I've spent the last few days keeping track of the seemingly endless stream of news and blog coverage about Google's new OpenSocial model for social networking applications. OpenSoci…
OpenSocial is largely based on open standards and there's only minor developer lock-in. Overall, it actually seems pretty safe to do a lot of your social application development using OpenSocial. It uses the essential browser open standards of XML, HTML, Javascript, and the data formats are all ATOM and RESTful/WOA.
OpenSocial is a real doorway to social networking data portability as well as potential security holes. A site that supports OpenSocial applications provides that application with all the people data in that user's account. Their own info as well as their friends.
OpenSocial applications provides that application with all the people data in that user's account. Their own info as well as their friends. This can be used to export user's social data from sites that don't support themselves directly and it could even be used to knit together a person's social data across other social sites that support OpenSocial, with properly designed 3rd party apps. But it also opens the door to security problems and expect to see that security, cross-site scripting, and exploits become an issue over time, as it always does when platforms open up to the rest of the world. Update: Michael Arrington has reported that the first OpenSocial app has now been hacked.
Google almost certainly thinks OpenSocial will ultimately be very good for Google, if not outright bad for a few others (probably Facebook). While the openness is encouraging, if OpenSocial is successful, Google has a plan to make that success work for it. Those plans may not always be to the benefit of everyone playing under the OpenSocial umbrella. User beware.