Here's a clue: "A third party service is requesting permission to access your Google Account."

That's full access you're granting there - not just oAuth login. It's pretty hard to spot that though. Not sure if I would have.

Your post got disappeared.

So mixtent (the guys behind reference.me) or some fans decided to all flag you? Or was it admin action?

For whatever reason, all traces of stories about startups behaving badly have a tendency to disappear from HN these days. As do stories about the dissapearance itself. Really disappointing to someone who likes the HN community.

Well you weren't the only one at least. I got a crapload of spam from other people signing in this morning and yesterday.

What the hell was their plan here? Unless this was some project to show people not to trust these types of sites with oauth permissions then it was a catastrophic failure wasn't it?

I'd never heard of them and now all I've heard, from multiple people, is to never sign in to their site because they're horrible spammers. The tone has, 100% percent of the time, been one where they wanted to at least spit in someone from reference.me's face, if not punch them.

Unless they've figured out a way to monetize user hatred ...

Why don't you report scam to oauth providers?

That's really disappointing. It's hard enough trying to get people to trust your app without jokers like this ruining it for the rest of us. I agree with alpb, report it!

It's worth setting up a fake/honeypot account to play with services like this.

Very happy I spotted this thread! I did wonder what they'd do with so much access to my Google account. Dodged a bullet there I think!

undefined

Don't use any "Sign up with ..." ever, except maybe OpenID which is fairly safe.