Hueniverse

Pownce’s API chief Shawn Allen recently opened a Google group to discuss the upcoming Pownce public API trying to capture the same community buy-in the Twitter group is known for. Shawn raised the question of API security and authentication, something  I have been thinking about for a couple of months now (building a somewhat similar service). The goal is to try and find the right balance between ease of use for developers, security and privacy. Nouncer requires a solution that will address multiple client needs (desktop application, AJAX script, server-side web script), and will be easy to use in multiple technologies. This message was originally posted to the Pownce API group and has been revised for the Hueniverse blog.

For the first few months I did my best to avoid writing a business model. Having limited time, I had to choose between writing presentations to writing code and code is much more fun (I am a geek). But eventually I spent a few weeks coming up with a model using a very fancy Excel spreadsheet. More than anything else, the model showed that making money from a micro-blogging platform is not a trivial task. Unlike most new Web 2.0 services, micro-blogging (when successful) does not scale like a web site. It is a messaging platform and as such is a very different beast. I have since transitioned to a very different model, but the original plan was a valuable exercise.

There seems to be some correlation between Twitter and Pownce usage lately. Looking at Alexa for the past month, the two have similar trends of up and down reach. It’s possible the time period and sample is just too small to reach any conclusions but it might also be that there is a great deal of overlap between the two services, which makes sense. It also seems to show that Pownce has not taken users away from Twitter as the modest decline started before Pownce launched.

Different - as in random and extremely technical statistics about Nouncer.

After a year of development, of which the last 2 were full time, Nouncer has 74,182 lines of source code of which 74% are actual code (of which 4% also have comments with code), 5% are comments (only), and 21% are blank lines (I like to give my code space). Nouncer is written in C++ using a few open source libraries such as Poco and Boost (which are excluded from the line count). If you work in C++ and didn’t hear about Poco, you are missing out on one of the most outstanding and important C++ libraries in years.

Going through old documents in an attempt to clean my source control archive, I found the original 5 page Extreme Blogging document written in January 2006. It is funny how this exact idea matured in the minds of so many people within a few months from each other. The majority of the document is still confidential as it describes ideas and use cases that were not yet “discovered” by others or at least not yet made public (which is more likely). But I thought it would be cool to post the introduction – which was the first thing I wrote and how this adventure started.

The past two weeks have been mostly dedicated to implementing session management and authentication API calls for Nouncer. I have made an early decision to support OpenID in the API and to make it Open Source friendly. I am no authority on such matters, and beside recently joining the OpenID specification mailing list, as well as a few other relates groups, I am mostly in learning mode. The amount of material started small with OpenID 1.1 at under 20 pages, but quickly turned into a tricky adventure into the thickness of OpenID 2.0, XRI Syntax, Yadis, XRDS, and other new standards.

I have been working on the Nouncer authentication API calls the past few days and been struggling to find the right way to balance between features and security. Like most sites, somewhere deep inside Nouncer there is a database table with usernames and passwords. I knew I did not want to store passwords in plain text, nor allow unsecure authentication. As I was working out the details, I started to think about what other pieces of information I want to store which are a security liability if someone broke into the database and stole user records. Nothing really stood out.

The Nouncer logo took about 3 month to develop with over 100 revisions, 5 designers, and a panel of 15 friends. Of the original 10 concepts received (for a bargain amount of $495), three concepts made it to the finish and evolved into mature logos. I find logo design a fascinating art and always wanted to have access to the artifacts of other companies, see how they ended up with the logo they are known for. As I was going through the process, I decided to share it with the world and post most of the revisions in some logical order for others to follow. I say “most” and “some” because putting every single pixel change or color test is just nuts.

The first question I asked myself a year ago, sitting down to write the first line of code, was admittedly wishful-thinking, but it influenced my work more than any other factor: “What will happen if I build a microblogging service and it’s an overnight success with a million users?”. It doesn’t take long to realize that if each user subscribes to 10 other users and each one of them generates a single message a day, the message rate is enormous. Then add to that some smart filters, search, and content browsing and the platform is already in a scaling crisis, and that’s before adding any smarts to it.

Ever since singing up to the now defunct Six Degrees site, I have been toying with the idea of real-time social networks. Back in 1997, excited about the amazing potential of social networks, I added all my friends’ email addresses to my Six Degrees profile, only to discover a few days later that they were all rejected out of fear of their email address being used for spam.

But there was something amazing in the simple idea of building a network of people on-line and then using that network to create a community. When Friendster showed up, and later MySpace, I no longer had the time to spend on-line building a virtual social network.