Thread: How do I 'share'
View Single Post
Old 05-10-2020, 05:41 PM   #18
Quoth
Still reading
Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.Quoth ought to be getting tired of karma fortunes by now.
 
Quoth's Avatar
 
Posts: 14,483
Karma: 107078855
Join Date: Jun 2017
Location: Ireland
Device: All 4 Kinds: epub eink, Kindle, android eink, NxtPaper
Quote:
Originally Posted by Deskisamess View Post
" Starting in June 2020, we’ll limit the ability for less secure apps (LSAs) to access G Suite account data. LSAs are non-Google apps that can access your Google account with only a username and password. They make your account more vulnerable to hijacking attempts. Instead of LSAs, you can use apps that support OAuth—a modern and secure access method.
This is most likely to impact users of legacy email, calendar, and contacts apps—see below for more details. We’ve also emailed your organization’s primary admin with details around this change. That email includes a list of users who are likely to be affected."

"Update
March 30, 2020: We have suspended the turn-off detailed here until further notice. We'll announce new timelines on the G Suite Updates blog at a later date. For more details, see this post."

From here: https://gsuiteupdates.googleblog.com...incorrect.html
It was deliberately to block conventional email clients. The OAuth is a tool to track users for the big privacy busters. There is no proof it's a more secure solution than encrypted logins
https://en.wikipedia.org/wiki/OAuth

By Legacy Email, Google means any email that's not using their webpage and their services, or the built in services in Android or ChromeOS. Companies like Google tag anything they dislike as legacy.
Quote:
In comparing OAuth 2.0 with OAuth 1.0, Hammer points out that it has become "more complex, less interoperable, less useful, more incomplete, and most importantly, less secure." He explains how architectural changes for 2.0 unbound tokens from clients, removed all signatures and cryptography at a protocol level and added expiring tokens (because tokens couldn't be revoked) while complicating the processing of authorization. Numerous items were left unspecified or unlimited in the specification because "as has been the nature of this working group, no issue is too small to get stuck on or leave open for each implementation to decide."[25]
OAuth for Google is about control and tracking, not being more secure.
You can only use OAuth on Thunderbird with IMAP access. I have no wish EVER to use IMAP. It's for keeping stuff on someone else's server.
Last edited by Quoth; 05-10-2020 at 05:49 PM. Reason: Security
Quoth is offline   Reply With Quote