Related Posts

1. The Lessons We Should All Relearn From HBGary (5)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> Last week I logged on to Tumblr and was confronted with this abomination:

Missing e notice from tumblr. Way to encourage API development, guys.

Needless to say, this is pretty disturbing, and I wonder what Tumblr is thinking by posting this.

Background

Some background: Tumblr is a blogging site, with social media overtones. Basically, you can easily follow other bloggers’ posts through a dashboard / search posts via tags, and it’s quite easy to repost material you find on other blogs.

Like most other major providers, Tumblr maintains an API. Until last year, it was mostly restricted to retrieving and submitting posts; it was recently expanded to allow some manipulation of blog settings and managing followers.

I like Tumblr a lot. I’ll go on a couple of times a day, and like most other Tumblr blogs, my blog is mostly reposts; it’s where I’ll dump links / reposts of things I see on the Web that I want to share.

Missing e has been around for a while. It’s a browser add-on for Webkit-enabled browsers; as its name implies, it leverages the API with some neat features that aren’t directly available through Tumblr itself.

For example, Tumblr has a lot of image posts. Missing e includes a magnifier feature that lets one see a full-sized image right from his dashboard, rather than having to engage in the several clicks it takes to see a full-sized image. Missing e also lets me more easily reblog items (including the automatic addition of tags to reblogged posts), manage my post queue, and otherwise make Tumblr easier to use.

I should note that I don’t know the developer of this plugin personally, nor have I spoken to him about this notice. (I have read his response to this outrage, however, and I find it remarkably calm, fair and responsible.) I don’t know if Tumblr has contacted him about its concerns or tried working with him on those issues (reading the developer’s responses, it sure sounds like they haven’t).

I also haven’t contacted Tumblr about this. I’m not interested in hearing whatever nonsense they intend to proffer as justification. I know what I read and I know how I feel about it as an API developer.

To Tumblr’s credit, they haven’t cut off API access to the plugin, which was certainly an option others might have pursued. It wouldn’t surprise me if a number of Tumblr users can’t tell where Tumblr ends and missing e begins, and thus they are swamped with support requests they can’t do much about. And it does make sense to me that missing e uses a lot of resources to accomplish its tasks.

A Completely Wrong-Headed Approach

That’s where my empathy for Tumblr’s plight ends.

First, Tumblr’s reliability, both in terms of its primary service and its API uptime, rivals Twitter for embarrassingly inadequate. (At least Twitter has the common sense to not blame third-party developers for their failure to stay up.)

That’s on Tumblr alone. It’s up to them to keep their service running.

I especially find odious the insinuations contained in this notice. While missing e is, in the base definition, a “hack” of Tumblr, the tone of this message suggests that the plugin isn’t well-written and may be up to no good.

Well, you can go to GitHub and look at the code yourself. Yes, it sends data to intermediary servers. Yes, it is technically possible for missing e to steal a user’s Tumblr credentials, to track Tumblr users’ activities, to obtain personally identifiable information, etc.

Let me be clear: I agree with another user that missing e in no way compromises user information right now. However, it could do so, by virtue of being a browser add-on; to that extent, the notice Tumblr posted is accurate, as they don’t directly accuse missing e of privacy violations, but do note it is possible for browser plugins to capture information a user never anticipated having captured.

Absent proof that there is an intention behind missing e to do that specifically, and to use such information for nefarious purposes — evidence Tumblr clearly could provide, if it existed — I find the tone of this note beyond insulting; it’s chilling.

My interpretation of this notice is, “We don’t like missing e. We’d just as soon ban it. But that’s not very Web 2.0 and it’s likely to generate PR static. So we’ll scare you, push you toward getting rid of it, then continue to serve those who want to use it.”

That’s being a dick. That’s being lazy. That’s being stupid.

A Proper Response

Were I in charge at Tumblr, we’d be going about this in an entirely different way.

• The first thing we would have done is offered the guy who wrote missing e a job.
• If not that, we would have offered to buy missing e outright.
• And if that didn’t pan out, we’d ask missing e users to rate its features, then build those into our platform.

Because what does Tumblr’s approach to this issue say? It says, “We aren’t interested in the reasons why missing e is a problem for us. We don’t care about our end users and why so many of them are using this plugin. It’s not that our product is inferior, and someone has made it better; it’s that we have what we have, and even though it can clearly be better, we’re more interested in the status quo.”

Or, as I’ll coin it, The MySpace Response: “Do what you like, so long it fits in our picture of our service.”

You saw how well that worked out for them.

I don’t suspect this blog post will cause any change whatsoever in Tumblr’s approach. I simply want to lament what is an absurd and insulting response to a relatively minor problem by a company that I expected knew better than that.

If Google brought you here because you’re worried about that notice, suffice it to say that I looked at the missing e code and, as of this writing, I see nothing there to be concerned about.

I do, however, see a lot to be concerned about in Tumblr’s handling of this matter.

All links in this post on delicious: http://delicious.com/dougvdotcom/tumblr-mangles-developer-relations

Related Posts

1. Social Media, Real-World Friends, A Thick Skin And A Sensible Strategy (17)
2. Designers And Developers: Donate Your Time, Talent At New England GiveCamp, June 11-13, 2010 (15.3)
3. It’s All Chinese To Me: Reader Has Google Translate Built-In (6)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> Check out this awesome thing (click for larger in new):

This map, from flowtown and brought to my attention by tor.com / Google Reader’s recommended articles, is based on a 2007 cartoon from xkcd (again, click for larger in new):

As Bridget McGovern notes, “It’s interesting to compare and contrast the two versions and consider how the internet has evolved since Randall Munroe first published the original map in May, 2007.” And amusing. And thought-provoking.

All links in this post on delicious: http://delicious.com/dougvdotcom/the-2010-social-networking-map-via-tor-com-with-op-credit-to-xkcd

Related Posts

Related Posts

1. On Facebook’s New Features, Privacy And The Near Future Of The Web (21.4)
2. On Facebook, Appendix: The Rapid Decline Of AOL (20)
3. It’s Time For Facebook – Or, At Least, Someone – To Vet Third-Party Applications (16.8)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]>

Elliot Schrage

For a lawyer — especially a lawyer facing a Bonfire of the Vanities-worthy media frenzy, a meddling Congress, watchdog groups barking at his door and an inchoate Intifada by his longest-standing and most important partner — Schrage was pretty forthcoming; most lobbyist / marketers would equivocate their way out of a similar mess.

Actually, if you read the Times blog post closely enough, Schrage effectively admits it’s that sort of behavior that has put Facebook in hot water:

“Our desire to innovate and create new opportunities for people to share sometimes conflicts with our goal to create an easy and accessible user experience,” he wrote in the introduction. “It takes forums like this to get better ideas and insights about your needs.”

Which is the purpose behind this post. I’d like to put, in layman’s terms, Schrage’s answers to each of the questions posed, and either provide the answer I wish he had given — that is, an answer that is the plain truth about why Facebook does what it does — or expand on what he said.

Q: “Why can’t you leave well enough alone? Why do I have to do a weekly ritual of checking to see what new holes you’ve slashed into the Facebook Security Blanket, so that I have to go and hide or delete yet more stuff? Are Facebook customers really pounding on your door screaming that they want more categories of their personal data to be available to marketers every few months?”

Schrage: We are clearly upsetting people by making changes as often as we do. No personally identifiable information is shared with advertisers.

Me: Social media is young. What works and what is profitable changes quickly; what fit into the way Facebook did things, even just a few months ago, may be cutting off opportunities to make money or head off challenges from other social media providers today. That’s why things change so much: To protect and grow Facebook’s market share.

If you’re going to complain about Web advertising based on browsing habits, you probably should have stopped using the Web back in 1996. And if you’ve ever used a coupon, promo code, frequent buyer card or gift card, I’d like to kick you in the butt as I explain what, exactly, constitutes behavior-based marketing.

Q: “It used to be that I could limit what strangers saw about me to almost nothing. I could not show my profile picture, not allow them to ‘poke’ or message me, certainly not allow them to view my profile page. Now, even my interests have to be public information. Why can’t I control my own information anymore?”

Schrage: Using Facebook means accepting the terms of service. As the service changes to become more interactive and to leverage Facebook’s data across independent Web sites, what data gets shared needs to change, too. “If you’re not comfortable sharing, don’t.”

Me: And the horse you rode in on.

Q: “What caused the controversial glitch; what are the chances of it recurring?”

Schrage: Engineering screwed the pooch. Let’s hope that doesn’t happen again.

Me: Been there, done that. More times than I’d like to admit.

Q: “What are Facebook’s legal liabilities should any critical information be leaked and misused?”

Schrage: An exodus of users would hurt us way more than any stupid law, or lawsuit, will ever manage.

Me: Amen, brother. Facebook’s bread and butter is in having lots and lots of users sharing lots and lots of information. That’s why Facebook will never charge a basic user fee, regardless of the endlessly recycled rumors to the contrary.

Q: “Has Facebook ever considered asking us, the hundreds of millions of users who make money for them, what we would or would rather not have? You know, sort of like asking the customer what they would prefer?”

Schrage: You mean the millions of dollars we spend every year on market research and focus groups?

Me: And the “anyone can make anything” framework that powers thousands of annoying quiz, game and trinket-swap programs?

Seems to me every time we ask tens of millions of Americans to make a decision, we manage to mess things up badly. Facebook has a better idea than Joe the Plumber of how it should work and what makes a successful social media empire.

Q: “What is the long-term plan to monetize Facebook’s huge traffic, and how will that impact user privacy?”

Schrage: Targeted ads will pay the bills. We don’t need to sell personally identifiable information.

Me: Let’s not forget becoming a primary content portal, the possibility of charging businesses to operate pages on the site, and selling to others the same aggregated data you use to place targeted ads.

That might be back-burner stuff at the moment, but it’s coming, especially if Facebook continues to grow in its role as a source of single sign-on to other Web sites.

Q: “What’s the actual, real-life-applicable upside for the Facebook user of any of the recent changes you’ve made to privacy settings? How do they make the site better for me?”

Schrage: Social networking only works if people are looking at what you are sharing. If Facebook’s data of shared items can permeate everyplace on the Web — major news sites, Pandora, etc. — that’s a lot more useful than having to run TweetDeck, or having to visit Facebook itself. Let Facebook come to you, wherever you are; that’s how we will conquer the Web.

Me: MySpace had a closed model in which there was no API provided to third parties to leverage its data and share what you do elsewhere on the Web; MySpace lets you completely shut out strangers from your profile. Look where that got them.

Q: “I’d like to ask Elliot, and all the senior staff at Facebook, what are the privacy settings for their own personal Facebook accounts? Can you share the settings (not your personal data, obviously) with the NYT and Facebook users?”

Schrage: I don’t use the default privacy settings for Facebook. Neither does Facebook CEO Mark Zuckerberg. That’s because we ain’t your friend, and we ain’t gonna be your friend.

Me: Take that, Schrage! Best question of them all.

It is worth noting the irony that Schrage’s Facebook profile can’t be found via searching Facebook. The one profile I found with a photo (and with the permalink user name of elliot.schrage) clearly isn’t the Elliot Schrage, and the other two listings had no identifying information other than sex. These, of course, could be troll accounts.

Schrage is also listed on the Facebook executives bios media page.

But, seriously, if you’re going to claim your default privacy settings are innocuous, shouldn’t all your executives have profiles that conform to, and reveal legitimate information under, the default privacy settings?

Q: “Why not simply set everything up for opt-in rather than opt-out? Facebook seems to assume that users generally want all the details of their private lives made public.”

Schrage: You shouldn’t put things on the Internet that you don’t want others to see. Or you could just go pound sand.

Me: Pwned!

Q: “I love Facebook, but I am increasingly frustrated by the convoluted nature of the privacy settings. It’s clearly within Facebook’s ability to make the privacy settings clear and easy to use — why hasn’t this been a focus?”

Schrage: To make privacy settings simple enough for the average middle-class housewife to operate, we have to use very broad settings. If we let users micromanage privacy, they’ll mess it up badly.

Me: Take it from someone who has made a lot of money cleaning up PCs trashed by users who click things randomly: He’s underselling the problem. I have provided step-by-step instructions on how to change Facebook settings — sometimes, even including screenshots — and had them botched beyond recognition.

Q: “What happens when an account is deleted? Do one’s posts on walls, photos, and fan pages remain visible on the site? How long does user data remain on your servers?”

Schrage: If you deactivate your account, your name and posts on other profiles remain, but your profile effectively disappears. If you delete your account, your name and posts on other people’s walls get attributed to “anonymous,” your profile is gone, and the stuff you’ve put on Facebook is deleted over time.

Me: What he said.

Q: “How can I easily see what people who aren’t my friends but are members of Facebook see about me in my profile?”

Schrage: There’s a preview my profile button when you edit your profile, and there’s a button on the Privacy guide page.

Me: RTFM, n00b.

Q: “Also, what of my information is being indexed by search engines?”

Schrage: Whatever information you set to be viewable by “Everyone” in your privacy settings; and, a standardized search engine listing page, if you have checked that box in your privacy settings.

Me: STFW, n00b.

Q: “Why must I link to a page for my school, job, or interests and make them public, or delete the information entirely?”

Schrage: It’s easier to physically link the relationships between classmates, coworkers and the like if we can standardize both how, and where, you list your school, employer and interests.

Me: The purpose behind social media is to connect to people with whom you might have similarities. If you don’t want to do that, just make a private blog.

Wrapping Up

Man, I gotta tell you, that was a lot of fun. I have more to say about Facebook and all the concerns about privacy, so watch for a post on that soon.

All links in this post on delicious: http://delicious.com/dougvdotcom/the-answers-i-wish-facebook-had-given-to-user-questions

Related Posts

1. On Facebook’s New Features, Privacy And The Near Future Of The Web (21.4)
2. It’s Time For Facebook – Or, At Least, Someone – To Vet Third-Party Applications (15.1)
3. Three Web Sites That Make My Online Life A Lot Easier (5)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> In an earlier blog post, I called Facebook “a 1998-vintage AOL that doesn’t suck,” by which I meant, Facebook is a convenient way to aggregate and streamline all the information on the Web into a smaller, easier-to-manage stream of information, just as America Online was in its heydey.

The benefit of Facebook over other portals and social media — including AOL — is not only that it brings together several kinds of sharing (video, pictures, text, blog, application, games, etc.), it allows the end user to effectively customize what he shares, how he shares it and with whom.

In other words, the Facebook experience is driven by the end user, not the limitations or expectations of Facebook itself. (Yes, I understand users can’t do things that Facebook is incapable of or unwilling to allow them to do. Please grant me the license to make my general point.)

At least, more so than with other social media platforms, such as Twitter, LinkedIn, StumbleUpon, etc.

Which made my stumbling across this recent chart from International Business Management News, detailing significant events vs. AOL membership over the last decade, all the more serendipitous (click image for full-size pic at flicker, in new window):

I think it’s safe to assume that old-media thinking is at the heart of the problem. When AOL changed its models, it did so too late; and no amount of stealing big-name talent and purchasing promising start-ups can overcome trying to sell the wrong things to the wrong people in the wrong way.

Again, congratulations to Facebook for its success, be that the result of wisdom beyond its time, sheer luck or a combination of the two.

But I fully expect that luck, wisdom and success to run out, right around the time it looks like the Facebook behemoth can’t be stopped — as it was in 2002, when it looked like AOL would surely own the world, or in 2008, when clearly Google could do no wrong.

All links in this post on delicious: http://www.delicious.com/dougvdotcom/on-facebook-appendix-the-rapid-decline-of-aol

Related Posts

1. The Future Of Web Programming: From Artisan To Assembly Line (21.4)
2. Three Web Sites That Make My Online Life A Lot Easier (10)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> Quite a bit has been made recently of the changes to Facebook’s default settings, an extensive expansion of how Facebook shares data with other Web sites, and how all that works within the traditional expectation — if not the fundamental understanding — most people have about privacy.

Facebook’s recent change to, by default, share public user information with partner Web sites — namely, Microsoft’s Docs.com, Internet radio provider Pandora and city-based business review site Yelp — is “building a largely closed, alternative version of the Internet,” or, in plainer language, “a power grab.”

This argument is further (and ironically) strengthened by Facebook’s announcement at the recent f8 developer conference that it is switching from its proprietary Facebook Connect login system to OAuth, the soon-to-be-a-standard, open Web site authentication protocol. In so doing, the fabled idea of the “single sign-on” for all Web sites becomes less pipe dream and more within reach — with Facebook the linchpin, and by inference, the one link that can’t be removed from the chain.

In other words, Facebook is a 1998-vintage AOL that doesn’t suck.

That’s not a bad thing. Actually, it’s a great thing.

The Price Of A Web That Works: Your “Privacy”

Yahoo! has been trying to be AOL that doesn’t suck ever since 1994, but it sucks almost as much as AOL and is run by business people with about as much foresight as old-media behemoth Time Warner. (I clearly remember, back in the late 1990s, all the buzz about “portals” and the need to be the conduit through which everyone searched the Web. How is that fundamentally different from what Facebook is actually achieving now?)

But because it is so grossly incompetent, nobody goes around accusing Yahoo! of being the second Evil Empire. For what that’s worth, the first IT Evil Empire, Microsoft, is so inept at Web strategies, no one even considers raising its name, nonetheless a fist toward it. This, even as its one potentially useful Internet contribution — docs.com — is inextricably linked to Facebook.

Had MySpace, Bebo (a.k.a. AOL 11) or even Ning actually understood how social media work, they could be the target of such Web hysterics. Even the most prevalent previous target of Web-related hysterics — Google — doesn’t now rate the kind of ire Facebook has been getting this week.

That the promise of Web 2.0 has been so successfully seized by Facebook is proof of one of the basic, overarching laws of economic progress: Technologies that make it easy for many people to create lots of products cheaply are always handsomely rewarded.

Facebook makes social media simple. It makes the sharing and consuming media very efficient by:

• consolidating a lot of communication channels (read: video, text, chat, photos, games, etc.) into one place;
• aggregating significant amounts of data into easy-to-consume streams; and
• ultimately allowing content consumers to dictate their experience, rather than content creators.

The price for this is, I agree, the death of the kind of privacy — or, more accurately, anonymity — most people expected in their offline lives and assume they can have online. But I have startling news: Online privacy has never existed.

There is only what you don’t say, what others don’t say about you, what people interested in you aren’t willing to seek out, and whatever real-world reputation you actually create.

About the best you can do to preserve your online privacy is never go online; because once you do, everything you have done and will do — from using a search engine, to chatting with complete strangers, to everything you’ve ever put on your Web site, to even your allegedly secure credit card transactions — can be known. And even refusing to go online isn’t enough; forgetting all the people finder Web sites, one of your online friends need simply mention you or post your photo on Facebook or Twitter, and you now have an online trail.

History Repeats

That Facebook does this kind of information aggregation better than anyone else — and seeks to replace the series of tubes with one giant pipe — is, therefore, really more of a question of a second kind of net neutrality, rather than the erosion of a right that neither does exist, nor, by definition of how the medium works, can exist.

It’s not whether it is fair for a few giant bandwidth providers to restrict the type of information that flows from one place to another. It’s whether it’s right for a few giant Internet presences — Facebook, Google, Amazon (by virtue of its share of the cloud computing platforms) and Apple (by virtue of its growing hold on hand-held computing devices) — to control the data we exchange.

What concerns most is the idea of Big Brother — that one, overriding entity has control of all the information about us, and can easily interrelate and aggregate that information to anyone, probably for a price.

This is an entirely valid fear. I share the same distrust of all large organizations, be they governments, companies, armies or mobs. And there is no example from history, of which I am aware, of any large organization that built or retained power without resorting to compulsion of its subjects and violent opposition of its critics nee enemies.

I admit that’s hyperbole. It is a more than just a stretch to assume that this blog will cease to exist, or be hard to find, due to Facebook’s successes.

But that is not to suggest that coming here is something the average user would care to do, if Facebook directly presented users who might like this blog with dozens of alternative blogs, perhaps more germane to their interests, right in their news streams, based on the types of Web queries they are using and sites they are visiting.

In other words, as Facebook succeeds, the onus on others to leverage its success increases. And this, in turn, becomes the snowball effect.

In 1994, it was not unusual to not have an e-mail account, but unimaginable to not have a land line. Today, not having an e-mail address is almost unfathomable; but wireless-only households are increasing rapidly.

One can expect this to happen as Facebook continues to push being the preferred platform for data exchange on the Web.

Real ‘Net Neutrality’ And Privacy: Obfuscation, Decentralization

When considered in the abstract, this chain of events was to be expected. As the neolithic and agricultural revolutions took place, we went from having a rudimentary understanding of property to an exceedingly complex one; as the industrial revolution took root, we went from a strict, property-and-possession based understanding of money and wealth to one more sophisticated, abstract and — as recent events have borne out — difficult to measure or appreciate.

We are still in the infancy of the information revolution, and one of its primary victims will be our traditional sense of privacy.

When we changed from hunter-gatherers into farmers, we had to accept that the freedom we enjoyed to use whatever land we were on needed to bend to the right of property. When we changed from farmers to factory workers, we had to change our concepts of personal liberty, both in the sense of our right to work for our own benefit and to not enslave others.

One of the first tests we are facing in the information age is our ability to maintain secrets.

In past economic revolutions, there were a number of convulsions, many of them quite destructive. We saw monopolies, government excesses, popular revolts, bloodshed on grand scales and plenty of trial and error before we reached hegemony. There’s no reason to expect that isn’t going to be the case with the information economy.

In the case of previous economic revolutions, hegemony was built on two footings: obfuscation and decentralization.

That is, monopolies could not survive, based largely due to public revolt; but a sort of plutocracy took over, one based primarily in the fact that it is just complex enough to prevent any one player from controlling it in large part, in turn leaving enough options so that even if popular opinion turns against any one part, attacking (or even destroying) it makes no difference.

For example, great hue and cry is raised every year about “special interests” controlling Washington, DC. Enough laws and restrictions have been passed since the founding of the United States, to control the voices of special interests, that if the problem could be solved, it should have been solved by now.

But there are enough “special interests” — and so many ways to peddle influence, since the U.S. government has its hands in every pocket — that not only does no one effort to restrict influence work as advertised; the entire sum of all efforts have been for naught.

That’s obfuscation and decentralization in practice.

We’re Still At The Drawing Board

I think what we see, today, is Facebook as a step toward whatever the Web is going to be. Even as Google captured the majority of search, it has not succeeded where Facebook has: in aggregating communication into a convenient channel. That elusive goal AOL had nearly achieved at the birth of the Web has come full circle, just as the server-client model went to client-server and now, back again, via the graces of cloud computing.

Will Facebook be akin to feudalism, or the robber baron, as critics today predict? Probably. I really don’t see any place for it to go but there.

But vassals and Standard Oil went the way they went because those models didn’t work. I have to believe that the Facebook model, too, will eventually bend to humanity and practicality.

Will it require government intervention, or worse, outright civic revolt, to loose Facebook’s grip? Of the former, perhaps; of the latter, probably not, but if I knew the answer for sure, I wouldn’t be writing this post, I’d be cashing very large checks.

But I do have confidence that history will repeat itself, if we consider the information economy in wide view. Facebook is a second draft of the social Web, and I assume we aren’t nearly done drawing yet.

Facebook is but the villain of the moment, as Microsoft was, Google is and Apple is becoming.

All links in this post on delicious: http://delicious.com/dougvdotcom/on-facebooks-new-features-privacy-and-the-near-future-of-the-web

Related Posts

1. Death, Taxes And Bad Web Sites For Review On Yahoo! Answers (24.5)
2. RSS Feeds Now Show Full Entries (13)
3. The Future Of Web Programming: From Artisan To Assembly Line (9.1)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> I spend several hours every day reading / viewing and retransmitting Web content. For the longest time, that meant a lot of visits to a lot of places; it also meant some places got forgotten along the way, or not as fully appreciated as they should be.

That is, until I discovered Google Reader, The New York Times Skimmer and Ping.fm. The three of them make my online life a lot easier to manage. I’d like to explain what each of them is, and how I use them to streamline and crowdsource my daily Internet viewing.

Google Reader is an exceptionally powerful RSS feed reader. (For those who are new to the blog, an “RSS feed” is basically a way to transmit content from one Web site to several others; be it text, pictures, audio or video. Google Reader, and other RSS feed readers, are ways to combine several RSS feeds into one place.)

Reader provides most of the features you’d expect from an RSS reader, plus a lot more:

• Feed aggregation (that is, you can read several feeds at once);
• the ability to group feeds;
• tagging of individual items;
• a “like” feature, which helps Reader suggest other feeds you might like, based on the articles you like;
• a “star” feature, that you can use to easily find items you want to revisit;
• and by far the most valuable feature, a “share” button, that allows you to re-aggregate content — that is, it gives you another feed of the items you share, and presents it as an Atom feed, a static Web page attached to your Google profile, and a JavaScript widget you can easily add to a blog (check the upper left-hand corner for mine).

I currently subscribe to feeds from Slashdot, Lifehacker, The Daily WTF, Wired and a few NPR blogs / podcasts.

Another great thing about Google Reader is Play, which is basically a visual way to find new things on the Internet. Your Facebook friends will think you’re the cleverest person around, just because you repost things you find in Play.

I’m not analog about much, but prior to The New York Times Skimmer, I was very analog about newspapers. Basically, I found it far easier to browse the newspaper in printed form than digital.

I tried to go digital by subscribing to the Times’ RSS feeds in Reader, but those feeds simply overwhelmed all the other content. There were upward of two dozen news stories every hour, depending on the feeds selected.

The Times Skimmer basically acts like Reader, only specific to The New York Times and using summaries only; in turn, the stories are broken into typical newspaper sections.

This makes finding reliable, well-written news easy. (I find the Times is not nearly as liberal in its reporting as others make it out to be; provided you steer clear of the Opinion section, it’s not any different than most papers.)

Ping.fm allows me to update several social networking sites at once. Basically, it’s a way to transmit a tweet not only to Twitter, but also Facebook (including fan pages), MySpace, LinkedIn, Google Buzz, Blogger, WordPress.com and a whole host of other services.

You can group services into posting groups; and ping.fm has pre-grouped the services it supports by type (status / blogging / microblogging).

The ability to control where things get posted isn’t as extensive as I like — especially if I use their toolbar and / or the “Share” button built into Reader and the Google Toolbar. And there’s no API to leverage, which seems a significant oversight.

And the biggest drawback is that ping.fm is one-way. You can send stuff out on it, but you can’t read it back. I tried using TweetDeck for that purpose, but it’s too difficult to streamline the information coming in, and it takes up too much screen real estate. I figured out I could just as easily open a browser window with tabs set to Facebook, Twitter and Reader, and just tab back and forth through them.

That said, it’s a lot easier to use ping.fm than to try to build my own multiple-service status updater.

All links in this post on delicious: http://delicious.com/dougvdotcom/three-web-sites-that-make-my-online-life-a-lot-easier

Related Posts

1. MSDN Roadshow In Augusta, March 19: Well Worth The Time (12)
2. Displaying The Correct Time For World Cities With AJAX / JavaScript / DOM (11.8)
3. Displaying An Image On A Web Page Based Upon The Current Time With JavaScript / DOM (11.6)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> It’s no mystery to anyone who’s been on Facebook for more than a week that one of its biggest boons — and, in the finest Zen tradition, one of its most nagging banes — is the plethora of third-party applications that leverage its data.

Virtually all the value in Facebook is crowdsourced — that is, users generate all the content, they create all the connections, they drive interest in whatever direction it may flow, they create scores of memes every hour.

Since Facebook’s primary business model is driven by collecting data about usage, this means that opening its use to the creators of new social media tools makes tremendous success.

Why bother taking Microsoft’s old-school tack — create a standard, then ride it into the grave — when, instead, you can provide users, and let others give them reasons to stick with you? Why bother even taking Google’s approach — create lots and lots of things, in the hope one of them proves popular — when someone else can assume all the risk, presenting you with the opportunity to buy or duplicate his success with your framework?

How many people, do you suppose, would have stopped using Facebook after a few days, had it not been for Mafia Wars, Farmville or Bejeweled? That’s my point.

But every day, there’s also a new crop of the outright obnoxious third-party applications that promise to do the exact opposite: Drive users out for fear of their privacy and security.

Take, for example, the recent spate of “see who’s stalking your profile” applications. As The Register notes, all of them are at best cash-for-clicks scams; at worse, open invitations to load malware onto the computers of tens of thousands of unsophisticated users.

I’d like to expand upon a central tenet of a blog post offered by Rik Furguson of Trend Micro, from which The Register drew its article: That it’s high time Facebook employed some sort of vetting process for third-party applications.

The Typical Facebook User

I consider myself a typical Facebook user, at least in terms of demographic: At 42 years old, about a third of my 220 or so friends are former high school and college classmates; another quarter are clients, former co-workers and work-related acquaintances; current friends and family members, friends of friends, casual friends and people I don’t quite know how I know round out the rest.

I’m different in that I only use a few applications, mostly related to integrating my social media sources (Twitter, MySpace, LinkedIn, etc.) and the client for the Motorola Droid (although, in all honesty, the Android client for Facebook is nearly useless; I generally resort to the Droid’s Web browser, and touch.facebook.com [vs. m.facebook.com]).

I once used more, but the difficulty of sorting wheat from chaff in the news feed, coupled with the fact that I don’t want my name and face plastered all over Facebook to promote people and things I probably don’t actually even know about, nonetheless care to promote, means it’s rare that I use anything other than the core functionality of Facebook.

The biggest difference between most of my friends and myself is that I understand how Web-based software, viruses and malware work. And I can read the Facebook API documentation and understand, from that, what is in the realm of possibilities for third-party applications.

(That my friends might not know much about these things is not a slight against them at all. I have but a passing understanding of how a car works. That does not, and should not, stop me from driving.)

Several of my Facebook friends are the type who retransmit fake Amber Alerts and warnings against adding friends who are hackers /viruses.  (The act of adding a friend on Facebook cannot give you a virus or expose your Facebook account to a hacker; however, if you click links in a friend’s profile, that could compromise your PC or Facebook account).

Most of my Facebook friends are Web dilettantes (which I truly do not mean to sound as pejorative as it does), susceptible to believing whatever they are told about the Internet. And almost all are, to large degree, very concerned about privacy — even though, as the book “Trust Agents” notes, there is no longer such a thing as “privacy” — at least, not in the sense of being able to maintain personal secrets.

It doesn’t take much to exploit these kinds of users. Basically, you employ the same tried-and-true techniques politicians have used for centuries to exploit people. As H.L. Mencken put it:

… the whole aim … is to keep the populace alarmed (and hence clamorous to be led to safety) by menacing it with an endless series of hobgoblins, most of them imaginary.

Given the concern people have, reasonable or not, about Internet privacy; given their limited knowledge about how computers and the Internet work; and given the natural tendency, when in doubt, to err toward safety and security, the way the average Facebook user acts on Facebook tends to be reasonable and appropriate.

A further complicating factor is the way trust works. If one of my friends, whom I respect and trust, does something dumb by installing a rogue app, in the absence of evidence proving what he did was dumb, I don’t tend to assume what he did was dumb. Most people tend to assume that their friends are not doing dangerous or stupid things. (Witness any case of murder, when inevitably, someone claims, “he wouldn’t hurt a fly.”)

This is especially true if many friends are doing the same thing. If 10 of my friends install an application, and it appears to do something I find neat or useful, my first inclination is not to vet the application; it’s to join the party.

In other words, as I’ve said before, you don’t blame chickens for being eaten. You also don’t blame foxes (i.e., Facebook malware developers) for eating chickens. Both are doing what they are supposed to do. Instead, you blame the watchdog (i.e., Facebook) that was supposed to be keeping them apart.

A Henhouse With A Foxhole Built In

Herein lies the problem with the Facebook Platform, as Facebook calls its API and related tools, and the conundrum Facebook faces in what to do about rogue applications.

On the one hand, it affords Facebook to leave the API open to all potential application developers and to allow applications to publish without vetting.

Again, the object is to make their data as useful and valuable to as many people as possible. By allowing open development, Facebook increases its utility to users. That, in turn, keeps it to the fore of a communication channel and tool for researching human behavior. And that is worth a pile of money in and of itself.

That’s before considering the significant human resources costs involved in vetting software, even if it’s from the most basic of standpoints (say, verifying an application is not malware-based and does not misrepresent its purpose / what it can do).

On the other hand, Facebook’s current policies — a collection of half-measures and reliance on end users to exercise caution and discretion — clearly are not working.

As it stands now, anyone can obtain an API key and make anything he likes. An application won’t be listed in the public directory of Facebook apps until it has at least 20 users, but that’s no great feat to overcome, especially when there’s nothing stopping someone from erecting 20 sockpuppet accounts (or just lining up 20 meatpuppets).

To Facebook’s credit, it tends to bring down the banhammer hard and swiftly against crooked applications. Unfortunately, as Ferguson notes, that action requires some degree of victimization to take place first, and this is the Internet — where memes are born and die in the blink of an eye.

I also note that Facebook has a user rating system for applications that are publicly listed. Unfortunately, it’s not nearly loud enough, and most users simply ignore it in the process of installing an application.

The bigger problem, of course, is that Facebook can’t assume its user base can protect itself from malware. In fairness, Facebook has never declared that to be their actual opinion; it’s just what happens as a practical matter under current policies.

But also as a practical matter, most Facebook users lack the sophistication to spot a potentially harmful application. Of those who might be able spot garbage, a significant majority can be snookered, by programming sleight of hand, into allowing a rogue application to do damage. And then, of course, we all have absent-minded moments in which we don’t read the instructions, click “agree” without actually reading terms, etc.

In other words, Facebook can’t leave sorting good applications from bad up to us, because we’re not capable of doing it.We’re chickens, not watchdogs.

A Peer-Review Posse

Now, the last thing I am suggesting here is Apple iTunes App Store-style vetting.

I admit it; I find Apple’s policy of qualifying everything in the App Store quite Orwellian, and not just because of what Apple did in response to Google Voice on the iPhone. (Which, it is worth mentioning, is the primary reason for my defection from the iPhone to the Droid.)

But even if I didn’t mind that approach, I don’t think it serves either Facebook or its users to have a whitelist approach to third-party applications. Again, Facebook is best served by being the channel through which people communicate; and allowing others to determine how to conduct such communication is of benefit to users and Facebook alike.

Nonetheless, the free-for-all has to stop, lest Facebook become nefarious for the garbage it allows and thus be overtaken by some alternative service.

The Register raises the notion that Facebook could allow continued open development, but offer a seal or other imprimatur for applications to assure end users that an application is what it claims to be and / or free from malware or deceptive practices.

That would be fine, save that there are hundreds of thousands of Facebook apps already deployed, and (one would have to assume) hundreds more added every day. Facebook would have to hire a QA team the size of Redmond to go through all of them — and, if we know anything, it’s that even Redmond can’t assure what is examined by tens of thousands of eyeballs isn’t a bug-infested nightmare.

I think it makes the most sense for application vetting to be optional, but for Facebook to limit the access an unvetted application has to the API.

For example, an unvetted application wouldn’t have access to a user’s friend list. Or maybe it wouldn’t be able to publish to his news stream or photos. Or perhaps it would be limited to 100 or so users, or could only publish 300 items per day.

Or, Facebook could require a more intensive installation process, one that specifically notes the application has not been vetted and requires a multiple-step, affirmative response from the end user in order to install it (e.g., you have to click a couple check boxes, enter some text, etc. in order to install the application).

Facebook could even have a couple vetting options. One might be to certify a developer, and thus, all his applications would be approved. Another might be to run “code camps,” and certify anyone who attended as a Facebook approved application developer. Such camps could either be free, or require payment of a registration fee.

Another option would be to allow developers to bank on each other’s trust. In other words, Facebook could certify me as a developer of clean applications. I could, in turn, certify the applications of other developers.

Or perhaps, the developer community could police itself even more intensely.

Facebook might, for example, provide basic support for a coalition of application developers. Those developers, in turn, would create standards and practices by which applications are vetted. For a small developer fee, an application would be certified by the coalition; that fee would be used to pay the coalition members for their time.

Here’s an even more radical approach: Facebook could create its own advertising distribution network, along the lines of the OpenX Market; one that allows both system-wide advertisers and specific-to-application advertisers to target applications they’d like to sponsor.

Facebook, in turn, could require all ad-supported third-party applications to use that ad network only. If you develop malware or act deceptively, you don’t get paid. A small portion of all proceeds from ad-supported apps is retained by Facebook to handle distribution costs and to fund the vetting process. It wouldn’t be all that difficult for Facebook to build page scrapers that determine if some rogue application is trying to get around the ad network restrictions.

These are just some quick ideas off the top of my head.

I’m sure Facebook, and its developer community, are very concerned about rogue apps and their potential to erode confidence in the safety and security of Facebook. Certainly, there’s enough brain power there to find a way to vet applications without impairing either the willingness of third-party developers to participate, or take away either party’s ability to make third-party applications profitable.

All links in this post on delicious.com: http://delicious.com/dougvdotcom/its-time-for-facebook-or-at-least-someone-to-vet-third-party-applications

Related Posts

1. Yahoo! Answers Flash Badge: Change The Default Display To Your Answers (27.8)
2. A New Approach To Yahoo! Answers (26.9)
3. Death, Taxes And Bad Web Sites For Review On Yahoo! Answers (22)

The numbers inside parentheses are relevance scores. Scoring is based, in order of priority, on title, category, content and tags. The higher the score, the more likely that post relates to this post. ]]> Asked recently in an e-mail message:

Hi Doug,

I was just wondering since my ratio is a lot less due to abandoned questions

Do you have some kind of special method you want to share to get the best answer like only answering the very difficult questions with such a complete answer that they just have to give it a best answer?

Thanks

Michel (newb on Yahoo, veteran on other sites)

This is actually a fairly common question. My Best Answers percentage hovers around 80 percent and has pretty much throughout my participation in Answers. Since the average Level 7 user of Yahoo! Answers has a Best Answers percentage of around 50 percent, my total seems quite high.

However, as Michel notes, circumstances can make your Best Answers percentage much higher — and, not coincidentally, your Answers experience a lot more enjoyable.

Most important, I vote for my own answers.

We can debate until the cows come home whether that should be allowed. Truth is, Answers initially allowed members to vote for their own answers; then didn’t allow it for several months; then allowed it again.

Basically, the entire Answers ranking system requires people to vote for Best Answer. Yahoo! discovered, when they stopped letting people vote for their own answers, that most people don’t care to rank questions they didn’t ask or answer themselves (and even then, they didn’t care much about voting; witness that most questions go to public vote, rather than the author choosing a Best Answer).

That left Yahoo! with many, many unresolved questions. As a practical matter, they needed to reinstate voting for your own answers. Since that’s the case, I do so, and I do so without apology. I provide good answers, so there’s no shame in insisting my answer is best.

Additionally, I rarely answer questions outside Programming & Design, which enjoys a few benefits over other categories:

1. It’s not very active. Therefore, there are fewer answers to compete against.
2. There are demonstrably right & wrong answers to almost every question in P & D. Most other Answers categories elicit questions that ask for opinions (e.g., “Should I ask her out?” “Which is better, a Camaro or a Mustang?”) P & D questions generally ask you to state facts, although there is a fair amount of polling (e.g., “Do you like my Web site?” “Which programming language is best for beginners?”).
3. Because it is not very active, the few people who do vote on questions have significantly more influence on “Best Answer” than voters in other categories. One vote will generally either win you Best Answer outright or break a tie with other answerers. Most of the time, my answers are selected by voters as best, thanks in large part to the reasons listed here.
4. Truth be told, many answerers in P & D don’t know what they are talking about. Since answers can be readily tested, all you basically need to do is get it right before anyone else does, and most questioners or voters will pick your answer as best.

I don’t generally answer poll-type questions or questions asking for an opinion, unless I find the majority of previous answers are nonsense. I don’t answer questions to which I don’t know the answer (I know, that’s shocking: Someone on Answers who only speaks when he knows what he’s talking about).

I am generally very selective about the questions I answer. One of the biggest requirements I filter upon is that the questioner must clearly indicate he is going to understand a correct answer; that is, he can figure out what I am talking about. If the person asks about “codes” or “MySpace” or “diz n dat hehehe”, I’m skipping right by that question.

I properly answered his question. He voted my answer best. And then, in his rating, he ran his mouth about my stating that social networking sites are a waste of time, claimed that it’s the only effective way to communicate from Iraq, and told me to “watch my tounge next time.”

Which is pretty fucking hilarious, taken in the aggregate. Nonetheless, it reminds me to heed my own advice: Don’t teach pigs to sing. It wastes your time and annoys the pig. (End of aside)

So in my experience, a high Best Answers percentage boils down to this:

• Answer questions that ask for demonstrably correct answers.
• Provide the first demonstrably correct answer to such questions.
• Don’t answer questions posed by imbeciles.
• Answer questions in a less-active category.
• Vote for your own answers.

And a final tip: I like to view the questions listing by number of answers, not by date asked. (You can sort the questions in a category by clicking on the links above the question list; you can reverse the sort by clicking multiple times).

I sort questions by number of answers descending; that is, I list first questions with no answers. Then I start answering those questions.

Since most users sort questions by date asked, if a question doesn’t get an answer within 20 minutes or so, chances are it will go unanswered and ignored by most people.

Therefore, if you answer such a question, chances are you’re the only person who will answer it — and thus, your odds for Best Answer are pretty much 100 percent.