Freedom of the press for those who own one

You pay your money and you take your chances”

Recently Machetera has written a few articles about blogs whose editors arrived one day to post and found themselves locked out because they’d been flagged as spam blogs. The common denominator for the two blogs in question, peacepalestine and desertpeace, aside from content, was that they’d been hosted on Blogger. The two have since moved to WordPress, and although desertpeace has reportedly finally been unlocked by Blogger, the new location at WordPress seems to suit the editor better anyway, and so there he will stay. For now.

This brings up several interesting questions. Yoani Sanchez, a thirty-something Cuban blogger who has been featured in a number of admiring press articles in the United States claimed a couple of weeks ago on the basis of no evidence whatsoever beyond her say-so, that her blog was being censored by the Cuban government. Her claims turned out not to be true but that didn’t stop them from being immediately picked up by Reuters and repeated ad nauseam throughout the mainstream press. But most bloggers don’t enjoy that kind of exposure, probably because they’re not performing a propaganda service which suits the U.S. government and therefore the reactionary press, although that’s another topic altogether.

The Sanchez case is illustrative at least for the purposes of pointing out that Internet censorship can be a somewhat subjective affair. Of course, if you’re the person who’s locked out of your own blog, it feels very personal. When you realize that other people with similar content are also locked out of theirs, it feels like something more. The question here is whether it rises to the level of active censorship, and that requires a bit of investigation.

Mum’s the Word

Neither Blogger nor WordPress responded to Machetera’s requests for comment on their spam blog identification policy (update: WordPress responded the day after this was posted, see comments below) – is it their practice to shut down a blog automatically on the basis of being actively “flagged” by other users or “caught” by a spam robot, with an investigation to come later, and if so, how long should one expect an investigation to take? It’s true, Machetera posed these questions through the companies’ support desks and while she has observed in the case of WordPress at least that it is quick to respond to specific technical questions, it appears to ignore policy related ones. As most geeks would.

However, looking through Blogger’s discussion section, it’s not hard to find repeated complaints from bloggers locked out of their blogs, with spam given as the reason, and fairly frequent mentions made of moving to WordPress as a result. A quick review of the most recent lockouts (at least the ones complained about in Blogger’s forum) reveals a scattered lot. Some clearly do qualify as spam blogs, even though their owners complain pitifully that they were just trying to figure out a way to make a little money on the side – and in the growing capitalist economic crisis who can blame them really? Some clearly don’t; one fellow wanted to share his not particularly interesting experiences at some sort of FBI academy. Someone writing in Swedish under the amusing title satanicpushcart earned an “content warning” flag although for the life of her, Machetera cannot find any disturbing content anywhere within, unless the Swedish language is itself considered objectionable (some Danes certainly find it so). No pro-Palestinian sites.

Does that mean Blogger is not censoring pro-Palestinian sites? No. It means that in the latest discussion forum at Blogger no-one is offering that as an example. Does it mean that they are? Not necessarily. One internet service provider (ISP) to whom Machetera posed this question replied that one should never ascribe to conspiracy that which can be attributed to simple incompetence, adding that his guess was that the automated spam robots pulled the blogs and Blogger was slow about responding.

What triggered it?

That leads to the next investigative question. Why would automated software pull peacepalestine and desertpeace when they clearly (to a human eye) do not have the characteristics of spam blogs? One alternative possibility to content censorship is hacking. Machetera’s sense is that WordPress is a superior platform to Blogger, as she did a bit of research into the two and what bloggers had to say about them, before launching her own publishing empire. Yet although there is not the same amount of discussion and general unhappiness level among WordPress users about lockouts as a result of being identified as a spam blog, the editor of peacepalestine did inform Machetera that she knew of one anti-Zionist WordPress blog that had not only been locked but had a blank page inserted where content once was.

Machetera has no information about Blogger security holes but she did run across the following note from Dougal Campbell, one of the “Developer Emeriti” at WordPress:

Okay, people, if you are running any version of WordPress older than 2.3.3*, you need to upgrade now. Seriously. WordPress 2.3.2 and older have security holes that are being actively exploited by hackers to inject spam links into blogs which are not maintained. And search engines like Technorati are de-listing hacked blogs. Are you listening now? Do I have your attention? Upgrade your web apps before you get hacked and your site drops off the search-engine radar.

Machetera wrote to Campbell to ask if such hacking only pertained to blogs that were not actively maintained or if it could happen to one that was constantly maintained, and he answered quickly, saying that by “maintained” he meant “that the site owner is keeping the code up-to-date with current versions. It can happen to any site that is running software which still has security vulnerabilities.” Presumably that would include Blogger, which seems to be a little less aggressive than WordPress in the development department.

Hacking 101

Next question: If your blog had been hacked, how would you know? Probably there are people better equipped to explain this than Machetera but Mark Evans, who runs the Deep Jive Interests blog posted one description just a few days ago:

How can *you* tell if your blog has been hacked?

Here are three ways (pray it doesn’t get to the three).

1. You start getting traffic from google for terms you never write about (say, credit cards)

2. If you use Adsense, you start seeing ads on your blog for stuff that in no way matches your content (credit cards for example)

3. If you get banned from Adsense for promoting content in a sneaky way.

My suggestion is that if you find yourself in this position, comb through your templates carefully to find the hidden HTML and delete it.

THEN, go through your blog / site directory with FTP, turn ON the “look for hidden things” and start hunting for any potential directories that look suspicious — i.e. you didn’t put them there.

How do you go through your blog with FTP? Good heavens, don’t ask Machetera. She’s a competent writer and translator, but she can’t do everything. It’s worth noting at this point that neither peacepalestine nor desertpeace were running ads, and Machetera guesses that if you’re locked out of your blog, you probably can’t get into it to “look for hidden things.” However, if you’re running a blog that you haven’t been locked out of (yet), looking for hidden things from time to time might be wise. In addition to running the latest version of the software. And picking a good password, and to be on the safe side, changing it once in awhile. John P. at One Man’s Blog had some good advice about this:

Assuming the hacker has a reasonably fast connection and PC here is an estimate of the amount of time it would take to generate every possible combination of passwords for a given number of characters. After generating the list it’s just a matter of time before the computer runs through all the possibilities – or gets shut down trying.

Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.

Password Length All Characters Only Lowercase
3 characters
4 characters
5 characters
6 characters
7 characters
8 characters
9 characters
10 characters
11 characters
12 characters
13 characters
14 characters
0.86 seconds
1.36 minutes
2.15 hours
8.51 days
2.21 years
2.10 centuries
20 millennia
1,899 millennia
180,365 millennia
17,184,705 millennia
1,627,797,068 millennia
154,640,721,434 millennia
0.02 seconds
.046 seconds
11.9 seconds
5.15 minutes
2.23 hours
2.42 days
2.07 months
4.48 years
1.16 centuries
3.03 millennia
78.7 millennia
2,046 millennia

Remember, these are just for an average computer, and these assume you aren’t using any word in the dictionary. If Google put their computer to work on it they’d finish about 1,000 times faster.

John P. recommends Roboform as a software solution for remembering the zillion passwords necessary to navigate through modern life, but Machetera guesses that if you’re worried about any possibility of government access to your private kingdom, you’re not going to be interested. The truth is, when the government wants access, it gets it, but why speed up the process? One alternative is to have sticky notes all over your private office, like Machetera does; it looks sort of like something out of A Beautiful Mind.

Who’s doing the hacking?

Mark Evans talked a bit about this in the article mentioned above; some hacking is done by people who are working to use the popularity of your site to boost the popularity of their own. The hidden links can track back to other links that pay on a per-visit basis, so there’s money in it too. In the case of peacepalestine and desertpeace, this is a distinct possibility; both were massively popular blogs, with extensive content developed over time and a large readership.

But one can’t rule out the possibility of hackers paid by those who found the content at peacepalestine and desertpeace objectionable, because while Zionists are generally not clever enough to do their own hacking, and usually not rich enough to pay someone else to do it either, there are always exceptions, not to mention that no-one really knows what the hell the NSA is doing in that little mirrored box of theirs just off the Baltimore/Washington parkway. Knowing that they’re not that good at speaking Arabic, and that the U.S. Office of Foreign Assets Control has some two dozen people assigned to track North Americans committing the crime of traveling to Cuba and two to track Bin Laden’s finances, it’s not unreasonable to assume that they spend their time going after the lowhanging fruit. An English language pro-Palestinian website would certainly fit the bill. A Spanish language leftist news site would as well.

Perhaps that’s the most maddening part of it all. At the end of the day, whether it’s hackers trying to make a buck by manipulating search engines through the use of hidden links that loop to create traffic that isn’t really there, or hackers trying to silence a corner of free speech in a world overflowing with disinformation, the effect is the same. Machetera has been trying to get at the truth, but the sad fact is that the truth is sort of irrelevant.

Can they do that?!

With that in mind, one must assume the worst. That a lockout is possible, for whatever reason, and it’s better to prepare oneself for a lockout that never comes, rather than try to remedy one that has already happened. Nice letters to Blogger appealing to their mercy, make no difference. Threatening letters even less.

Al S.E. who runs Not the Country Club blog, has a thoughtful argument about whether or not Blogger (and by extension, WordPress) is a free service, and whether the saying “You get what you pay for” is applicable, at his alternate blog, BloggerCensors, which appears to have been created when he was “de-indexed,” although he emphasizes that BloggerCensors was not created for that reason, but rather, to draw out a wider discussion of the implications of censorship at blogging platforms.

Google’s Blogger is simply a service-provider. In the same way that the electricity company has no right to tell you and me what to do with the electricity it provides, Blogger has no similar right either. Some commenters have pointed out that Blogger is a free service, and so we have no rights against it. But there is no such thing as a free service (unless it is provided by a charity). For example, some newspapers are distributed free of charge in order to be able to collect advertising revenue. Blogger is one of the many ways for the Google conglomerate to make a name for itself and sell other products and services through that reputation. It is not free.

This is a compelling argument, and worth considering as one slaves over content that has every possibility of someday being “disappeared” by the people hosting it, without any hope of appeal. The sad truth of the matter though, is that even though Al is technically correct in describing the service as “not free” (you pay with your intellectual property rather than cash), in the contract for free hosting, the terms of service are all on the side of the ones doing the hosting.

The Terms of Service for both Blogger and WordPress leave no doubt that bloggers do not control the contract, the hosters do, and even where privacy and content are concerned, their latitude to judge is very wide. WordPress mentions a VIP service that extends one’s rights substantially although not of course, indefinitely.

With this in mind, one should think very seriously about the free hosting contract, and its alternative, before agreeing to it. The alternative of course, is to pay for hosting, and although the costs are minimal on a monthly basis, for those whose interests are not commercial, they can be daunting on a long-term basis. But paying for your hosting seems to at least promise the possibility of a response, should something happen to one’s blog, whereas a free hosting service seems to guarantee a stonewall.

If one is willing to pay for a measure of security and support against censorship, consider that all hosting services are not alike either, and once again it pays to read the fine print. A small hoster that responds promptly to email or phone calls can be worth a little extra money, but one has to be sure they have the courage to stand up to pressure – that they will protect you. One North American ISP told Machetera, “I personally delight in informing people about the first amendment when they complain about a website here. If they don’t like it, they’re welcome to use [this service] to disseminate counter information. Of course, they never get that far, they’d rather just complain.”

Machetera supposes she can live with that. There’s something very fundamentally wrong about a pay-to-play press system, but if you read this far, that’s probably not news to you.

2 responses to “Freedom of the press for those who own one

  1. great and informative article! thanks!

    While reading it, this suspicious mind had a strange thought…. and if it is WordPress behind the closures? You see, they have a brilliant “transfer to our blog painlessly” feature, and if they get bloggers who already have traffic records, well, their hosting services (and the hidden benefits for them in revenue that we probably don’t know about) make a holiday of it.

  2. I’ll readily admit I’ve never been much of a conspiracist (though I do know who didn’t kill JFK; perhaps a subject for a future article) and while it’s true that WordPress seems to benefit the most from Blogger’s policy of shooting itself in the foot, I won’t go so far as to say that WordPress is somehow making Blogger pull the trigger.

    My guess is that Blogger being acquired by Google was not a particularly good thing for anyone besides the Blogger owners – big business, no matter how “cool” it tries to portray itself in its p.r. is simply not very efficient. It’s a money machine for the top shareholders. Period.

    Incidentally, WordPress did respond this morning to my question about how they would “theoretically” deal with a blog that had been flagged, through a friendly email from someone named Mark, who said:

    I always look at every blog.

    I can leave the blog alone, set a warning notice for the blog owner to see or suspend the blog if the terms of service are broken significantly.

    If someone repeatedly reports a blog and there is no foundation then to be honest I start ignoring them.

    Does that help?

    Such a simple response to a not particularly difficult question.

    True there are other questions that could be asked, such as where the line is to be drawn on a “significant” breach of the terms of service, but as I pointed out above, as long as one is running a “free” account under the terms of service which are clearly posted, the advantage will likely go to WordPress.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s