@madpilot makes

Proposal: An open inter-conversation microblogging protocol

Spurred on by Gary’s discussion on the number of micro-blogging sites around, the “Is it Distributed?” question made we wonder if we are going about this wrong. Cameron Adams was right when he said there is only one social network, so why are we flicking between a large number of them? Why aren’t we running out own?

Beyond a number of small superficial differences they all do the same thing – you add friends, post what your doing (usually in an arbitrary 140 characters or less) and read what others are doing. There really is no reason why this can’t be truly distributed, i.e. I can run my own micro-blogging site, and all my friends can run their own micro-blogging sites – all that is needed is some glue (a communication protocol) to bring it all together. The great thing about this, is we already have systems to make this happen – get your buzz-word bingo cards out people…


The first part of this system is a RESTful API that allows friends to post information in your timeline and you to post to others. Everytime you post to your microblog, it will iterate through your list of friends and forward the message on to them. The same thing happens if you delete a post – if notifies all your friends to remove the post from their local database. To ensure that random people can’t spam our feeds, we can use OAuth to give “friends” permission to send us information.

Your own timeline

The reason that your microblog would need to be notified of other peoples posts would be so you can cache these posts on your own microblog, which gives you a twitter style public timeline. The advantage of this is that there is basically no database load to display YOUR feed – the only information in your database are the posts that you want to read!

Adding friends

So how can you add friends and allow others to follow you? This is actually pretty easy using OAuth – by adding your microblog to your friends microblog authorised list, they know that you need to be notified on an add or delete command. This gives us the side effect that we can manage not only who we follow but who follows us – if you want to stop someone from following you, you just de-authorise them. So what happens if a new friend adds your microblog to their timeline? A simple GET command could be made to receive all of the posts by the new friend, effectively syncing up the two databases – all future posts will obviously push to the new friend (and vice-versa) so there is no expensive polling.

Other peoples timelines

If someone has a public timeline, this is a no-brainer. Each persons microblog would just be available and others can just read it. But what about private timelines? Enter OpenID. If each of your friends provide an OpenID URL, they would be able to login to your microblog to read your private feed – no password required, but is still totally private.

Discovery services

Many twitter users scour the public timeline waiting for people to post things that they are interesting in. This is actually quite easy to implement on a distributed system – have a read only super node that everyone posts to. Voila, instant public timeline. This also means that you can easily create “channels”. Instead of only having one public timeline, you can have many based on different topics.

Unlimited extensions

One of the value-adds for Pownce is the ability to share attachments and events. In reality, all it does is provide a link to a file on a remote service. If you wanted to add this function to your microblogging site, you can quite easily – as long as you post the link to others. This means you have complete control over what your microblog does, as long as it still talks the protocol.


  1. The obvious one is you aren’t at the mercy of servers doing a twitter (ie. being up and down like a yo-yo). If your friends server goes down you miss out on their posts, but no one elses.
  2. You have control over your data – you don’t have to worry about a service disappearing overnight and you not being get at it. It all on your server
  3. Distributed data – your server dies and your harddrive explodes, your data can be rebuilt from the data that is stored on one of your friends databases


  1. If someones site is down they may miss some updates, so you would need a method for re-syncing all friends posts from a certain date – no biggie.
  2. It does make completely removing your account difficult as you can’t really ensure your friends are going to respond to delete commands correctly

So what do people how don’t have their own server to run this on? This is the kicker – you can still have hosted versions of the system. This works for blogs (I host my own, but some of my friends use systems like Blogger.com) and OpenID which makes it much more accessible.

If there is some interest in this, I’m sure we can start drafting some specifications. I’d be interested in your thought.s

New version of 88 Miles goes live!

For the past couple of months, I’ve been slaving away prepping the next version of 88 Miles, my simple time tracking application and now, I can happily announce it is alive! There are heaps of new features, and bug fixes, including a migration to Rails 2, a migration to a new server as well some dabbling in the wonderful world of Rails plugins. Some of the features are below:

Saasu.com integration

Many people have been asking for invoicing from 88 Miles, but since it is really outside of where I’d like to see 88 Miles go (The strap line is Simple time tracking for a reason) so Saasu | The web finance engine to the rescue! I wrote the the Rails plugin that talks to Saasu.com, and I’ll be releasing it shortly after making a few cleanups (There are some parts of the API I’m not using in 88 Miles that are still a little rough around the edges). The plugin will allow users to sync companies and contacts as will as create invoices straight from their timesheets. I’m pretty excited by this feature.

OpenID support

88 Miles is now OpenID aware, so you can use your third-party OpenID to login to 88 Miles. Just between you and me, OAuth will be coming soon (as soon as the rails plugin and ruby library settle).

New REST endpoints

There has been quite a bit of work on the REST API — it should now be much more consistent (i.e the data that the server sends and the data that the server expects is the same). I’ve also removed the /api in the endpoint URL, as it was becoming a nightmare to maintain.

New Server

Finally, the biggest change is our new server! We have moved over to a Joyent accelerator, which are specifically tuned to the Ruby on Rails platform. This means everything will be quicker. The old Media Temple server, whilst great didn’t really allow for much customisation, and with the Christmas special of two years for the price of one, it was kind of hard to pass up.

It’s been a fun ride – this project is always a great learning experience for me – and it helps that there are others out there that like it. Go and try it out if you haven’t before (or even if you have) :)

Hot or Not

Call it lazy blogging, but the beginning of a new year is a perfect opportunity to write a list post. I’m not going to call the list below predictions for 2008 as there is absolutely no scientific basis for any of this, so I’m calling it Hot or Not – stuff that I think/want to be hot in 2008 and stuff that I would love to see head to the big TCP/IP stack in the sky.

OAuth: Hot. Anything that brings some sort of order to the big bad world of web APIs is a good thing. If you haven’t seen it yet, it is a specification that describes a method for token-based access to third party applications. So now there is really no excuse for that confounding social network to ask for your usernames and passwords to all of your other confounding social networking sites, just so it can spam have access to all of your friends.

Confounding Social Network sites: Not. OK. That is enough. I am over been bamboozed at the sight of another social network that has no direction, meaning or business model. The concept behind a social network is cool – we used to call them forums, remember – but it is now officially out of control. To the “entrepreneurs” behind them – stop trying to kill Facebook, they have more money than you and careless less about their users than you ever could (Exception: Spock – You are still Satan’s spawn).

Software as a Service: Hot. It’s kinda like Web2.0 but this time with meaning. Bring back computing to what it was meant for – helping humans to do what they do. The web is the perfect delivery method for a lot of the desktop software we use everyday. Google has already shown us what can be done with apps like GMail and Google Docs and there is a myriad of web applications that have made the leap (If I can build one, anyone can). Pay for what you use, don’t worry about license fees any more, don’t worry about what happens when you hard drive crashes, or about deploying to all 500 machines in your organisation.

Advertising as a Business Mode: Not. The darling child of Web2.0/New Media/Social Networks. Unless your site is already doing the traffic of Google/YouTube/Facebook or your are a porn site, go and erase the “we will pay for our hosting via advertising” line from you business plan. Seconds thoughts, if you are Facebook, you should probably do the same (Nice work on beacon – at what point did that actually seem like a good idea?). Advertising only works if there is eyeballs a LOT of eyeballs on pages and if your target audience is the type that clicks on ads. And since every man and his dog has released a social network this week, you aren’t a unique snowflake. Get a real business plan first.

Mashups: Hot. Yeah, I know – these have been around since the first beta of Web 2.0 but it has never really extended much beyond adding a Google Map to your site. I think 2008 and will see some really cool productivity apps built leveraging the webservices of other web sites. I think that it may even spill over in to the corporate world – I’d love to see company intranets using webservices to customise workflows.

Getting VC funding then hoping to sell to : Not. Now, I have no problem with the concept of funding, or the hopes and dreams of having a large company with a bank balanace bigger than your phone number (including country and area code) throw you some bones, per se. Where I do draw the line, however is pitching with a business plan that can’t really pay back a return to the investor unless the business get bought out. Mind you, the investors really should know better – or maybe they are just much smarter than I am, who knows. Regardless, when this whole thing collapses in on it’s self, I’ll be dancing like it is on sale for $19.99…

Mobile: Hot. This is the next frontier for the web. Everyone has a mobile (some people two or three) and they are generally on their person at all times. Extend the SaaS idea to these small devices and you really will be able to get your stuff done when it suits. Again, this isn’t new, but there have been some advancements in technology and some new players who understand the web much better (that’s Google if you were wondering). I think 2008 is the year that see the mobile platform as a first-class netizen rather than something that the work experience kid gets to work on.

Using user data with out permission: Not: You would have by now seen my (MANY) rants about Spock and Facebook. Those playing in the dirty, back alleyways of social networking really need to take a long hard look at themselves. It’s my data, and I’d prefer it if you didn’t sell my browsing habits to the highest bigger. And don’t even think about scraping my data from other sites without my permission – they asked nicely, you didn’t.

Company-as-a-Service: Hot. Haven’t heard of this? That’s because I just made it up. We have seen Software-as-a-Service, Hardware-as-a-Service (eg Amazon EC2), so why not have have companies that can shrink, grow and churn as required? There are so many freelancers and consultants out there, as well as a huge number of micro businesses. If they all grouped together, they would be able to work on sites ranging from the very-very big to the very-very small. Many places kind of do this already (this is why contracting was invented) but I can see this working in a more peer-to-peer sort of way – you aren’t contracting for someone, you are contracting with someone (there is a remarkable difference).

New years lists: Not.

Leave a comment – Is this Hot or Not ;)

Facebook, OpenSocial – meh. Why aren’t widget useful?

Widgets are a hot topic in the world of social networks and blogs, but at the end of the day they really don’t make our lives better. I mean honestly, if all of those widgets out there stopped would we miss them? Hell, some of them are down right annoying. The IDEA of a widget is not as dumb as some of these apps, but for some reason they haven’t been embraced by those developers that are helping us to get things done.

Google has just released OpenSocial, and I was admittedly pretty excited – for about 5 and a half seconds at which point I realised it would have limited scope outside of the social networking world (hence the name). Why was I excited? Well I would love to be able to create a widget for 88 Miles – imagine being able to drop a time-tracking widget into BaseCamp or NetAccounts or ? Or, even better, into your internal intranet.

OpenSocial has so much potential, but isn’t quite there for the Software as a Service guys, so why don’t we create a an Open Widget API? What do we need? Well, not that much – if we flip the way that OpenSocial works a little and do a little work from the application side.

JavaScript, JSON and HTTP

The easiest way to drop your widget on to a third-party site would be JavaScript. Create a standard JavaScript end-point that the third-party app can retrieve. Maybe it could pass in a element id that you could use to build your DOM tree from. Because the script is hosted on YOUR server, you can make calls back to your server via AJAX. You can use this to generate HTML, make callbacks, retrieve JSON and generally interact with your database.

This is SO easy with Rails, as you can get a JSON REST API out of the box, with very little effort. PHP/Pylons/ASP.NET will do the same thing easily enough to. Extend that idea, and with a little knowlegde of the site you are embedding on, you could probably even interact – add a company to your Basecamp account and it would automatically add it to 88 Miles. You could do it by registering observers of specific types maybe – not sure, will still have to think that bit through.


We already have a system for authentication – it’s called OpenID. If your site implements OpenID, it is pretty god-damn trivial to authenticate a user that has already authenticated on the third party site. Any OpenID provider worth it’s wait will remember your credentials once you have logged in – so the third party site can pass your OpenID URL down to the widget, then you can authenticate them from there, and because your provider has already logged you in, you won’t need to enter a username or password.

The ultimate mashup

If all of your favourite apps had these widgets, you could easily drop them in to your intranet site. How kick-arse would that be? What do you think?

AWIA’s very own OpenID server

I just deploying a new version of the AWIA website, which adds an OpenID service provider – so now AWIA members can use their member username and password to login to any OpenID-enabled website.

OpenID is a de-centralized authentication standard that allows you to use one username and password across any site that supports the standard. It can also send common information such as email address and username. The number of sites that support OpenID are steadily rising, which is why I added these functions to the site.

It is all very easy – login to your http://app.webindustry.asn.au/members/login click “Your details” then “Edit”. There is a new field labelled username. Enter a username here and then, when you come across an OpenID enabled site, just login in to http://app.webindustry.asn.au/user/[username]

Easy as you like it!