Richard MacManus over at ReadWriteWeb posted an article today detailing Why Twitter Must Expand Beyond 140 Characters. This is a counter post detailing the opposite.

Twitter No Longer About Constraints

Twitter and Facebook are not in competition, they serve two very different functions. Twitter is for following brief status updates from people and things you’re interested in, while Facebook is for sharing your life with close friends and family in an efficient detached manner.

That Extra Click: The User Experience Issue

There is a user experience issue with having to click a link to read tweets that are longer than 140 characters; but the issue isn’t with Twitter, it’s with the external service which is not a good fit for Twitter. Having to click to get extra content—ie: Twitter’s simplicity (and it’s open API), is what made it so successful and able to have such a vibrant ecosystem of apps and experiences. The new Twitter layout solves a significant amount of extra clicks showing plenty of externally linked media from tweets on the Twitter website without leaving the experience.

Will Twitter Producers Pollute Twitter With Long Tweets?

It’s irrelevant how often people post long tweets. Twitter can’t drop the 140 character limit because it was designed to be used with SMS. Many people still write and read tweets via SMS on their mobile phone, and allowing longer tweets wouldn’t solve anything. Those people would still be limited to only 140 characters, and any tweets longer than 140 characters would be sent to their mobile phone all wonky and separated or broken up.

Other Languages Already Send Long Messages on Twitter

This just refutes the last point. But it also provides a solution, if you want longer tweets, learn Chinese.

Twitter Needs to Expand Beyond 140 Characters to Continue Growing

This is just false. Twitter’s brevity is it’s value as the character limit urges elegance, and allows it to be integrated beautifully with even small simple devices and web apps. Twitter is in the middle of transitioning to the new layout, and there’s a ton of room for Twitter to expand in terms of analysis and practical uses of their vast sums of data.

Twitter keeps hitting record usage levels and their service is becoming more and more mainstream as it becomes popular around the world. More important than character limits is expanding their infrastructure for uptime ie: they can barely handle 140 characters, but perhaps more importantly for access.

Being able to Tweet from anywhere in the world in the face of a government shutting down the internet – via SMS and Google Voice, and perhaps in the future self healing P2P networks is a must. Getting an image of your country’s secret police force throwing molotov cocktails at protestors from rooftops to the world is at the very least facilitated by the fact that there are hundreds of services that easily integrate with Twitter and a hundred different ways of getting an image like that onto many different services and getting the Tweet out. If Twitter starts expanding to overshadow its simplistic ecosystem as a status distribution network, preventing posting of such pictures to a mass audience will simply mean blocking the twitter website. All your eggs in one basket.

The French National Institute of Computer Science just published a study, where they analyzed over 10 million usernames from various websites and social networks, finding that many people use the same or similar enough usernames across services allowing malicious bodies to build pretty comprehensive profiles of you. They released a tool to analyze the uniqueness of your online usernames. You can read the study here as a freely downloadable PDF.

The take away is to use distinct usernames for different services, and make sure you only use your real name if you want all that account info to be associated with the real you.

via [TorrentFreak] via [Cornell]

There's not much to say about it. I've read some other posts from really reputable blogs and for whatever reason they're all padded with nonsense. Facebook Mail is an extension of their messaging system that incorporates email, has a kind of priority inbox, and is all based on people rather than threads based on subject. Facebook is aggregating all the ways you communicate to better simulate a conversation as though you were standing next to the person.

It's a very specific style of communication that speaks directly to teenagers and the way they communicate. While teenagers could and should use a communication method that caters to them, and the new Facebook Messages does that really well, it's not for grown ups, or business, or anyone with any depth or complexity. It's advanced IM(instant messaging).

Grown ups need threads by subject - whether they choose to organize their inbox as individual messages or threaded, the subjects still differentiate the content of an email or conversation. I may do a lot of work for a client, the absolute last thing I would ever want is to scroll down a bit too far in the conversation and see specs for an old project and incorporate it accidentally in the new one. Or for the client to pitch an idea for a new project, which get's muddled with the current project, or requires a paragraph explaining that it's a different idea and just a pitch and has nothing to do with the current project. One of many examples where subject based organization is a far simpler paradigm.

Of course we all have a adolescent side - some more than others, and it's that same aspect of ourselves that Facebook appeals to when see what old friends are doing with their lives. It's that same part of our brains, that couples with short sightedness, that makes some people think that peer pressure is more important than preventing access to your personal online life from random third party applications. Why else would anyone do those stupid Facebook Quizzes? It explains why some people believe there's enough value in completing a quiz to give up the keys to their personal life to some shady app developer. Or at least the same short sightedness that becomes so overwhelmed by the social pressures of Facebook that they've never read the TOS or Privacy Policy. Never mind Facebook's but of the third party quizzing application who can do whatever they want with your data.

The two other issues with integrating Facebook Messages with your email is lack of respect and trust. Giving someone your Facebook email address is an immediate indicator that you don't want communication with that person (or company) to be too complex. You're saying, "Here's my Facebook Email, I'd prefer it if everything we say to each other from now on was part of the same conversation cause DUuuueah I lack the ability for context". As for trust there are two main categories of people. Those who trust Facebook (unfamiliar with their history, never read the Terms, unaware of the frequent privacy control resets, etc.) and those who don't trust Facebook (people with common sense, people who don't live in a bubble, people who can read).

While I've recently had to reactivate my Facebook account after two years so I could access their developer API for work (I got out during a significant Intelectual Property and Privacy blowup in 2008), I refuse to put any information on it that isn't already public. Why, because I don't trust them. Facebook has done a lot of things in their past that are notably untrustworthy. Their whole approach is based on peer pressure and pushing people around how they see fit, their privacy controls are only meaningful until they decide they're not - which happens frequently enough, and they don't appropriately abstract apps or themselves from your personal data.

Why would I trust a free service like Google with email and documents and stuff, but not Facebook? Well for one I know that Google has serious restrictions dictating which of their employees have access to my data, even those few select people are meticulously logged and audited, and any violations result in firing and tighter security. On Facebook I have no idea which of their employees can access my data, and I know that at their whim a mere Privacy Policy update could result in all my controls being reset and my private information entering the public domain forever. If the controls are meaningless, and access is ambiguous then there's no trust.

For a simple analogy; Google is run as a republic. Microsoft is run as a corporation, Apple is run as a dictatorship, Facebook is run by a young dictator.

I've talked a lot about their unpleasantly ghostly Privacy Policy and Myspace-esk TOS, you know the ones that sign away equal rights and entitlement to your identity indefinitely just by using their site. But I haven't talked about the intrinsic insecurity of a social network like Facebook.

Fact: A significant amount of computer users exhibit insecure behaviour online. They don't use strong passwords, they don't opt for https://, they don't work on virus/keylogger free computers, and they answer spam emails(shocking I know).

Fact: Facebook contains not just a list of all your friends, but all your friends' friends, and a record of your interactions with them. Your social network and scene.

Think about it like this: If someone gains access to your email account, they can see your contact list, and they can see how you talk to your contacts. If they have a lot of time on their hands they can read huge volumes of emails and piece together your relationships.

On Facebook, they can see your list of friends, family, your communication with them, but more importantly their communication with each other. A schematic of your social life heavy with descriptions of how you know each person. Assuming you've toggled your privacy settings back so only your friends can see your stuff, and did so before google indexed your profile and friends list. Every one of your Facebook friends is an attack vector for all the personal info you've posted and that your friends and family have posted that doesn't even relate to you. More clearly A is an attack vector for B, A<->B, C, and B<->C.

In addition 3rd party Facebook app developers also have access to your social circle and information. Your Buddy wants to try an app from some developer he doesn't know? Well they just grabbed your entire social network and know a LOT about you and all your friends.

On Facebook, you are not the only one responsible for keeping your information safe. Anyone you friend is. Would you trust your Facebook friends with your Facebook username and password?

It's given birth to a new breed of highly personalized spam. Imagine getting an email from someone you don't know offering you cheap Viagra and even using your first name. Sounds like a scam right? Sounds like if you clicked on the link you'd probably get a virus or some kind of malware installed on your system right? Right.

Now imagine getting an email from Sarah your old girlfriend, where she talks about something you did the other night at a party (which you posted a photo of on Facebook being careful to only let your friends see) and then telling you she wants you to see a funny youtube video. You click on the link and guess what? It wasn't Sarah at all! "What?!", you say? How's that possible?

The Spammer, we'll call him Spammer, gains access to Jim(your buddy)'s Facebook account because a) he accidentally typed in FaceBack.com without realizing it and tried to login. His credentials were phished and the Spammer was in his account within 30 seconds, or b) Jim(same Jim) adds an application where the 3rd party developer wrote a bunch of code that scrapes all of Jim's and your information and emails it to him(the Spammer) as a .zip file when it's done. The Spammer goes ahead and looks through Jim's friends list, then through yours. Looks through your photos and descriptions of each of your contacts. Looks at Sarah's profile and write's down her email address, attaches the photo to an email, the email spoofs Sarah's email address(this is astoundingly easy without her login credentials from any computer connected to the internet) and adds an html link that looks like this in code:

<a href="http://sitewithavirus/silentkeylogger"> http://youtube.com/v=harmlessvideo</a>

and to you looks like this:

http://youtube.com/v=harmlessvideo

Clicking on the link will obviously take you to the virus and not to youtube and if you use Internet Explorer, or the Spammer is using a zero-day exploit for one of the other browsers, you're fucked due to arbitrary code execution.

A site that gives anyone other than you access to a super detailed schematic of your social circle is inherently insecure. Facebook should not expose your real life social circle to anyone even other people in that circle. But they do and will because a large part of their user retention plays on social needs for acceptance/approval/jealousy/etc. which requires exposing that information to people you normally wouldn't and in a permanent public manner that you normally wouldn't.