I tell you what, I love me some Google Reader. One of the first things I did when I got my phone was set up a shortcut to Readerâ€™s mobile interface. Itâ€™s fairly robust, but it is in the browser, so itâ€™s a little slow even on WiFi. On Edge, itâ€™s unbearable. And forget about offline access. What I needed was an app.
But now that there are several to choose from, Iâ€™m still using that shortcut to the browser. Why? They are 3rd party apps that ask for my Google login information. Iâ€™m sure these developers are nice folks and not the least bit interested in identity theft, but I just canâ€™t get past the idea of giving them access to not only my primary email account (Gmail), not only confidential documents (Google Docs), but also the power to spend my money (Google Checkout).
Letâ€™s take a look at a few apps Iâ€™d really like to use, but wonâ€™t.
- Greed was the first Google Reader app I came across. A friend of mine recommended it to me. He loves it. I wonâ€™t use it, because it asks for my Google login information. And dude, itâ€™s called Greed. Doesnâ€™t exactly make me feel great about giving the app my login info.
- NewsRob was the next Reader app I found. It gets great reviews. I have no doubt that itâ€™s wonderful. But I wonâ€™t use it, because it asks for my Google login information.
- The latest Reader app I wonâ€™t use is Talking RSS Reader, which uses a synthesized voice to speak items from your Google Reader feeds to you. I thought itâ€™d be nice to use in the car. But it wants my Google login info, so I won’t be using it.
- It goes beyond Google Reader, of course. Iâ€™d love to use GDocs for Android to access my Google Docs. But I wonâ€™t. You know why by now, right?
- mAnalytics is one of several apps out there that allow you to keep track of your Google Analytics account on your Android phone. I, of course, will not use any of them.
So whose fault is this? I know, many of you might say itâ€™s my fault. Iâ€™m just being paranoid. I should stop worrying and learn to love giving out my Google login info. Some might say itâ€™s Googleâ€™s fault, for making the same password that gets you into Reader also work for Gmail and Checkout. But that integration is a feature, too, and Google does support OAuth.
I hate to lay the blame on developers, but wouldnâ€™t it be great if, the first time you opened an app like NewsRob, it took you to a page on Googleâ€™s servers in the browser to authorize the app? I admit, my knowledge is pretty incomplete here, and there may be reasons why you canâ€™t use OAuth for these purposes. But even failing OAuth, there is another way.
Letâ€™s look at a couple more apps: little olâ€™ Reader Widget Small, and its big brother, Reader Widget Pro. Both are widgets that provide basic info about your Google Reader account (number of unread items and recent headlines). Both use â€œAutomatic authorization against Google Reader API,â€ so no login information is required. In other words, my phone is already hooked up with my Google account, and this app takes advantage of that to eliminate the need for users to turn over the keys to their house to some guy who says he wonâ€™t take anything.
Iâ€™m sure Iâ€™m not the only one who is concerned about this sort of thing. I have to think thereâ€™s an audience out there for apps that access various Google services without requiring users to provide login info.
What do you think? Am I being paranoid, or just appropriately cautious? And if youâ€™re a developer with some insight into hurdles Iâ€™m unaware of, please let me know in the comments.
Update: The developer of ReaderScope, one of those Google Reader apps that I would not use, took this post to heart and pushed an update out today that enables auto-login. Credentialing works the same as in the Reader Widget apps, and there’s also the option to supply login info if your Reader login is different than the one associated with your phone.
In his post about the update, he also explains that Google only supports OAuth for webapps, not for mobile or desktop apps, and that the solution he did use is not perfect: it will only work on “Google experience” phones.
I tested it out and auto-login worked perfectly. The app seems nice, though I’ve not had a chance yet to put it through its paces.
So, I now have a Google Reader app I can use. That’s wonderful, but the larger issue remains.