OpenSocial
OpenSocial is a public specification that outlines a set of common application programming interfaces (APIs) for web applications. Initially designed for social network applications, it was developed collaboratively by Google, MySpace and other social networks. It has since evolved into a runtime environment that allows third-party components, regardless of their trust level, to operate within an existing web application.
Initial release
The OpenSocial Foundation has integrated or supported various Open Web technologies, including OAuth and OAuth 2.0, Activity Streams, and Portable Contacts. Since its inception on November 1, 2007,[1] applications that implement the OpenSocial APIs can interoperate with any social network system that supports them.
OpenSocial initially adopted a universal approach to development. As the platform matured and the user base expanded, it was modularized, allowing developers to include only necessary components of the platform.[2] Orkut, a Google client, was the first to support OpenSocial.[3]
On December 16, 2014, the World Wide Web Consortium (W3C) announced that the OpenSocial Foundation would transition its standards work to the W3C Social Web Activity.[4] This effectively integrated OpenSocial into the W3C’s Social Web Working Group and Social Interest Group, thereby dissolving OpenSocial as a separate entity.
History[edit]
Background[edit]
OpenSocial is commonly described as a more open cross-platform alternative to the Facebook Platform, a proprietary service of the popular social network service Facebook.[7]
Implementation[edit]
An open-source project, Shindig, was launched in December 2007 to provide a reference implementation of the OpenSocial standards. It has the support of Google, Ning, and other companies developing OpenSocial-related software. The Myspace OpenSocial parser was released as project Negroni in January 2011 and provides a C#--based implementation of OpenSocial.
Apache Rave is a lightweight and open-standards-based extensible platform for using, integrating and hosting OpenSocial and W3C Widget-related features, technologies and services. It will also provide strong context-aware personalization, collaboration and content integration capabilities and a high-quality out-of-the-box installation as well as be easy into integrate in other platforms and solutions.[10]
Both Shindig and Apache Rave are no longer in development and have been retired by the Apache Foundation.
Security issues[edit]
Initial OpenSocial support experienced vulnerabilities in security, with a self-described amateur developer demonstrating exploits of the RockYou gadget on Plaxo, and of Ning social networks using the iLike gadget.[15] As reported by TechCrunch on November 5, 2007, OpenSocial was quickly cracked. The total time to crack the OpenSocial-based iLike on Ning was just 20 minutes, with the attacker being able to add and remove songs on a user's playlist and access the user's friend information.[16]
Häsel and Iacono showed that “OpenSocial specifications were far from being comprehensive in respect to security”.[17] They discussed different security implications in the context of OpenSocial. They introduced possible vulnerabilities in Message Integrity and Authentication, Message Confidentiality, and Identity Management and Access Control.
Release versions[edit]
Criticism of initial release[edit]
Despite the initial fanfare & news coverage, OpenSocial encountered many issues initially; it only ran on the Google-owned Orkut, and only with a limited number of devices, with multiple errors reported on other devices. Other networks were still looking into implementing the framework.
On December 6, TechCrunch followed up with a report by MediaPops founder Russ Whitman, who said "While we were initially very excited, we have learned the hard way just how limited the release truly is." Russ added that "core functionality components" are missing and that "write once, distribute broadly" was not accurate.[18]
Legend:
Discontinued
Current