Category: What I do

Gems from Matt

Dodgeball goes Gauth, reveals GOOG’s masterplan to p0wn your ass

Did you know that Dodgeball's been assimilated?

Don’t say I didn’t warn you, but now when you try to log into your favorite neighborhood spyware, you’ll be greeted by a prompt to login with either your old skool Dodgeball account credentials or your Gauth account (the one that you use for Docs, Gmail, Gcal, Orkut, or other Google Services like YouTube (whoops — did I just say YouTube?).

Should you choose to login with your Dodgeball account, you’ll then be asked what your Gauth account isagain… or to create a new one. I chose to eff it and just merge my accounts (hoping that there’s an export of my checkins to Google Earth). Now I can manage Dodgeball from Google (note the last service):
Dodgeball as Google Service

The BorgSo here’s an interesting theory. Or maybe a foretelling of the inevitable. But clearly everything that Google buys, it will, somehow, someday, assimilate. Just like Teh Borg a generation before it.

I mean, from a business perspective, it does make sense. Yahoo! at least had the sense to make it utterly optional for Flickr and Upcoming users to use or create a Yahoo account for logging in (though they’ve recently backslid into pushing straight-up Y! Auth at Flickr).

So in light of the GooTube buy-out, what’s interesting about this Dodgeball stitchover is what happens if they do the same to YouTube (which, of course, they will, giving them a lump sum portion of the nearly 20M monthly uniques as new or merged accounts under their proprietary authentication system). …Which then, of course, can be used at other Google Authenticated sites. But hey, how useful are those accounts on sites that don’t use their system? Yeah, about as a good as a false username and an incorrect password: utterly useless.

Which leads me to pimping OpenID, the open grassroots alternative I’ve previously discussed. If Google opted to interop with (or help develop) this emerging standard, users would be centrally in control of their data — and able to rely on vendors that they choose to represent them — hell, even run their own identity server if that’s their wont — and take their data with them. And now is more critical than ever to raise these issues as the major players push , BBAuth and GAuth while independent identity projects struggle to keep it together and muster their collective will in crafting a standard that keeps users’ rights and interests squarely at the fore.

Thus with Google standing guard squarely between me and more and more of the services that I use, I’m starting to bear witness to the rise of a very insidious environment — where, heck, the kids’ll just keep following the into unknown territory until Google single-handedly locks’em all up in its walled-garden-silo, never to escape with their data or their friends again (that’s not evil, is it?) — or at least that’s what it looks like from here, given their culture of secrecy and expediency in converting existing login systems to their own (Writely, Dodgeball, Blogger, Picasa, Google Earth, etc).

But hey, I still remain hopefully naive while decidedly skeptical; if it’s not Google that gets there first, maybe it’ll be Apple with their patent on transportable identities. And, if there’s something you want to do about it in the meantime, if you’re running WordPress, go ahead and grab the new . Perhaps if we take the identity matter into our own hands and do something about it first, they’ll have no choice but to keep the gate to their walled gardens, at the very least, unlatched.

I see London, I see France — Tailrank goes 2.0

TailRank Autodiscovery

Kevin Burton launched Tailrank 2.0 today, a welcome improvement over the previous iteration.

As has been reported, the improvements in the ranking algorithm put it closer to sharing TechMeme’s lunch, though I still find TechMeme slightly more readable. Still, Kevin’s done some great work and should be commended on his essentially solitary efforts banging out code at Coffee to the People.

Now, what hasn’t been reported on is something a bit more… shall we say… scandalous. It’s not really that bad, I guess, but does hover between genius and spyware.

What I’m talking about is the RSS autodiscovery technique that Kevin’s created for populating your personal feed list (my result from Safari — a browser I barely use — is above).

Here’s how it works (it’s actually pretty simple so get ready for some geeky stuff…!):

When you visit the import page and click the “Auto Configure”, Tailrank loads a page in an invisible iframe that contains some JavaScript, basic CSS and a long list of links (over 400K worth, actually).

The JavaScript does something really clever to determine if the links should be added to your subscription list: by setting the style of visited links to be relative (as opposed to having no style at all) and then testing to see which of the provided list of links have that style, Kevin’s able to effectively rummage through your browser history and collect a list of blogs that you’ve previously visited (at least since you last cleared your cache).

Want to try it? I set up a demo that should detect at least one site (if you’re not reading this in a feed reader — if you are, visit my blog and then try it).

Obviously this technique, coupled with an invisible AJAX script, could be a pretty potent tool for gathering information about what sites folks have visited (like banking sites, for example) if it automatically ran when the page first loaded (fortunately you have to click a button to start the script on Tailrank).

Personally I think this trick is pretty cool — and a very innovative way to gather information about someone’s reading habits based on their actual behavior (if they’re the only ones using the browser, of course). I don’t like, however, that Kevin hasn’t disclosed his methodology on the Import page considering that, as early as 2002, a similar technique was discussed as being a browser security hole and has since come up repeatedly.

In any case, this is probably the best use of this tactic I’ve seen and in less capable or more devious hands, could be a pretty dangerous trick.

Still, the rest of Kevin’s work is rather remarkable and worth a look — especially his tools page. As for the auto-importer, well, I’ll leave it up to you to decide whether to use it.

Eudora to be reincarnated with a Thunderbird soul

Eudora + Thunderbird

In case you missed it, aging mail app Eudora will be put to pasture after its final commercial release (v7.1 on Windows, v6.2 on Mac) and reincarnated as a modified version of Mozilla’s open source mail app, Thunderbird:

“I’m excited for Eudora to be returning to the open source community,” said Steve Dorner, vice president of technology for QUALCOMM’s Eudora Group. “Using the Mozilla Thunderbird technology platform as a basis for future versions of Eudora will provide some key infrastructure that the existing versions lacked, such as a cross-platform code base and a world-class display engine. Making it open source will bring more developers to bear on Eudora than ever before.”

Michael Calore, of MonkeyBites, adds:

The company hopes that the Mozilla open source community will extend the feature set of Eudora (which is currently commercial software) much in the same way that they have done for Thunderbird. It’s a great development for the open source productivity space. Will it kill Microsoft Outlook? No, but it’s going to make millions of users who prefer alternative email clients very happy.

…snip…

Eudora is a well-loved if somewhat outdated email client that many people (Qualcomm claims millions of users, which sounds accurate) continue to use just for its unique feature set. Eudora can tell you if emails in your inbox contain inflammatory language before you open them, and it has some robust spam features. There’s a sponsored version of the client, as well, and my guess is that the ad-supported version will go the way of the ghost when Eudora becomes open source.

What with so many AJAX clients out there, including Apple’s upcoming DotMacMail, this development is not entirely surprising. For stalwart Eudora users who have much resisted the allure and blinding shininess of Web 2.0, this could spell the real beginning of the end of Web 1.0.

The tamagotchi of Web 2.0

Celly is my tamagotchi

So there were a couple of announcements from Twitter today (like status permalinks), and one half-mentioned Celly — the cutest and most social thing to come out of Web 2.0 leveraging a newly minted API.

As Tara likes to say, “Ev Williams is my Tamagotchi!”

Well, now the whole Twitter community can be your Tamagotchi with Celly.app.

Download it direct or grab the source.

This is just another neat WebKit app made possible by the work of Josh Peek, Chip Cuccio and others.

A solution for Google Calendar on Blackberry 8700c

Gah, finally!

I meant to write about this ages ago, but now that Version 1.1 is out thanks to Thomas Oldervoll, I can happily report that I have Google Calendar working on my Blackberry 8700c!

For awhile I was using 30Boxes Mobile as my Gcal proxy, but no longer! I can unhide that Calendar app on my Blackberry desktop now that I’ve got the open-source Gcalsync running!

Cut-to-the-chase instructions: load up wap.gcalsync.com on your Blackberry and install the signed version. Run the app. Choose Sync, type in your Google username and password (no idea how trustworthy this thing is) and hit Save. The Sync should commence.

Now, I had some issues with this, but it’s better than nothing, so I can only hope that Thomas will continue his work (or you’ll pitch in).

And hey, if it works for you, digg it.

A fresh face in people search, care of Sweden

Polar Rose

This isn’t new news, per se, but it’s still interesting to see that Riya 1.0 has some new competition (how’d’ya like that? Retroactive competition… heh!).

If you’ve been playing along, you’d know that Riya has moved towards general image search and away from exclusively focusing on cute-baby-face-image-indexing (I kid, I kid!). In fact, Munjal says it best:

As we announced in May we are heading in a different direction because users just didn’t want face recognition in their own photos as much as they wanted smarter web search. Starting next week and continuing for the next month or so we’ll post the gradual release of our new product that reluanches our efforts.

Contrary to Polar Rose founder Jan Erik Solem’s bombastic claim that their search engine … will be the first of its kind in the world, I am more optimistic about their approach of using a simple browser plugin to enable folks to casually point out faces in the images that they come across, effectively decentralizing the task and providing a much needed instant-incentive for folks who are specifically interested in this kind of information. I still wonder whether such efforts can ever really boil the web-wide ocean, but with similar efforts underway at Google, sooner or later, we are going to get to a better way to discover, explore and search rich media based on their content, not just where they were taken or when.

In the meantime, screenshots of the Polar Rose plugin are available for download.

Via Digg via Alex Hillman.

Revver releases API, bets on nichenomics

Revver logo25 days ago, I asked where Revver’s API was, citing a post by Micki Krimmel. Well, she’s responded and I found a post with more details on their blog discussing the newly-minted Revver API.

I have to admit, this could be a pretty significant development (digg it). For one thing, Revver dot com is built upon their own API — and by releasing the API, have made it possible for anyone to build their own custom white-labeled Revver site. As sumbry reports in the comments:

Using our API is easy. If you’re a PHP guy, download the PHP Whitelabel SDK.

Go into your browser and punch in the URL to where you’ve unzipped the files and viola, you’ve got a brand new PHP site using our API.

To start changing the look, just go into the skins directory and copy everything under default into a new directory name. Then go inside that new directory and start messing around w/all the css and image files to change the look.

(Emphasis mine.)

Now if they built this on top of WordPress and its theming system, I would have been extremely impressed… but alas, one can’t have everything.

What’s so interesting about this is that their business model and viability as a company is actually contingent upon the adoption of their API and the building out of niche white label sites… Micki puts it pretty clearly:

Our API is a way for web developers to create their own video-sharing communities using our technology. We like to call it a “video portal in a box.” And of course, Revver shares any ad revenue from uploaded and syndicated videos with the creators of the portal and with its community members.

The release of the Revver API is central to our business model of wide syndication and free sharing of content. The goal is to build the network across the open web, disseminating Revver videos as widely as possible, always holding strong to our pro-artist ethos.

So, suffice it to say, this is pretty exciting. And an excellent model for others to follow or mirror.

More and more we’re going to see the equivalent of “indie data labels” offering up their wares in the form of socially networked harddrives while the big players continue to try to consolidate and drive everything to their web properties. I think that in the long term, the starfish model will prevail, and will continued work on services like Revver, who make it possible for individuals to start their own fully enabled website using remote data, we’ll begin to see the promise of the loosely joined, socially networked revolution.