Feeds

OpenSocial, OpenID, and Google Gears: Three technologies for history's dustbin

A poke is not a revolution

3 Big data security analytics techniques

Greetings Dr. Falken

OpenID is a federated authentication scheme for the Web. There's all sorts of good shit built into it: identity providers, Diffie-Hellman key exchanges, SSL, and a little bit of HTTP thrown in to make it internet enough. OpenID is very secure, too, because it's a bit like a Rubik's cube: It's complicated by design, so that stupid users and developers don't even bother with it. This makes maintenance of the spec very easy for the OpenID Foundation, which is yet another nonprofit formed around an API.

The point of OpenID was for you to be able to use one account across many web services. And of course, because building off of existing technologies like LDAP, NIS, Kerberos, SAML, XACML, SASL, or Active Directory isn't a good enough excuse for creating a nonprofit, what better thing to do than create a new authentication scheme?

Yeah, the kid who made LiveJournal can surely do a better job than those dinosaurs.

Anyway, have you ever actually tried to use OpenID? I gave it a stab once. What a catastrophe. I got lost on the part where my username isn't really a username. It's aURL, and I have to go somewhere else beyond the site I am trying to log into in order to type in my password. The damndest part of it was I was trying to log into some also-ran Web 2.0 service that thought they would be able to get more users by only supporting OpenID, because shit, 250 million people have an OpenID, by virtue of having an account at Yahoo or elsewhere. The only problem is, only 14 people out of the 250 million even know what OpenID is, and maybe 6 of the 14 have figured out how to use it.

Can you feel the revolution?

Spacely Sprockets or Cogswell Cogs?

The media's fascination with Google taking on Microsoft didn't start with Chrome. No, Google Gears is widely understood to be the first flaccid attempt at an application platform to come out of Wonka's Chocolate Factory. Gears was supposed to be a panacea for web developers who wanted to support offline access of their apps. Well, the user would have to install a browser plugin and the developers need to write code to support less than one percent of their user base, but if you ignore all that shit, Google Gears was the second coming.

The tech media ate that shit up too, proclaiming that this was a "new platform war" and that Google is "driving straight at Microsoft's profits." Gee, does this sound familiar?

As a developer, there isn't a significant enough drive to work with Gears. For example, it offers a thread pool feature where you can, get this, run Javascript tasks in the background to improve performance. This is the programming equivalent of putting a wing and racing stripes on your stock Honda Civic. Don't you think it's just a little scary that people who spend their programming careers in Javascript and PHP are now allowed to think about concurrent execution? Well, Google did, and crippled the "threading" interface by making all workers shared-nothing. Nice, now you don't have to worry about hard things like resource synchronization.

If you are looking for a web development platform that goes beyond the capabilities of HTML and Javascript, Google Gears is about as useful as a tumor. It turns out that roughly 99 per cent of internet users already have Adobe Flash installed. With that kind of base and an automatic update feature, it's no wonder that nobody gives a shit about Gears. I guess offline support doesn't have a whole lot of pull.

Google Gears on its own was a complete failure. Now, though, it's integrated into Chrome. If Chrome can accomplish what no other browser has ever done and overtake IE, Gears will have a shot.

I'm not holding my breath though. Never underestimate the disparity between developer excitement and user apathy.

Storm the Bastille

A revolution doesn't mean that you pseudo-sexually "poke" someone from Facebook to MySpace. It doesn't mean that you can type in your password once and have access to every authenticated service out there. It certainly doesn't mean that you can make a word processor program work when you're not connected to the internet (we've had that feature for decades).

No, a revolution means that somebody gets beheaded. ®

Ted Dziuba is a co-founder at Milo.com You can read his regular Reg column, Fail and You, every other Monday.

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.