Why is it a horrible idea? I worked on the Site Integrity team at Facebook and I can assure you that protecting people's accounts from attackers is a fundamentally hard problem that very few companies are actually equipped to handle.
That's pretty uncalled for. If you met a Facebook developer in person would you talk to them like that?
Facebook provides a service people find genuinely useful, or they probably wouldn't keep using it.
Their business motives don't seem much different from other large businesses, and their impact on consumer interests seem minimal (e.g. compare them to Target's accidental pregnancy revelations – which is worse?)
The are pushing society in new and interesting directions on privacy, but I don't think that is necessarily a bad thing, nor is it their fault (e.g. the invention of personal cars changed society a lot, positively and negatively, but no-one blames car companies.)
On the substantive point, when you see the number of credential leaks and account hijackings out there, maybe telling most developers "You're too busy and inexperienced to handle this well; we have many well paid experts working on this" is a good thing.
Because it adds a single point of failure, and erodes privacy by irrevocably linking accounts. There have also been security fails with many single sign in systems (including at Facebook...).
I would say you have a very bubble-ized perspective of who actually uses Yahoo. You'd be amazed at the non-tech people that aggregate on their services.
I'm not talking (just) about security. It's about convenience. It's annoying to go through million variations of registrations instead of approving the site with one click.