My favorite XML-RPC debugger has been taken offline because of a huge security vulnerability in Python's SimpleXMLRPCServer library:
Pat Buchanan was doused with salad dressing at a speaking appearance last night at Western Michigan University, which follows an incident Tuesday in which William Kristol was hit with a pie at a small college in Indiana.On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance's class(es), potentially leading to data loss or arbitrary code execution. If the registered object is a module, the danger is particularly serious. For example, if the registered module imports the os module, an attacker could invoke the os.system() function.
The video of the Buchanan incident will circle the globe (tag humor, politics, liberal), but I have trouble finding the hilarity in it.
Without a doubt, a public figure hears regularly from nutjobs who threaten violence. As Buchanan and Kristol were being charged aggressively, they had no way of knowing if the assailant intended to cause real harm.
Take a look at Buchanan's face as this incident happens. When he declined to press felony assault charges at the condiment-wielding dork in the mohawk, he was being far too kind.
WordPress Takes a Negative Position
WordPress lead developer Matt Mullenweg has been quietly trading on the site's high Google PageRank, hosting more than 150,000 junk articles created solely to draw ad clicks on high-dollar keywords like asbestos and debt consolidation.WordPress.org hides links to the junk pages using a negative positioning trick in CSS:
<div style="text-indent: -9000px; overflow: hidden;"> <p>Sponsored <a href="/articles/articles.xml">Articles</a> on <a href="/articles/credit.htm">Credit</a>, <a href="/articles/home-buying.htm">Home Buying</a> and <a href="/articles/web-hosting.htm">Web Hosting</a></p> </div>
People are reluctant to criticize Mullenweg, a well-respected (and young) developer who has turned WordPress into a critically acclaimed open source blogging tool. I've corresponded with him a few times and been impressed with his work.
As I read about this, I couldn't help but recall his stridency in calling for a boycott of a web site a year ago:
I care about the health of the web, the long-term viability of the sites and pages and documents that are shaping our culture and society. On a deeper level I hold a number of principles that the web should be efficient, standards-based, and accessible. No site is perfect, but some try and some don’t.
Lockergnome regressing from the standards-based is more than just a bad business decision, it is essentially giving the middle finger to the community around the world that cares about these things. ...
I'm not just unsubscribing, I'm boycotting. There comes a point when you see blatant disrespect for things you care about and you can either sit back and pretend it doesn't bother you or you can speak out. It's two different types of people, and if you're one of the former then you should examine the effects of your apathy.
Mullenweg's wrath was provoked by the site's conversion from a CSS- to table-based web design.
It was a huge blunder for him to cash out on the credibility bestowed on WordPress with this shady, intentionally hidden advertising scam. He's already paying a price -- Google dropped the site's home page from PageRank 8 to PageRank 0 and removed all of the junk pages.
If I were a WordPress devotee, I'd give him a chance to apologize and make up for this. Everybody makes mistakes. However, let's not pretend it wasn't a middle finger to the community around the world that cares about these things.
I Pay 6% More on Internet Purchases!
I'm going to start selling products over the web, so I recently acquired a Florida sales and use tax permit that requires I collect sales taxes and file quartertly payments.In my first filing yesterday, I discovered that Florida residents are required to pay a 6 percent use tax on all retail purchases they make over the Internet with companies outside the state, unless the retailer includes the tax in the purchase.
You're supposed to voluntarily report these purchases and submit the tax quarterly, removing one of the best perks of online shopping -- the lack of a sales tax.
A TurboTax FAQ claims that most states demand use taxes from their citizens, but enforcement has been lax until so many people started shopping over the web, mail, and television:
States generally impose a use tax to collect taxes from their citizens who buy items from an out-of-state vendor who is not required to collect sales tax for that state. The tax insures that the state gets its money from all purchases by its citizens, whether they buy locally (in which case they must pay the sales tax) or from out-of-state sellers (in which case the citizen often owes the use tax).
I'd be amazed if even 1-in-1,000 people was paying this tax, though a recent Forbes article predicts that cash-strapped states will increase enforcement.
I shop online through a single credit card, so I downloaded my first-quarter purchases from Advanta in Excel format, paying an extra $7.83 to Florida for a new PalmPilot cradle, Kahlon laptop battery, and Teen Spirit: The Tribute to Kurt Cobain.
I'm enjoying several of the active webloggers on Buzzword.Com, which makes it all the more painful that I've been remiss in site maintenance lately.The server will be down for a few hours this weekend so that I can compact the database files and fix a problem with the shared network drive I'm using for site backups.
Florida attorney Matt Conigliaro has done an unbelievable job of reporting on the state legal issues of the Terry Schiavo case.Beginning in August 2003, a month after he began his weblog, Conigliaro has covered the subject extensively, providing a reference page that manages to be both thorough and fair, though some people would consider his respect for the legal process as an attempt to pick sides:
The facts of this case are terribly sad, but they are not hard to understand. There's really nothing to be confused about, and as best I can tell, nothing's been overlooked by anyone. Terri's situation has arguably received more judicial attention, more medical attention, more executive attention, and more "due process," than any other guardianship case in history. Terri's family has had the benefit of excellent legal representation as well as the Governor's own top-notch attorneys, all of whom have scoured the case for ways to assist the effort to keep Terri's feeding tube in place.
One of the killer applications of weblogging is subject expertise like this. The report-today, gone-tomorrow mainstream media can't often cover something complicated and technical with the same depth as a dedicated expert like Conigliaro, especially television news.
The Online Journalism Awards should be opening for entry nominations again in July. If there are narrow-subject blogs out there as award-worthy as Conigliaro's, I'd love to find them.
FeedBurner Users: Playing With Fire
I read this morning that Andrew Sullivan has added syndicated feeds to his weblog using FeedBurner.No offense to the FeedBurner developers, but every time I see this, I marvel that another weblogger has handed over their most loyal readers to a third party.
FeedBurner offers several features for feed providers, but only one seems genuinely useful: better feed-reading statistics.
The others -- multiple feed format support, podcasting enclosures, Creative Commons licensing -- are easy to get elsewhere. If you aren't using a weblog publishing tool that supports them, you're on the wrong software.
The most highly touted feature of FeedBurner, support for all of the syndication formats, has become a trivial issue. Every popular aggregator can read Atom, RSS 1.0, and RSS 2.0 today, so there's little disadvantage to publishing in only one of these formats.
Perhaps I'm underselling FeedBurner (Stewart Butterfield of Flickr digs them), but people relying on a free web hosting service are taking a huge risk. What position will FeedBurner users be left in if it goes offline, goes pay, or cancels the account?
There's only one place on the FeedBurner site where I could find anything addressing this risk -- the terms of service, which sensibly protects the company from liability:
[Burning Door Syndication Services] may also in its sole discretion, for any reason or no reason and at any time discontinue providing the Service, or any part thereof, with or without notice. You agree that any termination of your access to the Service under any provision of this Agreement may be effected without prior notice, and acknowledge and agree that BDSS may immediately deactivate or delete your account and all related information and files in your account and/or bar any further access to such files or the Service. Further, you agree that BDSS shall not be liable to you or any third-party for any termination of your access to the Service.
Andrew Sullivan will draw thousands of feed subscribers, considering the popularity of his weblog. Wil Wheaton has 12,000 reading him through the service.
If FeedBurner goes out of business, which is the most likely outcome for any Internet startup, they'll instantly lose that entire audience.
Can someone using this service explain how its benefits are worth taking that kind of chance?
Social Media
Subscriptions
Blogroll
Projects
RSS Advisory Board
How to Read an RSS Feed with Java Using XOM
The RSS Advisory Board Just Turned 20
Downloading 50,000 Podcast Feeds to Analyze Their RSS
Tara Calishain Explains: What is RSS?
Be Unique And Use RSS Guid Like Everybody Else
Statistics
This blog has been published since Nov. 7, 1999 (a span of 9,499 days).
Thank you for visiting Workbench.
