I'm going to go ahead and surmise that other carriers are behind this attack. What else explains the FTC not going after AT&T and Verizon for equally bad and worse stuff? T-Mobile has explicitly halted this practice.
randommsdev writes: Microsoft has announced the release of Windows Live ID Web Authentication. This means that WLID (formerly known as Passport) is now opened to third party websites (such as Slashdot) to use as their authentication system. Any Windows Live user can potentially log in to a website that implements Web Authentication. Interestingly sample implementations are available in the Ruby, Python, Perl, and PHP open source languages amongst others — tested on openSUSE 10.2 but expected to work on any platform that supports these languages. More details are available in the SDK documentation.