Secrets and Lies

It's not secret that Google uses data it knows about me and my contacts, or the subjects I email about with those contacts to customize the advertisements that appear on Google pages when I'm logged in. And I feel as if I have given them, perhaps implicitly, but concretely, the go-ahead to do that, regardless of what I've accepted (or not) consciously in reviewing their Terms of Service.

In social situations, it is often the ability to keep a secret that determines the course of a social relationship. Secrets are shared as a way of building those relationships, and the ability to maintain shared secrets builds shared trust.
When Google Buzz exposed my list of frequently emailed contacts as a social network, they violated my trust that they could keep a secret.

Abstractly, I think it's a cool idea to build a social network for me, based on data inferred about my communications with Google contacts.

And similarly, I can see how, abstractly, it's a good idea (from a Google perspective) to make your social network public so that other people can more easily, and socially, find people to connect with.

When you combine these ideas, however, you violate the basic social need for secrets to be maintained.

Whether Google is, as some people think, lying, that this was a genuine mistake, or was simply socially inept in combining these ideas doesn't matter.

I expect Google to quietly mine my data and use that to provide me better service (while also making them money of course), but I don't expect them to reveal either accidentally or on purpose anything that I consider to be secret.

People who can't keep secrets aren't usually treated very well by those whose secrets were revealed.

Black Steel

I got an email from Microsoft the other day
I opened and read it and it said they were suckers
They wanted me for their army of Win7 users
But Vista don't work yet on my Thinkpad -
I said never!

(with apologies to Chuck D and Tricky)

The Buzz about Google Buzz

The release of Google Buzz has caused a fuss - The New York Times talks about the invasion of privacy. Twitter is all a-buzz with anti-buzz tweets.

But what exactly is all the fuss about? After all, your Facebook friends list seems to be default public. Your Twitter following and follower lists are always public.

Surely your expectation of Google Buzz should be that your social network is public - it's the new black, isn't it?

So what's the problem here exactly?

Previously, I've used Gmail infrequently, and basically just for chat and email with the small number of people I know who also use Gmail.

So, until Buzz, I gmailed and gtalked only with a very small number of people.

On day 1 of Google Buzz, Google made that list of people public by default. They created my "social network" by exposing what amounts to my email/chat log - the people I actually do network with socially - not some random group of people who vaguely want to keep in touch with (Facebook) or some group of people whose status updates I find interesting for one reason or another (Twitter).

They publicly exposed a list of people I actually talk to.

Of course, I closed the loophole quickly by changing my Google profile to not show my list of following/followers, but still - will everyone be so careful? Probably not - difficult to believe that Google didn't think of that beforehand either.

They used their knowledge of my email contacts to reveal my social interactions. Google abused that knowledge, and my trust that they would not abuse that knowledge.

Now I know why Zuckerberg and Schmidt talk about the "end of privacy, so just get over it"; they're actively working to erode it.

Markup Languages Family Tree

Building Tracemonkey

I tried to build Tracemonkey today. But the instructions given in John Resig's post about TM didn't work for me.

Instead, after I'd cloned the repository and attempted to build:

hg clone http://hg.mozilla.org/tracemonkey/
cd tracemonkey/js/src
make -f Makefile.ref BUILD_OPT=1

I got some errors, starting with the cryptic:

jsinttypes.h:113:2: error: #error "couldn't find exact-width integer types"

So, I tried the following instead:

autoconf2.13
./configure
make
shell/js

Which gave me a running Tracemonkey shell.

The Future of Mobile Social Networking

My position paper, co-authored with Franklin Reynolds is now available on the workshop site. If you're a W3C member, you can take a look...

Holding back the waves?

Roy has spoken. Paul, Dave and others have attempted to interpret. Unfortunately, there are many who don't have time to listen, are not interested in listening, or do not possess the necessary understanding.

For those people:

• REST is not SOAP
• REST means GET and POST, maybe HEAD, but likely not PUT or DELETE.
  
• REST means using URIs to identify some, but not all things
• RESTful API authentication involves OAuth or something similar - what, after all, is the other "officially" RESTful way of doing API authentication?
• REST usually means putting "custom HTTP header" information in GET query parameters or the POST body, to avoid defining... custom HTTP headers. Which method is best? The answer varies, depending on your situation.
  
• REST means returning a custom XML format, but I might be able to (ab)use Atom, and JSON, because it works well with Javascript.
• What is HATEOAS again?
• REST is most usefully practiced on rest-discuss
  

Roy owned the meaning of REST when he coined the term. But is it not simply holding back the waves of democracy in attempting to wrest the meaning back from all those who now claim to be RESTful?

But maybe the real problem is that no significant application design problem can be solved simply by "using REST". The answer involves actually understanding your design constraints, and meeting real requirements with real solutions.