I walked into my boss's office on my first day back working for Microsoft in April and he asked me for a favor. Four months later, including one month spent working 7 day weeks, the "favor" is finally over. Microsoft just announced the public availability of the Windows Live Contacts Gadget beta. The gadget allows any website, anywhere, without filling out any paperwork, just by including some Javascript, to allow its users to use data from their Windows Live Contacts (i.e. their address book including e-mails, phone numbers, physical addresses, etc.) on the site. But, of course, that's not even half the story.
The gadget itself is nifty (although it is very much a beta) but what I believe is most important about the gadget is what it represents. Today information stored in Windows Live stays in Windows Live. That isn't exactly useful. What we need are ways to make it easy for Windows Live users to be able to use and expand their Windows Live hosted information in multiple places. The Gadget provides one avenue to make that possible. The key to the gadget is that it uses a permission based model where a user explicitly say "share this information with this website". It's the permission model that makes it possible for us to allow any site that agrees to the terms of use to host the Gadget.
What's That Stupid Clicking Noise?
If you use Firefox then you don't know what I'm talking about. But if you have used the Gadget with IE then you will know what I mean. That noise is the mechanism we use to pass information between the Microsoft hosted gadget and the third party page. This all happens down on the client but in IE the mechanism is treated as a navigation and so makes the navigation 'noise'. If this all sounds familiar it's because Dojo beat us to the punch with a very similar mechanism. We do, however, appear to differ from Dojo's approach in several ways. First, we do not use timers, our mechanism is event based and hence completely asynchronous. Second, we actually secure the channel so we can authenticate the sender (the browser effectively authenticates the receiver). Third, our mechanism has a built in chunking function so that we can send arbitrarily sized messages. I hope to see us offer the communication mechanism as a stand alone function in the not so distant future.
So What Took So Long?
Sure, the gadget is nifty, but it's not exactly brain surgery. What took us four months to finally get it out the door? I suppose I could complain about the 19 different reviews we had to go through. Yes, 19, I counted. But the really odd part is that most of the reviews took 30 minutes or less and all of the reviews made a ton of sense. About the only really painful reviews were the security reviews where we had to use an internal tool to create an explicit threat model to cover all the various avenues of attack and then get the model reviewed and approved. But even that work was useful and reasonable so I can't complain.
Here is a sample of some of the reviews we had to go through:
-
IE security review – make sure the Gadget wasn't doing anything evil in the browser,
-
Live security review – make sure we didn't abuse Live's infrastructure,
-
Windows Crypto Board review – make sure our channel authentication mechanism actually worked,
-
Privacy review – make sure we are in compliance with Microsoft user privacy policies,
-
Human Interface Guidelines review – make sure we are following Microsoft UI "best" (cough) "practices" (cough),
-
Windows Live Contact's Server review – the folks who actually own Windows Live Contact's server wanted to make sure we wouldn't overwhelm their service or use it inappropriately,
-
etc.
So, no, it wasn't the reviews that delayed us.
We did blow two whole weeks trying to figure out how to use an existing client library to access Windows Live Contact's servers before realizing that the library could not work in the manner we needed. That actually turned out to be a very big deal. Because it meant we no longer had a way to talk to Windows Live Contact's server, without which, there would be no gadget. But we found a solution, Me.
This is the part I don't think people really appreciate about Windows Live, it's the world's richest startup. Sure we have lots of money and lots of people but we also have a ridiculous number of things to do. So when we realized that our schedule was FUBAR'd because of the lack of a way to talk to Windows Live Contact's servers there was no developer Pez dispenser we could pop to produce another body to help us make our schedule.
So, like any good startup, we adapted. In this case we took our PM (that would be Me) and made him (er Me) into a temporary Dev. 1,500 lines of AJAX code later and we have a CRUD library to talk to Windows Live Contact's servers. This, btw, was where the month of 7 day weeks came from. As I explain in my article on AJAX, writing AJAX code is painful. Also, having to create a Javascript equivalent to JUNIT testing and then writing an enormous number of tests (and tests to generate tests) was time consuming. Especially for someone who hasn't been paid to write code in at least ten years. In the end, however, the library works, we could talk to Windows Live Contact's server and the gadget could continue on its path to shipping.
But even beating PMs into Devs isn't what caused us to take so long. We would have been finished much, much, much sooner if it hadn't been for one really buggy piece of software that kept giving us problems. But unfortunately I can't say anything more about that (i.e. I can't tell you what the software was). What especially sucked about the delays is that Plaxo actually announced their similar gadget at an event that we had intended to announce our gadget at. D'oh!
Big Brother Really Is Watching
If you go to the Gadget privacy link (you always check the privacy links, right?) you will see some fairly interesting text:
Microsoft does not track who uses this feature in a way that will identify you. Only aggregate statistics are used to track which websites have used this feature and how many contacts have been sent.
In other words every time you use the Contact gadget to send data a message goes off to Microsoft telling us what domain received the data and what percentage of your total contacts were sent (e.g. if you have 50 contacts in your address book and you send data from 25 of them then the gadget would send 0.5).
While it actually is true that the data is anonymous this is only because we choose to throw away the identifying information (in this case, the IP address and cookies). I know how we handle the data because my other duty on the project was to be a pseudo-admin and so I wrote the regex code in C# that processes the logs. If, say, the FBI showed up with a National Security Letter demanding to see the raw logs I don't believe there is anything Microsoft could do but turn them over. That's the problem with this kind of data. Even if you trust the person collecting the data to only do what they said they would do, what do you do about hackers or governments? Hence my article on why I don't like many types of centralized services.
Where To From Here?
I think the gadget mechanism is very nifty for allowing any website with very little effort and no load on their machines to get access to their user's information in a manner that gives the user total control. It's not that I think gadgets are the best way to do this, it's that I think that given our existing browser infrastructure it's reasonable. I expect to see a proliferation of gadgets providing access to all sorts of Windows Live data. And, it's worth pointing out, while this first gadget only sends data from Windows Live to other websites the reverse direction is an obvious feature expansion. As for me, the Gadget is now in the capable hands of folks like Danny Thorpe and Koji Kato. While I'm still involved in a consulting capacity I'm off to work on yet another new project in order to enable my group's greater goals. So many cool ideas, so little time!!
So many ideas, so little Pez!