My Dad has Facebook. All my friends have Facebook. I have Facebook. I can count on one hand the people my age I know, that do not have Facebook. The people I met last term in New York and San Francisco all had Facebook.

Anyone who talks about “social networks” today as if they mean anything other than Facebook is being coy, or is deluded.

Classmates and Friendster haven’t been important in years; in the wake of its buyout, MySpace is rapidly losing relevance outside of musical artists using it for promotion.

Facebook is the model of a modern, successful, social website. It hits a very pleasant sweet spot between elegance, user-friendliness, and attention to issues of privacy. But there is one major problem: If Facebook Inc screws up, the elegance and user-friendliness can all go away (some of the new Apps are definitely pushing it), and your privacy might go away, too. Facebook is a closed system; it’s a single point of failure on all three counts.

The Open Alternative

Just as services like AOL and Compuserve paved the way for the World Wide Web, Dave Winer predicts a revolution coming, in which all this becomes unlocked, no longer controlled by single companies:

Eventually, soon I think, we’ll see an explosive unbundling of the services that make up social networks. What was centralized in the form of Facebook, Linked-in, even YouTube, is going to blow up and reconstitute itself.

He’s calling for a new architecture, some way in which the benefits of Facebook (and its predecessors) can be realised in a distributed, decentralized fashion. The seeds of this idea exist in OpenID, and the pieces necessary to make it happen are present in the work of the Global Multimedia Protocols Group, specifically XML Friends Network.

XFN is a way to declare relationships (friend, acquaintance, etc.) between bloggers, so that specialized aggregation sites such as RubHub can crawl that information and turn it into interesting and meaningful data. If I’m a reader of Doug Bowman, I can see the blogroll on his own site, or I can view those links through Rubhub. Although RubHub is ugly and ad-filled, the widespread adoption of these standards will bring prettier and more feature-filled aggregation sites. An aggregator has the advantage over browsing on-site in that you can see things like back-links; the stars show relationships that both Bowman and the other party have listed as having with each other, whereas the arrows show one-directional relationships.

The future integration of standards like hCard and Gravatar could further enrichen the aggregator experience, for example by indexing the public contact and location data and then offering the kinds of query features that are standard in other social networks.

So the problems of identity and relationships are solved. Apart from the technical barrier for some users, what still separates the proprietary Facebook experience from this speculated public one?

And that’s an easy one. It’s privacy.

The Problem of Privacy and Persistent Login

On the surface, controlling access is easy. When Bob visits Alice’s profile, he can declare that he is Bob, and she can verify that and show the profile.

However, the nature of the web introduces an interesting wrinkle in this plan. If Bob is truly visiting Alice’s profile at Alice.com, and not through some kind of weird frame arrangement with Bob.com, then he must authenticate himself not with his own page, but with the foreign one. But Alice.com may have been corrupted by Eve, who can record his authentication credentials and later on pretend to be Bob elsewhere… including accessing his other friends’ private profiles. So it’s not acceptable to ask Bob to enter his only password as an authenticator on Alice.com.

The solution is is to follow this kind of authentication procedure, which is—I think—basically what OpenID does:

• Bob visits Alice.com and views Alice’s public profile. When he tries to view the private data, he is prompted for an identity.
• Bob enters “Bob.com” as his identity, and Alice.com visits Bob.com to discover his public key.
• Alice.com generates a random access code for Bob, and encrypts it with the public key from Bob.com. Alice.com forwards Bob’s browser back to Bob.com, passing the encrypted access code.
• Bob is now back on Bob.com, and can verify himself using his own standard password. (or, if he’s been logged in previously and has a session cookie, this is a transparent pass-through)
• Bob.com uses Bob’s private key to decrypt the access code. Bob.com then forwards Bob’s browser back to Alice.com, POSTing the unencrypted identity code.
• Now Alice.com can see that Bob.com is vouching for the identity of Bob, and may save a session cookie in his browser. As Bob surfs Alice.com, it can reveal the “friends-only” portions of her profile.

Although this seems like a hassle, it would only have to happen as frequently as Alice.com sets the cookie to expire. And so long as Bob is logged in to Bob.com, the forwarding would be transparent.

I think this kind of a system has real potential. Even for users who are unable or unwilling to set up the necessary software (like, a single PHP or Perl file) on their own domain, the co-operation of existing networks (Facebook, LiveJournal, Last.fm, Flickr, etc) using rel="me" links would already help users tie together the various pieces of themselves scattered around the net, including managing the privacy of those pieces.

All of this is possible without sophisticated server-side technology. No control over subdomains or directory structure is necessary. None of it requires browser plugins or iframes, and as far as I can tell, it’s all within the scope of existing standards. You can easily put up compatible public hCard and XFN data without any privacy authentication at all.

So… the real problem is that existing social networks have no incentive to get on board.

But apart from that rather formidable barrier, thoughts?

← Earlier Later → Posted at 4:15 pm to Programming, Social.