Suqashing Facebook (WAS: Conducting GNHLUG business on Facebook (was Stop! Unix Time))

[Arc Riley]

On Tue, Feb 3, 2009 at 9:35 AM, Thomas Charron <twaffle at gmail.com> wrote:

>
>  Your example is slightly counter to your argument.  The thought put
> forth is that everyone can run a server of their own, with their own
> web sites, etc.  So I'd be ThomasCharron at kilomonkies.com.  And how is
> gnhlug.org going to know I'm me when I say, visit the web site?


I think some wires got crossed between what David originally posted and my
response.

I'm not suggesting everyone run their own server, that's a non-starter.
Facebook is used because it's free and takes seconds to setup.  I'm likewise
not advocating for boycotting Facebook, that's also a non-starter.  You
never change anything by fighting the existing reality.

I'm suggesting different services run by different groups - cooperative
competition.  Doesn't matter which service you're using, the data all ties
together.  I see the primary disfavorable element of Facebook is it's a
monolithic service.  I see decentralized, compatible services as the new
paradigm that's going to make the existing paradigms obsolete.  Facebook
will, of course, adapt and evolve to this new paradigm.


So, how is this facebook applet going to authenticate with an
> external server?  After all, I may want to schedule some private
> events I don't want everyone to see.


Facebook apps are hosted on 3rd party servers.  *You* run the applet code on
*your* server.  Some people use Facebook's authentication database solely,
others have their own auth database with a field that provides the facebook
userid for known users, adding new users when facebook users add your app to
their account.

I've looked into writing an Ohloh app for Facebook.  Ohloh has an open API,
so does Facebook, and I as a third party need "control" over neither
authentication domains to link the two - just the ability in both APIs for
users to verify that they own a certain account (they both do).  Presto,
Ohloh user data aggregated to Facebook such that the rewards system in the
prior is advertized in the latter, thus amplifying the ego encouragement
effect Ohloh provides.



> Facebook tie ins to other sites require an inferred level of trust
> of facebook themselves.  But your right, I choose not to use it as a
> tool, no use in arguing the merits of the company.


Actually it's a level of trust by users, and of course it can and has been
abused.

Every Facebook user must authorize any specific app to access their data.
Users are told, by Facebook, very explicitally that their personal
information will be shared with the 3rd party app if they authorize the app.

This is an inherit disfavorable element of monolithic service models like
Facebook - you either don't allow 3rd party apps, or incur the expense of
verifying the 3rd party code and hosting on your server, or defer to your
users the responsibility to verify trustworthyness of 3rd party app hosts
when giving them access to all their data.


  As an example, livejournal is the 'original' social networking site.
>  It's still there.  And a long, long time ago, it added XMPP support.
> What problems did it solve?  Nada.  Was it cool, and neat?  Yup.
> Could it be used to integrate livejournal into MY site?  Yup.  Did
> people WANT that?  Nope.


I argue that the time hasn't come yet.  I don't see the value being
primarily in most users wanting to connect to livejournal directly using
XMPP, or that users put value in XMPP themselves, but that XMPP can be used
as an alternative to RSS/Atom/etc to aggregate data between different sites
more efficiently.

I've never argued XMPP as a "magic bullet".  What I'm proposing is that XMPP
is the best communications framework for building a new social networking
paradigm capable of obsoleting the existing "walled garden" social network
paradigm used by MySpace, Meetup, Facebook, etc.


   Now, what are Joe and Jane to do?  Well, they complain to ubah
> portal, right?  Ok, so the portal blacklists gnhlug.  Perhaps they
> request their certificate by revoked (I'm not so sure this has *EVER*
> occured thus far).


The infrastructure isn't in place to deal with this issue because it's
currently a non-issue.

This is like arguing against IRC back in the late 80's because some people
could use it to spam messages to channels.  A bigger issue of course, and
one unforseen at the time, is DoS attacks becoming such a problem that many
hosting services (such as mine, ServerBeach) would have to ban IRC use as a
whole - no servers, no bots, no clients running under GNU Screen.

XMPP is a lot more robust than email, IRC, or RSS feeds.  I'm not saying
it's foolproof, no communication system is foolproof.  I have seen quite a
bit of work going into making sure it doesn't become a problem and I'm
confident that the community will solve remaining loopholes /as they become
problems/.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20090203/4eb48dee/attachment.html