Home

Open Social Networks: LiveJournal Leads The Charge -- Off A Cliff

August 22, 2007 - 10:52am — bex

Apparently Brad Fitzpatrick, creator of the Live Journal blogging toolset, has published a "mini manifesto" about the need for open social networks. I'd suggest he get in touch with Armand du Pless, and check out Identitude... its a good first-step to breaking down the walled garden at Facebook.

Its a great idea that many bloggers have mentioned before... but there are subtle problems with it...

Personally, I'm sick of social networks trying to be all things to all people, and being greedy with their information. MySpace and Facebook are still mainly for kids... although Facebook is trying hard to reinvent itself to include grown-ups as well. This strategy will haunt them, because once kids see their crazy uncle Sammy on what's supposed to be their social site, Facebook will cease to be cool.

Ugh... seeing your parents on Facebook is like bumping into them at the mall... Imagine a tragically hip mother uttering to her teen daughter "I use Facebook too!" Dude... nails on a chalkboard. Why has Facebook ignored the #1 rule: responsible adults are frigging kryptonite to anything cool. The more Facebook tries to be "grown up" and go after LinkedIn's turf, the less cool they get... and the more opportunity there is for a startup to steal the younger crowd from Facebook.

The true solution is a network of identity providers that allow people to have one login ID, and be able to move contacts, friends, notes, and bookmarks from one site to another... then as your interests -- or age -- changes, you can move all that data effortlessly to another place.

In practice, your kids first use a tween-focused social site, then a teen-focused site, then a college-focused site, then who knows? Probably ones specific to their industry, or ones focussed on a specific hobby. The mighty mighty interweb demands diversity...

But there's a big big problem... At the latest Black Hat hacker convention, those naughty miscreants exposed security holes in OpenID and similar systems. These aren't minor loopholes, they are ways in which federated identity is fundamentally a security hole on the greater internet. Worse than cross-site scripting in some cases. Not to mention a privacy annoyance... the structure of it means your identity provider knows every single site you log in to... Do you really want Microsoft to know every site that you access?

Personally, I don't like that... To contrast, my state government issues me a driver's license, and I use that mostly to prove my age at bars -- I rarely drive. So, does the DMV have rights to get a report of every bar I frequent? Hell no... so why on earth would people be OK with their identity provider knowing every site they access?

That's one reason why I'm in favor of user-centric, distributed, identity management. Something like SXIP perhaps. See the infamous Identity 2.0 talk for an overview of user-centric identity.

I'd like to see open social networks... but if they don't nail the security problem so that it makes sense to users, and it there's a strong incentive to adopt, the effort will be utterly pointless.

(Hat Tips: Mashable, Sam Ruby, and Jeff Bohren)

Home

Recent comments