Making its first appearance at The Orleans Hotel & Casino in Las Vegas, Nevada is the Third Annual USA Barbecue Championship May 20-22, 2011 brought to you by Smoke on the Water Productions.

For a group of developers on Facebook’s platform, the clock is ticking.

Last night and into today, Facebook has been sending out notices to developers they believe have apps in violation of their policy against sending authentication data to third parties. Those developers have 48 hours to fix their apps or they risk being “subject to one of the enforcement actions” — read: being booted.

You may recall that all of this initially came up last week when Symantec wrote a blog post entitled “Facebook Applications Accidentally Leaking Access to Third Parties.” That post detailed how the company found close to 100,00 apps that were inadvertently leaking auth tokens due to the use of iframes for app authentication. As a result, Facebook responded with a blog post of their own noting that by September 1 of this year all apps must migrate to OAuth 2.0, ensuring encrypted access tokens.

But September 1 is still a long way away. And there are still apps out there leaking these tokens, which is even more of a problem now that Symantec has exposed the issue (Facebook, for its part, says there haven’t been any problems as a result yet). So it should be no surprise that Facebook is issuing this ultimatum to the apps they’ve found to still be in violation.

Still, 48 hours is a sharp turnaround time. One developer wrote us calling it the “great Facebook auth 2.0 switch panic of 2011?, noting that developers are pouring onto web forums to express their panic and confusion over the situation. It’s sounding a little bit like the brilliantly named “Oauthpocalypse” which Twitter has encountered a few times over the years (though the situation is completely different).

Facebook says these changes are only required from “a very small percentage of the developer community”. But given Facebook’s size, that’s still likely a lot.

So what can those in violation do? There are two choices — one easier than the other.

They can either move over to OAuth 2.0 now or “create and use an interstitial page to remove the authentication data before redirecting to your page with 3rd party content”. The latter is likely easier than the former for many developers in the short term. It’s more of a temporary fix until they’re ready to move over to OAuth 2.0 by the September deadline.

Below, find the full email Facebook is sending to offending developers.

Our automated systems have detected that you may be inadvertently allowing authentication data to be passed to 3rd parties. Allowing user ids and access tokens to be passed to 3rd parties, even inadvertently, could allow these 3rd parties to access the data the user made available to your site. This violates our policies and undermines user trust in your site and Facebook Platform.

In every case that we have examined, this information is passed via the HTTP Referer Header by the user’s browser. This can happen when using our legacy authentication system and including <iframe>, <img> or <script> content from 3rd parties in the page that receives authentication data from Facebook. Our legacy mechanism passes authentication information in the URL query string which, if handled incorrectly, can be passed to 3rd parties by the browser. Our current OAuth 2.0 authentication system, released over a year ago, passes this information in the URL fragment, which is not passed to 3rd parties by the browser.

Please ensure that you are not allowing this data to be passed immediately. Accessing your site as a test user while running a HTTP proxy/monitor like Charles or Fiddler is the best way to determine if you are allowing this information to be passed. If you discover the issue, you can do one of two things:

1. Migrate your site to use our OAuth 2.0 authentication system. We are requiring all apps and sites to update to this mechanism by Sept. 1, 2011. Migrating now will address this issue and ensure that you are one of the first to meet the deadline. For more details, please see our Authentication Guide.

2. Create and use an interstitial page to remove the authentication data before redirecting to your page with 3rd party content. This approach is used by many of our largest developers today (although they are all migrating to OAuth 2.0 shortly). This is a simple and straightforwardchange that should have minimal impact on your site. For more details on this approach, see our Legacy Connect Auth doc.

Because of the importance of ensuring user trust and privacy, we are asking you to complete one of the above steps in the next 48 hours. If you fail to do so, your site may be subject to one of the enforcement actions outlined in our policies.

If you have any questions or believe you have received this message in error, please contact us.

Facebook Developer Relations

@jennifermontes
Jennifer Montes

Got a scary message from Facebook saying I have to upgrade my application to OAuth or I will die a horrible death. #truestory

about 13 hours ago via webReplyRetweetFavorite

get widgetminimize

CrunchBase Information

Facebook

Website:	facebook.com
Location:	Palo Alto, California, United States
Founded:	February 1, 2004
Funding:	$2.34B

Facebook is the world’s largest social network, with over 500 million users.

Facebook was founded by… Learn More

Information provided by CrunchBase

If you like Jurassic 5 you’ll dig this.

Firefighters responded to a fiery explosion on the Strip, near the Monte Carlo Resort, early Sunday morning. Officials say a transformer located on Frank Sinatra Drive, across from City Center, blew up at around 12:25am

There is a growing issue here in Las Vegas about the rampant rise of street performers working for tips on the Las Vegas Strip and downtown on the Fremont Street Experience. This is a relatively recent development that has started growing in popularity over the last year or two where people dress in costume in front of the numerous Las Vegas tourist landmarks and pose with you for tips.

When the world discovered that a group of Navy SEALs called “SEAL Team 6″ was responsible for killing Osama bin Laden, it’s not likely that many of them thought, “how can we trademark ‘SEAL Team 6′ to make money off of it?” Fear not, though: the Walt Disney Company did think just that.

Lynch, who took the world by surprise by releasing the electro-pop single ‘Good Day Today’ on Sunday Best last year, will deliver the keynote address at IMS:2011 (Ibiza International Music Summit) at the Ibiza Gran Hotel. Unfortunately he won’t be on the White Isle himself, but rather “beamed in via video Skype from his recording studio just off Mulholland Drive.” The interview will take place at 8pm (local European time) on Thursday 26 May, and will focus on Lynch’s music production, including the full-length album that’s expected to see release later this year

And yes, the proposed legislation would include an exemption from the ban on distracted driving to allow occupants to send text messages while sitting behind the wheel.

The two bills, which have received little attention outside Nevada’s Capitol, are being introduced less than a year after the giant search engine company acknowledged that it was developing cars that could be safely driven without human intervention.

Last year, in response to a reporter’s query about its then-secret research and development program, Google said it had test-driven robotic hybrid vehicles more than 140,000 miles on California roads — including Highway 1 between Los Angeles and San Francisco.

More than 1,000 miles had been driven entirely autonomously at that point; one of the company’s engineers was testing some of the car’s autonomous features on his 50-mile commute from Berkeley to Google’s headquarters in Mountain View.

At the time, Google gave little indication what its commercial intent might be. The company confirmed on Tuesday that it has lobbied on behalf of the legislation, though executives declined to say why they want the robotic cars’ maiden state to be Nevada. Jay Nancarrow, a company spokesman, said the project was still very much in the testing phase.

Google hired David Goldwater, a lobbyist based in Las Vegas, to promote the two measures, which are expected to come to a vote before the Legislature’s session ends in June. One is an amendment to an electric-vehicle bill providing for the licensing and testing of autonomous vehicles, and the other is the exemption that would permit texting.

In testimony before the State Assembly on April 7, Mr. Goldwater argued that the autonomous technology would be safer than human drivers, offer more fuel-efficient cars and promote economic development.

Although safety systems based on artificial intelligence are rapidly making their way into today’s cars, completely autonomous systems raise thorny questions about safety and liability.

Policy makers and regulators have warned that the technology is now advancing so quickly that it is in danger of outstripping existing law, some of which dates back to the era of horse-drawn carriages. New laws will be required, they argue, if autonomous vehicles are to become a reality.

Policy analysts say Nevada is the first state to consider the commercial deployment of a generation of vehicles that may park themselves, perform automatic deliveries or even act as automated taxis on the Las Vegas casino strip.

“In some respects this is a great template and a great model,” said Ryan Calo, a legal scholar at the Center for Internet and Society at Stanford Law School. “It recognizes a need to create a process to test these vehicles and set aside an area of Nevada where testing can take place.”

Google’s fleet of six autonomous Toyota Priuses and an Audi TT are easily identifiable by a distinctive laser range finder mounted on the roof. The cars also have a variety of radar and camera sensors and a trunkful of computer equipment.

In the testing program, each vehicle is overseen by a driver and a second Google employee who monitors the equipment from the passenger seat. Because of the human oversight, the company has avoided legal action against reckless — or, in this case, driverless — driving.

The project is being guided by the artificial-intelligence researcher Sebastian Thrun, who as a Stanford professor in 2005 led a team of students and engineers that designed the first winning entry in an autonomous vehicle contest organized by the Pentagon’s Defense Advanced Research Projects Agency.

Since then, Dr. Thrun has focused more of his activities at Google, giving up tenure at Stanford and hiring a growing array of experts to help with the development project.

In frequent public statements, he has said robotic vehicles would increase energy efficiency while reducing road injuries and deaths. And he has called for sophisticated systems for car sharing that, he says, could cut the number of cars in the United States in half.

“What if I could take out my phone and say, ‘Zipcar, come here,’ ” he asked an industry conference last year, “and a moment later the Zipcar came around the corner?”

Google’s autonomous vehicle ambitions hint at an emerging vehicle-industrial complex in Silicon Valley. Mercedes, Volkswagen and other carmakers have laboratories in the region, I.B.M. has a battery development initiative, and the Nummi plant in Fremont, once a joint venture of General Motors and Toyota, has been reopened by Tesla.

TRIPOLI —NATO missiles struck Moammar Gaddafi’s compound early Thursday , government officials said, hours after the longtime leader appeared on state television to dispel rumors that he had died.