Idiot Alert: Don’t Share Your GMail RSS Feeds

While many of us blogging bloggers have been doing battle against splogs and content thieves, Inside Google reminds us that blog feeds aren’t the only feeds out there being used and abused:

Okay, this should be a no-brainer, but just because Gmail offers RSS feeds doesn’t mean you should offer them to the public. A number of people have done just that, sending their Gmail off to Feedburner and then subscribing in Bloglines, which puts it in the public directory (unless you actually thought to make it private).

Within a few minutes, Danny Sullivan reported he found whines and complaints about companies and employers, user names and passwords, private messages, resumes and a job termination letter.

Come on, folks. Don’t be that stupid. Keep your private email private, whether by feed or otherwise.

Site Search Tags: splogs, sploggers, splogging, scrap, scrapping, blog scrapping, content theft, copyright, copyright violation, copyright infringement, antileech, spot a splog, stop a splog, splog detection, wordpress plugin, wordpress tips, wordpress help, defend yourself, rights, blogging rights, content rights, maxpower, digital fingerprint, watermark, feed, feeds
Copyright Lorelle VanFossen, member of the 9Rules Network

Member of the 9Rules Blogging Network

4 Comments

engtech

Posted October 5, 2006 at 3:51 pm | Permalink

I think the problem isn’t that users are stupid (well, maybe) but rather that they don’t realize that sites like Bloglines *republishes* their feeds. Here’s the text from Bloglines, without reading it carefully I would have thought that marking a feed as “Private” means it isn’t publicly shared.

But even “private” feeds are public.

from Bloglines:

Access Public Private
Private subscriptions don’t show up in blogrolls and you will not be listed as a public subscriber. However, the feed and all its posts will remain available to the public via Bloglines and Ask.com Blog & Feed Search. Exceptions are Bloglines email subscriptions and feeds that require http authentication. In both cases, the feed and its posts will not be included in search results.

Mark Jaquith

Posted October 13, 2006 at 7:41 am | Permalink

Sensitive feeds like that shouldn’t be offered without cookie or HTTP authentication. Period.

MASA

Posted January 18, 2007 at 12:35 am | Permalink

Um….Gmail rss feeds require user auth before they will work. At least, all of mine do. I can’t open them without signing in.

Brainless idiot

Posted April 2, 2010 at 3:40 am | Permalink

Hi what’s a rss feed? http://www.brainlessidiots.com

2 Trackbacks/Pingbacks

By Cheryl’s Mewsings » Blog Archive » Oh Good Grief! on October 5, 2006 at 3:14 pm

[…] Please tell me that no one who reads this blog is stupid enough to have done this. […]
By blog.netzkompetenz.at » Grazr on October 21, 2006 at 2:28 pm

[…] Grazr scheint ein nettes Tool zu sein. Damit kann man in RSS-Feeds “surfen”. Wie man einen Bloglines-Account einbinden kann ist hier erklärt. Allerdings sollte man aufpassen nicht den RSS-Feed des Gmail-Accounts in Bloglines “public” zu machen. Sonst können private Mails ganz einfach von jedem/er abgerufen werden… […]