In this review of Diaspora by Mashable, I was surprised to see that
the #1 complain about the service with the lack of discovery:
"What makes Diaspora worse, however, is that there is no easy way to
find people. OK, you can search by Diaspora username and if a person
has opted, you can search first and last name in the directory, but
you can’t compare your contacts from Twitter or Facebook against the
Diaspora database."
http://mashable.com/2010/11/24/diaspora-preview/
Thinking about it, it makes perfect sense from a user point of view.
You just want to get your twitter, email or Fb contacts and find them
on the new network you are trying out. From a tech side point of view
however; I see this problem as a very hard one to solve in a
decentralized world. Doing a search on a username, or even a name
which would be public is easy (Google does the job), but how to do it
on private data like email, facebook account, etc... ?
I was just wondering if anyone had already started looking into this.
How would this be done in federated status.net for example ?
Cheers,
Laurent
Michael Chisari
The Appleseed Project
There's really no easy answer for this. We already have Google and Bing and a ton of other me-too search engines. Building a web crawler and search engine into a simple web server is a little impracticable, so I'm of the opinion that the solution will be somehow involve introducing "type" into search engines and web sites. IE, searches will be redirected to a major search engine with some kind of flag saying, "this search is for user profile pages."
-- Evan Prodromou, CEO, StatusNet Inc. 1124 rue Marie-Anne Est #32, Montreal, QC, Canada H2J 2B7 E: ev...@status.net T: 438-380-4801 x101 W: http://evan.status.net/ |
I'm curious about you to publish your concept. I am very interested in
seeing this problem solved, and would like to work together with you.
Maxi
On Fri, 2010-11-26 at 14:55 -0800, Andrew Rondeau wrote:I hope everyone looking into this issue considers the Google Social Graph API:There's really no easy answer for this. We already have Google and Bing and a ton of other me-too search engines. Building a web crawler and search engine into a simple web server is a little impracticable, so I'm of the opinion that the solution will be somehow involve introducing "type" into search engines and web sites. IE, searches will be redirected to a major search engine with some kind of flag saying, "this search is for user profile pages."
http://code.google.com/apis/socialgraph/
It exposes data from real Google crawls. Great to work with.
Yahoo's SearchMonkey and BOSS might have worked for this, but since they're deprecated now, I don't know.
I haven't been able to find any details on using the Bing API for similar things.
There will still always be a need to search by name, by attributes, etc, rather than by unique identifier.
link rel="lrdd" with an href (not a template) might be a pretty good
indicator of a federated profile - and many of us have this today. And
since this leads directly to the personal XRD, all of the information a
directory might need to render the entry is discoverable.
There's probably a good commercial opportunity for somebody to run with
a profile search - and it's also a natural fit for Google's portfolio.
That's why my own service is providing a service-wide directory only as
a temporary measure until such time as the federated social landscape
achieves critical mass and somebody seizes this opportunity.
So the real issue is how can we best inter-operate our service-wide
searches until the right candidate emerges - and acknowledging that
whatever we do doesn't have to be the perfect solution because it
probably is temporary.
One thing my service does provide is a meta tag to indicate that this
person doesn't wish to be indexed in the directory. This is something
that should also be standardised - sooner rather than later.
This is based on the assumption that profiles are public and
crawalable. I challenge that. Users of a social network want their
profile to be private, yet to be discoverable to users of the network
who may know some bits about them. Isn't that the whole point of
facebook ? This is also one of the challenges the Diaspora team now
has to solve.
Relying on public data and centralized search engines won't be sufficient.
Laurent
Laurent:
> This is based on the assumption that profiles are public and
> crawalable. I challenge that. Users of a social network want their
> profile to be private, yet to be discoverable to users of the
> network who may know some bits about them. Isn't that the whole point
> of facebook ? This is also one of the challenges the Diaspora team
> now has to solve.
>
> Relying on public data and centralized search engines won't be
> sufficient.
>
> Laurent
Yes, an assumption on my part based on our unique service architecture.
I would have to agree - it will probably not work in many other services.
Brad:
> If we are talking about discovery in the context of a federated
> social web, then how much meaning does 'discoverable to users of the
> network' have? Do you mean users of the same application? Users
> will need to be able to determine what information about them is
> available to whom. Some will want their name and social web
> identifier public so anyone can find them. Some will want more
> information than that to be public. Some will want even that
> information available only to specific people, like a subset of
> 'friends of friends'. How to give users that control, and then how
> to perform searches that relate the identity of the searcher to the
> searched- all across the federated web- are difficult, but
> *important* questions to address.
We have one profile which is public and cannot be disabled (although it
may be excluded from public listing in site and service-wide directory
services). This public profile can be as sparse as desired.
We have unlimited profiles which may be tailored to different audiences
and contain content relevant to the intended audience. Every friend may
be assigned to one of these profiles. For instance one profile might
contain your email address, and one might list you as "single" while a
different one presents you as "it's complicated". One profile might
contain your location at the street level and another only by country.
As the proposal mentioned at the head of this message is not universally
acceptable, I will withdraw it - although the lrdd auto-discovery
information is already present in many federated profiles and one cannot
prevent anybody from exploiting it.
Agree that centralized search is not the endgame.
But Skype got to 500 million users with a centralized public search.
Facebook is smarter in that it delegates the trust of your social network.
Eventually we should build an open federated version of both systems,
but I think the public version is going to be the easier one to start
with.
As for identifiers, easiest to go by is name, probably then email
address, but a profile page or other universal identifier like a phone
number may at some stage be used. I think the HTML5 data layer is
going to make it much easier to markup this info in profiles. We need
a smarter trust infrastructure, but I do feel problems such as this
can be incrementally solved as the infrastructure matures .
>
> Laurent
>
A long time ago I made a mashup of Social Graph API and Google's web
search API to make a "People Search" app:
http://martin.atkins.me.uk/peoplesearch/#david%20recordon
There are some weird bugs in it -- in this case it returned two of David
Recordon for some reason -- but it shows that you can combine
traditional web search with the social graph API to get people-oriented
search results, at least for people who make a graph of their profiles
with XFN.
(I notice that it can't find me anymore because my personal website has
been down for a bunch of time, but that's my problem.)
Did I just hear "WebID"? ;-) Using WebID would make it trivially easy to impersonate users, and provides additional encryption (SSL client certificates) on the way, so no eavesdropping!
Hi,
You are quite right that 'impersonate' usually means something bad. In this sense however it should be understood as "act on behalf of". When a user has certain friends on the internet, the node on the social network he is using had to act on his behalf when talking to other nodes. While doing so, it has to "prove" the user has authorised him to do so.
On Tue, Nov 30, 2010 at 12:53, B. Kip <bkpu...@gmail.com> wrote:
> Hi,
>
> Question, maybe stupid:
>
> My understanding of 'impersonate' is to pretend you are someone else- bad
> thing in this context (security fail). But I get the sense this is used
> with a different meaning here- can you translate?
>
> Brad
--
远洋 / Daniël Bos
email : cor...@gmail.com
phone : +31-318-711063 (Dutch) / +86-18-701330735 (Chinese)
weblog : http://blog.loadingdata.nl/
ostatus: cor...@status.loadingdata.nl
Just to note that implementations like status.net, livejournal, hi5
etc. have been issuing WebID's for a long time. If you have a FOAF
profile, you have a WebID. Indeed, livejournal's WebID implementation
(Yadis) was the 'father' of OpenID!
For operators switching to SSL (e.g. to protect against MITM /
firesheep) you would just need to add a public key to your profile to
become a WebID identity provider. This should theoretically be as
easy as adding one extra attribute to your profile's markup, once
HTML5 starts to gain some more traction.
Hi,
You are quite right that 'impersonate' usually means something bad. In this sense however it should be understood as "act on behalf of". When a user has certain friends on the internet, the node on the social network he is using had to act on his behalf when talking to other nodes. While doing so, it has to "prove" the user has authorised him to do so.
On Tue, Nov 30, 2010 at 12:53, B. Kip <bkpu...@gmail.com> wrote:
> Hi,
>
> Question, maybe stupid:
>
> My understanding of 'impersonate' is to pretend you are someone else- bad
> thing in this context (security fail). But I get the sense this is used
> with a different meaning here- can you translate?
>
> Brad--
远洋 / Daniël Bosemail : cor...@gmail.com
phone : +31-318-711063 (Dutch) / +86-18-701330735 (Chinese)
weblog : http://blog.loadingdata.nl/
ostatus: cor...@status.loadingdata.nl
-- Regards, Kingsley Idehen President & CEO OpenLink Software Web: http://www.openlinksw.com Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca: kidehen