Last June a spin-off department of Red Hat, lead by desktop guru Havoc Pennington, announced Mugshot. Originally, Mugshot was in the midst of controversy whether it’s a social networking application or not. Apparently, it instead is a “social networking aggregator”. In order for this to work, access to third party data is a must.When a user registers to Mugshot he can also enter his username for a bunch of services, including his own blog, facebook, myspace, flickr, linkedin, youtube, rhapsody, last.mf, del.icio.us, twitter, digg and reddit. Via future plugins, more services can be added.
When another Mugshot user becomes a “friend” (or in the mugshot terminology, he becomes a “follower”) of the first user, then he/she can follow his digital life. Via a desktop application or the online front end, you will be able to view the digg stories your friend dugg, youtube videos posted, music listened etc. You get the point.
Additionally, within the Mugshot universe you can create a “group” of some specific topic and either attach an RSS feed to them, or publish URLs that are on topic and up for discussion between the group’s followers and admins.
Mugshot is basically a utility to shortcut your way through many friends and many services. It can in fact prove an extremely useful utility, if many of your friends already have a Mugshot account, but most importantly, if the data of these sites are open for grabs and reuse for free. In fact, Pennington wrote a few months ago that the freedom of personal data are more important than Free source code.
One change I could suggest so far is that the Mugshot application sitting in the notification area should not load items that are about me, because this has resulted in a lot of “spam”. Basically, I get notifications of things I do myself; notifications I don’t need because I know what I did online already…
Mugshot is currently in beta, but I have 5 invites left (email me if you want an account). I guess, time will tell how the Mugshot gamble(?) will play out. One thing is for sure; third parties must play nice too.
In the current state, I didn’t find the tool quite interesting. Just a big frontend.
I think the only major advantage now is that the site is filled with open-source developers. The groups and other materials mostly are related to open-source development in general. So access to some discussions about open-source software should be really easy.
Maybe it’s because I am not a heavy user of blogs/flickr/etc, but this is my current opinion.
However, I find quite interesting the initiative from Red Hat in working in this project. Normally, these kind of projects are developed by big enterprises with closed source, and Red Hat offers an open environment with no strings attached. It’s refreshing to know that some open-source development communities are developing out there creative tools different from the typical linux-distro/IM-client/email-client software.
Edited 2007-01-13 13:19
Having all of your logins stored on a 3rd party system just seems like a bad idea to me. Yeah, I’m paranoid, but a juicy target like this will certainly attract attempts to gain access to all that private information. And if the site is written in PHP, well …
.cp
How do you know that the site is written in PHP? Not to mention that there are some php applications with a decent security record.
Security is a process not an end-state provided out-of-the-box by any existing language.
Exactly. A big example of this is the OpenBSD operating system. OpenBSD is written in C and has an excellent security record. Another example that comes to mind is the Apache Web Server.
Edited 2007-01-13 13:52
Good point! OS X, Windows, Gnome, and KDE all have bugs, and at least one app on each platform has bugs, so we should all stay away from C, C++, Objective C, C#, Python, Tcl/Tk, Perl, Ruby, Fortran, Javascript, XML, VB.NET, etc.
Also, I’ve seen bugs on webpages, so we should stay away from HTML altogether.
Everyone knows that poor programming means the language it’s written in is flawed!
😀 totally warranted post Adam; people point the finger at php, when they really should be looking at the developers of said sites.
Oh, and mugshot is Java. It only took three clicks to find that out, much easier than just presuming it’s php and therefore full of holes.
But that’s a whole argument I don’t want to start.
You might want to try actually using Mugshot. You are not required to enter your passwords anywhere, only your usernames. You are normally be required to give this information out on a social networking service in order to, um, network.
Edited 2007-01-13 14:21
Thanks for the clarification jeremywc. I have no interest in social networking sites, so have not actually used it. If it is only using the usernames then there isn’t a problem.
As for my PHP crack, just check Bugtraq.
http://search.securityfocus.com/swsearch?query=php&sbm=archive%…
You only enter your public username, not your password. So no, you can’t crack into all these third party accounts just by cracking mugshot.
I’m really do not agree with your statement about PHP, but I do think you have a valid point.
All your login info in one spot feels a bit “icky” to me too.
I guess it’s too much like putting all of your eggs in one basket.
except that apparently it is NOT all login info, just the username.
now i dont know much about these things, as i dont use myspace, youtube or any other of these new fancy smancy things, but as far as i know, the username is not a secret.
All your login info in one spot feels a bit “icky” to me too.
As it has already been stated, mugshot does not require passwords for accounts. Mugshot seems to take advantage of built in APIs provided by some of the sites, including rss feeds, while it may also employ some screen scraping. I can’t really tell though because I don’t even have an account with half of the communities that mugshot supports.
I think you mean Owen Taylor (former lead developer of Gtk+), not Havoc Pennington.
Why Redhat would pay either of these people to work on a social networking website boggles my mind. At least hp appears to still be working on something (DBus) that makes sense for Linux and Redhat’s bottom line.
No, actually, _both_ Owen and Havoc are working on Mugshot.
Havoc still works on D-Bus too, but his main focus is Mugshot and he’s handed off a lot of the D-Bus maintenance and feature development to others in the community and at Red Hat (like John Palmieri).
Part of the reason for mugshot was this; Open Source doesn’t really touch a lot of people outside the developer community, if you exclude Firefox and Open Office. Millions of people (kids, adults) use social networking sites like myspace, flikr, delicious, facebook, etc. Those people, by and large, _don’t_ use Open Source software. Mugshot is partly an attempt to figure out how to bring OSS to a much wider audience, one that doesn’t normally use OSS.
Or maybe you mean both. Shows how much I keep up with these things these days.
Edited 2007-01-13 18:09
Whatever happened to the good old fashioned way where you find out what people are interested in by being their friend and interacting with them in real life?
Seriously, we have Livejournal, Blogger, TheFaceBook, MySpace… Where did “talking to them and hanging out” go? I’m not sure why my friends would want to find out all the movies on YouTube I’ve seen or books on Amazon.com I’ve bought, for that matter. Songs, maybe. Maybe.
I doubt I’d sign up for this service; leaving a gigantic electronic trail around the internet that other people can follow just rubs me the wrong way. Yeah, I know I would have to OK these friends, and yes I know the information is already tracked (though, I clear my cookies and browser cache from time to time)… but it still seems a bit odd, and of course dangerous if one of these data-aggregators gets cracked into by a malicious data-miner.
If I’m friends with these people, it implies that there are other ways I could get this information to them if I deem it interesting or important enough? There’s still AIM (a replacement for phones, especially useful if these people don’t have phones, or don’t want to use minutes), or email (a faster and more convenient replacement for regular mail), or even (god forbid) the Postal Service. I’m not sure what this replaces except for… stalking?
I dunno, maybe I’m an anomaly here; between my LiveJournal account (which a friend gave me so I could read her blog postings, which she no longer makes anyway), AIM and TheFaceBook (which I did primarily so old friends would know where to contact me if they wanted to), there are a grand total of two people I didn’t meet first in real life. Yeah, I haven’t actually seen some of them in years, but we knew each other once upon a time.
For me the point isn’t so much keeping up with people around me, it’s maintaining friendships with people who would, traditionally, have just been dropped. I move around a lot, and these kinds of things have been a major factor in keeping old friendships alive which otherwise would have drifted into the “Hey, I’ll send you a card on Christmas for a year or two…” land.
Has anyone noticed, when trying to signup for an account after you click on the link in your email, it brings you to the signup forum…but the account name says:
pankajad’s Account
What the hell is going on?!?!
I am already on Frienster, Facebook, Hi5, Youtube, Technorati, Yahoo, linked in, and more… all of them say invite your friends…
in some of them I have many friends, others I don’t
The Greek in me says to join as many as possible since you never know who you might meet in the six-degrees-to-yourself model – but it’s getting tiresome. I think I wll focus on 2 social ones, and the rest I will just leave an RSS feed of what is happening on my blog :p