> What's the difference between this and using an app such as Mailbox?
IMHO, for what it's worth, this is why I would never use Mailbox.
On the HN thread for the blog post announcement yesterday, tptacek said "I don't care who the company is, or how trustworthy you think they are: avoid giving third parties credentials to your inbox."
I would agree with that above statement - whether it's a company with a good reputation for security or a bad one (or even a nonexistent one), that's way too much power to give to any third party.
Remember that when we talk about security being about trust, it's not only about trusting their intentions, but also their power and ability. Mailbox has access to inboxes of thousands of people, some of whom have incredibly valuable emails in their inbox. Combine that with the number of services that use email as a means for authentication, and you have an incredibly attractive target for an attacker.
For what it's worth, I should mention that I've been working on a self-hosted product that provides the functionality of Mailbox/Boomerang, but without the privacy and security implications of using a third-party: https://github.com/ChimeraCoder/go-yo
There is at least one difference: Mailbox only supports gmail, and as such only asks for oauth credentials with permissions to read from and write to your inbox, not username/password. Linkedin does the same thing with gmail (and google apps) but they also support mail services that don't have this support.
And there's also tons of people who don't necessarily like using the service, but somewhat forced to for a number of reasons. I, for one, don't find the service that useful, however, most employers find it particularly odd if you don't have one.
So, you're kind of put into an odd position by electing to go against the service in this day and age. Granted, no one is putting a gun to your head and telling you to use LinkedIn. Yet societal pressures (specifically in professional circles) have somewhat made it difficult to go against the grain.