Feeds

OpenSocial, OpenID, and Google Gears: Three technologies for history's dustbin

A poke is not a revolution

Providing a secure and efficient Helpdesk

Greetings Dr. Falken

OpenID is a federated authentication scheme for the Web. There's all sorts of good shit built into it: identity providers, Diffie-Hellman key exchanges, SSL, and a little bit of HTTP thrown in to make it internet enough. OpenID is very secure, too, because it's a bit like a Rubik's cube: It's complicated by design, so that stupid users and developers don't even bother with it. This makes maintenance of the spec very easy for the OpenID Foundation, which is yet another nonprofit formed around an API.

The point of OpenID was for you to be able to use one account across many web services. And of course, because building off of existing technologies like LDAP, NIS, Kerberos, SAML, XACML, SASL, or Active Directory isn't a good enough excuse for creating a nonprofit, what better thing to do than create a new authentication scheme?

Yeah, the kid who made LiveJournal can surely do a better job than those dinosaurs.

Anyway, have you ever actually tried to use OpenID? I gave it a stab once. What a catastrophe. I got lost on the part where my username isn't really a username. It's aURL, and I have to go somewhere else beyond the site I am trying to log into in order to type in my password. The damndest part of it was I was trying to log into some also-ran Web 2.0 service that thought they would be able to get more users by only supporting OpenID, because shit, 250 million people have an OpenID, by virtue of having an account at Yahoo or elsewhere. The only problem is, only 14 people out of the 250 million even know what OpenID is, and maybe 6 of the 14 have figured out how to use it.

Can you feel the revolution?

Spacely Sprockets or Cogswell Cogs?

The media's fascination with Google taking on Microsoft didn't start with Chrome. No, Google Gears is widely understood to be the first flaccid attempt at an application platform to come out of Wonka's Chocolate Factory. Gears was supposed to be a panacea for web developers who wanted to support offline access of their apps. Well, the user would have to install a browser plugin and the developers need to write code to support less than one percent of their user base, but if you ignore all that shit, Google Gears was the second coming.

The tech media ate that shit up too, proclaiming that this was a "new platform war" and that Google is "driving straight at Microsoft's profits." Gee, does this sound familiar?

As a developer, there isn't a significant enough drive to work with Gears. For example, it offers a thread pool feature where you can, get this, run Javascript tasks in the background to improve performance. This is the programming equivalent of putting a wing and racing stripes on your stock Honda Civic. Don't you think it's just a little scary that people who spend their programming careers in Javascript and PHP are now allowed to think about concurrent execution? Well, Google did, and crippled the "threading" interface by making all workers shared-nothing. Nice, now you don't have to worry about hard things like resource synchronization.

If you are looking for a web development platform that goes beyond the capabilities of HTML and Javascript, Google Gears is about as useful as a tumor. It turns out that roughly 99 per cent of internet users already have Adobe Flash installed. With that kind of base and an automatic update feature, it's no wonder that nobody gives a shit about Gears. I guess offline support doesn't have a whole lot of pull.

Google Gears on its own was a complete failure. Now, though, it's integrated into Chrome. If Chrome can accomplish what no other browser has ever done and overtake IE, Gears will have a shot.

I'm not holding my breath though. Never underestimate the disparity between developer excitement and user apathy.

Storm the Bastille

A revolution doesn't mean that you pseudo-sexually "poke" someone from Facebook to MySpace. It doesn't mean that you can type in your password once and have access to every authenticated service out there. It certainly doesn't mean that you can make a word processor program work when you're not connected to the internet (we've had that feature for decades).

No, a revolution means that somebody gets beheaded. ®

Ted Dziuba is a co-founder at Milo.com You can read his regular Reg column, Fail and You, every other Monday.

Internet Security Threat Report 2014

More from The Register

next story
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
'In... 15 feet... you will be HIT BY A TRAIN' Google patents the SPLAT-NAV
Alert system tips oblivious phone junkies to oncoming traffic
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.