Decentralized comments and the IndieWeb

July 1, 2013 | Leave a comment

I just stumbled on this old thread by Marc Canter and Stephen Downes (emphasis mine):

I think that so long as we leave content on other people’s sites (or in their in-boxes) we will have the dual problems of spam and host lock-in.

The primary use of OpenID should not simply be identification, but also, to tell remote sites where to direct our actions. So – in a sense – I carry all my own home website tools with me when I travel around the web.

This is, in part, what the IndieWeb is all about – and it works today. I recorded a video demo of how these features work in idno last week:

(Reading this in an RSS reader? Here’s a direct link.)

The Progressive (Profitable) Web

April 2, 2013 | 2 comments

Ryan Holiday laments the loss of Google Reader and RSS in general in Our Regressive Web, arguing that if someone came up with them today, we’d think they were brilliant ideas:

Nothing better has risen up to replace them. The underlying needs of a fairly large user base (that these services meet) still exist.

We’re just regressing.

[...] RSS is impervious to blogging’s worst, but most profitable traits. [...] No wonder nobody ever pushed for widespread adoption. Of course it died a slow death—along with Google Alerts and Delicious. Their mission is antithetical to the ethos of our new media age. Where noise, chatter and pushing—not pulling—rule the day.

Our Regressive Web by Ryan Holiday, on Medium

He’s right. Aggregated content – content on the reader’s terms – has a huge potential userbase, but it wasn’t profitable for either the bloggers or the aggregators, so it languished. Sure, you could tack some Google Ads onto the end of each post in a feed, but control over the form that the content is presented in is granted fully to the user. Where’s the opportunity to upsell? Where are the branding opportunities or the baked-in communities, carefully designed to maximize ongoing engagement?

The irony is that blogs have actually downgraded their on-page advertising over time. If you visit TechCrunch today, you’ll only see two ads above the fold. Check out io9, and you’ll see none at all. The redesigned ReadWrite has a few more: a giant banner above the fold, and then four small squares with another ad in the stream of content itself.

Wouldn’t it be nice if you could have your cake and eat it, too? Allow the user to consume content on his or her terms, while also allowing the content producer to make money?

Here’s an idea I’ve been working on in my own time. It’s a little technical, but bear with me:

  1. Add a simple social layer to the web. I still like the idea of the HTTP header I described in httpID. Your site may connect to my site with a mechanism like OpenID Connect and get an authentication token automatically. Think of it like a one-way friend request. Of course, I can then reciprocate by connecting to your site to create a two-way relationship.
  2. Add authentication to feeds. Each feed has just one URL. An aggregator may sign the request for a feed with an OAuth-like signature. (We’re sidestepping HTTP digest auth for obvious reasons.) The software producing the feed may choose to acknowledge the signature, or not; by default, you get all the public posts you’d normally get when accessing a feed.
  3. Manage connections and restrict access to content. I see everyone who’s connected to me from a control panel, and can reciprocate from there. More importantly, I can add any of my connections to access groups. So if I add you to a group and publish a piece of content so that it is only accessible by that group, when your site requests my feed using a signed request, you’ll see that content.
  4. Optionally: sell access to premium content. Once you can selectively broadcast content to a finite group of people, you can sell access to that group. (And of course, you can have more than one paid-access group.) For example, I’m a subscriber to NSFW, a paid publication with an online presence. They could push all their articles to me as a subscriber, while making a handful of taster articles available to everyone. You could even include a pointer to a subscription URL within that social handshake from part 1. If you decentralize the financial transactions (and why not?), you could even give a small cut to the platform owner.

All of the above is complementary to feed standards like RSS and Activity Streams, as well as to federated social web protocols and methodologies like OStatus. It’s super simple to both use and implement – but could add a layer of commerce to the content web, while also decreasing our dependence on large content silos whose interests are not in line with their customers.

Facebook Graph Search is super-powerful – if all your friends obsessively post to Facebook

January 15, 2013 | 3 comments

Facebook’s new Graph Search is an exceptionally powerful idea. Here are some searches I’m looking forward to running:

  • Bars my friends like in San Francisco
  • My friends who like Doctor Who and live near me and like pizza
  • Friends that know [insert investor or entrepreneur name here]

Make no mistake: this is a new kind of search that shows the way for more advanced social software, everywhere. There’s no doubting that it’s an impressive achievement, that has the potential to change the way people use the Internet.

Or it would. You see, Graph Search’s Achilles’ heel is Facebook itself.

Facebook is a walled garden; a closed box. Information on the service stays on the service, and it’s hard to import it in from other places. As a result, the information about your likes, your friendships and your location in Graph Search are needfully based on information you and your friends have explicitly posted to Facebook.

That makes it much less of an achievement than it could have been. To use the above examples, I don’t tend to like bars or restaurants on Facebook (although I might on Yelp or Foursquare, or mention them on Twitter); I’m not going to tell Facebook that I like pizza, because why would I; and I’m much more likely to “friend” an investor or an entrepreneur on LinkedIn than Facebook, because the former focuses on my work achievements, and the latter is exponentially more likely to show them a picture of me at some random party next to some guy I don’t know wearing one of those beer hats. (Reader, I speak from experience.)

So Facebook is working from an incomplete social graph. What’s interesting to me is that if they turn more of their focus to social graph search, it makes more sense for them to start capturing more of the outside world – and become more open in the process. A company that to date has spent most of its energy capturing esoteric information about peoples’ personal lives and locking them in a black box will now have to learn to talk to the rest of the web, in order to allow this product to reach its full potential. There’s even an opportunity here for crawling and encouraging federated social networks.

Will this happen? It’s hard to say. Whether they decide to open up and start consuming and publishing graph information depends on their internal culture. It’s also a more complicated problem than, say, implementing a Google-style page search: Facebook has access permissions, which must be obeyed. The search results I see might be very different to the search results you see, based not just on our different social graphs, but what information about themselves our friends have chosen to allow each of us to view. If Graph Search just crawls public information, this is moot, of course, but having this deep level of privacy integration would be an actual reason to use Facebook to store this information. (Or for Facebook to start exporting its access control to third parties via an open API – this was an obvious route for Google+ to take, but they’ve been surprisingly slow to do so.)

Until Facebook opens up, which given all available information is a bit like saying until hell freezes over and golden rain falls from the sky, there’s still everything to play for in social search. Facebook has shown us the way, but while they only use a tiny subset of the information available to them, it’s only a proof of concept.

Imagine this: identity computing

October 25, 2012 | Leave a comment

I originally wrote this over on Google+.

I’m sat at my laptop, which has a monitor attached via a digital connection. On the other side of my desk is my phone, and a tablet.

That’s the setup I actually have right now, as I’m writing this. But all these devices (monitor aside) are connected to the Internet, rather than each other. And they’re mostly incompatible. What if they all knew about each other in relation to each other’s position? And what if they were part of one big, decentralized, identity-aware system?

I pull up my email, and with one mid-air gesture – swipe – it swooshes across to my second monitor. I grab a document, and with another gesture – swipe – it lands on my tablet. Finally, I take the project I’m working on, for example source code in an IDE, and with another gesture – swipe – it’s on my phone.

They’re all talking to each other as a mesh network, and because they’re all my devices, I can move applications to them with no problem, my computer and datastore always acting as the central hub, with authentication handled through my saved identity information.

Then you walk up holding a device (a phone, or a tablet), and I want to share that document with you. Swipe, thumbs up – after a gesture and a confirmation by both of us, you have the information running on your screen. I might revoke it later, but for now, you can read it and make suggestions. (And no, that thumbs up isn’t the default gesture, but I’m a cheeseball, and I like giving my data the thumbs up.)

You walk away, and your device switches seamless from the proximity mesh network to using the Internet to access the data and keep it synchronized. I decide to go for lunch, so I pick up my phone. My other devices lock down. While I’m at lunch, I can still check out all my data and applications through my phone, using my Internet connection. And as I walk back to my desk, my other devices unlock. I see that my colleague has used my laptop while I was away, but that’s cool; it will have used their phone as their identity, and they will have seen their own applications and data. In fact, these days I use my phone to authenticate everywhere – although I can choose any one of my devices to be my primary identity. I can pick a couple as secondaries, too, and I can always nominate a new primary if I lose or change my phone. And of course, this is my work ID; I can flip over to my personal ID, or a pseudonymous ID, if I need to. Depending on the permissions, I can even share data, applications and resources between IDs. (My work ID doesn’t let me do that, but I can certainly set my main personal ID and my pseudonym ID to share some stuff.)

Now that I’m back at my desk, I see that you’ve made some changes to the document. I accept them, revoke access, and swipe you a new document. Even though you’re not nearby, the Internet allows me to act as if you are. It’s as useful as it ever was, but it’s more of a long-range extender for my personal network, and a backup, than the place where I always live.

There’s no need for my applications to live in “the cloud”, although they could. But identity-aware decentralized computing gives me the freedom to share with the people I need to, on the devices that make sense at the time, in the place that makes sense at the time. My applications are smart enough to decouple form from function, so they adapt to the screen and capabilities of my choice (and the operating platform handles a lot of the heavy lifting here, making sure interfaces are consistent – and adhere to my settings – in the process). And my data can live anywhere I need it to.

Next Page »