Simon Willison’s Weblog

Exclusive: The Future of Facebook Usernames. I have to admit I was planning to just let Facebook get on with it, assuming that the OpenID provider part would show up of its own accord—but maybe I should write a thoughtful and persuasive essay about it after all. # 11th June 2009, 9:46 am

Streams, affordances, Facebook, and rounding errors. I asked Kellan about scaling activity streams the other day. Here he suggests the best technique is not to promise a perfect stream (like Twitter does)—Facebook used to get away with 80% loss of update messages, but their new redesign has changed the contract with their users. # 19th March 2009, 2:02 pm

Parallel merge sort in Erlang. Thoughts on an Erlang-y way of implementing a combined activity stream (e.g. Facebook and Twitter). Activity streams are a Really Hard Problem—as far as I know there’s no best practise for implementing them yet. # 15th March 2009, 1:36 pm

Plaxo sees 92% success rate with OpenID/OAuth hybrid method. Really wish I could have been at the OpenID UX Summit hosted by Facebook yesterday—sounds like an awful lot of important problems are being solved. # 11th February 2009, 5:20 pm

Four reasons why public Facebook status updates won’t kill Twitter. Mike Butcher highlights the importance of “follow” rather than “friend” in social software. # 9th February 2009, 7:04 pm

Integrating Facebook Connect with Django in 15 minutes. Django authentication middleware that calls the Facebook REST API using a cookie set by Facebook Connect and checks if that person is your Facebook friend. Despite most of the magic happening on the server you still need Facebook’s JavaScript to set that cookie in the first place. # 17th December 2008, 1:18 pm

Scaling memcached at Facebook. Fascinating techie details on how Facebook forked memcache to use UDP and increase performance from 50,000 requests a second to 200,000. Now running on 800 servers with 28 TB of memory, and their code is on GitHub. (They may scale like crazy, but they can’t put their blog entry title in the title element?) # 13th December 2008, 10:08 am

Facebook’s new signup process. It looks like they’ve dropped the “enter your password twice” pattern. Is this really a good idea? I suppose if people mis-type it they can always use forgotten password to set a new one. # 12th December 2008, 11:43 am

Yahoo! Releases OpenID Research. Extremely valuable research, conducted with a group of typical Yahoo! users. OpenIDs usability remains bad, and if we don’t get it right soon something centralised like Facebook Connect will take over and the Web will stop being open. # 14th October 2008, 4:59 pm

FB App Canvas Pages: I Think I’d Use IFrames. Facebook’s Charlie Cheever explains the difference between FBML canvas pages, iframe pages and XFBML when building Facebook apps. I’m always surprised at APIs that load untrusted content in an iframe, as it seems like an invitation for frame-busting phishing attacks. # 2nd October 2008, 2:39 pm

Mark Zuckerberg speaking at FOWA. The Future of Web Apps Expo is just a few weeks away, and Mark Zuckerberg is the surprise keynote. I’m chairing the developer track again this year. # 24th September 2008, 1:11 pm

Facebook engineering notes on Scaling Out. Jason Sobel explains a couple of tricks Facebook use to deal with consistency between their California and Virginia data centres. The first is to hijack the MySQL replication stream to include information about memcached records to invalidate; the second is to use Layer 7 load balancers which inspect a “last modification time” cookie and send users to the masters in California if they have updated their profile in the past 20 seconds. # 20th August 2008, 11:51 pm

Facebook Security Advice: Never Ever Enter Your Passwords On Another Site, Unless We Ask You To. Nice to see TechCrunch highlighting the hypocrisy of Facebook advising their users to never enter their Facebook credentials on another site, then asking them for their webmail provider password so they can scrape their address book. # 9th August 2008, 10:18 am

simple-thrift-queue (via) Phillip Pearson’s surprisingly concise in-memory message queue written in Python using Facebook’s Thrift library (which is similar to Protocol Buffers, but was open sourced much earlier on). Handles 4,000 requests per second on a laptop. # 4th August 2008, 12:27 pm

Dark Launches, Gradual Ramps and Isolation: Testing the Scalability of New Features on your Web Site. Smart advice from Dare Obasanjo that extend the “dark launch” idea illustrated by Facebook chat a few weeks ago. # 29th June 2008, 2:22 pm

He/She/They: Grammar and Facebook. Facebook are going to start requiring gender information because foreign language translations wind up being too confusing when that information is not available. Aside: I wish they’d implement proper title elements on their blog posts. # 27th June 2008, 9:06 am

Google Trends for Websites: myspace.com,facebook.com. New fun tool from Google Trends. # 20th June 2008, 8:50 pm

Facebook Open Platform. Facebook have open-sourced (under a modified MPL, does it still fit the OSI definition?) the code for the Facebook Platform, including their implementations of FBML, FQL and FBJS. This is no small release; the tarball weighs in at 40MB and includes libfbml, which depends on Firefox 2.0.0.4 for its HTML parser! # 3rd June 2008, 12:21 am

Engineering @ Facebook: Facebook Chat. The new Facebook Chat uses Comet (long polling with a hidden iframe) against a custom web / chat server written in Erlang, designed to handle a launch to all 70 million users at once. It was tested using a “dark launch” period where live pages simulated chat request traffic without showing any visible UI. # 15th May 2008, 7:55 am

The real roadblocks to data portability on social networks. A bunch of smart questions posed by Facebook’s Dave Morin. This is why I think data portability is the wrong framing—moving data between sites is really hard. Importing social relationships between sites is much more viable (hence my interest in social network portability). Also, the complaints about systems sharing e-mail addresses are neatly addressed by using OpenID as the GUID for a user instead. OpenIDs can’t be spammed. # 26th March 2008, 7:53 pm

The GigaOM Interview: Mark Zuckerberg. Some interesting titbits on Facebook’s architecture. # 11th March 2008, 5:41 am

Two-Faced Django. Excellent Django tutorial by Will Larson that shows how to build a polling application with an interface both on the Web and in Facebook. Also touches on unit testing and Ajax using jQuery. # 14th December 2007, 2:44 pm

Deconstructing Facebook Beacon JavaScript. How Facebook’s new Beacon service (also known as “Facebook ruined Christmas”) actually works. # 25th November 2007, 9:20 pm

Is Facebook Really Censoring Search When It Suits Them? Apparently MoveOn’s group “Petition: Facebook, stop invading my privacy!” stopped showing up in search results for “privacy”—the search claimed 17 results but suspiciously only showed 16. # 23rd November 2007, 7:50 am

New on Dopplr: The Past (with Pictures). Dopplr’s trip pages automatically display your Flickr/Facebook photos that were taken during the duration of the trip—simple and smart integration of third party sites. # 20th October 2007, 11:25 am

identity-matcher. Dopplr’s social network importing code (for Gmail, Twitter, Facebook and sites supporting Microformats), implemented as a Rails ActiveRecord plugin. # 4th October 2007, 2:53 pm

Announcing the Dopplr 100. Similar to how Facebook used to only allow college e-mail addresses, Dopplr is now open to holders of e-mail accounts from 100 large corporations. The blog release doesn’t specify if each corporation gets its own special “group” within the application; that would be a neat touch. # 26th September 2007, 4:34 pm