Results tagged “facebook”

Well, it seems like my post on how Facebook is gaslighting the web struck a nerve with a lot of folks. I have to give first priority to publishing the responses I've gotten directly from Facebook employees, to be fair to their perspective.

• Louis Brandy, a Facebook engineer, responded in the comments on my site:

I work at facebook on the team that generates the warning in question (site integrity). This warning appears to me to be a bug and we are currently trying to repro and fix. Continuing, though, to say that the warning is disingenuous is simply not correct. I do not agree with your premise that because you use a social plugin we should automatically whitelist you and exempt you from security checks. Malicious pages do that stuff too.

In this particular case, though, in my opinion so far, this would appear to be a false positive (a bug) from the way the comment widget generates notifications.. Those notification seem to wrongly trip a particular security check.

• Louis also left what is substantially the same comment on the (surprisingly thoughtful!) Hacker News thread about my post.
• Christopher Palow, another Facebook engineer emailed me privately to address many of the same issues as Louis. Christopher explained that what he called the "linkshim" (the redirect which handles outbound links) performs a few key functions: It works for spam prevention by preventing access to known spam links, preserves privacy by obscuring your Facebook user ID from potentially being passed as a referrer, and allows referrer logs to show that traffic is coming from Facebook which wouldn't ordinarily happen otherwise if a Facebook user is accessing the site via HTTPS. Christopher offered a detailed perspective on the linkshim redirect which I found interesting, even outside of the context of my particular post:

Every external link clicked on Facebook and sent by Facebook in an email goes through the linkshim (if it doesn't, that's a bug). Each of these links is generated on the fly for the intended viewer and is cryptographically signed for only that viewer. We do this to prevent our linkshim from being abused by spammers as an open redirector. You saw the warning message that occurs when this signature is either missing or you are neither the user who generated the link nor one of that viewer's friends. This happens when our linkshim links get passed around outside of Facebook via IM or email. [Functional example of reproducing this behavior omitted.] In addition to other checks, we added a grab all your friends and check if the signature matches exception in order to mitigate abuse false positives from friends sharing links over IM/email. Only a very tiny fraction of users of the linkshim see the warning you saw.

I feel the language of the warning is pretty benign but I am open to your suggestions on how to improve it. Just keep in mind we have to balance false positives such as the one you saw with the damage that can occur if spammers can exploit our users' trust of Facebook URLs.

• More compelling to me was this thread on Les Orchard's Facebook profile, where he'd shared a link to my post. In that thread, Mike Shaver offered his perspective on the post. This is particularly notable because Mike is both a (brand new) Facebook employee and a board member for StopBadware. That's an extraordinary combination, and potentially an extraordinary conflict, but Mike's thoughts are worth a read. A highlight:

Facebook is not saying that your site is unsafe, and the text is bog-standard "hey, be careful where you put your password" motherhood and Apple-pie advice. It does not block the load like Google and Mozilla's malware interposition, and the experience is entirely different. Comparing them as you have is frankly fatuous, and I suspect pretty disingenuous as well. Do you really think that FB set out to put that screen up for any reason other than trying to protect users? You're going to be pretty much calling people straight-up liars, based on what they've said publicly about it.

(I'm on the board of StopBadware, and have some idea of what happens to sites when they get on the malware-block list, and what the false positive rate is.)

• MetaFilter's discussion of my post was also fairly thoughtful, if a bit one-sided, and it was nice to have my ideas discussed on the site without the thread being a referendum on me personally.

I also wanted to address a few key issues that have surfaced since the post first started getting responses:

• Holy shit, one of the board members of StopBadware works for Facebook! That kind of blew my mind. Now, Mike's a nice guy, and the StopBadware folks are both trustworthy and well-intentioned. But as an industry, we in tech effectively delegate much of our policing to volunteer organizations such as StopBadware, and that leaves the potential for extraordinary conflicts when someone requests (as I did) policing actions against major players which employ members of those organizations.
• "But you have Facebook comments on this page!" Yep, I do. I'm not some anti-Facebook zealot, and I don't like to make criticisms of companies or products without making a sincere effort to use and understand those tools. I like using Facebook for things like sharing what I'm listening to on Spotify, or to find my friends on Mixel, and I have no objection to it providing services such as commenting in some contexts. It's important to me to communicate that my misgivings about Facebook's relationship with the web is not the rantings of an extremist.
• "You're saying sites should just be whitelisted and marked as safe simply for using Facebook plugins!" Nope, that's not what I said at all. What I was communicating that given that Facebook is already making the effort to index sites when they use social plugins, they can cross-reference this against databases such as StopBadware which do give feedback on whether a site is safe or not.
• "These were just honest bugs (or explainable but unfortunate features) on Facebook's part." Let's grant that this is the case for the engineers who work on systems like Facebook's link warning. First, I'm glad if it encourages them to either fix the bugs or update the systems so that spurious warnings are not issued. There is no mechanism by which an ordinary publisher could request such reviews. But second, even if they are just simple bugs the impact is still the same

Overall, I don't ascribe evil or malicious intent to any of the earnest and passionate coders whose responses I've quoted above. But I think some seemingly-innocuous features they work on can work as part of an overall strategy at Facebook that's in tension with the web, and I urge them to consider those implications very broadly whenever possible. All software has bugs, and that's no big deal. Facebook, though, has a unique burden to ensure that it's not accidentally trampling on the web, as an obligation of its dominant position in the web ecosystem, even if that simply means evaluating the potential for bugs or unusual edge cases of features resulting in content on the web being marginalized.

Finally, I am very aware of the privilege that I enjoy by having an audience that both sees and responds to pieces like the one I wrote yesterday. Having had much of my concerns addressed so quickly is gratifying. But to those who think Facebook got a bum rap: The only thing Facebook was facing as a result of my post was the threat of an unnecessary security warning being placed as a gateway to their site. The rest of us face that threat from Facebook every day.

Facebook has moved from merely being a walled garden into openly attacking its users' ability and willingness to navigate the rest of the web. The evidence that this is true even for sites which embrace Facebook technologies is overwhelming, and the net result is that Facebook is gaslighting users into believing that visiting the web is dangerous or threatening.

In this post I intend to not only document the practices which enable this attack, but to also propose a remedy.

1. You Cannot Bring Your Content In To Facebook

This warning appeared on Facebook two weeks ago to advise publishers (including this site) that syndicate their content to Facebook Notes via RSS that the capability would be removed starting tomorrow. Facebook's proposed remedy involves either completely recreating one's content within Facebook's own Notes feature, or manually creating status updates which link to each post on the original blog. Remember that second option, linking to each post manually — we'll return to it later.

2. Publishers Whose Content Is Captive Are Privileged

Over at CNET, Molly Wood made a powerful case against the proliferation of Facebook apps that enable ongoing, automated sharing of behavior data after only a single approval from a user. In her words:

Now, it's tempting to blame your friends for installing or using these apps in the first place, and the publications like the Post that are developing them and insisting you view their stories that way. But don't be distracted. Facebook is to blame here. These apps and their auto-sharing (and intercepts) are all part of the Open Graph master plan.

When Facebook unveiled Open Graph at the f8 developer conference this year, it was clear that the goal of the initiative is to quantify just about everything you do on Facebook. All your shares are automatic, and both Facebook and publishers can track them, use them to develop personalization tools, and apply some kind of metric to them.

As Molly's piece eloquently explains, what Facebook is calling "frictionless" sharing is actually placing an extremely high barrier to the sharing of links to sites on the web. Ordinary hyperlinks to the rest of the web are stuck in the lower reaches of a user's news feed, competing for bottom position on a news feed whose prioritization algorithm is completely opaque. Meanwhile, sites that foolishly and shortsightedly trust all of their content to live within Facebook's walls are privileged, at the cost of no longer controlling their presence on the web.

3. Web sites are deemed unsafe, even if Facebook monitors them

As you'll notice below, I use Facebook comments on this site, to make it convenient for many people to comment, and to make sure I fully understand the choices they are making as a platform provider. Sometimes I get a handful of comments, but on occasion I see some very active comment threads. When a commenter left a comment on my post about Readability last week, I got a notification message in the top bar of my Facebook page to let me know. Clicking on that notification yielded this warning message:

What's remarkable about this warning message is not merely that an ordinary, simple web content page is being presented as a danger to a user. No, it's far worse:

• Facebook is warning its users about the safety of a page which incorporates Facebook's own commenting features, meaning even web sites that embrace Facebook's technologies can be marginalized
• Facebook is displaying this warning despite the fact that Facebook's own systems have indexed the page and found that it incorporates their own Open Graph information.

To illustrate this second point, I'll include what is a fairly nerdy illustration for those interested. If you're sufficiently interested in the technical side of this, what's being shown is Facebook's own URL linter, as viewed through the social plugins area in the developer console for a site. In this view, it verifies not only that the Open Graph meta tags are in place (minus an image placeholder, as the referenced post has no images), but that Facebook has crawled the site and verified enough of the content of the page to know their own comment system is in place on the page. (Click to view the whole page, with only the app ID numbers redacted.)

How to Address This Attack

Now, we've shown that Facebook promotes captive content on its network ahead of content on the web, prohibits users from bringing open content into their network, warns users not to visit web content, and places obstacles in front of visits to web sites even if they've embraced Facebook's technologies and registered in Facebook's centralized database of sites on the web.

Fortunately, the overwhelming majority of web users visit Facebook through relatively open web browsers. For these users, there is a remedy which could effectively communicate the danger that Facebook represents to their web browsing habits, and it would be available to nearly every user except those using Facebook's own clients on mobile platforms.

This is the network of services designed to warn users about dangers on the web, one of the most prominent of which is Stop Badware. From that site comes this description:

Some badware is not malicious in its intent, but still fails to put the user in control. Consider, for example, a browser toolbar that helps you shop online more effectively but neglects to mention that it will send a list of everything you buy online to the company that provides the toolbar.

I believe this description clearly describes Facebook's behavior, and strongly urge Stop Badware partners such as Google (whose Safe Browsing service is also used by Mozilla and Apple), as well as Microsoft's similar SmartScreen filter, to warn web users when visiting Facebook. Given that Facebook is consistently misleading users about the nature of web links that they visit and placing barriers to web sites being able to be visited through ordinary web links on their network, this seems an appropriate and necessary remedy for their behavior.

Part of my motivation for recommending this remedy is to demonstrate that our technology industry is capable of regulating and balancing itself when individual companies act in ways that are not in the best interest of the public. It is my sincere hope that this is the case.

Further Reading

Many aspects of this conversation are not, of course, new topics. Some key pieces you may be interested in:

• As I was researching this piece, Marshall Kirkpatrick published Why Facebook's Seamless Sharing is Wrong over on ReadWriteWeb, articulating many of these same concerns. His piece is well worth reading.
• Albert Wenger of Union Square Ventures makes a strong case for the long-term goal of a network of networks. I fully share his vision here, and hope most in our industry will endorse this idea as well.
• Molly Wood's excellent look at Facebook sharing which I referenced above is worth reading in its entirety.
• Blackbird, Rainman, Facebook and the Watery Web was a more optimistic look at how web platforms evolve that I wrote four years ago when Facebook was much less dominant.
• The Facebook Reckoning a year ago offered a perspective on the values and privilege that inform Facebook's decision-making.
• My ruminations on ThinkUp and Software With Purpose last week also explored the related danger of Facebook deleting everything you've ever created on their site.

By request, a bit of explanation of how and why I favorite things on the internet. (Or favor them. Or like them. Whatever.)

First, where do I favorite? On Twitter, certainly: I love lots of tweets! On Facebook! That's mostly for liking things outside of Facebook, around the web. I like lots of videos on YouTube and on Vimeo, the latter of which probably has the most satisfying like/favoriting animation on the web. I judiciously like things on MLKSHK. I suppose I still favorite things on Google Reader from time to time, which always involves me starring, sharing, +1ing and clicking 10 other buttons in their UI, since I don't really know which one does what. YouTube has both liking and favoriting, too, but somehow that redundancy doesn't bother me as much.

And, perhaps more visibly than anywhere else, I star all kinds of things on Stellar, which is also where many of these favorites get aggregated and shared with others; It's my, erm, somewhat enthusiastic use of favoriting on that service (I'm by far the most prolific star-giver in these early days of the awesome little site) which has inspired the most recent "dude, what the hell?" responses from many of my friends. As of 6 weeks ago, Jason showed me stats where I had about 1/3 more favorites than the next-highest person on the site.

Why am I so prolific with the stars? Well, one part is that I am just an enthusiastic person: I like lots of stuff! There's also social expectation; My favorite (see what I did there?) friend David Jacobs is a master of favoriting and taught me the wonders of the form years ago. In the early days of (now-defunct) Vox, David was specifically called out when the app added favoriting:

By popular demand, we've introduced the ability for users to mark posts, photos, audio, video and books -- from their own blog as well as other Vox blogs -- as favorites. We've nicknamed this feature the "David Jacobs" after friend and Vox user, who, at last count has favorited 1,677 photos on Flickr. It's a great way to keep track of good stuff you've seen on Vox, as well as keep a record of your own things that you particularly like.

Do me a favor

Despite my enthusiasm, my habit of enthusiastically clicking stars and thumbs-up all over the web is not unconsidered. Instead, my intention is fairly consistent, though I'm aware the semantics of these functions are slightly different in all these various services. A few common themes:

• Acknowledging good work: When someone writes a tweet that makes me laugh or think, or produces a video that's worth the time to watch it, I favorite it or like it as a "reward" of sorts to them. I don't know anyone who doesn't check the number of likes/faves on a work they've made at least some of the time, and that way they know I was rooting for them.
• Retaining for the future: Favoriting items increases my ability to retrieve them later. I've got Instapaper and Readability and Pinboard all hooked up together so that things I star get saved as bookmarks that I can retrieve later. Similarly, ThinkUp can show me a rough version of the links that were shared in tweets that I've favorited. Basically, I'm more likely to favorite something if I think it's worthwhile enough to return to later.
• Implicit sharing: These days, this may be my main motivation for favoriting lots of stuff on the web. Truth is, I often miss the curation and editorial fun of the link blog that I used to publish on this site. (Give me a shout if you remember that — it's been seven years since I stopped doing it, old-timer!) By judiciously favoriting good things across the web, I can share them with my friends, assuming they're on services like Stellar and Favstar and Facebook with me.

Now, there are a couple of factors that make my favoriting behavior unusual, compared to normal web users. (Beyond the fact that I probably waste even more time on the web than most people.) First, my social graph is extremely distorted. I have a lot of Twitter followers, so many apps and services that use "popular" Twitter accounts as fodder for link/tweet popularity factor in my favoriting behavior disproportionately. I'm not quite a suggested user on Stellar the way I am on Twitter (since Stellar doesn't have that concept), but I do have an exaggeratedly prominent placement on that site, too, so the impact of my favoriting is amplified.

In short, favoriting or liking things for me is a performative act, but one that's accessible to me with the low threshold of a simple gesture. It's the sort of thing that can only happen online, but if I could smile at a person in the real world in a way that would radically increase the likelihood that others would smile at that person, too, then I'd be doing that all day long.

Further reading

• ToRead is To Be Human, from 2007, was about the fundamental optimism people have when they tag an article as something they intend to read in the future. Many people use favoriting this way today.
• An Interview with Paul Bausch that I did on the old Six Apart blog back in 2003. I've assigned the epithet "father of the permalink" to Paul for years, but in reality, just before Paul was implementing permalinks in Blogger, Jason was experimenting with them on Kottke.org. I think it's no accident that both are innovating on favoriting, Jason with Stellar and pb with continued experiments (some inane) on MetaFilter. Favoriting is the most fundamental, natural action to perform on the permalink, which is the atomic unit of content on the web.
• The Power of the Audience, from early last year, was the first time I really explored the idea of favorites as social, gestural feedback for creators. The situation here hasn't gotten much better since then.
• Actions are the Body Language. Back in 2008, I'd made a page to capture my social actions like favoriting, and wrote a bit about why. (The page of those actions is totally broken now, sadly, but being able to archive those gestures is one of the reasons I'm so passionate about making ThinkUp work well.)
• Matt Haughey's post on his feedback loops that he relies on online, from early 2010.
• And finally, last year at Web 2.0 Expo NYC, I asked API head Ryan Sarver why favoriting is an afterthought on Twitter, at 7:27 in this interview video.

I wish there were a website that just had "favorite" (or "like") buttons you could embed, without it being all tied in to all the other crazy stuff Facebook does. But I'd settle for someone hacking ThinkUp to better support archiving my Facebook "likes" so I'd have a record of all the things I enjoy on the web. Actually, what the hell: $500 to the charity of your choice if somebody wants to make that work. Plus, if you tweet about doing it, I'll favorite your tweet.

Clive Thompson's newest Wired piece argues that the flow of short-form messages as we see on Twitter and Facebook is encouraging longer meditations in other media. I've been thinking about this phenomenon for a while in terms of the impact that it has on me and other bloggers, with the simple premise that I'd like to be writing the content that everyone links to in those media, instead of merely passing around links to other people's work.

I alluded to that concept in the lengthy conversation I had with Clive for the piece, and he captured one of the key points I was trying to make:

“I save the little stuff for Twitter and blog only when I have something big to say,” as blogger Anil Dash put it. It turns out readers prefer this: One survey found that the most popular blog posts today are the longest ones, 1,600 words on average.

Now, while I'd like to self-servingly pretend that everything I say here is "big" in the sense of being important, really what I meant is that some ideas are just bigger than 140 characters. In fact, most good ideas are. More importantly, our ideas often need to gain traction and meaning over time. Blog posts often age into something more substantial than they are at their conception, through the weight of time and perspective and response.

And blogs afford that sort of maturation of an idea uniquely well amongst online media, due to their use of the permalink (permanent link), which gives each idea a place to live and thrive. While Facebook and Twitter nominally provide permalinks as well, the truth is that individual ideas in those flow-based media don't have enough substance for a meaningful conversation to accrete around them.

Felix Salmon touches on this point well in his recent post about the evanescence of Twitter debates. In the particular case he cites, Twitter is the medium that hosted important disclosures that could be material to a case that a current Supreme Court justice has said could impact a future ruling on free speech.

This means that, in an upcoming court case with the highest possible stakes for self-expression in our country, we may be relying on content that will soon be unretrievable by design. (That linked page shows that Twitter will only let you retrieve your last 3200 tweets.) If Kevin Poulsen decides to write 3000 more tweets between now and the time this theoretical case hits the Supreme Court, then we're relying on the (admittedly likely) chance that Twitter, Inc. makes an exception to its policy in order to provide this evidence.

If You See Something, Say Something

But usually, the stakes aren't as high as the future of free speech in America. Sometimes, we just have ideas we're pondering. Maybe we aren't sure of the full implications of something we've noticed, but we want to help catalyze a conversation. It's that sort of brainstorming that led David Galbraith to invent the most popular form of autobiography every created. I get to experience small versions of it myself, as when I noticed a small trend in people's observations about Google lately, which seems to have helped to promote the idea that maybe there has been an inflection point in the evolution of Google's ability to search the contemporary web.

Here's the important thing: The only reason I was able to synthesize those few perspectives is because they were blogged. Certainly, Twitter helped bring those ideas to my attention, and Facebook or any other stream-based service could have played that role as well. But because these points were raised by people I don't always read immediately, the persistence and permanence of their words, as uniquely provided by blogging, is what made it possible for a pattern to emerge.

Capturing those ephemeral moments of observation in a permanent and persistent form is essential for the ideas to mature into something larger. I'd hoped, when I first recommended that everyone consider Twitter a few years ago, that Twitter would emphasize those traits about tweets sent on the service, but until and unless their current design choices change, there's an enormous amount of cultural data that gets lost every day, simply by having been shared through a platform with those constraints.

The Perils of a Low Stress Environment

Now, Twitter and other stream-based flows of information provide an important role in the ecosystem. Perhaps the most important psychological innovation of Twitter is that it assumes you won't see every message that comes along. There's no count of unread items, and very little social cost to telling a friend that you missed their tweet. That convenience and social accommodation is incredibly valuable and an important contribution to the web.

However, by creating a lossy environment where individual tweets are disposable, there's also an environment where few will build the infrastructure to support broader, more meaningful conversations that could be catalyzed by a tweet. In many ways, this means the best tweets for advancing an idea are those that contain links to more permanent media.

Keeping Time

So, if most tweets are too ephemeral to reach their full potential as ideas, what do we do about it? Well, obviously, one big step would be to simply make sure to blog any idea that's worth preserving. It's perfectly fine to tweet about trivialities — I do it all the time! But if you're tweeting about your work, your passion, or something meaningful to you, you owe it to your ideas to actually preserve them somewhere more persistent.

And, of course, I should make a pitch that this is part of the reason I am so enamored of the work the ThinkUp community is doing. A free, thriving, powerful, relatively accessible app that archives Twitter and Facebook updates with a mind towards incorporating them into more persistent and meaningful media is an essential part of the ecosystem. This is especially true as political, social and artistic leaders start to rely on these ephemeral media, without realizing the cultural costs to those choices.

Given enough time, and without substantial changes to the way the big social networks work, if you didn't blog it, it didn't happen. In fact, I first wrote about this idea a bit on Twitter a few years ago. See if you can find it.

I'm quoted in today's New York Times, talking about how politicians in this year's election have had to confront their pasts, as shared through social networks:

“I think all of us know that politicians would have to confront the Facebook skeletons in their closet, but that it would be in 20 years, not in two years,” said Anil Dash, a technology consultant and pioneer of the blogosphere when it was just beginning in the late 1990s. “By the time the next generation comes into power, they’ll just assume this is how it’s always been.”

I feel pretty solid in saying that we all knew this reckoning was coming; I wrote about it myself in 2002 ("We're all celebrities now, in a sense. Everything that we say or do is on the record. And everything that's on the record is recorded for posterity, and indexed far better than any file photo or PR bio ever was.") and lots of other folks got there earlier than that.

But as I was trying to make clear in the Facebook Reckoning two months ago, this is a problem that disproportionately affects those with fewer social privileges. The rich can often hide their misadventures, and Ivy League graduates can innoculate themselves, as we saw George W. Bush do by calling all of his life before he turned 40 off limits, and as Barack Obama has done by writing a book that mentions the worst of his transgressions so that they'd be boring or considered "old news". Both politicians found great success in having their pasts ignored, if not erased. Frankly, I'm glad for that — I think the tradition of pre-emptive disclosure via analog methods sets a great precedent for others to have their digital pasts ignored as well.

There's also a real danger, though, in the vulnerability that digitally-savvy political candidates have here, that luddite candidates do not. I think it's no coincidence that every single pro-net neutrality candidate lost in last week's elections. There may have been many causes, but if push comes to shove, who's going to be the candidate with an embarrassing Facebook photo: The candidate who is an extensive user of social networks with a long-time history dating back to their young days of poor judgement? Or the one who knows nothing about technology, mistrusts it, and sees it only as a source of potential vulnerabilities? Simply not being afraid of technology may become a political liability if we continue to allow those who resent and fear technology to set the rules of engagement.

There's also the interesting, and consistent, media habit of blaming social networks for every unfortunate indirection that is brought to people's attention, even if social media wasn't involved at all. Take Blake Farenthold (please!). The Texas Republican was photographed in an unfortunate set of duckie pajamas, as illustrated in this brilliant Joe Coscarelli article and slideshow in the Village Voice, which collects all of the damning episodes outlined in the Times story into one perfect piece of linkbait.

But Farenthold didn't post the picture on any social network. As far as we know, no one did. It just got linked directly to the press. And, given enough privilege, that image can be suppressed quite effectively from the most prominent media venues around, just as Farenthold's incriminating picture never appeared in the New York Times. Farenthold won his district by 799 votes.

As ever, the best thing about blogging is the conversations it kicks off. Some nice responses to recent posts here and around the web:

• In a follow-up to Gourmet Live and Rewarding Experiences, Mathew Ingram of GigaOm ruminated a bit about magazine apps as walled gardens. Overall, Mathew's got a strong skepticism about a lot of efforts in this area, but I was pleased to see him say "About the only magazine that has taken any kind of creative steps in this direction with its iPad app is Gourmet magazine". Ron Mwangaguhunga of eMedia Vitals continued the conversation as well.

• A few weeks ago I was quoted in the New Yorker talking about Facebook and its impact on culture. In this week's issue of the New Yorker, I pop up again, but this time quoted in Ben McGrath's lengthy profile of Nick Denton. Spoilers: The piece closes with me asking, "Who has more freedom in the media world than Nick Denton?" People seem to like lines like that, as the quote popped up in The NY Times Dealbook blog and elsewhere.

• I argued with Malcolm Gladwell's assertion that social media can't be tools for real change. Eric Harvey offered a thoughtful, well-reasoned counterpoint to my piece, which is well worth a read.

• Last week, Twitter changed CEOs with Ev Williams focusing on product and COO Dick Costolo becoming the new CEO. ReadWriteWeb's Marshall Kirkpatrick examined the transition, with a nod towards my piece on ten years of history behind Twitter's senior execs.

• At Web 2.0 Expo here in New York last week, I did an interview with Mac Slocum of O'Reilly. While I included the video here in an earlier post, Mac revisited the interview on the O'Reilly Radar blog under the title "Why blogging still matters", focusing on one of the points that came up later in the conversation. It had been a long day with lots of different ideas flowing, so I'd nearly forgotten that we even talked about that, but now I'm pretty glad that part of the conversation was captured.

• I was a judge in the Apps 4 Africa contest which ended last week with some amazing winners, including my favorite iCow, which came in first place. You can listen to an interview I did with Future Tense about the competition, or check out this video of Secretary of State Clinton congratulating the winners:

• This past weekend, I attended the Open Web Foo Camp hosted by O'Reilly. While the camp itself is off the record, Scott Rosenberg did an admirable job of documenting one of the key themes of the event — whether the present "open" phase of the web is merely an aberration. I tried to use my access to influential open web advocates at Google, Facebook, LinkedIn, Twitter and other big web companies to push them to make their employers more open and to resist the urge to compromise on their principles despite the understandable pressure they must be under. Hopefully a little friendly urging can give them the support they need to make the right choices.

• Finally, with ThinkUp well into beta-testing and Expert Labs supporting its first deployment by Code for America, Gina Trapani and I joined John Moore on The Lab for a brief interview about Expert Labs and where ThinkUp is headed.

Okay, that's enough roundup of Other People's Content. We'll return to original content here again shortly.

In my blog here, I'm mostly a textual dude. I've made a few little video clips or animated .gifs over the years, but basically, I'm a writer. But today, today! We're going all futuristic streaming internet video with it. If you like it, then maybe I'll do more.

I got to be on The Pipeline, Dan Benjamin's awesome tech interview podcast (subscribe in iTunes, or download the MP3) and join the company of some amazing people that Dan's interviewed. I'm really pleased with how it came out, and if you've got an hour to waste, please do give it a listen. Tip: You can listen at double-speed on your iPod and only waste half an hour.

Then today, I had a great conversation with Ryan Sarver, who's Director of Platform for Twitter, as a keynote Q&A at the Web 2.0 Expo here in New York. We only had a short period of time, but I feel like we covered a lot of really interesting technical questions while considering them in a larger context.

Right after that, we continued the conversation by having Bret Taylor, CTO of Facebook, join Ryan and I. There, I tried to ask broader questions that applied to the efforts of both of these social networking titans.

Finally, I followed up with an interview about our work at Expert Labs, describing the mission a bit and hopefully offering a note of optimism about where Gov 2.0 is headed.

I like to play Words With Friends and Scrabble! Other folks do too. Sometimes I play well.

Finally, here's Jimmy Fallon and Justin Timberlake with a medley of great moments in hip hop history. I'm not involved in this, but I thought it'd be good if people could see why I like these guys, and also there should be something in this post that I'd actually enjoy watching.

Some great responses to, and extensions of, the things I've been writing about lately

• In response to Forking Is A Feature, Rafe Colburn offers up The cultural implications of forking, rightly pointing out, "Linus Torvalds didn’t set out to change the culture of open source software when he created Git. He was trying to efficiently manage the work being done on the Linux kernel."
• On a more personal level, Sumeet Jain talks about his first fork as a visceral experience. It's easy to talk about the abstract impact that forking has on culture, but far more profound to talk about the personal elation it can inspire. "When I saw that my tiny sliver of the open source pie was forked, I felt like I’d just shared in one of those excellent post-discovery high-fives."
• Building on The Facebook Reckoning, Alexandra Samuel wrote The Accidental Online Society, which I found extremely thought provoking:

  It may be fine for the market to pick the winners and losers of the next round of IPOs: for us to vote with our (virtual) feet in choosing whose particular worldview or neuroses will be part of our daily Internet use, and thus to decide which platforms and communities will thrive. But a “vote with your feet” policy is not a great basis for shaping a new set of cultural norms, particularly when so few people feel empowered to make conscious decisions about how to spend their time online, let alone see themselves as shaping a new online society.

• About a year and a half ago, I wrote about launching Last Year's Model. To my delight, the idea is still going strong, and others have explored similar concepts with more focused execution such as the Revive smartphone:

  [U]nlike other electronics, the revive smartphone was developed with re-manufacturing, re-use and recycling in mind. ... The phone itself is designed for easy disassembly allowing it to be recycled easily or simply upgraded through replacing different components. By combining this with simple software upgrades, users can continue to repair their phone rather than throw it out and buy a new one.The concept also includes a membership system that rewards users for keeping their phones longer. ... The backside is covered in a brown leather to reflect the lifespan of the device.

• That idea of using leather harkens to a key fixation of mine about digital devices: They should break in instead of breaking down. If our mobile devices are about rock and roll, they should be about leather and denim, materials that get better with age, instead of pricey, precious materials that demand reverence from us. I want a device that i own, not one that owns me. It's been almost five years since I first wrote about this type of design as a great way to compete with the iPod/iPhone/iPad juggernaut, and there's still nobody trying that hard, as Joel Johnson illustrates in his great explanation of why he loves costly, flawed, but still endearing wooden iPhone case.
• Interestingly, many of the lessons in Hospitality and Process are recapitulated more succinctly in this Forbes interview with Warren Buffett and Jay-Z. I've linked to the print version to minimize revenues for the sad-sack magazine that's given a platform to Dinesh D'Souza's idiocy, but this piece is actually worthwhile, and while it purports to be about the financial acumen of these two honorable gentlemen, it's more clearly a story about simple leadership.
• Finally, if you liked the diagram of the creative process outlined by Danc in his post I linked to in Hospitality and Process, then you'll be happy to know he's hung out his shingle as Spry Fox. Spry Fox follows a deeply collaborative model, where they don't bring all the talented people who build games on staff, but instead rely on a more networked concept where talent assembles for the duration of a project and then are free to work together again in the future. That's exactly how we put together the team we collaborated with at Activate to work on Gourmet Live, and it seems like it's going to become an increasingly popular way to attract the talents of extraordinary people in a way that both fosters collaboration and recognizes that true talents deserve a high degree of flexibility and control over their work and careers.

Blogging is that machine where you can put in a dime and get out a quarter.

There's a lengthy, excellent profile of Mark Zuckerberg, and by proxy Facebook, in this week's issue of the New Yorker, written by Jose Antonio Vargas. In it, I'm quoted saying about Mark, "If you are twenty-six years old, you’ve been a golden child, you’ve been wealthy all your life, you’ve been privileged all your life, you’ve been successful your whole life, of course you don’t think anybody would ever have anything to hide". That's an accurate quote, but there's even more nuance to my feelings about Facebook than merely remarking on the privilege of its CEO.

First, the requisite disclaimers: I like and use Facebook; I have many friends, including some good friends, who work at the company at all levels of its hierarchy. I've met Mark Zuckerberg a few times, and while we aren't friends, our few interactions have been nothing but cordial. My business partner Michael Wolf famously tried to acquire Facebook during his time at MTV Networks and thinks highly of Mark. The tech projects that I influence, from Gourmet Live to ThinkUp deeply integrate Facebook into their core functions. So I'm not a knee-jerk anti-Facebook reactionary.

The truth is, I care deeply about the culture of the web, and am concerned that many of the decisions Facebook makes are detrimental to its culture, particularly when Facebook inadvertently imposes an extreme set of values on its users without adequately communicating the consequences of those choices.

I'm not the first to raise these issues, particularly in the context of Facebook's stance on privacy. The cover of Time magazine a few months back was about Facebook's privacy issues. Mark responded with a lengthy and somewhat vague response to the concerns, indicating that he realizes the seriousness of the challenge these issues pose for the company. At the time, a scrappy upstart efforts called Diaspora* captured the imagination of those who are frustrated by Facebook's repeated inability to address these issues and raised nearly $200,000 from thousands of donors who hoped to sponsor a significant challenge to Facebook's domination of large-scale social networking. And of course The Social Network, the massive movie based on Facebook's early founding, is only two weeks from release.

But actually, I don't care that much about privacy.

I started blogging when I was younger than Mark is today, and have shared a lot more information publicly about every aspect of my life than he ever has. It's been eight years since I wrote about privacy through identity control, and the key point there seems as relevant today as it did then:

We're all celebrities now, in a sense. Everything that we say or do is on the record. And everything that's on the record is recorded for posterity, and indexed far better than any file photo or PR bio ever was. It used to be that only those who chose career paths that resulted in notoriety or celebrity would face having to censor themselves or be forced to consciously control the image that they project.

What I do care about is this company advocating for a pretty radical social change to be inflicted on half a billion people without those people's engagement, and often, effectively, without their consent. As we saw with the rollout of Facebook's user names feature, the tech industry is very poorly equipped to talk about complex issues of identity and strongly prefers to talk about companies and features instead of communities and choice.

Because, let's be clear, Facebook is philosophically run by people who are extremists about information sharing. Though I choose to talk about my politics, or my identity, or my medical history or my personal relationships, I can do so primarily because I have the privilege to do so thanks to my social standing, wealth, and the arbitrary fact of being born in the United States. I also have an identity that isn't considered offensive or off-putting enough to face serious repercussions.

But what if I weren't my own boss? What if my family couldn't accept parts of my identity? What if I weren't technologically savvy enough to know how to engage with all of the choices about public sharing that Facebook forces me to understand? What if it were important to my own personal identity that public representations of me be colored purple instead of blue, as on Facebook? It's easy to say all of our choices and all the aspects of our identity can be shared if we don't face any serious social or personal consequences for doing so. But most of us are not that fortunate.

I'd say today's story obliquely covers that as well.

Colors don’t matter much to Zuckerberg; a few years ago, he took an online test and realized that he was red-green color-blind. Blue is Facebook’s dominant color, because, as he said, “blue is the richest color for me—I can see all of blue.”

As it turns out, the way we can all express ourselves on Facebook today is literally constrained by the limits of what Mark Zuckerberg can see. I've been in environments that were constrained in similar ways; The first time I entered the Harvard Club here in New York City to visit with a friend, I felt very acutely the implicit judgments of an environment where the fact that I don't have a college education was considered a relevant way to judge my identity. And though I use Facebook, I don't ever forget that it was conceived as a private club for members of the Ivy League as well.

Perhaps by engaging more with its users in an honest way about its radical stance on public sharing, and by clearly articulating the social costs that can arise from that stance, Facebook can become as truly inclusive as it strives to be.

Update: We've got some results already! Joseph Scott at Automattic mentions in the comments that he's added RSD support for the Twitter API to WordPress.com. I should also make clear that I am very confident that we'll be building apps on top of this API at Expert Labs, so insofar as I'm the Director of the labs, I've got a vested interest in seeing efforts around an open API succeed.

Twitter's API has spawned over 50,000 applications that connect to it, taking the promise of fertile APIs we first saw with Flickr half a decade ago and bringing it to new heights. Now, the first meaningful efforts to support Twitter's API on other services mark the maturation of the API as a de facto industry standard and herald the end of its period of rapid fundamental iteration.

From here, we're going to see a flourishing of support for the Twitter API across the web, meaning that the Twitter API is finished. Not kaput, complete. If two companies with a significant number of users that share no investors or board members both support a common API, we can say that the API has reached Version 1.0 and is safe to base your work on. So now what?

How We Got Here

Like a lot of folks, I've been thinking out loud and pondering the future of Twitter and open web APIs pretty much all year. Some key ideas have bubbled up:

The Pushbutton Web:

[A]ny site or application can deliver realtime messages to a web-scale audience, using free and open technologies at low cost and without relying on any single company like Twitter or Facebook.

The Web Way vs. The Wave Way

• Upgrades to the web are incremental.
• Understanding new tech needs to be a weekend-sized problem.
• There has to be value before everybody has upgraded.
• You have to be able to understand and explain it.

Those posts from this summer show that the ideas behind the Twitter API's "overnight" ubiquity have been kicking around in developer circles for months, if not more than a year. Finally, though, we have shipping examples of broad adoption of an API that's lightweight and suitable for today's most interesting applications. It's not just that Twitter's realtime, though of course that is compelling, but also that these APIs are simple enough for weekend hackers to build interesting projects on, and that they're easy to implement even on mobile devices and in almost any programming language.

So, today, we have support for the Twitter API from Twitter (of course), WordPress and Tumblr. I know I saw folks working on this for TypePad's free service when I was at Six Apart, so I'd assume they just wanted to finish OAuth support before supporting it as well. (See below.)

Of course, I don't need to make any suggestions to developers about what to do with these APIs — I'm sure the gears in everybody's heads are turning about cool new applications to build. Instead, I'd like to make a series of suggestions for the entire Open Twitter API ecosystem, based on what we've learned from past successes and failures in APIs around blogging.

What Server Developers Should Do

• Please please please support OAuth: It's egregious that the newest implementations of the Twitter API are stil encouraging people to share their passwords with third-party sites. Five or ten years ago, this was common practice in APIs because we didn't have better options. Twitter started out using shared passwords, but mercifully has started to bring OAuth support online. But for new services to be encouraging the horrible practice of users entering their passwords into every application willy-nilly is just unacceptable. I think we have a two-week window or so within which the new services supporting the Twitter API could announce their intention to support OAuth and really catalyze client developers into doing the wrong thing, but I fear we may lose another generation of API evolution to this terrible practice. If just one or two services announce intent around OAuth by the end of the year, client developers will follow — if you use WordPress or Tumblr, encourage your service provider to do this. (This is usually where I'd insert a dozen examples of how sharing passwords screws users, services, and the ecosystem, but I know that developers often just use shared passwords because they're lazy. Do the right thing, guys. The client devs will follow along.)
• Support Really Simple Discovery: The RSD format isn't sexy by today's standards, but grew organically out of some smart thinking from when blogging APIs were at the same state of maturity as today's tweeting APIs. Instead of reinventing the wheel, developers should look at supporting RSD and looking for something like a "tweetsapi" endpoint for these new services. That way, any arbitrary site can advertise that it supports the Twitter API, or even future versions of an open MetaTweets API. Pay attention to which APIs are listed as "preferred".
• Think about overloading of source: The source element of status updates in the Twitter API is very interestingly open-ended, and supports use of URLs. Instead of merely advertising your client app, smart use of rel attributes and URLs here could help bootstrap some very interesting new potential.

What Client Developers Should Do

• Support RSD: Same logic as above.
• Start sharing parsing libraries: Client devs going to be doing a lot of duplicate work to parse out URLs and usernames and hashtags and maybe even slashtags. But almost every scripting language supports some similar variation on regular expressions, and if you're using that method to tease out meaning from short messages, then lighten your burden by sharing the load. John Gruber's work to share his URL parsing rules should be a model for a dozen other GitHub projects — compete on features and execution, but not on these fundamental interpretations of text.
• Build in the big services, but support the little ones: You'll naturally want to offer menu options for users of the big, centralized hosted services. But (perhaps as part of supporting RSD), you should allow for all of us to have arbitrary Twitter API endpoints on our own domain names — this is good for the web!

What Every Developer Should Do

• Think about piping Twitter API endpoints together: I think it will be common for some kinds of applications that support the Twitter API to be both clients and servers, supporting piping content through, and perhaps applying transformations to the updates. This idea of daisy-chaining services together is likely only going to happen if a lot of parts of the infrastructure support OAuth well, but has the potential to be truly revolutionary if the ecosystem allows it to happen.
• Start looking at people's firehoses: Twitter's firehose of all status updates is about to be broadly available for developers, I know about the free TypePad firehose from my time at Six Apart, and I think WordPress will sell you access to theirs, but I haven't yet been able to find a reference for one for Tumblr. No matter — we should assume that free, open versions of these are coming, and start to figure out how to encourage similar collaboration around the reading side of things, now that the writing side of things is getting hashed out.
• Consider adopting a "+2 Rule": The natural inclination right now for geeks of a certain type is to start dreaming up new standards bodies, or how they can participate in the Open Web Foundation to make a Super Awesome Twitter API Evolution Committee. Here's my recommendation: Don't. Don't do any of that shit, and don't run off to make membership badges for the Treehouse Club quite yet. Instead, just iterate and ship. Keep making new apps and see what you can do to stretch the limits of the existing methods and structures. I love the new geocoding and contributor aspects of the Twitter API, but as I said at the top of this post, I think the period of rapid iteration on the core Twitter API is ending, as new efforts going forward will have to reach consensus.

The good news is, consensus around evolution of the Twitter API can happen simply by saying to each other, "If two application developers who share no common investors or board members can reach agreement around an extension to the API, and between them they have a significant enough number of users to be relevant, then we should all just adopt their work."

This is important because it reframes the conversation from being about technical merits, and all the boys who like to play with APIs always think they know what's "better". I'm sure if I wanted to waste an afternoon, I could tell you a dozen ways in which the Twitter API could be "improved". But guess what? That shit does not matter. Adoption matters, and I'm heartened by the fact that people seem to be getting that.

So, get to work! Please give me feedback if I'm wrong or being stupid about one of my recommendations, but if not, then just start hacking. Stop encouraging people to share passwords, start encouraging services to share tweets, and let's all join in a hearty session of finger-pointing and mockery in Facebook's general direction for their sense of Not Invented Here having overshadowed their opportunity, because they could have really clearly done an "embrace and extend (and extinguish)" on the Twitter API if they hadn't wanted to make their own system a year ago, and now they've lost that power.

Finally, thanks a lot to Dave Winer for essentially inspiring a lot of players in blogging to move towards embracing the Twitter API. Sure, lots of us had the idea, and I've spent a lot of times in meetings arguing for this stuff across the industry, and Automattic and Tumblr and others were brave enough to embrace it. But I don't think anybody's done more to publicly advocate for an open Twitter API than Dave. I'm glad we've evolved as a community to the point where these kinds of breakthroughs aren't the contentious, immature shitfests they used to be.

I've really been enjoying the response to my recent blog posts — here are some more thoughtful replies.

Rafe Colburn, one of my favorite bloggers for a decade now, followed up my Apple and secrecy post with "Apple vs. my preconceived notions":

In one scenario, this is a bubble of sorts. Apple may be doing OK now, but they’re headed for a big crash when people get sick of their behavior. In another scenario — one that I think is, sadly, more likely, Apple continues as they are, adjusting when it must to address reality, but only in the most minimal way.

I've also really been enjoying watching Dave Winer's work recently. In the past we were both too young and stubborn to realize we're amused by a lot of the same things (There's my refrain of "We hate most in others that which we fail to see in ourselves" again!) but these days it is just plain entertaining to watch Dave go. My amusement is amply covered in "Anil's belly laugh", which mentions my response to Dave's latest bit of hacking. As I mentioned on my Twitter account, I also recorded an episode of the Bad Hair Day podcast with Dave and Marshall Kirkpatrick last week.

Speaking of podcasts, This Week in Google is a new one featuring Leo Laporte, Jeff Jarvis and Internet Hero Gina Trapani. This week, they had a very nice look at The Pushbutton Web towards the end of the show. I'm delighted how many people have told me they found that post valuable or useful in talking about this whole area of innovation. Since I'm a lousy coder, writing blog posts like that is the most helpful thing I can do.

Finally, as it's come up in several contexts lately, it's probably worth repeating the key point of a post I wrote two years ago, which attracted some attention then but is probably even more relevant today. The core concept is about "The Watery Web":

It's not true to say that Facebook is the new AOL, and it's oversimplification to say that Facebook's API is the new [MSN] Blackbird, or the new [AOL] Rainman. But Facebook is part of the web. Think of the web, of the Internet itself, as water. Proprietary platforms based on the web are ice cubes. They can, for a time, suspend themselves above the web at large. But over time, they only ever melt into the water. And maybe they make it better when they do.

Thanks, as always to people who've responded to what I've written, and especially to all of those who've taken these posts as starting points and expanded the ideas into some truly inspiring creations.

From my Facebook Usernames post on June 10:

July 31, 2009: MySpace announces MyAddress, a feature for providing more control over the URL where your MySpace profile appears. Instead of constraining users to a few choices as Facebook does, MySpace gives users very broad control over what kind of address they can have. As a result, users pick web addresses that exactly match their obscure handles on the service, instead of using their real names.

From TechCrunch today, talking about MySpace's announcement for July 31 (emphasis mine):

Here’s what else is nice: Because MySpace has had so-called vanity URLs since its inception (unlike Facebook, which just rolled out the feature), you can use those as your email address with the new MySpace Mail. So for a page that resides at myspace.com/techcrunch, the email would be techcrunch@myspace.com, for example. And, if you don’t like the vanity URL you currently have, MySpace is giving you the opportunity to change it to something else (assuming it’s available). This would also change your vanity URL for your profile.

I love the tech industry. I really do.

There have been a lot of great conversations around and about some of my recent posts; Here are some highlights.

My post about Google's Microsoft Moment seems to have really struck a nerve. First amongst the responses, from my perspective, is prominent Googler Matt Cutts' "Why Googlers should read Anil Dash's post. The open-mindedness and willingness to take constructive criticism that Matt shares with a number of his colleagues at Google (I'd also highlight Karen Wickre, who helps lead Google's efforts in blogging and on Twitter) are going to be the factor that decides whether or not Google falls prey to the dangers outlined in that essay. Matt concludes his comments with a simple, and inspiring exhortation:

Googlers, ask yourself how you can help make another one of those moments where you’re proud to work at Google. I think those moments are a great way to keep from becoming just another large company. And if Googlers are open to posts like Anil Dash’s, the web is tell us tons of things it wants us to do, or how to do them better.

Some other notable conversations around these ideas popped up as well:

• The presciently-named (but independent) Google Operating System blog offers up Google's Changing Corporate Culture.
• Ex-Googler, current FriendFeeder and all-around good guy Kevin Fox takes issue with some of my points in Google's Apple Moment. Kevin raises the point that a lot of Googlers did: It's okay for Google to have two different operating systems because they serve two different markets. I don't disagree — I did ask in my original essay "If the keyboard works with my fingers instead of my thumbs, I should use Chrome OS and not Android?" and folks at Google have already responded to me privately with, in effect, "Actually, that might not be such a bad way to put it..." My point, though, was not that it doesn't make good technical sense to have these systems. Rather, that sort of roadmap complexity makes it hard for casual outside observers to believe that their needs are being put ahead of the company's platform ambitions. I'll chalk up the lack of clarity there to my own poor editing and the fact that John Gruber highlighted that bit on Daring Fireball, which may have put more focus on what was a relatively minor point.
• I loved, and totally agree with, Mini-Microsoft's Microsoft Has Turned The Corner. This makes explicit what was part of the subtext of my essay: Even Microsoft doesn't do this kind of shifty crap anymore, if they can help it. And to their credit, Microsoft since Ray Ozzie's ascension has also seemed to regain their ambition and clarity around creating innovative products. I'm not sure if that's correlation or causation, but it's good to see regardless, and this is a post well worth reading in full.
• One of my favorite bloggers, Mike Masnick of TechDirt, asks Has Google Reached The Perception Tipping Point? The post consists of the single word "Yes." Okay, not really, but it's still thoughtfully argued and especially highlights Google's recent track record in the area of intellectual property and DRM, which is TechDirt's strongest suit.
• Finally, a couple more mentions in bigger media: BusinessWeek's Rob Hof offers up a critical look at Google's strategy, which is a welcome change from most mainstream press that tend to slavishly puff up any pronouncement of this scale that comes out of the tech industry. Similarly, Alex Pham at the LA Times puts the Chrome OS story in the context of Microsoft's Office 2010 announcement today. Matt Asay has an even more skeptical take over at CNET. And finally I thought MG Siegler's brief post about the back-and-forth between me and Matt Cutts offered up a nice perspective on the perils and potential of this inflection point in Google's evolution.

Here's a two-fer: Chris Anderson's CNN Commentary on Google, Microsoft, and Free. Chris ruminates on whether the tech giants' habit of entering new markets with free products funded by the obscene margin they make in their primary lines of business is going to face legal scrutiny in the future. Recommended if you liked either Google's Microsoft Moment or Free Criticism, Science After Data and Airport Books.

Reason mag's Tim Cavanaugh had an amusing riff that referenced that post of mine from the other day: Resolved: The New York Times Should Be Staffed By Volunteers, Like Meals On Wheels. I thought it was a fun read, at least.

And if you're seeking out even more comment on these topics, Silicon Alley Insider has a pretty fun thread in response to my Free Criticism post, along with a slightly more inane one in response to last month's post about The Future of Facebook Usernames.

Finally, some stuff that's actually related to my day job:

• Tony Dearing at AnnArbor.com has a really smart take on a conversation we had about what that site is doing to make a real community-focused local news website. I think the current AnnArbor.com team has the best chance at success of any of the dozens of similar efforts I've seen over the past several years.
• In a similar vein, Ken Edwards has a detailed look at what it's taken to build the new BG Views community at Bowling Green State University. It's always fun to watch a project like that from afar and get to see a new community take off.

Thanks to everyone for great comments on my previous posts, and even more for the inspiring conversations that have happened around these topics. And a specialy thanks to the many of you who've shared links to these pieces on Twitter: @padmasree, @timoreilly were instrumental in kicking off the broader conversation around the recent Google post, and it was really gratifying to see @wilw find a quote in my Free Criticism essay that really seems to have struck a nerve.

The whole world A small number of super-geeky obsessives is abuzz over the upcoming launch of Facebook Usernames, an exciting new feature that will let you put some parts of your name into a web address.

June 13, 12:01am: Facebook launches Facebook Usernames. The gold rush is on!

June 13, 12:01:45am: The first completely irrational, highly unlikely theory about how Google indexes Facebook Usernames is emitted from the ass-end of the SEO industry.

June 13, 12:02am: An enterprising and mischevious nerd who is definitely not me squats on the username of a notable tech trade reporter like Michael Arrington.

June 13, 12:06am: The Facebook username system starts getting overloaded with new registrations, but their tech team clears it up in 20 or 30 minutes, for a total period of slowness of about 35 minutes.

June 13, 12:15am: A first wave of "It's alive! Go get your name!" posts go up on various technology blogs, noting that the service is running a little bit slow. None of these posts mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook.

June 13, 12:45am: TechCrunch discovers that one of its writers can't get his preferred spelling for his name, and notices that registrations in the system are running a bit slow. A Twitter search reveals four other people discussing the same problems, and one person that can't get to the feature at all. The phrase "The Facebook Username debacle" is first used, and becomes the preferred sobriquet for the feature forevermore. 70% of commenters mention that "Facebook Username" can be abbreviated "FU", and each thinks he is the first to think of it.

June 13, 1:00am: #FUFacebook becomes a Trending Topic on Twitter. People who are presently whining about how expensive it is to buy a new iPhone because they bought a new iPhone last year will have the chance to see how obnoxious and overprivileged they look, but will not take the opportunity.

June 13, 9:00am: The first mainstream coverage of the feature happens in the New York Times, which includes a one-line mention of the launch in a lengthy feature about Twitter's Verified Accounts. The story includes a colorful illustration of Kanye West, but omits any mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook.

June 13, 12:01pm: Twelve hours after launch, a passionate and vitriol-filled flame war erupts amongst web protocol nazis about exacly which 300-series HTTP header should be used to redirect from the old /profile.php?id=500012896 URLs to the new system. Mark Pilgrim writes an overwrought essay on the topic, and 300 Ubuntu users on netbooks use their free hand to Digg the post. For these nerds, "The Facebook Debacle" refers to the improper headers used on the redirects, instead of the few minutes of difficulty in registering names.

June 13, 12:01pm: Within twelve hours of launch, the OpenID community will quietly reach out to Facebook, asking about their plans to have Facebook Usernames become an OpenID provider. Facebook will decline to comment, Simon Willison will write a thoughtful and persuasive essay about the benefits to Facebook if they were to embrace such a thing, and Andy Baio will politely link to it on Waxy Links. Months later, Facebook will actually implement the feature. For this community, this cordial and fruitful exchange will be referred to "The Facebook Debacle".

June 13, 3:00pm: I tweet a link to my post about owning your identity online. The few folks who read it seven years ago nod in agreement, and everyone else considers reading the short bit.ly URL to be equivalent to reading the post.

June 13, 4:04pm: A white guy named David discovers every variation of his name on Facebook is already taken, and finally reconsiders the condescending contempt he's always had for black people who give their kids unique names. This tiny bit of racial reconsideration is the only unequivocally good news to come out of the Facebook Usernames launch.

June 15, 8:00am: A short and punchy Monday morning story about Facebook Usernames appears on USA Today's website, omitting any mention of the word "debacle", but dwelling heavily on the preponderance of URLs with "Hussein" in them. This vestige of the Presidential elections, which briefly convinced college kids that changing their middle name on a website was a form of political activism, is promptly interpreted as an Al Qaeda sleeper cell movement by most of the paper's print readers.

June 15, 9:00am: In its opening weekend, between four and five million people (or between two and three percent of Facebook's ostensible population) will have registered Usernames for themselves. Tech pundits will say "everyone has a Facebook Username now" and refer to that assertion as an article of faith in future posts about identity. It will not be until 2012 that Facebook supports the full range of diacritical marks and international characters that let the other 5.5 billion residents of Earth use their name as a username, but this fact will go unreported.

June 15, 11:00am: In response to the growing buzz on TechMeme about "The Facebook Debacle", Mark Zuckerberg posts on Facebook's blog with the news that the company has created the Facebook Username Dispute Resolution Community. This group is tasked with creating a policy for arbitrating who can get what names, how conflicts between different people's usernames are resolved, and how to report squatting of usernames. The post omits any mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook. Over the course of its 18-month existence, the FUDR Community will attract thousands of comments, 80% of which ask for The Old News Feed back, and 85% of which contain one or more typos or deviations from standard spellings of English words.

June 15, 1:00pm: LinkedIn posts a thinly-veiled but very smart update on their company blog that happens to mention in passing that they've had friendly usernames as an option for URLs for years, and that it's more likely you want to show your professional profile to the world as the first Google result for your name. The post omits any mention that you can also register a real domain name that you can own, instead of just having another URL on LinkedIn.

June 15, 1:30pm: The Google Profiles team will write a post that features a bad pun in the headline, ostensibly serving to announce some minor recent feature update, but in reality just trying to remind people that hey, you can get a Google URL. The post omits any mention that you can also register a real domain name that you can own, instead of just having another URL on Google.

June 15, 2:00pm: An enterprising young web hacker will realize that there are 24 items in this list, which means that if you add in a free space, you can very easily turn this post into a 5×5 Facebook Username Bingo Card. Combined with the Creative Commons license on this blog, it makes for a fun idea and a Flickr Pool pops up for people to show the FU Bingo cards they've generated.

June 15, 4:00pm: The first web-savvy celebrity in Hollywood will hold a meeting with their marketing team about what it will take to get their preferred username. During this meeting, the smartest person in the room will try to explain the difference between a profile page and a fan page, why there are different processes for getting vanity URLs for each, and why a person or brand doesn't have control over all the fan pages that can be created about them. That person will be ignored by everyone else for the duration of the meeting. The issue will be ignored by Facebook for nearly a year.

June 16, 10:00pm: The Domai.nr guys release a service that lets you sign in with your Facebook Connect account and automatically find what variations of your name are available as real domain names. While the feature is cool and works well, the team struggles to get press coverage for the launch, since it's predicated on the idea that you can register a real domain name that you can own, instead of just having another URL on Facebook.

June 19, 9:00am: The Bureau of Labor Statistics will announce the unemployment numbers for May, showing a loss of 660,000 jobs, with 1/3 of them being white-collar jobs. Coincidentally, 220,000 unemployed professionals will realize to their horror that their Facebook profile now ranks above their LinkedIn profile if a prospective employer googles them, and that they have no idea how to use Facebook's privacy settings.

July 31, 2009: MySpace announces MyAddress, a feature for providing more control over the URL where your MySpace profile appears. Instead of constraining users to a few choices as Facebook does, MySpace gives users very broad control over what kind of address they can have. As a result, users pick web addresses that exactly match their obscure handles on the service, instead of using their real names.

February 15, 2010: Microsoft launches a similar URL service for usernames, providing friendly URLs for millions of people on Windows Live and XBox Live, and providing the feature to more people in one day than Facebook has succeeded in delivering usernames to in eight months. Because the announcement goes out on President's day, and because it's Microsoft, nobody really notices except for a two-line mention on Mashable, half of which is a joke about Bing. Both Microsoft's own announcement and the Mashable post omit any mention that you can also register a real domain name that you can own, instead of just having another URL on Live.com.

October 31, 2010: AOL has an internal meeting about providing friendly URLs to users of AIM and Bebo, and make a bold decision to put it on their 18-month roadmap.

I hope you find this overview of the future timeline of Facebook Usernames useful to understand where this exciting feature is going in the future, how our industry will adapt and respond to this sort of innovation, and how our tech trade press will hold the powerful company's feet to the fire as this sort of capability becomes mainstream in the years to come.

And oh hey, add me as a friend on Facebook! Or become a fan of mine! Or something.

This one's been kicking around in my head for a while, and maybe you can all help me understand it. With any contemporary social networking site, I can control who has access to the things I share, and I can update or change or revoke the relationships that enable that access at any time.

For example, I can share a photo on Flickr with just my friends, or a post on Vox with just my family, or display my profile on Facebook to just my contacts. And then, if somebody ceases to be my friend, I can change their status and they no longer have access to that information. It's a unliateral, technologically enforced restriction, and circumventing the restriction would be tantamount to hacking and likely to get you banned from any of these services.

So, with all of that being said, how are privacy settings on social networks different than DRM restrictions placed on media content files from companies? Is it because I'm not a corporation? Is it because the DRM technology is provided by Flickr or Facebook instead of by Apple's iTunes or Microsoft's WIndows Media? Is it because I only (theoretically) grant permissions to dozens or hundreds of people, instead of millions?

This is a genuine question, because it's something I'm not sure I know how to articulate. I can certainly identify the difference in intent, but I am not sure I can explain the difference in definition. Feel free to comment here, or post a link or reply to @anildash on Twitter and I'll collect the best explanations I get.

I've seen a number of people make reference to Facebook's application platform without knowing a lot of background about some historical examples that might be useful to learn from. So, since I remember a good bit of info about these things, I figured I'd share it for future reference.

In 1995, Microsoft believed that its proprietary development tool, codenamed "Blackbird" would be the dominant platform for creating rich online experiences. While it would eventually evolve into a tool that created reasonably standard HTML, Blackbird's ability to make attractive and pleasing aesthetic experiences for MSN was considered a no-brainer to replace regular HTML for anything that needed to seem polished. It wasn't an unreasonable assumption at a time when most browsers were showing ugly text on a plain grey background with almost no advanced layout or design.

In 1999, AOL believed that its proprietary development tool, called RAINMAN (Remote Automated INformation MANager) would be the dominant platform for creating rich online experiences. While it would eventually be replaced by tools that created reasonably standard HTML, Rainman's ability to make attractive and pleasing aesthetic experiences that integrated seamlessly into the AOL client was an effective replacement for HTML for tens of millions of users who wanted a polished and social first experience on the Net in the late 90s as they first got online. This wasn't an unreasonable constraint to impose on the experience at a time when having a rich interactive experience meant downloading complicated browser plugins for video, or configuring temperamental client software just to read email.

AOL was always secretive about Rainman, and remains so to this day, even though Rainman has been largely retired in favor of standard HTML, which has let AOL open up much of its proprietary content to the public web. But Microsoft really wanted to get the word out about Blackbird. There were even conferences for developers, to promote Blackbird for their applications. Ironically, MSN would reverse direction from Blackbird almost immediately after launch, eventually building much of its original content around a small vector plugin called FutureSplash. One big reason you have Flash in your browser right now is because MSN aggressively distributed millions of copies of the FutureSplash plugin with all of their client software, and eventually, with Windows itself. But that's a whole 'nother story.

Back in late 1995, the venerable Release 1.0 newsletter offered an analysis of Blackbird that's well worth reading in its entirety. Some highlights:

Microsoft's challenge is to make MSN flourish soon, so that it won't be eclipsed by more open systems, making Blackbird irrelevant, or at least obsolescent. ... The question at hand is whether Microsoft's networked-application architecture makes it beyond MSN's walls and becomes more commonly used. The innovations Netscape is introducing, described above, make this a difficult task. This is where the battle between proprietary operating systems and the Internet is being fought.

...

Microsoft wants Blackbird to be an inviting environment for third-party tools. The pace of technological change will help. Connectivity will change all standalone applications, making many obsolete. With Blackbird, Microsoft is attempting to offer traditional Windows applications a viable path to re-create and re-validate themselves in the networked world. ... Blackbird has its own representation format, the Blackbird Markup Language (BML), which is a variant of HTML enhanced to be OLE 2.0-aware.

In 2007, Facebook has released its proprietary development platform, codenamed F8. Blackbird was to provide better presentation, and Rainman promised better social abilities, than open standards of their time made possible. F8 promises a combination of both aesthetic and social capabilities, with the key feature of the platform (presented as an "innovation") being the social APIs for friends lists. F8's ability to create broadly-distributed social applications that integrate seamlessly into the Facebook environment offers an experience that, for now, exceeds what publicly-available social APIs can do. It's not an unreasonable behavior that people are building and using applications on the platform today.

• Just like Blackbird, Facebook's APIs offer more features than the available open standards do today.
• Just like Blackbird, Facebook's APIs have inspired conferences and development toolkits and a lot of reactive responses in the industry.
• Just like Rainman, Facebook APIs offer native integration with social functions like buddy lists.
• Just like Rainman, the user experience for integrating those applications is far easier than the equivalent behavior on the open web.
• Just like Rainman, Facebook's APIs support applications that have millions of users, users that the conventional wisdom says could never be displaced.

It's not true to say that Facebook is the new AOL, and it's oversimplification to say that Facebook's API is the new Blackbird, or the new Rainman. But Facebook is part of the web. Think of the web, of the Internet itself, as water. Proprietary platforms based on the web are ice cubes. They can, for a time, suspend themselves above the web at large. But over time, they only ever melt into the water. And maybe they make it better when they do.

Some links:

• We're opening up the Social Graph. Six Apart, where I work, is committed to helping create, promote, develop for, and popularize the open standards that will be needed for helping grow social platforms from Facebook or anyone else.
• The O'Reilly Radar Research Report on Facebook's application platform. Interestingly, given the Release 1.0 report I quoted above, that publication has evolved into Release 2.0, which is now an O'Reilly publication.
• Jason Kottke on "Facebook vs. AOL". He covers much of the fundamentals that I've discussed here, and helped inspire me to offer some more concrete examples of the history of these sorts of efforts.
• Somehow I'd missed it at the time, but Scott Heiferman had drawn the analogy to Rainman first. I still feel people aren't very familiar with that point in web history.
• Graphing Social Patterns, the conference on Facebook and its applications that Dave McClure is currently hosting.
• The circle of web life, another similar historical lesson.