After my thoughts yesterday about web spyware, this post about email spam caught my eye. The author owns his own email domain, so creates a new email address he signs up to; Company A gets companya@domain, Service B gets serviceb@domain, etc. These email addresses are unique and never shared with anyone but the service.

So imagine his surprise when the email address he set up for Performancing.com turned up on a piece of spam.

The likeliest way spammers could have got the address is from Performancing itself, and while he’s stopping short of accusing them of selling his details, the practice absolutely does happen, much more often than you’d think. Think about it this way: there are hundreds upon hundreds of web companies out there. Most of the popular ones have funding of some kind, which investors need to see a return on, but most web companies also don’t make a profit. How can they easily make supplemental income from their existing assets? Through selling on your details.

If any of you have other examples of this practice, let me know – it’d be interesting (and telling) to build up a collection.

I love stuff like this.

Esquire sent 250 napkins to various writers across America, and got nearly 100 of them back, from established novelists to first-time authors. Some of them are fantastic.

There was a collaborative art project on the web around five years ago where people sent notebooks out, which were then filled a page at a time by successive recipients and then returned to the original owner. For the life of me I can’t remember its name, but it always seemed like a neat idea.

There’s been a flurry of activity over the last few days over MyBlogLog, and specifically, whether it secretly tracks advertising clicks. Now owned by Yahoo, the allegation is that the tool is being covertly used to optimise their contextual search product against Google’s Adsense (which we run on the sidebars here on Elgg.net). Techcrunch called this the Yahoo Publisher Network’s Trojan horse, and with good reason: at the time of acquisition, MyBlogLog was on at least 40,000 pages. If it was reporting user activity back to Yahoo for each of those, that’s a very good representative sample to use in refining their product. As a result, the comments at the bottom of the Techcrunch post were full of people wanting to switch networks.

MyBlogLog responded as follows: they don’t secretly track advertising clicks. It’s part of their product.

Because MyBlogLog is largely marketing itself as a widget you slap on your site to see who’s visiting, this seems a little disingenuous. In fact, had it been a desktop application, it would probably have been deemed spyware, which is defined as follows:

Any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. …

MyBlogLog is a free widget, which comes with a monitoring payload that most users aren’t aware of. It sounds like it fits the definition pretty well, but Internet applications have so far gotten off scot free – because they don’t install themselves into your system, and because web browsers mostly have a hefty wall between those applications and your desktop machine, most web application privacy issues are to do with phishing scams and cross-site scripting attacks.

However, as more and more of our applications work begins to take place on the Internet, this model begins to fall over. We need to take care about what we put on our websites and mash up with our applications – it’s not all benign. There’s big money involved, and when you look at the web 2.0 world in a particular way, it begins to look like a confidence scam designed to make you part with your personal details and be pleased for the privilege. There is a quiet revolution happening in computing, and these ideas are genuinely changing the way we do things for the better. But there are billions of dollars involved, and plenty of hands reaching for a piece of the pie – not everyone can be trusted, and we need to start choosing our web applications with the same scrutiny we use for our desktop ones.

(NB: Because it’s inevitably going to be mentioned, I’m not calling this up because of Explode. The two applications have different purposes, and we don’t consider MyBlogLog a competitor. If you have any concerns about our script itself and what it might be doing, check out our code – it just displays some HTML, and doesn’t perform any click tracking at all.)

Dave’s already announced this one, but it needs to be reiterated: every Explode account is an OpenID.

What is OpenID?

OpenID is a simple standard that allows you to log on to multiple sites and services using one identity that follows you around the Internet. The idea is twofold:

1. You only have to remember one username and password.

2. Anyone clicking on your identity will be brought back to your central profile, so you only have one set of information to maintain.

Identity is becoming an issue – note that Windows Vista has an incorporated identity server called CardSpace, which will support OpenID in future versions.

OpenID is an open standard – which means it’s transparent, if you’re interested you can see how it works, and anybody can implement it. That will help drive adoption, and with companies like Verisign, Microsoft, Six Apart and more behind it, the smart money is on it surviving as an identity standard.

Why is Explode important?

Most OpenID providers give you a bare profile. You sign up, and provide some basic information that you’ve probably given a hundred times before, and then when people click back to your central profile they just see that bare site.

When you sign up with Explode, you dictate your interests – so people can find you – and the URL of a site you already have. That might be your own blog, a MySpace profile, a profile here on Elgg.net, or anything else on the Internet with a public web address. That’s what then gets linked to your OpenID.

So now when you use your OpenID anywhere on the Internet, people can click on your profile and see the page you’d really like to represent you.

There’s much more to come. Watch this space!

Explode users can now configure their Javascript widget in a number of ways. We’re going to be adding more themes as time goes on – but for now there’s four to choose from, and you can pick the size of the icons, the number of rows and columns, and whether you list people’s names. This will give you all a little more control over your widget, and let you fit it better into your site.

(The ability to configure your graphic widget will follow after the weekend.)

Okay, so we all know that Google just launched Google Apps Premier, which is basically their rival to Microsoft Office. At $50 per seat per year, with no install costs and next to no compatibility issues, this is going to be cheaper for a lot of people than the incumbent. (For individuals, it’s basically free.) As a result, either Microsoft’s market share is going to slowly come down, or their prices will. Either would be good for consumers, but the former would be best: competition is always a good thing.

Which is why I don’t think this is going to be the end of the story.

The barriers for web applications are much lower than for desktop ones, for a variety of reasons – mostly that infrastructure is cheaper (you don’t need to print CDs or work out a distribution network) and web applications have to do much less to get working than a traditional desktop app. Other competitors exist: let’s not forget Zoho, whose applications have more integration with each other than Google’s. (And there’s more of them; whereas Google has email, documents and a spreadsheet, Zoho has that plus presentations plus an awful lot more.)

But where are the open source contenders? A quick search revealed SynchroEdit, but the back end for this seems a bit overcomplicated for what it is. A while ago there were rumours that Open Office – which I now exclusively use as a desktop Office replacement – was going to have a web version, but that doesn’t seem to have materialised. I would have thought it would be high on both IBM and Sun’s agendas.

It’s telling, though, that we still refer to these tools as “Office replacements”. Microsoft has a stranglehold on the market, and Microsoft Word in particular still takes some beating (it’s probably carrying the company). This is one of those changes that will require a lot of chipping away at the market, rather than something that happens quickly.

Every so often I come across a product or service that seems to have had a Web 2.0 epiphany. Presumably someone at the company stuck their head out, had a look around, saw the buzzwords and stuck their head back in before they’d fully researched what was going on. Therefore, the Web 2.0 epiphany is directly followed by a half-baked Web 2.0 business plan, along the lines of:

ZOMG WEB 2.0! TAGGING BLOG RSS MASHUP AJAX! LOLSTERS!

(Or to translate from the Myspace for those of you unfamiliar with the vernacular: “these things are popular and of the moment; if we stick them in, people will think we’re popular and of the moment too”.) This is a plan that’s bound to fail. Its usual form is when a product adds “blogs” as part of a high version number release, which turn out to be a series of dated notes with no real method to share, discover or integrate with the other features. I’m sure you can think of a product or two which has done this.

Amazon did a ZOMG Web 2.0, back in 2005, when it added tags to their product pages. LibraryThing’s Tim Spalding has gone back and analysed uptake: a mere 1.3 million tags, compared to LibraryThing’s 13 million, despite the latter having a tiny fraction of the former’s user base. There are a whole bunch of reasons why, but I think Tim’s right when he says:

Amazon is a store, not a personal library or even a club. Organizing its data is as fun as straightening items at the supermarket. It’s not your stuff and it’s not your job.

You go to Amazon to buy products. I normally use them when I’ve read about something on a blog or in a magazine – for example, I just picked up Founders at Work after reading rave reviews in a bunch of blogs, but I’d be unlikely to browse Amazon itself looking for books I might find interesting, beyond a 20 second glance at their “recommended for you” page. (The book is great, by the way.) The same principle goes for other types of services: if the goal isn’t to share and discuss, then shoehorning Web 2.0 features into the mix isn’t going to add anything. It’ll probably give you a bit of publicity, but your users are never going to see the value.

This makes me really, really want a Nintendo Wii.

Now, if we could network together console users, no matter whether they were using a Wii, an Xbox, a PS3, etc?

Steve O’Hear featured Explode in his excellent Social Web blog last night, Techcrunch followed, and our user figures are rocketing. It’s very gratifying to see, although humbling that after three years of working on an open source social networking framework with all the trimmings, something this simple immediately eclipses it in publicity and popularity. There is a lesson here for all startups, and one I’ll expand on in greater detail at a later date. For now, know that we’re adding an API, expanding on the featureset (in fact, that’s happening right this second), and celebrating with a second cup of coffee.

Meanwhile, back on planet Earth, we’ve got a number of things in the pipeline for Elgg; Elgg Spaces should see some action shortly, and in particular we’ve got developments coming along for the University of Brighton’s Community @ Brighton. But don’t think we’ve left you out over here at Elgg.net – if my plans work out, we should have something for you here too in the next couple of days.

The eagle-eyed among you will have seen a new widget appear at the bottom of Dave and my sidebars. We’ve been playing with a new service (okay, okay, hack), based on the Elgg framework, that explodes the social networking paradigm and allows you to list your friends wherever they might be. So we’ve called it Explode.

I’ve got a couple of features I want to throw on here, and it’s obviously a bit rough around the edges – but with that caveat, feel free to sign up if you like. It’s been a fun exercise.