Web Development

Getting RSS Feeds For Twitter Users

Want an RSS feed for a particular Twitter user? This used to be linked off the profile page(s) but since disappeared. It’s still available if you know where it is:{username}

Replace {username} with a username (example).

You could also put a bunch of users into a list and query that using:{listName}&owner_screen_name={username}&include_entities=true

Replace {username} with the list owners username and {listName} with the list name (example). Strangely that’s only available in atom format.

I still find RSS handy for those accounts I don’t want in my stream but want to keep an eye on, as well as those I want to programmatically access or manipulate.

Internet Web Development

Notifications For Better Engagement

One thing I’ve learned repeatedly over the years is that good notification systems create great engagement and encourage habitual users.

The biggest problem with any product/service is getting people to come back. “Drive by” users aren’t terribly difficult. Google will bring you those with a little work. However your business comes from users coming back repeatedly. Those are you’re true “users”. They are the ones who will bring others.

Today, I think Facebook and Twitter are the perfect example of companies who understand and utilize this strategy in a way that amazes me. Lets look at this:


They are the biggest, so I’ll go through it first. The first method of notification is the obvious alerts when logged into the site. You can keep it open and use it as a client, it works great. Facebook also has one of the best email notification systems on the net. You can reply to a comment or message by simply replying to the email. No “app” to install. Even an old Blackberry can participate. Even people where Facebook is restricted but email works can participate (stereotypical corporate office). Email is the worlds greatest API. They take full advantage of it.

On top of that Facebook apps have push notification for smart phone users. Facebook also supports SMS notifications. They additionally support XMPP (Jabber) so you can use a desktop client with their messaging service.

One thing I never understood is why they don’t officially support and continue their desktop notification service. With a trivial amount of work it would be an even better retention method. However the API’s are clearly there for client support (several use it).

Facebook doesn’t exploit this system for marketing or PR. It’s just a useful way to interact with their system. It’s an interface. It’s an API.


Twitter is another company that gets notifications. The most obvious again is their website. Secondly their apps support push notifications. Twitter is also pretty good about email notifications however they don’t accept replies over email. They also support SMS (i.e. “Text follow raccettura to 40404”).

Twitter lastly has an open API and even supports desktop apps like Twitter for Mac and TweetDeck. They encourage their users to stay on constantly and keep up. It’s part of what keeps users addicted to the service.

Again, they don’t market. They just keep users interacting.

Google+, Quora, etc.

I won’t judge Google+ just yet, they are pretty new still. Quora does a pretty good job with notifications however the balance between annoying and useful hasn’t quite been met, at least in my opinion.

It’s easy to overlook this “detail”, but for many users, this is the interface, realize it or not.
I won’t


What Facebook Apps Know About You

The ACLU put together a clever quiz on Facebook that lets you see what a Facebook application knows about you.

I doubt most people realize how much they are giving an application, and how unnecessary the information is to the application. There is no legitimate need for something as simple as a quiz to require that much information. And yes, if your friend takes a quiz, your information is shared too.

I mentioned the other day that that Facebook changed the data retention policy. So this gives a little more context regarding what is actually at stake here.

I’ve been unable to confirm if Facebook gives applications the same data for minors (those under 18) as they do for adults. I know they restrict information shared via the website, but not sure if that extends to the API level. If anyone has a minor child and can shed some light on that, I’d be interested to see how they treat privacy of children in Facebook applications. I’m also not sure if they adjust what data is shared for users, in particular children in other countries where laws may be different. If you know, please share. If you can share a few screenshots of what’s revealed contact me (I won’t share unless you explicitly say so).

Yes, I know this is my third Facebook related blog post in a week. I promise to go back to ignoring them soon enough, but the privacy implications of their applications is pretty interesting to say the least. This is especially true if online privacy and security have long interests of yours.


On Facebook Permitting Longer Storage Of User Data

Previously the rules only permitted storage of some data for 24 hours. Notice I said “rules”. The truth is that there is no technical means of enforcement that I can find. This is done on the honor system. Facebook in theory could look at usage and wonder “how are they doing this without refetching data?”, but monitoring all the apps in that way seems highly impractical. You’d need good knowledge of how the every app actually functions to make that decision. That still doesn’t cover the case of not deleting data when a user removes the application or changes privacy settings.

I’m sure there are some shady application vendors who have forever ignored this requirement. I’m sure some have also captured data they weren’t supposed to store. It seems na├»ve to think otherwise. That’s not to say everyone does it, or even a sizable number. I suspect most companies are honest and follow the rules. The change to remove the limit is actually more honest and straight forward. It is a step closer to reflecting reality.

Facebook should really have some sort of audit policy for apps over X number of users, or make it clear that there’s no real technical means limiting what an application can store once you share data with it. They don’t know for certain that just because a user deleted an application that the application has purged the data. There’s no technical means behind it, and that’s not something that’s easy to fix.

This is an important thing to clarify. Just because they had a policy of a time limit, that doesn’t equate to a technical solution. This is akin to passing a law that says “no identity theft”. It’s a novel thing to do, but it doesn’t prevent theft. It simply clarifies the official position on the activity. If this method worked, we wouldn’t need law enforcement or a legal system, just a few clever people with pens to write laws.

Facebook can obviously shut down anyone who it feels violated their policies, and can likely take legal action against such parties. I’m pretty sure they shut down applications, I’m not sure about legal action.

Bottom line: only share data if you’re willing to accept this risk. Their clarification of warning dialogs before you authorize an application is a good step in this direction.

Programming Web Development

Another Brick In The Facebook Wall