Google Buzz into a web page using iframes. Overall very cool and making
it much more likely that I will use the Buzz system as I am not a big
fan of melding email into my social network. While the privacy and
security pundits are crying foul over the entire Google Buzz process
(with reason), using LPH’s code can allow you an outside Gmail access to update and otherwise use Google Buzz.
The ability to use this outside Google makes this much more likely
a product that I will use in the future. There are two features that
LPH wrote up over the weekend that makes Google Buzz more extensible to
the casual user.
The first is your Profile Card.
And it will look like this when it is up and running
The part to change is your UID, you will see mine “rmorrill” to
whatever the first part of your e-mail address is. Ok, this is where
the Privacy folks are going to get really upset because you can now
program anyone’s VCard for your web site. Your VCard is a way to
identify a person, and also is a big tip to spammers that all they have
to do is add @gmail.com to the VCard UID to start sending spam. It also
identifies real Google email addresses that can be used to send spam,
and a ton of other issues that can be identified by putting a VCard on
a web site. Unfortunately there is not much that anyone can do other
than not put a VCard on their web site. But people will do this, and
there are direct identity issues with using a Google based VCard. This
holds true for any other form of VCard that anyone uses from any
This other code bit with everything between the two DIV segments is
what drops a very nice Buzz UI (user interface) onto a web page. Copy
everything between Div and /Div.
And it will look like this if you are logged into Google Buzz/Email.
This region will show your posts on Google buzz. If you are not logged into the service then the area will be blank.
This is where Google Buzz gets privacy right; you cannot truly
substitute anyone else’s UID into this and make it work. It will not
work with the UID that makes your VCard work, or anyone else’s
identifying number or UID segment. The key to this is the segment
~buzz:view=me where changing “me” to anyone else results in an empty
page for this code segment. I tried a number of different combinations
to bring up anyone else’s buzz page and was unable to do this as there
looks like there is a correlation between the Google authentication
cookie dropped on a local computer.
This does not mean that someone can not steal your authentication
cookie off your computer and use it to read your Buzz stream. For me
this is a good first step into integrating specific Buzz features
outside of Gmail where for me personally it belongs. Thanks LPH for
working on this code, Buzz just became much for usable.
(Cross-posted @ IT Toolbox )