Amazon today launched a new web service - EBS, the Elastic Block Store (yes I also first read it as ‘Elastic Book Store’) for EC2. EBS provides persistent storage for EC2 computing instances, and the service is public today and available to all customers after a period of alpha testing with some users.

Previously EC2 instances were able to access temporary storage as part of the compute instance, or persistent storage only on S3 - the Amazon online storage service. The difference between EBS and S3 is that EBS allows block-level access, so that it can be mounted just like any other local storage device from within EC2 and can be accessed across servers and between instances. S3 is accessed as a web service, so performance for latency sensitive applications was never optimal (such as running a database store). EBS provides a much higher level of performance comparable to high-grade local storage in terms of both access times and availability.

Persistant block-level storage for EC2 is perhaps long overdue, as one of the criticisms of EC2 when it first launched was the inability to run a fast data store across snapshots, which made running databases or other data-intensive applications slightly more complicated. Services such as RightScale have built products around helping developers scale and manage MySQL instances on EC2. Other cloud-based computing services such as Mosso or virtual servers from providers such as MediaTemple have had persistent storage options, although what Amazon have developed with the combination of EC2, S3 and now EBS is a tiered approach which provides more flexibility to developers.

Read the rest of this entry at TechCrunchIT.

iPhone application development house taptaptap has published sales figures for the first month of sales for their two AppStore applications, bringing further insight into overall sales volume and figures for the online store. The two applications developed by the company are WhereTo, an application that provides a more general GPS interface to the iPhone with location-based services, and Tipulator, a simple tip calculator.

WhereTo retails for $2.99 in the store and 24,094 copies were sold in the first month - netting the company just over $50,000 in revenue after Apple took their cut (it currently ranks #69 on the top paid application list). Tipulator retails for 99 cents, and sold 3,168 copies which resulted in just over $2,200 of revenue (it is currently unranked). The table below outlines overall sales volumes and revenues for each application:

taptaptap AppStore sales and revenue numbers for US sales, month 1

	WhereTo	TipCalculator
URL	AppStore	AppStore
Price	$2.99	$0.99
Number Sold	24,094	3,168
Gross Sales	$72,041.06	$3,136.32
Net Sales (after AppStore cut)	$50,597.40	$2,217.60
Total Gross		$75,177.38
Total Net		$52,815

The resulting net profit and sales figures are good for a small company that has developed one application that is relatively sophisticated, and another that is very straight forward and simple but yet still brings in $2,000 a month. There is definitely great revenue potential for developers of iPhone applications, as users of the AppStore and the iPhone in general are more likely to pay for applications. Integrating with iTunes makes the process simple for the user, but for the developer poses a challenge as all applications must be submitted to Apple and must meet their approval.

We should also note that while both of these applications have done well, their download figures unsurprisingly pale in comparison to those of Facebook and Tap Tap Revenge, both of which have over 1 million users. The real money in the App Store may well lie in monetizing these free applications, be it through integrated advertising or downloadable content (though it remains to be seen what restrictions Apple will place on this kind of strategy).

After the recent outbreak of a worm that hacked user Facebook accounts and disseminated through users contacts, Facebook responded with a post with advice to users on general tips about web security. Facebook head of security Max Kelly, a former FBI computer forensics examiner, wrote a blog post with advice to Facebook users including:

As a Facebook user you can help us protect you by doing the following things:

* Report any spam message or posting you see. The more reports we get, the easier it is for us to respond decisively.

* Never share your Facebook password with anyone. Never. No Facebook employee will ever ask for it, and no one else should know it. If you are ever prompted to log in to Facebook, make sure it’s from a legitimate Facebook web address. If something looks or feels off, go directly to www.facebook.com to log in.

Never entering your credentials on a non-Facebook site is very good advice, which most users should know by now and should adhere to. The problem is that Facebook do not seem to support these same principals when it comes to a users credentials from other sites, such as a users Google username and password, which Facebook requests when a user imports their contacts. The screenshot below is from Facebook, its the feature where a user can login to their Google, Hotmail or Yahoo account, from within the Facebook site, to retrieve their contacts.

This very feature directly contravenes what Facebook has stated in its own good security advice. While the message below the box does state that they do not store passwords, the point is more that the practice of users directly entering credentials from another site is a very poor design decision and generally very poor practice. Each one of the sites that Facebook integrates with supports oAuth or a similar authentication protocol that does not require the user to enter both their username and password. Better yet, most of those services also provide an API where the user can grant permission to Facebook to only access their address book, and not their whole email and certainly not every other service tied into it.

The Facebook security team have stated what is good practice on their blog, perhaps its time for them to direct their energies internally and evangelize support for oAuth and other open data formats as both a more secure and conveniant mechanism for data exchange.

Over a year has passed since Google completed the acquisition of feed massaging and hosting service Feedburner, and today some users now finally have their feeds hosted on what appears to be Google’s servers and infrastructure. At Techcrunch we have always been big fans of Feedburner, and their widgets and RSS subscriber counts have adorned almost all of our sites since their first days. At some point in the past 12 hours, the feed URL at feeds.feedburner.com began to redirect to feedproxy.google.com. Our subscriber count widget dropped to displaying a zero count for a few hours while the domain change took place.

It appears that only select feeds have been migrated, mostly those with higher subscriber counts. This would indicate that Feedburner has turned to Google to assist with serving the load on high-traffic feeds. Over at TechcrunchIT I recently wrote about the problems that some acquired companies have experienced at Google. The proprietary software and hosting stack at Google can often lead to a slowdown in development, an often long migration phase and in some cases death for the acquired company or product. Feedburner has avoided these problems by remaining largely independent of Google since the acquisition, but at some point they have turned to pappa bear for assistance with handling load and we are seeing the results of that today.

In yet another case of widgets going crazy and causing havoc, a bug in Sitemeter has caused a large number of websites and blogs using the free web analytics tool to fail loading for users of Internet Explorer. Users of Google’s Blogger were amongst the first to report experiencing problems with sites running Sitemeter at 6pm pacific time on Friday. The problem has since been partially rectified, although some 16 hours later and without a notification or official response from the company either via email or on their blog.

Sitemeter proudly displays a list of the most highly trafficked sites running their service on their homepage. The sites include the entire Gawker Media network, the gossip blogger PerezHilton and the popular political blog DailyKos. We verified that all of these sites were failing to load in Internet Explorer, with nothing more than a blank page and a response in the form IE error window indicating a connection issue with sitemeter.com. The issue also affected our own Techcrunch France blog, which resorted to removing the sitemeter code as the only solution. The browser error indicates that the problem was with the Javascript code that is included in each page.

Uptime monitoring services such as Netcraft did not report any downtime for these sites, since the issue was Javascript and browser-specific rather than a broader HTTP connection issue. The main sitemeter website remained operational, while hundreds of bloggers posted about the problem and our tips mailbox filled with links and complaints on the issue.

Back in May, Michael wrote about how our own issues with widget providers on Techcrunch affected the performance and uptime of this site, and how having a provider not communicate such issues makes matters worse. There is no real reason for a widely used service such as Sitemeter to go down, as there are solutions available (such as using an IFRAME) where a fault in embedded code can be bypassed and at least allow the remainder of the page to load. Worse still, there is no real reason as to why, after 16 hours since the problems surfaced, there is no official word from the company despite the level of noise from users and visitors to the sites who have embedded the service.

Update: Turns out that this was the result of a bug in Internet Explorer, which the Sitemeter developers didn’t account or test for. The technical details and a description of the bug involved are here. Does this still mean that Sitemeter are to blame, or are we about to see the backlash shift to Microsoft because of a known bug and a developer not testing.

This morning at that OSCON conference David Recordon of Six Apart will announce on stage the formation of the Open Web Foundation. The new foundation is about providing a home for the development and ratification of web-related standards efforts. The foundation will be focused on developing the technical specifications of protocols used for communication and inter-operability between applications on the web. The foundation will also set out the legal terms and best practices for the use and transport of both private and public data, and the usage of web services.

We first reported on the announcement on Tuesday of this week after Chris Saad, the co-founder of the Data Portability project wrote a post about the announcement. The Data Portability project is focused on the evangelism of data openness and transparency, while the new Open Web Foundation will be focused on implementation issues.

Yesterday at the F8 conference Facebook announced their support for the new foundation, and we have learnt that Google, MySpace, Six Apart, Plaxo and many others will also be supporting the new initiative. Google and Facebook now have an appropriate venue where they can resolve their differences and work on a standard way to have their users interact with each other between the Facebook Connect and OpenSocial platforms. The web foundation also provides the technical details, as well as policy details, on how such a relationship between companies and products could work.

Currently there is not much more at the Open Web Foundation outside of a lot of strong backing, a lot of strongly willed organizers and a lot of initiative. The foundation hopes that within the next few months after the announcement today they will be able to release their first set of work on data standards and formats.

Microsoft has just announced a major reorganization of its Platforms & Services Division. It will now be split into two groups (Windows/Windows Live and Online Services) which will both report to Steve Ballmer. That’s right. Steve Ballmer will now personally be running Windows.

Kevin Johnson, who used to head the Platforms & Services Division, will soon be leaving the company to become the CEO of Juniper Networks. Steven Sinofsky, Jon DeVaan and Bill Veghte will be in charge of the newly created Windows/Windows Live group. Microsoft has not yet chosen a leader for the Online Services group.

The full press release is below.

Microsoft Announces Reorganization of Windows and Online Services Business

Platforms & Services Division to Split Into Two Groups and Report to CEO Steve Ballmer.

REDMOND, Wash. — July 23, 2008 — Microsoft Corp. today announced that the Platforms & Services Division (PSD) will be split into two groups: Windows/Windows Live and Online Services, with both groups reporting directly to CEO Steve Ballmer. Microsoft also announced that PSD President Kevin Johnson will be leaving the company. Johnson will work to ensure a smooth transition.

“Kevin has built a supremely talented organization and laid the foundation for the future success of Windows and our Online Services Business. This new structure will give us more agility and focus in two very competitive arenas,” Ballmer said. “It has been a pleasure to work with Kevin, and we wish him well in the future.”

Effective immediately, senior vice presidents Steven Sinofsky, Jon DeVaan and Bill Veghte will report directly to Ballmer to lead Windows/Windows Live. The Windows organization recently announced strong annual sales, with more than 180 million copies of Windows Vista sold globally, and it has driven more than 100 million installs of its Windows Live suite. The organization’s innovation pipeline includes a new version of Windows Internet Explorer, the next version of Windows and the next generation of the Windows Live product suite.

In the Online Services Business, Microsoft will create a new senior lead position and will conduct a search that will span internal and external candidates. In the meantime, Senior Vice President Satya Nadella will continue to lead Microsoft’s search, MSN and ad platform engineering efforts. Microsoft recently announced a strategy to redefine search through innovations in the user experience and business models. As an example, the company’s cashback search program, announced in May, is already generating strong momentum among online shoppers and advertisers.

In addition, Senior Vice President Brian McAndrews will continue to lead the Advertiser & Publisher Solutions Group (APS). APS has great momentum, having signed more than 100 new publisher deals in the past year. McAndrews will continue to focus on the display advertising opportunity for Microsoft, driving execution and integration of advertising assets, including recent acquisitions such as Massive Inc., Navic Networks, ScreenTonic SA and YaData Ltd.

“Our Windows business is firing on all cylinders,” Ballmer said. “We see tremendous opportunity in search and advertising, and we have a clear strategy for investing in success today and growth in the future.”

“Microsoft is a special place and presents opportunity to so many,” Johnson said. “I have been so fortunate to have experienced 16 amazing years of building Microsoft’s business, learning from great leaders in the company and working with phenomenally talented people.”

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Today at the f8 conference Benjamin Ling revealed that Facebook will be releasing a Cocoa framework for the iPhone that will allow application developers to integrate with Facebook Connect. The framework is expected to be released sometime in the fall, and will take the form of an SDK that can be used by developers of iPhone applications. Facebook Connect allows applications to integrate the facebook platform and the identity of users into their own applications.

Currently Facebook Connect is only available for web applications, but the announcement of an iPhone SDK is the first sign that Facebook is considering both mobile and desktop platforms as part of their vision.

Chris Saad, a co-founder of the Data Portability project has posted that tomorrow at OSCON a new Open Data Web Foundation will be announced by David Recordon and others.

The goal of the new foundation is to set out the actual data specifications, legal structures around data portability and in helping to evangelize set formats. Saad says that the initiative is different to the Data Portability project in that it is details oriented around specific technology and legal implementations rather than the broader evangelizing effort that has come out of Data Portability:

Continue reading on TechcrunchIT >>

Update: David Recordon has responded by saying that he isn’t at OSCON tomorrow.

Update 2: David Recordon has confirmed that an Open Web Foundation will be announced on Thursday morning.

Facebook is starting to pursue social networks that have copied their design or features by suing German site StudiVZ. The Financial Times has reported that Facebook filed a suit in California against the German company for what it claims is an infringement of Facebook’s “look, feel, features and services”.

StudiVZ claims to have 10 million active members, and is the largest social network in the German-speaking world, covering Germany, Belgium, Austria and Switzerland. The network is actually comprised of three different sites, each one a separate social network aimed at different segments of the market. StudiVZ.net is the classic site for college-aged students, SchuelerVZ.net is for high school students and MeinVZ.net is for older adults (these three networks were very hard to decipher in German when I attempted to sign up).

Facebook does seem to have a claim here, as the German site looks like nothing more than Facebook in red and translated in German. Everything from the first public page to the sign-up page and the profile pages look eerily similar to the US-based social network. StudiVZ was acquired earlier this year by the German media group Georg von Holtzbrinck, with an acquisition price in the €100M range. They always say you should sue where the money is, and Facebook has certainly found a pile of it by targeting Verlagsgruppe Georg von Holtzbrinck.

Disclaimer: This is not the real Mark Zuckerberg profile in StudiVZ (at least we don’t think so).

Google announced their Q2 results today after the market had closed. Shares are down by as much as 12% as earnings growth reported was below analysts expectations. Net income for the quarter was $1.25B, up from $925M. The company reported a profit of $4.63 per share, which was slightly below the $4.72 average expectation from Wall Street analysts.

Continue reading at TechcrunchIT >>

Starting today Google has integrated results from Code Search as snippets in the main search results page. Code Search was launched by Google in October of 2005 as a seperate vertical search property. As the name suggests, Code Search indexes and parses source code on the web and provides users a simple but flexible search and repository browsing interface.

For a Google property such as Code Search, integration into the main large-scale traffic flow via the primary search results page is an indicator of product maturity. Previously seperate properties such as Finance and Maps followed a similar development and audience exposure path.

Users of Code Search are able to locate reference implementations of common algorithms or routines, or search for best or worst practices amongst the code published and available. and queries filter based on license, language, package and more. Code Search competes with both Krugle and Koders, startups that were both founded prior to the launch of the Google code search service but that both provide their own unique features respectively.

Last week Google announced a number of improvements to Code Search, namely improved code highlighting, browsing (especially with larger projects) and ability to refine results based on class, project, file etc.

Jason Calacanis announced on Friday that he was retiring from blogging. There was a very mixed reaction to the news, with most believing it to be a publicity stunt. Jason said in his farewell post that instead of blogging, he would instead be posting to a mailing list made up of his followers, capped at 750 subscribers. That subscriber limit was reached very quickly, and today Jason sent out his first new ‘post’ to that mailing list, which we have included below.

We expect that moving his posts to a mailing list will not achieve what he has set out for - and that is to have a conversation with the top slice of his readers. Instead, you will likely see his emails re-published, probably on a blog and probably with comments and everything else.

> From: “Jason Calacanis”
> Date: July 13, 2008 11:16:15 AM PDT
> To: jason@binhost.com
> Subject: [Jason] The fallout (from the load out)
>
> Brentwood, California
> Sunday, July 12th 11:10AM PST.
> Word Count: 1,588
> Jason’s List Subscriber Count: 1,095
> List: http://tinyurl.com/jasonslist
>
> Team Jason,
>
> Wow, it’s been an amazing 24 hours since I officially announced my
> retirement from blogging ( http://tinyurl.com/jasonretires ). As
> you’ve probably seen there has been some of coverage of my retirement,
> most of it wondering if I’m joking or not (links at the bottom). To
> those who know me better than a couple of Valleywag headlines, am I
> ever not joking??!? I mean, Clark Kent asked a question in the faux
> Q&A session, I posted a photo of Michael Jordan’s retirement, and I
> spoke about spending more time with my family (as in my wife and two
> bulldogs).
>
> Clearly I was joking in the post, but I’m dead serious about the
> retirement from blogging.
>

Read More

MySpace and Google demonstrated an interesting mashup of the MySpace Data Availability API, oAuth and the iGoogle gadget specification at the oAuth Summit a couple of weeks ago. The application, which pulls the core MySpace feature set into iGoogle, is not yet publicly available, although MySpace has said to expect in in August.

It’s another example of data portability in action (as well as the alliance between MySpace and Google to compete with Facebook). The example application MySpace has built for iGoogle is a gadget that allows MySpace users to check profile updates, their status messages and private messages - all from within the gadget. The gadget is built according to the new gadget spec, meaning that it should also work with other sites (such as Yahoo) that also support the gadget and oAuth.

These are the screen shots that were shown at the conference:

We have been tracking the exodus of employees from Yahoo and have counted 114 executive-level departures since January 2007. The news isn’t going to get any better as we have learnt that of the executives remaining at the company, a large number of them are biding their time and waiting for a large vesting period that finishes up in the first week of August, the same time as the critical annual shareholder meeting.

The options grant was part of a retention initiative at Yahoo! and involved almost every employee at the company - from top executives down to the engineering level. Employees were granted options and restricted stock units based on merit. Grants ranged from 10,000 to up to 40,000 options with a vesting period of two years. These options are potentially worth up to $200,000 for some employees - certainly enough incentive for some who intended to leave to wait around a few more months before taking that new job with a startup, or Google or Microsoft. We understand that there are dozens and possibly up to another 100 people in director, VP level or higher positions who are ready to leave once this vesting period has completed in a few weeks time.

Yahoo has long had a retention problem, and they are known to pay higher base salaries and ocassionaly write out bonus options in an effort to retain employees. They also ran a very visible recruitment campaign until recently when they initiated a hiring freeze. Our list of executives who have left the company could easily double in the next month - and another mass exodus would not bode well for the morale of the remaining employees and executives.

We understand that some of these remaining executives are only coming into the office a day or two a week, and openly searching for new jobs with competitors or other companies. The image gives a good idea of just how tough the situation inside Yahoo! is at the moment - and the challenges facing upper management with their attempts to turn the company around without the help of Microsoft.

Stock in virtualization provider VMWare today dropped almost 25%, as growth expectations were lowered and founding CEO Diane Greene was replaced by the board. Prior to today, VMWare was the fourth largest software company in the world, with a market cap of over $20B. They have slipped down the list and lost $5B in value as the company struggles to match high growth expectations places on it after its much-hyped IPO almost a year ago.

Greene, an original founder of the VMWare company, will be replaced by Paul Maritz as President and CEO, and he has also been assigned to the board of the company. Maritz was the founder of Pi Corporation, a cloud based storage and services provider that was acquired by EMC last year. Previously Maritz was the VP of Cloud Services at EMC, and prior to that he was a long-term executive at Microsoft.

The company faces a number of fresh challenges as the virtualization market heats up with the entry of Microsoft with their virtualization platform, now built into Windows Server, and their new Hyper-V product, which will retail for only $28, fractions of the cost of a VMWare solution.

VMWare: A missed opportunity for EMC? Continue reading at Techcrunch IT >>

Microsoft has announced this morning the availability of hosted Exchange, Sharepoint, collaboration and communication as part of the Microsoft Online suite. The hosted platform is a direct competitor to the Google App platform, which is currently available either for free or for as little as $50 per year.

The service plans for the Microsoft deals start from $3 per user per month - and with that plan users get an Exchange mailbox with webmail access, sharepoint server access and the basic communication tools such as messenger. The full hosted Exchange and Sharepoint, along with collaboration tools, starts at $15 per user per month - which is around $180 per year. While the alternatives are a lot cheaper, for most businesses an Exchange-based solution is at a different level than what Google or any other web-based company can provide.

Exchange already has deep penetration into the enterprise, and the online platform and suite integrates nicely with existing windows domains - so users can easily move users and mailboxes between hosted online or hosted on the local network. Pricing is a little more than what it would be with just an Exchange license, but it includes the hosted environment, administration tools and integration into other products such as hosted Dynamics CRM.

Microsoft also announced this morning that they will be paying partners a 12% fee for all new customers that they refer to the platform. Microsoft has a very large partner base (over 15,000 of them are currently meeting at the partner conference where this was announced), who are all ready to go out and sell this solution into businesses at all levels - something that Google does not have.

Continue reading at Techcrunch IT >>

Our first week is over on TechcrunchIT and it has been a busy one. Steve Gillmor and I spent time with Salesforce, Sun, at Velocity with a super-smart guy about to join Twitter and with two other smart guys who have a new Javascript platform called SproutCore that Apple has taken a keen interest in.

It was also a big week for Open Source as a business as we heard about rapid growth at RedHat and MySQL now at Sun talking about their $100M revenue rate, strong growth and future plans.

The cloud is getting more crowded and competitive with a serise of announcements this week starting with Cloudstatus, new stuff at Mosso and a new cloud-based video encoding platform.

Bill Gates finished his last fulltime day at Microsoft and we wrote up a list of things he can now get around to now that he has all that time on his hands, while Steve analyzed the future at a Microsoft now without Gates.

To subscribe to TechcrunchIT hit up the feed, or follow us on twitter at www.twitter.com/techcrunchit. To get in touch with us with stories, news or tips visit our contact page.

Nokia has today announced that they will be acquiring the remaining 52% of Symbian they don’t own and will be releasing the complete Symbian platform under the Eclipse open source license. Nokia have also announced the creation of the Symbian Foundation, which is an alliance of mobile vendors and application providers that any company can join.

Continue reading on TechcrunchIT.com >>

We just got confirmation from Joshua Schachter, the founder of delicious, that he has decided to resign from Yahoo!. Mike Arrington just spoke to him and he said that the recent news coming out of Yahoo! pressed his decision to leave now. Joshua also said that the decision was made today, and that he has no future plans but will instead join the “gloriously unemployed.”

The development of the new version of delicious seems to have almost stalled within Yahoo, and Joshua cited recent frustrations with the process as playing a part in his resignation. We said a few weeks ago that Joshua’s time at the company may be running out, and we had all been waiting a long time for the new release of delicious.

Yahoo acquired delicious in December of 2005 and we broke the news here on TechCrunch. delicious is certainly one of my favorite web applications, and I have been a frequent user since its very early days. It was also one of the first companies profiled on TechCrunch, so Joshua leaving Yahoo (and delicious) brings an end to a very long era.

Yesterday we published a list of all those who had resigned recently from Yahoo, and since then we have been busy trying to keep it up to date as the news of further resignations continues to roll out. It has been a very bad time for Yahoo! recently, and things are only getting worse.

Photo credit: Javier Pedreira

Update: Schachter speaks up in the comments:

I was largely sidelined by the decisions of my management. So that was mostly the result rather than the cause, if that makes sense. It was an incredibly frustrating experience and I wish I was a lot more like Stewart [Butterfield] in terms of pushing my point of view.

Interview with FriendFeed
Steve Gillmor and I did a video interview with Bret Taylor from FriendFeed. There are some interesting responses and content in here and it expands on a few points that were discussed during a panel today at the Supernova 2008 conference.

To begin with, Bret states that they re-thought how FriendFeed could work as a communication tool, and are contemplating supporting the XMPP format (Jabber). XMPP support would mean that a whole suite of products could be used with FriendFeed. While Bret didn’t offer a firm commitment, it is apparent how their development of the product and their planning has adapted since the product launched.

We also touch briefly on formats, and FriendFeed will be adding support for generic media feed types, in the same way it currently supports blogs. This will be based on Media RSS, which allows for photo, audio and video enclosures within RSS feeds. It means that developers of applications who currently aren’t directly supported by FriendFeed will be able to publish a standards-based feed and have their users plug it into FriendFeed. We hope that the other data types (events, short-form messaging etc.) are also developed into standards, and it seems that we are heading in that direction (albeit slowly).

Bret also gives us a bit of a background into how FriendFeed was developed, its growth and popularity.

SuperNova 2008: Panel on Liquid Conversations

Today at Supernova the Liquid Conversations Panel will be talking about how personal content, text, video and comments can be separated from individual websites and shared across the net and personalized. Dave McClure will be moderating the panel of David Sifry, Bret Taylor, Matt Colebourne and Loic Le Meur.

What are liquid conversations?
What is new and happening in distributed conversations? FriendFeed, which is a content discovery tool and aggregates all the things you share on the internet with people you know. It is modeled on a social network, so you can leave comments on content and share it with your contacts and friends. FriendFeed allows distributed conversations to take place amongst friends, contacts and amongst individual groups. With individual groups the conversation can be personalized.

The audience was asked wether web publishing is seen as easy, not-so-bad or hard. Most of the audience responded that posting content to the web is relatively easy, which has allowed a large audience to participate in web-based conversations.

CoComment is similar to FriendFeed, but it aggregates your comments across all the blogs where you have left a comment. It allows you to see all those conversations in a single place, but does not offer the personalization layer as FriendFeed does. CoComment points out that with decentralized conversations, the process is more democratic as site owners are not able to censor comments, allowing all those participating to participate equally.

The audience was asked if they blog and how frequently they blog, and the majority response (no surprise for such a conference) was that the majority blog frequently, and the majority also comment frequently (and the trend is that blog commenting is increasing over time).

Loic from Seesmic gave a video demonstration of a distributed video discussion, talking about the “g-spot” (hint: it’s not about Google). See the video here (recorded with Seesmic, very Hofstadter)
Read More

Today at the Supernova conference there was a panel about who owns the social graph. The panelists were Kevin Marks from Google, Joseph Smarr from Plaxo and Dave Morin, Facebook’s Senior Platform Manager. The conversation turned very interesting when moderator Tantek Celik pointed out a post by David Recordon that showed how Facebook is blocking Google’s Friend Connect product, and not allowing users to extract their Facebook social graph through Google. Morin from Facebook said that the reason they’re doing it is because Google’s implementation didn’t comply with the terms of use, while Marks from Google responded saying they strongly believed they were within the usage terms, and others suggested that there may be an ulterior motive for blocking friend connect.

Google Friend Connect is an API and application that allows users to extract their social graph data from various networks and then use the data in other applications that support the API. So for Friend Connect to be effective, it requires that the larger social networks allow their data to be extracted in one form or another. Facebook provides an API, but it seems they didn’t like how Google was using that interface as part of Friend Connect. Tantek attempted to prompt both Marks and Morin to reach a solution while on the panel, but Morin reverted to an earlier comment that “members from both parties were in discussions on working out a solution”. It was implied that this is happening on an engineering and executive level, and that legal teams had poured over the various terms of use agreements.

A question from the audience asked why Facebook is falling back on their global legal terms as a reason for not allowing individual users to extract their own data. Facebook committed to working this out, and Morin said that they did want to allow users to access their data freely. It is apparent that there is a war of control here, with Facebook hesitant to hand over the keys to their social graph to Google, despite the fact that each individual user needs to request to retrieve their data.

We recorded a video with David Recordon of Six Apart, who originally posted the issue on his blog and was part of a separate panel discussion today concerning open standards and formats.

Today at the Supernova conference there was a Techcrunch panel on the next great ideas in Mobile. The panelists were Michael Arrington, Kevin Werbach, Roelof Botha and Andreas Kluth. The companies that presented focused on important themes to advance innovation in the mobile environment including mobile goods, avatars, games and interfaces.

For more information on the technology some of these companies will be using, check out our Location Technologies Primer.

MobileLab

MobileLab is a hub for mobile phone research and innovation at the University of Texas at Dallas. The lab has support from Ericsson, TI, Apple and Samsung Mobile. Their technology overlaps persistent 3D images over the real world on your mobile phone screen. One of the initial applications is a “mobile avatar” that appears on a person’s shoulder.

Mobile Dead

Mobile Dead is a location-based mobile zombie game. It uses GPS or other location data to find your position and the position of other players. Players choose to be on either the blue team, which is the human team, or the green team, which is the zombie team. Users can message each other with twitter-like short messages. Each player has a health and experience level, and a short profile. The game is played by picking up virtual items, which can then be used as part of the game. Those items, can also be traded with other items (such as trading a soda can for a crow bar). Players pick up weapons (such as chain saws) to fight against the opposing team, with weapons having varying levels of strength and damage. The game play is like other turn-based MMORPG’s where players take turns to hit each other until one wins. When you win fights you gain experience points.

The game seems interesting, but it will require a critical mass of players to be viable (unless you want to walk around and just pick up items). The game is going to be in beta in the New York City area in July, and you can signup today if you are interested in trying it out.

FrontlineSMS

Using a a laptop and a mobile phone FrontlineSMS allows users to send and receive text messages with large groups of people. It can be used in a number of ways including disaster relief coordination, field data collection, conducting public surveys, organizing protests and more.

Skydeck

Skydeck is a little like Mobile Me from Apple, except that for voice calls they keep a log of all calls (incoming and outgoing). Skydeck provides real time data for all the calls you make, and you can mark calls for follow-up, tag them, etc. The application here is for it to be used in sales or industries where you need to log calls for billing. You can easily go back and search for names, and it provides a better level of relationship management for phone calls. So it is like a mini-CRM around phone calls. There are some social aspects to the application, as it wil rank your contacts depending on how often you speak to people - so when you view your address book it will show your most common contacts at the top. They claim that they are providing a more powerful address book, which is a very common and important function on cell phones, yet at the moment most address books are simple lists of contacts.

The Skydeck presentation also talked a bit about data portability issues with cell phone carriers. The demo displayed how T-Mobile (and other providers) lock away your call usage data and don’t provide an easy way to access it and use it in other applications. Additionally, they covered how various US carriers have disabled SyncML on phones, to prevent users from being able to extract and use their call data in different ways. Skydeck looks like a very interesting for those who use their phone for phone calls frequently as part of their business.

Glancing Pad

Glancing Pad is an effort to create a new human input method for mobile devices that replaces keyboards and works better than other alternative methods. The goals of the project are to not require sequential entry, a single-handed method and one that is easy to use and efficient. The Glancing Pad is a touch-pad style decide where through a series of finger movements and touches a letter can be entered.

The input method seems interesting, and similar to gestures that are available on current track-pads, except that the gestures and movements on a Glancing Pad are actually used to enter text (although one letter at a time). It will be difficult for users to train themselves in using this form of input pad, and it isn’t clear how this technology will be made available. We didn’t get a chance to see a live demo today, but it is an idea that does have some potential.

Google launched Gears last May, and for the first year of its release it was considered a minor, niche product that a few developers and users may take advantage of to allow offline access to web applications. You can probably recall the arguments at the time: who needs offline access, connectivity is everywhere anyway, not enough apps will support this etc. It wasn’t until a year later and only a few weeks ago, that Google revealed its ace card: Gears-powered messaging for MySpace that is super-accelerated. Google had entered the race to provide the new web API, and for a year almost nobody had noticed.

The browser of the future is likely to become the virtual machine that hosts almost all applications. In this scenario the operating system becomes transparent, so Microsoft has something to protect (the source of its profits), as does Adobe, who currently provides the most common and consistent web virtual machine with Flash. Google has made no secret of its plans to target and harm Microsoft, and they know that the best way to go about that is to make the operating system irrelevant by moving up a layer and turning the browser into a standard, but powerful, virtual machine for applications.

It is hard to convey in a review how Gears can change and accelerate the functions of a web application. With browser-based Javascript, functions in MySpace such as listing and sorting emails or filtering through a list of friends felt very slow; the loading bar would freeze as the hourglass spins while your browser makes multiple requests back to the server. With a quick install of gears, a click on a confirmation box and a couple of seconds of loading time, the same functions that would previously almost drive a user insane now feel like they are part of the browser itself. What Google showed us Gears could do with the MySpace integration woke almost everybody up to the true intention of the product: this was no longer about offline browsing, but a shot aimed directly at Adobe and Microsoft.
Read More

Due to its popularity as a blogging platform, Wordpress has become a prime target for hackers looking to take over blogs for search-engine optimization (SEO) of other sites they control, traffic-redirection and other purposes. Recently there have been a spate of automated attacks which take advantage of recently discovered security vulnerabilities in Wordpress.

To date, Wordpress has been keeping up with the security holes by releasing updates within a few days of new exploits being found, but in the past few days new exploits have appeared that nobody seems to have answers for.

One such attack actually happened to me back in January, when I noticed that a blog I was hosting had been littered with tens of thousands of pages relating to pharmaceuticals and adult material. Someone had gotten access to the blog and literally created new pages, such as this one:

The blog was running the most recent version of Wordpress available at the time, and I traced the entry-point back to a simple flaw in a script that was not adequately filtering user input. To its credit, Wordpress released a new version that patched the vulnerability (among others) and asked its users to upgrade.

That was six months ago, but in May it happened again, this time with a new security hole and again it occurred a few days before Wordpress was able to respond with an update. The problem is that most blog owners aren’t aware of the threat posed by hackers targeting blogs, as a successful attack may not tip off the blog owner in any way. The security vulnerabilities in Wordpress have led to automated attacks across a very large number of blogs, often without site owners realizing what is happening.

If you are currently not running the latest version of Wordpress then there is a very high chance that your site has already been compromised.

The common results of a successful attack are that a backdoor is installed (meaning the hacker can go back in and enter your blog at a later date), passwords for all users are downloaded, or spam pages are generated. At that point, you are no longer in complete control of your blog, including all the content and anything else in the same database that the Wordpress install has access to.

Hackers are taking advantage of the open-source nature of the software to analyze the source code and test it for potential vulnerabilities. It is then left up to developers and users to detect, track down, and then close off the vulnerabilities in the code that attackers are using. The pattern seems to be that when a new hole is found, it is broadly exploited, then developers rush out a patch and a new release. Thankfully most of the damage inflicted by the automated exploits can be reversed with an upgrade, though in some cases you can be left with thousands of pages and images to clean up (and they are usually well hidden).

For users of Wordpress, backups are essential, as are frequent updates, monitoring your blog usage and tracking the official Wordpress blog and other blogs for news of any new security holes. There are also plenty of guides and applications available that can assist a site owner in further securing their blog.

It is unknown just how many Wordpress blogs are infected (I have seen instances of double infection, where a previously hacked host had been hacked again), but as an indicator, across the ten or more Wordpress blogs that TechCrunch and I have access to, we can see over 100 requests daily for these various security holes. Stories about hacked blogs are becoming more and more and the ongoing concern is that the newest security hole could be found and exploited at any moment.

Update: In the comments, Anil Dash from Six Apart has linked to a post on their blog about MovableType vs Wordpress in terms of security.