Remove an Account

How I hate when I sign up for some service and then I can’t remove myself from it. Of course for service providers it’s fine, just several records in the DB, but for me… I loose control of my data.

What made me write this post is Audible. I thought, I’d buy an audiobook, and this service seems to be well known around the world. So I added my book to the shopping cart, and was required to sign up in order to proceed. Which I did, but then I was notified that I can’t place an order because I am not in the right geography (I live in Switzerland).

Hell, I thought, and went to Amazon, but the audiobook store there actually brings you to Audible for downloads… And there I got the same message.

Ok, then it doesn’t make sense for me to be on Audible, if I live in the wrong place:) However, I can’t find the way to remove my account. All the credit card details are there, and I can’t delete at least those… This really sucks.

Why Do We Still Maintain Those User Accounts on Our Services?

Let’s say you’re building a website or an e-commerce site where you expect to have many visitors. By default you consider that people will need to log in to the site. When they log in, you’ll collect some data about them. Sooner or later this data may be changed by the user on his/her profile page. This is a usual scenario, as old as web apps are.

And in every single project of that sort – the same thing: user registration, account management, password reminder etc. etc. If you look at a decent e-commerce software (e.g. Magento) or some content management system (e.g. Drupal) these features are built-in and looks like there is no issue with that. Surely, you can’t have anonymous people doing things with your service.  And of course user profile data is a very valuable piece of information.

But here is a paradox: by collecting this valuable user information we actually lose much other valuable (or even more valuable) information and when we realize that we need it (e.g. user social graph) we start building on top of what we have, in order to obtain it… Complicated life…

If we look around every single web site has a database of users. And this database is filled by almost always the same process:

• Register
• Confirm your e-mail
• Fill data in your profile

What about only one and a half step:

• Register
• (modify information about yourself)

I strongly believe that the second case can be achieved using OpenID and OAuth and some code around them.

A big part of the account management feature in web applications can (and probably should) be delegated to third party services such as different social networks. This is because the e-mail is not a personal identifier anymore (just look at Google Wave – email is not there at all). If I play in a band I will most likely share my MySpace url; if I am a hardcore blogger, I’ll give everyone the link to my blog; if I am networking on Facebook, I’ll simply connect to people by their name. E-mail is good only to confirm one’s identity, not to represent it.

A shift in thinking of web apps is necessary to go from 3-step account management to 1.5-step. How to do that?

1. Instead of registering user using their e-mail force them to sign up using their confirmed identity on another (trusted) service. For instance, if I’am creating a website or e-shop the default way for users to log in should be with Facebook or Google.
2. Prefil user profile with data from the external service as follows:
   • Pull user picture (allow to swap it with his/her Gravatar) and other relevant info
   • Let the user to connect other services to your application, e.g. Flickr, Facebook, or whatever makes sense.
   • Ask for additional data that is not provided by third parties (preferably only when it’s necessary to perform an action on the site)
   • Allow the userto create a persona and define privacy settings

That’s it!

Look at Google Friend Connect. Ok, it’s very general purpose, not even sure if it’s a very successfull project. Still it depicts how websites should operate, i.e. people should navigate around the web and have their social life present everywhere. That’s how we live in reality: we travel to different places but are always in touch with relatives and friends via phone, email, etc. So every site on the Internet should have kind of  ”Friend Connect” feature instead of the stereotipical user management feature.

Of course, we can run into issues and questions like:

• Identity mapping, when the user is allowed to sign in using different identities from different services
• How expensive is it to build the user management infrastracture genuinly based on integration to other services as opposed to having standard (prebuilt) e-mail based implementations?
• How much can one trust in the third party services? What if companies behind them go bankrupt?

But let me list the benefits from top of my head:

• User is not required to sign up to yet another service, giving away the e-mail, memorizing the password
• Since social networks will be like air, we’re already integrating to other services through REST or JavaScript APIs. So why not doing it from the scratch?
• Thanks to OpenID and OAuth as soon as another service appears it’s relatively easy to plug it into your site if you’ve pluged one already
• You get much more data about users on your site(e.g. friends, activities etc.), so you can track and engage in many different ways than just e-mail
• The user experience of 1.5-step scenario is better than that one of 3 steps
• Using computing resources of third party services
• You might be able to bring your service to outside just your website, e.g. an OpenSocial widget on MySpace. This may turn into a viral effect which could increase the popularity of your service.

In short, let the people be free, don’t close them in your little “walled garden”, it just does not make sense, as you’ll have to break the walls anyway :)

Relevant Search on the Web with a Personal Crawler

I thought (and I strongly believe that somebody already thought about the same before me :D) that it would be great to have a search that’s relevant only to you. With Google you can kind of personalize your searching experience, but I mean another thing.

Let’s say:

• I’ve got hundreds of followers on Twitter and I follow a hundred people
• I’m on Facebook where I’ve got many friends
• I’m using Delicious for bookmarks
• I use Google Reader for keeping myself up to date
• I blog myself, and I receive comments on my posts
• etc.

In all the listed services/activities there is a substantial set of links present or produced either by me or by people in my network. These links form a slice of Internet that is relevant to me.

Intuitively, the part of Internet that is relevant to me is growing:

1. as I’m expanding my social graph
2. as I’m sharing links with others
3. as I’m actively participating on the Web, e.g. commenting

however, a big part of my subInternet is actually hidden (not public), e.g. links shared by friends on Facebook.

Now, imagine that you have your personal Web crawler (maybe plugged into Google). This way you could search in 3 modes:

1. The Web – as we are used today
2. The relevant part of the Web only – available via OAuth, Facebook Connect, etc.
3. Both

As an example consider the keyword “birthday” in all the three cases. It’s pretty clear that the results will be quite different.

Platform as a Service (PaaS) or Cloudware

PaaS, as Wikipedia puts it, is a bit clumsy to understand. You can get an expensive definition with examples from Forrester, if you will :) There is also the platformasaservice.com which seems to be (or to become) the central place for PaaS related resources. Also Google Search gives some useful links to read about PaaS, worth checking at least the first ten of them.

Why am I writing about PaaS? Because I got excited by the term, which I never heard or thought about.

Before not long ago I new SaaS, which currently is quite a comon business model – simply put up some software on your infrastructure and charge the users for using it. The best example in this area for me still is CRM provided by SalesForce.com. At Optaros we call this model Rent. You can read about Assemble vs. Build, Buy, Rent in the company’s blog, pretty simple and quite interesting.

So SaaS is an genious idea. It allows for recurrent income, which is always good in hard and unpredictable times (provided that the customers are already there). Optaros realized that Assemble goes very well with SaaS in the way that we call Hybrid offering. To keep it simple the hybrid offering is: build the app and rent it (most likely to the same customer). Doesn’t it sound more like a nice theory which is practically difficult to implement? Well, it is difficult but not impossible. Just check out what the Assembled Web is and then combine it with OView. Shortly, customers get a bunch of assembled apps floating around the Web and delivering their branded presence outside their main Web site. Moreover the customers get full control and overview over theoe apps. So this hybrid offering is really a simplified PaaS.

Having said that, looks like PaaS is actually a natural successor of SaaS. Intuitively it’s something more than SaaS. What constitutes “more” is the delta between what is Software and what is Platform. Hence in PaaS business model it’s a more complex software that’s being rented. The complexity varies. It can be a virtual machine(s) that you rent, e.g. Amazon Elastic Compute Cloud, Google Apps Engine, etc. or infrastructure to build apps there, e.g. Bungee Connect, SalesForce.com, etc.

Interesting what goes next in the line of SaaS > PaaS > ???. Soon my laptop will contain no code, nor IDE… just a browser. And I will forget how JAVA looks like, what is PHP, what is scalability issues, etc. I will just program on REST APIs and buy resources from someone on the cloud. Sounds like fun.

OpenID + OAuth: Transcending Social Networks

So we’re tired of remembering all the log in details for each service we use on the Web. For instance, I’d like to log in everywhere with my Google Account because I use a bunch of services on Google. Others may be spending more time on MySpace and would prefer to log in everywhere with their MySpace account. OpenID allows for that.

Another thing, I want to log in to Facebook and see the pictures that my friends shared with me on MySpace. E.g. Plaxo is doing that in a very consistent way, by integrating many many services under one Plaxo’s ambrella. That’s maybe an exaggeration but with OAuth everyone can do this.

And so I am also doing that on my free time: playing with OpenID libraries and trying to integrate with other sites using OAuth.

The fact that social networks will be like air motivates me. And the fact that I will be able to login to Facebook with MySpace credentials hints that I am on the right track. Finally when I see services (with a business model behind it) based on OpenID (e.g. RPX), I am really feeling that the whole Web soon will change.

Backing up Drupal Quickly

I must admit, updating a Drupal instance, even if it’s one module is a bit scary. And a rule of thumb is: backup, backup and backup the backup. So I do it.

Below I post a script that I wrote for that purpose (my first script for Linux :D). The folder structure on my server is:

~/
~/files/
~/public_html/drupal-6.x/

The Script

today=$(date +"%Y-%m-%d")
drupal_v="6.6"
backups="files"

cd ~/
mkdir $backups/$today

clear

echo -e "TODAY: $today\n"

# 1.
echo "---Backing up Drupal 6.x without uploaded files---"

tar --create --gzip --file=$backups/$today/drupal-$drupal_v-no-files.tgz --exclude='sites/default/files' \
--directory=public_html drupal-6.x

echo -e "DONE\n"

# 2.
echo "---Backing up Drupal 6.x uploaded files---"

tar --create --gzip --file=$backups/$today/files.tgz --directory=public_html/drupal-6.x/sites/default files

echo -e "DONE\n"

#3.
echo "---Dumping the database---"

/usr/local/mysql/bin/mysqldump -u YOU -p --default-character-set=utf8 --result-file=$backups/$today/dump.sql DB
tar --create --gzip --file=$backups/$today/dump.sql.tgz --directory=$backups/$today dump.sql

echo -e "DONE\n"

#4.
echo "---Copying the settings---"

cp public_html/drupal-6.x/sites/default/settings.php public_html/drupal-6.x/.htaccess $backups/$today

echo -e "DONE\n"

#5.
echo "FINISHED. Please move the backup files to a safe location"

On Google Developer Day in Munich

Yes, it was half a month ago, and I haven’t posted anything about it so far.  Shame on me.

General impression about the event is good. Although you couldn’t avoid the feeling that there was a bit too much advertising. But ok, what can you do in one day wit 500 developers, besides talking to them?

Look and Feel

Since Google has this image of being cool, childish and friendly, it really kept this image during the day. As you come into the exhibition hall you get into kind of a huge lounge with fancy music and colorful places to sit and stand. Then you can go and play something, for instance, table tennis, table football, Lego, etc. And in the end you could directly speak to a group of developers from Google, as they were taking up a specific corner and therefore were always available. The organization of the event was really brilliant. Everything on time, food for free, projectors always working, no waist of time.

People from Google were friendly, helpful, and really proud working at Google. The main marketing messages they’d tried to convey were:

• You can do it!
• it’s not there yet, but you can be the first one to develop (or create) it
• We want to help people to grow in the Internet because Google can grow only when everyone is growing
• We like open source, we encourage open source, everyone can be participate in projects where Google is also taking part

Not Only Brain Wash

The agenda was pretty compressed. You could attend at most 4 sessions (read descriptions)…
Read the rest of this entry »

Google Developer Day in Munich

If time allows I will participate in Google Developer Day in Munich. I am excited to have received the invitation and I hope I will have fun there.

Podcast on State of the Open Web

Ajaxian.com, Dojo and jQuery stars talking. Download it or read an overview.

Comfortable OpenID Login Box for Drupal

I’ve started a project (http://drupal.org/project/comfortid) which is intended to be a cool open source OpenID login widget for Drupal.

Looking forward to genious ideas on usability. I think it’s the only way to make OpenID popular.