be my universal Internet drivers' license? No. Just no. This is a security disaster that's just waiting to happen and I have no intention of being caught in it.