Technology Archives - Page 22 of 40 - Stay N Alive

Is Google’s Position Towards Default Privacy a Good Thing?

I’ve been openly critical about Google’s lack of privacy in their launch of Buzz (and I argue other things as well), and its’ opt-in attitude towards opening up contacts and settings people previously thought were private.  That doesn’t change.  However, I’d like to spend some time here playing devil’s advocate and share how perhaps, Google starting with an open approach may be a good thing for Google in the long term.  Let me explain:

There’s no doubt that Google opening up all our data at the launch of Buzz is making people think more about Privacy.  I’ve had a post in the back of my head for quite awhile now that I was going to write on how I think Facebook could have made a mistake starting with a focus on privacy, as now people just assume that everything they put online is private, when in all actuality there is no way that will ever happen 100%.  Because of Facebook, people are getting more comfortable with posting their lives online, and while, even if Facebook remains a private environment for those people (in many cases it isn’t), they are now becoming more comfortable posting that information elsewhere, assuming it will remain private in those places as well.

I think Facebook could have done their users a disservice by giving them that comfort.  What if, instead of starting out private as Facebook did, they instead opened up everyone’s profile by default, and enabled them to choose what elements they want private after that?  Make people completely aware their information is 100% public, and then it is up to those people to decide what they share online, and what they would prefer stays private.  I think there would be a lot more education amongst users this way, and people would think twice before sharing things online.  Of course, Facebook wants people to share in easier ways and in a more comfortable environment to make sharing as easy as possible, so this isn’t going to happen, but it may have been even more in the right by defaulting to public on more things.  Ironically, these types of moves are what is getting Facebook a lot of flack as is, regardless of whether there are privacy controls in place that users can still turn on.

So perhaps Google is doing a good thing here.  Even the optimistic Louis Gray says we’re all wearing tin foil hats by criticizing their lack of privacy.  By starting public (while I still argue turning what was previously private into a completely open environment is completely wrong, and it seems they’re backtracking to try and fix this), Google is encouraging each and every one of its hundreds of millions of users to think twice before sharing anything online.  Google is taking a risk here by making people think twice, since it makes money off of the content you share.

I fully predict Google will be adding more and more privacy controls as they move forward.  I agree, maybe they launched too soon before having these privacy controls in place.  One thing they may have done right though is that they are making us think twice about sharing.  They’re making each of us think about what goes online, and what stays off, and how comfortable we are with what we want public.  I think that’s a good thing, and more companies should be defaulting public, rather than private, until the general internet audience gets used to this type of environment where we know everything we share could very well be made public for the whole world to see.

I encourage you to step back and think about this – I agree, privacy is a good thing, but could the default to public be even better?  Are users being educated with this move?  It’s an interesting move by Google – let’s just hope they can get more privacy controls in place for users to choose from as they do it.

Twitter Hires 140th "Character", Adds Lucene Committer Michi Busch to its Search Talent

It’s no secret Twitter has a desire to have a stronger search presence.  With business models that thrive on content publishing and organization, a strong search product is necessary to provide the most revenue down the road.  Just today, while announcing its 140th employee and celebrating to the music of BT, Twitter hired Michael (Michi) Busch, search indexing expert and committer to the Open Source Lucene search project to its team as a “Search Engineer”, according to his LinkedIn profile.

Busch brings with him not only strong experience in his contributions to Lucene, but also a firm background at IBM working on IBM’s eDiscovery Analyzer product, focusing on indexing and search technologies there as well.  Busch is a regular presenter at various ApacheCon conferences, so I’m sure this won’t be the last we hear of him while working for Twitter.

Just after Twitter’s announcement today of its focus on Open Source standards, the hiring of Busch just solidifies that there will continue to be a focus on open technologies at Twitter.  Lucene, perhaps one of the most widely used open source search indexing products in the world, we can now wonder if it will play a part in that process.  With one of its committers working for Twitter, we can hopefully expect real-world cases of search indexing technology integrated into the open source product in the future.

Twitter continues to expand its team of smart talent, and it seems almost weekly continues to add to its pool of geniuses from the likes of Facebook, Google, Yahoo, and IBM.  As I said before, it’s this talent pool that continues to excite me about Twitter and have a strong belief in its future.  With Busch now working on the search product, there’s no doubt that Twitter has an interest in good technology, and helping the community as it grows.  I can’t wait to see what Busch can bring to Twitter.

What Buzz Needs to Make a "Sting" in Facebook

44a_13_bee_243x226-8684059There’s a new Buzzword in town that’s “Buzz” lately and as I mentioned earlier, some are already calling things “dead” because of it.  Most of this is due to the size of Google, the masses it can reach, and the overall usefulness of the service.  Personally, I think all the “dead” articles are all a ruse to build the numbers of those praising the service and feeling a need to abandon others, as well as gain favor with the Google team as they see strong potential in the service.  While there’s no argument there’s potential in the service (and I’m even spending more time over there and strongly hope for its success), it is far from a “Facebook killer”.  While I mentioned why before, I feel qualified, and I’d like to spend some time sharing some things it needs to get on level grounds to Facebook.

Buzz Needs a Central Place for all Social Activity

I’ve said this before – Google needs a central place for everything “Social”.  Facebook has grown so well because it has this organization.  I’m still unclear if Google is trying to make Buzz this place, or if Orkut, or another product should be that.  Contacts are not that place – Contacts should be the source of social graph data, but are not social connections.  Social connections can come from much more than just contact data – people search, other peoples’ buzzes, as well as other Social Networks can all be sources for Social Contacts between Buzz (see the need for Facebook import later).

Buzz Needs a Stronger API

One of the reasons Buzz has such strong potential is because of its foundation on open architectures.  There is so much more that can be done however – I’m sure they’re working on some of these, but I’d like to share my thoughts, in hope that if they haven’t been thought of, they can be added.  For instance, currently there is no way for any 3rd party app to gain access to the cool comments architecture Buzz posts get in Gmail.  What if I could get FriendFeed, or even SocialToo e-mails in the same format?  Buzz or Gmail could open an interface to this, perhaps built on top of SMTP (an SMTP header would denote it’s a formatted e-mail), Salmon, and OpenSocial standards, to give developers access to this UI.  The great thing about it – if Buzz sends new Buzz updates in an SMTP-supported format, other e-mail clients could adapt these standards as well.  It would no longer be limited to just Gmail to see these formats.

I think it goes without saying that we need better ways to read, analyze, and discover the data, as well as social graph connections on Buzz.  I’d like to be able to track who’s posting about what, how many likes or how many comments there are for specific posts mentioning specific keywords or links.  I’d like to be able to track who has followed an individual and who has stopped following an individual on Buzz.  I’d like to be able to embed Buzzes on 3rd party sites.  I’d like an FBML-like interface to integrate and customize content right in the Buzz environment.  I’d like RSS for every search I do, along with the ability to share searches and get notifications on new items from those searches (I believe Steve Gillmor calls this “Track”).

Buzz Needs Groups and Events, Deep Integration Into Those Events and Groups

To say just a social stream service is comparable to Facebook would be like saying Notepad is comparable to Windows 7.  It’s just not a fair comparison.  One is a feature of the other.  If Buzz really wants to compete (and I’m not saying they do), they need deep integration into Groups, Events, business Pages, and more.  They need the ability for groups of people to all collaborate around a single event, Buzz around it, share it with their friends via Buzz, RSVP via Buzz and Gmail, etc.  Google Calendar just doesn’t do this yet.

Groups are another key component.  E-mail is too private.  They need to enable “Groups” in Buzz that do more than just Buzz.  They need to enable sharing of photos, events related to that Group, and encourage communication amongst Group members.  They need to put that into a people search enabling you to find old High School friends and acquaintances through them.  Google already has some of the basics for this, but I argue they aren’t yet integrated across Google services yet, and are a bit more private an environment than what Facebook encourages.  The challenge Google will have is maintaining the “public feel” that Facebook groups and events provide, while maintaining the “silo’d feel” Facebook provides at the same time giving people a sense of security.  This will be no easy challenge, and may take a silo’d environment like Orkut to do completely successful.

Buzz Needs Better Privacy Controls

At the heart of most Buzz controversy currently lies their relaxed privacy controls.  Originally they automatically followed people for you, giving others potential access to your private list of contacts.  Your Google contacts were also all visible on your Google profile just by enabling Buzz.  Google has since enabled you to disable this, and has turned the “auto-follow” into more of an “auto-suggest”, but there is still so much more that I can get from Facebook that Google is lacking in regards to Privacy.

For instance, on Facebook, I get to decide how much of my own profile is visible to certain friends.  I get to decide if it’s visible to friends of friends.  I can even go to the extent of selecting specific lists I want to be visible to, and certain other lists of friends (or individual friends) I don’t want it to be visible to.  I can specify specific components of my profile I want visible to those lists.  I can set profile-wide settings that remain protected by the privacy settings I set, as well as specific targeted profile elements that remain protected by these privacy settings.  Facebook gives me complete control over what my friends see and don’t see.  With Google Buzz, not only is it all out in the open, but you’re revealing much more than your social contacts – you’re revealing e-mail addresses and Google account information.  It’s wrong the way Google approached this from the beginning, and I argue, even a little bit evil, whether intended or not.

Buzz Needs Lists

Which brings me to my next point – lists.  Lists have much further ramifications than just privacy settings.  On Facebook, I can click on the “Friends” link on the left-navigation and immediately have access to lists I have organized of my friends.  I can view the posts of just my close family members, or just the posts of the news makers and use it like a news reader.  Or I can look at just the latest comments of all my friends, or even a summarized view of the top posts for the day.  Buzz really needs this to be even remotely useful.  On FriendFeed, I have a list of “Favorites”, which I use most of the time to get the most relevant content from those I actually know, and then I can skim the rest of those I follow occasionally.

On every Social Network I belong, it should not be about giving, but how you receive content.  Each and every Social Network has the responsibility to empower its users to receive content in the way they want to.  Facebook has mastered this (although I argue FriendFeed has done, to an extent, even more than Facebook in this area).  No one should feel the need to unfollow me because I post too much, or post one or two things they don’t like.  They should be able to read the content in the manner they like, and filter out what they don’t like, without the ugly unfollow.  Lists are just one component of this.

Buzz Needs Better Filters

The other part of being able to receive content the way you like is via filters.  Each and every application that interfaces with Facebook has to identify itself.  This enables users to filter based on application if they choose to.  If I don’t want to receive Farmville posts, I just hide everything from Farmville, and I’ll never see another field plowed or beet grown again.  People argue they’re worried integration with Facebook will enable the Farmvilles to gain access, but the thing is, without filters, the Farmvilles will use Buzz regardless, but without Filters you will have no way to stop them.  Facebook has completely mastered this, and I can’t do this on any other service.

In addition to application hiding, I should be able to filter by feed type.  If I don’t want to see someone’s Twitter feed, I should be able to hide just their Twitter feed.  If I want to block all Twitter posts from showing, I should be able to do that.  If I want to hide a user but not unfollow them, I should be able to do that.  I shouldn’t have to worry about making anyone feel bad by unfollowing or blocking them.  I should be able to just control my feed in the way I want, just like I do on Facebook (and to an extent, FriendFeed).

Buzz Needs the Ability to Import my Facebook Contacts

Lastly, in order to compete with Facebook, Buzz needs my Facebook friends.  They’re not going to get those through my Gmail contacts.  Most of my Facebook friends are not in my Gmail Contacts.  The only way they’re going to gain access to my Facebook friends is via the Facebook API.  It’s time for Google to suck it up, work with Facebook, and find ways of integrating my friend list from Facebook into the Google environment.  We’ve waited too long for this with Google Friend Connect, and surely there’s a win-win option for both companies to allow this and work together.  Win-win for them is win-win for the user.

Let’s look at Aardvark (recently purchased by Google), for instance.  If you log into Aardvark with your Facebook login, it will immediately detect who in your Facebook contacts are also on Aardvark, and immediately add them as friends on Aardvark.  The site, Digg.com also does this well – all my Facebook friends are automatically added as Digg friends as they log into Digg through Facebook.  There should be no problem with Buzz following Facebook’s developer terms of service and integrating this into their own environment.  Facebook provides hooks into its APIs for doing this exact thing.

Assuming it agrees with the Facebook developer terms of service, Google could even submit each user’s contacts to Facebook and immediately prompt each user in your contacts list to connect on Facebook.  This would be win-win for both companies, as it would encourage the users of both services to build contacts in each and grow each service.  Considering Youtube and Aardvark have both integrated the Facebook API (Youtube could do much better), I don’t anticipate any issues with them doing this.  I will interpret any lack of Facebook integration as a failure on Google’s part, and Google itself playing politics, not Facebook.  So long as you play by their rules, I’ve never heard of Facebook deny a developer.

I really hope the Buzz team reads this.  I have a lot of experience in the Facebook environment.  I know intimately how Facebook works as an author of 2 books on the subject and writer of a plethora of documentation about Facebook on various sites around the web, as well as a developer of numerous apps on the Facebook API and consultant to many others.  Frankly, as a user and developer, I want to see both companies succeed.  The more Buzz succeeds, the more Facebook will compete and provide a better service.  The more Facebook competes, the more Buzz will compete and provide a better service.  Users win in both scenarios.

If Buzz is really trying to compete with Facebook, these are the things they need to implement to get my attention.

Google Has Large Company Syndrome

google-5647674I’ve worked for various companies over my career.  Some of those very small (including my current startup), and some very large, international and public corporations.  I currently work with similar clients of various sizes and types.  Each and every one of them shared characteristics that come with the turf in managing a large or a small company.  In a small company, you’re dealing with issues like how to grow, how do you start to deal with a growing employee base, and how do you handle all the workload in front of you on such a limited budget.  Yet you have much more flexibility to get things done and build for the whole of the company.  With large corporations you’re dealing with politics, and budgets, and individual departments all fighting for control.  It’s common amongst every single organization I have come in contact with, and I believe that is starting to include Google, which we’re seeing evident in many of their new Social products.

Let me preface with the fact that I love the concept of Buzz.  As an avid FriendFeed user and Social Media addict, Buzz hits many points that are just sweet in my eyes.  I love that they’re embracing open technologies to build it, and working hard to empower individuals and even (soon) developers to have control over their own experiences on the platform.  With the size of Google, this will bring much more attention to these types of technologies, so what they are doing is a good thing.  I don’t think they needed to reinvent the wheel to do it though, and I think the reason they did it may be in part due to the size and politics of the company.

Enter Google Reader.  I’ve complained many times that I don’t think Reader needed to focus on Social.  I don’t think it needed to re-build your Social Graph all over again.  Now, with Buzz in the mix they are trying to cross-integrate the two, and I think it’s really the wrong approach.

What I think is happening is departments at Google aren’t working close enough together to make things work properly.  For instance, Orkut already has the strength of building social connections.  Its strength is in building Social Graphs and empowering users to share with their close friends and family.  They already have the tools to do it, and, in some countries this has proved to be quite successful.  I think the Orkut team knows that.

In the case of Reader, what I think is happening is in the product development cycle they realized they needed social features.  The Orkut team wasn’t available, or one of the two teams didn’t have the budget to cross-integrate, or perhaps politics got in the way, so Reader reinvented the wheel to do Social in the Reader environment.  They could have rather done something similar to Facebook Connect, and enabled users to connect to their Orkut Social Graph and brought in shares via that means.  Then Orkut continues to own the Social Graph, social interactions continue to happen through Orkut, and people can continue to build connections with Orkut as the main hub for Social interactivity.  My guess is that the Orkut team was too booked to create such a tool just for the Reader team.  Someone up the line said no to it, so the Reader team built their own tools to accomplish the task.

I think we’re seeing the same with Buzz, and many more tools like Friend Connect and OpenSocial and others at Google.  Sergey most likely assigned a team at Google with the task of building a FriendFeed or Twitter-like product that enabled people to communicate better.  Orkut does not yet have such functionality, and it made sense to do it as a separate product.  They decided to integrate it into Gmail, where your contacts are.  Rather than utilize the strengths of Orkut for organizing these contacts, it was probably easier due to the size of Google to utilize Gmail’s contact manager to do so, which Google Reader just so happens to also use.  The cross-integration with Reader just happened naturally, but thanks to the lack of expertise in Social Graph management, it was done poorly, now making it extremely hard for Google Reader users to manage their stream.

In large companies it’s very hard to cross-integrate.  I think had Google from the get-go started to find ways to build a Facebook Connect-like interface for Orkut, they could have very well created more activity in Orkut itself, while cross-integrating all their other products into the Social Graphs built on Orkut.  Now Google is stuck with an unorganized mush of multiple social graphs, multiple streams, and messaging and content going all over the place within those streams with little regard to privacy.

It may be too late, but if I were Google, I would look at taking a step back, focusing on Orkut, and building out from there before continuing further on any Social Graph-based products.  These social products Google is building should all be relying on Orkut for that social data and then they would have a true Social Network to build from.  They shouldn’t be reinventing the Social Graph every time they build a new service.  This is why Facebook has had such success in the social space – they’ve focused on the one product as the source for all their Social releases.  Google really needs to do the same, and they can still do it with open standards, but this time starting from the Orkut environment and building out.

Horton’s Megaphone – The Competition for Discovery

horton-hears-a-who_1-3001694There’s a lot of “Buzz” going around lately about Google Buzz being a Facebook or Myspace killer.  Jason Calacanis, Mahalo founder and lover of Tesla, goes to the extent of saying with Buzz, Facebook lost half its value.  Thomas Hawk, an amazing photographer and avid FriendFeed user, stated on FriendFeed that Google Buzz is going to “Kick MySpace’s A**”.  While I don’t doubt that Myspace is already having difficulties, I really don’t see Buzz being competition at all for the Facebooks or Myspaces or even Orkuts of this world.  It’s a matter of apples and oranges, or metaphorically speaking, just dust in an elephant’s trunk.

There’s a term I like to apply to the Twitter, Buzz, and FriendFeed phenomenas when compared to Facebook and Myspace and Orkut that I call, “Horton’s Megaphone”.  We all live in a personal world of friends, family, teachers, doctors, and pets.  That’s our reality.  We live in it from day to day and it is what we are most familiar with.  Yet, there’s another reality we all want to be a part of.  Without being heard we’re at risk of missing out on career opportunities, growing our businesses, or maybe even fame or fortune.  There’s a need beyond this current reality to get word about ourselves out to other realities beyond our inner circle of friends and family.  It’s a competition for discovery about who we are.

This is where Horton comes in.  In the Dr. Seuss book, “Horton Hears a Who!”, we see a completely different reality from our own, the “Whos”, whose entire reality exists in just a small speck of dust within our own.  They have mayors and doctors and family and friends and neighbors, and live a grand life.  But when tragedy strikes they are stuck trying to get an alternate reality to hear them.  Their final survival ends up relying on their voices, a megaphone, and an elephant named Horton who had the heart to listen.  “We are here! We are here! We are here!” they shouted in desperation through that megaphone, trying to get the attention of reality.  Sounds familiar.

Buzz is simply that megaphone used to create contact with the real world.  It’s a way we can get word out to alternate realities beyond our own to ensure our own survival as individuals, businesses, and organizations on the internet.  Buzz, Twitter, and FriendFeed are where your own realities get to speak with other realities you would have never come in contact with before they existed.

There is no way Facebook should feel even a little bit threatened by Buzz (unless they’re trying to grow FriendFeed).  They are two entirely different communication mediums.  On Facebook I don’t need a megaphone to communicate with my close friends and family, which it was designed for.  On Buzz I can’t find old friends from High School or even Elementary School, or old clubs or groups I used to belong to like I can on Facebook.  I don’t have groups or shared events or life photos of all those close friends and family.  Facebook is where real life happens.  It’s the Elephant, the real world, reality.  Some call it a “walled garden”.  I call it reality, where everybody knows your name.

Buzz is (and Twitter and FriendFeed are) just an entity of individuals, most which do not know each other and each having their own realities, all trying to compete for the attention of real life.  It’s a different type of communication.  On these platforms it’s a competition for attention (which is why everyone wants to compete for the highest number of followers).  On Facebook (and Myspace and Orkut to an extent) that competition is already won.

Facebook has the holy grail of networks right now – real life connections and relationships that are all able to connect and share with one another.  It is where each and everyone on Buzz wants to be.  The real value is in those real-life connections.  Otherwise we are all just specs of dust in an elephants trunk.

“We are here! We are here! We are here!”

Is Google Reader Still an RSS Reader?

2426084610-reader-logo-en-6607753I’ve been following the Buzz about Buzz today (click on the link – get it?), and, wanting to try it (since I’m not of the privileged few bloggers given access at launch), I started browsing on my iPhone where I heard it was available.  Immediately I was presented with a list of people following me that I was not following back, so I went in and clicked follow on about 300 or so people that it said I was not following yet.  Big Mistake.

Later in the day I went to check Google Reader, which until today was my RSS Reader of choice, and lo and behold I had over 400 items from just the last hour sitting in my unread items box.  It turns out when you follow someone on Buzz, it also follows them on Reader, and who knows what else on the various Google properties.  Now, the only way to bring my volume of repeat RSS shares from friends down on Google Reader is to go into each and every one, mark hide, and manually move each into their own separate folders.  All this on an already slow Google Reader interface.  I’m not looking forward to that.

I have been critical ever since the Reader team introduced social features into Google Reader.  Now, rather than being a place where I can just go to ensure I’m getting the latest news from the blogs I want to subscribe to, as a traditional RSS Reader should be, I’m now stuck in a world with hundreds to thousands of shared items from friends, many of those repeat items, getting fed to me over and over again, even when I don’t want them!  Add to that all the likes, comments, ability to post “status updates”, and more, it occurred to me today that Google Reader is no longer an RSS Reader – it is now a Social Network!

I wish Google Reader would just stick to what it’s good at – being an RSS Reader.  I now need a place I can go just to get the news I want and don’t want to miss.  Some say those days are gone, but it’s still a need for me.  Today with the introduction of Buzz, Google Reader became useless to me.  If I want to skim the news I can go to Buzz and get all the features of a social network.  I don’t need Google Reader to do that for me.  But when I just want to read the news I want, Google Reader has lost its use for me.  Maybe some of this is the reason Google Reader’s former team lead just switched to the Youtube team?

I’m first to admit RSS is far from dead, though I think it’s time to find another RSS Reader.  Should I just switch to Mail.app?  Where can one go to get the news these days?

Yahoo Launches SQL Interface to Twitter

yql128-6333387Every time I switch to jQuery, Yahoo’s YUI libraries seem to keep luring me back.  Just yesterday, Yahoo added one more tool to its arsenal of YQL libraries that actually makes the Twitter API intuitive, giving me another reason yet to switch back to yui, or at least consider using Yahoo a little more as I develop tools for the Social Web.  The new YQL set of tables for Twitter enables any developer to use simple SQL-like queries to retrieve and post Twitter data.

For simple user queries, getting a user’s twitter profile data is as simple as something like “SELECT * FROM twitter.status WHERE id=’8036408424′;“.  To insert data, you simply need to provide the oauth consumer key and secret, along with the user’s oauth tokens and you can do things like post new status updates for the user, all in Javascript!  A subsequent call to post a user’s status would look like:

INSERT INTO twitter.status (status, oauth_consumer_key, oauth_consumer_secret, oauth_token, oauth_token_secret)
VALUES (‘tweeting from yql!’, ‘@your_consumer_key’, ‘@your_consumer_secret’, ‘@your_access_token’, ‘@your_access_secret’);

The cool thing about Yahoo’s YQL Twitter interface is I can also choose to only pull specific information out for the user.  I’m not quite sure the benefit this gives you considering Yahoo is probably still retrieving the entire subset of data from Twitter (you can’t pull specific pieces of data out of specific objects in the Twitter API), but at least it’s possible, something I’ve been craving from the Twitter API for quite awhile.  It is unclear if Yahoo is caching this data, and if so, it could provide some significant performance benefits, with Yahoo doing most of the work on their own backend.

Yahoo’s YQL puts them one level above Facebook’s own FQL query language for accessing Facebook data by enabling developers to not only access data like this for Twitter, but also other environments like Facebook as well.  Yahoo has an entire database of “community tables”, where, if specific APIs aren’t provided, the community can create their own tables to that interface and give developers immediate access to those APIs via a simple, standardized SQL interface to those platforms.

This type of API is exactly what I was looking for from the likes of Google’s Friend Connect APIs (and Google has still failed to provide) – a standardized platform where one single API gives me access to all the different APIs out there.  Now with standardized SQL I can access almost any API, and if that API doesn’t exist yet I can create my own interfaces into each API that, once created will also have access via that SQL interface.

Yahoo now has my attention with this launch.  The API has a web interface, where a call as simple HTTP GET to http://query.yahooapis.com/v1/public/yql?[query_params] returns an entire structure of XML data my application can access.  They provide a YUI Javascript interface into the table structure so you don’t need a backend if you don’t want one, and I get all this for all the APIs I interface with.

I will now be looking into the Yahoo APIs as I look to interface the limitless APIs available out there thanks to Yahoo’s focus on cross-platform integration of their YQL interface.  I like that Yahoo isn’t being selfish with this.  With YQL, Yahoo has finally created a glue that lets me access all the APIs I need to access as a Building Block Web brick builder.

Twitter Testing "OAuth Delegation" With Select Partners – Genius

A common complaint amongst Twitter developers has been that Twitter’s OAuth, the authentication process you see when you click the Twitter login button on a 3rd party website and go to a Twitter-looking page with a “Allow” or “Deny” button, is too complicated.  Mainly, from a user experience perspective, users are required to leave the 3rd party site completely in order to log into Twitter, then get redirected back to the 3rd party site again.  If anything breaks along the way, the user is left wondering what to do, and valuable logins, purchases, or registrations could be lost.  Facebook has solved this by enabling users to do all the login process via Javascript they provide that produces a popup.  Users can log into Facebook without ever leaving the 3rd party site.  It appears, based on a thread on the Twitter developers list, that Twitter is planning to one-up Facebook by allowing users to log in to 3rd party sites without ever even needing a popup or any type of redirect, and they’re already testing it with select partners.

The topic came up when other developers noticed that the site, TwitPic.com, was allowing direct Twitter logins right on their own website and somehow posts from TwitPic were showing up with the TwitPic name and link next to the post on Twitter.  This normally isn’t possible without enabling OAuth login because Twitter has disabled the functionality for any non-OAuth produced Tweet.  In fact they have said in June of 2010 they will be completely removing the ability to login through Twitter on 3rd party sites via plain-text authentication.  So how is TwitPic doing it?

According to Raffi, an Engineer on the Twitter API platform team, Twitter is currently working on a new “OAuth Delegation” standard that will allow applications to allow users to log in via Twitter on their own sites, while still maintaining the control over Apps that OAuth gives providers and users.  So, on TwitPic, for instance, you can log in to TwitPic.com with your own Twitter username and password right on the TwitPic site itself, yet you’ll still have full control on Twitter.com to revoke access to TwitPic at any time you want to.  In addition, Twitter, at any time, can remove TwitPic’s ability to publish or access the Twitter API since they still have to use OAuth to make Twitter API calls.

If the hints in the developers list thread prove true, developers will be able to take the plaintext username and password, still store them somewhere, but in order to make calls through the Twitter API they’ll have to somehow send an OAuth key with their requests to Twitter along with some way of identifying the user.  My guess is, in essence, the app will send a one-time login on behalf of the user to Twitter (most likely via a secure SSL encryption channel or similar), and Twitter will return to the app an OAuth token to make API requests with on behalf of that user in the future.  In my opinion, this is still no different than storing an OAuth Token in a database that would give apps the same access as their Twitter username and password.

Security Concerns

While storage may be no different, I’m sure there will still be those concerned about this approach.  For instance, what happens when users get used to entering their Twitter usernames and passwords on 3rd party websites and decide to do so on a malicious website?  We’ve seen how used to entering Twitter credentials people get with websites that look like Twitter itself with the rampant phishing attacks recently.

Maybe Twitter is feeling comfortable enough that they can be proactive about such misuses and password collection.  The risk is still there though and hopefully the OAuth Delegation Twitter is getting ready to launch will cover this problem.

Partners

Thus far, it seems TwitPic is one of the partners testing this new delegation standard Twitter is working on.  Several others were mentioned in the developer discussions about this as well.  For instance, Seesmic Look is also taking similar credentials without any OAuth redirect, yet still shows the “Look” source in Tweets generated with the app.  One developer pointed out the information that could be retrieved from the new requests, and the security of it all is a little concerning.

Whatever it ends up being, the winners will be desktop and mobile client developers.  Right now developing a mobile or desktop app involves deep integration into the browser in order to legally get the user logged into the app.  It is why we see so few native desktop clients and so many AIR apps.  AIR is a browser-based solution.

I’m very interested to see what happens.  The Twitter team is supposed to announce more details very soon and I’d like to find out more about what this means for developers, how secure it is, and how much recoding I’ll have to do to enable it in my app.  Whatever it is, you can bet it will be one step simpler than the currently more-simple solution which Facebook provides.  This is getting very interesting!  Let the API wars begin…

Create for a Cause

Recently here in Salt Lake City we had the opportunity to have Eric Schmidt, CEO of Google visit. While I didn’t have the chance to see it, reading about it, he seemed to talk about a common worry I hear throughout this State. Here in Salt Lake City and around the area we have a lot of successful businesses! From my Uncle’s Freeservers.com, to Omniture, to Mozy, to Novell, Wordperfect, and many others, there’s no shortage of success in this area. It’s a hotbed of talent and technology the world doesn’t give enough credit for. The problem is that we have no Yahoos or Googles or Facebooks or Microsofts to give us credit for that success. We have no home-grown success story that didn’t eventually sell out for big bucks to one of the big West Coast companies.  I think this is a common problem for many areas.  Why is this?

Eric Schmidt tried to come up with his own reasons in response to Utah Senator Orrin Hatch, who (Hatch) stated, “We get a corporation going and it has some tremendous ideas and all of the sudden someone comes up from Silicon Valley and buys it and takes it back there.” Schmidt responded, saying, “I don’t know whether [improving the situation means] globalizing the business. I don’t know whether we need more venture capitalist presence in Utah or maybe just more experience building the businesses from the startup. It’s not that businesses aren’t getting started, it’s that once started they aren’t growing the businesses fast enough.” So what is it that keeps the Googles or Microsofts from staying in Utah (and other states) rather than staying here and growing to compete with the big guys?

I’ve suggested the PR problem before. That’s just one problem Utah has – a lack of enough tech bloggers to get the word out to Silicon Valley. One other common problem I see in Utah is we get greedy. I’m not even saying that’s a bad thing. Too many Utah startups are focused on the money rather than an underlying cause that motivates their revenue stream. That’s part of the reason Utah businesses have been successful – we have some of the smartest business people in the world right here. Even Eric Schmidt confirmed that, stating that “Utah is one of the best places to do business.” We know how to make money! Unfortunately that’s what differentiates us from the West Coast companies like Google however.

I argue it all revolves around cause. Let’s look at Eric Schmidt’s company itself, Google. Everything they do centers around one central cause, “Do no evil”. It doesn’t even matter if they have purpose. Everything they do must be done “the right way”, even if they lose money from it. Some even argue this has become a PR pitch for them as well. Google is willing to lose money for their cause, yet they are also making money because of it. It’s an amazing strategy.

Facebook also does this well. I’ve done a lot of work with Facebook with 2 books on the company and several apps written around their platform. When you interact with them and their employees, you get a common theme from them: They are doing all they can to enable people to share in bigger and better ways. Their vision is to help you share without risking privacy. Everything they do revolves around that – their revenue model is built around their cause.

Twitter is building “the pulse of the internet”.  They want to enable better communication between anyone in the world. They’ve forgone revenue to ensure that takes place (yet they’ve been able to raise a ton of capital, I realize, but I argue that’s part due to their cause).

I see the same thing from company to company in the Bay Area and even up in tech hotbeds like Seattle (home of Amazon, Microsoft). These guys all drive revenue based on purpose! While there are currently a few exceptions, I don’t quite see this in Utah and other states, especially amongst the larger startups. It’s all business.

Eric Schmidt also stated that “It’s not an attitude problem, it’s an availability problem. To me, it’s recruiting new talent into the state and growing new talent. It’s really people and expertise and that’s the way to make it happen.” Guess what drives and keeps talent? Motivation. If people have cause to work for they come, and they stay, and they work hard at it.  I remember at BackCountry.com (a Utah company), our mantra was “We use the gear we sell”.  Employees loved that because all kinds of incentives were given to get employees using their cool gear, and the employees loved that!

80% of Utah’s population is in the Salt Lake City area. Schmidt suggested this was an incredible opportunity for people to connect. I think we just need motivation to encourage that connectedness. Motivation is what makes the Googles and Facebooks and Microsofts of the world.

If you’re a startup, anywhere, what are you building on top of? Where are your foundations? Are you building for money or for purpose? I know as I build my business I’m going to be thinking much, much more about changing the world and less about the money I make as a result of that. The money will come naturally. That is how you build Google, and keep it there.

What’s your cause? What businesses do you think do this well? Please share in the comments.

EDITORS NOTE: 2 Companies in Utah that I think are doing really well at this are Phil Windley’s Kynetx and Paul Allen’s FamilyLink.  When you interact with them you can sense their cause.  It bleeds through the company.  People are sacrificing time and money just to be sure their cause is getting through.  As a result, Paul Allen’s company was recently ranked one of the fastest growing companies on COMScore, and recently, according to Compete.com, surpassed his old company, Ancestry.com in traffic.  Cause eventually pays off!  I encourage you to learn what they do – they won’t be going away any time soon.

Source of Eric Schmidt Comments: http://www.sltrib.com/news/ci_13630231

Twitter, The New Micro-Spammer and the Need to Fix CAN-SPAM

Marketers seem to never learn.  Time and time again they have tried to sacrifice loyal relationships with customers in order to take the easy road in hopes to get the small percentage out of millions that might convert into one-time sales.  Affiliate marketing is ripe with these people hoping to “get rich quick”, without regard to how it is done.  I some times wonder if these people would sacrifice their own souls in order to gain a quick buck.  It would certainly seem so as we have been inundated with junk mail and e-mail spam, viruses, worms, porn, and other tools intended to spread what they’re selling to mass audiences in as fast a manner as possible.

Technology has sought hard to stop such problems.  We have anti-virus solutions that stop the malware, but evidently it’s not good enough, because viruses and worms and malware still spread.  Google’s Gmail has excellent spam filtering software for e-mail, as do other services such as Yahoo Mail and Hotmail.  Yet, I still get spam e-mail.  There are even services which try to stop the amount of junk mail you receive, yet even that isn’t fool proof.  It seems no matter how much technology we throw at it, the spammers will always find a way to circumvent the process.

Government is doing all they can do as well.  Here in the United States, CAN SPAM act makes it easy for government to prosecute against spammers.  The act was meant to thwart the problem in the early 00’s where e-mail spam was running rampant.  The marketers all complained, claiming it would reduce the amount of money they could make, worries of economic crisis ensued.  But after the act went into place, marketers began to realize they were actually seeing more money than before because they were actually focusing on people that were interested in their product, rather than people that weren’t.  I admit a lot of my spam went down at that time.

Enter 2010.  Twitter is almost a standard.  Facebook is almost a standard.  We are seeing the era of micro-messaging take form, and it doesn’t seem this era is going away any time soon.  As with any new communications technology, so come the spammers that come along with it.  As I can attest from my own company, the spammers are now out of control on Facebook and Twitter and almost any other service that enables micro-messaging, and they’re fighting their best to stay on top of it all.  I admit they’re probably doing all they can, too.

On SocialToo in just the last month, we have already automatically marked near 3,500 DM messages as spam out of a total of 3,500 users that utilize the service. Since we implemented the service just a few months ago we’ve marked near 8,500 DM messages as spam. And that’s just DMs on Twitter! Considering there are in the 10s of millions on the service and DMs aren’t the only means of spam, you can see the problem Twitter and Facebook are facing.

It was this reason I added these spam filtering services on top of SocialToo.  I too want to do what I can to help kill these problems.  I’ve seen it all – even people abusing my own service to increase their numbers and in return spam those followers with things their followers never intended to receive.  It was this reason we complied with Twitter’s request to remove automatic unfollow of those who unfollow you recently, and frankly I agree with Twitter on the move – they’re doing the best they can to thwart spammers, and I want to support them in that process.  Look at this video I found on Youtube recently – in it, a man is demoing software that uses a combination of your desktop and outsourced workers in India (likely through services like Amazon’s Mechanical Turk) to quickly create accounts, send a few tweets each to increase, gain, and grow followers, and spam those followers with affiliate links. It’s appalling the way he says this is a “secret” only a “select few” marketers know about – the fact is I already knew about it – it’s no secret:

Source: http://www.boblallyblog.net/?p=776 (http://twitter.com/boblally and http://twitter.com/successtoolme)

This guy’s software is just one of many, and I argue it does this the hard way.  Now we have the ability for applications to sit on top of the browser and completely control  the context which a user views the web.  Applications like GreaseMonkey, extensions and plugins, and even Kynetx, while they can be used for good, could all be used in this way with just simple HTML and Javascript to create accounts and spam with them.  There’s not much Twitter or Facebook or even the makers of GreaseMonkey, Firefox, Chrome, IE, or Kynetx can do about them (although Kynetx at least has a controlled user directory through which they can at monitor these things).  There are already tools like Hummingbird out there that do this for relatively cheap, and there will be more.

It’s time Government step in and put an end to this.  CAN-SPAM was written for long-form communications, but it needs to be modified to allow for the short-form. It specifically mentions e-mail and cell phone communications, not micro-messaging services.  Recipients should still have the opportunity to opt-out of the messages they receive. Perhaps the enablers of such communication such as Facebook and Twitter need to provide a means for message senders to provide an opt-out location that attaches to their messages.  That’s just one idea – I’m sure there are many other ways of doing this.

CAN-SPAM needs a provision which specifically targets the micro-messaging space.  It needs communication which specifically says what marketers can do on these services, and how people can opt out.  As I know very well, this will not stop all messages, but it will cut off a large majority of messages, which I know are being used by legit Lawyers and Doctors and business owners everywhere in the US to cost Twitter thousands of dollars and waste the time of countless people.

We need to do all we can to stop this nonsense. I want to see these micro-messaging spammers prosecuted.  It won’t happen unless the US Government modifies CAN-SPAM.  How can we do this effectively in the micro-messaging space?