And I agree with him. The fact that you are giving away a decade of correspondence should not be at the same size as "Yes, I agree with the server saving my cookies".
Google should make it much clearer in the OAuth flow that the scopes you are allowing could potentially allow the third party to download your entire history. Google aren't the only ones guilty of this. OAuth is built upon user trust and control of scopes. Don't hide them away in a "click for more information" dialog, make it clear right there that certain scopes are giving away much more information.
Fleep should not be importing my e-mail as part of the initial "signup with Google" flow. It should be a second step after i have got past the OAuth stage and they should make it clear that they will be importing my entire history from Google. A drive by import might be a "frictionless" user experience, but it can appear clandestine.
And for anyone else using OAuth, or clicking "signup with $foo" - always always always check the scopes you are allowing. Remove all but the essentials required for you to "sign in", that should only be your name/email address. If you can't limit the scopes then just signup the old fashioned way, your e-mail address and a unique password.
That's good. In that case either blog post is misleading or it has been changed in the hours since.
Edit: I see the original blog post has been updated with more information.
I can sort of see the argument that email archives are an extra-special category that should require extra-special "Are you sure" confirmation. But I think that the OAuth question panel is intended to be that extra-special "Are you sure" confirmation in the first place. How many "Are you sure"s are necessary to prevent users from shooting themselves in the foot is a bit subjective.
I think I agree with OP. Remember click-jacking? Or cats jumping on keyboards?
I wouldn't want my entire gmail history getting delivered to a third party because of one erroneous click.
1. My gmail history actually goes back further than ... what the hell. I imported 1999 era email into gmail years ago and now I can't find it. I am officially sidetracked! [UPDATE]: yeah, my email history goes back to BEFORE gmail launched, because I imported old emails. Early 2003, actually, not 1999... Dunno where those emails went.