RSS Security - The RSS Blog
RSS, OPML and the XML platform.
 
Copyright 2003-5 Randy Charles Morin
The RSS Blog
<< Previous Main Next >>
Thu, 22 Sep 2005 14:19:20 GMT
RSS Security

Two days ago, I fired off an email to Jason Calacanis about the new KBCafe profiles project I'm working on. Jason noticed that I was linking to an Engadget feed hosted on FeedBurner. Jason was righfully concerned that he no longer had control of his RSS feed.

I CCed the good folks at FeedBurner into the conversation and next thing you know we're joined by a couple more a-listers. Long story short, it would seem that somebody unrelated to Weblogsinc.com set up a feed for Engadget on FeedBurner and set the feed loose on the world. I think the feed had 5 figures of subscribers. FeedBurner has since redirected that feed back to Engadget's true feed. I sourced the feed URL from Feedster's top 500 OPML file.

I then decided that getting the correct feed URL had to be a priority for KBCafe profiles, so I rewrote the engine only to source blog homepages and to auto-discover the RSS feed. I then deleted the entire database and repopulated from scratch. As a result, I've introduced some new bugs, which John Roberts has helped uncover.

Notes:

Reader Comments Subscribe
Hey Randy,  Dick Costolo from FeedBurner here. As we discussed in the email thread, it is part of our terms of service that you must own the copyrights to the content of any feed you are burning. In this specific case, the feed turned out to be a test feed for a project somebody was working on,  (we contacted the person who created the feed and they responded).  We spoke internally a long time ago and decided that we would spend extra time on every service we launch to make sure that it didn't make blog spam or nefarious use of our service profitable for anybody, ever. That's why buzzboost (the feed headline 'feedroll' we created) only comes in javascript flavor, so that there's no search engine juice that accrues to somebody running a feed back into their site. That's why we haven't made any ad service publicly available other than one that specifically ensures that you have already proven content ownership. I'm not paying lip service to this, we take it very seriously, we talk about it a lot, and we already do a couple of things that make running feeds through us useless unless you're the publisher of the feed. We have some other ideas, and Jason C. at Weblogs, Inc. has a bunch of great ideas on this front as well.
Type "339":
Top Articles
  1. Unblock MySpace
  2. MySpace
  3. FaceParty, the British MySpace
  4. del.icio.us and sex.com
  5. Blocking Facebook and MySpace
  1. Review of RSS Readers
  2. MySpace Layouts
  3. RSS Stock Ticker
  4. RSS Gets an Enema
  5. Google Reader rejects del.icio.us