There’s three types of sites out there
Oct 23rd, 2008 by Luke Shepard

Let me count the ways…

Okay, so suppose you’re a website owner. You have a user database, but you want more people to use your site. You’ve heard about a lot of these technologies for making your login process easier, but you’re not sure how to use them. Facebook is offering Facebook Connect, and you’ve heard of Yahoo and the OpenID community. But how do you actually go about using them? What happens when a user decides to use one of these systems?

Three basic uses

Different sites have different uses for using delegated auth. Perhaps the site is already well established and just wishes to sprinkle some “social sauce” throughout to make their site more engaging. Other sites will be brand new and want to grow their userbase quickly. Still others may have a core userbase, but want to really increase their numbers.

1. Keyless remote

Log in once, logged in everywhere. Log out once, logged out everywhere.

My favorite aspect of this social web is the promise of being able to “sign into the web”. With a single click, I can log into any number of sites. For example, if I’m logged into Facebook, then I can go to a relying party and just be automatically signed in. This is incredibly powerful as it removes pretty much any friction. Of course there’s an initial setup phase for each website, but once that’s complete, I shouldn’t ever have to remember my provider again - the website just knows, and logs me in automatically.

If I log out of any site, then I’m logged out of my identity provider and all the rest of them. If I go to a shared computer, then I just click logout once, and I will be signed out of everything.

Master key

Substitute for name and password, but then manage everything after that.

Then there are some sites that will want to use OpenID as a means for logging in, but they have their own way of managing sessions after that. In this case, users will click on the “login” button for OpenID, Yahoo, or Facebook, and then they will get a session granted by the remote website. From here on in, it doesn’t really matter what the user does with his provider - the site will still have its own cookie that will determine if the user is logged in.

Simple Link

Establish a different identity, but don’t share sessions.

Some sites already have a strong userbase, and they perhaps have to protect credit cards or

Some sites already have a strong userbase. They really like selling data to advertisers, and they don’t want to get hung up on who “owns” the user. If they accept identity from a random OpenID provider, then what happens if that provider goes out of business? Will they be able to recover the identity? For that reason, these sites prefer each user to have their own username and password. They accept OpenID or Facebook because they want to just establish an extra link - for example, to get a user’s friends, or to display a link on their profile.

How do we implement it?

Authentication is a gnarly problem. It’s hard enough to figure out how to securely keep authenticated sessions alive on a single domain; how do you manage to get an authenticated session across domains? If I want to use yahoo.com as a provider, and I live on crossways.com, then how do I do that?

Answer: it’s pretty tough, but getting easier as library support evolves.

Logging in

The login process for OpenID is pretty straightforward. You either redirect full, or use a browser popup, but you open a window onto the identity provider’s domain. The user enters their username / password, then la-dee-dah, they are sent back where they came from and they are logged in. The RP can then set a cookie to keep track of that state.

If the RP has reason to believe that a given user has come from a specific provider, but they aren’t sure, then they can use the checkid_immediate call in OpenID to check if the user is currently logged in. For example, the RP might store a long-term cookie that says I’m jerry from yahoo.com. When I visit their site, it could do a quick redirect and then redirect back to check if I’m actually logged into Yahoo as chuck. If I’m not, then the OP can just show their normal sign-in page.

With Facebook, it’s the same basic approach, except that it is wrapped in a Javascript library. The JS does some fancy auto-detection of your login state before it renders the popup. Most importantly, it allows a site to know whether you are an existing, logged-in user before it ever does a popup, by using Facebook’s cross-domain communication library.

Google does something like this for Blogger. If you visit Blogger from a new computer, you’ll first be redirected to google.com, and then immediately back, and Blogger uses that to tell if you are logged into your Google account or not.

Logging out

OpenID doesn’t have a way to support universal logout; with Facebook, there is a FB.Facebook.logoutUser() method that allows you to log the user out of Facebook (as well as your own site, if you want). Likewise, if you log out of Facebook, then it invalidates all your sessions with the remote sites (applications).

Tacquerias and yuppies
Aug 3rd, 2007 by blogger

… pretty much sums up the Mission District. That’s where Nicole and I will be hanging our hats come this weekend. After so many long months of planning, packing, moving, traveling, dancing, wedding, and hunting, we are almost ready to start to settle down again. Whew! It’s been quite a tumultuous time. Since May, we have gone on a road trip from Seattle to California; hosted guests while our house collapsed in on itself; enjoyed pina coladas in Tamarindo, Costa Rica; imagined phantom earthquakes; written a new feature for Facebook (not yet released); ascended a mountain on the island of Ometepe in the middle of lake Nicaragua; learned how to pack liquids in carry-on and not get caught; read the full series of Harry Potter books …. oh yeah, and joined two families with a bond of lifelong commitment in the eyes of God. Almost forgot.

Our whirlwind existence is ready to come to an end, or maybe just the beginning? We already are imagining when we are celebrating our 31st year anniversary instead of 31st day, that we’ll reflect on these times and wonder why we did it all at once. And I’m not gonna lie, it’s been stressful. Quite. But I think doing the wedding in the midst of all of this has had its perks as well as its stresses. How wonderful was it to have so many of our close family and friends surrounding us while we go through this? It’s been exhilarating, and it’s all for the purpose of adventure, and living our lives out, so there’s really nothing to complain about.

So - the new apartment. It’s really quite nice, a bit smaller than the previous place (which feels like a mansion in comparison), but still roomy considering that it’s in San Francisco. Hardwood floors, one-bedroom, nice big kitchen, and a place for the bikes - it’s really everything we need. The Mission District is a formerly almost entirely Latino community that has undergone huge gentrification in the past few years. I’m not sure whether Nicole and I are helping the balance or not (I think we’re probably adding to the yuppification of our block). Our windows look out over a school, which is fitting for Nicole - hopefully she can work there or somewhere near there, although that is still up in the air. There are tons of tacquerias, burrito joints, coffee shops, clothing shops, and other stuff we haven’t discovered yet. Yes, folks, this really is the dense urban lifestyle I’ve craved. We’re really excited to move in!

Oh, and the address is 2458A Bryant St, San Francisco CA 94110. There ya have it!

Grant’s Pass, here we are
May 19th, 2007 by blogger

What a whirlwind of a week! In the past few days, I have quit my job, packed my belongings, and ended up at a bed and breakfast in Grant’s Pass, Oregon, where I write now. It’s a strange feeling, no longer being a resident of Seattle. I lived there for almost three years, made several good friends, and now to pack up and leave for a strange and new city - it’s so much at once.

The idea behind this move is exactly this though. If Nicole and I can make it through this in one piece, then I figure we will be less afraid of change in the future. I’m trying to just conquer it. Leaving Amazon, I felt a huge piece of my identity slip away. Since college, that has been who I am - a developer at Amazon. I had power to look at and change orders, and I had knowledge about how the insides work. Now that knowledge will grow stale, and my access passwords are gone, and I am just another one of the millions of customers. I met plenty of great people there, who I will definitely keep in touch with, but it’s still a big missing piece. However, I don’t want to be identified only by my work, and I feel that the longer I stay at one place, the more likely that is. I am more than just a software developer at Amazon. I’m more than just a software developer, although that part isn’t changing. I’m trying out a smaller company, a newer company, with a different philosophy, in a new region, with new people. So much change, but it’s all for the best, I think. Facebook will be a great place to work, I can feel it. I start there in just two days, and I am excited.

Nicole and I are taking this cathartic trip down the coast to clear our heads and more formalize the move. It’s a long drive! We slugged through Washington and most of Oregon last night, and today we head down the California coast, bound for Fort Bragg. Tomorrow we’ll finish up into the city. Then Nicole flies back to Seattle, leaving me alone in San Fran. Andy is kind enough to take me in, make me his roommate for a few months. I am so excited to dig into Facebook, meet the people, learn the software and business, and create new features and fix bugs. I feel like I’m part of something really special down there.

The past few weeks have been kind of meandering. Without an anchor at Amazon, I’ve been drifting into work, spending my time training and mentoring others and trying to pass on some knowledge before I check out. I have full confidence in the team I’ve left - Jacob, Cary, Alex, Vikas, and Ed are going to do some great things with the software, as long as they have Mike to guide them. Nicole and I are moving in two phases. This past week, we moved a lot of the “unnecessaries” - things we can live without for a few months. Then we’re going to get married at the end of June, honeymoon in Costa Rica, and then back to Seattle for some intense packing and a final move. Lots of whirlwind of activity in such a short time, it’s going to be great :).

Well, back to the road trip. Here we are, driving along what some say is the most beautiful stretch of road in the country. Hopefully we’re not too tired to take it all in.

Is that a delocalized electron in a benzine ring?
Apr 2nd, 2007 by blogger

I visited Clark University today. No, I’m not looking to transfer - I was there with my brother, Scott, and my dad. He’s on his junior year college tour, and I decided last minute to tag along. At Clark, we had a tour guide who had no clue about the school. Here is a sampling of Scott’s questions and answers:

[She describes the UC].
Scott: What does the “UC” stand for?
TG: Umm … uh … University? … uh …
Scott: Maybe University Center?
TG: Oh yeah!

Q. How is the sports teams? What are their ratings?
A. Ummmm. .. I don’t do sports, maybe you can find out online?

Q. Does the BioSci building do only bio sci?
A. I don’t even know what they do here!

Q. How many courses are required for graduation?
A. Math? Counting? Huh? I’m afraid of math.

Anyway, he didn’t even bother asking about Physics. Instead he just went into the Physics building and found a professor, and chatted with him. The prof found out that Scott knew what he was talking about, and they dug into the research papers from the past several years. “1-4-di-nitro-penzine? Oh my god that’s so cool!”

Tomorrow, he’s going to more Clark classes, then off to Amherst. Should be good.

Feb 14th, 2007 by blogger

Five minutes each. That’s all they got. Yet these presenters were able to fill my head with swirling images of two-man pogo sticks and robots taking over the world. Not to mention the career advice, a computer-aided cure for autism, and an awkward yet somewhat interesting take on the world of messenger bags.

This was Ignite Seattle, a geekfest with a surprising number of women in the audience.

Tech highlights:

* Ever wondered what it would be like to not have to type in your password at every site you go to? OpenID solves that problem for you. Instead of typing in your password, you type in your “open ID” (which is just a website). Then you are taken to your own website, where you authenticate (maybe with a password) and then you are taken back to the calling website, this time with your credentials. Now the site has access to whatever data you want it to have access to.

I’m thinking this concept could be expanded. The privacy policy of the site you’re going to could be automatically checked against what data you are willing to give … i.e., if the site has a policy that it never sells your data, then you let them have your email, but if they don’t say so, then you don’t — automatically. This would be a start at giving users control over their data without the headaches of actually keeping track of the control. And your OpenID server keeps track of all the sites you’ve logged into and when, and what data you gave to each of them, so you know where you’re data is going.

* Matt Maclaurin from Microsoft talked about programming languages for eensy weensy children. Interesting … how do you get a 5 year old to program? Make it into a game.

* A program that provides therapy for autism. That could be awesome.

* Finally Mike Arcuri from Ontela.com talked about how to leave a big company. There are a lot of reasons to stay - money, “prestige”, work with smart people, make a big difference, etc. But there are often more reasons to go. And he pointed out the reasons to stay, and encouraged us all to go out and start that new chapter in our lives. Well, he didn’t say it as such, but he meant it. It made me wonder if maybe he didn’t get a payoff from all the other teams there tonight - many of them were hiring, and he probably helped them recruit more than anything else.

Out of con-Tolls
Jan 19th, 2007 by blogger

We live in a world where information is disseminating incredibly quickly. You can search locally based on your zip code. You can upload photos with geographic data in them. You can send emails. You can make phone calls at your fingertips. For each of these actions, some amount of information is captured. Where does that data go? And who owns it? Increasingly, I’m afraid, the answer is: not you.

I went to a talk today by Brady Forrest, author of O’Reilly Radar. He had some really cool things to talk about - new gizmos and virtual gadgets dealing with “Geocoding”, one of the hot new applications of “Web 2.0″. He showed us some new ways that data is being captured and displayed on the internet. It used to be that cameras took pictures. Later, you looked at the picture and maybe scrawled a caption on the back, and that was it. But nowadays, digital cameras store lots of metadata along with the photo, including the date and time it was taken, the model of the camera, the image format, etc. One of the key data points that is being added is the “geodata” - the latitude and longitude. Some cameras have GPS devices built in, which makes it easy. Others have GPS extensions attached. There are ways to determine location without GPS. For instance, if you happen to be anywhere near any Wifi networks (so pretty much anywhere in a big city), then Skyhook Wireless can pinpoint your location by looking up a database of known networks and locations. This location data is attached to the image, which can then be uploaded onto Flickr and mapped out. It’s available for millions of other users to then mix and match, look at, filter, whatever.

Seattle Times story about how invasive technology has become in our modern-day lives. Specifically, how much information is being collected about you during the day? This article lists a few common sources:

* Security cameras. These are everywhere and growing more pervasive.
* Email, stored on remote servers like Gmail, Yahoo. Even stored on your local ISP it is subject to sniffing on the wire.
* Cellphone company records call time and who you called. It stores location data (which cell tower you used) but does not share that with you.
* Mobil speedpass.
* Credit / debit card purchases
* Online companies to keep track of birthdays, anniversaries. Amazon does this; Ecards; lots of sites do this.
* Domino’s and pizza companies keep databases of phone numbers, names, addresses - even unlisted ones.
* GPS devices in cars (for services like OnStar, ATX)
* Automated toll devices (iPass, EZPass)
* Shopping cards (Safeway, Jewel, Costco)
* Retailers (BestBuy, Circuit City, Amazon)
* VIP services (for the rich and famous)
* Web Searches (Google, Yahoo). Any web site you go to is recorded by that web site.
* RFID keys, electronic keys. Many condos/ apartments have this. Each entry may be recorded.

All of this data. It floats around out there. Who owns it? More specifically, for each data, can you ask:

* Who looks at it normally? Usually the company will tell you “nobody”. It’s only viewed by “computers”.
* Who could look at it if they wanted to? The government could subpoena, hackers could exploit, employees almost always have full access even if they aren’t supposed to.
* How long is it kept? This is a tough one to answer. Companies don’t like to delete data, even when they should. Your data may be around for a long time, much longer than you’d think it would be relevant or useful.
* Can you ask for your data? This is tricky. Sometimes you can, sometimes you can’t. Most of the time you don’t even know what data is held or by who. Can you ask to see security camera recordings that have your face on them? What about the record of your entry to your apartment? How about your shopping history at Safeway? None these companies will give you your data - although I haven’t personally tried.
* Who can change or delete it? Can you? Can they? Do they have the right to?

This kind of technology is really cool. But it’s also terrifying. If you think about how much data was recorded about you just a few years ago and compare with today, you’ll find that it has gone up tremendously. And in the next few years, it will only continue to rise. This data can be used by many people - it’s not clear what the right mix is. The important thing to think of is this: none of the companies have an incentive to protect your data. Only you do.

Bombs over Tehran
Jan 12th, 2007 by blogger

Ah, if only more people had an appreciation of the
5,000 Years of Middle East History (in only 90 seconds!).

Meanwhile, notwithstanding any appreciation for Middle East history, the President believes that we should attack Iran. He also thinks
he has the right to.

Congress must proactively deny him that right. Regardless of who has what right to declare war, Bush thinks that he does, and he’ll continue to stand by that right up to when he drops nukes over Tehran.


Lazing about
Dec 3rd, 2006 by blogger

Nicole and I mostly lazed about this weekend. Friday night, she was *very* sick, but by tonight, she’s gotten quite a bit better. She’s been drinking Thera-flu and lots and lots of tea. Yesterday we were both in the house most of the day, but today we got up and went out to a coffee shop for a few hours. I brought my second love with me, AKA my new Macbook Pro. We hung out for a little while. Nicole still felt pretty sick, so we came home and skipped the first Sunday of Advent. ¿Què làstima, no?

I’ve been playing a lot of guitar, and trying my best to learn some fun songs. I can tell I’m getting better, which makes me feel all accomplished. I’m sure my neighbors are sick of me by now, but whatever.

Life is okay as we go into the holiday season. Nicole and I both feel like we’re missing out on some of the holiday charm. We have put up a tree and some lights, and we have some eggnog in the fridge, so some of it’s nice … but really the holidays are all about family, and we are in short supply on that front. I think a visit home will fix that up, and I’m still basking in the Thanksgiving dose I had last week.

Thanksgiving Quotes
Nov 28th, 2006 by blogger


* “The Gimp”

*– nametag given to Scott at Too Much Light, due to the crutches*

* “You want me, Crutch Boy, to get you, Leg Girl, a drink?”

*– Scott, in response to Nora’s request that he hobble inside to grab her a Sprite. We gathered around the campfire Saturday night and roasted mini-marshmallows (although mostly Nora and I threw them at Eric and Nathan).*

* ” ‘I KNOOOW!’ ”

*– Nora’s impression of her schoolmate, the “queen bee”. The “I know” was in response to another student griping that her teacher had lied about her bad behavior at conferences.*

* “Oh yeah, he’s the one always looking for a hug. He walks into St. Nick’s just looking for someone to hug”

*– Mr. Pape, in reference to the newest faculty member at Loyola Academy, a scruffy-looking Mr. Heineman.*

* Tina: It’s a house divided …
Me: That can’t stand.
Tina: It can’t?
Me: Not a house divided, nope.

*– My lame punnery, Saturday night with the Regina girls at the annual “Carrie’s friends dessert”*

* “Soooo-neeeeee”

*– My dad’s attempt to pronounce the name of their new exchange student, Sanni.*

Leaving On A Jetplane
Nov 11th, 2006 by blogger

This morning it appeared as though we had escaped the rain for the past week. Instead of being greeted by the now-typical patter of rainfall, I was instead woken by a phone call from my beautiful fiance, who had the advantage of being three time zones ahead of me. She is spending today at a wedding for her high-school friend Vanessa. She took some well-deserved time off to go home, but I wasn’t able to go with her. I was stuck here in Seattle. The sky was clear, the birds were singing. After her phone call, I got in the shower and I started singing, probably scaring those birds right away.

See, I usually sing in the shower. And I’m not just a hummer. I belt out the tunes, try different harmonies, think of rhyming couplets, whatever. At this point it’s just habit - I can’t even remember what I was singing when I get out, but it’s quite possible that my neighbors do. I’ve been thinking lately that besides these little morning renditions, there’s not a whole lot of music in my life. Not the kind I make anyway. And I don’t have an iPod or anything fancy like that - I am still convinced that the iPod is overpriced.

I used to play the trumpet, but it’s been a long time and besides, I don’t have a trumpet. A few years ago I tried to pick up the harmonica. I got some self-taught lessons and made a go at it, but frankly, the harmonica has its limitations. It’s just not that fun. It’s great to belt away at, but it is not a complete instrument - you can’t play melodies on it, not many anyway. So to make up for this shortage, today I decided to buy a guitar.

I rented a car and drove all over Seattle, from the Guitar Center to the Guitar Emporium to Dusty Strings. Most places were high-end guitars, but I ended up getting a pretty good deal for $200 at Guitar Center. The salesman was pretty cool - he taught me a few cords in the store.

I remember back when my dad first got his guitar, and we made plenty fun of him. I thought of guitars as a young person, rock musician kind of thing, and the idea of my dad being that cool sort of scared me. I guess that was so many years ago. Although I do remember Carrie, Scott and me sitting in my parents bedroom singing “Leaving On a Jetplane” while my dad struggled through the chord sequence. Every time he’d mess up, we’d get frustrated but keep on singing anyway.

Most recently, my little sister Norabegan playing guitar. She is already a super genius with the piano and the french horn, and she decided to pick up Yet Another Instrument and conquer it. She took her guitar camping a few weeks ago, and played a few campsongs for us. Most twelve-year-olds would probably be bashful, maybe not want to play in front of their whole extended family, but Nora really didn’t care. And she’s really good! I asked her afterwards if she found it tiring playing piano AND guitar AND french horn, but she said “This is the most fun EVER!”. I took that as a resounding endorsement, and decided I wanted in on some of that fun.

My sore fingers and I are getting in on the fun. It’s my “Nicole-is-in-Miami-so-I’ll-play-the-lonely-musician” weekend, I guess. I’m hoping tomorrow I’ll be hearing “Leaving on a Jetplane” coming from my very own basement.

»  Substance: WordPress   »  Style: Ahren Ahimsa