To be fair, that doesn't mean it is their fault you allowed them to do so. It is indeed your responsibility to look at what you allow to access your profile and what you deny that access to.
When I say "I don't recall," I guess I'm using understatement in a bad place for it.
One of the sites in question was Bing. I don't use Bing.
There is no way in hell I authorized these apps. And this isn't a case where two apps from a long list seem suspicious; I've never authorized any apps, ever.
The Facebook guarantee that authorization is required has no technical enforcing measure; it's toothless bullshit.
We're trusting the greater Facebook ecosystem to uphold such policies and guarantees out of the goodness of its collective heart. Ha. Ha. We're also trusting Facebook itself to accurately list such relationships on their Apps page. I don't see why such trust is warranted, at this point.
At least in Bing's case, it may have been automatically added as part of some sort of partnership. Not that it's any less sleazy to add (and authorize) apps on your behalf without your knowledge.
