Comments on: Your Podcast can be hijacked

By: Podfeed Podcast Nederland

Podfeed Podcast Nederland — Tue, 13 Dec 2005 19:04:18 +0000

Extortion! Hijacking! Podjacking!

Er is al geruime tijd behoorlijke commotie rondom de site Podkeyword, alwaar podcasters zich konden aanmelden om via zelfgekozen keywords luisteraars naar hun podcasts te drijven.

By: Anders

Anders — Sun, 11 Dec 2005 01:22:57 +0000

The podkeyword.com story is a bit one-sided. The podcasts were automatically posted to Yahoo and iTunes through OPML and not directly by podkeywords.com so he’s stuck looking like a podjacker.

http://www.anders.com/cms/136/Podjacking/Podjack

By: Anders.com: Interesting Technology

Anders.com: Interesting Technology — Mon, 05 Dec 2005 15:16:47 +0000

Podcast Hijacking

While podcast hijacking is just like standard RSS hijacking and in theory very possible, it is so rare that I have never seen a case of it in the wild. There are, however, several “due diligence” things that can be done to cover your bases if you are…

By: Peter Forret

Peter Forret — Fri, 02 Dec 2005 18:31:47 +0000

A suggestion for action: http://blog.forret.com/blog/2005/12/lets-get-rid-of-podkeywordcom.html
“Here is what has to be done:
A) by every podcaster
check if you are affected: search for your podcast to see if it has been hijacked:
* on iTunes: subscribe to your own feed because you won’t be able to see the actual feed URL unless you’re subcribed. If it’s a podkeyword URL, click the “Report a concern” button and tell Apple this is a wrong feed URL, give them the right one.
* on Yahoo: search for it and if both your real feed and the podkeyword feed are present (I found 2 podkeyword feeds for my own podcast), give the hijacked ones a bad review (give it 1 star and write a review about the hijack)
(…)”

By: swashbuckler

swashbuckler — Thu, 01 Dec 2005 09:52:20 +0000

Here you go…

Podcast Hijacked, Held for Ransom
http://www.eweek.com/article2/0,1895,1894827,00.asp

By: Anders

Anders — Wed, 30 Nov 2005 22:27:30 +0000

Right, but you’re on a sinking ship if you hijack and include ads because people will eventually go to the source because it doesn’t have ads. Of course if you have ads in your RSS, which I don’t think is a good idea aside from maybe a sponsored by logo, then it’s even worse because the hijacker would have to strip out your ads as well. Basically, they can rip off my RSS feed, but I don’t really care because all my URLs are fully qualified and point back to me. I really don’t think it’s worth it to hijack at this point. I could be wrong, but that’s what I see given the technological cost.

Now there is a danger if someone were to go ad free and garner enough links so that Google points to the hijacker as the authoritative source, but this takes a long time and there are many warning signs such as foreign referrer tags in your webserver logs before this becomes a problem. I’m not loosing sleep over it.

By: Wes Felter

Wes Felter — Wed, 30 Nov 2005 21:01:18 +0000

Why strip any identification? Just add on your own ads to the hijacked content and watch the money roll in. I don’t know if this would work for podcasts, though.

By: Anders

Anders — Wed, 30 Nov 2005 18:52:42 +0000

Actually I think RSS hijacking of blog content is more of a danger than podcast hijacking. While a malicious site can masquerade your legitimate podcast, it’s much harder to automate stripping your identification from an MP3 podcast than it is from blog content, which is essentially just text. Aside from the rare case where a masqueraded RSS feed (podcast or blog) gets a higher search ranking than the legit content, I don’t think there is much risk here. Dropping your name or URL inside content is always a good countermeasure.

By: Wes Felter

Wes Felter — Wed, 30 Nov 2005 18:05:22 +0000

This is actually a form of search engine hijacking, and could be used to hijack anything (Web sites, regular RSS feeds, podcasts, whatever).

Occasionally I’ve noticed other sites republishing content from my RSS feed, and the republished version gets into Google and Technorati instead of the original (because the search engines filter out “duplicates”).

By: Make You Go Hmm: » The return of Hmm quickies #21

Make You Go Hmm: » The return of Hmm quickies #21 — Wed, 30 Nov 2005 15:59:40 +0000

[...] – yesterday there was no WiFi in the RTL conference center area itself, although there was connectivity outside (for a fee), so all my blogging was offline. I have dozens of pictures and a detailed blog post about the Ready To Launch event which I’ll be posting later. – Russell notices that PSP firmware 2.60 now has podcasting and RSS support. – turns out Sony might have known about the rootkit in some of their CDs sooner than when it was exposed and villified in blogs, and they claim they were investigating and planning to announce a fix. Yet another strange contradiction to their spokesperson’s initial nonchalant attitude. Oh, and the lawsuits continue, ouch. – Another ouch: Om points to one of the things about podcasting that has bugged me for awhile: the ease by which some sites hijack podcast feeds. – And to keep the pain going, Vonage didn’t make the 911 deadline and now might have trouble signing up new customers. – Yahoo Mail and Alerts (beta) have added a built-in RSS Reader to their invite-only beta mail service. I haven’t checked out the new beta Yahoo mail client but the old one pretty much sucked. – I installed Office 2003 Professional yesterday morning on my Tablet and Outlook 2003 crashes immediately every time it opens. How useful. Looks like I might be calling tech support when I get some more time (probably not today), if I can’t find a quick solution digging through their support forums and Google with the error report. Argh. [...]

By: Alex

Alex — Wed, 30 Nov 2005 15:44:59 +0000

I think the idea is that while initially the alacious sites will be streaming your content, what can happen after awhile is that users listening to your podcast through the malicious sites may be diverted to other content, because the malicious site can easily change it’s link.

What allows blackmail is the malicious site becoming universally known as the “proper” source for your podcast, leading podcast search engines, aggregators, and other services to attribute your podcast’s content to the malicious site rather than you.

I, for one, think this risk is rather overblowm. It has apparently happened to erik’s diner (http://cyberlaw.stanford.edu/blogs/vogele/archives/003636.shtml ) but all you really need to do is to check that the popular podcast aggregators are obtaining your content from the your source. If you do that – any possible problem vanishes.

By: Things That ... Make You Go Hmm

Things That ... Make You Go Hmm — Wed, 30 Nov 2005 15:37:22 +0000

The return of Hmm quickies #21

Once upon a time at this blog, we did something called Hmm quickies, which essentially were very short posts, mostly one-liners filling up a single meatier post. These were handy for expanding on several different things happening quickly. No, they…

By: Chris

Chris — Wed, 30 Nov 2005 15:03:26 +0000

We actually talk about the issue of people stealing content in our two part podcast with Jason Calacanis at http://www.web20show.com. There is a very real problem out there with people stealing content. The blackmailing aspect is a new one to me though. I’ve mostly seen it used to game Adsense.

By: » Your Podcast can be hijacked The Blog Herald: more blog news more often

» Your Podcast can be hijacked The Blog Herald: more blog news more often — Wed, 30 Nov 2005 10:38:20 +0000

[...] 30th, 2005 and is filed under Satire-Humour. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently notallowed. [...]

By: John Furrier

John Furrier — Wed, 30 Nov 2005 05:41:24 +0000

This is a big deal that is why PodTech has “Podcasting Trust Services” for corporations. If any corporation is interested in podcasting they need to have a stategy for this trust issue. Feel free to contact me at john at podtech dot net

This is something that corporations need to understand.

John Furrier
Founder PodTech Network

By: ravneet

ravneet — Wed, 30 Nov 2005 00:12:12 +0000

Wouldnt it be your podcast that actually gets streamed, only via someone else’s link/referral?

Maybe I am missing out something too…