Lockdown

A case for a more secure Facebook

This past week, a few of us at the office logged into Facebook to discover our accounts had been locked. A few months ago, this would have been a bigger issue for us, but this week the two times we were all locked out were mild annoyances and an opportunity to change our passwords.

The reason our accounts were locked weren’t apparently clear. Facebook blamed “a cybercriminal”, but speaking for myself, I knew I used a very secure password and even if someone had managed to crack it, it was unlikely they’d have been able to crack the rest of our accounts simultaneously (twice, no less). Eventually, we were able to narrow it down to one of our pages sharing politically controversial content, which was being reported as malicious by people who didn’t agree with the content.

But despite the fact that our passwords were safe the whole time, we all had to change our passwords (twice) and before we knew what was going on, there was some tension that someone had actually gained access to our accounts. So it brings up a good opportunity for me to discuss something I’ve wanted to talk about for a while.

Secure passwords aren’t cool. You know what’s cool? RSA Tokens.

A challenger appears

If you look on my company’s team page, you’ll find my picture captioned “Overrater”. I take this caption somewhat in stride, because being involved in developing many of the analytic algorithms at our office means that I’m spending a lot of my days “rating” client’s Facebook Pages and presences. The reason the caption is there though, is that I have a strong tendency to not be impressed with things most people seem to like (“Shark Week”, “Avatar”, “Top Gun”, college football, to name a few) and call them overrated.

Which brings me to Google’s new, much touted social network called, simply: Google Plus. Google+ isn’t Google’s first entry into the social arena, but it’s their newest and inarguably their strongest. And while Google enjoyed excellent early reviews as well as an early influx of 10 million enthusiastic users, my impressions of Google+ are much less enthusiastic. My initial impressions of what’s wrong with Google+, after the break.

Welcome to the jungle

Since Big Prize Giveaways took off in September/October of last year, we’ve been almost exclusively developing Facebook applications of some sort, whether they’re for Page tabs, canvas pages or external Connect “Login with Facebook”-enabled sites.

The platform has changed; almost to the point where it’s completely different today than it was just 9 months ago. In today’s landscape, changes to web services and APIs are inevitable: first versions are designed and implemented hastily, with newer versions having better organization and technology. Normally, changes like these are announced, with timelines, transition plans, and, if all goes well, overall improvement to the service. After all, the point is to make things better for developers using your service, right?

Zero to 1984 in just six years

There’s a passage in George Orwell’s 1949 classic Nineteen Eighty-Four which reads:

Then the face of Big Brother faded away again, and instead the three slogans of the Party stood out in bold capitals:

WAR IS PEACE

FREEDOM IS SLAVERY

IGNORANCE IS STRENGTH.

If you haven’t read the novel (and if you haven’t, you really should), these slogans are designed with a double meaning, with one meaning being something the citizens of Oceania could rally behind (fight a war for the promise of peace, being free isn’t really all that great and fascism is the way to go, and stay in line and do as you’re told and you’ll be good, respectively) and the other being something the Party, the all-powerful fascist government believes and practices (keep your nation at war and you’ll have domestic peace, give people the illusion of freedom and they’ll be your slaves, and keep people thinking they’re strong enough to remain ignorant, respectively).

You might wonder where I’m going with this, given that the image above this text is the Facebook logo. I was thinking about a way to address the latest Facebook controversy. Originally seeding from changes announced at Facebook’s F8, the controversy being that some of Facebook’s new features make it easier than ever to get your information everywhere on the web. This topic’s been covered by just about everyone else, it seems, including Mark Cuban. It’s even brought my colleague and company’s CTO out of blogosphere hiding.

Not wanting to steal anyone’s thunder, I thought long and hard (I originally wrote the joke but opted not to; if someone makes the joke in the comments I won’t hold it against them) about how to address a new angle of this controversy. Something reminded me of Nineteen Eighty-Four, my favorite novel, and I was reminded of those slogans. Now, it pains me to say that I didn’t remember all three off the top of my head (note to self: drop everything, reread Nineteen Eighty-Four this weekend), and interestingly, the one I didn’t remember was the one that was the most interesting to me: FREEDOM IS SLAVERY.

In the book, FREEDOM IS SLAVERY assumes that if someone believes they’re free in their current environment, they will do your bidding because there’s no reason for them to leave. Let’s look at Facebook by comparison: here’s a site that gives you your friends, your entertainment, your ability to communicate. A lot of times it seems like literally everyone is on Facebook: events are planned, photos are shared, conversations are conversed. If you’re on the outside of Facebook looking in (an experience I had from the fall of 2007 until the summer of 2008) it’s a struggle to coordinate with everyone else who isn’t on Facebook. Therefore, being on Facebook is the freedom to communicate and share with your friends.

But it comes at a price. When you sign up for Facebook, you agree to their terms of service and privacy policy, which state, more or less, that anything you post on Facebook becomes property of Facebook. In other words, your freedom isn’t really freedom; it’s slavery. Your freedom on Facebook is completely reliant on Facebook’s infrastructure and their desire to get you to stay on Facebook. That is, if Mark Zuckerberg got up tomorrow and said, “hey, you know what, I’m tired of Facebook, I’m shutting it down” tomorrow, you’d be out of luck. If he got up tomorrow and said, “MR. GORBACHEV, TEAR DOWN THIS WALL…of privacy” and made everything public, you’d be out of luck, unless you opted to remove your account.

Like the Party in Nineteen Eighty-Four, Facebook knows the power of a large group believing that they’re free, and that’s why they give you those granular privacy controls, all that help configuring them, and even the little previews that show you how everyone else sees your information. They know that the illusion of control is often powerful enough, if not more powerful, than control itself. (That’s not to say Facebook’s privacy controls don’t normally work; they do. Otherwise, the illusion of control would be over as soon as you hit the “Preview my profile as…” button.) And lastly, and most importantly, they know the strategic, monetary and intrinsic value of having all that information about you, your friends, and everyone else.

So when Facebook announced these new “Instant Personalization” features at F8, they may not have known that the backlash would be this severe. But they not only knew the value of getting a bunch of money from Microsoft, Yelp and Pandora; they knew how much those companies valued your information so they could engage you more effectively, and they knew that these sites would be gathering still more information. It’s not in Facebook’s best interest to guard your information zealously; rather, the best thing they should do is guard it enough so that you don’t know it’s being traded.

What does all that mean? It means that by signing up for a Facebook account, you are at their mercy for if and when they decide to alter their strategy. If that’s the sort of thing that bothers you immediately, delete your account permanently. However, if you trust Facebook even a smidgen that they’re not gearing up for a war with Eastasia, trust that while your information isn’t exactly static, thus far Facebook isn’t selling your e-mail address and phone number to spammers.

But as Jim said, the most surefire way to ensure something doesn’t end up on Facebook or with an affiliate is: never post it in the first place. Always always always think before you post, and if you choose to post controversial profanity-laden rants, risque pictures of the party last night, or complaints about your boss, consider putting them on a medium you control. (And no, that medium isn’t Twitter.)

Mass confusion is all the new rage

Over last summer, a lot of things changed in my life: I moved to South Carolina, I started a new job, I switched to a Mac (at work) and I became a vegan. (Okay, kidding about that last one.) In addition to those large changes, there were a number of small changes, two of which included my aunt and my dad signing up for the social networking giant, Facebook.

A little background here. I’ve been a member of Facebook since June of 2005, a couple days after I graduated high school. I think our class was the first real “wow, we’re going to college, let’s all sign up for Facebook and friend each other because I’m sure we’ll keep in touch” class, and initially, that’s all the site was: a place to find phone numbers, send short messages, and do some serious poking. (Great feature, right? Because who doesn’t love getting poked in real life? Now we can experience that same, annoying, painful sensation thousands of miles apart!)

A couple years passed, and the site rapidly grew and evolved. Thanks to innovations like the News Feed, Facebook became a place to find out what your friends were doing by the minute, and by 2007 Facebook was open to everyone. By the time my sister joined Facebook in summer of 2007, people were taking notice of the site’s powerful and potentially dangerous features, and my mom signed up for Facebook following the advice of a parent session at my sister’s orientation.

So I was on Facebook, my sister was on Facebook, and my mom was on Facebook, but she was only there to stalk mine and my sister’s friends in the name of safety. Reasonable, right? Everything seemed normal. But then, in 2007, the Facebook platform debuted and took off.

A couple more years passed. Facebook grew from about 50 million users to over 200 million. And in June 2009 and July 2009, after hearing about the many other family members who could view family pictures, share stories and stay in touch, my aunt and dad joined.

I’m pretty careful about what I post on Facebook anyway, so having my entire family on hasn’t changed my Facebook habits (and the completist in me likes having everyone there). However, having my entire family on the site to me signifies that Facebook is as mainstream as the PC that’s viewing it. It’s not only a global social network; it’s become a household word.

Whenever anything goes from a niche to the mainstream, a full cross-section of the population comes with it. That means you get the quiet and the outspoken, the friendly and the hostile, the newbies and the pros. But really, you can reduce it to two groups: the tools (read: douchebags) and everyone else. Here’s a helpful list that should help you not be a tool.

Guidelines for harmonious social networking

(Or, how to not be a social networking tool. Title is a shout-out to How I Met Your Mother.)

  • This isn’t MySpace: use your real name. Using your first and middle name as your full name may be okay in high school, when you’re trying to be a rebel, but once you get past age 18, it’s time for your real name. Use the name that potential employers would search for. “But wait,” you say, “I don’t want the Man to see my Facebook. Maybe if I don’t use my real name, he won’t find me!” Let’s be realistic: most employers these days have the expectation that you have a Facebook account; if they can’t find you and it’s obvious you’re not there under your name, they’re likely to assume you’re hiding something.
    • Corollary: I know what you’re thinking: “Ooo, I know! I’ll create two Facebook accounts, one for my friends and one for my employers!” Not only does this violate the Facebook terms of service, but it makes you a serious tool because you’ll have to send friend requests to pretty much all of your friends twice to make it look semi-realistic and useful. Don’t do it. Just keep your Facebook clean.
  • Use the 50 mile rule. Except in very rare cases (like Christmas parties when you know people will be home), most of your friends won’t be able to make your next party. Don’t send them an event invitation when they live more than 50 miles away. I know it’s really easy to select your entire friends list and send out invites, but don’t do it. Wouldn’t you be kinda’ mad if all 500 of your friends showed up at your apartment next Friday night? (Reminds me of that Seinfeld bit about answering machines: “You were hoping to get the machine! The person picks up and you’re like, ‘…oh. Didn’t expect you to be there. I was just going to leave a message saying sorry I missed you.'”)
  • We get it, your farm is pretty awesome. We don’t need real-time updates. One of the major factors driving Facebook’s latest spike in growth is so-called “social gaming”. You know, where you sit on Facebook at home and play a single player game on the web. FarmVille is the most popular of these games, and one of the reasons it’s popular is that it encourages users to share how much fun they’re having about 10 times a minute. I know it’s hard, but RESIST THE URGE TO SHARE. It’s Facebook policy that FarmVille can’t punish you for not sharing (although they’re certainly allowed to make you feel really bad: “YOU JERK, YOU KILLED THE COW BECAUSE OF YOUR NEGLECT”). So don’t share every time. Let’s set a soft limit of 1 FarmVille (actually, 1 “social game”) post per day.
    • Corollary: I know the way you win in those games is by working with your friends and asking and giving help, but creating accounts and naming them after your kids or dog or is cheating. (And yes, the cows will die because of you. Maybe not today, maybe not tomorrow, but SOMEday.) As an example, let’s say Wal-mart said that I am now only allowed to buy four Cadbury Creme Eggs per week. Wouldn’t you say there was something wrong with me if I stood outside the store bribing people to buy me some Cadbury Creme Eggs? “Come on, DADDY NEEDS HIS FIX.”
  • Just because there’s a button doesn’t mean you have to click it. (begin shameless plug) While you’re welcomed (and encouraged) to become a Fan of (and tell your friends about) Cleveland, Curveballs and Common Sense and any Fan pages that my company administers (end shameless plug), fan pages like these aren’t really how you’re supposed to use them:

    Let's be honest, no one ever texts back instantly. That page should be banned.

    A couple of randomly funny Fan pages are acceptable, but for the most part Fan pages are meant so that companies can share exclusive deals and offers with you. What company is behind you hate me? oh that’s weird, because I DON’T EVEN KNOW YOU? (And that’s not even a very good example; Bobby and I have laughed at a ton of pages that just scream “I’m a teenager, I don’t know who I am, but at least know how to click a button.”)

  • Don’t be like Joe Biden: keep your language clean. (Oh, snap! Where else do you get these hot-off-the-press topical references like that? That was from like, yesterday.) If your *$%@ing %^#$ #@$%# needs to be @#$%$#$, tell Twitter (it’s a jungle on Twitter) or call one of those 1-900 sex lines where language like that would be appropriate. Pretend your mom’s reading, and if you still feel like dropping bombs, pretend Santa’s reading. If you swear at Santa, you get COAL.
  • Don’t create a Fan page for yourself. I mean, really? Who does that crap? (Wait, wait, I can explain! Don’t call me a hypocrite or hate me yet: I use that page for testing purposes. So if you’re using it for development, go for it.)
  • Hard limit of 10 posts per day, for any reason. Otherwise people start to think “listen…you and I are great…but we see a lot of each other. A LOT. Soo…yeah, maybe it’s time we took a break? I dunno’.”
  • Oh, and I almost forgot: If you’re a boss, and you’re friends with your employees on Facebook, limit the length of your comments to three paragraphs or less. (Four if it’s about baseball.) This is just better for everyone. If you make longer comments than that, other employees may take notice and get jealous. They may not even bother to tell you they’re jealous and may just write “holy crap.” (Just kidding, everyone involved!).

All that said, if you’re a Facebook user and you do these things, I may complain to myself for a bit then realize I’m being overly neurotic. Everyone uses social networks differently, and if you feel the need to do all of these, I won’t unfriend (2009 word of the year!) you. (I may hide you from my Feed, though. It’s not you, it’s me.) Ultimately I hope this list was entertaining more than anything else, and like pretty much everything I write, you probably shouldn’t pay attention to any of it.

Anyone got any others? I’ll try and add to the list if I hear some good ones (or think of some new ones). Happy Facebooking!


To Mom, Dad, Ciocia and all others in my family: all sarcasm and “back in my day, all the kids used floppy disks” nostalgia aside, I do enjoy having you all on Facebook. My amazement that everyone has an account now was only meant to reflect how fast and how broadly Facebook has grown, and I’m happy about it.

UPDATE: Developing Socially

Just a quick post to let everyone who’s interested know that I’ll be giving a talk tomorrow at Refresh Columbia. More details can be found in this post, but I’ll be talking about Facebook development and how it can impact your Facebook Page. I’ll post some source code and my slides on this post once it’s over. Hope to see you there!

UPDATE: Code and slides after the jump.

Two choices

I don’t normally write about higher level software design for a couple of reasons. For one, I don’t consider myself to be an expert in the field. I’m not sure there is any one expert in the field, actually; it’s a little bit like saying there’s an expert in string theory, a field that’s less that fifty years old and every bit as complex as software design. However, I don’t really consider myself above average at it either, and if I’m not above average at it, there’s not usually anything I could say that you couldn’t read somewhere else, better explained and more original.

The second reason I don’t normally write about software design is that since most of my projects are small (projects at work are either designed in collaboration or already designed), I don’t waste much time on design. Today I modified a GreaseMonkey script Mike wrote to remove ads from GrabUp posts; he wrote it because he was sick of looking at ads, I modified it because I was tired of the refresh caused by redirecting to the direct image. I didn’t write out a vision and scope document, I didn’t create a design document, I didn’t diagram it – I just wrote it. Another example is my recent weekend project TooLongForTwitter.com. It’s a little larger in scope, but rather than figuring out how everything was going to work beforehand by diagramming it out, designing a database, etc., I just started writing it and it all just kind of came together. Even back when I was writing McJournal, I had an idea in my head of how the final product would look but I never wrote it down anywhere, I just started writing.

Point is, it’s pretty easy to skip that design process which can greatly influence the success of your product. As I thought about it this evening, I realized that all software products fall into two categories.

The first category are the applications that are designed not to suck. We all use software for many different purposes, but a lot of times, we’re using it for work or productivity. Hence, products like Microsoft Office, Quicken, GMail, TextMate, etc. are designed as software that stays out of your way. Either it lets you perform tasks the way you want, or it gently nudges you once and then leaves you alone. Nothing is more annoying in this case than the application that’s trying to do too much (Clippy: “It looks like you are writing a letter…” anyone?). Applications that are designed for productivity usually fall into this category, because normally you want to get your work done, then get off the computer and head out to the golf course. The key word with these types of applications is intuition: it should be intuitive for the user to use.

The other category is the applications that are designed to rock. As you might imagine, these are normally entertainment applications like video games or multimedia applications. These are applications that the user wants to use, applications that the user wants to learn, and applications where the user may want helpful tips. For example, take Halo 3. The game would have been a bestseller without adding a bunch of new weapons, a bunch of new gadgets and a bunch of new customization options in multiplayer mode, but because the game added those little features, it was smash hit and is still played today. Entertainment applications can’t be simply functional to be successful; they’ve got to be immersive.

Ever wonder why Twitter is emerging as a more popular social networking tool for professionals and celebrities compared to Facebook? It’s simple. Using it is as simple as sending an SMS message from your phone or typing 140 characters in one form field on the web. Want to share a link? No problem! Just copy and paste it in there and done. No captchas, no conversion to “shared items” like Facebook likes to do, just shows the URL and makes it a link.

On the other hand, Facebook is complex enough already, and it’s gotten more confusing for the average user over the years. Over the last couple of months I’ve had the pleasure of introducing my dad and my aunt to Facebook (seriously, Mark, I’m fighting for you here, how about throwing some of that money my way?) and I’ve seen the site through new eyes: even with the wizards, hints, etc., a cautious user may feel overwhelmed when visiting the site for the first time. Facebook realizes this, that’s why they’re rushing out Facebook Lite to their 250 million users. Interacting with friends, profiles, streams and comments is hard enough; adding Pages and Ads to the equation makes it even more confusing. Thus, professional users or less computer-savvy users are using Twitter for their business communication.

Another example is in web browsers. As many of you may know, Internet Explorer 6 is still alive and kicking on the web. As someone who has faced a ton of IE 6 errors and quirks, I am definitely in favor of getting this browser out of circulation. But generally, people are using IE 6 for one of two reasons: a) it’s an office requirement, or b) it works for checking e-mail, news, etc. and that’s all it’s needed for. For these users, a browser is a productivity application, not an entertainment application, and IE 6 (unbelievably) “doesn’t suck” too much for them and it requires zero installing, configuring or tweaking to get up and running.

On the other side of the spectrum, Firefox is more of an entertainment browser. Clearly, users use it for productive purposes too, but it’s clear that Firefox is used as an application that rocks rather than an application that doesn’t suck: tabbed browsing, add-ons, and a prettier interface are just a few of the reasons younger users tend to use Firefox.

I guess the point of all this is, next time you’re writing an application, no matter how big or small, ask yourself the following question: do I want my application to rock or not suck, or better yet, do my users want my application to rock or not suck? Hopefully it helps you iron out your feature list and make it one that your users will expect.

Facebook privacy rights: a primer

Things have been pretty crazy in the blogosphere lately. With the Indians selling off All-star after All-star, I haven’t had a chance to discuss this story yet. And it’s not because it’s not important; it is. For those who didn’t read the original story, a high school in Mississippi is being sued for coercing a teenager into surrendering her Facebook credentials to have a shot at making the cheerleading team. As Ars Technica notes, the girl never used Facebook during school hours, but the cheerleading coach threatened punishment if the order to surrender her Facebook credentials was not obeyed.

This isn’t the first time it’s happened; indeed, a much more well-known case happened in Bozeman, Montana, when all government employee candidates were required to surrender all of their login information for every social network. After a public outcry and Web protest, the restriction was lifted. This case, however, already occurred and involves a teenager who may have not known what her own rights were.

It’s well-known that companies use Facebook, MySpace, LinkedIn and even Google to do “background checks” on employees. This is not only understandable, but it’s an excellent use of today’s technology to weed out candidates before they even walk in the door without spending more than 15 minutes online. The good news is that Facebook lets you limit parts of your profile to different audiences, LinkedIn isn’t really social networking as much as it is business networking, and…seriously, who uses MySpace anymore? (I think if you have a MySpace profile that an employer confirms is you, that’s a point against you. Just my advice.) Google’s a little bit trickier, but most of us have common enough names that anything too embarassing is lost in the search results, and ultimately, Google’s search engine keeps us all honest and makes sure we don’t publish anything we might regret later online. The point is, what companies do for the most part is simply do some fact-finding about who they might hire; it’s no more an invasion of privacy than calling your references on your resume.

The difference in this school case, however, is that with the girl’s password, there are no privacy restrictions. Not only could the school administrators view what was public for her friends and private for everyone else, they could view things that were previously private to everyone except her. This means Facebook messages, applications used, every friend the girl has ever had and every photo the girl has ever been tagged in. According to Ars, the account was used to read a private discussion regarding the cheerleading squad and information found there was used to “publicly [reprimand], [punish], and [humiliate]” the girl.

Throwing aside the ridiculous response of airing out laundry publicly instead of behind closed doors, this was a completely illegal search. If you remember from your days in high school, school administrators had the right to search your property at any time, provided it was on school grounds. That means they could search your locker, they could search your backpack and they could search your laptop if you brought it with you to school. Because the student never opened Facebook on school computers, this was completely outside the scope of the school and thus, the cheerleading coach was overstepping his bounds.

Ars Technica’s recommendation (in the last paragraph) warns readers not to store information they wish to remain private on social networking sites. While there’s something to be said for this (software security glitches or bugs might turn private information into public information unexpectedly), there’s nothing wrong with holding conversations on social networking sites about sensitive topics – that’s not only a reasonable use, that’s what private messaging is for. Facebook has said that messages will remain private and will only be able to be seen by their recipients.

Ultimately, if you find yourself in a situation where you’re supposed to surrender your social networking account credentials, fight it. Ask for a warrant. There is no reason anyone except you should ever have access to your account (including friends, partners, dogs, whatever). If they need a certain bit of information, its up to your discretion whether or not you share that with them, and if you choose not to, they’ll have to live with it. (Keep in mind, information you send to a private recipient can easily be forwarded to someone you don’t want to read. Know who to trust.) Also, know that if Facebook is ordered by the court, they can surrender your information without you needing to give up your password. If the search is legal, whoever wants the information can get a court order.

Now I’m not a legal expert by any means, so while I hope you heed my advice, if you find yourself in a legal matter, seek professional counsel. Just don’t let yourself be bullied by people who try to take advantage of social networking’s accessibility.

It’s Zuckerberg’s world, we just have to live with it

Since Facebook announced their plans for an application platform in 2007, it’s been one of the more hyped and exciting development APIs available. (In my book, it goes iPhone SDK first, then Facebook platform.) Before last month, I had only dealt with it in the fall of 2008 when writing Atonia’s (which was soon to become Zaphiri) “Import from Facebook” code. Since last month, however, I’ve modified existing Facebook Connect code and written bits and pieces of several testing/proof-of-concept apps and a full app which is powering our current Big Prize promotion. Below are some of my impressions with the second most popular platform out there.

  • It’s fast and easy to get started. There’s no waiting for a developer account, there’s no waiting for a key, you just name your app and get your keys and you’re good to go. You can quickly download a PHP-wrapped version of the API client for including, and, in what I think is a stroke of genius, there’s a quick link to download sample code relevant to your app. For the Zaphiri code, I literally started with the sample code and copied and pasted it into my app. With some minor modifications, it worked exactly how I needed it. I eventually improved it a bit, but the structure is exactly the same. Even for someone who had never touched the platform, it was very easy to dive right in and immediately produce something useful.
  • There are many shapes and sizes for an app. In just over a month I’ve made apps that lived by themselves, apps that lived inside the Facebook canvas, apps that lived in Page tabs and even an app that appeared on a user’s profile. I have yet to make a desktop app for Facebook (I don’t really see the point here), but the point is that the platform is expansive enough to give you lots of options how you want to solve your problem.
  • Deployment is just as easy as creating. Ready to deploy your app? Simply take it out of sandbox mode. Done. You can, but are not required to, submit your app to the directory and get it verified. It’ll work either way. Hearing me, Scott Forstall? Quit screwing up the iPhone App Store and take a page from the Facebook playbook. (Heh. Facebook playbook.)
  • And now it starts getting bad: the documentation is abysmal. The developers wiki, which lives at developers.wiki.facebook.com wiki.developers.facebook.com (our CTO and I can never remember the order of the subdomains), is just a modification of the MediaWiki software and is the most official Facebook platform documentation you can find.

    Seriously, whatever happened to companies actually having their own documentation and then letting other sites spring up? This never seems to happen anymore, where companies release a full API reference. Want an example, Facebook? Check out MSDN. The directory structure of MSDN, admittedly, has gotten bad lately. But, more importantly, searching works reliably. Most of the time, even if I was looking for a specific tag, I would have to take four or five clicks from the home page to the article I was looking for. This is immensely annoying.

  • The developer community for Facebook is Rails-esque. In that, I mean the community hasn’t really matured and isn’t yet big enough to be a help to a new developer. I’m on #facebook on IRC most days and most days there are a couple stretches where there isn’t much chatter at all. Questions go unanswered (and not dumb questions either, legitimate questions that should be answered). I’m not sure how many actual Facebook developers (i.e. employed by Facebook, Inc.) hang out on that channel, but if they’re there they should be more vocal and engaging the community. That’d make me much more at ease that we’re developing for a platform that’s not only popular, but improving.
  • Facebook is unreliable. Facebook has been up and down a lot over the last few months. This is understandable, as they race to adapt and keep their skyrocketing growth numbers high. Using the site during periods of instability is frustrating enough; developing during periods of instability is downright maddening. When we launched the Big Prize app it was during one of those periods. As a developer, seeing your baby app go from the womb of your developer machine and into the World Wide Wild Web and seeing it break suddenly is a little bit like sending your kid off to preschool only to watch him turn around from your car and get hit by a bus. Except in this case, we weren’t sure if the bus was being driven by someone from Facebook or…was it us? Who were we supposed to sue, ourselves or the Facebook bus driver?

    Turned out it was a little bit of both, and the instability problems went away in about an hour. The problem with instability is that you never know when it’ll decide to be unstable again.

Those are some of my thoughts regarding Facebook development. I’m hoping to get into some Objective-C and iPhone development soon – when that happens, I’ll be sure to post the cliche “My app didn’t get accepted, why don’t they love me” rant. Anyone else out there having similar experiences with Facebook development?

Lighten up while you still can

A few days ago Facebook rolled out their new home page, as well as some complimentary features to the Friends page and some unpublished bug fixes. I do use this blog to complain about Facebook occasionally, mostly because I’m jealous of Mark Zuckerberg, but today I’ll be defending it.

Let’s get one thing straight, first: the new homepage is a vast improvement over the old one. The old one was more cluttered and let’s be honest: who used anything other than the “Top Stories” and “Live Feed” tab anyway? The new homepage incorporates both of those features (with some improvements) and adds filters that are customizable, meaning people will actually use them.

You can imagine my shock (read: actually, I completely expected this) when the home page changes began to roll out and like a viral outbreak people started complaining as the changes hit them. “John Smith hates the new Facebook.” “Jane Sanders is back from vacation, but found a bad new Facebook. Sad face.” “Bobby Jones is not really sure what the heck Facebook thinks they’re doing, messing with my homepage.” As expected, these people all congregate into a group creatively titled “100,000 against the new Facebook homepage” (notice that capping your group name at 100,000 doesn’t leave you much room to expand. Facebook has you covered here, too: you can now rename your groups so you can scale to 1,000,000, 1e7, 1e8, etc.), and for a few days haughtily expect Facebook to do something, because they can’t figure out how to use this service which they love so much.

Here’s the thing: Facebook is the property of one company: Facebook. The only reason you should get to complain AT ALL is if you were a shareholder. Microsoft is the only company that’s thrown any money into Facebook so far, according to Bill Gates’ Facebook page, he’s “vacationing in Hawaii,” and not at all displeased with Facebook. (Actually I’m kidding: Bill Gates might have a Facebook page, but I don’t think I friended him yet.) Since you’re not (presumably) Bill Gates (and if you are, hi Bill!), the only way of protesting change to Facebook is to not use it. I know that’s a shocking concept for you, but no one is stopping you from firing up your favorite text editor and creating your own scalable, secure social networking platform.

Another point: Facebook even warned you that these changes were coming, via the Facebook Blog (which, if you’re so concerned with what’s new at Facebook, maybe you should read occasionally) and even a little information box that directed you to said blog. You were invited to give your feedback before these changes were rolled out. Would I be wrong in saying that none of you that are complaining so much didn’t write feedback before the changes?

Ultimately, you’ll get used to the new Facebook. In fact, you’ll grow to love it, so much so that when Facebook changes the homepage again, you’ll hate the new page with every fiber of your being. Here’s my question: aren’t you guys dizzy yet, from going in so many circles?