Funny business for vegan Podcaster Erik Marcus
Podcast Hijacked, Held for Ransom
November 30, 2005
By Lisa Vaas
In an assault reminiscent of the early days of the Internet,
Podcaster Erik Marcus recently found that his RSS feed had been
According to Marcus, rather than fully cooperate to address the
situation, the cyber-squatter is demanding payment or permanent
agreement to terms, and Marcus is seeking legal redress for this new
form of Internet extortion. ADVERTISEMENT
Marcus publishes Vegan.com and the "Erik's Diner" Podcasts.
Over the course of the past year, Marcus has built his listenership
from 100 people per show up to some 1,500. Over the past few weeks,
he noticed that Yahoo Inc. had created an entry for his show on its
beta site, Podcasts.yahoo.com.
The page had an RSS feed belonging not to Vegan.com, however, but to
a site named Podkeyword.com.
Marcus shared with Ziff Davis Internet News a letter he sent to a
lawyer who specializes in intellectual property and who has agreed to
work with him on his case.
In the letter, Marcus said he contacted Yahoo repeatedly for about a
month. The company never responded. Yahoo had failed to correct the
RSS listing and had also failed to return phone calls seeking comment
for this story by the time it was posted.
Marcus e-mailed Podkeyword directly in order to "nip this problem in
the bud rather than let it grow," he said in his letter to his
lawyer, Colette Vogele.
Podkeyword honored his request, Marcus said, after which his listener
numbers abruptly collapsed. Marcus came to find that Apple Computer
Inc.'s iTunes service, which shields RSS information from its users,
had also picked up the Podkeyword URL.
"This has cost me more than 1,000 listeners per show," Marcus wrote
in the letter.
Marcus contacted Apple, which has to date not fixed the URL.
Marcus then wrote back to Podkeyword to ask that his listing be
temporarily reinstated on Podkeyword while he worked to fix things
with Apple. Podkeyword reportedly responded that the listing would be
reinstated only if Marcus provided an unspecified payment or agreed
permanently to its terms.
Click here to read about Podcasting usage tools from Audible.
The manner in which the purported hijacking occurred exemplifies the
fact that RSS feeds are far more vulnerable to squatters than Web
site domains. The method doesn't require stolen passwords or other
overtly illegal methods.
Rather, it merely involves finding a target Podcast and creating a
unique URL for it on a Web site that the hijacker can control. The
hijacker then points his URL to the RSS feed of the target Podcast.
Next, the hijacker does whatever it takes to ensure that, as new
Podcast engines come to market, the page each engine creates for the
target Podcast points to the hijacker's URL instead of to the Podcast
creator's official URL.
Vogele, a non-residential fellow at Stanford University's Center for
Internet and Society and head of the firm Vogele & Associates, told
Ziff Davis Internet News that she is mulling over a number of
approaches to determine which laws might pertain in the case,
including claims of unfair competition, trademark
infringement/dilution, computer fraud and abuse, trespass, right of
publicity and misappropriation.
California's right of publicity law, for example, stipulates that an
individual has a right to control his or her likeness and image,
including, most likely, voice, she said. If Podkeyword is in fact
making money off of Marcus' Podcast, it might be at risk of being
found guilty of violating right of publicity, Vogele said.
Next Page: Applying IP concepts to RSS.
At any rate, it is unclear how existing laws pertain to such recent
technology as Podcasts or RSS feeds, Vogele said.
"I've been doing [intellectual property] law for quite awhile," she
said. "Every time there's a new [technology], it's a little brain
teaser. We know it's wrong, but how does law [respond] to that? It
takes a while in the legal system, and technology changes [more
rapidly than laws]."
The lack of response from Apple and Yahoo may have to do with laws
that shield such companies from copyright infringement, Vogele said.
While they should be applauded for making part of the engine that
enables Podcasting, she said, such companies would be better Internet
citizens were they to make available a means for hijack victims to
contact the companies, tell them what's happening and have the
companies fix this in a reasonable time.
This is particularly the case, Vogele said, "since they get financial
benefits from all these Podcasters creating this content for free I
think they need to think about what systems they can put in place and
be good citizens in this process."
Marcus suggested that Podcasters can protect themselves from
hijacking by checking to make sure that all Podcast directories and
search engines list RSS feeds that point to their official URLs/RSS
Also, if Podcasters learn of a hijacking, they can write to the
hijacker and demand that they cease and desist. Hijacked Podcasters
should also write to the Podcast directories and search engines to
point out the misconduct.
Corporate Podcasts target the IT community. Read more here.
Those who posted responses to Vogele's Weblog entry on the matter
suggested other defensive strategies. One is to rename Podcast audio
files on occasion and point to the new names in the legitimate RSS
feed, thus causing the malicious site's RSS feed to stop working and
hence to cease gaining popularity.
Another tactic is to look at the referrer's tags for Podcast
downloads in a Podcaster's Web server logs. Names of malicious sites
that point to a Podcast will come up in the logs, and a large number
of off-site listener referrals should raise flags.
Another tactic proposed on Vogele's blog is to mention the site and
feed URL in each Podcast. Those who take the time to notice what URL
they're using may notice that the URL is in fact not the official one.
Check out eWEEK.com's Messaging & Collaboration Center for more on IM
and other collaboration technologies.
Copyright (c) 2005 Ziff Davis Media Inc.