thecapacity

Let’s be honest, I really like Google. Without them I couldn’t be as productive or near as smart as I am today. I often tell people, the most important Quotient out there isn’t Intelligence or Emotional, it’s their Google IQ. It’s OK if you don’t know it… but if you can’t find it then you’re in trouble.

I mentioned previously that Google’s browser, Chrome, fails what I consider to be an important security test, but I’ve been largely silent on another issue Google seems to have ignored.

However, I can only conclude that it’s a threat larger then we faced with GMail and should be rectified quickly.

Initially, when GMail was released it had no comprehensive security, i.e. most of the communication between you and GMail was unencrypted. Immediately, there was a outcry from the computing-public (at least those savvy enough to understand the implications) and Grease Monkey scripts were written to force an encrypted connection for all the transactions and now it’s an easily configured feature in GMail’s settings.

However, the same flaw has systematically been overlooked in Google Reader. As any ATOM / RSS convert knows, feeds have become a critical component of our computing existence and as any social network participant knows… they’re not  just for websites anymore.

Gone are the days when RSS was used simply for notifications that a public post or comment had been written. Now it’s used for some of my most intimate (at least of the digital sort) conversations. I get everything from status messages (which on Facebook aren’t as public as on twitter) to direct private messages all sent to my reader. Not only are they sent unencrypted, but even worse I’m forced to use an unencrypted connection to read them.

Historically, email was rarely encrypted on the wire when it was sent from the sender to the receiver’s email system, although that has recently changed. However, the main security concer with GMail was anyone on the same network could view the contents of their inbox as they were reading their messages!

I really don’t use email all that much anymore and instead rely on social networks and RSS notifications for the bulk of my personal communications. Which, thanks to Google Reader’s lack of an encrypted configuration, is sent free and in the clear!

I think it’s time Google acknowledges the role and responsibility that Google Reader has in people’s private lives and works to properly secrure that information.

There’s been a lot of talk about Google’s new Chrome browser. If you haven’t checked it out I’d recommend it from a “neat” factor but it’s less practical then upgrading to Firefox 3.

Chrome is fast and has some great features and one which I was excited about was an ability to go “incognito“. Going incognito will prevent the browser from storing cookies or you browsing history and is supposed to isolate the window as a completely separate “island” of web presence which is then “thrown away” when you close the window.

Google’s example was that when shopping you don’t want your significant other to stumble across your surprise. Although I saw suggestions of *cough* other places you could browse where less repercussions might be welcome. You can recognize this mode by the little White Spy icon from the “spy vs spy” series.

However, the site I most wanted to visit with completely private windows was Gmail! I don’t think I’m rare in having multiple email accounts and the challenge with Google is that they only let you be logged in to one account across all your sessions. While there are techniques which can mitigate this, I end up letting email languish because I don’t want to go through the – log out, log in, log out, and log back in as my primary ID – dance.

So having multiple concurrently active Gmail tabs seemed like an obvious use of incognito mode!

Alas, it’s of course not to be;

First, I created an incognito window and then logged into Gmail. So far so good, however when you open a second tab and log in with a different ID it logs you out of the first tab! That doesn’t seem to “isolated” does it?

My second thought was to create a second incognito window (since Google hasn’t been clear about the level of isolation). I noticed that this option is grayed out in the incognito window. If you go to your original “public” window and select “New incognito window” the options exists but simply opens another tab on the original incognito window (which still fails the “multiple login” test).

Obviously, this lack of true isolation surprises to me. Cookies appear to be shared across tabs and it appears you’re forced into having only one private window at time! This would be awful if you were browsing multiple sites looking for a great shopping deal, but didn’t want them to know about other sites or if you were a web tester trying to isolate cookies from test runs.

Chrome’s a work in progress and Google’s opensourceed the project, so I can only hope someone will address these concerns. However, in the meantime it pays to test your expectations and if Google really wants to make webapps more like desktop apps I think this needs to be addressed.

The socialweb.tv talks a lot about open standards, particularly in social networks. I find their videos are always energetic and help keep me abreast on aspects of the web that I don’t get to deal with frequently.

I believe their answer to the question of “Who owns your data?” (hint: “You do!”) is a little idealistic but the message and coverage is great. It makes little sense to duplicate this data and especially in tools like flickr, twitter, opensocial, and hopefully someday even Facebook, it seems obvious. Friends are friends no matter which network they’re on and if you tell me that your twitter friends aren’t the same as your facebook friends I’d reply they could be (and argue should) assuming there are more granular levels of classifications and control.

You hear a lot about this nirvana of open security and data for social sites, especially in the context of plaxo, yahoo, google, twitter and all the other “social web” buzzcompanies…. and that’s where it seems to be constrained.

It always seems limited to discussions about why no one would never implement a microsoft security API and why google and yahoo should talk more. Or speculated with hope that Facebook and MySpace will finally accept friend requests and, fingers crossed, that twitter will link with someone, anyone, who could tell them that drunk and disorderly does not make them cool.

What strikes me most is that within all these talks, Amazon is missing. Not only are they not “a player” but people have forgotten that they’re the reining homecoming king and queen when it comes to some new buzzwords like cloud computing and webservices! Many of these friends are sites built on Amazon’s services, from S3 to EC2 even the newly announced block storage gets people excited, but they haven’t stopped to think that inviting Amazon to the party would really get it started.

Amazon’s the popular kid that’s just too popular for their own good. Everyone else thinks they’re out at the college parties when instead they’re home alone day-trading while they’re waiting for their friends to call.

I think Amazon would benefit from a vast exposure to new customers and social data! Imagine what they could sell me if they knew I’d been boating with friends or that I had a camping excursion planned (maybe something first aid related). Even product “reviews” (which can be found in 140 character “this sucks” twitters) to broadcasting 40% discounts for kindle books when they know I’m stuck at an airport with a layover! There’s a huge wealth of valuable data for consumer companies to be gleaned from these social networks.

Amazon has a ton of users and already with their payment system and associates program they’ve shown that open standards can actually be used to make money, it seems that this would be another area in which they could reap the benefits and help everyone by driving the creation and adoption of standards.

I really appreciated the thoughts in The Next Social Network: WordPress – GigaOM. I’ve been on Facebook for a while now (and prior to that LinkedIn) and despite my initial misgivings, I’ve been surprised at how much value social networks have provided, for a relatively low amount of effort.

On the social side, Facebook has provided me with the ability to reconnect with old friends as well as making it extremely easy to keep up with all my friends. LinkedIn really hasn’t been a “game changer” for me but it’s a nice way of keeping an aggregated collection of business contacts.

However, given Facebook’s alarming disregard for our privacy most notability with their Beacon project, and their growing commercialization, I would feel more comfortable if I could manage my own social network presence.

Perhaps with the opening of the walled gardens social networking API’s, Gacebook, LinkedIn and OpenSocial all have announcements, we may gain this ability. It would be amazingly empowering to centrally manage my online presence(s), including the multiple views of “who I am” as well as being able to filter undesirable content, where I get to make that distinction.

This seems a great avenue for WordPress to pursue, given its opensource nature and might help continue it’s differentiation now that Movable Type has decided to opensource their product as well.

I wish I was a true “webhacker” and could just make this happen, sharing code is always more compelling then simply spreading an idea. However, I’ll be cheering on whomever does.

update:

Normally I’d make post anew rather then update an existing one, but I just saw Scoble’s Can we get a first step in social networking portability and wanted to comment on it here because it’s so pertinent to these thoughts.

As usual, and is typical, I think Scoble’s got the right idea just misplaced in an outdated modality. True social networking, as in the “seemless” desire of that purpose, is not about portability, import/export or “linking”. Those are all walled ways in which people still have to do the work, and implementors believe they should be in control.

So far google, or even yahoo, are the best representations of this ideal. They’re both in a position to find my interests, my pictures and my friends. Unfortunately, for now, name isn’t a sufficient differentiator for search engines.