The buzz about Google's OpenSocial APIs has died down as Google's Android phone platform took the stage, now eclipsed by Facebook's social ad service. A few companies, such as Plaxo, have readied their containers for OpenSocial applications and widgets only to find problems.
The buzz about Google's OpenSocial APIs has died down as Google's Android phone platform took the stage, now eclipsed by Facebook's social ad service. A few companies, such as Plaxo, have readied their containers for OpenSocial applications and widgets only to find problems. Surprise--OpenSocial is alpha code and not yet ready for prime time.
Kevin Marks of Google gave a brief presentation at the Defrag conference today and said, "OpenSocial is alpha. We expect it to evolve a lot. It's just beginning to make sense."
Last week, Joe Kraus, director of product management at Google, said, “We want reasonable assurance over the next week or two that there are not any other major breaking changes. We want to make it open to the public as soon as possible.”
The choice to put alpha OpenSocial in the wild was deliberate, providing a way for others to makes sure they can use it, he added. "There is a tension between developing in private and in public. We didn't want to do a giant secret thing that would be revealed later. Obviously, that's a Google style," he said. Indeed, Google has been known for its secretive culture.
He contrasted the more open OpenSocial and Web approach to development with Apple's process for getting its code out, which is far more closed. Prior to Google, Marks worked at Apple for five years and Technorati for three and a half years.
Security issues are the main problem. "At the moment security is up to the container," Marks said. "It's clearly something we need to work better on, authenticating between sites."
OpenSocial could potentially have functions, such as add friend, and bridge between social networks, but security gaps get in the way. "It comes down to the permission model from Unix. It treats applications as agents of users. The model needs a bit of refinement--you don't want to delegate read/write access permission to others."
How much flexibility to build into the APIs is a concern. "If you delegate back to the container, a gadget can send mail. It's different than a gadget asking to send mail itself. It's a fine line to walk. If you protect it too much, you are making it unusable and people will walk around it," Marks said.
OpenSocial could hook into an instant messaging buddy list, but it could allow invasive scenarios such as clicking on a friend and seeing the friends full buddy list.
"Several people have asked about a standard user interface framework, such as a friend message dialog, and that is something we are looking at. You don't want too many of those, but it's nice to do."