Blog Platforms Should Embrace OpenID to Address Theft
Stephen Davies, my counterpart in London, has had his custom blog design ripped off not once, but twice. Both times the theft appeared to originate in Asia. Others have had the same issue. And one blogger had success using the Digital Millennium Copyright Act to get justice.
Blog designs, like any code, are really easy to steal. Just look at the source code and you have what you're looking for. Further, if you publish the full text of your blog in your feed, it's conceivable that someone can steal all your goods. Now might be a good time to do something about this before it really becomes rampant.
It seems to me like we can solve this problem with Open ID. The major blog publishing platforms should encourage their members to also sign up for OpenID (more information is on Wikipedia). Then they can have a mechanism in place that plants a special watermark on your blog once you've confirmed your ID. Basically, every time your blog is loaded it sends data to Open ID that then generate a special coded watermark on your blog confirming you're you. If it doesn't see the code then your content won't load. LiveJournal, Vox, Technorati and others do so but not in this manner.
Now I am not a web developer so perhaps this is naive of me. Maybe people can see the data flowing back and forth and still hack this. Thoughts?
I have given up long ago. I regularly have sploggers copy and paste my writing into their splogs.
Although, the OpenID idea is very interesting. I wonde if it is still possible for people to spoof the OpenID url, though. This is an issue that we'll be exploring soon at http://socialsynergyweb.net/cgi-bin/wiki/OpenidEcomm/HomePage wiki.
Posted by: Sam Rose | Monday, January 29, 2007 at 10:56 AM
DRM for HTML and RSS? Really?
I don't think OpenID does what you think it does.
Posted by: Hans | Monday, January 29, 2007 at 11:57 AM
re: Open ID -- that would be more for blog content though, not blog design.
The best way I think to keep track of custom CSS designs is to have embedded tracking images. The thing is -- if you are using images in your design you're pretty much doing this anyways. You just need to check the server logs to see what other sites are pulling the images that are part of the design. Then follow with the public shaming, or more realistically a prominent link saying "design by".
Posted by: engtech | Monday, January 29, 2007 at 02:09 PM
"You just need to check the server logs to see what other sites are pulling the images that are part of the design. Then follow with the public shaming, or more realistically a prominent link saying "design by"."
That's pretty much what I've done but what good has it achieved? There should be some sort of copyright standard.
Posted by: Stephen | Monday, January 29, 2007 at 04:17 PM
I don't believe OpenID does what you want.
You can put a meta tag in your blog template that references your OpenID page, essentially allowing your blog url to become a 'prettier' OpenID url than someuser.myopenid.net... A bit like all those vanity email redirection services that forwarded your mail to your ugly hotmail account C1998.
However there is no 'watermarking' function as you suggest. By the mere fact it's a meta tag in HTML, such a tag can easily be removed as quickly as it can be written in.
There's also nothing to stop a browser rendering a page based on the presence of an OpenID tag.
I guess theoretically the blog providers like WordPress.com and TypePad could enforce users insert an OpenID tag into their templates, but doesn't stop people stealing templates and removing the OpenID tag.
The issue of stealing HTML has been around since the Internet was invented. If people are going to steal your HTML, they will. But that still leaves them with a lot of work to reverse engineer it into a template.
The one vulnerability you can check for if you are using a non-PHP based blog system (such as MT) is whether your templates are located in a path referenced in your HTML (perhaps where the stylesheet lives). If so, check that upon loading this directory it contents are not revealed as this allows people to then download your template files one-by-one. If they are, you can place a blank index.html file in there to stop it happening.
Wordpress doesn't suffer this problem as the template files are PHP and thus the code is parsed out before it is served.
Posted by: dotBen | Monday, January 29, 2007 at 05:02 PM
What dotBen said.
Your id won't work: it's the classic "trusted client" problem.
You can control code that runs on your machine, you can't control what code runs on other machines.
If people have enough access to your theme that they can copy it on to their own site, they have enough access that they can twiddle the check for a watermark to make it ignore that check.
As dotBen said, part of the solution is to move the code onto the server and not give it away to every browser that comes along. It's not as easy as just putting the templates into PHP though: the browser still downloads the html, javascript, and CSS that the PHP code on the server spits out, and that can all be copied to give the same look-and-feel to another site.
Posted by: Zhasper | Monday, January 29, 2007 at 07:24 PM
Sabara's Symbian Installers
Posted by: sabara | Tuesday, January 30, 2007 at 01:17 AM
Steve...... stay clear of the crypto protocol design. Here be dragons.
Your protocol is pretty silly just based on the fact that you can strip out the watermark code when you go to steal the template.
What makes a lot more sense it to use a comment or some other identifier with a high degree of entropy.
Read this post:
http://www.feedblog.org/2006/12/tracking_google.html
Then put a word like this in teh comment of your template. Chances are it won't be stripped and then you can rely on the law to assert your rights.
Kevin
Posted by: Kevin Burton | Tuesday, January 30, 2007 at 01:36 AM
wow..another useful info for me..I should read this in the first place before I set up my very first website...
Posted by: maon | Thursday, May 10, 2007 at 10:44 PM
CMS and Blog Website templates, flash templates,WordPress Themes,Php-Nuke Templates, phpBB Templates for a economical rate web design products for a economical rate
Posted by: Antony Fernando | Saturday, November 03, 2007 at 02:53 AM