Hacker News new | comments | show | ask | jobs | submit login

This is a test.

Good luck.

If you logged in after clicking the link on an unnamed app having unknown capabilities, and of unknown provenance, you have failed the test.

Is *.google.com really "of unknown provenance"?

no, but it is suspected of "having unknown capabilities".

who knows what google might do with google's information.

Time travel?

the login is *.withgoogle.com.

It's commonly known that withgoogle.com is a site Google uses for marketing and non-services sites.

Yes. Just because the app is hosted on a google domain tells us nothing about who developed it, what their intent might be, what data it might be gathering as/when you log in,...

It's basically a black box, and any suggestion that it ought to be trusted "because Google" is naive in the extreme.

I wonder what clearances you have to go through at Google to get your project into a toplevel directory or subdomain?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact