Apis

iOS: Apple Unveils New Tricks for Background, Video & Audio Apps —

Apple is showing off its iOS 4 all week in San Francisco and this evening one session will demonstrate some new audio and video capabilities that developers can incorporate into their apps.

Smart backgrounding and customization are the name of the game. Developer and former Apple employee Dan Burcaw will go on stage to show off the forthcoming version of his Tour de France app and below are some highlights.

Sponsor

Burcaw says that app backgrounding isn't just the capability to run processes indefinitely, Apple has built effective APIs to efficiently enable the most common features that will run in the background. His app, for example, will show live streaming video of the big bike race. Users will be able to move the app to the background and switch to hearing audio alone. Switch the app back to the foreground and the video feed will resume live again. When audio is running in the background, users will still have access to volume and pause control.

The OS even provides a way to run VOIP in the background.

Controllers will be far more customizable than ever before. Previous versions of the OS have required developers to use Apple's audio and video players as they came from the company. Now developers can fully customize the controls and play video within any boundary box they define. Burcaw is building a video controller, for example, that lets the viewer scrub to a point in the video based not on time but the slope of the race course. That sounds like a whole lot of fun.

These are just a few of the new capabilities we'll soon start seeing in iPhone and iPad apps. "I hear people say all the time that there are restrictions on the platform," Burcaw told us. "There are things you can't do, but those things are far fewer today than yesterday."

Discuss

Editor’s note: The following is a guest post written by Robert Scoble, who travels the world for Rackspace interviewing tech geeks for building43.com. He’s one of the most popular (stalked) users of location-based services and has 8,215 friends on Foursquare. Here he writes about what the location-based world could look like in 2012 and what might keep it from happening.

It’s January 2012 and you’ve just gotten your new Android 3.0-based phone. You’re going on a road trip so you start up the newly-released Foursquare. Gone are the checkins of 2010. Now you tell it where you’re going. This time we’re headed to Harrah’s at Stateline, Nevada. But this is no Foursquare you’ve ever seen before. They’ve finally integrated Waze, Tungle.me, and Yelp information into it. So, let’s discover more of what happens on our trip.

As we pull out of my driveway in Half Moon Bay we cross a geofence that sends alerts to the various systems that I’ve connected to Foursquare. Tungle.me knows I’m meeting Mike Arrington for dinner at Harrah’s. He gets an alert on his mobile phone that I’m on my way and Glympse sends him the ability to watch my progress so he’ll know if I’ll be on time. Plancast lets me know that four friends are attending the Black Eyed Peas concert at Harrah’s tonight. I see that Siri is offering to find me tickets, so I ask it to find me some tickets under $400 each.

Later in our drive, the kids are screaming. Hungry critters, they are. So, we pull out our cell phone and tell Siri: “we need fast food along the freeway.” Siri has already been tracking us as we drive along and it now contacts the APIs from Foursquare and Yelp and then compares both of their databases and quickly learns that we mostly check into McDonalds and In-N-Out. The system talks to us: “we found a McDonalds five miles ahead right off the freeway and there’s an In-N-Out eight miles ahead.” It continues: “If you want to try something else other than your two usual choices, or if you need a recommendation for the kids, let us know.”

McDonalds sounds fun, because Milan likes their Chicken McNuggets and also likes playing in their Playland play rooms. So, we ask Siri: “does that McDonalds have a Playland?” Siri runs off to McDonalds database of Playland locations and comes back with: “no, but we’ve found a location with a Playland 25 miles ahead of your location. Would you like to choose that one?”

After McDonalds we hit Sacramento and now Foursquare, which has joined with Israeli-company Waze, pops up with a new warning: “there’s an accident ahead and travelers in front of you are reporting delays of 15 minutes.” Up pops a photo of the wreck that an anonymous user has posted. Soon we find ourselves stuck in that traffic and so we start chatting with people also stuck in the traffic. “Hey, have you tried the Beatles station on Pandora?” someone asks. Damn, is that Steve Gillmor stuck along with us?

As we drive down the road we’re constantly checking into various things and places. We ask Siri about National Historical places along our route and it pulls up Wikipedia entries about what we’re passing onto our screens.

When we arrive at Harrah’s, we cross another geofence which lets Arrington know we’re here. It also checks us into Foursquare, and tells us: “there are 29 other people we know about, including three of your friends.” Then Siri (which received a message from our geofence) chimes in with: “are you still having dinner with Mike Arrington at 8 p.m. at Friday’s Station Steak & Seafood Grill?” I answer: “yes.” That goes away, but on screen is a Yelp review about that restaurant and I
realize that the attire is dressy and I only have jeans and t-shirts. So, I ask Siri: “are there any other four-star restaurants like Friday’s Station nearby?” It answers with a list from Yelp and then it starts showing places that still have spots left for us this evening by querying OpenTable’s APIs. Siri then tells me it has found two seats for tonight’s show at Harrah’s outdoor arena, and asks if it should buy them from Stubhub?

Since there’s a couple of hours before dinner, I figure I’d find a cigar shop since I have a feeling Arrington might like a good cigar since the 12th Techcrunch Disrupt conference was a huge success. Siri again finds me a place named “Puffin,” which is a short walk away from the hotel.

While at dinner, Arrington says he’d love to take the Heavenly Valley Gondola up to see the view. We make arrangements to meet the next morning to do just that and off I go with Maryam to see the concert. Oh, and Siri automatically checked us into the Pepsi Loot app, because we were in one of the official restaurants that uses Pepsi and that gives us free stuff for checking in at Pepsi-serving locations.

The next morning, when I walk out the hotel to meet Arrington at the Gondola ride I walk through another geofence that Tungle.me has setup around my hotel (it manages my schedule and knows where I am) and it sends an alert to Siri saying: “I see you’ve left the Harrah’s hotel, can you let me know where you are going?” I say into my phone: “I’m going to meet Mike Arrington at the Heavenly Valley Gondola.” It quickly brings back a link for the Gondola ride and asks: “is this where you are headed?” I say: “yes.” It says: “if you buy your ticket at your hotel you’ll save $6 per ticket; see the concierge.”

After I get home, Siri talks to yet more webservices: Blippy, to get my credit card statements, and Expensify, for expense reports. Siri fills out my expense report with details gained from me along the way. It knows which dinners were business ones, and which ones were personal based on things I’ve set along the way (in Google Calendar, for instance, I mark my personal meetings with a tag).

I can hear you saying “Scoble, what are you smoking?”

Seriously, you can do a whole lot of what I’m talking about (including saving the $6 on the gondola ride) today BUT there is something wrong: these services are all information silos that aren’t aware of each other.

I tried to do most of this scenario this weekend. What happened?

• I found out about the concert at Harrah’s too late to buy tickets.
• I found out about the $6 discount on the Heavenly Gondola after I had gotten to the top.
• I found out about the traffic jams after I had already gotten caught in them and didn’t know much about what caused them. And the system couldn’t tell us the best spot to have dinner based on traffic conditions (maybe if we had waited an hour and a half we would have spent less time in traffic).
• I almost got a ticket because I didn’t know about a speed trap up ahead of us. If more people used Waze or Trapster that wouldn’t be a problem, but Waze doesn’t know about Trapster’s users and Trapster doesn’t know about Waze’s users.
• We ate at a McDonalds that didn’t have a Playland. Siri doesn’t know about Playland, or that McDonalds has a page where you can look for locations that have Playlands. Our dinner date didn’t know we were running late because of the traffic jam (yeah, we called, but in the future they’ll just know exactly where we are and how long they should expect to wait for us).
• Siri, when it worked, didn’t bring us anything serendipitous because it didn’t know what people on Google Buzz were talking about. It didn’t know anything about how many friends were checked in at the hotel, or at places near us. It didn’t know that a popular concert would start in a few hours and that it might have been able to get us seats.
• As we drove along using Waze it didn’t tell me about historical landmarks. It didn’t show me where the In-N-Outs were. And when we wanted some coffee we had to switch to Google Maps to find Starbucks.
• When in Google Maps I turned on the Google Buzz layer and it showed me lots of Buzzes from people but it didn’t try to point out important ones that might impact my experience. It forced me to click on dozens of Buzz items on a map in an attempt to find anything useful. Ever pick up rocks in a stream wondering what you will find underneath? That’s sort of like Buzz’s experience.
• When I checkin with the new Pepsi Loot, it doesn’t check me into Foursquare, Loopt, or any of the other loyalty services that are coming out over the next few months.
• If we flew into Reno instead of driven, TripIt wouldn’t know anything about my Google Calendar and couldn’t warn people on my calendar if our flight was late. And TripIt isn’t able to check us into the airport even though it knows our plane landed.
• Yahoo news didn’t know that we left Half Moon Bay, so didn’t know that it should bring us news about Stateline, Nevada.
• Gilt didn’t warn my wife when we passed by the outlet stores in Vacaville that there were some great deals on purses she was considering.
• Paypal or Square weren’t able to be used for anything on our trip.

So, who are the winners and losers here?

Overall, the losers, so far, are us. In 2010 we’re seeing more and more location data silos being produced. The most recent ones are Loopt Star and PepsiLoot. These new services add more of a “tax” and don’t really combine in ways to make our lives interesting. That can’t continue if companies actually want us to use location-based services.

The losers, also, are the whole industry. Everyone will see slower adoption of all location-based services because of their limited utility if this doesn’t change.

But more specifically, the winners and losers:

Winners?

• Apple, because it already owns Siri, which is the best UI for smartphones for interacting with the world around you. And hooking up all these different services will be pretty easy for them to do over the next 18 months.
• Google, because it already has so much location and scheduling data and is gathering more every day.
• Facebook, because it already has so much data about people that it can use to present location information to us and can sell access to that data to others, like Apple, who will use it to augment their experiences.
• SimpleGeo, because they are becoming an arbitrage system for moving data in real time between all of these players. That should be monetizable in the way that Twitter is selling data streams to Google and Microsoft.

Losers?

• Yahoo, because they haven’t yet figured out how to get us to share much location data with it.
• Microsoft, because it is locked out of most of this new world too.
• Gowalla, Brightkite, Whrrl, because they haven’t made any moves yet to present malleable social graphs in the way that Foursquare has.
• Individual loyalty programs. The first ones, like Pepsi Loot, will probably be popular because they are first but others will find tired and unengaged consumers and will need to join up with bigger players to get traction.

Along for the ride?

• Plancast, TripIt, Blippy, Tungle.me, Expensify, are all along for the ride. They provide unique data that the others don’t and unless someone else comes along that provides that data in a better way than these folks do, I think they are safe for the moment.

Disrupted?

• Yelp and other restaurant listings could be disrupted in this new world where you’ll choose your restaurants based on where you actually are, what friends you’ve added to systems like Facebook, and tips from your friends (which are quite different from the crowd reviews at Yelp).
• Yahoo News could be dramatically disrupted. Today, I met with the Yahoo news team and talked about needing different news based on where I was (I found out about riots in Guangzhou, China, after we arrived there and Twitter friends asked us if we were caught in the riots?)

Commerce winners?

• Gilt, Foursquare, and Loopt seem to be aimed in the right direction by bringing users goodies for using these services. But it’s too early to say that one of these will be a clear winner in bringing promotions and offers to us. Bigger companies, like Google, with its huge sales teams, or, better yet, eBay, which has relationships with lots of small-town retailers, could totally change the game here.

So what could keep the world I laid out here from happening?

I’ve already caught wind of plans that Apple has to build Siri into a much more complete offering. You’ll be able to talk to your iPhone that will come out next year (Siri is owned by Apple but won’t be built into iPhones in a serious way until 2011) and you’ll be able to do a variety of tasks from ordering a pizza, finding a taxi or a movie time, to recommending a restaurant to take your date to. But what happens if Apple ends up building its own maps, its own location checkin service, it’s own advertising system for bringing promotions and offers to you, its own payment system, and its own travel apps? Well, then, this system would happen for Apple customers but that would weaken the ability for other companies to compete. And that would force Google’s hand into competing, or buying, these companies up, which would keep Apple from having access to some of these companies’ APIs.

But Google buying these companies and integrating them together with its voice recognition systems is probably the best possible scenario. Facebook isn’t a mature enough company yet to properly integrate all of these into some sort of new business graph and make that all usable by 2012.

Some companies are trying to integrate these services, or provide infrastructure that makes integration possible as well.

CloudMade is using the OpenStreetMap to hook these services together on a common map. And the IETF is working on a variety of standards to make it easier for companies to interoperate with their location. If they can succeed, the vision I laid out of 2012 should be a reality.

[photo: flickr/pinto 2003]

If You Like Moustaches on Men - You'll Love These Restaurants —

Cross reference a person's Twitter friendships with their Foursquare favorites with their Hunch.com articulated "taste graph" and what do you get? Interesting personalized restaurant recommendations, for one thing.

Taste-gathering startup Hunch is experimenting with a recommendation service that cross references social graph connections on other services with the large set of unusual questions its users have answered. Questions like "do you like facial hair on men? Yes? Well, 48% of our users have said that." The end result is a simple prototype website where you enter a city and your Twitter username and Hunch will show you Foursquare venues it thinks you'll like. Or at least it thinks that people on Hunch who are like your friends on Twitter tend to like those places, on Foursquare. Crazy? Maybe not.

Sponsor

Above: Hunch has reason to believe that my friend Rick Turoczy would like the high-end restaurant Toro Bravo, but believes that I would not. Perhaps Hunch is calling Rick a snob.

Restaurant recommendations are just the beginning. Hunch knows a lot about a lot of people. The company recently said that the average Hunch user has answered 152 personal questions about themselves. Now that data and our corresponding friend connections are going to be the basis for personalized recommendations. Want to see how well the company thinks it understands you? Check out the recently launched Hunch Twitter predictor game. It's downright eerie.

Hunch co-founder Chris Dixon explained (vaguely) what's going on by email.

We developed the technology to project and propagate our taste data using graph-like connections via public APIs. In this case we propagate our taste profiles to Twitter by projecting the subset of Hunch users connected with twitter onto all Twitter
users. Then we propagate this taste data to Foursquare by projecting the subset of Twitter users checking in on foursquare onto all Foursquare venues. With our collection of taste profiles, in real time we can calculate affinities between any Hunch user, Twitter user, and Foursquare venue. As we project and propagate across all the web's entities, we will enable crazy data mashups. It's going to be cool!

In other words, if Hunch doesn't know about you well enough to make Foursquare recommendations via a Twitter account that's tied to both Foursquare and Hunch, then it will assume you are like those Twitter friends of yours who are on Hunch, and Foursquare.

That's the kind of data-driven value that making all these connections explicit will allow. The future will look like a big algorithm and interface war between companies battling it out to better serve you based on commonly, publicly available user data. Or data you selectively expose in return for recommendations.

Discuss

Q & A: Bret Taylor on his impact at Facebook, post FriendFeed-acquisition —

It’s been 10 months since Facebook bought FriendFeed, which arguably was its most significant acquisition since the company was founded. (Parakey was the other influential acquisition.)

The deal brought several senior hands on-board including Gmail creator Paul Buchheit and Bret Taylor, who shepherded a number of significant products through Google including Maps. Since then, both of them have taken very visible roles at Facebook with Taylor launching the company’s social plug-ins last month at the company’s f8 developer conference.

We caught up with Taylor to get his take on how he’s fit in with the company so far:

VentureBeat: How do you think you’ve influenced Mark’s thinking and the trajectory of the company?

Taylor: One the reasons we decided to join was we actually had a shared vision of how we wanted these social services to be integrated across the web. As for my own personal impact, it’s hard to say. In all of our conversations, it just became clear how our visions basically dovetailed. You could say I was in violent agreement with Mark.

On a practical level, I came in thinking the Facebook platform was too complex. There were too many application programming interface calls needed to accomplish basic social functionality. I thought the APIs had to be much simpler, and it turned out that a lot of my personal concerns about the product were shared. The product and platform have grown enormously and there’s been a need to simplify things, whether that’s fixing privacy controls or the API. So the simpler API is what we built and shipped at f8.

VB: How would you say Mark and Facebook’s culture has changed your thinking about the social web?

Taylor: One thing that Mark and I have talked a lot about is how the services that will be the most successful in the future will be ones that are built with social functionality in mind from day one. That’s what we’ve seen with the gaming industry. My favorite game growing up was Sim City. If you were to build that socially, you’d make all these changes — neighbors would make a difference, you’d build cities that are competitive to your friends’ cities. Social experiences in products can create an immense amount of value. Products like the Wii took something that was previously solitary and made it fun by involving family.

If you look at the partners we launched with at f8 like the Washington Post, we gave them plug-ins that would let you see articles your friends have liked. It gave your friends an editorial voice that wasn’t there before. If you build products with social connections in mind from day one, you’ll produce much better and more genuine experiences for users.

VB: What do you think is preventing Google, where you worked before, from launching more successful and mainstream social products?

Taylor: I left just before Google’s social efforts really began. I don’t have any personal insight into what is going on. When we develop products at Facebook, we don’t really focus on what our competitors are building. I can tell you that the reason why Facebook builds good social products is that this is just culturally what we do. It is our first order of business. And in general, it’s hard for companies to be successful at anything that’s not their core focus.

I will also say that you are ultimately a product of your surroundings. I was at Google for most of my career and the culture was very academic. We were focused on infrastructure and scalability. Facebook, from day 1, has been about social interactions, which has definitely colored the way I think.

My favorite example, which you already know about, was Facebook Photos. It was not a great photo product by any standard measure. There were no original-sized photos. There was no printing. It wasn’t developed like a traditional photo service. It just had this core piece of functionality — tagging– that made it the biggest photo product on the web.

VB: With the “like” buttons and the social plug-ins that you helped launch at f8, you’ll suddenly be collecting an immense amount of data — both explicit and implicit — on how people use the web –

Taylor: Let me clear something up. We are 100 percent focused on explicit data. We have pretty strict data retention policies. The implicit data is anonymized after 90 days. We use it to measure something called “like-through” rate so we understand how the buttons and plug-ins are used and how we can improve them.

VB: Are the “likes” factoring into ad targeting now?

Taylor: I don’t know. That’s not my area of expertise.

VB: Where do you think behavioral norms around privacy are heading over the next 10 years?

Taylor: In general, I think if you look at many products that are being developed in Silicon Valley right now, they’re all very disruptive to the way that people think about sharing. They’re disruptive in the way that the Internet was very disruptive to journalism or in the way that the printing press affected how people consumed information. These products are changing peoples’ expectations and they inherently create tension in the way we think about openness and privacy. I think it’s a very healthy dialogue we’re having as a culture.

One of the things we learned from this is that we have to be very good about offering controls. But because we built so many controls, actual control was lost in the complexity.

VB: But the defaults you’ve established over time have become more public. There was this viral infographic showing the defaults making basic information becoming ever more public over time….

Taylor: We’re trying to make our settings reflect behavioral norms. I don’t think the graphic reflects reality for most of our user base. The majority of our users have customized their privacy settings.

If you think about Mark’s talk, when we first went international, people joined regional networks. And that meant that for Turkish users, their network was the entire country. So all Facebook users in that country could see their information. We had to change that. Furthermore, most of our users have signed up in the past year. People have signed up in vastly different environments with vastly different expectations. We’ve attempted to have our defaults reflect the norms of usage of the product.

VB: Mark has said in the past that people have a single identity no matter where they are, whether they’re with their friends or in the workplace. Can you elaborate on that?

Taylor: We’ve made this commitment to have one single real identity in the product and I think our long-term success will bear that idea out. Some people use it as a professional network; others use it for their friends.

Personally — and these are my own personal beliefs, not those of the company — I believe our society is becoming more open and accepting. I would never want to work for an employer who found my personal identity unappealing. I think that’s an antiquated notion. I hope our culture changes so that people become accepting both on the inside and outside.

VB: If you take the way space in the physical world is divided as a metaphor for online space, in the real world, there are very overt visual cues for where you are and who you’re communicating with.

The furniture and look of your office tells you to behave one way and the coffee shop where you’re talking to your best friend tells you behave another way. But on Facebook, all of that space is compressed to a single white status update bar and the only visual cue a user has that tells them who they’re communicating with is the tiny image of a lock.

Taylor: That’s an insightful way of looking at it. We have different communication channels on Facebook.

Your inbox might be your coffee shop and your wall is the place where your friends can reach out to you and instigate serendipitous communication with others.

We’ve talked about communication channels a lot and we’ve tried friend lists. Honestly, they’re not perfect but we’ll definitely get there.

Companies: Facebook

People: Bret Taylor

Thanks to everyone who made Google I/O 2010 a success! We always look forward to this event each year as a chance to speak one-to-one with developers from the Maps and Earth API ecosystem and this year did not disappoint.

Last week at Googe I/O, we made several announcements about updates to our tools for geo developers. I wanted to give you a closer look at one of those updates -- Styled Maps for the Google Maps API v3. You now have more control over how to style the base map within Google Maps API implementations. Styled Maps gives you the ability to change and customize various features of the base map, like changing the color of the water or removing roads altogether. This new styling feature gives you full control to display and customize the parts of the map that lets your data on the map shine. Take a look at this Styled Map Wizard and make the map your own!

At the Gluecon just now, Twitter’s Ryan Sarver announced that since their Chirp conference in mid April, the number of Twitter apps has increased from 100,000 to 140,000.

So since it’s been roughly 8 weeks since Chirp, that means that the Twitter app ecosystem is growing at about 5,000 apps per week. So much for the idea that developers might be getting turned off by Twitter’s acquisition of Tweetie and other moves.

Sarver made a few other interesting announcements, including that Twitter now has over 200 employees, and that “they don’t have any plans on making an app directory,” while specifically mentioning the third-party Twitter app store oneforty.

He also said that,”we hope that promoted tweets and other advertising models can help developers get paid too.” On search, he said, “discovery and search are big and complex enough that many companies can compete there, even if twitter works on it.” Regarding Twitter’s API, Sarver said, “”the APIs used to be very simple; now they are getting more complicated and we need to support them better.”

Regarding privacy, he said,”we were lucky; we stumbled onto ‘public be default’” and that Twitter has “a no resyndication” policy that supports privacy.

Image

h/t Kevin Marks for his live tweeting at Gluecon.

It's like an API festival here at Gluecon. I tweeted that this afternoon. But it's not just Gluecon, though - they're one of the hottest topics in discussions about cloud computing.

In his presentation today at Gluecon, John Musser of Programmable Web illustrated how hot APIs have become and how they've matured.

Sponsor

Perhaps most illustrative is his "API Billionaire's Club."

Members of the club include Google and Facebook with 5 billion AP calls per day. Twitter has 3 billion per day. Ebay has 8 billion per month. NPR gets 1.1 billion calls per month for its API-delivered stories. Saleforce.com gets 50% of its traffic through its API.

According to Musser, it took eight years to get to 1,000 API's but just 18 months to get to 2,000. This year, the number of API's are double what they were last year on a month-per-month basis.

Internet/platform as a service API's are now number one. That's illustrative of the increased usage of services like Amazon S3 and all its competitors. Maps are the number three API, dropping from the number one spot last year. Social API's are number two.

REST API's are far surpassing SOAP.

There's a real energy here at Gluecon around the discussions about APIs. The room was packed for the presentations on the topic.

We'll pour more into the topic in later posts.

Discuss

In our most recent beta release, we fired up all engines to bring to life our fastest version of Chrome to date.

Today, we’re bringing all this beta goodness to the stable channel so that it’s available to all Chrome users. We’re particularly excited to bring Chrome for Mac and Linux out of beta, and introduce Chrome’s first stable release for Mac and Linux users. You can read more about the Mac and Linux stable releases on the Google Mac and Chromium blogs respectively.

Today’s stable release also comes with a host of new features. You’ll be able to synchronize not only bookmarks across multiple computers, but also browser preferences -- including themes, homepage and startup settings, web content settings, preferred languages, and even page zoom settings. Meanwhile, for avid extensions users, you can enable each extension to work in incognito mode through the extensions manager.

Our stable release also incorporates HTML5 features such as Geolocation APIs, App Cache, web sockets, and file drag-and-drop. For a taste of HTML5’s powerful features, try browsing through websites developed in HTML5 such as scribd.com, dragging and dropping attachments in Gmail, or by enabling the geolocation functionality in Google Maps. We’ve also given Chrome’s bookmark manager a facelift with HTML5:



In recent weeks, we’ve been beta-testing Adobe Flash Player integration into Chrome. While Flash Player integration in the browser is not included by default in today’s stable release, we’re excited to enable this feature with the full release of Flash Player (version 10.1) soon.

If you’re already using Chrome for Windows, Mac or Linux, you’ll be auto-updated to this latest release soon. You can also try out these new features on our speedy browser now, by downloading Chrome from google.com/chrome.


Posted by Brian Rakowski, Product Manager

One of the most interesting APIs in Android 2.2 allows developers to create applications that can receive messages from servers. "Android Cloud to Device Messaging (C2DM) is a service that helps developers send data from servers to their applications on Android devices. The service provides a simple, lightweight mechanism that servers can use to tell mobile applications to contact the server directly, to fetch updated application or user data."

To try the new APIs, you can install an Android app and a Chrome extension that let you send a link from the browser to your phone and automatically open the URL in Android's browser. Install the Android application, register your device and enable "launch browser/maps directly". Then install the Chrome extension, click on the icon and log in to the same Google account used in Android. Now you can send links to your phone by clicking on a button in Google Chrome.


The application requires Android Froyo, which is only available for Nexus One at the moment.

ReadWriteStart Weekly Wrapup —

The news this week was dominated by announcements coming from Google's two-day I/O event, some of which was highly applicable to startups. The most popular story by far this week was the Big G's introduction of their big data APIs, which may make the process of sophisticated computations easily attainable to startups. Aso this week we discuss some ideation tips from Twitter's Jack Dorsey, a program linking college interns with startups and some factors for the success of mobile coupons. Additionally, we pour over some data from a survey of over 500 mass customization companies, as well as building communities around co-working spaces.

Sponsor

Google's New Big Data APIs a Big Gift to Startups?

The flood of news from Google I/O continues as the company has announced a pair of services available to developers that provide public access to some of Google's internal data-analysis tools. BigQuery, a service for analyzing massively large sets of data, and Prediction API, an interface for utilizing Google's prediction algorithms, are now available to developers in the Google Code Labs. To break down these heavy new tools, we spoke with former Apple engineer and big-data geek Pete Warden.

Warden believes these new tools from Google could commoditize previously close-guarded technologies, allowing startups to quickly and easily leverage things like sentiment-analysis. "Assuming it does what it says on the label, this opens up a lot of technology problems to bootstrapped startups that previously required serious funding to tackle," he told ReadWriteWeb.

Draw It Out, and Other Tips for Success from Twitter Co-founder Jack Dorsey

Having a great idea is one thing. But being able to realize and execute on that idea is what matters.

At the 99% Conference last month in San Francisco, Twitter creator and co-founder Jack Dorsey gave a talk on how he was able to do just that: take a good idea and turn it into a flourishing company. In his talk, Dorsey identifies the three keys to success as he built and launched both Twitter and his latest project Square:

Online Community YouTern Links College Interns and Startups

YouTern, an online community to link interns with startups, has launched their pilot program in California, with plans to expand nationwide.

While there are many programs that assist students with finding internships with large, established companies, until the launch of YouTern, there was no similar service helping entrepreneurial-minded students find a position with a startup. And now in turn, startups will have a resource to identify and recruit talented students for internship positions, a move that may help build a "startup culture" so college graduates don't feel as compelled to only seek employment with major corporations.

Success for Mobile Coupons Begins at the Register

One of the more interesting discussions I had with attendees at the ReadWriteWeb Mobile Summit a few weeks ago was about the future of location-based mobile advertising and why it has so far failed to take off. The speed-bumps we uncovered during that session included the burden of building an ad network and finding unique ways of engaging users, but one other key hurdle that stands in the way is the physical interaction at the point-of-sale.

Survey of 500 Mass Customization Startups Reveals Fascinating Trends

A growing startup trend that we have been keeping a watchful eye on here at ReadWriteStart is mass customization and co-creation. Startups in this sector provide customizable products to the end user, like t-shirts, bags, jewelry and even food. Back in March we suggested that the U.S. may be on the verge of a co-creation invasion from Europe, where these kinds of startups are more prominent. This week the Smart Customization Seminar is being held at MIT in Cambridge, Massachusetts and some fascinating stats and trends have emerged from the discussions and talks.

Co-working Spaces: Building a Startup Community

As our "Never Mind the Valley" series demonstrated, startup communities are thriving outside of Silicon Valley. A panel at WebVisions 2010 today in Portland< Oregon made a strong case for fostering community not merely in a city in general, but in specific working environments. Bac'n.com's Jason Glaspey, Silicon Florist's Rick Turoczky, Urban Airship's Scott Kveton, and Nedspace's Josh Friedman shared their experiences with co-working.

Discuss

ReadWriteWeb Events Guide, 22 May 2010 —

There are lots of interesting events on the horizon (including the ReadWriteWeb Real-Time Web Summit), but one taking place this week that's worth noting is Glue, "the only conference devoted solely to exploring the problem-sets facing architects, developers and IT professionals in a "post-cloud" world." Can't make it to Denver for the event? Don't worry, we'll be live blogging it.

How do you like your events guide? You can import individual events into Google Calendar using the link beside each entry, or download the entire thing as an iCal (and Google Calendar-importable) file, or even view it as a world map. Know of something cool taking place that should appear here? Let us know in the comments below or contact us.

Sponsor

---

---

25 - 27 May 2010: Denver, Colorado

Glue

Glue is the only conference devoted solely to exploring the problem-sets facing architects, developers and IT professionals in a "post-cloud" world. Glue focuses on the APIs and protocols (Twitter, Facebook, Websockets, PubSubHubBub, XMPP), formats and standards (RDF/Linked Data, JSON, Microformats, HTML5), platforms and providers (Amazon, Rackspace, Google App Engine, Salesforce.com, Eucalyptus), Identity Protocols (OAuth/WRAP, SAML, OpenID, SPML) emerging NoSQL data models (Cassandra, CouchDB, MongoDB, Riak, HBase), and other mechanisms that are building the post-cloud world.

ReadWriteCloud will be blogging live from Gluecon and CloudCamp, and ReadWriteWeb's Alex Williams will be moderating the "Managing Complexity in the Cloud" session. Please join us May 25-27 in Denver, Colorado. ReadWriteWeb readers can receive 10% off of registration by using the code "RWW12".

---

27 - 28 May 2010: Beijing, China

Global Mobile Internet Conference

The Global Mobile Internet Conference is designed specifically for entrepreneurs, executives and influencers to understand and capitalize on the growing opportunities in mobile internet. Though focused on opportunities in Asia, much of the conference dialogue is intended to compare and trade best practices across borders, especially between the East and West. Around 1000 industry leaders from Asia, Europe and North America are expected to attend. The conference will be in English, Chinese, Japanese and Korean.

---

28 May 2010: Beijing, China

Global Mobile Internet Conference - Innovation Show & Startup Competition

The Global Mobile Internet Conference Innovation Show intends to be a launch pad for innovative mobile internet startups from around the world. Innovation Show finalists will have the opportunity to present their company to an expected 1,000 investors, industry leaders, and press. Finalists will be judged by and receive feedback from a team of respected venture capitalists and angel investors. The judges will choose one company as the GMIC Innovation Show Winner. Startups must apply by April 4.

---

4 - 6 June 2010: Chicago, IL

Blogs with Balls 3

The bright future of sports media gathers for Blogs with Balls 3 in Chicago at the legendary Wrigley Field. This third installment of the conference focuses on sports and local media, the ever-changing face of traditional media, as well as all the ways that mobile and emerging technologies are changing the world of the sports fan (and the companies trying to reach him or her) today. Feature speakers from established players like ESPN, Sports Illustrated, Yahoo! Sports & The Sporting News and emerging blogging/podcasting personalities and sports new media entrepreneurs, not to mention former professional athletes who are bolstering their brand through digital.

Register before May 15 and save more than $50 off the full ticket price at blogswithballs3.eventbrite.com. Use discount code RWWxBWB

---

11 June 2010: New York City

You're invited to join ReadWriteWeb for our third event and our first on the East Coast: the ReadWriteWeb Real-Time Web Summit, on June 11 at the Metropolitan Pavilion in New York City. This is our second Summit on the Real-Time Web, following on from our successful debut event in Mountain View last October. It will follow the same unconference format, which we have gotten a lot of great feedback on.

The Real-Time Web is a set of technologies that impacts almost every service, activity and application on the Web. We were one of the first news outlets to analyze the Real-Time Web and we've since written extensively about it. Come to the summit to understand how it impacts you, your business and your next development.

The ReadWriteWeb team is excited about our first New York event and we look forward to seeing you there!

---

15 - 16 June 2010: New York City

Corporate Social Media Summit

The Corporate Social Media Summit is a two day conference focused exclusively on how big businesses can take advantage of social media to enhance their marketing/comms strategy. Featuring:

• Practical and relevant insights from peers who have already used social media successfully
• 20-plus corporate speakers (including PepsiCo, Whole Foods, Dell, McDonald's, General Motors, Citi, Johnson & Johnson),
• Best practice, benchmarks and practical next steps you can use to take advantage of social media in your business
• A tightly-focused agenda with 14 in-depth, practical workshops giving you knowledge on only the most critical business issues surrounding corporate use of social media

Save $400 if you quote RWW400 when booking. Book here.

---

21 - 25 June 2010: San Francisco, California

SemTech 2010

SemTech 2010 is the world's largest, most authoritative conference on semantic technology. The programs covers semantics in enterprise computing, consumer applications, search, Linked Data and social networking. SemTech is the place where the entire community gathers to do business - entrepreneurs and investors, researchers and product developers, marketers and customers.

This year we have in-depth focus on industry applications in Healthcare, Life Sciences, Open Government, Publishing, Finance and Advertising. Case studies will be provided by early adopters including Best Buy, Biogen, Blue Cross, Boeing, Cleveland Clinic, DoD, Group M, Merck, Nokia, Pearson, Pfizer, Salesforce.com, US Air Force, University of Texas and the World Bank. The conference hashtag is #SemTech.

---

22 - 24 June 2010: Santa Clara, California

Velocity

Now in its third year, Velocity - the Web Performance and Operations Conference from O'Reilly Media - is dedicated to helping people build a better Internet that is Fast by Default. Join hundreds of web developers and experts under one roof from June 22-24, 2010 in Santa Clara, CA Velocity packs a wealth of big ideas, know-how, and connections into three concentrated days. You'll be able to apply what you've learned immediately for high impact results and you'll come away prepared for what's ahead. O'Reilly Velocity 2010 is the premier conference dedicated to building industrial strength sites, at internet speed. Velocity">Register Now and save 25% with discount code "vel10rww".

---

29 - 30 June 2010: London

Cloud Computing World Forum

The 2nd annual Cloud Computing World Forum is the perfect event to learn and discuss the development, integration, adoption and future of cloud computing and SaaS. Building on the success of the 2009 show, this two day conference and free-to-attend exhibition will provide a focused platform for the global cloud and SaaS industry. Show highlights include:

• Co-located with CloudCamp London
• Co-located with Green IT conference
• Free-to-attend exhibition with seminar and scenario theatre
• Free-to-attend evening awards presentation
• Hear from leading case studies on how they have integrated cloud computing and SaaS into their working practices
• Learn from the key players offering cloud and SaaS services
• Evening networking party for all attendees

---

7 July 2010: Melbourne, Australia

Digital Sport Summit

Digital Sport Summit is Australia's premier sport and digital media event. Hear from social media pioneers who are changing the face of Australian sport. Learn how social media and mobile technology is taking fan engagement to a whole new level.

Speakers on the day will cover a variety of topics including:

• iPhone application development for sport
• Convincing management of the case for social media
• How to monetize social media
• Fantasy sports
• Social media from an athlete's perspective

With speakers representing Essendon Football Club, Cricket Victoria, Herald Sun, Football Federation Australia and more. Digital Sport Summit will take place at the Melbourne Cricket Ground.

---

22 - 23 September 2010: Singapore

Social Media World Forum Asia

Social Media World Forum Asia is back for 2010. The event will be taking place at the larger venue - The Suntec Conference Centre - before the F1 Singapore night race. Two days of interactive and engaging conference featuring leading key figure keynotes, brand case studies, topical Q&A and debates, exhibition hall, workshops and networking. Speakers include:

Blake Chandlee, VP & Commercial Director, EMEA, Facebook

Nicki Kenyon, Vice President, Digital Marketing APMEA, MasterCard

Reynold D'Silva, Global Brand Marketing Manager, Unilever

Pooja Arora, Brand Manager, P&G

Thomas Crampton, Asia-Pacific Director, 360 Digital Influence, Ogilvy Public Relations Worldwide

Lito S. German, Marketing Director, BMW Group Asia

Ranjeet-Shandu Singh, Digital Project Manager, Ogilvy One Singapore

Derek Yeo, Head of Marketing, Tiger Airways

---

5 October 2010: New York City

FinovateFall

FinovateFall will return to Manhattan on Tuesday, October 5 to showcase dozens of the biggest and most innovative new ideas in financial and banking technology from established leaders and hot young companies. The Fall event is the original and largest Finovate and features a single day packed with our special blend of short, fast-paced onstage demos (no slides are allowed) and intimate networking time with top executives from the innovative demoing companies.

FinovateFall is a unique chance to see the future of finance and banking before your competition and find the edge you need in today's market. Early bird registration rates are available.

---

29 - 30 March 2011: London

Social Media World Forum Europe

Social Media World Forum Europe: Two days of interactive & engaging conference featuring leading key figure keynotes, brand case studies, topical Q&A and debates, exhibition hall, workshops and networking.

Social Media World Forum Europe is continuing to evolve and deliver an event which is second to none, ensuring our audience receive the maximum potential from attending our shows. New for 2011 we have introduced interactive panel discussions, live streamed debate sessions, collaborative learning, break-out group discussions, open Q&A portions in every session, open workshops, with group discussions and interactive zones within the exhibition hall. We have introduced the Online Marketing Toolbox Workshops, educating in all elements of the online marketing mix, such as SEO, Paid Search, Affiliate, Mobile & Apps. The perfect toolbox to complete your online marketing strategy.

---

Download this entire events calendar in iCal format.

Discuss

First Look at TweetDeck's New Foursquare and Buzz Integration [SCREENSHOTS] —

Popular cross-platform social app TweetDeck is announcing an update to its desktop client this morning which will add Foursquare and Google Buzz to its arsenal of supported streams which already includes Twitter, LinkedIn, MySpace and Facebook. In addition, the version 0.34 update will allow for the addition of any Twitter-compatible APIs, including WordPress, StatusNet and Tumblr, as well as a slew of other features such as global filters and scheduled posts. The company will also announce financial news this morning, confirming that it has raised an undisclosed amount of Series B funding.

Sponsor

TweetDeck, which was invited to test the Google Buzz API announced Wednesday, is wasting no time in integrating the service into its desktop client. Users will be able to send updates to Buzz, as well as view, like and comment on their friends' posts directly from a stand-alone Buzz column in the app. TweetDeck maintains most of the Buzz experience within its column system, letting users collapse and expand comments for a streamlined experience.

The app has also added support for location, including geotagged Tweets, Buzz entries and Foursquare updates. By adding their Foursquare account to a column within TweetDeck, users will be able to view their friends' location-based updates, as well as visualize their locations with an embedded Google Map within the column. Additionally, Twitter-compatible APIs may also be added, allowing the client to interact with services like Tumblr, WordPress and StatusNet.

Rich media will also be given a front-row seat in the latest release, as uploading and recording videos to 12seconds or TwitVid is integrated into the client. Updates can also be scheduled for a later date and time, and global filters will let users automatically remove feed entries across all columns based on any terms. This latest release will also provide users with the ability to incorporate their own custom URL shortening service.

After a quick test of a pre-release of the latest version of the app, I found that the Buzz and Foursquare integration worked smoothly. When trying to add a Twitter-compatible API, WordPress failed to sync up but Tumblr was successful. I was able to publish text entries on Tumblr, but adding photos or videos did not seem to transfer the way I had hoped they would.

With this update TweetDeck is taking enormous steps toward becoming a complete social dashboard - at least on the desktop. To be honest, I had largely given up on the app because of the sluggish feel of Adobe Air applications, but the integration of Foursquare, Buzz and other services may just draw me back to it. The securing of additional funding means we can expect only bigger and better things from the company in the near future.

Discuss

We’ve been watching this episode since yesterday.  Some Twitter users were noticing that anything with RT in it wasn’t being seen in certain search functions.  The community as a whole went into an uproar.

It seems that Twitter heard that message loud and clear.  We contacted Twitter, and were just given this response via email:

“We’ve been experimenting with ways to identify duplicate content, and recently implemented an approach that identifies retweets as duplicates. This only applied for logged-in searches on www.twitter.com, not to searches on search.twitter.com, search APIs, or the logged-out homepage.  However, this change has not had a positive impact on the user experience so we plan to revert it. Eliminating explicitly duplicative content from search results in a more intelligent way is something we plan to work on more in the long-term.”

It’s always great to see when a company listens to the user base, and even greater when they take an extended hand.  The RT function is important to many of us, and Twitter sees that fact.

Free software pioneer Richard Stallman spoke with us recently about the principles of free and open source programs, and what he had to say is as relevant and revolutionary as when he first started working in this field 30 years ago.

Our community has been talking a lot lately about what it means to be open, about what makes software open, about what makes companies open. No matter what talk of “openness” you hear in the media, no major web company — not Facebook, not Google, not Adobe and certainly not Apple — is creating truly free and open applications. Some may make gestures toward this ideology with APIs or “open source” projects, but ultimately, the company controls the software and the users’ data.

At the end of the day, if you want freedom and privacy, the only way to attain those goals is to abstain from proprietary software, including media players, social networks, operating systems, document storage, email services and any other program that is licensed, patented and locked down by a corporation. If you prefer convenience — well, best to stop complaining about your loss of freedom and/or privacy.

Like many heroes of the digital era, Richard Stallman is largely unsung by the general populace. Yet when it comes to user privacy and technological freedom, he’s probably one of the most committed individuals in the world.

By freedom, he means four things:

1. The software should be freely accessible.
2. The software should be free to modify.
3. The software should be free to share with others.
4. The software should be free to change and redistribute copies of the changed software.

Stallman started the Free Software Foundation. He even worked to make an operating system (GNU/Linux) that could be entirely free. And he is deeply opposed to proprietary software, software with commercial licenses that fly in the face of everything he calls freedom.

If you’ve ever downloaded music illegally, if you’ve ever complained about closed platforms, if you’ve ever gotten a serial number online for software you didn’t buy, if you’re worried about social networks controlling your data, you need to hear what Stallman has to say.

We got the chance to interview Stallman extensively at WordCamp San Francisco, and we’ll be posting segments of that interview each week. Stay tuned for insights on music sharing, Apple versus Adobe and more.

Note: Stallman asked that we use Ogg Theora, an open format, for encoding this video. To download the original video, go to its Wikimedia page. This video is published under a Creative Commons-No Derivatives license.

---

For more technology coverage, follow Mashable Tech on Twitter or become a fan on Facebook

---

Tags: free software, freedom, open source, rms, Stallman, video

Two weeks ago, the IETF OAuth Working Group published the first draft of the OAuth 2.0 protocol. OAuth is a security protocol that enables users to grant third-party access to their web resources without sharing their passwords. OAuth 1.0 was published in December 2007 and quickly become the industry standard for web-based access delegation. A minor revision (OAuth 1.0 Revision A) was published in June 2008 to fix a security hole. In April 2010, OAuth 1.0 was published as RFC 5849.

OAuth 2.0 is a completely new protocol and is not backwards compatible with previous versions. However, it retains the overall architecture and approach established by the previous versions, and the same introduction (from the Official Guide to OAuth 1.0) still very much applies.

Many luxury cars come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will only allow the car to be driven a short distance while blocking access to the trunk and the onboard cell phone. Regardless of the restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using another key to unlock everything else.

As the web grows, more and more sites rely on distributed services and cloud computing: a photo lab printing your Flickr photos, a social network using your Google address book to look for friends, or a third-party application utilizing APIs from multiple services.

The problem is, in order for these applications to access user data on other sites, they ask for usernames and passwords. Not only does this require exposing user passwords to someone else – often the same passwords used for online banking and other sites – it also provide these application unlimited access to do as they wish. They can do anything, including changing the passwords and lock users out.

OAuth provides a method for users to grant third-party access to their resources without sharing their passwords. It also provides a way to grant limited access (in scope, duration, etc.).

For example, a web user (resource owner) can grant a printing service (client) access to her private photos stored at a photo sharing service (server), without sharing her username and password with the printing service.  Instead, she authenticates directly with the photo sharing service which issues the printing service delegation-specific credentials.

The new draft represents a yearlong discussion around goals and requirements for the protocol with participants from a wide range of companies including Yahoo!, Facebook, Salesforce, Microsoft, Twitter, Deutsche Telekom, Intuit, Mozilla, and Google. OAuth has long been the poster-child of rapid open technology adoption, and 2.0 is no exception – Facebook and Twitter already announced support even before the first draft was officially published.

Why a New Version?

OAuth 1.0 was largely based on two existing proprietary protocols: Flickr’s API Auth and Google’s AuthSub. The result represented the best solution based on actual implementation experience. With over 3 years of experience working with the protocol, the community learned enough to rethink and improve the protocol in three main areas where OAuth 1.0 proved limited or confusing:

Authentication and Signatures

The majority of failed OAuth 1.0 implementation attempts are caused by the complexity of the cryptographic requirements of the specification. The fact that the original specification was poorly written didn’t help, but even with the newly published RFC 5849, OAuth 1.0 is still not trivial to use on the client side. The convenient and ease offered by simply using passwords is sorely missing in OAuth.

For example, developers can quickly write Twitter scripts to do useful things by using their username and password. With the move to OAuth, these developers are now forced to find, install, and configure libraries in order to accomplish what was before possible with a single line of cURL script.

User Experience and Alternative Token Issuance Options

OAuth includes two main parts: obtaining a token by asking the user to grant access, and using tokens to access protected resources. The methods for obtaining an access token are called flows. OAuth 1.0 started out with 3 flows: web-based applications, desktop clients, and mobile or limited devices. However, as the specification evolved, the three flows were merged into one which (on paper) enabled all three client types. In practice, the flow works fine for web-based applications but provides an inferior experience elsewhere.

As more sites started using OAuth, especially Twitter, developers realized that the single flow offered by OAuth was very limited and often produced poor user experiences. On the other hand, Facebook Connect offered a richer set of flows suitable for web applications, mobile devices, and game consoles.

Performance at Scale

As large providers started using OAuth, the community realized that the protocol does not scale well. It requires state management across different steps, temporary credentials which are more often than not discarded unused, and typically requires issuing long lasting credentials which are less secure and harder to manage (and synchronize across data centers).

In addition, OAuth 1.0 requires that the protected resources endpoints have access to the client credentials in order to validate the request. This breaks the typical architecture of most large providers in which a centralized authorization server is used for issuing credentials, and a separate server is used for API calls. OAuth 1.0 requires the use of both set of credentials: the client credentials and the token credentials which makes this separation very hard.

So What’s New?

The following is a subset of the new features available in OAuth 2.0:

6 New Flows

• User-Agent Flow – for clients running inside a user-agent (typically a web browser).
• Web Server Flow – for clients that are part of a web server application, accessible via HTTP requests. This is a simpler version of the flow provided by OAuth 1.0.
• Device Flow – suitable for clients executing on limited devices, but where the end-user has separate access to a browser on another computer or device.
• Username and Password Flow – used in cases where the user trusts the client to handle its credentials but it is still undesirable for the client to store the user’s username and password.  This flow is only suitable when there is a high degree of trust between the user and the client.
• Client Credentials Flow – the client uses its credentials to obtain an access token. This flow supports what is known as the 2-legged scenario.
• Assertion Flow – the client presents an assertion such as a SAML assertion to the authorization server in exchange for an access token.

Native application support (applications running on a desktop or mobile device) can be implemented using many of the flows above.

Bearer tokens

OAuth 2.0 provides a cryptography-free option for authentication which is based on existing cookie authentication architecture. Instead of sending signed requests using HMAC and token secrets, the token itself is used as a secret sent over HTTPS. This allows making API calls using cURL and other simple scripting tools without having to canonicalize the request and sign it.

Simplified signatures

Signature support has been significantly simplified to remove the need for special parsing, encoding, and sorting of parameters. It also uses a single secret instead of two.

Short-lived tokens with Long-lived authorizations

Instead of issuing a long lasting token (typically good for a year or unlimited lifetime), the server can issues a short-lived access token and a long lived refresh token. This allows clienta to obtain a new access token without having to involve the user again, but keeps access tokens limited. This feature was adopted from Yahoo!’s BBAuth protocol and later its OAuth 1.0 Session Extension.

Separation of Roles

OAuth 2.0 separates the role of the authorization server responsible for obtaining user authorization and issuing tokens from that of the resource server handling API calls.

When is it coming out?

OAuth 2.0 is currently in development by the IETF OAuth Working Group. The latest draft is considered stable but with many features being changed or added. Partial support is already available from Facebook and Twitter. The final specification is expected by the end of the year.

(Yes, that was a LRDD-inspired pun.)

XRD 1.0 is the result of 5 years of community development and actual deployment experience. It represents the most concise, yet extensible way to describe web resources using well understood constructs such as links. It uses XML as its extensible backbone, enabling protocols to extend pretty much every element as needed. For a long time, XML was the source of XRD’s (and its predecessor, XRDS’s) extensibility.

But XML is no longer what puts the ‘X’ in XRD. XRD utilizes the Web Linking framework for accomplishing cross-format interoperability of link relation types, as well as URI-namespaced key-value properties (for both the resource properties and links). XRD 1.0 is extensible without having to define new elements or attributes. It is accomplished simply by using its <Link> and <Property> elements as-is.

There are cases where protocols will want to extend the schema, and that is where the XML foundation comes in handy. In addition, XML provides a mechanism for digital signature (which has as many critics as fans), and a clean way to add new elements without name collisions. The host-meta document is one example of an XRD schema extension, adding the <Host> element to replace the URI-based <Subject>.

However, XML is a heavy format, and is no longer the first choice in many new web protocols. JSON, a simple but powerful serialization format is getting more and more popular. OAuth 2.0 is likely to support JSON, following its adoption by popular services such as Twitter and Facebook as the default format of their APIs.

Introducing JRD

JRD, pronounced “Jared” and stands for JSON Resource Descriptor, is a JSON-formatted XRD document. It takes the XRD schema and converts it to a JSON structure, giving up some XML-based features, but gaining simplicity and adaptability to JSON-centric protocols and applications. JRD is based on a few simple rules:

• XRD is the canonical representation; JRD is meant as an alternative format offered in addition to XRD.
• JRD includes limited support for new extension objects (XRD elements), but isn’t optimized for that; it is meant for cases where the core XRD elements are sufficient.
• XRD can be converted to JRD; a lossless conversion of JRD back to XRD is not always possible.
• Obtaining JRD is designed as a special case request for an XRD using the HTTP Accept header or format request parameter; JRD is available where XRD is available.

In other words, services should continue using XRD as the primary format for their descriptor documents, and XRD should remain the default format for resource descriptors using the XRD schema. However, services may also support obtaining a JRD version of the document by allowing clients to specify a preference for JSON instead.

JRD supports the following XRD elements: <Subject>, <Alias>, <Expires>, <Property>, <Link>, and <Title>, as well as the attributes of the <Link>, <Property>, and <Title> elements. It does not support digital signatures, and its support for other namespaces is limited (and not yet fully baked).

Since nothing explains formats better than examples, the following fully-featured XRD document:

<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>

  <Subject>http://blog.example.com/article/id/314</Subject>
  <Expires>2010-01-30T09:30:00Z</Expires>

  <Alias>http://blog.example.com/cool_new_thing</Alias>

  <Property type='http://blgx.example.net/ns/version'>1.2</Property>
  <Property type='http://blgx.example.net/ns/ext' />

  <Link rel='author' type='text/html'
        href='http://blog.example.com/author/steve'>
    <Title>About the Author</Title>
    <Title xml:lang='en-us'>Author Information</Title>
    <Property type='http://example.com/author/role'>editor</Property>
  </Link>
</XRD>

Is represented by the following JRD document:

{
 "subject":"http://blog.example.com/article/id/314",
 "expires":"2010-01-30T09:30:00Z",
 "alias":
 [
   "http://blog.example.com/cool_new_thing"
 ],
 "property":
 [
   { "http://blgx.example.net/ns/version":"1.2" },
   { "http://blgx.example.net/ns/ext":null }
 ],
 "link":
 [
   {
     "rel":"author",
     "type":"text/html",
     "href":"http://blog.example.com/author/steve",
     "title":
     [
       { "default":"About the Author" },
       { "en-us":"Author Information" }
     ],
     "property":
     [
       { "http://example.com/author/role":"editor" }
     ]
   }
 ]
}

JRD supports extension XRD elements at the <XRD> or <Link> level (for now with no support for attributes). This part of the proposal is still a work in progress (so feedback is requested). It was basically designed to accommodate the host-meta extension, as well as other simple element-based extensions.

The following host-meta document:

<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'
     xmlns:hm='http://host-meta.net/ns/1.0'>

  <hm:Host>example.com</hm:Host>
  <hm:Host>www.example.com</hm:Host>

  <Link rel='license'
        href='http://example.com/license'>
  </Link>
  <Link rel='lrdd'
        template='http://meta.example.com?uri={uri}'>
  </Link>
</XRD>

Is expressed as:

{
 "hm:host":
 [
   "example.com",
   "www.example.com"
 ],
 "link":
 [
   {
     "rel":"license",
     "href":"http://example.com/license"
   },
   {
     "rel":"lrdd",
     "template":"http://meta.example.com?uri={uri}"
   }
 ],
 "namespace":
 [
   { "hm":"http://host-meta.net/ns/1.0" }
 ]
}

Note that elements with cardinality of zero or more are expressed as a JSON array (with the same element name as the key name). At the end of the JRD structure a new “namespace” array is used to indicate the source of the extension elements.

Obtaining a JRD Document

In general, endpoints should not return a JRD representation by default. They should return an XRD document. Clients looking for a JRD representation make their preference known by using the HTTP ‘Accept‘ header with the ‘application/json‘ media type, or include the ‘format‘ parameter with a value of ‘json‘ in the request (or both).

For example, requesting a host-meta using JRD:

> GET /.well-known/host-meta?format=json HTTP/1.1
> Host: example.com
> Accept: application/json

We’re currently transitioning all sites using Disqus over to a new version of the JavaScript code. This is what’s loaded on websites and enables reading, posting, and other interactions with the Disqus system.

What’s noticeably different? Nothing for now. This is the first rollout of a major revision to the foundation of Disqus. It’s going to enable our upcoming features and flexibility not previously possible. More on this soon.

Also with this change, we’re completely phasing out some support for nonpublic JavaScript APIs in the previous version of Disqus. We did our best to ensure backwards compatibility, but if you’re having problems just let us know in the comments here. We’ve also finally removed the old Classic themes, which just aren’t compatible with the new system at all. We’ll have much more on theme availability coming up.

Watch out for a followup post describing the internals of the new system and everything you can expect to see with the new Disqus.

The popular location startup Foursquare has removed the cover and brought forth their shiny new app store today.

The app store, more of a free marketplace, currently only supports ten applications as a proof of concept. To date some 500 applications have been coded using Foursquare’s APIs. If you are a developer of a Foursquare application, you can submit your app here to be included in the marketplace.

Foursquare is becoming a platform as it solidifies its lead as the defacto location startup focusing on check-ins with game mechanics. Smaller, yet well-funded competitor Gowalla has not succeeded in making significant inroads against Foursquare, despite efforts to the contrary. Gowalla has built and released an iPad application while Foursquare has not.

This application store will help the most die-hard of its users become even more entrenched in their choice of Foursquare. It will also help spur development of more applications that use Foursquare APIs now that there is a central distribution point for their dispersal.

Each app has a small page off of the main gallery section that gives a short blurb and screenshot of the application.

This is a good step for Foursquare against Gowalla, but hardly one that will help it become a mainstream product. Foursquare still has yet to convince the masses (ala Twitter or Facebook) that their app is impossible to not use. That will be their focus over the next year as they try to leave their technorati roots behind.

Via TC.

Don't Bore Your Twitter Followers: Link Different —

As we noted yesterday, Twitter isn't so much a social network as a broadcast medium. For most Twitter users, broadcasting information mostly means sharing links. Whenever you share a link, however, there is always the lingering question if your followers haven't already seen this link in their streams before. Thanks to Link Different, you can now easily check if any given link has already appeared in your followers' streams.

Sponsor

Getting Started

To get started, simply head over to the project's website, connect your Twitter account to Link Different and drag and drop the bookmarklet into your bookmarks bar. Then, whenever you want to share a link, simply click on the bookmark and Link Different will tell you how many of your followers have already seen this link in their stream. In addition, the service will also give you a bit.ly link.

Of course, you can never be absolutely certain that any of your Twitter followers actually saw a link - and there is also some value in repeated postings - but if you want to make sure that everything you post to Twitter is as original as possible, give Link Different a try.

This project is the work of University of Illinois at Urbana-Champaign grad student Eric Gilbert. Gilbert told us that Link Different, which performs a distributed crawl using Twitter's APIs, should scale well for accounts with large follower numbers.

Discuss

Today, we’re happy to make available a developer preview of the Native Client SDK – an important first step in making Native Client more accessible as a tool for developing real web applications.

When we released the research version of Native Client a year ago, we offered a snapshot of our source tree that developers could download and tinker with, but the download was big and cumbersome to use. The Native Client SDK preview, in contrast, includes just the basics you need to get started writing an app in minutes: a GCC-based compiler for creating x86-32 or x86-64 binaries from C or C++ source code, ports of popular open source projects like zlib, Lua, and libjpeg, and a few samples that will help you get you started developing with the NPAPI Pepper Extensions. Taken together, the SDK lets you write C/C++ code that works seamlessly in Chromium and gives you access to powerful APIs to build your web app.



To get started with the SDK preview, grab a copy of the download at code.google.com/p/nativeclient-sdk. You’ll also need a recent build of Chromium started with the --enable-nacl command-line flag to test the samples and your apps. Because the SDK relies on NPAPI Pepper extensions that are currently only available in Chromium, the SDK won’t work with the Native Client browser plug-ins.

We’ll be updating the SDK rapidly in the next few months, so download a copy, develop some cool apps, share them with the community and send us your feedback! If you build useful libraries in the process, please also consider submitting a patch to the SDK packages directory – chances are, what’s been useful to you will be useful to others. Finally, if you’re attending Google I/O, come to our Beyond JavaScript session, or meet the team at the Developer Sandbox.

Posted by David Springer, Senior Software Engineer

Tim Bray on Android and Private APIs —

Shared by djacobs
So wrong!

Nice explanation from Tim Bray on Android programming APIs:

The Google-provided SMS app has its own database that it uses to stash away the SMS history, and it sets up its own Content Provider for its own internal use. It turns out that if you read the source code, you can figure out how to reach in and access that Content Provider. Which is probably a bad idea, because it’s part of an application that might not even be there.

I personally think the benefits of an Open Source platform exceed this sort of cost — when someone uses the source to figure out how to do something that really isn’t very smart.

There are several significant differences between Android and iPhone OS application APIs, but the biggest difference is one of policy. Every complex platform has APIs that third-party developers shouldn’t use. Android is like Mac OS X (or Windows, or other non-console-style systems) where developers can choose to use these private APIs, against the vendor’s advice, and take their chances. With the iPhone OS, Apple enforces a ban on their use via the App Store review process. That’s the difference.

Live Video Access for iPhone OS 4.0 Has AR Developers Excited —

When Steve Jobs and Apple announced some of the new features and APIs that would be available in the upcoming iPhone OS 4.0 upgrade, they managed to sneak in a feature that has gone largely unnoticed. On a slide showing a smattering of new APIs, "Full access to still and video camera data" sat quietly at the bottom of the screen, and when Jobs named off a few of the APIs, he left this one out. Mobile augmented reality (AR) developers, who have been champing at the bit for access to raw iPhone camera data insofar as to petition Apple for it, immediately took notice of the feature.

Sponsor

But wait, can't apps already access the camera? Until OS 4.0, this was only partially true. Yes, developers could access the camera and include either stills or video in their applications, but the ability to actually analyze a live video feed has been severely hampered. Previously, applications could pull screenshots of a video feed at a rate of around 15 frames per second, but now these applications will be able to analyze the raw video feed.

This will help applications that currently rely on analyzing video stills to complete their tasks much faster, and will open the door for new applications to process the live data for new types of visually aware apps. Mobile AR developers have been previously forced into creating "blind AR" apps that are merely using the video feed as a backdrop on which to place geo-tagged markers. With access to the raw video data, the environment being captured from the camera will now be able to play a much larger role in accurately placing these markers into 3D space.

While in Colorado for Boulder Startup Week I've had the chance to chat about AR with a few developers and engineers who are excited for live video access in iPhone OS 4.0. Both Brendan O'Connor from SimpleGeo and Vikas Reddy from Occipital agree that this new API is a huge step forward for mobile AR applications - something both companies are looking to delve into further in the near future.

It will be very interesting to watch the advancements in mobile AR and other fields as developers start discovering new ways to make use of live video data. With a rumored front-facing camera coming to the next generation iPhone, mobile AR could also take some steps forward that will allow experiences much like those seen in desktop-based applications that use a webcam. For that to happen, however, developers have needed the access to live video data. Now they have just that.

Discuss