Podcasting: You're Soaking In It!

Jewish lesbian shock jock Madge Weinstein kicked my "S" yesterday during a 10-minute rant about Adam Curry's role in podcasting:

You gotta realize, and I didn't realize this until I started getting more popular with my podcasts, when people blog ---- -- ----, did I spill my water? no -- when people blog ---- -- I'm resting the microphone on my fat, now. You're going to get mike noise, I'm sorry, and it's going to be all bad. This is bad. You know, it's all bad. When people blog things a lot of times they blog it because they think a lot of people will read it, and it's as simple as that. And I think that's what Rogers Cadenhead did, the man with the extra S ...

I've attached her rant as a podcast, naturally. The actual audio doesn't contain Arthur Fiedler's theme from The Longest Day. I added it to test my theory that all podcasts would sound better with patriotic background music.

Wikipedia · Podcasts · Podcasting · 2005/12/13 · 5 COMMENTS · Link

Podcasting: Accept No Imitations

Randall Stross, New York Times, July 3, 2005:

"Podcast" is an ill-chosen portmanteau that manages to be a double misnomer. A podcast does not originate from an iPod. And it is not a broadcast sent out at a particular time for all who happen to receive it.

Steven Chen, China Daily, Sept. 8, 2005:

The term podcast, a portmanteau of two words, broadcasting and iPod, Apple Computer's now ubiquitous music player is something of a misnomer, since such files do not need either an iPod or a portable MP3 player to be played ...

Wikipedia's podcasting entry, Nov. 30, 2005:

"Podcasting" is a portmanteau that combines the words "iPod" and "broadcasting." The term is a misnomer since neither podcasting nor listening to podcasts requires an iPod or any portable player, and no broadcasting is required.

Chris Noon, Forbes.Com article, Dec. 7, 2005:

A "podcast" is at once a portmanteau; derived from the words "broadcasting" and "iPod", and a misnomer; neither podcasting nor podcast listening requires an iPod, and no broadcasting is really required. Even so, portmanteaux and misnomers are not precluded from appearing in the dictionary; hence the word's selection as the Word of the Year by the New Oxford American Dictionary.

The next word of the year should be originality.

Journalism · Podcasting · Wikipedia · 2005/12/12 · 12 COMMENTS · Link

Congress Studies Cruise Ship Disappearances

On Tuesday, two Congressional subcommittees will hold a joint hearing on the subject of cruise ship disappearances and crimes that take place aboard the vessels.

My wife M.C. Moewe, a reporter with the Jacksonville Business Journal, spent six months tracking down information on cruise ship passengers who disappeared or went overboard, an elusive subject because most incidents happen in international waters or foreign jurisdictions. She found 12 passengers since 2000, including five within the preceding year. Though the majority are believed to be suicides -- anyone who looks over the rail of an oceangoing ship knows you could disappear forever in those waters -- clues suggest that a few, horribly enough, might be homicides.

Since then, the number has grown to at least 17, including Jill Begora, 59, a Canadian woman who vanished Saturday before the 2,100-passenger Royal Caribbean Jewel of the Seas arrived in Nassau, Bahamas.

Moewe will be traveling to Washington to cover the hearing. I'm hoping that when C-Span posts tomorrow's full TV schedule at around 5 p.m. today, the hearing will be one of the events they televise. I want to record for posterity the moment at which she became too big-time to associate with her husband the blogger.

I love reporters who poke around the byzantine bureaucracy of Washington, looking for overlooked stories while their peers are hanging out in the White House hoping the president gives them a nickname. I wanted to be I.F. Stone when I grew up.

Since her original story ran in June, Moewe keeps getting contacted about the subject. She's heard from four TV news producers, one family member of passengers, and two guests on ships where incidents occurred.

Tomorrow's hearing was called by Rep. Christopher Shays of Connecticut, who knew George Allen Smith IV, a 26-year-old honeymooner whose July disappearance from another Royal Caribbean vessel is being investigated by the FBI.

Journalism · Jacksonville · Florida · 2005/12/12 · 29 COMMENTS · Link

Mena Trott Declares Civil War

In a keynote address at the Les Blogs conference yesterday, Six Apart founder Mena Trott cut short her call for blogger civility to put a bleep in his place:

Who is dotBen? All day yesterday you've been an ------- to the people who've been in this town and I want to know why don't you, why, what the ----?

It's hard to fairly judge the situation without seeing the events that led up to it, but that's never stopped me before. Trott showed courage giving a speech at the Six Apart-organized conference in front of screen that projected live online chat, a relatively new phenomenon called a backchannel, but I agree with the point Ben Metcalfe seemed to be making when dragged in front of the whole class -- you can't always be nice if you're being honest.

The comments Shel Israel made right before the confrontation are pretty funny in retrospect:

It's a different world now and it's a new way of expressing things. It's a much faster world we live in, so I guess we got to live with it and every story has two points of view and we have to listen sometimes to see what other people think.

Update: Here's a longer excerpt of Trott's speech (and the transcript), which she intended in part as a challenge to backchannel behavior:

I started to get incredibly nervous about appearing on this stage today. ... The main reason I was scared and I'm still scared, is that IRC backchannel. ... I've seen people make comments on these channels that they would never say to somebody's face.

Movable Type · Civility · 2005/12/07 · 31 COMMENTS · Link

Spammer Messes with My Headers

A few weeks ago, I mistakenly believed that I had closed a PHP mail form vulnerability that let spammers use my web server to send mail.

Another batch of penis enlargement and phentermine pitches were sent through my server last night, which I discovered when "rejected bulk e-mail" bounces found their way to me. A spammer exploited a mail script I had written that coded the recipient address like this:

$recipient = "info@ekzemplo.com";

I thought the script was secure because users couldn't change the recipient. As it turns out, there's another giant programming blunder in these lines of code:

$name = stripslashes($_REQUEST['name']);
$email = $_REQUEST['email'];
$subject = $_REQUEST['subject'];
$comments = $_REQUEST['comments'];

mail($recipient, $subject, $comments, "From: ".$name." <".$email.">rn" . "Reply-To: ".$email."rn");

As I learned last night, plugging user-generated fields into PHP's mail function leaves you susceptible to header injection, a technique that sends multi-line input to any field on a web form in the hope that each line will be interpreted as a mail header.

A spammer in Seoul, Korea, sent the following as the name field when calling the script:

to
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: transcribe
bcc: charleselegb@aol.com

The script interpreted each of those lines as a real e-mail header, so charleselegb@aol.com received an e-mail with the text "2977b873a006112f1567c66ac468690a", which I'm guessing is encrypted text that identifies my server and script. The spammer's running software that crawls the web and hits forms, noting any that successfully send mail back to a test account. A Google search for that e-mail address shows Charles has been busy.

I've written a function that removes multi-line input -- identified by newline and return characters -- and prevents a spammer from defining multiple e-mail recipients:

function sanitize_request_input($input) {
  if (eregi("r", $input) || eregi("n", $input)) {
    $input = "";
  }
  $input = str_replace(";", " ", $input);
  $input = str_replace(":", " ", $input);
  $input = str_replace(",", " ", $input);
  $fields = explode(" ", $input);
  return $fields[0];
}

The function's called on any single-line text field contained on a form -- using it on multi-line textarea input would wipe out the text. The fix seems to have deterred Charles, who thoughtfully tried the exploit a few more times after I uploaded the new script, so I am again declaring victory over net abuse.

This is part two in an ongoing series.

Security · Programming · Php · 2005/12/07 · 5 COMMENTS · Link

UserLand Frees Up Manila Servers

UserLand Software is discontinuing free Manila hosting, as I discovered last week when one of their users sought refuge on Buzzword.Com. Edit This Page shut free service on Dec. 1 and ManilaSites will do the same Dec. 31.

I can offer free hosting on Buzzword, but webloggers who are committed to publishing with Manila should be advised that I'm migrating the server to new software by May 1, 2006. A better long-term option for those folks is to subscribe to Weblogger.Com or UserLand.

(As an aside, if you're a fan of a long-running blog on one of those servers, this would be the ideal time to donate a year's hosting. Moving a weblog in a hurry is a huge pain in the ass.)

I've found in 18 months of running Manila that I'm genuinely bad at it. Server uptime has been lousy, because you have to know enough to counter the enormous amount of abuse that comment and referral spammers dish out on a weblog server hosting 3,000 users. Every month or so, I get another "it's not you, it's me" letter from a Buzzword user who wants to break up but is afraid to sound ingracious. The most recent were David Golding and Julian on Software, and I'm pretty sure that Craig Jensen wants to start seeing other people.

I have a fighting chance against net abuse on a Linux box running Apache, MySQL and PHP, because I've been hacking away on one for more than five years. I knew I had reached a significant milestone in my quest for m4d sk1llz last spring when Workbench survived 500,000 hits in two days.

Next year, Buzzword will become an ad-supported free weblog host running entirely on Linux and other open source software. WordPress has a new multi-user version that's currently being beta tested. I suspect it will be the publishing tool that I choose.

Sites that are still on Buzzword at the time of the upgrade next year will be automatically migrated, so publishers can see whether they should stick around. I moved a Manila weblog to WordPress this weekend for a work project and it was easy -- the software supports RSS 2.0 as an import format.

In the meantime, Buzzword users may experience outages of unexplained origin for indeterminate length.

Rss · Publishing · Php · Mysql · Manila · Linux · 2005/12/05 · 2 COMMENTS · Link

A Hundred Visions and Revisions of Podcasting

I don't want to get into an argument with Adam Curry, because he has better production values. It was a relief not to be criticized in stereo during his 40-minute mea culpa on Friday's podcast of Daily Source Code.

I'm one of the only people who had no role in the history of podcasting. I was around when Curry asked Dave Winer to add the enclosure element to RSS and Radio UserLand in 2001, but I thought it was a dumb idea that would never go anywhere. My opinion was something along the lines of, "I think there is a world market for maybe five podcasts."

In a comment today to Stephen Downes, one of the people he edited out of Wikipedia's now-infamous podcasting entry, Curry admitted that it was intentional:

When editing the 'history' I didn't feel this was a significant contribution in the chronology as it did not influence me.

But as I have stated publicly, having seen actual video of the session where Kevin Marks demo'd a system similar to what I built 8 months later, I have to revise my position on all of podcasting's history. Audioblogging had it's place in there as well.

The process of 'truth' discovery through open wiki's seems pretty broken to me when I get 'outed' without some form of process among contributing editors with opposing views.

I think the truth discovery process is working about as well as it ever does on the web. Wikipedia's the perfect place for a tag-team, no-holds barred cage match of competing ideas. I'm glad this controversy is giving people like Downes, Marks, and Harold Gilchrist some attention. They were podcasting when podcasting wasn't cool.

Gilchrist especially has been overlooked in the mad dash for glory. When podcasting began to take off in 2004, he had two years experience delivering audio content in syndicated feeds and evangelizing the concept.

When the media fell in love with the idea that a former MTV veejay with full-bodied, luxuriant hair was the podfather, a lot of bloggers followed suit and Gilchrist was overlooked, much to his chagrin:

If you watch this Audioblogging video you will obviously see that the demostration and explanation of Audioblogging (circa 2003) gives credit where credit is due, explains and illustrates the use of enclosures with audioblogs and exactly explains Audioblogging the way you hear Podcasting explained today. Just a whole year earlier. The IPod is even mentioned with its tie to audioblogging and enclosures. ...

The day that the technology A bloggers started to tell the story about the invention of Podcasting without its ties to its Audioblogging history is the day that technology blogging jump the shark in my books.

Curry has challenged the Wikipedia concept in response to this situation, suggesting that it was reasonable for him to correct perceived errors on a subject he knew well, even if he did so anonymously. There's a way that well-known people can improve the encyclopedia without the entire Internet forming a line to kick their ass: Create a user account and make signed comments on an entry's discussion page.

Read the discussion page for Cory Doctorow to see a subject suggesting edits to his own biography, both large and small:

The picture is horrible. Any chance of a less supercilious looking one?

Wikipedia · Podcasting · 2005/12/03 · 9 COMMENTS · Link

Read More Entries