Blog Post

Facebook Makes Itself a Central Point of Failure for the Web

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Facebook, with its open graph announcements at the f8 conference today, is digging itself deep into the infrastructure of the web. Outside developers and existing sites will now be able to hook into Facebook users’ data and activities directly and persistently, keeping logs well beyond the previous limit of 24 hours.

Organizing the world’s information by powering it is clearly a direct affront to Google (s GOOG). Where Google observes links and relationships between web sites from a distance, Facebook aims to be the glue that connects the web itself. The implications are thrilling, but also scary — what if Facebook goes down?

The benefits of using a Facebook authentication system were already strong. Bret Taylor, Facebook’s director of product, at today’s keynote explained just how strong when speaking of his own struggle to grow FriendFeed, the real-time social company Facebook eventually acquired. Users who signed up for FriendFeed with Facebook Connect were four times more likely to become active than any other form of sign-up, said Taylor.

But now, beyond fostering better participation by inviting users to connect their real identities and their real relationships, web services will be able to use Facebook to explode user engagement and relationships. They can use Facebook’s social plugins to expose personalized friend activity and recommendations. And Facebook will establish persistent, dynamic links to users’ participation on connected sites around the web through its “like” buttons.

Users now have the ability to express their interests not only by saying what they like — say, a local restaurant — but by saying what web site represents it — say, a Yelp review page, instead of the official restaurant site. Web services would be silly not to participate.

As a user, having your social self represent you around the web will at first be creepy but ultimately be useful. As one Facebook engineer put it to me today, “Imagine if you had one login for the whole web. That would be so sweet.”

In preparation for f8, a few Facebook employees hacked together examples of what outside developers could do given the new open graph tools. For instance, would allow users to use Facebook as a CMS. Say you’re one of those crazy MySpace devotees who wants blinking disco lights on your profile. Great. Make a web page, host it at whatever URL you want, uglify it to your heart’s content, and port in data that dynamically connects to Facebook. You can imagine brands and small businesses might want to use this in lieu of a traditional web page.

Another demo, KlugePress, gives the ability to use a nice template and port in Facebook event information. Only users who are invited to the event on Facebook would be able to load a KlugePress invite (this is tricky, and wasn’t really figured out yet for the demo). If users are logged in to Facebook and have permitted access, they can RSVP, comment and see details as they would on the bland Facebook event page. The data itself is sent right back to Facebook. (Pictured above is a KlugePress skin on an older event from my own profile.)

By inviting developers to integrate with it so tightly, Facebook is enabling new opportunities — but also asking for an awful lot of trust.

Please see the disclosure about Facebook in my bio.

19 Responses to “Facebook Makes Itself a Central Point of Failure for the Web”

  1. Well, it’s kind of inevitable in today’s climate. The internet wasn’t initially designed this way, but now social media is always becoming uber-centralized. Twitter, facebook, mysquare, all try the centralized model, both for business reasons and because people are only now figuring out how to make social networking DECENTRALIZED.

    Check out … curious what you think.

  2. As web developers, these things are exciting and scary. On one hand, it’s just another freebie option to ‘go cheap’ with your web presence.. On the other it’s also ‘going social’. Tough cookies, I guess. FB is deciding, not us!
    Happy Marketing,

    Nathan Maggard

  3. As one Facebook engineer put it to me today, “Imagine if you had one login for the whole web. That would be so sweet.”

    Replace “Facebook engineer” with your choice, maybe “NSA Agent” or “Parent” or “Employer” or “Neighbor”, etc…

    Once there is any standardized authentication system broadly used, it’ll become required by law. Slowly adopted at first; just a few websites, and then at the speed of the internet we’ll have lost anonymity completely.

  4. How about:

    When I comment on Gigaom, sends back a “number” for that comment. My system logs it into FB and assigns a trust relation (whom I willing to share with), when my social net reads and sees comments. The comment gets a star after their system has checked back with FB and found the number related to me in their social web. Creates a web of trust and doesn’t breach to much privacy. Gigaom doesn’t even have to know my FB id. We just need a cloud repository to store the data. In exchange Gigaom could get some public demographic data for monetization. And million other games one can play.

    Or as “smarter” web becomes as less relevant Google becomes, at the current trajectory Google (general search) will look like “Yet Another Hierarchical Officious Oracle” in 5-10 years.

      • It’s just a example of a simple distributed trust system. So there is not a one point fail. Since we also don’t want give up all of our privacy, it’s best to do it in layers.

        Here we create a number or token, independently from the repository, add it to an article db for later use. My system then will forward or ask me to forward that token to the repository and store it where it can be combined with privacy settings on retrieval. Now one other user reads the article and wants to know whom to trust, good bad whatever comment.
        His/her system connects to the repository with credentials, looks up if I’m in the social net (firstname should do) hands over the token and gets an ack if the firstname and token pass combined, system “knows” trusted comment. Now the trust ack can be rendered locally or with some ajax woodoo. All other readers get fail, just a comment. This can be as detailed as one wants from reviews to …

        The blog/article never really stores any of these trust relations or has to get my credentials, except if I want to (logon). Hence some privacy remains.

        What’s in it for the publisher, one could send back some public demographics in exchange for the token. Ads on repository with target some of my relations to increase readers. Most likely same interest.

        Ok after 18h I’m running out of steam. Clear enough?