Category: Weblogs

RSS, Spam and Spyware

Published on by Nick Bradbury21 Comments

As I mentioned in my previous post, I’m a firm believer in using blogs and RSS for distributed conversation. So, I’d like to start a conversation about the threat that spam and spyware pose to our little syndicated world. I brought this topic up with several companies who were at the Syndicate Conference, and I was disturbed to discover how few of them are even thinking about this pending problem.

Most of them replied, “Spam problem? But there isn’t one – if someone’s feed contains spam, everyone will just unsubscribe!” Well, yeah – but only if we subscribe to individual feeds, which I believe will take a backseat to aggregated feeds. I’ll use my own experience with the NewsGator acquisition as an example: hundreds of blogs contained news of the acquisition, but I was subscribed to very few of their feeds. Instead, I subscribed to dynamic search feeds – that is, keyword-based feeds powered by RSS search engines – which enabled me to listen in on the conversation. Very powerful indeed – but unfortunately, very spammable.

There are already fake spam blogs, many of which have RSS feeds. Most of the ones I’ve seen were created to influence search engine rankings, but it’s only a matter of time before they use their feeds for delivering spam (I’ll wager that some of them already do). These fake blogs are easy to set up, so as soon as one is taken down, it will re-appear somewhere else (much like their spyware-filled brethren, the warez sites), making it tricky to simply filter them out by their subdomain name. My guess is that the main reason we don’t see more RSS spam is simply because spammers are waiting for it to be profitable. Now that conferences such as Syndicate are attended not just by geeks and developers but also by investors, they’ve got to be thinking that the time is almost here. Create a bunch of fake blogs littered with popular keywords, and let their feeds be picked up by the RSS search engines (to their credit, some of the RSS search engine companies I talked with are already tackling this problem).

Even if I’m way off base about how spam will come to RSS, we all know that spammers will find a way to jump on the RSS bandwagon. Given past history, every new social technology needs to think about spam right from the start, or else risk being crippled by it (side note: many implementations of tagging also strike me as being spammable).

Related to this is the fact that RSS enclosures (a.k.a. “podcasts”) must look attractive to spyware creators. Before I added podcast features to FeedDemon, I took a look at how a few of the existing tools were handling them. To my surprise, security didn’t seem to be a big concern – they’d even download EXE enclosures, perhaps assuming that the user’s anti-virus software would stop them from being executed if they were malware. Couple automatic enclosure downloading with dynamic search feeds which contain enclosures, and you’ve got a great spyware delivery system. This is why I made sure that FeedDemon used a safe list for downloading enclosures.

If you make a living from RSS, I hope you’ll join in this conversation – either here or in your own blog – and let everyone know whether you’re thinking about this problem (or, just let me know I’m full of it if you disagree that it’s a threat).

BlogNashville

Published on by Nick Bradbury18 Comments

I live just outside of Nashville, Tennessee, and it’s not often that a conference I want to attend is hosted here, so I was excited when I heard about BlogNashville. Unfortunately, the blogging panels coincided with the anniversary of my father-in-law’s death, so I paid my respects rather than attend the conference.

I did, however, make it to Saturday night’s “Food-for-Thought” dinner, hosted by Dave Winer. I had an enjoyable evening sitting around talking with Dave, Rex Hammock and a number of area bloggers. I’ve obviously been living in a cocoon, because I hadn’t realized how many Nashville bloggers there are – I definitely need to join these folks more often.

Oh, and I was flattered to read that Dave considers me “a soft-spoken, gentle, thoughtful man.” My friends may not agree (at least, not the “soft-spoken” part), but good first impressions are always nice :) Dave also wondered about my politics, and given that I used to be an editorial cartoonist, I guess it is surprising how infrequently I blog about political topics. So, for those who are curious, my politics can be summed up by stating that I love our constitution more than I love our flag.

RSS Ads: Now it Gets Tricky

Published on by Nick Bradbury4 Comments

There have been many discussions about RSS ads lately (including my own), but so far most of these debates haven’t addressed ads in aggregated feeds.

Here’s the deal: I believe that as more people rely on RSS for information, we’ll see the problem of feed overload come to the forefront. The way this usually works is that you start using RSS like email, subscribing to a few feeds and reading everything that comes into your RSS reader. As time goes on and you continue subscribing to more feeds, you eventually reach the point where there’s too much information coming in (and too little of it that really interests you).

While there’s a lot that RSS readers can – and will – do to address this problem, I believe we’ll also rely on human “editors” to find stuff for us. These are people like Scoble, who live in their aggregators and use their blogs to share the links that interest them. Rather than subscribe to a dozen feeds about a particular topic, we might subscribe to a single feed offered by someone who is an editor for that particular topic – for example, rather than subscribe to several PR feeds, we might just subscribe to Steve Rubel’s feed and let him point out the interesting links. These editors are the ones poised to benefit the most from RSS ad revenue.

Combined with that, we’ll also rely on RSS search engines like Feedster, BlogDigger, Technorati and PubSub to find items that interest us. Forget subscribing to a hundred feeds that might have an item of interest every now and then – just subscribe to an aggregated search feed which looks for your keywords.

Few of us would be willing to pay for RSS search results, so the RSS search engines will most likely rely heavily on ad revenue. This to me is where RSS ads get tricky, and it’s something we should think about. If you use Google AdSense in your feed, what happens when items from your feed end up in the search results of an aggregate feed? Should your ads stay in place? Is it okay for the search engine to strip your ads and insert their own? How about if they insert their ads in addition to yours?

What if a search engine offers ad-free feeds for a nominal fee – is it ethical for them to make money by stripping out your source of revenue?

And if the search engines leave everyone’s ads in place, how will the aggregated search feed look in your RSS reader if each item uses a different type of ad service? Will the hodgepodge of ad styles be so distracting that we’ll find some other way to locate items of interest?

I’m sure others have thought about these issues far more than I have, so it will be interesting to see where this discussion leads us.

RSS Advertising and FeedDemon

Published on by Nick Bradbury25 Comments

Dave Winer writes:

“Advertising in RSS is just starting now, for all practical purposes. If we wanted to, as an industry, reject the idea, we could, by asking the people who create the software to add a feature that strips out all ads. Make it default to on. Then, that would force the advertisers, if they want to speak to us, to do so respectfully, by our choice. Create feeds of commercial information that we might be interested in, and if we are, we’ll subscribe. If not, we won’t.”

Like many of us, I hate seeing advertisements everywhere I go. The problem isn’t just that ads can be annoying: it’s also that advertisers affect the content we see, and I don’t wish to give them that power yet again.

So, the question is, should FeedDemon strip ads? I’ve wrestled with this quite a bit, and I’ve seriously considered making it possible to apply your own filters to what you see in FeedDemon, so that you could filter out ads by choice. These filters could be shared with other FeedDemon users, much like newspaper styles are – and hey, wouldn’t it be nice if these filters could be used by any RSS aggregator, and not just FeedDemon?

But despite my personal dislike for some forms of advertising, in the end I’ve decided that FeedDemon should not strip ads, at least not by default. I don’t wish to deprive income from those who rely on ad revenue – that in itself would shut out voices we might wish to hear. Plus, ads may give some people enough incentive to offer full-text feeds instead of excerpts, since a big reason people use excerpts is to drive traffic to their site where readers can view their ads. I’d prefer full-text feeds with ads over excerpts without them (and so would Richard MacManus).

I do understand what Dave Winer is saying – he wants advertisers to come to us with separate feeds that we choose to subscribe to because they offer useful, relevant information, and that’s a nice idea (and I expect it will happen, too). But this doesn’t necessarily translate into revenue for those who write blogs, which is why Google ads in feeds are so attractive. And there’s nothing wrong with advertising in and of itself – it’s simply that too many advertisers rely on being annoying and intrusive, and really, that’s where we need to be vigilant.

The RSS ads I’ve seen so far are fairly tame and non-intrusive, but advertising is all about getting your attention, so we know where this is headed. Luckily, RSS readers like FeedDemon already strip much of the stuff that could be used for intrusive ads (popups, ActiveX, scripting, etc.), so really annoying ads aren’t as likely to appear in your RSS reader as they are in your browser. And I guarantee you that every developer working on an RSS reader will be on the lookout for advertisers that discover exploits that enable them to intrude, and we will keep working to prevent that.

BloggerCon: The $1000 Question

Published on by Nick Bradbury8 Comments

I’m back and bleary-eyed from BloggerCon, and despite how tired I am, my brain is still buzzing with new ideas. My thanks to the participants for making it such a worthwhile conference.

One of the questions I was asked – a lot – was how I felt about BloggerCon’s rule against vendor’s pitching their products, and the fact that at times the conference had an almost anti-vendor tone. Although I joked with a few of the vendors afterwards about it, I have to say, I’m completely in favor of this rule. So many conferences I’ve been to have been nothing more than extended infomercials, so it was nice to have the vendors (including myself) shut up for a change and just listen to what people (our customers!) have to say. As is the case with politics, copyright law and far too many other areas these days, the people who supposedly benefit from technology haven’t been given a large enough role in defining it, so having the tables turned was actually a welcome change. Rather than complain about it, I simply kept quiet and took reams of notes from the discussion (as did Feedster’s Scott Johnson, whose pockets are so full of little scraps of paper that he resembles a recycling bin).

I was also asked whether I believed my $1000 donation to BloggerCon was money well spent, and I can only say hell yes. If I don’t earn an extra $1000 from ideas gained at the conference, then I deserve to be fined.

My only disappointments were that I missed the first night’s dinner, and that I didn’t get a chance to meet several of the people I hoped to talk with (Larry Lessig in particular).