While it wasn’t surprising to learn that someone hacked an application using the OpenSocial framework, it was surprising to learn that it had happened again, by the same individual that did it the first time. On top of this craziness, it seems that this “hacker” is a novice. While we all know it was hacked and the larger blogs are complaining and talking about it, there is another issue.
What the real question here is, should one framework rule them all? With Google spending time on other projects and releasing this one very quickly, why should OpenSocial be blindly used by companies, especially when it seems to be prone to security issues?
Some may cry fowl at this news, however, that the applications are insecure and it’s not OpenSocial’s fault. Truth be told, I’m pretty much one of those types of people, but I also blame Google on this aspect. It was released too quickly and no one really had a chance to learn about it.
This is really like a new car - you don’t go out and buy the first year of any model unless you’re ready for headaches. Same goes for software, web or not. Unless you’re willing to handle the issues that come about, don’t install it.
For any web developers that are hurting from this issue, I do not feel sorry for you one bit. You should know better than to release half-assed, bug riddled…crap.
