Personally, I use Cache almost every day and as far as I am concerned it is the greatest database and programming language ever...just don't know why it doesn't catch on.
Well, first thing FB has to do is have a little “Come to Jesus” moment where they decide that they’re going to have to actually, you know, DESIGN this thing.
Everything about FB smells of a monstrous, moby hack. It is a mass of ill-considered features and flashy little knobs for children to use.
Consider their security model.... or complete lack of one. Every time they make changes to their security model (IOW, what you have, what you’re going to allow people to see and which class of people can see what about you), it causes a ruckus. It is abundantly clear they haven’t actually *thought* about a security model at all. They’re merely winging it as they go, making changes without a “big picture” into which they’re integrating the ideas.
Or consider their app interface and the security model (or lack thereof). Once you allow your information to be read by FB apps, you have little to no control over where it goes. Because you have limited visibility into the actual code inside these silly games on FB, you have little idea where your data is going when it reads your page and profile.
Now, I’ve not kept up with DB technology for the last 10 years or so. But as I look at the whole “social networking” issue (and FB is merely one instance of “social networking”, LinkedIn is another, MySpace another, yadda, yadda), it comes to my mind that there are probably not too many databases that fill all the requirements of something like FB. OODB’s might offer some better primitives, network-oriented DB’s might offer some other primitives which are useful. But what probably has to be done to make something like FB really scale is to develop their own DB in-house, for their particular application, with the data model they’d have to develop by actually thinking really hard about what they have in their DB now, what they’d like to support in the future and how many people they think they’re eventually going to support.
Let’s say they want to put a stake in the ground and shoot for supporting 3 billion profiles. Those won’t all be people; lots of companies are now using FB for marketing. Political campaigns are using FB, as well as various groups. So I think that 3 billion unique profiles is probably a pretty reasonable number.
Let’s further put a stake in the ground and come up with a security model where people have the right to control their data down to denying individual users. Let’s say that I’d want to prohibit my ex-wife/ex-husband/etc from ever being able to see any of my data - regardless of whether it came directly off my profile, or was leaked through an application or a friend’s page. This means that we need to start to attach security attributes to every bit of data in a person’s profile. The think about security models is that if you design them tightly, it is usually easy to relax them. Design a relaxed, ad-hoc security model, and it is often impossible to impose good security on it.
Now, as for their language: When I look across the landscape just now, I’d probably be implementing a lot more of FB in Java, for the simple reason that it can be run down to the mobile device level. SQL can’t, C++ often can’t be, etc. Use Java to create the DB, the models, the servers, and then use Java for stored procedures. I’ve seen some systems do the same thing with Lisp, but today’s kids want to do nothing but whine endlessly about parenthesis open/close sets, so we might as well scratch Lisp for an implementation language. The thing that FB and other sites need to do is to consider signing their applets and applications, so that the user can trust that the applications they’re running on FB have had some sort of vetting of the applications. With as many people as FB has in their DB, they have real reason (commercial revenue as well as corporate reputation) to implement a digital signature mechanism for their users, so when you get an invite from someone for an event, you know you’re not being suckered into a mugging by a clown who is spoofing your buddy’s account.
The query language, if they choose to implement one (and it isn’t clear that they’d actually need a replacement for SQL if they were going to write their own DBMS) could be designed specifically for their application, ie, social networking.