Geeky Archives - Page 2 of 3 - Stay N Alive

Introducing the FB Share Button WordPress Plugin for Facebook Share

FacebookToday Facebook launched a nifty little tool enabling website owners and bloggers to allow their users to better share and track their content on Facebook.  The new tool provides a piece of HTML and javascript that renders a little “Share” button.  When clicked, the post is tracked by Facebook, the number of shares is shown, and via an API comments, likes, shares, and more can be tracked across all of Facebook for items shared via that button.  Today I’m going to add to that by providing a WordPress plugin.

The FB Share Button WordPress plugin renders the Facebook share button of your choice on your blog.  Via admin settings in WordPress you can choose which Share button you would like to display, where you want to display it, and even provide the language for the link.  The plugin is based on the same Easy Retweet plugin by Sudar which you see on this blog.

To install, just download this link, untar and ungzip into your WordPress plugins directory.  Activate the plugin, adjust your settings to display where you like (or you can manually add it to your template or posts – see the readme), and it will display for every post you write on your blog.  You can even turn it on or off per blog post.

I’m also working to make this FBFoundations compatible so it will load as an optional XFBML tag if you like – expect that in a future revision.  Now WordPress bloggers everywhere have the capability to enable and track Facebook sharing on their blog.  You can download it here:

http://downloads.wordpress.org/plugin/facebook-fb-share-wordpress-plugin.zip

Stay tuned though – in the next revision I’m hoping to add Facebook API support so you can track and read the number of shares, comments, likes across all of Facebook from your WordPress admin.  That will all fit in with the FB Foundations plugin I wrote earlier.

Facebook Launches Application Creation API

One of my biggest frustrations as a FacebookFacebook API developer of WordPress plugins has been the need to require my users to go out and create their own application in Facebook for their blog.  To do so they had to install a “developer app” on Facebook and know what forms to fill out after they did.  It was a lot of work and very difficult to explain to people!  Today Facebook launched a way to automate that process, their Create Application API.

According to the developers wiki, starting today developers of WordPress plugins and other 4th-party Facebook applications will be able to automate the process of creating applications on behalf of their users as “child applications”.  This means for the FBFoundations plugin I launched over the weekend I’ll be able to automatically register the user’s blog as an app in Facebook when they activate the plugin.  The user will only need to activate the plugin in WordPress, we’ll grab the API key and everything else, and there will be nothing more for that user to do.

Installing Facebook Connect WordPress plugins just got a whole lot more easy.  Can’t wait to play with this and see what others do with it.  Stay tuned for an FBFoundations plugin update that includes this.  Details are still vague on this, so I’ll update if anything changes – thus far we just have a few wiki articles talking about it.

UPDATE: See my version 2 of this post for an even more interesting perspective on this API.

FBFoundations Facebook Connect Plugin for WordPress

lego bricksOne of my biggest frustrations in adapting Facebook Connect into WordPress blogging has been the fact that most plugins out there either have too much, or too little incorporated into them.  When you add more than one, you end up calling the Facebook Javascript Client libraries more than once, and often reinvent the wheel for what other people have done.  I mentioned this in a wish-list I posted earlier.  I want building blocks – I should be able to add a foundation, and add basic building blocks on top of that foundation to get what I want out of Facebook Connect on my blog.

Today I’m giving you that foundation.  I’ve written a WordPress plugin called FBFoundations which sets up the bare-bones necessities of any Facebook Connect install.  Once you have installed this plugin, the user can log in, and you have access to their login credentials from then forward to do whatever you want with. It’s a foundation – something to build a house on top of, and my hope is that many more FBFoundations-compatible plugins can emerge from this.

For instance, my next step will be to create a simple plugin for WordPress that uses the stream.publish API to post your blog to Facebook, and enable others to do so (tracking the number of comments and likes along the way if possible).  There will be no need to add a user log in to that process, nor do I have to load the XFBML init scripts to render XFBML.  It will all have already been loaded for me.

The script works a lot like Richard Miller’s “What Would Seth Godin Do” plugin from a UI perspective.  At a default (you can configure this in your preferences) the first 3 times a user visits your blog they will be presented with a popup dialog box encouraging them to connect with Facebook.  After those 3 times the popup no longer appears.  There will also always be a “Connect with Facebook” login button above your comments (assuming they’re wrapped in a #commentform div) that will appear until the user clicks on it and logs in.

Using this plugin encourages each reader to log in through Facebook (remember – there are over 300 million Facebook users.  Chances are most of your readers are on Facebook), and enables you to do cool stuff with each of those readers.  Hopefully this will inspire others to make other FBFoundations-compatible plugins so we’re not re-inventing the wheel any more.  Stay tuned for more plugins from me – what will you build with this as your foundation?

You can download the plugin here.  Just download it and unzip it into your plugins directory in WordPress, activate it, and then add the API key for your website.  (You’ll need to go to http://developers.facebook.com to add the developer app and add an app for your website if you haven’t done so already)

Or click here to download:

http://downloads.wordpress.org/plugin/fbfoundations-facebook-connect-plugin.zip

Please let me know in the comments if you see any issues.  This is 100% GPL so please make your own adjustments and let me know if I can fix mine!

UPDATE – v0.4 – 10/26/2009: The popup is no longer default and can be turned on/off. Also added meta tag support and better compatibility with 3rd-party comment systems.  See this blog post for more info on 0.4.

Here are some screenshots:

Screen shot 2009-10-10 at 6.21.49 PM

Screen shot 2009-10-10 at 6.19.47 PM

Screen shot 2009-10-10 at 6.19.13 PM

My Facebook Connect Wishlist (for WordPress)

birthday-cake2.jpgToday everyone seems to be wishing me a Happy Birthday – it’s not really, but it is @jessemccartney’s birthday on Twitter, so I get all the “ZOMG Happy Birthday @jesse mccartney” Tweets from uber-excited fans.  Some times I throw them a bone and tell them how much I love them as well.  It’s fun to celebrate your birthday twice a year, so hey, why not?  So I thought I’d celebrate @jesse mccartney’s birthday on Twitter with a wishlist of my own.  Take it as you may, but my hope is that maybe it inspires you just a little bit to go out and create something, especially if you’re a Facebook developer.  And if you don’t do it, I will. Eventually.

Here’s my wishlist.  All of these are ways I can see Wordpess could be used to integrate Facebook, but no one has written a plugin yet to do what I want – please check out the documentation at http://wiki.developers.facebook.com/index.php/Facebook_Connect for an overview on what you can do (it’s actually quite easy!):

1. A single, standalone “Connect with Facebook” button plugin – so many Facebook plugins for WordPress try to do too many things in one plugin.  I want to be able to build my own Facebook integration.  Add a little component here.  Add a little component there.  Nothing more.  So, do do this, I need, at the very basic level a “Connect with Facebook” button that shows up somewhere on my blog just by installing a WordPress plugin.

You could take this further though.  What if you also provided a script that reads the e-mail addresses of commenters and automatically registered them with Facebook so that if I ever wanted to do a to encourage my readers to invite their friends, they could very easily?  The button could appear as an overlay that appears once for each user, and if they opt not to log in, never appears again.  When the user logs in via Facebook you automatically register them with a Facebook ID.

That’s all the plugin will do.  Its focus is simply login and registration and loading the basic Facebook Connect libraries, nothing more.  If you want it to do more, use another plugin that builds on top of it.

2. TweetMeme for Facebook plugin – if you haven’t had the chance yet, go look at Mashable.com, now.  See their Facebook share button underneath the retweet button? That’s what I want, but I want more.  Here’s how I see it:

  • A reader reads an article.  They want to share it with their Facebook friends, so they click on the share button.
  • WordPress, via a plugin, calls the stream.publish() to enable the reader to publish the article to their own stream.
  • Your plugin tracks the ID of that particular share, maybe even prompting the user for read permissions, and adds it to an array of shared IDs in an options storage in WordPress.
  • On every load of that particular article, each share’s likes are read, counted, and updated in another stored variable in WordPress.
  • The sum of all those likes is displayed in the share button, and other readers can also share to their friends and contribute to the number of likes for that article.
  • Of course, this would rely on the blog owner installing the Facebook authentication plugin above in #1

3. A “publish to Facebook” plugin that works – there are already lots of publish to Facebook plugins for WordPress.  None of them fully utilize Facebook Connect though, especially the stream methods.  What if I could publish a blog post, have it automatically also post into my Facebook stream, and at the same time, track every comment and like of that specific post and then post comments to the share button above, while listing comments of the particular post down below my blog post comments?  Or, let’s take that further.  If one of my friends on Facebook comments on the blog post itself, I also want that friend’s same comment to show up under the published stream item on Facebook as well. I think that would be incredibly useful.

4. A “leave a comment” plugin that works – I think the same could happen with comments.  TechCrunch is doing this somewhat.  A user that comments should have the option of publishing that comment to Facebook in the user’s stream.  What also should happen though is that comment ought to be tracked.  Now, when any of a user’s friends that are also previous commenters on that blog comment on Facebook, they also appear threaded underneath that specific blog comment on the blog.  Or vice-versa.

5. A standalone friends widget – I want a friends widget just like the Google FriendConnect widget you see over to the right.  It ought to come with a “subscribe” button, or “join my community”.  When a reader subscribes, they automatically (unless they opt-out) get new blog posts for your blog added to their stream on publish, real-time.  This would also work great if you develop RSS reader software, as you could also automatically subscribe the user to the blog in your reader.  Again, it should be standalone though – people should be able to mix-and-match, and this would also rely on #1 above being installed.

6. An activity streams plugin – I would put this top on my list if I could (even though it’s at the bottom, because it’s the most code to develop). If you haven’t had the chance to yet, regardless of your political preference, go check out what HuffingtonPost.com has done with Facebook Connect.  Log in with Facebook Connect there and you’ll see one of the coolest implementations of Facebook Connect I’ve ever seen.  I wish they would release that to the open source community as a Facebook plugin for WordPress.

All the activity streams plugin needs to do is track activity of readers on a blog.  A new view of the blog would appear, showing all of your friends who are also readers of the blog, and a historical news feed or timeline of what they’ve just read, what they’re commenting on, along with any other cool activity that may be pertinent.  The idea is to help a blog’s readers discover new content on your blog.  This plugin could track the most popular blog items, most commented, etc. and display those on the side for readers to discover.  Each stream would be custom to that reader and their Facebook friends that read the blog.  It could also have options to invite friends to come check out the blog.

This specific plugin could also integrate with #5 above and enable a reader to click on one of their friends, and see only the activity of that specific friend.  Or, when inviting their Facebook friends to check out the blog, it could provide a way for each of those friends to subscribe and automatically receive new blog updates for the blog in Facebook.

The possibilities are endless, but I think you catch my drift.  You can even package all the above into a single plugin, but I also want separate plugins.  This stuff, to my knowledge, has not been developed yet, but it should.  I want you to go out and build it before I’m forced to – these are free ideas and a great way to show your talent, get some free exposure here (I’ll write about each one that does this effectively), and a great amount of traffic from both Facebook’s plugin directory and WordPress’s plugin directory when you’re finished.

Let me know if you’ve written one of these – either let me know in the comments, e-mail me, send me a “Happy Birthday @jesse mccartney” or whatever.  I hope I’ve started your brain juices flowing – I’m salivating at the thought! (mmm…brain juices)

Oh, the Trouble With OAuth

picture-1-6400198This article has been sitting on my desk for the past week or so, and recent activities around the Twitter/Facebook/LiveJournal/Blogger DDoS attacks have made it even more applicable, so it’s good I waited. The problem centers around the “Open” authentication protocol, OAuth, and how I believe it is keeping companies like Twitter who want to be “Open” from becoming, as they call it, “the pulse of the Internet”. The problem with OAuth is that, while it is indeed an “Open” protocol, it is neither federated, nor decentralized. We need a decentralized authentication protocol that doesn’t rely on just the likes of Twitter or Flickr or Google or Yahoo.

Let’s start by covering a little about what OAuth is. OAuth centers, as the name implies, on Authorization. This is not to be confused with identity, which other decentralized solutions like OpenID focus on. The idea behind OAuth is that any website, or “Service Provider”, will accept a certain set of HTTP requests, handle them, and send them back to the developer, or “Consumer” in exactly the same way as any other OAuth protocol does. OAuth tries to solve the issue of phishing and storage of plain-text usernames and passwords by sending the user from the Consumer website, to the Service Provider’s website to authenticate (through their own means or means such as OpenID), and then authorize. On Twitter this process is done via an “Allow” or “Deny” button the user can choose to enable an application to make API calls on their behalf. Once authorized, the Service Provider sends the user back to the Consumer’s website, which is given a series of tokens to make API calls on behalf of that user.

OAuth’s strengths are that it is easily deployable by any site that wants a central, secure, and understood authorization architecture. Any developer can deploy an OAuth instance to communicate with APIs that provide OAuth architectures because libraries have been built around the architecture for developers’ preferred programming languages, and adapting to a new site implementing OAuth is only a matter of changing a few URLs, tokens, and callback URLs. I’m afraid that’s where OAuth’s strengths end, though.

Let me just put this out there: The User Experience behind OAuth is horrible! From a user’s perspective, having to go to an entirely new website, log in, then go back to another authorization page, and then back to the originating website is quite a process for an e-commerce or web company that is focusing on sales around that user. No e-commerce company in their right mind would put their users through that process, as the sale would be lost with half the users that tried it. Not to mention the fact that (and I don’t know if this has anything to do with the actual OAuth protocol) with most OAuth implementations there is no way to customize the process the user goes through. For example, on Twitter, I can’t specify a message for my users specific to my app when they authorize it. I can’t customize it in any way to my look and feel. I completely lose control when the user leaves my site to authorize and authenticate.

Let’s add to that the problem of the iPhone, desktop apps, and other mobile apps. Sure, you can redirect the user within the app to a website to authorize, but again, you’re taking them away from the app flow during that process. It’s a pain, and headache for users to log in using that method! Not to mention they have to do that EVERY. SINGLE. TIME. they log in through your app since there’s a good chance they were not logged into Twitter or Flickr or other OAuth app in the first place. It’s a huge problem for OAuth developers on these devices, and less-than-ideal.

Now, back to my original point. The biggest problem with OAuth is that it requires a centralized architecture to properly authorize each application. We see this is a problem when entire apps like my own SocialToo.com can’t authenticate users when Twitter gets bombarded by DDoS attack. The need for centralized control of each app on their platform is understandable, in that in the end the companies implementing OAuth still need a way to “turn off” an application if an app gets out of hand. Of course, one solution to this from the developer’s (Consumer’s) perspective is to implement their own authentication and authorization scheme rather than relying on someone like Twitter’s. This is less than ideal though, since most of our users all belong to some other network that already handles this process for us. Why require our users to repeat the “account creation” process to overcome centralization?

I think there is a better solution though. What if a distributed group of “controlling sources” handled this instead, giving each company admin control over their own authorization? What I propose is that a new layer to OAuth be created (or new protocol, either way), enabling trusted “entities” to, on a peer-to-peer (federated) basis, sync authorization pools of users and their distinct permissions between each Consumer app and Service Provider. Companies/Service Providers could then register with these “controlling sources”, and they would have admin access to turn Consumer apps on or off in the event of abuse within their app.

So let’s say you’re Twitter and you want to let your developers authorize with your API. You register on one of these “controlling sources”, they confirm you’re legit (this could possibly be done via technology in some form, perhaps OpenID and FOAF), and let you create your own “domain” on the “controlling source”. Twitter would now have their own key on the “controlling source” to give developers, and the controlling source would divvy out tokens to developers wanting to access Twitter’s API. Twitter’s API could verify with the controlling source on each call that the call is legit. To kill an application, they would just need to log into the controlling source and deny the application. The application would get denied at the controlling source before it even hit Twitter’s API.

What makes this open is that, if this were itself written under an open protocol, anyone could theoretically create one of these “controlling sources”. So long as they operated under the same protocol, they would operate and work exactly the same, no matter who they were. Developers could then pick and choose what “controlling source” they wanted to authorize through. If one went down, they could switch to another. Of course, there are some security issues and authenticity of “controlling source” issues that need to be worked out, but you get the idea. This would essentially completely de-centralize the entire authorization process. Authorization itself would quickly become a federated process.

Now, that still doesn’t solve the User Experience issues I mentioned earlier. To solve those, I think we should look at Facebook and what they’re doing with Facebook Connect. With Facebook Connect, the user never leaves the Consumer’s website to authorize and authenticate. They click a button, a popup comes up, they log in, and a javascript callback notifies the app the user has been authorized and authenticated. It’s essentially a simple, 3-step process that completely leaves the website owner in control. In addition, Facebook has provided Javascript methods allowing the developer to confirm various states of authenticity, without the user having to leave the website. I’d like to see OAuth emulate this model more. Right now I’d rather implement Facebook Connect than OAuth for these reasons.

I think, as both Dave Winer and Rob Diana point out, there are some serious issues being brought up from the recent DDoS attacks against Twitter and other sites. Twitter’s inability to handle the DDoS attacks when compared to the others I think shows we need much more Federation from the site, as well as the “Open” protocols it is trying to build around. Twitter wants to become a utility. There is no way that will ever happen until they Federate, and I think that has to start with a change to the OAuth protocol.

There’s More Than One Way to Store a Password – PerlMonks Hacked

nirvana-smells-like-teen-52041Hackers are in a state of Nirvana as it would appear they hit the gold mine of programmer passwords in a hack of the popular Perl forums and resource site, PerlMonks.com yesterday.  The hack claims to have gained access to the database of more than 50,000 passwords, which insanely were stored in plain text in the database for anyone to see.  The hackers subsequently published the list to several mirrored servers (I can’t find a link to verify, but it’s not something I would publish anyway), along with the following statement:

“There is a really simple reason we owned PerlMonks: we couldn’t resist more than 50,000 unencrypted programmer passwords.

That’s right, unhashed. Just sitting in the database. From which they save convenient backups for us.

Believe it or not, there is actually debate at perlmonks about whether or not this is a good idea. Let’s just settle the argument right now and say it was an idea that children with mental disabilities would be smart enough to scoff at. We considered patching this for you but we were just too busy and lazy. I’m sure you can figure it out yourselves.

This isn’t a bad set of passwords, either. Programmers have access to interesting things. These Perl guys are alright, just a little dumb apparently. A lot of them reuse. You can explore them yourselves, I really do not want to point out anyone in particular.

In case you guys are worried, we did NOT backdoor dozens of your public Perl projects. Honest. Why would we want to do that?

Not worth our time ;)”

It’s unclear exactly who, and how many were compromised, but the site is recommending all who have previously had accounts on PerlMonks.com to change their passwords immediately.  In addition, one of the worlds largest repositories of open source code, the CPAN network, has also recommended that its authors change their passwords, as evidently somehow the two sites are connected.

As a Perl developer, and CPAN author, this is a bit concerning.  First, it would be one issue if this were just some random group of people whose passwords had been hacked, but this is a database of tens of thousands of developers, probably most with root access to the machines they write code on, and according to the hackers, many using passwords that are being re-used elsewhere.  These are the passwords of developers like Chromatic, Brian D Foy, Andy Lester, engineers at major corporations and government entities, and more.  The hackers couldn’t have picked a worse server to crack and expose.

I’m baffled at what the PerlMonks developers and admins were thinking storing their passwords in plain-text, something that, in my own opinion is amateurish, and should have some sort of repercussions at their lack of responsibility in handling their users passwords.  This is something that not only has been in Perl since version 1.0, but has also been integrated natively in almost every database environment on the planet.  That said, there is no privacy policy that I can see on the PerlMonks website, so maybe the users should have paid better attention.  I don’t expect the PerlMonks admins to say that, though. I’m ashamed as a Perl developer, and this gives a huge black eye to the entire Perl community.  It only gives further validation to the rest of the world’s claims that Perl is for messy code.

I hope the PerlMonks developers and admins can make right of this situation and not only fix their database, but make amends with the community, and the rest of the world, whose trust they just violated. After this, I’m seriously considering switching to another language for my next project.

Making WWW::Facebook::API Facebook Connect Ready

FacebookI’m going to get geeky on you here again.  I’ve been working on a few things with SocialToo to enable Facebook Connect on the site – more on that to come.  What I’ve been surprised by though is that this long after the launch of Facebook Connect the main Perl libraries for Facebook, WWW::Facebook::API, still do not support Facebook Connect.  The main difference between making API calls from a native Facebook app and a third-party Facebook Connect app is that in the native app, you verify the signature via the URI parameters, via parameters that begin with “fb_sig_”.  In Facebook Connect, those variables are set in Cookies by the Facebook Client-side Javascript libraries, and begin with your applications API key, so they’d start something like “(api key)_”, and come from the cookies instead of the URI.  You can read more about that here.

So for full compatibility in your preferred Facebook API libraries, both the URI parameters have to be checked along with the Cookies in the event the developer is trying to connect from a third-party website.  In the PHP libraries this is already done for you.  Surprisingly, Perl has not yet implemented this.

So I got to work on it, and through a couple simple lines of code added to WWW::Facebook::API::Canvas I was able to make get_fb_params check your cookies when the URI parameters are not presence.  I’ve submitted the patch to the library’s owner, Clayton Scott, but in case you want to integrate it sooner you can apply it to the 0.4.14 version of Canvas.pm by downloading this patch.

I hope you’re able to get as much out of this as I am – please let me know if you see any potential bugs with the changes.

Curing Spam on Twitter With Better Follow Limits

20050822_fg15-781059-1902857I posted this over on the Twitter developer mailing list to try and get a discussion going. I thought I’d post a copy here for my readers to discuss – maybe you have more ideas than I do. I want to make it clear that I do not condone what some users of SocialToo are doing to gain Twitter followers. Will I stop them? I can’t – as long as Twitter allows them to do it, I can’t make a decision one way or another on who is doing this and who is not. No matter what, I have to respect my users, and most (almost all) of them are using Twitter for legitimate reasons. I do think changing the limits to what I suggested in the e-mail (below) will fix the problem Twitter is trying to solve though:

Let’s discuss the follow limits. I feel, as developer of a tool that allows people to auto-follow, I have a bit of insight into this. While there are many, many legitimate users that auto-follow others, and have good reason to do so, some are using it as a way to game the system, build followers quickly, break the Twitter TOS, and reduce the meaning of follower numbers for many other users just using the service legitimately. I see this daily, amongst a few of my own users, and while, due to our privacy policy I can’t share who they are, I do have some suggestions that would make the API follow limits make a little more sense. Maybe you guys can provide more insight.

-Currently the follow per day limit is 1,000 follows per user per day. There is no limit on the number of unfollows a user can do per day (that I know of), and it appears as though there is also a limit of around 10% for the number of users a person can follow more than follow them back. The users taking advantage of Twitter have figured this out. So here’s what they do:

A “gamer”‘s typical activity is that they will follow as many people as they can – most up to the 1,000 limit they’re allowed per day, until they hit the ratio of 10%. The higher the follower base they gain, the longer they’re able to do this. They then hope a good portion of those 1,000 people follow back. Those that don’t use tools like mine (which weren’t intended to be used this way) to unfollow everyone who is not following them back. This is often much greater than 1,000 for the users that are really good at it. The process then starts over. They’ll use tools like Hummingbird (Google it) and Twollo to find people and automatically go out and follow them. This is why I refuse to create auto-follow filters to find new people on my service. It’s way too spammy if you ask me.

Why do they do this? 2 reasons: 1, “supposedly” having more followers means more visits and clicks in whatever you’re trying to promote. (I don’t believe this) and 2, many of these people also have auto-DM set up to send links and messages to each person that follows them back. Back when I offered this service (we disabled it for this exact reason) people told me they were seeing significant clicks on the links they would send to people via DM after they followed them. Therefore, more follows==more clicks==more revenue. I don’t blame them if that’s what they’re really seeing.

So for this reason I think having limits in place is a *good* thing. I don’t think the follow limit is in place due to traffic reasons, since there are many more calls that cause more traffic on the API and there is no limit to unfollows, so I really think Twitter is doing this for the purpose of reducing spam and “gaming” of Twitter. This is a good thing.

However, I think Twitter may be approaching the limits the wrong way. Here’s what I think would be more effective, and beneficial for the legitimate users that want to follow back and at the same time not allow those who want to game the system to use the methods I described. Twitter needs to impose limits based on whether the individual is following the user back or not.

For instance, if I follow @dacort and he is following me back, that shouldn’t count against me as a hit against my follow limit. However, if I try to follow @dacort and he is not following me back, it should count against me as a hit against my limit. With this, users could easily auto-follow back if they choose to, and it would still be difficult for the users trying to game the system and spam Twitter. In fact, you could significantly *reduce* the limit this way and make it virtually impossible for these users to use Twitter in that manner. If you were to look at the relationship between the users when counting against limits, you could probably reduce the follow/day limit all the way to around 200 per day instead of 1,000 per day. I don’t see any reason for the 10% follow/follower ratio with a low limit such as that.

However, as stands, the more followers you get, if you are using Twitter legitimately, you have no way to extend the courtesy back if you choose to do so, since after a certain point you will be following many more than 1,000 users per day. And even if you aren’t, it will take an extremely long time for many individuals to finally catch up to follow those following them if they want to at 1,000 follows per day.

I know there are some that disagree with the auto-follow concept. However, I also know most of you also want Twitter to be an open environment where people can choose to use it as they please. Doug, Alex, etc. I’d love it if you guys could at least consider changing the follow limits as I mentioned. The current limits are doing nothing to prevent the spammers – my suggestions I believe will, and will keep it an open environment for the rest of us.

Sorry for the long discourse – I would really love to hear others thoughts and suggestions.

@Jesse

Feel free to chime in on the developers mailing list, or let’s discuss here – what suggestions do you have? Are there any holes in my proposal?

Learn More About Facebook With Upcoming WebCasts

facebook-pic-1697775I’ve been invited to do 2 WebCasts in the next 2 weeks that I think you might be interested in.  As always I’ll try to post my slides on SlideShare if it makes sense to do so.  I really like an interactive presentation so most of the time my slides don’t make sense.

The first is for the Marketers in the Audience.  It’s about gaining Business value from Facebook, and I’ll discuss how to give your business legs using the Social Network.  I’ll cover how to create an effective Facebook Page for your business, when and how to use your personal Facebook Profile for networking, do’s and don’ts on the network, advertising, the tools you need, and more.  That Webinar is hosted by Marketing Coalition, and is $149 per individual, and $129 per individuals in groups of at least 3.  You can register here.  The Webinar takes place on Thursday at 1:30PM EST.

The second WebCast is free, and hosted by Safari Books Online.  It will target developers new to Facebook development, and in it I’ll cover the basics of what you need to get started in Facebook Development.  We did this last year and I think everyone really enjoyed it that attended.  The first people that register get a free Autographed copy of my book, FBML Essentials, and everyone else gets a free 45-day account on Safari Books Online to read FBML Essentials.  Did I mention how much I love O’Reilly?  You can register here.  My slides from the last one of these I did are up on SlideShare.

There will be a Q&A after each session, so come with your questions and I’ll do my best to answer!