Just thinking aloud…
I was looking at MyBlogLog product manager Ian Kennedy’s post on the recently launched MyBlogLog API.
[also contains video and links to the tech specs of the API].
One feature of the API is that it is “the only API that I know of that allows you to look-up a person’s identifier across social networks”
Does that mean a spam marketer using the MBL API can scrape all your social network IDs and populate your twitter streams, MyBlogLog message feed, and spam comment on your Flickr photos and blogs?
If the process can be automated, or the captchas can be overcome fairly easily (I’ve heard of a number of programmers who’ve been able to optimize OCR algorithmns on even massively distorted captchas…)
So if the spam barrage hits you on your web 2.0 accounts,
That would be pretty terrible, unless there’s a verification process involved in authenticating the ID of the person initiating the search…
So let’s keep our fingers crossed that enough safeguard are put into place, so that email “mass marketing” doesn’t become “web 2.0 mass marketing”….
For more on permission marketing, check out the Friday Podcast featuring Aweber education marketing manager Justin Premick.
Hi Andrew,
You bring up an interesting point. Just to be clear, MyBlogLog is bringing together pointers to your profile pages that you volunteer. We do not crawl pages looking for these services nor do we ask for or store any passwords, these pointers are public and entirely controlled by each user.
That said, each API request including the lookup you mention is controlled via a Yahoo API key so we also have pretty fine-grained control over access to the MyBlogLog API as well should we receive complaints for a particular bad apple.
Keep the feedback coming.
Ian
As a web 2.0 aggregator/meta reference site, i think it’s a useful resource.
It’s all predicated on the members of the community knowing how to use the information responsibly – eg: following what someone is doing, rather than taking it as an easy opportunity to spam public msgs or bulletins all over their profiles.
Maybe this is an opportunity to introduce a reputation-based ranking system, so the good social guys can be differentiated from the less-than-good ones.
Well, while I see little point in targetting 1 particular person vs. just scraping for random digg profiles and such, it’s going to be a difficult thing to restrict.
I would say that the best move may be to have relatively tight restriction on API key access(manual blog review perhaps) then after that have the rate limit of how much you can use it go up based on how long you’ve had it. That way, abuse would be limited, or the abuser would have to be super patient.