First Public Draft: Taking the Wraps off of OAuth 2.0
The OAuth 2.0 draft specification is out there. The efforts the group working on the specification are paying off in the form of an IETF working group submission. One thing that is clear is that there is a natural tension in following the processes of IETF and the hyper-innovation cycle of web standards that are now powered by the growth of social media. In this world, keeping up with all the work in the community itself is feat by itself. As proven recently, even aligning the naming of standards in our small community (xAuth, XAuth) proves challenging enough. With that said, we’ll share we what we’ve learned about this version and what work has been incorporated in it. Sponsor For those coming up to speed on the issues surrounding OAuth 2.0, here is a brief summary of the state of the union: The OAuth Working Group in IETF generated a first draft of OAuth 2.0 . This group that is credited with this document consists of active leaders of both the Twitter API team as well as Facebook community standards team. A robust number of daily discussions are happening in the working group hosted at IETF include topics such as the default use of JSON that show the opportunity and challenge of growing the standard from a web-based to a broader set of devices and scenarios. One of the stated goals of the IETF OAuth working group is to maintain backwards compatibility with OAuth 1.0. From our sampling of the depth of change in scope and conceptualization of the standard, this may be a big deal for the group, especially if key members decide to legacy their support for the first versions. As part of the evolution of OAuth, there is the case of the OAuth WRAP Google Group . This group has forged ahead to develop profiles for scenarios seen as extensions to the profile OAuth 1.0A. This includes new ways to gain tokens bringing the use cases of Javascript or RIA applications. WRAP also redefines the dependency on SSL and provides a simpler way to get started using tools easily accessible to the web resource. With some changes noted, this work has been brought forward in the OAuth 2.0 public draft. David Recordon, a chief thought leader in the open web (also employee at Facebook) recently offered this summary ” What’s going on with OAuth ?” to help align the understanding of the evolution of the standard. Here we show one of the better known descriptions of the OAuth flow as provided by Yahoo. The annotations show a few of the areas that are under consideration for changes in OAuth 2.0 and/or in the work done in the OAuth WRAP group. Last week, at Twitter’s Chirp ’10 the Twitter API team gave this presentation, ” Too many secrets, but never enough: OAuth at Twitter “. This document contains overview of the basic process of Twitter, commitment to the movement to OAuth 2.0, and discussion of Twitter’s xAuth and OAuth Echos projects. Twitter Likes to Optimize Twitter is deeply intertwined with the inception and direction of OAuth. The company is both involved in the specifications but also is a lightening rod for discussion in the development community. In the Twitter blogs and developer groups, OAuth is being considered deeply in the trade-offs in implementation, design, and risk in the Twitter ecosystem. A few areas under discussion is how to remove the re-direction from the process, and also how to keep a running log of all account client accesses available to the user as a way to make sure users are aware and signaling proper account use. The Twitter API team has been willing to make change happen in the community by deprecating legacy processes, such as basic auth. With the changes coming in OAuth 2.0 the company may be in the best position to bootstrap developer adoption of the new standards. In this way, OAuth 2.0 need to adapt to the speed and need of the Twitter use cases, to avoid becoming like XML. XML is a good thing, of course, but when push comes to shove, JSON is lighter weight and more compact. This is helping it become the preference for data attribute exchange in APIs like Twitters that support OAuth. With the rise of the social ecosystem as the hub for authorization, it is becoming clear that the IETF efforts need Twitter as much as Twitter needs the IETF. This seems like a good balance that will guide use cases along the way to practical standards formalization. There are a lot of questions out there about OAuth 2.0. Top of mind is whether this technology release will see the effective join of Twitter, Facebook, and Google? Or, will the practical matters of business and strategy keep the standards intact, and the implementations as islands? What is your prediction for OAuth 2.0 and web resource authorization? Discuss
Bit.ly Pro Takes the Mystery Out of Shortened URLs
URL shortener bit.ly has announced some simple user interface changes for its standard users and a whole series of new features for paid users, including custom domain names and statistics. While the standard user interface changes are neat, it’s the “end-to-end branding” that we’re actually looking forward to, as it should take a bit of that mystery meat feel out of our day to day online lives. Sponsor The biggest changes standard bit.ly users will see is the searchable history, which allows users to search through URLS they have added. Bit.ly has also tried to make it easier to manage the links you’ve added by adding a specific “Manage” section, which will show all the links with basic statistics on each, such as Twitter conversations and clicks. And all of a user’s shared links will be available in RSS format. As for the bit.ly’s pro users, the service will begin offering a traffic dashboard, short domain redirection, unlimited API calls and, most importantly, a full “end-to-end branding”. End-to-end branding means that if someone goes to shorten a New York Times URL, for example, they will end up with a link containing the nyti.ms short link instead of a standard bit.ly link. This will happen for all users, whether they shorten the link through the bit.ly website or through third-party Twitter clients such as TweetDeck, Twitterfeed and ÜberTwitter. While this type of service is not only great for the website, its useful for the users too, because you don’t have to blindly click on a shortened link. It keeps everything short and sweet for our Twitter character limit while giving us, the user, some clue of where we’re going. Discuss
10 Smart Clothes You’ll Be Wearing Soon
In the emerging Internet of Things , everyday objects are becoming networked. Clothing is no exception. It’s still early days for Web-enabled clothes – the best example so far is the Nike+ running shoe, which contains sensors that connect to the user’s iPod. But expect to see everything from your shirt to your underwear networked in the not too distant future. In the following list of ten ‘smart clothing’ items, we showcase Internet pants, a proximity sensing shirt, a heart sensing bra, biosensor underwear, a “thought helmet”, and more! Sponsor Motion Detecting Pants Now, we’re know what you’re thinking – it’s already pretty easy to detect ‘motion’ in pants isn’t it? Nevertheless, Virginia Polytechnic Institute and State University in Blacksburg has developed a pair of pants “that detect movement and let a computer know your every move.” These smart pants work via a loom that helps sew the wires and fabric together. Sensors embedded in the fabric measure the speed, rotation and flexibility of the pants with every movement. Wireless signals are sent from the pants to a computer to display the activity. The scientists at Virginia Polytechnic don’t yet know why this activity would be useful (to a computer), but we’re sure that use cases will arise. Proximity Sensing Shirt The Locked ON Proximity Sensing T-Shirt is currently available at the ThinkGeek store . It features a “radar screen” on the shirt that scans for matching shirts. If you get within a few meters of your counterpart wearing the same shirt, the radar on your shirt “locks on” and detects the other. This could be useful for love or war – the video below shows the latter scenario. Heart Sensing Bra The Numetrex heart sensing bra uses electronic modules and silver coated electrodes to pick up a person’s heart rate and transmit the data to a watch worn on the wrist. Says NuMetrex Marketing Director Meg Burich, “It’s a comfortable way to wear a heart rate monitor, because we knit flexible heart sensing fibers directly into the fabric of the garment. There’s no hard plastic belt to strap around your chest.” Smart Running Shoes Nike+ running shoes come with a sensor that tracks your run, then sends the data to your iPod. It even has its own social network and can automatically tweet and post a status report on Facebook. See ReadWriteWeb’s review of the Nike+ shoes . Networked Jacket According to a report from GizmoWatch a couple of years ago, Lunar design’s BLU Jacket is a futuristic concept that could make walking billboards a reality. Lunar Design used organic fabrics containing semiconductors in the BLU Jacket, in order to display your moods through signs and colors. This BLU Jacket also has a GPS module built into it. So if someone asks you directions, you could theoretically project a map onto your jacket’s sleeve through it’s flexible display. Or, asks GizmoWatch, “how about getting paid for displaying advertisements on your jacket?” Next Page: Neuro Headset, Thought Helmet, Biosensor Underwear, iPod Watch, Nanofibers. Neuro Headset The Emotiv EPOC neuroheadset is for gamers and is available for $299. It’s described as “a high resolution, neuro-signal acquisition and processing wireless neuroheadset.” The headset uses a set of sensors to “tune into electric signals produced by the brain to detect player thoughts, feelings and expressions and connects wirelessly to most PCs.” According to the company , the headset can detect emotions such as anger, excitement and tension, as well as facial expressions and cognitive actions like pushing and pulling objects. Thought Helmet Let’s get very futuristic for a minute. Six Revisions references an article in Time from September 2008, which claims that the U.S. Army is actively pursuing “thought helmets” for secure mind-to-mind communication between soldiers. The goal “is a system where entire military systems could be controlled by thought alone. While this kind of technology is still far off, the fact that the military has awarded a $4 million contract to a team of scientists from the University of California at Irvine, Carnegie Mellon University, and the University of Maryland means that we might be seeing prototypes of these systems within the next decade.” Image: Wikimedia iPod Watch Back to the now, and there are already a range of iPod watches available from different manufacturers. These watches let you control your iPod using your wireless watch. Biosensor Underwear RSC Publishing reported recently that US scientists have developed durable biosensors that can be printed directly onto clothing, to allow continuous biomedical monitoring outside hospitals. The aim is to enable constant monitoring of blood pressure and heart rate: “Joseph Wang and colleagues at the University of California San Diego, La Jolla have developed a method for printing biosensors directly onto clothing. To form the sensors, Wang screen-printed carbon electrode arrays directly onto the elastic bands of mens’ underwear. The tight contact and direct exposure to the skin allows hydrogen peroxide and the enzyme NADH, which are both associated with numerous biomedical processes, to be monitored using the sensor, explains Wang.” Nanofibers To round out our list, we go a level down the clothing chain and look at next generation fabrics. Delta Farm Press reports that Cornell University’s Department of Textiles and Apparel aims to develop fibers that have computing devices in them. An example use case is a shirt “made of cotton threads coated with a thin layer of semiconductor polymers and nanoparticles that conduct electric and can power your cell phone or iPod or monitor your heartbeat, brainwaves, and other functions.” The University is also investigating “textiles that can act as sensors that could be used to detect the presence of hazardous bacteria, such as E. coli or anthrax.” A further example is smart clothes made of fibers that can change colors – “one appropriate for daytime business environment, a different one for nighttime socializing.” One thing is for sure with all ten of these examples of ‘smart clothing’ – at least some of the clothing that we wear in the future is likely to be networked, in one form or another! Thanks to Deane Rimerman, who provided research for this article. Discuss
SugarCRM: Speed, Search and the Data Deluge
Sugar CRM is launching a new user interface as part of Sugar 6. It comes with a focus on what is becoming a prerequisite: an emphasis on speed, search and deeper integration with third party applications and mobile devices. The speed issue is one that SaaS providers always seek to mitigate as they want the service to seem as responsive as if it were worked on the desktop. Sponsor To do this, Sugar CRM is providing a revamped set up that when completed is supposed to be optimized for speed and designed for the experience that comes with using a social network. It includes a new, global search, another effort to optimize the experience for the end user. Search is becoming increasingly critical as more data is available for integration with third party apps. Sugar CRM will strengthen its search with an open-source engine such as Lucene . SugarCRM is paying close attention to the user experience, knowing it is a key to acceptance among users of CRM environments. SugarCRM also includes native application support for the iPhone Android and the Blackberry. The company has also introduced a native app for the iPad. Application integration is the hallmark of the emerging social CRM application. SugarCRM fits with LinkedIn, Hoovers and Jigsaw through its Cloud Connectors service, which connects third-party data service. SugarCRM also works with Sugar Plug-Ins for Microsoft Outlook, Word and Excel. But can’t this all become a bit overwhelming? All this data flowing into one CRM environment means that the customer needs to think carefully how to organize, discover and share what comes into the network. That’s why it makes sense that a search and potentially analytics component will become standards for services like SugarCRM. It’s also why SugarCRM has a certain advantage. Open-source platforms will thrive in the data deluge to come. Third-party services become critical as components that make sense of internal and external information. It’s just a matter of how those applications are applied so customers can get relevant information that they need for the opportunity at hand. Discuss
What’s Next For Mobile Apps?
Yesterday we looked at DASH7 , a wireless sensor networking standard that may play an important part in next generation mobile services – including location-based services, Internet of Things and social networking. In this post we analyze some use cases for DASH7, which also point to where the Mobile Web is heading. We’ll explore long distance mobile advertising and mobile coupons. We’ll also look at how location-based services like Foursquare and Gowalla could evolve. Sponsor Extending Location-Based App Functionality Given the growth of location-based apps such as Foursquare and Gowalla in 2010, it’s intriguing to think about what’s next for these services. According to the DASH7 report, enhanced loyalty programs could be the next big thing. With a DASH7-enabled phone, the white paper states, “a user could set his or her preferences in the Foursquare or Gowalla application that would allow the user to be automatically “discovered” or “checked in” at the coffee shop/restaurant/gun store/etc. and thereby accrue loyalty points passively, i.e. by just being “in” the establishment, rather than requiring active/conscious user behavior to participate in the program.” Even more advanced services could offer customized promotions created “on the fly”, targeting a certain user’s preferences. Mobile Advertising From Long Distance and On-The-Go A long-held goal of the Mobile Web – at least for retailers – is using mobile phones for mobile advertising, loyalty programs, couponing, and other ‘personalized shopping’ experiences. Of course there are privacy issues with these things, but nevertheless these scenarios are (finally) coming soon. NFC-enabled phones have shown glimpses of this functionality, via smart posters, kiosks and billboards. As discussed in a previous post, NFC technology is limited to a 4 centimeter range – so the phone needs to be held close to the media asset in order to initiate the data transfer. Also it requires a tag reader application to be installed on your mobile phone. According to an as yet unreleased white paper that ReadWriteWeb was shown, the DASH7 Alliance thinks that “a far larger set of customers would be willing to execute the same applications provided that they were executable a) from a longer distance, b) while moving, and c) in some cases, passively/without any conscious initiation of their own.” DASH7 has a range of hundreds of meters and can be used while on the move. While point 3 might scare some privacy advocates, it’s very likely that customers would need to opt in before they “passively” received such advertising messages. If this is still to abstract for you, here’s a potential scenario: I’m driving down a street and I pass a smart poster pasted onto a building wall. This elicits a beep from my phone, because my phone has ‘passively’ scanned the poster and discovered something that I want to be notified about (I’ve opted into receiving notifications only about certain things). Because it’s against the law to check my mobile phone where I live, I wait till I’m parked and then I check what the beep was for. Turns out that one of my favorite bands is playing in the city tomorrow night! The smart poster I’d driven past was an advertisement for that band. So I then proceed to book a ticket, using my phone of course. Mobile Coupons Mobile coupons are a hot area of activity already, with Google and others offering them. However, currently mobile coupons are limited to short-range and active receiving. Soon we might have long-range couponing, real-time interaction and ‘passively’ receiving coupons. The DASH7 Alliance white paper offers a scenario of Paramount promoting its upcoming movie Iron Man 2, using a smart poster. In the NFC scenario, someone could walk past the Iron Man 2 poster and download a 2-for-1 coupon to see the movie. However, according to the DASH7 Alliance: “…a combination DASH7/NFC-enabled smartphone could still support the default NFC scenario, but could also provide for a) longer distance distribution of the coupon b) “passive” acquisition of coupons according to a user’s pre-defined “coupon acquisition criteria” (e.g. “auto-accept coupons for any movies starring Al Pacino” , and c) real-time interaction with the media asset (e.g. “answer the following three questions correctly and win a 2-for-1 coupon to see “Iron Man 2″.)” Those are just some of the next generation mobile services we can expect to see soon, thanks to wireless technologies like NFC and DASH7. Let us know in the comments if you have other potential use case ideas! Discuss