#aaronpkhere's an attack on that: I can create a page not-tom.com with a rel=me link to github.com/tom, then trick tom in to visiting a link that starts the flow with not-tom.com, and since tom is logged in to github, he'd be logged in to the app as not-tom.com