Bad wake-up call: theregister.co.uk reports on Erik Marcus, a podcaster who has had his podcast feed hijacked by Podkeyword.com (no link, you know why). Why am I concerned? Guess under what name my Smoothpod Mashup podcast is registered in iTunes?
What is podcast hijacking
(…) it merely involves finding a target podcast, and creating a new unique URL for it on a website you control. You then point your URL to the RSS feed of the target podcast. Next, you do what it takes to make sure that as new podcast search engines come to market, the page each engine creates for your target podcast points to your URL instead of the podcast creator’s official URL. (Colette Vogele)
So years can go by and then the hijacker strikes: At some point, [the hijacker] can then spring out of the woodwork and demand payment from [the] target [podcaster].” The podcaster is “supremely vulnerable”, because the hijacker can at any moment change URL pointer to any other show of the hijacker’s desire and the target podcaster’s audience will “vanish.” (corante)
So someone provides a mirror service for your podcast feed, gets it registered with major podcast directories and search engines and can then choose whether to just mirror your feed, alter it (e.g. insert advertising), or replace it by whatever he feels like. That, in short, is the businessplan of podkeyword.
Who is behind podkeyword?
Some research shows that a George Lambert from Nashua (NH) is the owner of podkeyword.com (registered in Oct 2004). He also has Goldenware Travel Technologies (goldenware.com), providing airline timetable services (so he’s used to repackaging other people’s data). Another of his projects is cashcowmarketingplan.com, a spam-infested blog on “getting rich quick on the Internet”. This is worrying!
Let’s get rid of podkeyword
Here is what has to be done:
- by every podcaster
- check if you are affected: search for your podcast to see if it has been hijacked:
on iTunes: subscribe to your own feed because you won’t be able to see the actual feed URL unless you’re subcribed. If it’s a podkeyword URL, click the “Report a concern” button and tell Apple this is a wrong feed URL, give them the right one.
on Yahoo: search for it and if both your real feed and the podkeyword feed are present (I found 2 podkeyword feeds for my own podcast), give the hijacked ones a bad review (give it 1 star and write a review about the hijack) - by every podcast directory/search engine (iTunes, Yahoo, you listening?)
- restore hijacked feeds (Remark: the following is NOT real code, just some pseudo code to clearly explain what should be done)
for $victimFeedURL in (*.podkeyword.com feeds){ # get the content of the feed $victimFeedXML=getHTTP($victimFeedURL); #every feed contains the URL of the homepage $victimSiteURL=ParseRSS($victimFeedXML,"channel.link"); #get the HTML of the homepage $victimSiteHTML=getHTTP($victimsiteURL); # get the URL of the feed the author has specified $victimRealFeed=parseHTML($victimSiteHTML, "head.link('application/rss+xml')"); if($victimRealFeed "" AND $victimRealFeed $victimFeedURL){ #replace *.podkeyword.com by real feed URL $victimFeedURL=$victimRealFeed; } } - by Feedburner (since they are an important podcast feed provider)
- detect the feeds that are being queried by podkeyword (I don’t see them showing up as a separate UserAgent in my Feedburner stats, but Eric Lunt and his gang won’t have too much trouble finding them anyway) and (a) warn the feed owners that they might be hijacked, (b) offer the feed owners the option to include an extra post in their feed to alert their subscribers to switch to the real feed.
Doesn’t Feedburner do the same kind of thing?
Not at all. Feedburner also mirrors and alters RSS feeds but there are some really big differences:
- Feedburner is not evil. That is my opinion and I might be wrong, but I’ve had contact with Feedburner on several occasions and they seem to be a bunch of intelligent and down-to-earth geeks. Plus they have found a way to make money with Feedburner without taking advantage of people.
- Feedburner has added value: they convert a feed to a valid podcast feed, they can splice different feeds together, they provide essential stats.They deserve their place as a middleman.
- Most importantly: I have voluntarily chosen Feedburner as my service provider! I configured it myself and I added the Feedburner RSS feed link to my blog’s HTML template. On the other hand, I didn’t contact podkeyword, I have never asked them to do anything for me.
Technorati: podcast - hijack - itunes - yahoo - feedburner
If you're new here, you may want to subscribe to my RSS feed or receive updates via email. Thanks for visiting!
Related posts:
- Subscribe to this blog Subscribe via RSS http://feeds.feedburner.com/ForretcomBlog (RSS/Atom) Subscribe with your favorite feedreader:...
- Moving up the feed chain While playing with Feed43 recently (an excellent anything-to-RSS converter), I...
- Christmas present: podcast feed validator! I get a lot of “what is wrong with my...
- New podcast icons based on Firefox/IE feed logo You might have heard that the Microsoft IE team (and...
- Metatale Flemish Top 20 Top 20 meest invloedrijke Vlaamse weblogs site: www.metatale.eu/top-100 feed: feeds.feedburner.com/MetataleTop100...
Related posts brought to you by Yet Another Related Posts Plugin.
I’m sure that you’ve gotten numerous responses on this already, but here it goes anyway. Why not protect your podcast files just as people have been protecting images from hotlinking for some time now? Setup rules in an .htaccess file that only rss feeds that reside on your server, or servers that you designate as “trusted” can link to your files. Granted, this SHOULD be done immediately, to prevent the hijackers from building an audience, based on their hijacked page, but even done later, it would allow you stop the hijackers. You could even add a custom message that would let people know that they arrived there via a hijacked link.
Jeff
Thank you for your excellent analysis, Peter. This sounds like something that we can and should do … if anyone else has any additional suggestions for how we can prevent (or at least detect) hijacks, please let me know at feedback [at] feedburner.com or our forums at http://forums.feedburner.com.
Eric Lunt
CTO, FeedBurner
Just ran into this post from Feb 2005:
Regardless of how useful or well-used it ever was, the point is now moot. It appears that every sub-domain of podkeyword.com now points to Golden Hawk Technology. Even ones that I suspect were never registered (like http://f*ck.podkeyword.com/) resolve to the Golden Hawk Technology webpage.
kinrowan.net/blog/wp/archives/2005/02/28/bait-and-switch
Peter - someone using your email address registered your podkeyword
is it a case that someone misused your identity?
Why dont we try getting all of the facts straight - I never hihacked anyone.
67 83 smoothpod http://feeds.feedburner.com/SmoothPod peter@smoothouse.org S253
I just interviewed Mr. Lambert, the gentleman being accused of doing this, and he has some very interesting things to say. In fact, every single post that I have seen to date has been wrong.
The interview is at http://www.unsignedpodcastnetwork.com
Also, I break it down somewhat in my blog.
http://www.unsignedpodcast.blogspot.com
Very interesting how anything the press has said is not true.
Let’s everybody jump to conclusions and start a blog!!
Regarding this “podjacking” controversy…
I just spoke with George Lambert, the owner of podkey.com. He was on my radio show this past Saturday night:
http://onlinetonight.com
and my Personal Netcast podcast directly after:
http://feeds.feedburner.com/pn
I also spoke directly with Erik on the subject, so I believe that I am the only person so far that has spoken directly to both parties, and also am registered at both Feedburner and podkey.com.
it’s nice, Peter, that you think Feedburner is not evil. I happen to agree. That doesn’t mean that someday they, or anyone that might acquire them, or any other site on the Internet (like, oh, I don’t know…Google?) might not turn to the dark side. Again, note, I use my Feedburner feed, so I like them, too. That’s irrelevant. Feedburner and podkey.com serve exactly the same purpose: redirection of your feed so that you can change in at will, and take advantage of whatever value-added services both offer (chiclets, ad insertion, subdomains, whatever).
I submit that your take on George Lambert is based entirely on what you’ve read on a website that should have behaved more like a trusted publisher and less like the National Enquirer.
This is what I told Erik’s lawyer, Colette:
My take on this: George Lambert is being unfairly blamed, and you and your client, Erik, don’t understand the very simple technological constraints here. There’s no difference here between George’s free service, podkey.com, and Feedburner podshow.com’s proposed redirection service, or any other redirector/aggregator.
After speaking with a clearly shaken George Lambert, who have been getting phone calls in the middle of the night from people who don’t know the full story, I believe that Erik Marcus, the vegan podcaster, who had registered vegan.podkey.com and a series of keywords associated with vegetarianism about a year ago, noticed that the podkey URL that he had registered with George was getting more play on the search engines than his original vegan.com feed was, and in fact, via OPML, had been picked up by iTunes and Yahoo in addition to his direct feed.
Wanting to aggregate his traffic, he asked George to remove the feed, which George did. Erik’s traffic then, predictably, dropped a lot (75% it appears), since people had been subscribed via the podkey.com feed. He panicked, called George and told him to reinstate the feed, which George agreed to do, and did.
Erik also demanded that George remove those vegan-oriented keywords and their association with the podkey feed from any existing OPML feeds (impossible) and prevent anyone from registering those podkey keywords (unreasonable but doable with special coding), and that’s when George then became annoyed.
To be clear: George is NOT preventing the podcast from being fed at either feed point, and he’s done every thing that Erik’s asked other than do custom programming to filter out keyword based individual vs. OPML requests.
I think this needs to be made clear, and I will on tonight’s show and podcast. And I think we should reserve the word “podjacking” for real fradulent activity.
And, I am more than happy to give you equal time on the air to discuss anything I’ve missed. You may want to save your words for court, but it appears that you also may want to tell your client that this case has no merit.
So…who’s going to actually take a breath, stop the flaming, and start looking at actual facts?
I know a little bit about the folks behindPodkeyword.com because I had some early discussions with them about the idea, about a year ago. They merely provide a free ‘booster’ service to relatively unkown podcasters who have a small internet footprint. The hope is that a few shows, amongst the many, might attract big audiences and lead to related business. They make no claim concerning content ownership but di expect some recognition for their efforts and possibly some revenue stream in the future.
The fact that one successful podcaster now wants to abandon one of his early supporters is just human nature at it’s worst and is causing the podkeyword.com folks a lot of unwanted and unecessary grief. Don’t look for conspiracies where none exist.
Podkeyword.com is still an excellent place for listeners to locate free content that may be of interest to them and reward those podcasters with their ears.
Read the full story at http://www.zzine.org/read.php?op=view&item=1375
Get your facts straight before spewing lies, mkay, thanks. So much for the bloggers having more objectivity than the traditional media. This story is just the same rehashed lies that the media itself spewed. Good work uncovering the facts citizen journalist.
Oh come on, dont be so hard on him… why would anyone bother to get facts straight when he can get a really cool story by paraphrasing media outlets and adding personal opinions disguised as ‘fact’?
I’m willing to accept that Mr. George Lambert, or ‘Marchon’ as some refer to, acted in good faith, although starting a spam blog called cashcowmarketingplan.com didn’t do much for his credibility. I’m also willing to accept that for some reason he was more succesfull in getting his mirrored feeds into the iTunes directory than the original authors were in getting theirs. If so, I’m sorry that this whole thing turned into a marketing disaster for his service.
While his idea was not bad (make podcasts easier to find), he should have made a redirection service to the podcast web page, not a mirror service for the feed. It will always be the podcast author who wants to decide about the feed URL, and who will add it as a link rel=”alternate” type=”application/rss xml” to the blog’s URL.
As for the numerous defenders of Mr. Lambert: you can write a comment, no problem. But if you have such a strong opinion against blogs/bloggers and all the bad they do, don’t be a coward and put your name under your comment. I will delete future “anonymous” reactions.
This blog entry is ridiculous, sorry.
I really find it funny how one article in the register can provoke this kind of reactionary response from so many ‘podcasters’. The fact’s, which I won’t repeat because George has laid them out very well himself at podkeyword.com, are that no-one was ever hijacked or even redirected. George was providing a free service, which Marcus signed up for, then didn’t like the fact that George’s service worked really well and Marcus got loads of listeners. Hello?! I think this goes to show that idiots and the internet do not mix well.