Comments on: Deja vu: Still wary of Facebook

By: herman j wadden

herman j wadden — Sat, 27 Dec 2008 20:48:48 +0000

i already have a facebook acc with over 700 friends and someone screwed with my acc and i can see it on my friends facebook so i know its not deleted can you help?

By: dion

dion — Tue, 16 Dec 2008 00:26:21 +0000

@Nick,

Yah, it was taking in the email just fine (and uploading it to the “Mobile Uploads” folder which I then importanted here).

Then the Mobile Uploads folder kept getting rebooted and I have multiple of them, but that is another story. :)

Cheers,

Dion

By: Nick L

Nick L — Mon, 15 Dec 2008 03:56:50 +0000

Are you _sure_ you were emailing your pics to Facebook? I spent a long time trying to get that working, and it turned out that (in Australia anyway) Facebook only supported multimedia messages (MMS) to an email address.

That was fairly confusing, because the doc said “send your photo to email@facebook.com“, but “send” in this context did NOT mean email.

Anyway.. that’s kinda ignoring the point of this post, but it’s just something which annoyed me…

By: Sebastian Küpers

Sebastian Küpers — Mon, 15 Dec 2008 00:26:25 +0000

@Kevin – uhhh – need to follow now all your comments, to tell people that it’s NOT the password anti-pattern ;) It may look like initially like the anit-pattern, due to the seamlessly interface, but it isn’t!

Please take a look at the URLs in the top of the screens. To improve the UX I have concepted in this mockups, that the RP and Provider commit to the same UI so that it feels(!) seamlessly without interruptions. But the delegation still takes place.

The user will be delegated(!) to his OpenID provider in the screen and authenticates there! It’s no(!) anit-password pattern. Again – check the URLs int he mockups ;) :D

At the original post we already discuss the phishing problems, which still affect this and other solutions like Friend Connect + OpenID based Provider parties!

By: dion

dion — Mon, 15 Dec 2008 00:10:36 +0000

@tobias

Your comment is exactly why I am worried :) Once you implement you are adding real value to the walled garden, and it is hard to get out. For example, TechCrunch has blog content tied to FB accounts. How do they even back down from that without problems? A true open approach allows you to flip around without having that cost, and also gives users the choice to talk to your service in the manner in which they want too.

By: dion

dion — Mon, 15 Dec 2008 00:08:27 +0000

@Kevin

Good points. I am just glad that people are really playing with prototypes and working on the UX side of things. Still time to fix the implementation.

By: tobias

tobias — Sun, 14 Dec 2008 23:53:16 +0000

Yeah, the _idea_ of Open Connect is appealing, but the _execution_ of Facebook Connect is very slick – and that wins out, especially for the mainstream user. For the developer though, there’s a double-win with Facebook Connect. Not only are you delivering a good user experience (or, at least, an understandable one that wont result in a ton of user problems), but the Facebook Social graph (or more importantly, the mechanisms for getting your brand across it) is mature and well understood. In other words: Facebook Connect is unlikely to be expensive, and has the potential to deliver huge upside. In an economic environment where we’re all needing to really, really focus on bang-for-the-buck, that resonates (even if you grok the more distant win of a truly open web).

By: Kevin Marks

Kevin Marks — Sun, 14 Dec 2008 22:51:28 +0000

I like the idea of Open Connect, but the workflow shown in his example has a huge password anti-pattern embedded in the 3rd screen that undermines the whole point of delegated authentication.
Putting up an “OpenID plus password” dialog is missing the point of both OpenID and OAuth.