Crunchitize Me, Arrington!

Michael Arrington, the publisher of TechCrunch and the human router at the center of Web 2.0, questions the work I did for Dave Winer on Weblogs.Com:

I was part of the weblogs.com transaction and was also very dissapointed with Rogers Cadenhead's performance. I have no information on the second part of the dispute.

Arrington was Winer's attorney on that project. I have no idea what he's referring to here, and he hasn't returned an e-mail on the subject. The entirety of our relationship was a few cordial e-mails exchanged during the execution of a work-for-hire contract.

That negotiation was simple. He sent an agreement and I told him this:

I've looked over the contract. I have no concerns aside from sections 5b. and 5c., which have non-compete language in them.

I can't agree to a provision that prevents me from doing substantially similar work for one year and prevents me from entering into the relationships described in 5c.

When I priced this job, it was under the assumption I'd be free to exploit my growing expertise in this area. If this is going to be my first and last job in weblog notification, we need to talk about additional compensation. Otherwise, I recommend removing 5b and 5c.

His response: "Go ahead and delete those." So I did.

I can't think of any reason for his disappointment, because both sides of that contract were happy with the outcome. Winer even acknowledges that it was a good experience, in spite of our disagreement over Share Your OPML.

I'm guessing this is an example of Friendship 2.0.

Programming · 2006/03/18 · 12 COMMENTS · Link

Katherine Harris Had Me at 'Herlo'

When the number of people drawn to your Internet flamewar reaches critical mass, it becomes a This is Your Life episode where anyone you've ever angered might pop out from behind the curtain. I'm waiting for a few people to appear, such as the guy I tried to beat up at Bentley College in 1986. I've always wanted to know if I landed at least one bruise with my flurry of sting-like-a-butterfly blows.

Though I'm loathe to admit this, Katherine Harris is kind of hot. The 2.8 she's pulling on Am I Hot or Not is a traveshamockery.

Katherine Harris, three-quarters profile, on Hannity & Colmes

I know I'm venturing into too-much-information territory, but when Harris showed up drunk last August on Hannity & Colmes, sitting three-quarters profile and slurring her words, she swayed my voter.

Politics · Television · 2006/03/16 · 13 COMMENTS · Link

Remembering the Kennedy Memorial

Kennedy Memorial in Dallas

There's an open air memorial in Dallas near the spot of President Kennedy's assassination. Designed by Philip Johnson, the memorial consists of a 50-foot-square concrete box with 30-foot-tall bare walls that surround a flat granite slab inscribed with the president's name.

Outside, a plaque contains the following inscription:

The joy and excitement of John Fitzgerald Kennedy's life belonged to all men.

So did the pain and sorrow of his death.

When he died on November 22, 1963, shock and agony touched human conscience throughout the world. In Dallas, Texas there was a special sorrow.

The young President died in Dallas. The death bullets were fired 200 yards west of this site.

This memorial, designed by Philip Johnson, was erected by the people of Dallas. Thousands of citizens contributed support, money and effort.

It is not a memorial to the pain and sorrow of death, but stands as a permanent tribute to the joy and excitement of one man's life.

John Fitzgerald Kennedy's life.

I'm a Dallas native born to an Irish Catholic family. My mother was 15 in 1963, and she skipped school with several friends to see the president and first lady pass by in the motorcade. By the time the teens returned to their car, the first reports of a shooting were hitting the radio.

It's hard to explain to people who aren't from the city the palpable sense of inherited guilt that followed the assassination, even for someone like me born after it happened. My mother told me that for years later, she was embarrassed to tell people she was from Dallas.

The Dallas Morning News has reopened the decades-old debate over whether the memorial is a fitting remembrance of the president. Writing in Slate, Witold Rybczynski said that Kennedy deserved better:

It is all, sad to say, poorly done. Painted precast concrete is hardly a noble material, and the blank surfaces are relieved by rows of roundels that make the walls look like mammoth Lego blocks. The shiny granite slab is black, but being square and low it looks more like a coffee table than a funerary marker.

I visited the Kennedy Memorial on a field trip as a child completely enamored with Kennedy, as you might expect of a young Catholic and future liberal. If there was any joy or excitement within those bare walls, I didn't find it then and would be hard-pressed to find it today. The Sixth Floor Museum is the place to go in downtown Dallas to mourn the president and mark the toll his death took on the country.

However, the Kennedy Memorial is too much a part of the historic response to the assassination to ever tear it down. The most I'd like to see Dallas consider is the addition of something that complements the work and conveys more vitality, such as light climbing heavenward in the manner of the 9/11 Tribute in Light.

Politics · 2006/03/16 · 28 COMMENTS · Link

Letter from Dave Winer's Attorney

I received this letter Friday from Christopher C. Cooke, Dave Winer's attorney:

Mr. Winer has retained our firm and asked us to contact you about two related matters. If an attorney is representing you, please provide this letter to your attorney and have him or her contact me.

First, we request that you return the $5,000 deposit that Mr. Winer paid to you in October 2005 in connection with certain work that you were supposed to perform for Mr. Winer in revising and maintaining Mr. Winer's website, feeds.scripting.com. Mr. Winer had previously sent you a consulting agreement regarding this work and made it clear to you that he would not hire you to perform this work without a written agreement signed by each of you. It is our understanding that neither you nor Mr. Winer signed such an agreement, that the redesigned site was never completed and launched, and that Mr. Winer has advised you that he no longer wishes to use your services for this project.

Second, Mr. Winer has recently learned that you have used the contents of his website "feeds.scripting.com" as well a computer application authored by him and certain third-party information, to launch a public web site known as the OPML Factory, presently located at "opml.cadenhead.org." The contents of feeds.scripting.com and the computer program are Mr. Winer's property and are protected by federal copyright law as well as by state law. Mr. Winer has not authorized you to use his property to launch the OPML Factory and your use of his property for such a purpose constitutes a willful infringement of Mr. Winer's copyrights under 17 U.S.C. 101, et seq., for which you can be liable for statutory damages as high as $150,000 for each unauthorized use, pursuant to 17 U.S.C. 504(c) (2), and liable for Mr. Winer's attorneys' fees if he were to bring an action against you in the United States District Court to enforce his rights, pursuant to 17 U.S.C. 505. Accordingly, on behalf of Mr. Winer, we demand that you immediately cease using or distributing all materials that Mr. Winer provided to you in connection with the "feeds.scripting.com" project, that you return to Mr. Winer all such materials, that you cease operating the OPML Factory and any other websites or portions of websites derived from his property, that you destroy any works derived from Mr. Winer's computer program, and that you desist from these uses and from any other infringement of Mr. Winer's property in the future.

Specifically, we must insist that, by no later than next Wednesday, March 15, you:

  • (1) return the $5,000 deposit to Mr. Winer;
  • (2) return all materials, third-party data and applications that Mr. Winer provided to you I in connection with the "feeds.scripting.com" project;
  • (3) destroy all works derived from such materials, data and applications, and provide us a sworn statement, signed under penalty of perjury of the laws of the State of California, attesting that you:
    • (a) have destroyed all such derivative works and
    • (b) no longer possess copies of any the materials, data and applications obtained from Mr. Winer; and
  • (4) take down the OPML Factory website (presently located at "opml.cadenhead.org") and any other websites or pages that you derived from feeds.scripting.com.

If you do not take these actions by next Wednesday, March 15, we shall assume that you will not be complying with Mr. Winer's demands and we will take all appropriate actions to enforce Mr. Winer's rights.

Last spring, in a work-for-hire agreement with Winer, I ported Weblogs.Com from a Frontier application running in Windows to an Apache/MySQL/PHP application running on Linux. I'd been telling Winer for years that he should run his web services on LAMP, because it handles high-load applications better and much less expensively than Frontier. We reached a verbal deal and I wrote it in a weekend for $10,000, following up with a written contract.

The project was a personal success for me, because after years of writing books on Internet programming, I was eager to prove that I could develop a web application with such huge demand. On an average day, my program served 34.65 gigabytes of data, took 1.1 million pings and sent 11,000 downloads of changes.xml, a file larger than 1 megabyte.

It was a financial success for Winer, who sold Weblogs.Com to VeriSign in October 2005 for $2.3 million.

Right after that deal was announced, we reached a verbal agreement to do the same thing on Share Your OPML, an RSS subscription site he developed with Andrew Grumet on Frontier in early 2004. I agreed to create, host and manage a LAMP version of the web application and Winer offered $5,000 when work began, $5,000 when the application was done, and 33 1/3 percent ownership of the site.

I developed the web application over the next two months, producing a 1,602-line PHP class library, 50 PHP scripts and a MySQL database that holds 1,438 members, 68,773 RSS feeds and 174,354 subscriptions to those feeds.

Contrary to the attorney's letter, the application isn't built on proprietary data. Winer released a Share Your OPML SDK in January 2004 that offers OPML subscription data for 1,054 users who agreed to share their subscriptions, and the data continues to be offered to the public today.

The web application has been in limbo because we haven't been able to reach a written agreement to supercede the verbal one. I figured that one of us would eventually end up taking over the project and the other would recoup his original investment, and I thought it could be resolved amicably until I got Friday's letter.

Winer seems determined to go after anyone he perceives as a threat to his authority over RSS, even to the point of turning a minor business disagreement into a federal case ("17 U.S.C. 101, et seq.").

I don't have a board of directors or a venture capitalist who can talk me into quitting the RSS Advisory Board. I'm a self-employed stay-at-home dad, and my sons are not persuaded by the argument that the board threatens the RSS roadmap.

But he has succeeded in making me sorry I took his invitation back in 2004 to get involved in RSS, a syndication format that will forever be mired in childish personal animus because of his mistaken belief that allowing other people to contribute to its success will rob him of credit.

The archives of Workbench contain numerous examples of lavish praise I've given Winer over the years, including an effort I led among his admirers to pool their funds and buy him a get-well iPod after he underwent heart surgery.

I've never been more retroactively embarrassed to have paid someone a compliment in my life.

Rss · Opml · 2006/03/15 · 303 COMMENTS · Link

Stopping Open Recursion Name Server Attacks

I received an ominous e-mail from my server host Thursday:

The DNS service(s) on your server are currently open to recursive queries from the world, leaving them vulnerable to DNS cache poisoning attacks and allowing them to be used to attack other sites. Your server was reported participating in an outbound DDoS attack through means of this vulnerability by an attacker. Please ensure that recursive lookups are DISABLED in yournameserver's configuration to prevent future abuse. If you need any assistance with this procedure, please let us know.

My name server was taking requests from any user for any domain, not just the ones it was configured to handle like cadenhead.org. When a request came in for a domain on another server, it was forwarded to another server, which could forward it further.

I didn't know that this open recursion let my server be used in a denial of service attack.

I closed the vulnerability by adding an acl section and a new allow-recursion setting inside the options section of the named.conf file:

acl internal {
  67.19.3.218/29;
};

options {
  allow-recursion {
    internal;
  };
};

The acl section refers to the machine hosting the name server, which allows programs on that machine to make recursive requests. All other clients should be blocked by this configuration.

While I was poking around, I took another blogger's suggestion to turn off zone transfers from my name server, except for one machine that functions as a backup name server:

allow-transfer {
67.19.86.58;
};

Security · Linux · 2006/03/12 · 5 COMMENTS · Link

How Do I Get to Carnegie Hall?

Some bloggers have been talking up the XRSS namespace proposal I made earlier this week.

This is one proposal among three currently under development on RSS-Public, the public mailing list of the RSS Advisory Board.

The others are a new specification for the Really Simple Syndication format and a best practices profile, a set of recommendations for how RSS documents can work in the widest possible audience of aggregators, browsers and other software. I published the first draft of the profile this morning, which will be filled out one section at a time.

We could use more participants on the mailing list to work on the profile. A "best practices" document has a much better chance of being true to its name if a bunch of RSS publishers and developers contribute to it.

Rss · 2006/03/09 · 4 COMMENTS · Link

Spam Spam Spam Spam Comment Spam

Workbench doesn't require readers to set up an account before posting comments, because I like the freewheeling nature of the discussion that results from an open policy. Half the fun of writing a weblog is hearing from total strangers with an itemized list of my faults.

Because of that open policy, this site is hammered around the clock by comment spammers who want me to enlarge my penis and lose weight with phentermine so I look good the next time I play online Texas Holdem poker.

To give you an idea of how bad the problem is becoming on weblogs, this site has received 13,445 comments in the last 21 days, and 13,188 of them were comment spam, even though I have manually blocked 4,737 IP addresses because they were used for spam.

Wordzilla · 2006/03/09 · 21 COMMENTS · Link

Read More Entries

Microsoft Bob icon

Rogers Cadenhead

Social Media

Mastodon

Mastodon

Subscriptions

Workbench RSS feed RSS Feed

Blogroll

Projects

RSS Advisory Board

How to Read an RSS Feed with Java Using XOM

The RSS Advisory Board Just Turned 20

Downloading 50,000 Podcast Feeds to Analyze Their RSS

Tara Calishain Explains: What is RSS?

Be Unique And Use RSS Guid Like Everybody Else

Statistics

Line drawing of cowboy on horse

This blog has been published since Nov. 7, 1999 (a span of 9,446 days).

Thank you for visiting Workbench.

Drawing of an owl with glasses reading a book