OpenSocial, is a new open standard for applications to integrate with some of the largest social networks in the world. On the surface, OpenSocial is a great move forward for application developers. The learning curve for FBML and FQL at Facebook is trivial at best, but just as learning many similar languages at once, having one simple API to reference is ultimately much easier. The portability of write once, run anywhere brings back to mind the panacea called Java. However, in reality, OpenSocial promotes frivolous time wasting applications that lack any real utility. This may change (and I sincerely hope it does) in future iterations, but for now, Facebook has the social networking platform to beat.
To begin with, there is no security model in place to authenticate communication between servers outside of the API. For example, if a friend is going to record an action on my profile, such as leaving me a message, and the widget provider wants to record that in a database for business reasons such as allowing portability of those messages, all that is provided is an unencrypted, insecure method for doing so. The application passes the message via HTTP along with both user Ids and that’s it! Any hacker with 10 minutes of time can easily spam a huge number of ID’s inserting ads for online gambling, pharmaceuticals or worse? There is an alternative – sorting the data on the individual social networks servers – but to what end? There is limited space and this does little for the portability of data that Google seems to be trying to achieve.
Second is screen area. Facebook profiles allow users to decide how much real estate an application can have on a profile. Using free market economics, folks who dislike large presences on their profiles will likely not use an application, forcing developers to decide how much is too much on their own. The Orkut code sets the size of the profile presence as well as the canvas, limiting applications to play in a very rigid and confined space. Leaving aside the argument of space for PPC advertising, this leaves very little space for the applications interface and more over thwarts the users ability to select the tools that fit their personal style the best. Developers who are doing testing to decide if there’s a viable business model behind an application are left to swallow a huge opportunity cost because of limited space for the PPC advertising. Instead, to monetize traffic early on, they much leverage partnerships that are often more costly and difficult to broker, leaving less time to actually build their application. If the OpenSocial model leaves an unclear revenue model for an developers, it will be left up to hobbyists to build and support applications in their free time.
Third, naked source, this is not just open, but naked. There is very little to keep another one company from swallowing ideas from another company, but lack the resources to execute it fully, or afford the lawyers to protect their intellectual property. Early in the days of Facebook apps, some folks were burned by sharing their source before they had established market dominance. With OpenSocial, anyone can read your source and do with it as they wish. Really, I’m not kidding, it’s all right there for the world to see (unless you insecurely store data on external servers and keep some of the business logic there!) While in theory, this can lead to more secure code, it does not foster a strong platform for business to develop innovative applications. I’m sure that when Google and the rest of the OpenSocial partners provide authenticated communication with the Application providers external servers (like Flickr and Facebook do) this will become much less of an issue.
Fourth, portability of user data. A big problem with social networks today, is the portability of a user’s data; it’s not. As I mentioned earlier, user generated data is not secure when it’s sent off of the social networks server. Additionally, there is no structure in place to make the users data really portable – not just for applications – but for the users themselves. Access to the social networks contact list is limited at best and only accessible to someone willing to write a specific application to fetch it. Some content can be taken as a feed to other services (if the network allows it) but that does not equal real portability for the user. Perhaps there is yet another standard needed here that dumps a users profile content in a portable way? I’m thinking something like RSS for social networks. If I don’t like my ISP, I can change from Cable to DSL and back again, why can’t I do that with my social network provider?
Last but not least, there is no central directory of applications. I am sure there are a few developers out there right now working to remedy this, but I wish they would launch an alpha of some sort so independent developers (ie, not Slide and RockYou) could start getting the word out about their applications.
I’m looking forward to seeing where OpenSocial takes the social networking community at large, but generally, I think we’ve got a long way to go. Who knows, it might be December before this stuff gets addressed! So much for panacea. 
Pingback: Alyn Family » Blog Archive » Adonomics Now Values Honesty Box at Over $6M
Pingback: Alyn Family » Blog Archive » OpenSocial is Getting Better