Archive for September, 2014

Elvis has left the radio

Monday, September 29th, 2014

After looking at about 9000 radio stations, some patterns begin to show up. One of them appears to be the death of Elvis Pressley.

Elvis would’ve turned 79 years old this year. The women who used to flock to Graceland in their spandex pants are now in the nursing home or dead.

“Oldies” format radio stations are dropping like flies – some of them are morphing into classic hits and pulling in music from the 1980s. Many have been replaced by sports or Spanish language music.

So if you fondly remember purple shag carpet and peanut butter and banana sandwiches, your time is up. In the ghetto, another little baby Elvis is being born.

Shell Shock

Friday, September 26th, 2014

Part of the reason I took the website down was my fear that the United States and European union directly confronting Russia was going to result in massive cyber warfare breaking out onto the Internet. Running the server from my home was increasingly risky and stupid.

We have arrived at that point – I have written previously about the danger that everyone has accepted the idea of using “free” software being written and maintained by unknown individuals with unknown motives. The Heartbleed vulnerability was just a trailer for coming attractions. Unless you were the NSA and have the ability to directly monitor Internet traffic, it’s usefulness was relatively limited and only a small portion of computers had installed the defect.

I can’t begin to tell you how much more dangerous the shellshock flaw is. It is about as fundamental hole in Linux as there can be (and anything based on Linux like apple’s OSX on the Mac). While heartbleed actually affected only a small percentage of computers, shellshock affects every one of these computer ever made, including those that will be very hard to update like your internet connected light bulbs.

My servers had the patch applied last night because I pay close attention to these kinds of things – but even with the patch, it is clear The vulnerability is not completely gone and security analysts and programmers are not even certain of all the ways that the hole can be exploited.

If you are one of the people sitting on the fence thinking that backing up your important information off-line is paranoid, your time for action has come. Don’t put it off. If you are acting as a helper, you might want to take a vacation for a few weeks unless you are using a device which has no valuable information on it.

For those of you who are curious about the technical details, The flaw was reported by somebody that works for Akamai, A huge content distribution outfit used by many of the most important commercial websites in the world. They were also pioneers in figuring out ways to sidestep distributed denial of service attacks intended to blackmail banks into paying money to stop cyber attacks from knocking their web sites offline.

I doubt the person at Akamai was just sitting around with nothing to do, and was playing around looking for holes. My suspicion is they were successfully attacked, and did forensic research to figure out how their computer was compromised – and when they saw the details, they likely soiled their underwear.

Linux computers process commands through a piece of software called bash, which stands for the Bourne shell. While there are several alternatives, the vast majority Of Linux computers use bash – and even those who don’t probably have it on their computers. The flaw is extremely simple – by setting what is called an environment variable, The attacker can make the computer execute any command they want without any authentication to break into the system. All it takes is sending a very simple message to the Apache Web server, and the hacker has taken over your server.

While those commands operate only with the power of the Web server (user/group Apache), that’s enough over a hole that hackers could then start downloading and installing other things onto the computer and turn the server into Swiss cheese. This is already happening in the real world.

The data and coding for the streaming radio guide is backed up offline, but I really can’t guarantee that the server or the Internet as a whole will not fail in the near future. Even if the Russians and Chinese were not behind this, they are certainly paying attention to the power of exploiting flaws in “free” software and studying how the security professionals are reacting to the problem.

Nielsen as a data source

Thursday, September 25th, 2014

Up until about a year ago, Arbitron was the 900 pound gorilla in radio ratings – literally. Compiling ratings for radio is extremely expensive and radio owners tend to be “cheap” and try to use Arbitron’s data without paying for it, which will get them dragged into court so fast your head will spin, and Arbitron will win. The case law is on their side.

To combat this further, Arbitron stopped publishing the ratings data for non-subscribers to the public. Advertisers demanded a more reliable method than paper diaries to confirm people actually listened to the radio, weren’t just saying they did. This expensive new technology found massive fraud in the diary system, including people fabricating household members who don’t exist.

About a year ago, Arbitron gave up and was acquired by Nielsen, the TV ratings folks. They seem more interested in finding the truth for advertisers, not hiding radio’s lies.

Arbitron has a station search that can be useful, but like all sources needs to be used with judgement

Nielsen/Arbitron requests that stations submit a “Station Information Profile” (SIP) that includes information like the format, website URL and whether the station streams – that would seem to be a treasure trove of useful information, since reliable information at Arbitron is directly used by national advertisers.

But here is the flaw that makes the data inconsistent on its reliability
– small cities are not rated by Arbitron
– non-commercial stations don’t have advertisers and limited interest in ratings
– non-subscribers are not pestered to update their profile

When I get a chance, I’ll add a link, but like Wikipedia, don’t take that one piece of information as complete. Until you see a web site controlled by the owner, it’s still just a guess.

The FCC Silent Treatment

Wednesday, September 24th, 2014

For those volunteers aspiring to become hard core radio data junkies 😉 or highly paid communications law attorneys, it is useful to know the process for a radio station to not be on the air.

A few random things to know first
– other than daytime only AM stations, radio stations are required to stay on the air until 10 PM local time every day – except:
– Class D stations for schools are not expected to be on the air when school is not in session (like during summer or holiday breaks)
– Low Power FM stations have much lower requirements

If you turn off the power for an extended time (or the transmitter fails), you must notify the FCC within 10 days. If the station will be off the air more than 30 days, you must explain why and get permission. You get permission for 180 days – if you convince the FCC you really are trying, you may get another 180 days. Unless you make an extremely compelling case, after a year you lose the license.

Now the real world:
– the FCC is understaffed in the media division
– people rarely complain (or even notice) that a radio station goes away
– the FCC doesn’t have enough lawyers to push stations to comply

In the old days, if you didn’t convince the FCC you had a valid reason and were actively working to resolve the issue, you immediately lost the license – no shuck and jive games because your staff walked out because their paychecks bounced.

So the FCC publishes a list that I use to try to flag the growing number of silent stations

This process can create confusion that I’m knee deep in trying to unravel. The page above explains this list is only updated once a month, and only lists stations that have already been silent two months – so it can be up to three months before a silent station shows up on the list. Most legitamite silent stations never get on ths list – you can replace a toppled antenna or burned out transmitter in a few days – IF you have the money.

If the STA “Silent Request” expires and the station neither notified the FCC it had resumed broadcasting, and didn’t request an extension, the station is in deep doo-doo. The station is looking at probably a $25,000 fine. When the station is up for renewal, the FCC wants an explanation and hard proof the station returned to the air, otherwise the license will be deleted. One such station in Pennsylvania very clearly tore down their antenna a long time ago and is trying to sell the license without a station. The FCC received a conplaint and is daring the owner to commit perjury to deny the facts and save the license.

There is growing evidence as AM stations get FM translators, they are deliberately hitting the Off button on the AM transmitter – because nobody cares.

IRN/USA radio network throws in its hand

Tuesday, September 23rd, 2014

This is not a huge shock. Independent radio syndication by satellite is dead.

Jeff Weber, President of competitor Business Talk Radio and Lifestyle radio networks gave up last week.

IRN/USA has a very minimal cadre of affiliates for its long form programs – “Point of View” being the best known. Its “top of the hour” newscasts are heavy on news about the middle east and mostly carried on small religious stations waiting for breaking news that Jesus has returned, or abortion “news”.
The buyer is an entity from Raleigh North Carolina owned by a man named Sam Hassell. He was the national sales manager of Salem Radio for six years, and ran AMAC for a year (you’ve heard their ads trying to sell you insurance by being the “conservative alternative” to AARP). It’s a mystery to me why he wants this deal – IRN/USA’s main competitor is Salem Radio’s SRN. Maybe he is just going to quietly turn out the lights and sell what’s left to Salem.

Wyoming is caught up!

Tuesday, September 23rd, 2014

People are starting to the idea, and that makes me happy 🙂

I added the link for Wyoming Public Radio’s affiliate/translator list, which was most of what got dumped into the “Ignored” pile and I confirmed.

As a general rule of thumb, when dealing with operations that you know have lots of stations (like public radio networks), there will be a page named something like “About”, or perhaps “How to Listen”

One thing I find amusing, and I know that I”m odd 🙂 is these public radio stations always have a menu item called “Support”. In any other context, you would expect that to mean “I need help with something – when will I get my order?, why is my internet service down, etc…” In public radio, “Support” means “Click here to tell us all the different ways you can give us money.”

Only 57 more states to go!

Real or fake?

Sunday, September 21st, 2014

WODI-AM is located at 1230 kHz in Brookneal, Virginia. (Population 1,112) The licensee is JKC Media Ventures, based in the U.S. Virgin Islands.

Last we knew, the station was broadcasting sports. In November, 2013′ the owners asked for the station to remain silent for 6 months due to vague problems with the transmitter. A few days before the 6 months was up in June 2014, the owners said the station had resumed broadcasting.

Here is the station in the banks of the Staunton River


Real or mirage? Make your case.

Why music radio has become so awful

Friday, September 19th, 2014

Nautel LPFM webinar

This is sales material for probably the world’s leading manufacturer of high power radio transmitters. It’s pretty amazing technology – if you watch radio stations as much as I have, you realize that most radio stations are live and local only about four hours a day, if that.

This transmitter incorporates most of what used to be a “radio station” in a single box controlled by computer software and operated remotely. Music is run from playlists stored in a USB drive in the transmitter.

People have mentioned in the past their local radio stations play the same song every day at exactly the same time. Now you can see why.

But people don’t listen to music radio to hear a computer playing songs on a playlist.

Clear Channel pulls the plug on “radio”

Tuesday, September 16th, 2014

This was obvious from the day IHeartRadio was created, if you were paying attention to Clear Channel’s public statements – and especially if you know a lot about Bob Pittman.

Clear Channel is dropping “radio” from its iHeartRadio name, now to become iHeartMedia which will probably spin off into other brands like iHeartPizza

The IHeart brand is now the face of Clear Channel, sponsoring concerts and award shows. You can take it to the bank there will be a wildly successful iHeart IPO, which will use the proceeds to pay down the $20 billion in debt – or alternatively be split from Clear Channel, and send the radio stations and the $20 billion into bankruptcy court or “reorganization” by the lenders.

Brands are big money, even if they make no profit. Wall Street chases anything that has a name people know. It’s all about building brands.

Relaxed rules for “possibly unsafe”

Sunday, September 14th, 2014

There are still 6,400 radio stations that nobody has visited in the last 180 days, and 5,800 that haven’t been visited in almost a year (320 days)

The handful of volunteers trying to do this can see quickly just what a huge task it is to visit 14,000 radio station web sites every 6 months and make only the most basic of checks (Is the correct web site still there? Has the format changed?)

The urgency of doing this was fueled by the end of Windows XP support and that 20% of the web browsing public are “sitting” ducks to become infected by “bad stuff” now that Microsoft has left them behind (including me)

The good news is that my “Is this risky?” project is going quite well. It turns out the number of places radio stations put their website is fairly small (Amazon Web Services, Akamai, IBM, MediaSpan, GoDaddy, Rackspace) – so probably 90% of radio stations are now “safe” just because of where they are hosted. There is never 100% certainty, but a professionally run big hosting service should quickly notice and resolve problems with hijacked web servers.

So I’ve relaxed the rules that will push a visitor to the “untrusted” warning page.

  • If the web site is definitely unsafe, they will always get the warning and never be allowed to directly click to it.
  • If the IP address of the station’s web site is at a trusted hosting service, or controlled by the station owner, the link will forward right to the station web site. You still might get a page from the hosting service like “Is this your domain?” “This domain is for sale” – but nothing more annoying or dangerous.
  • If the IP address is sketchy (or hasn’t been classified) and hasn’t been looked at in more than 180 days, they’ll get the warning.
  • If the IP address is sketchy, but not unsafe, and has been looked at in the last 180 days, no warning. For reasons I don’t fully understand, some US radio stations (mostly Spanish language) have their web sites on Amazon’s servers in Europe, for instance.

If a domain expires and/or the DNS is “taken over”, then the domain will no longer point to the real radio web site, and immediately be flagged as unsafe. Australia and Germany seem to be the hotbeds for those hijacked pages with potato salad recipes or advertisements written in Chinese to urge you to buy herbal cures.

That takes off some of the pressure to “hurry up and look at every station!”, which still is going to take months unless a sudden swarm of helpers show up, which is looking less and less likely.

I’ve had an informal inquiry from one of the streaming service providers (they control about 15% of the radio streaming) wanting to know if I want to make a deal to hand over the web site to them. So far, I’m not expressing interest in that proposal. It’s unlikely they want to continue to operate the server for listeners, just use the domain to sell their streaming services to radio stations. I would rather return an empty page than do that – but I haven’t talked to them yet in person.