Welcome to the May 2011 edition of the 18INT newsletter!
Facebook and SSL
Facebook has been battling some bad press in the past month. They were caught hiring a PR agency to smear Google over privacy issues, perhaps to distract everyone from their ongoing security issues. Facebook app developers are a wild herd of cats, and facebook is finding they don’t all follow along. The protocol used by Facebook and applications can make it easy to “leak” a session identifier, which is an opportunity for bad guy to take over your account. Part of Facebook’s solution is to push all the apps into SSL. Another is to push all the apps into using OAuth 2.0 for authentication. Translated, this means if you’re running an app on Facebook, you’ll be upgrading your code very soon.
Facebook did not make a big splash about SSL when it rolled out in January, but there were plenty of people posting to their walls about it. Facebook clearly wasn’t completely ready for the feature. If you enabled it, the pages on Facebook itself would be encrypted, but you would find that most applications, including popular games like Farmville, would ask you to turn off SSL. Few developers had time or resources to offer encrypted versions of their apps. And when users clicked to turn it off, it stayed off.
Since then, Facebook has extended the Developer Roadmap to include dates where all apps must be served via SSL and users must be authenticated via OAuth 2.0. Version 3.0 of the PHP SDK was released recently, and it now supports OAuth 2.0. Unfortunately, the API has changed (again), so you can’t simply upgrade from version 2.2 of the SDK. In addition, the Javascript SDK has not yet been upgraded to support OAuth 2.0. This will be a tight turnaround to support the new requirements by September 1st.
- Developer Roadmap Update: Moving to OAuth 2.0 + HTTPS
- Facebook Caught Running a Covert Smear Campaign Against Google
No ODP!
Do you have the need to control how search engines analyze your Web site? You probably already know about making a robots.txt file to ask Google, Bing or Yahoo not to index parts of your site. For instance, you might want to keep your images directory out of search results. In addition to the robots.txt file, you can also control search engine spiders with the robots meta tag.
Where the robots.txt file applies to a directory, the robots meta tag applies to a single page. You place the tag into the head section of the HTML document, like the following.
<meta name=”robots” content=”noindex, nofollow”>
As with a robots.txt file, you can use noindex to ask the search engine not to index this page. You also can ask it not to follow any links on the page with nofollow. In addition, you can ask any of the search engines not to describe your site using content from the Open Directory Project using the noodp value. The ODP is a public directory of Web sites, and the description of your site there can be completely separate from any content on your site.
Google alone also offers a few other values: noarchive to prevent offering a cached version, nosnippet to prevent showing any description of your site in search results, and unavailable_after to let Google know that a page will be going away after a certain date.
I Can Haz Attenshun?
I am a programmer who has worked with marketers for most of my career. I find most ads annoying. I enjoy the skip button on my DVR and the AdBlock browser extension. I’d rather check out the latest from Memebase. My ideas about advertising are radical, but I want to stay humble. Still, I couldn’t resist trying the following crazy idea: submit demotivationals to memebase.com with my domain name embedded.
Demotivationals are parodies of motivational posters. Despair.com created the brand, but no one ones the meme. I picked this meme, versus rage guy or hipster kitty, because it requires less Photoshop skills and more room to write text. I found a couple of ads in the Sunday Contra Costa Times that struck me as worthy of ridicule, and I came up with the following.
I don’t know, maybe it will get voted onto the home page of memebase.com, and maybe someone will wonder what 18int.com is. Probably not.
Do you find this newsletter helpful? If you do, please invite others to subscribe. As always, I appreciate your attention, and if you don’t care to receive any further emails, please use the unsubscribe link below.
Thanks!
Leon Atkinson
Eighteen Intelligence