Does Open Social = Open Destruction?

I suspect not, but unlike Google, MySpace, Bebo, Hi5 and maybe even Facebook I’m not in the loop on this Open Social thing so I certainly don’t have the whole story. You see, something is really bothering me…

Much of the coverage of Open Social has focussed on developers being able to use “normal” JavaScript and HTML to develop their apps. However, FBML and FBJS, combined with Facebook’s limited indexing on Google, actually do us a favour:

  • Stop application formatting bleeding between apps.
  • Stop applications being able to control each other.
  • Protect users against malicious scripts.
  • Only execute scripts in a confined environment that you are unlikely to stumble upon within an normal websearch.
  • It’s Facebook’s responsibility to parse our code to ensure it’s not malicious.

I’m going to trackback this post to a few big bloggers in the hope I’ll get an answer in the comments, because I can’t find any answers to these critical questions anywhere on the web.

The thing that bothers me most is that Google doesn’t exactly have a great reputation for quality secure code and attention to user privacy. Do I need to be turning off JS in my browser? :S

Edit: LMAO, turns out I was probably right. So, folks, let’s all welcome in a new era of totally shit web security. Hurrah for key-loggers! Hurrah for hackers being able to re-use old tricks without needing to think!

Good grief! :S

Advertisements

2 responses to “Does Open Social = Open Destruction?

  1. yeah agreed… see arrington’s recent post on plaxo profile hacking, also nick o’neill’s thoughts on same issues.

    i’m sure they’ll figure out some workarounds, but it is a big hairy issue for OpenSocial to figure out.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s