Yesterday I gave a talk about how Metro style apps and websites can take advantage of the fact Single Sign On (SSO) with Windows Live ID in Windows 8, announced the availability of the Live SDK for Windows Developer Preview and Windows Phone and demoed some of the upcoming Windows Metro style apps that are built on the same platform. You can watch the talk embedded below and you can go here to download the video in various formats or download the slides.

Note Now Playing: V.I.C. - Get Silly Note


 

I’m currently at the Microsoft BUILD conference where I’m slated to talk about some of the work my team and others at Microsoft have done in making it easy for Metro-style apps to leverage Live services like Windows Live ID, SkyDrive, Hotmail, and Windows Live Messenger. I’ve been pretty busy at work as regular readers of my blog can tell given my last post was in July. The past few months have been exhilaratingly fun and crazy hectic as well. It’s great to finally be able to share some of the work we’ve been doing with the world.

If you’re interested in learning more, I recommend visiting http://dev.live.com which contains links to the Live SDK and talks about a number of key developer concepts that were introduced in the Windows Developer Preview.

If you’re at the conference, I’d recommend attending my talk and some of the other talks listed below

Power your app with Live services
Windows 8 enables users to log into any device with a single Microsoft account and continuously interact with your app on all of their devices. Your customers will expect the ability to bring their documents, photos, videos, and contacts with them as they move between their devices. Come see how you can enable great on-the-go experiences by integrating Live services into your app. You’ll learn how to take advantage of single sign on using a Microsoft account instead of creating your own authentication infrastructure. You’ll also see how to use the SkyDrive service for free cloud-based storage of your customers’ photos, videos, and documents. We’ll dive into the details of the Live SDK and show how to use Visual Studio to easily enable these experiences

The complete developer's guide to the SkyDrive API
More and more users are becoming familiar with the concept of "the Cloud." More than ever, users are storing their data in the Cloud. SkyDrive is one of the world's leading cloud storage and document collaboration services. Learn how you can easily allow your users to read and write documents, photos, and other files from/to their SkyDrive via simple REST APIs

Create experiences that span devices
Your customers will expect your app to deliver a continuous experience even as they switch between apps and move between their devices. Come learn how to ensure your customers never lose their place in your app even when it is moved to the background or accessed on a new device. You will also discover how to enable customers to personalize your app with settings and ensure those settings flow automatically to all of their devices. We will show you how you can enable this continuous, cloud-powered experience with only a few lines of code.

If you missed the BUILD keynote yesterday and want a quick overview of what was released, the 5 minute video below captures the highlights of the keynote

Note Now Playing: Jay-Z and Kanye West - Who Gon Stop Me? Note


 

July 10, 2011
@ 01:02 PM

I’ve been joking with Omar that Google+ is the new FriendFeed. I recently posted this on Google+ and was asked to explain what I meant since Google+ doesn’t support importing of content from other services which was the key feature FriendFeed. The reason I say this is that Google+ fulfills the same need that FriendFeed when it first came out.

Here’s an excerpt from a post by Robert Scoble in 2008 about FriendFeed titled Loving my FriendFeed

I love my FriendFeed. Here’s a list of top bloggers who are using the service. Why do I love it? It’s one place you can find all my stuff and, even, comment on it. It’s amazing the discussions that a 140-character “Tweet” on Twitter can generate. I subscribe to a ton of people on FriendFeed and notice that often the conversations after a Twitter message will be 1000x longer (and generally more interesting) than the Twitter itself.

In my previous post I asked what problem Google+ solves and the answer is above. Google+, like FriendFeed before it, gives people a place to subscribe to and participate in conversations around content produced by people they are interested in.

Why Twitter Doesn’t Solve This Problem

Twitter relationships have been described as a public interest graph. Specifically, Twitter is a way to keep on top of people and content you find interesting whether it is tech news sites, bloggers, celebrities, government officials and even people you know. However there are a number of key gaps in the Twitter user experience which FriendFeed fixed and Twitter still hasn’t even though people have been complaining about them for years.

The first problem is that is really difficult to have conversations on Twitter. Here’s an excerpt from a TechCrunch post made in 2008 titled Actual Conversations On Twitter Not Possible Until Twitter Lets Us which explains the problem

One of the big complaints about Twitter is that conversations are hard to follow. Users can write a response to a Twitter message (or anything else), but the easy way to do this is to add an @[username] tag to the Twitter, which refers back to the original Twitter user. But by then that original user has often moved on to other subjects, and it becomes impossible to follow the conversation.

The fact is that Twitter purposefully doesn’t want users to be able to track conversations. The content begins and ends with a discreet Twitter message, up to 140 characters long. Competitor Friendfeed does a nice job of tracking conversations by letting users reply to actual messages, not just users. Twitter, for whatever reason (possibly to keep things simple), just doesn’t want that. And until they do, nothing is going to change.

The ability to have actual comment threads about a status update as opposed to disconnected @replies is a more satisfying experience for many users. As Mike Arrington stated above, the challenge for Twitter is that this would change the dynamics of the service in ways that take away some of the character of the service.

The second problem is that Twitter doesn’t give a public way to indicate that a piece of content is interesting without also sharing it. Specifically, there is no analog to Facebook’s “I like this” within the stream (not to be confused with the like button social plugin). Twitter has favorites but it’s actually meant to be a way to bookmark posts not to tell people you like the status update. There are now sites like Favstar.fm which have garnered a sizable user base by giving people a way to get “I like this” style functionality from Twitter and see how many people have favorited a tweet.

Both of these problems are fixed by Google+ and it is unsurprising that the same sorts of people who loved FriendFeed are not only on Google+ but are its most popular users. The question is whether Twitter will fix these problems with their experience given that this has made people pine for alternate services. Given that they didn’t try to address these when FriendFeed was at the height of its hype curve, it seems unlikely they will unless they see declines in their more mainstream user base.

Why Facebook Doesn’t Solve This Problem

Facebook relationships are an attempt to mirror our offline relationships online. The problem with this is captured in Paul Adams’ excellent slideshow The Real Life Social Network v2

The problem with Facebook is that people you may find interesting (i.e. your interest graph) or that find you interesting are not necessarily people you want to sharing the same space as your family, friends and even coworkers. A good example of this problem are the following suggestions I saw when I logged into Facebook this morning.

Alexia Tsotsis and Steven Levy are both journalists who work for TechCrunch and Wired respectively. Although I find the articles they write interesting, I don’t want to have them be on the receiving end my mobile phone videos of my son playing in the park or my check-ins from places around Seattle nor do I want to be subjected to their similar personal updates.

The combination of asymmetric following (people can subscribe to my updates without my accepting a friend request) and the ability to place people into groups (i.e. Circles) which can then be used to provide limited visibility to various updates is how Google+ solves this problem for various interest graphs. Neither of these features exists in Facebook today and while I suspect they will add the latter especially since Paul Adams now works there, it is harder to imagine seeing asymmetric follow ever showing up on Facebook outside of Pages.

Where That Leaves Us

I expect that both Twitter and Facebook will lose some chunk of people’s time to Google+. However Twitter is more vulnerable than Facebook, because Facebook has been fairly resistant the rise of the “interest graph” by building features like Facebook Pages which allows people to follow their interests in the same stream as updates from people they care about offline. For example, it is interesting to note that the most popular user on Twitter is Lady Gaga with 11.5 million followers but on the other hand her Facebook fan page has 40 million fans. Secondly, there really isn’t a gap Google+ fills with regards to communicating and staying in touch with the people one cares about offline via a social network.

On the other hand, Google+ is more in the same product space as Twitter being interest graph related which can be seen by the usage patterns of its early adopters. It’s also telling to read comments from Google+ readers on how much less time they now spend on Facebook and Twitter.

Note Now Playing: Frank Ocean - NovacaneNote


 

Time spent is a zero sum game. The time I’m going to spend writing this blog post is time I’m not going to spend mowing the lawn, playing with my son or getting familiar with the Annihilation map pack for Call of Duty:Black Ops I purchased a few days ago. We were reminded of this reality last week when MySpace was sold for $35 million after being purchased for $580 million six years ago. This is déjà vu for people who remember Bebo being sold for $10 million by AOL after being purchased for $850 million just two years earlier. In both situations, the culprit for this significant loss of value was the decline in traffic caused by the fact that people were spending more time on more popular social networking sites like Facebook and Twitter.

Facebook and Twitter have virtually sucked all of the air out of the room for social media sites. Facebook is where people go to communicate and share with the people they know in real life. Facebook hasn’t just stolen attention from other social networking sites but from the entire web as people are spending more time on Facebook and less time on the rest of the world wide web. However Facebook missed out on a particular niche which was then capitalized on by Twitter.

Twitter is where people go to be informed by and share information from news makers they care about. For many, Twitter has replaced blogging [and MySpace] as the way to stay connected with people who are interested in what you have to say as a major or minor celebrity. For me, I spend less time writing blog posts or using Google Reader because I’m on Twitter. This has led to many proclaiming that Twitter has killed RSS.

So what does all of this have to do with Google+?

For Google+ to be successful it means people will need to find enough utility in the site that it takes away from their usage of Facebook and Twitter, and perhaps even replaces one of these sites in their daily routine. So far it isn’t clear why any regular person would do this. Having to re-invite all your friends to another social network and have yet another stream to follow & check for responses to your posts is a pain in the ass not a benefit. Twitter got away with it because it actually had value that you couldn’t get from Facebook and by the time Facebook caught up with certain features Twitter was already established in its particular usage niche.

So far the Google+ sales pitch is that it makes it easy for people to share things with private circles of people. This isn’t a terribly differentiating feature. Facebook has multiple features for doing this such as friend lists and groups. Google+ has a snazzier UI for managing lists but snazzy UIs can be copied as CircleHack, built by a Facebook engineer, shows. Even Twitter has protected accounts which provides a drop dead simple way for people to control who they share with without having to manage multiple overlapping lists of people. Google+ will need a better pitch than that to have lasting value.

I’ve been in the industry long enough now to consider people working on Facebook, Google+ and even Twitter as friends or at least acquaintances. It is a little sad to me that for some of my friends to win, others will have to lose. That is life.

Note Now Playing: DJ Khaled - Welcome to My Hood (remix) (featuring Ludacris, T-Pain, Busta Rhymes, Twista, Mavado, Birdman, Ace Hood, Fat Joe, Game, Jadakiss, Bun B, and Waka Flocka)Note


 

Categories: Social Software

Earlier this week, Microsoft took the initial wraps off of the next version of Windows (aka "Windows 8"). As someone who loves personal computing and loves the Web, there’s a lot I find exciting about what we just announced. The official announcement Previewing ‘Windows 8 states the following

The demo showed some of the ways we’ve reimagined the interface for a new generation of touch-centric hardware. Fast, fluid and dynamic, the experience has been transformed while keeping the power, flexibility and connectivity of Windows intact.

Here are a few aspects of the new interface we showed today:

• Fast launching of apps from a tile-based Start screen, which replaces the Windows Start menu with a customizable, scalable full-screen view of apps.

• Live tiles with notifications, showing always up-to-date information from your apps.

• Fluid, natural switching between running apps.

• Convenient ability to snap and resize an app to the side of the screen, so you can really multitask using the capabilities of Windows.

Web-connected and Web-powered apps built using HTML5 and JavaScript that have access to the full power of the PC.

• Fully touch-optimized browsing, with all the power of hardware-accelerated Internet Explorer 10.

Today, we also talked a bit about how developers will build apps for the new system. Windows 8 apps use the power of HTML5, tapping into the native capabilities of Windows using standard JavaScript and HTML to deliver new kinds of experiences. These new Windows 8 apps are full-screen and touch-optimized, and they easily integrate with the capabilities of the new Windows user interface. There’s much more to the platform, capabilities and tools than we showed today.

The video below introduces a few of the basic elements of the new user interface. Although we have much more to reveal at our developer event, BUILD (Sept. 13 - 16 in Anaheim, Calif.), we’re excited to share our progress with you.

If you’re a web developer this represents an amazing opportunity and one that should fill you with excitement. Of course, you shouldn’t take the words of a Microsoft employee but should also listen to what even people with cynical opinions of Microsoft are saying such as Mike Mace in his article Windows 8: The Beginning of the End of Windows where he writes

So it's far too early to make any judgments on Windows 8, which Microsoft just previewed (link).  There are an incredible number of ways it could go wrong.

But.  I've got to say, this is the first time in years that I've been deeply intrigued by something Microsoft announced.  Not just because it looks cool (it does), but because I think it shows clever business strategy on Microsoft's part.  And I can't even remember the last time I used the phrase "clever business strategy" and Microsoft in the same sentence.

What it means to the rest of us
The history of platform transitions is that they are huge opportunities for developers.  They reset the playing field for apps and devices.  Look at the history:  The leaders in DOS applications (Lotus, Word Perfect, etc) were second rate in GUI software.  The leaders in GUI apps (Adobe, Microsoft, etc) were not dominant in the web.  It's actually very rare for a software company that was successful in the old paradigm to transfer that success to the new one.  Similar turnover has happened in hardware transitions (for example, Compaq rode the Intel 386 chip to prominence over IBM in PCs).  And yes, there is a hardware transition as part of Windows 8, since it will now support ARM chips, and you'll want a touchscreen to really take advantage of it.

So if you're running an existing PC hardware or software company, ask yourself how a new competitor could use the platform transition to challenge your current products.  Here's a sobering thought to keep you awake tonight: the odds are that the challengers will win.  The company most at risk from this change is the largest vendor of Windows apps, Microsoft itself.  Microsoft Office must be completely rethought for the new paradigm.  You have about 18 months, guys.  Good luck.

By the way, web companies are also at risk.  Your web apps are designed for a browser-centric, mouse-driven user experience.  What happens to your app when the browser melts into the OS, and the UI is driven by touch?  If you think this change doesn't affect you, I have an old copy of WordStar that you can play with.  Google and Facebook, I am talking to you.

You should read the rest of Mike’s post because it has an interesting perspective. I strongly believe in the core premise of the article that Windows 8 is disruptive. Not only is it disruptive to the software industry as a whole but it will be disruptive even for the way Microsoft does business today. When Steve Ballmer said Windows 8 will be Microsoft's riskiest product bet he wasn’t kidding.

Out of disruption comes opportunity and if you’re a web developer you have a front row seat in taking advantage of this opportunity. Don’t waste it. You should register for the BUILD conference. I’ll be there and with any luck I may even get to give a talk or two. See you there. 

Note Now Playing: Jay-Z - On To The Next One (featuring Swizz Beats)Note


 

I spent a bunch of time last night and this morning noodling on Evan Williams’ post Five Easy Pieces of Online Identity where he talks about what people often mean when they talk about “online identity”. His list has the following five entries

1) Authentication

Question Answered: Do you have permission?*
Offline Equivalent: Picture ID or keys, depending on method.

2) Representation

Question Answered: Who are you?
Offline equivalent: Business card. (Also: Clothes, bumper stickers, and everything else one chooses to show people who they are.

3) Communication
Question Answered: How do I reach you?
Offline Equivalent: Phone number.
4) Personalization

Question Answered: What do you prefer?
Offline Equivalent: Your coffee shop starting your drink when you walk in the door.

5) Reputation

Question Answered: How do others regard you?
Offline Equivalent: Word of mouth/references, credit agencies.

I think Ev’s post is a really good start to answering the question why would one would want to identify a user in an application or website. Specifically, what does a user get from being asked to log-in or register to your application or website? Secondarily, it also provides the framework for deciding if or when you should use your own identity system or should leverage someone else’s such as Facebook Connect.

Ev misuses the term authentication in his post which is a little confusing since he seems to do it knowingly. All five entries on his list are all facets of what you get when you identify or in some cases authenticate a user. For identification, you may simply need an identifier such as an email address or URL. For example, if I give you the URL to my Facebook profile, you get to see how I’ve chosen to represent myself to the world (e.g. my profile picture is a family shot which tells you something about me), you can contact me if you’re in the right network on Facebook and you can even make some personalization decisions by looking at the music and TV I’ve liked. Authentication is a more nuanced version of identification because it means you’ve proved that I’m actually the person who “owns” http://www.facebook.com/Carnage4Life not just someone who knows that URL (or email address or other identifier).

The first thing to do is update Ev’s list

  1. Authentication – who are you?
  2. Authorization – do you have permission?
  3. Representation – how do I want others to view me? 
  4. Communication – how do I reach you?
  5. Personalization – what do you prefer?
  6. Reputation – how do others regard you?
  7. Commerce – how are you going to pay for this? (e.g. credit cards, putting a meal on your hotel room bill when eating at the hotel restaurant, etc)
  8. Social – who are your friends?

The first change on the list is already explained. Asking who I am is an intrinsic aspect of all of the other items on the list.

The second change is obvious in retrospect. There are a broad class of websites and applications that need to identify a user so that the user can pay for a virtual or physical good or service. The biggest player in the identity and payment space on the open web is obviously Paypal with minor competition from Google Checkout and Amazon Payments. There are also specific ecosystems where payment is a fundamental aspect of identity such as Facebook Credits which is part of the Facebook platform ecosystem, the 200 million iTunes accounts with credit cards that are a part of the iOS ecosystem or Microsoft Points which are the coin of the realm in the XBox Live ecosystem.

The third addition is also a surprising omission from Ev’s list given that this has been the primary way distributed identity has actually become popular on the Web. Unsurprisingly, the key player in this space is Facebook which provides widgets such as the recommendations plugin which allows sites like Engadget show me what articles on their site my friends liked

This list is pertinent to web developers from multiple perspectives. First of all it’s a checklist that determines whether your application or website needs a user identity system. When you do determine that you do meet some of the requirements in the checklist, it also sharpens your focus on when you let identity get out of the way for your users. Sites like Yelp and Reddit are good examples of sites that need user identity for personalization, reputation and communication but users can get value without using features that rely on those capabilities. However neither site does a good job of explaining to users that they can get this functionality if they create an identity on the site. On the other hand, I think Quora does a particularly awful of running this check list when you hit the front page of the site since you don’t even get to see any content without creating an account.

The list is also useful as a way to decide which aspects of your site or application’s identity requirements you want to maintain in-house versus outsource. Do you want to rely on Facebook’s social graph or have a friend list that is native to your site? Will you accept credit cards or just utilize Paypal or Amazon Payments? And so on. Finally the list is useful for entrepreneurs as a way to segment the various use cases in the industry and see opportunities where things can be improved. Some people like to call game over for innovation in identity on the web given the Facebook juggernaut but it is clear when you look at that list that there are parts of the identity space where they haven’t made much traction such as reputation and payments.      

Note Now Playing: Rihanna - Love the Way You Lie, Part II (featuring Eminem)Note


 

Categories: Social Software

The EFF has a persuasive anti-Facebook rant titled An Introduction to the Federated Social Network which bemoans the perils of centralization of social networking under the aegis of one company (You can replace "Facebook" with "Orkut," "LinkedIn," "Twitter," and essentially tell the same story). The core arguments from the article are excerpted below

But federated social network developers are doing two things differently in order to build a new ecosystem. First, the leading federated social networking software is open-source: that means that anybody can download the source code, and use it to create and maintain social networking profiles for themselves and others. Second, the developers are simultaneously collaborating on a new common language, presumably seeking an environment where most or even all federated social networking profiles can talk to one another. 

What will that likely mean in practice? To join a federated social network, you'll be able to choose from an array of "profile providers," just like you can choose an email provider. You will even be able to set up your own server and provide your social networking profile yourself. And in a federated social network, any profile can talk to another profile — even if it's on a different server.

Distributed social networks represent a model that can plausibly return control and choice to the hands of the Internet user. If this seems mundane, consider that informed citizens worldwide are using online social networking tools to share vital information about how to improve their communities and their governments — and that in some places, the consequences if you're discovered to be doing so are arrest, torture, or imprisonment. With more user control, diversity, and innovation, individuals speaking out under oppressive governments could conduct activism on social networking sites while also having a choice of services and providers that may be better equipped to protect their security and anonymity.

As someone who’s been noodling on social network interoperability for the past four years this is a topic that’s near and dear to my heart. However there needs to be some reality injected into the unbridled bashing of existing social networks that we have today. There’s a reason why you read about Iran's Twitter Revolution and Japanese school children using Facebook to communicate with their parents during the earthquake yet hear virtually nothing about Diaspora or Status.Net being used in similar ways to impact the lives of millions of people.

The first key argument made by the EFF article is that popular social networks aren’t Open Source so you can’t download the source code and run them on your own server. The interesting thing here is that this is actually attempting to buck a trend. Most people don’t want to host software because it is a pain in the ass to deal with. Even businesses don’t want to do this which is why “cloud” is such a hot buzzword and enterprise microblogging tools such as Yammer and Salesforce Chatter are hosted services not on-premises software. More importantly, the entire point of broadcast oriented social networks is being able to communicate with a lot of people which encourages network effects and the sort of winner take all dynamics that we’ve seen people lament over Facebook about. Why would a user create an account on identi.ca or any other hosted instance of Status.Net when they can create one on Twitter and reach a lot more people? Social networking isn’t like blogging. A blog is a solitary item which only needs the publisher to exist so one person being able to download it and throw it on a server and getting value out of it is true. On the other hand, a social network by definition needs lots of people using the service to be useful which makes the ability to download it and throw it on a server for your own use much not terribly useful.

The second argument is that there should be protocols that enable interoperability between social networks and this is one I firmly believe in. In fact, this is the real problem. If I can’t use my self-hosted social networking tool to talk to my friends on Facebook and Twitter then it isn’t a useful social networking tool. This is similar to the early days of email when you could only send messages to people on your network or who used the same software as you.  Being unable to subscribe to @shitmydadsays from my Facebook account or dm my wife from Twitter may sound trivial but it is a fundamental impediment to social networking reaching its full potential as a way for people to share and communicate with the people they care about no matter where they are. Without interoperability we will continue to see the power law caused by network effects continue to play out and the sorts of innovation talked about by the EFF article won’t come to fruition since given the choice of being able to communicate with others and some innovative functionality on a particular service, most people will choose friends over features.

The interesting question is whether we’ll see this logjam broken by smaller social networking services banding together in an interoperable way thus creating a whole that is greater than the sum of its parts.

Note Now Playing: Ol' Dirty Bastard - Proteck Ya Neck II The Zoo (feat. Brooklyn Zu, Prodigal Sunn, Killah Priest, & 60 Second Assassin) Note


 

Categories: Social Software

I’ve now been working and blogging about web technology long enough to see technologies that we once thought were the best thing since sliced bread turn out to be rather poor solutions to the problem or even worse that they create more problems than they solve. Since I’ve written favorably about all of the technologies mentioned below this is also a mea culpa where I try to see what I can learn about judging the suitability of technologies to solving problems on the web without being blinded by the hype from the “cool kids” on the web.

The Failure of OpenID

According to Wikipedia, “OpenID is an open standard that describes how users can be authenticated in a decentralized manner, obviating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities”. So the problem that OpenID solves is having to create multiple accounts on different websites but instead being able to re-use from the identity provider (i.e. website) of your choice. OpenID was originally invented in 2005 by Brad Fitzpatrick to solve the problem of having bloggers having to create an account on a person’s weblog or blogging service before being able to leave a comment.

OpenID soon grew beyond it’s blog-centric origins and has had a number of the big name web companies either implement it in some way or be active in it's community. Large companies and small companies alike have been lobbied to implement OpenID and accused of not being “open” when they haven’t immediately jumped on the band wagon. However now that we’ve had five years of OpenID, there are a number of valid problems that have begun to indicate the emperor may either have no close or at least is just in his underwear.

The most recent set of hand wringing about the state of OpenID has been inspired by 37 Signals announcing they'll be retiring OpenID support but the arguments against OpenID have been gathering steam for months if not years.

First of all, there have been the arguments that OpenID is too complex and yet doesn't have enough features from people who’ve been supporting the technology for years like David Recordon. Here is an excerpt from David Recordon’s writings on the need for an OpenID Connect

In 2005 I don't think that Brad Fitzpatrick or I could have imagined how successful OpenID would become. Today there are over 50,000 websites supporting it and that number grows into the millions if you include Google FriendConnect. There are over a billion OpenID enabled URLs and production implementations from the largest companies on the Internet.

We've heard loud and clear that sites looking to adopt OpenID want more than just a unique URL; social sites need basic things like your name, photo, and email address. When Joseph Smarr and I built the OpenID/OAuth hybrid we were looking for a way to provide that functionality, but it proved complex to implement. So now there's a simple JSON User Info API similar to those already offered by major social providers.

We have also heard that people want OpenID to be simple. I've heard story after story from developers implementing OpenID 2.0 who don't understand why it is so complex and inevitably forgot to do something. With OpenID Connect, discovery no longer takes over 3,000 lines of PHP to implement correctly. Because it's built on top of OAuth 2.0, the whole spec is fairly short and technology easy to understand. Building on OAuth provides amazing side benefits such as potentially being the first version of OpenID to work natively with desktop applications and even on mobile phones.

50,000 websites sounds like a lot until you think about the fact that Facebook Connect which solves a similar problem had been adopted by 250,000 websites during the same time frame and had been around less than half as long as OpenID. It’s also telling to ask yourself how often you as an end user actually have used OpenID or even seen that it is available on a site.

The reason for why you can count the instances you’ve had this occur on one or two hands is eloquently articulated in Yishan Wong’s answer to the question What's wrong with OpenID on Quora which is excerpted below

The short answer is that OpenID is the worst possible "solution" I have ever seen in my entire life to a problem that most people don't really have.  That's what's "wrong" with it.

To answer the most immediate question of "isn't having to register and log into many sites a big problem that everyone has?," I will say this: No, it's not.  Regular normal people have a number of solutions to this problem.  Here are some of them:

  • use the same username/password for multiple sites
  • use their browser's ability to remember their password (enabled by default)
  • don't register for the new site
  • don't ever log in to the site
  • log in once, click "remember me"
  • click the back button on their browser and never come back to the site
  • maintain a list of user IDs and passwords in an offline document

These are all perfectly valid solutions that a regular user finds acceptable.  A nerd will wrinkle up his nose at these solutions and grumble about the "security vulnerabilities" (and they'll be right, technically) but the truth is that these solutions get people into the site and doing what they want and no one really cares about security anyways.  On the security angle, no one is going to adopt a product to solve a problem they don't care about (or in many cases, even understand). 

The fact that anyone even expects that OpenID could possibly see any amount of adoption is mind-boggling to me.  Proponents are literally expecting people to sign up for yet another third-party service, in some cases log in by typing in a URL, and at best flip away to another branded service's page to log in and, in many cases, answer an obscurely-worded prompt about allowing third-party credentials, all in order to log in to a site.  This is the height of irony - in order to ease my too-many-registrations woes, you are asking me to register yet again somewhere else??  Or in order to ease my inconvenience of having to type in my username and password, you are having me log in to another site instead?? 

Not only that, but in the cases where OpenID has been implemented without the third-party proxy login, the technical complexity behind what is going on in terms of credential exchange and delegation is so opaque that even extremely sophisticated users cannot easily understand it (I have literally had some of Silicon Valley's best engineers tell me this).  At best, a re-directed third-party proxy login is used, which is the worst possible branding experience known on the web - discombobulating even for savvy internet users and utterly confusing for regular users.  Even Facebook Connect suffers from this problem - people think "Wait, I want to log into X, not Facebook..." and needs to overcome it by making the brand and purpose of what that "Connect with Facebook" button ubiquitous in order to overcome the confusion. 

I completely agree with Yishan’s analysis here. Not only does OpenID complicate the sign-in/sign-up experience for sites that adopt it but also it is hard to confidently make the argument that end users actually consider the problem OpenID is trying to solve be worth the extra complication.

The Failure of XML on the Web

At the turn of the last decade, XML could do no wrong. There was no problem that couldn’t be solved by applying XML to it and every technology was going to be replaced by it. XML was going to kill HTML. XML was going to kill CORBA, EJB and DCOM as we moved to web services. XML was a floor wax and a dessert topping. Unfortunately, after over a decade it is clear that XML has not and is unlikely to ever be the dominant way we create markup for consumption by browsers or how applications on the Web communicate.

James Clark has XML vs the Web where he talks about this grim realization

Twitter and Foursquare recently removed XML support from their Web APIs, and now support only JSON.  This prompted Norman Walsh to write an interesting post, in which he summarised his reaction as "Meh". I won't try to summarise his post; it's short and well-worth reading.

From one perspective, it's hard to disagree.  If you're an XML wizard with a decade or two of experience with XML and SGML before that, if you're an expert user of the entire XML stack (eg XQuery, XSLT2, schemas), if most of your data involves mixed content, then JSON isn't going to be supplanting XML any time soon in your toolbox.

There's a bigger point that I want to make here, and it's about the relationship between XML and the Web.  When we started out doing XML, a big part of the vision was about bridging the gap from the SGML world (complex, sophisticated, partly academic, partly big enterprise) to the Web, about making the value that we saw in SGML accessible to a broader audience by cutting out all the cruft. In the beginning XML did succeed in this respect. But this vision seems to have been lost sight of over time to the point where there's a gulf between the XML community and the broader Web developer community; all the stuff that's been piled on top of XML, together with the huge advances in the Web world in HTML5, JSON and JavaScript, have combined to make XML be perceived as an overly complex, enterprisey technology, which doesn't bring any value to the average Web developer.

This is not a good thing for either community (and it's why part of my reaction to JSON is "Sigh"). XML misses out by not having the innovation, enthusiasm and traction that the Web developer community brings with it, and the Web developer community misses out by not being able to take advantage of the powerful and convenient technologies that have been built on top of XML over the last decade.

So what's the way forward? I think the Web community has spoken, and it's clear that what it wants is HTML5, JavaScript and JSON. XML isn't going away but I see it being less and less a Web technology; it won't be something that you send over the wire on the public Web, but just one of many technologies that are used on the server to manage and generate what you do send over the wire.

The fact that XML based technologies are no longer required tools in the repertoire of the Web developer isn’t news to anyone who follows web development trends. However it is interesting to look back and consider that there was once a time when the W3C and the broader web development community assumed this was going to be the case. The reasons for its failure on the Web are self evident in retrospect.

There have been many articles published about the failure of XML as a markup language over the past few years. My favorites being Sending XHTML as text/html Considered Harmful and HTML5, XHTML2, and the Future of the Web which do a good job of capturing all of the problems with using XML with its rules about draconian error handling on the web where ill-formed, hand authored markup and non-XML savvy tools rule the roost.

As for XML as the protocol for intercommunication between Web apps, the simplicity of JSON over the triumvirate of SOAP, WSDL and XML Schema is so obvious it is almost ridiculous to have to point it out. 

The Specific Failure of the Atom Publishing Protocol

Besides the general case of the failure of XML as a data interchange format for web applications, I think it is still worthwhile to call out the failure of the Atom Publishing Protocol (AtomPub) which was eventually declared a failure by the editor of the spec, Joe Gregorio. AtomPub arose from the efforts of a number of geeks to build a better API for creating blog posts. The eventual purpose of AtomPub was to create a generic application programming interface for manipulating content on the Web. In his post titled AtomPub is a Failure, Joe Gregorio discussed why the technology failed to take off as follows

So AtomPub isn't a failure, but it hasn't seen the level of adoption I had hoped to see at this point in its life. There are still plenty of new protocols being developed on a seemingly daily basis, many of which could have used AtomPub, but don't. Also, there is a large amount of AtomPub being adopted in other areas, but that doesn't seem to be getting that much press, ala, I don't see any Atom-Powered Logo on my phones like Tim Bray suggested.

So why hasn't AtomPub stormed the world to become the one true protocol? Well, there are three answers:

  • Browsers
  • Browsers
  • Browsers

Thick clients, RIAs, were supposed to be a much larger component of your online life. The cliche at the time was, "you can't run Word in a browser". Well, we know how well that's held up. I expect a similar lifetime for today's equivalent cliche, "you can't do photo editing in a browser". The reality is that more and more functionality is moving into the browser and that takes away one of the driving forces for an editing protocol.

Another motivation was the "Editing on the airplane" scenario. The idea was that you wouldn't always be online and when you were offline you couldn't use your browser. The part of this cliche that wasn't put down by Virgin Atlantic and Edge cards was finished off by Gears and DVCS's.

The last motivation was for a common interchange format. The idea was that with a common format you could build up libraries and make it easy to move information around. The 'problem' in this case is that a better format came along in the interim: JSON. JSON, born of Javascript, born of the browser, is the perfect 'data' interchange format, and here I am distinguishing between 'data' interchange and 'document' interchange. If all you want to do is get data from point A to B then JSON is a much easier format to generate and consume as it maps directly into data structures, as opposed to a document oriented format like Atom, which has to be mapped manually into data structures and that mapping will be different from library to library.

As someone who has tried to both use and design APIs based on the Atom format, I have to agree that it is painful to have to map your data model to what is effectively a data format for blog entries instead of keeping your existing object model intact and using a better suited format like JSON. 

The Common Pattern in these Failures

When I look at all three of these failures I see a common pattern which I’ll now be on the look out for when analyzing the suitability of technologies for my purposes. In each of these cases, the technology was designed for a specific niche with the assumption that the conditions that applied within that niche were general enough that the same technology could be used to solve a number of similar looking but very different problems.

  1. The argument for OpenID is a lot stronger when limiting the audience to bloggers who all have a personal URL for their blog AND where it actually be a burden to sign up for an account on the millions of self hosted blogs out there. However it isn’t true that same set of conditions applies universally when trying to log-in or sign-up for the handful of websites I use regularly enough to decide I want to create an account.

  2. XML arose from the world of SGML where experts created custom vocabularies for domain-specific purposes such as DocBook and EDGAR. The world of novices creating markup documents in a massively decoupled environment such as the Web needed a different set of underlying principles.

  3. AtomPub assumed that the practice of people creating blog posts via custom blog editing tools (like the one I’m using the write this post) would be a practice that would spread to other sorts of web content and that these forms of web content wouldn’t be much distinguishable from blog posts. It turns out that most of our content editing still takes place in the browser and in the places where we do actually utilize custom tools (e.g. Facebook & Twitter clients), an object-centric domain specific data format is better than an XML-centric blog based data format. 

So next time you’re evaluating a technology that is being much hyped by the web development blogosphere, take a look to see whether the fundamental assumptions that led to the creation of the technology actually generalize to your use case. An example that comes to mind that developers should consider doing with this sort of evaluation given the blogosphere hype is NoSQL.

Note Now Playing: Keri Hilson - Knock You Down (featuring Kanye West & Ne-Yo)Note


 

Categories: Web Development

I’ve slowly become a big fan of Quora. I’ve learned quite a few things which I’ve actually applied in my day job or excerpted for blog posts at work from various questions being answered on Quora. I can see why Robert Scoble asks Is Quora the biggest blogging innovation in 10 years? because this is the same way I felt when I first discovered knowledgeable technical people sharing insights about building software or just historical context on blogs several years ago.

Quora has smart people with significant pedigrees freely sharing information about how and why things work in various parts of the software industry. It is a thing of beauty to log-in and get gems like Steve Case answering questions the history of AOL, Ian McAllister sharing product management tips from the bowels of Amazon or Andrew Bosworth [and others at Facebook] giving explanations for why and how they built key features like Messages, Chat and the News Feed at Facebook.

I’m not the only one that has been impressed by their experience on Quora and specifically there has been a lot of hype about Quora  on TechCrunch. Today TechCrunch published a contrasting opinion by Vivek Wadwha titled Why I Don’t Buy the Quora Hype where he calls interest in Quora a fad and pooh poohs the sites chances of becoming mainstream.

Although I like Quora, I do agree that the site faces key challenges if it is to ever break out of its niche. The primary challenge the site faces is that since it is more of a community like Reddit or MetaFilter not a networked communication tool like Facebook and Twitter, is that the user experience is likely to get worse as it grows more popular not better.

A few weeks ago I found a description of one of their attempts to solve the problem in a post by Charlie Cheever titled Commitment to Keeping Quora High Quality where he wrote

One thing we're trying to do a better job ASAP on is educating the new users that join the site and getting them up to speed on the policies, guidelines, and conventions as quickly as possible. Yesterday, we added a quick tutorial quiz before a user posts his/her first question.

So far, we've found that the quiz has helped make more of the questions that new users post conform to the site guidelines and require less editing from experienced users. We also made changes to the way the homepage feed works and when notifications are sent yesterday.
Over the next few months, we're going to be heavily investing engineering effort in:

  • Educating new users about site policies and guidelines
  • Improving the feed and voting ranking mechanisms
  • Changing the core product to accomodate a Quora with many more users and many more questions and answers and topics
  • Building special tools to support the efforts of reviewers and admins to improve the site and maintain civility and generally make it more fun to make Quora better

What I found odd about all of the above efforts is that none of them seems to try to keep the magic of what makes Quora more interesting than Yahoo! Answers, Facebook Questions or Stack Overflow. Quora is interesting because the quality of the answers is amazing due to the fact that questions are often answered by the some of the most knowledgeable people on the topic. So the key problems to solve the preserve the Quora experience is really “how do you encourage subject matter experts to flock to the site and answer questions?”

The folks at Quora have already posted a follow up to the aforementioned post titled Scaling Up where some of the approaches above are already being called into question and there is a nod towards highlighting the high quality users. That post is excerpted below

Up until a few days ago, new questions and answers from new Quora users were all being reviewed by users (reviewers and admins) who had demonstrated over a period of time an understanding of the spirit, policies, and guidelines of Quora.  There is now too much new content being posted on Quora to handle this in the same way.
 
Concretely, some of the projects we are working on in this area are:

(1) Getting many more people to participate in the evaluation of new content on the site.  For people who want to see the newest content on Quora that might be good or might be bad, we want to let you opt in to evaluating the new stuff in mostly the same way that you browse the site.  Most of the people who use Quora have pretty good judgement, and we believe there is some wisdom in crowds.  Preliminarily, this approach is very promising

(2) We're developing an algorithm to determine user quality.  The algorithm is somewhat similar to PageRank but since people are different from pages on the web and the signals that are available on Quora are different from those on the web, it's not exactly the same problem.  We'll use this to help decide what to show in feeds, when to send notifications, and how to rank answers.

(3) Explaining Quora better to new users before they add content to the site.  We added a very short tutorial quiz before new users add new questions and it made a big difference in reducing the number of questions that don't meet guidelines or policies.

The thing I still don’t see clearly here is a focus on catering to the high quality answerers that have made Quora more buzzworthy than innovative competitors like the StackExchange family of sites or mainstream Q&A sites like Yahoo! Answers. The question the folks at Quora should be asking themselves is what are they doing to not only have Steve Case continue to answer questions on the site but perhaps get similar quality answerers from other industries (e.g. Jack Welch or Russell Simmons).

Here I believe there is something Quora can learn from Q&A sites like StackOverflow and from sites that have attracted celebrity users like Twitter. Some things that I think would be useful to see implemented on the site to retain and attract quality answerers would include

  1. Democratize voting on quality of questions. Although Quora has started quizzing users before they ask a question as a way to keep quality high. It would be even better if users could vote on the quality of questions so that the more interesting ones got a wider audience. Similarly, being able to mark questions as duplicates so answerers don’t keep seeing the same questions all the time which is a particular pain point with various answer forums would be valuable.

  2. Better recognition of valuable users. The ability for people to provide topic-specific descriptions of their qualifications per topic area is a great idea. Of course, it does encourage to appeal to authority when judging their answers such as the case with someone posting a super long answer that doesn't answer the question but has "screen writer" in their qualifications being voted highly. Despite that, it is still useful to be able to look at a set of answers on movies and be able to tell which of the answerers is more qualified than others. Democratizing this by visibly showing which users have been judged by the community as being more valuable than others would be a useful addition. Whether it is copying StackOverflow badges or karma on reddit there is value both to readers of answers in determining which answerers are more trustworthy and to answerers in being able to get intangible value for the service they are providing to the Quora community. It is amazing how digital points systems like reputation scores, badges and achievements can motivate people and Quora can do more to harness this.

  3. A better connection between people and their followers. People like Jack Welch and Russell Simmons are on Twitter communicating with hundreds of thousands of followers who’d like to learn from them and be inspired by their words. Twitter isn’t really great for conversations or lengthy answers to insightful questions. I believe Quora can fill the gap for such celebrities in the same way Twitter filled the original need of giving celebrities a direct channel to their fans without the media acting as intermediaries. Right now I have followers and people I follow on Quora but they are treated equivalent to “topics” in my feed and I there aren’t good facilities for us to communicate with each other on the site. Can you imagine if Twitter treated hashtags you’ve expressed an interest in and people you followed the same way in your stream? What Quora does is similar.

Note Now Playing: Chris Brown - Deuces (Remix) (featuring Drake, T.I., Kanye West, Fabolous, Rick Ross & André 3000)Note


 

Categories: Social Software

An interesting discussion broke out in the comments to my last post about whether location based services like FourSquare are about sharing one’s location with friends or an evolution of the loyalty cards where users get deals for advertising a store to their friends. You can also see members of the tech press asking themselves this question with articles like Dear Foursquare, Gowalla: Please Let’s Stop Pretending This Is Fun appearing on TechCrunch. The following excerpt from that article strikes at the heart of the matter

Pew Research reported that, despite all the hype, the use of location-based services is actually declining in America, from 5% of the online population in May to 4% last month. Forget the fabled hockey stick; that’s more like a broken pencil.

Why? Because they’re not giving us any good reason to use them. Look at their web sites. Gowalla proclaims, “Discover the extraordinary in the world around you.” Foursquare says, “Unlock your city.” To which I say: “Oh, come on“ — and it seems I speak for approximately 96% (formerly 95%) of the population. I have no interest in enlisting in a virtual scavenger hunt, or unlocking merit badges — what is this, the Cub Scouts? — or becoming the narcissistic “Mayor” of my local coffee shop. Thanks for the offer, but I’m afraid I already have some semblance of a life.

I do want to keep up with my friends, and (sometimes) let them know where I am. But if you’re competing with Facebook in social networking and your name isn’t Twitter or Google, I’m sorry, but I don’t like your chances.

The challenge for FourSquare is that being the best service for getting local deals is a very different product from being the best service for keeping up to date with my friends are. FourSquare is trying to be both when either one faces significant challenges as a standalone product given the competitiveness of the marketplace.

The main innovation with location based services like FourSquare is that they are so easy for the consumer to get into that you could make it similar to frequent flier miles where the model is “if I’m already going to be doing something regularly anyway why not get perks for doing so?”. The problem that FourSquare faces is that they have to compete with GroupOn, JungleCents, Restaurant.com and various other services that have a more proven model for delivering customers to local businesses. The ideal place for FourSquare to be is where they can pitch to customers like me that every 10th check-in to my local health club gives me a perk even if it’s a free beverage or breakfast pastry instead of offering me a Gym Rate badge which I acquired after my first month using the service and now have no reason to check-in from there anymore. FourSquare has been primarily focused on getting discounts for "mayors" of local businesses which seems backwards given that they are basically saying only one person per store can get a discount (and in the case of Starbucks it was just a $1 discount). Can you imagine American Airways saying only the passenger who flies the most from Seattle<->San Francisco that year can use the frequent flier program? Sounds ridiculous doesn’t it?

If FourSquare wants to make a difference as a way for people to get local deals, they’ll need to refocus the company and not fall into the trap of paying too much attention to their game mechanics.

FourSquare faces a different set of challenges as a way to share location with friends and this isn’t just because of the social graph problem of competing with Facebook which I discussed in my previous post. I’m personally very bullish that location based services will be an integral part of our lives in the future. When I originally read Robert Scoble’s Location 2012 which aimed to predict where we’d be in 2 years given location trends today I couldn’t help but nod my head in agreement. However as I’ve started seeing some of these features show up in apps like Loopt and Facebook Places I’ve realized that some of these scenarios sound better in theory than in practice.

Constantly checking-in to share your location is a chore than you get nothing out of 99% of the time. This is why FourSquare uses game mechanics such as badges and mayorships to try to get people to regularly check-in. The problem is that game mechanics only get you so far and will not appeal to a significant chunk of the user population. On the other hand, automatically checking-in by sharing your location in real-time such as Loopt does brings with it a raft of privacy issues and can just come off as downright creepy. Although I’ve found real-time location sharing to be useful at times when I need to meet up with my wife at a crowded 5K race, it seemed a little creepy to have each other’s locations permanently shared even though it sounded convenient in theory. We no longer use Loopt and try as I might I couldn’t figure out how to pitch it to other people without it sounding creepy.

Striking the right balance between the tediousness of check-ins and the creepiness of constant location sharing will take a lot of trial and error as well as a careful sense of design. Again, I’d it would take refocusing the company to really cross the chasm here from the Silicon Valley early adopter to being the sort of mass market success that my non-technical friends who use Facebook and play Farmville but don’t read TechCrunch would be familiar with.

Right now FourSquare and other services that have cloned its model are between a rock and a hard place. It will be interesting to see how they transform themselves in the coming months to address these challenges.

Note Now Playing: Cali Swag District - Teach Me How To Dougie [Remix] (featuring Red Cafe, Jermaine Dupri, B.o.B. and Bow Wow)Note


 

Categories: Social Software