I must have glazed right over the verbiage. As first glance, it looks rather innocuous. Instead of the usual "Authorize" on the upper right you get for most Facebook-connected apps, you get a "Okay, Read Article" prompt.
That's pretty scummy social engineering, because if the verbiage was "Authorize Yahoo" I might not have done it.
However, It's the verbiage on what's on the lower right that is completely insidious.
As I explained in an earlier piece, I have really crappy vision. On a 27" monitor, the verbiage on the lower right essentially is invisible unless I blow it up pretty big. I suspect plenty of people with good eyesight would probably glaze over it as well.
Should you click "Okay, Read Article" the following appears on your Facebook Timeline activity profile:
Once you've authorized Yahoo that first time, all future reads of articles on their web sites are also posted to your profile, whether you like it or not. The only way to stop it is to remove the app authorization in your Facebook privacy settings. Which I promptly did after one of my friends alerted me as to what was going on.
Now, broadcasting to all my friends that I read about an upcoming SF blockbuster film is really not a big deal. Status updates, likes and app activity on my Facebook profile is limited only to my friends, and nobody in the outside world can see any of it or share it.
However, I really do not want my friends seeing everything I'm reading on the Yahoo properties, regardless of subject matter. The story could have been about, I dunno, much more controversial stuff. It may have been about political candidates, human sexuality, terrorism, or any number of things I don't wan't people inferring I think about one way or another.
If I want to share a story or a link, I'll do it on my own terms.
Keep your damn purple tentacles off my Facebook profile, Yahoo!
Now, it just so happens that I caught and understood exactly what Yahoo did because it was exploiting the Facebook Open Graph API to its own advantage. Your average user might not have caught this, though.
In some degree of fairness to Yahoo, they aren't the only company which is exploiting Open Graph in this way, and it is really Facebook that is providing the tools to these partners for "Molesting" your timeline. The company has been doing this atleast since fall of last year, when the Open Graph API partnerships with 17 initial partners was launched.
Other content partners are doing the same type of "Oversharing" apps, and this has come under a great deal of criticism in the past months.