Quote:
Originally Posted by Grhm
But it's more than a little concerning that one of the permissions users can grant to our unaccountable AI robot overlords is not merely to draft e-mails for us but actuallly to send e-mails on our behalf.
|
Yes I agree; not least because it seems to me that an AI-powered sender could send loads of (weird?) spam ... and what will that do to the reputation of FM's outgoing servers? Or is this no worse than's been possible for years with programs connecting to their SMTP servers?
My first impression when I read:
Quote:
|
"The OAuth consent screen will give you a choice of three levels of access: read-only (see emails, contacts, calendars), write (update emails, save drafts, edit contacts and events), and send (send emails)."
|
was that this is not nearly fine-grained enough (though maybe the blog was just being high-level/vague). Does the protocol allow someone to limit its access to just part of one's mail, and/or a subset of contacts, and/or to specific calendars, and/or a subset of info in those calendars?
Even if the protocol allows fine-grain control, have FM implemented it?
If it sees mails - does it see all of their headers too - or just the message?