Elliott C. Back: In Aere Aedificare

The Techmeme page for iPhone new isn’t as bad this time. If you look an archive you’ll see it’s taken over with news about the iPhone 2.0 and SDK, but not too badly:

Yes, it was much worse a year ago, when the iPhone was first announced at Macworld by Steve Jobs. There, the Techmeme page got extremely long, and covered in Apple news.

I got an extremely clever personalized spam email today, something that I’ve never seen before. They took my first name and used it to address me, and then took my last name and suggested I “move the Back family there.” Wow! Check this out:

From Homes4Half [info@lafdeb.com]
date Thu, Feb 28, 2008 at 6:24 PM
subject A Half-priced Home in ITHACA for the Backs

Dear Elliott,

Imagine moving the Back family into a fabulous new home in the ITHACA area that you bought for HALF it’s market value! You can find homes priced as LOW as $10,000. Search the ITHACA area for the best bargains today!

They even spelled my name right, which is fairly amazing.

If you’ve ever wanted an easy way to find out who is hosting a site so you can send them a DMCA notice for spam, there’s a new tool on the block to help you. Who Is Hosting This? enables you to find out who is hosting any web site. Their FAQ, which has an entry reading “This probably means that the owners of this website have bought an IP range and are self-hosted” indicates how they obtain the data, which is by IP range assignment. So they’ll give you the underlying provider of service, which in the hunt against spam, can be a powerful tool.

This screenshots are looking up information for three spammers ripping me off:

• Bohica Gaming
• Pornbb Org
• Dence

Unfortunately a bug in Who Hosts This causes the last lookup to fail, and instead of saying “unkown host,” the service simply just spins. Also, the last address is a bit odd, as it belongs to a spammer in the Philippines but hosted in Canada by Shaw. Still, 2 DMCA notices are better than none!

If you’ve been reading any tech news today, you probably heard that Robert Scoble was banned from Facebook for hacking it with an automated scraper to get his Facebook friends into Plaxo. Later today, Facebook reinstated his account after warning him to “refrain from running these types of scripts again.”

What was Scoble after? Your names, email addresses, and birthday. Information that he is allowed access to inside Facebook, but which his many of 5,000 so-called friends might not want hauled outside and stored with another company. Buzzmachine is right when they label him an identity thief in What he says:

I want Facebook to protect my email address. I don’t want Scoble downloading it and giving it over to Plaxo, a brand and company I will never, never trust and would never choose to do business with or hand data to on my own. So much of the reaction to this little incident gets it backwards; there has been much talk about how we should be able to get our data out of Facebook and that’s fine but we also need to protect our data from others making use of it without our permission and that’s what this is about in the end.

There’s a reason that I have set my privacy to avoid these things–in addition to defriending everyone I don’t actually know and trust. I don’t want people knowing where I live (as I’ve received death threats, prank calls, and various harassments that are more trouble to sort out then just avoid). I don’t want them knowing my email, phone number, or birthday. And I certainly would get pissed off to see someone harvesting them en-masse. As I wrote in Cornell violates mass student privacy, “Taken one-by-one, this kind of directory information is completely useless and publicly available. But when taken in aggregate form, the contact information is a secret.”

So, in mass-downloading his Facebook friends’ information, Scoble violated the Terms of Service, the implicit trust relationships he had with his Facebook friends, their privacy, and their identities. Now he claims that the information will be removed after their tests are finished, but at this point it’s too late. The cat (our identities) is out of the bag.

p.s., Techcrunch agrees as well…

I got a lovely email just now threatening me for being a notorious spammer:

Your doing it to drive up your Google Rank is pitiful, though I’ve informed Google of your attempts to game their system. Further evidence of scraping will be dealt with through the legal system. Perhaps a note to [your employer] will be of use as well.

I sent back my reply, which indicates that no I am not a spammer, thank you very much:

I’m terribly sorry you are experiencing web scrapers, but honest-to-god it’s not me. I wrote a plugin a long time ago for Wordpress called “WP Autoblog” that can take an RSS feed and import them as a series of posts. The posts get branded with attribution like “Post by XYZ and software by me” which you’re probably mistaking for something I’m actively a part of. I wrote the plugin to aggregate some of my family blogs (ericback.com, elliottback.com) together into a single feed, but it quickly became abused by spammers so I pulled it. You can read more here.

All this in spite of people making photo-aggregators, sitewide tagging, and making Planet sites. I can’t believe how much grief a hacky Wordpress plugin has given me over the years. Hopefully as it gets more and more out of date, this query count will start to drop from 400k (not that much) to a few hundred. Then I will smile.