Link
I wish people would understand that these hacks, and the many, many Facebook application hacks, are not faults of the platform. They’re faults in the application. Every time you lower the bar to producing web applications, you get a barrage of apps written by people who haven’t thought about security.
http://www.techcrunch.com/2007/11/02/first-opensocial-app...