Updates from March, 2008 Toggle Comment Threads | Keyboard Shortcuts

  • steve918 10:52 pm on March 31, 2008 Permalink | Reply  

    Keeping Google’s Android Honest 

    I just want to start off by urging anyone who is writing open source applications for the Android mobile platform to release their applications under the GNU General Public License V3.

    The Open Handset Alliance is about to wrap up the first round of the Android Developer Challenge and they’re ready to deliver tons of money in rewards for application development.

    What OHA hasn’t delivered any source code for their Apache 2 licensed platform and even when they do they have made no guarantees that you’ll have the freedom to run modified versions of it on your devices. It is certainly possible and not highly unlikely that OHA could release Android’s core libraries under the Apache 2 license, but require a signed version of those libraries on devices shipped from manufactures.

    So if you release your application under other open source licenses (including GPL V2), services providers and device manufactures have no legal obligation to allow unsigned/modified versions of you application to run on their devices. They can just take your application and your freedom along with it.

    If you think that this couldn’t happen, take a look around. No other device around has created as much buzz as Apples iPhone and the way they are treating application developers is criminal. Even if OHA releases a truly open platform that is unlike anything before it, you have nothing to lose by choosing GPL V3 for your open source Android application. You’ll just be protecting and doing your part to ensure Android stays honest, open and free.

  • steve918 6:42 pm on March 31, 2008 Permalink | Reply
    Tags: OpenID Buttons Clutter   

    One Button to Rule them all. 

    There have been quite a bit of talk about the current state of OpenID login screens that are becoming cluttered with provider specific buttons with no end in site.

    Scott Blomquist has some really interesting ideas for implementing a IdP independent button that would replace all of the existing buttons, while providing an improved, consistent experience for the end-user.

  • steve918 10:32 pm on March 27, 2008 Permalink | Reply

    Improving OpenID Delegation 

    When I authenticate using my delegated OpenID I’m actually proving I own two different URIs. I own http://steven.bitsetters.com which I’m delegating from and I own (or at least have some control over) http://steven.myvidoop.com. So a RP can easily associate both endpoints with my account. The problem comes when I decide to change the endpoint I’m delegating from. Let’s say I get tired of WordPress (I know it’s a stretch) and decide to use Blogger instead. Now I want to delegate using http://steve918.blogger.com. Currently this would require me to login to every site I previously signed into as steven.bitsetters.com and add steve918.blogger.com as an associated URL. (Assuming the RP even supports associating more than one OpenID per account. ) The thing is, this process of explicitly adding my new delegated OpenID leads to an extremely high cost of switching that is not necessary.

    As I mentioned in my previous post, delegation is an important part of the OpenID ecosystem, but it needs to be manageable for muggles. If reliers could make this association for me, I’m free to bounce from one social networking site to the next and use what ever delegated ID I feel contains my social graph and most useful profile information at that time. Having this free switching economy also makes it much more appealing for all the sites I mentioned previously to provide delegation services.

    The only scenario this seems to affect is someone who is using a single endpoint, but delegating through it with multiple identities. Basically people masquerading different profiles through the same IdP account. In this case I think it’s up to the RP to allow the user to decide which OpenID they wish to make public (if any) on that site.

    The real problem in this scheme is that all the extra work falls on the RPs and realistically I don’t think many of them will go above and beyond hacking in the bits that are provided to them via easily available OpenID libraries. So as a community maybe we can extend the libraries to include support for easily storing and managing endpoints. I’m honestly not even sure how realistic this is, but I think doing so could make it easier for RPs to check all the boxes on the best practices checklist.

  • steve918 2:11 pm on March 24, 2008 Permalink | Reply

    OpenID Delegation: Ship It. 

    It seems when everyone’s talking about the lack of OpenID relying parties compared to identity providers they often leave out an important role in the OpenID stack: Delegation. Of course this doesn’t solve the problem everyone is feverishly complaining about, but it is curious to see no one ever really mentions delegation.

    Any website who aggregates significant amounts of user data that is a content rich endpoint for the user is a perfect candidate for providing delegation services. I just want to make it known that just shipping simple delegation is a great option and an important one. If you ask people to give you a URL that most describes them on the internet they’ll probably point you to their page on one of the following:

    Ideal delegation sources:

    • Facebook
    • MySpace
    • FriendFeed
    • Twitter
    • MySpace
    • Digg
    • Delicious
    • SourceForge
    • Magnolia
    • Jyte
    • LinkedIn

    For these sites choosing to ship delegation instead of their very own identity provider has a lot of important benefits for the site and it’s users. As a content provider shipping delegation is unbelievably simple from an implementation standpoint. It’s a one time cost of a couple of developer hours and that’s it. Now your users can login to their favorite OpenID sites as joe.yoursite.com and you don’t have to employ a team of developers to maintain your OpenID implementation and user management. Users also benefit because their OpenID endpoint is now a content rich place that actually describes them.

    • John Whitlock 6:50 pm on March 24, 2008 Permalink | Reply

      Nice idea. It opens up someone to being the best-in-breed XFN provider – delegate all the nastiness of being an OpenID provider to someone else, and just concentrate on the social graph.

    • Stephen Paul Weber 2:51 pm on March 25, 2008 Permalink | Reply

      Here’s something wacky : your site won’t let me log in with my delegated ID (singpolyma.net) – that works on most sites.

      I’m a big fan of delegation – I think that a delegated OpenID is 100x more useful than a tied-to-provider ID, because it makes full use of the federated nature of OpenID – if I don’t like my provider I can switch without it affecting a thing.

    • steven 5:45 pm on March 25, 2008 Permalink | Reply

      That is wacky Stephen, I’m using OpenID+ WP Plugin and I login to it with my delegated ID all the time… I’ll have to look into it.

  • steve918 12:30 pm on March 20, 2008 Permalink | Reply
    Tags: ,   

    OpenID Personas = Cruft 

    I use personas in the same way I think most people are using them in OpenID today. I don’t think of them as identity containers, but as address bundles. I have one very creatively labeled “Work” and another labeled “Home”. Hmm…. That sounds exactly like how I manage my identity in my address book except now the UI is more complex and spread out all over the place.

    It seems to me that a good deal of OpenID providers today have translated multiple user accounts and/or online identities into OpenID “personas”. Which is essentially an attempt at replicating our mental picture of the semantic web. For users the web consists of many user-names for many websites; the correlation is typically one to one. The OpenID model draws a different picture where your authentication is now a one to many relationship which is why these methodologies don’t mesh well.

    The point is with very few exceptions (mental case) we are all individuals with one personality or persona who happen to have multiple sets of data that describe us. The concept of personas only serves to confuse users in a failing attempt to replicate previous models.

    This is how I want to manage my identity online: Easy and familiar.


  • steve918 1:16 am on March 15, 2008 Permalink | Reply  

    I blog therefore I am. 

    I am now the official Steven Osborn of the internet. How did I accomplish the feat? Well, it wasn’t by spending hours practicing to be an accomplished pianist or by becoming an experienced realtor. I certainly didn’t take the time to become a doctor and I’m not much of an athlete.

    What I have done is discovered the dark art of blogging. In this society where the success or failure of an individual or business is measured by their Google PageRank™; bloggers rule the world. We now live in a time where any slightly technical opinionated idiot can make a name for themselves and become blogfamous. Due to a small glitch in social history Geeks have managed to become social icons and have created numerous virtual hangouts where they can accumulate virtual friends, participate in virtual games and do virtual chores all the while avoiding actual human contact.

    So what will I do now that I’ve reached the ePeen level cap? Try to take over the world!

    Notice: This message may or may not self destruct in 30 years dot com.

  • steve918 10:35 pm on March 8, 2008 Permalink | Reply  

    iPhone SDK Sucks – Why Apple doesn't have a clue 

    If you didn’t run out and upgrade to Leopard and/or buy a spanking new Intel Macintosh, you won’t be developing applications for the iPhone. Besides, unless you’ve done a bit of Mac development before, your going to be behind because iPhone applications are written in Objective C. Who really wants to learn Objective C just to hack on their iPhone? Not me.

    To make matters worse, once you’ve finished developing your beautiful new iPhone application the only way you’ll be able to distribute it is through iTunes, and only after Apple takes a %30 cut.

    Can you image what would happen if Microsoft said they were releasing a new version of Windows mobile that could only be developed on from Windows Vista on a nearly new PC and when you were done you could only distribute applications for it through Windows Media and they were going to take %30 of your profits!? Everyone would just laugh at them all the way to court.

    Guess it’s back to hacking on broken bits of Android… *sigh*

    • Luke Crouch 8:43 am on March 12, 2008 Permalink | Reply

      sorry to hear that 😦 it is funny how much people will let Apple get away with just because, well – they’re Apple.

    • larry zou 4:04 am on March 17, 2008 Permalink | Reply

      Welcome to Android world 🙂
      Learn object c? Not me <– count me in, i++

  • steve918 12:13 am on March 7, 2008 Permalink | Reply  

    iPhone SDK is as Open as Google's Android 

    Although Android touts it’s platforms openness; It is really no more open than any other mobile platform on the market as of now. You cannot download the source code for any of their components. What does this mean? Well, basically that they have YAMOS (Yet Another Mobile Operating System) that is less stable and complete as their competitors and nothing more. You may be able to run Android on dozens of devices in the near future, but is it going to be to late? Today you can test Android on exactly zero devices and in the meantime millions of iPhones are being sold. If iPhones becomes the iPod of their market, then the best Android can hope for is to eat the crumbs from it’s table.

    So as a developer with a little spare time I look at both iPhone and Android and see:

    • Open API’s
    • Closed (or hidden) Source
    • Retarded amounts of money within reach.

    So the only real factor left IMO is stability and sexiness of the platform and iPhone is the clear winner at this point.

    Most consumers could care less if their mobile phone is running on an open platform, but developers care a lot. So while Google is watching their stock price rise out of control marketing projects like “Open Widgets” and Android as open platforms, developers like me are asking “Where’s the code!” It seems like “Open” has been reduced to another buzz word that’s meaningless 2.0.

    Both Android and iPhone are attempting to throw copious amounts of money at developers to motivate them to develop for their platform, but I wonder if they realize that developers would just appear if they put their code where their Benjamins are and give developers something they can mold. I’m pretty sure the Android team never actually had the Bazaar model in mind, but why not?

    Sure, Money is a great motivator, but so is code and code has a nice side affect of promoting collaboration and communication where money does not.

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc