Relaxed rules for “possibly unsafe”

There are still 6,400 radio stations that nobody has visited in the last 180 days, and 5,800 that haven’t been visited in almost a year (320 days)

The handful of volunteers trying to do this can see quickly just what a huge task it is to visit 14,000 radio station web sites every 6 months and make only the most basic of checks (Is the correct web site still there? Has the format changed?)

The urgency of doing this was fueled by the end of Windows XP support and that 20% of the web browsing public are “sitting” ducks to become infected by “bad stuff” now that Microsoft has left them behind (including me)

The good news is that my “Is this risky?” project is going quite well. It turns out the number of places radio stations put their website is fairly small (Amazon Web Services, Akamai, IBM, MediaSpan, GoDaddy, Rackspace) – so probably 90% of radio stations are now “safe” just because of where they are hosted. There is never 100% certainty, but a professionally run big hosting service should quickly notice and resolve problems with hijacked web servers.

So I’ve relaxed the rules that will push a visitor to the “untrusted” warning page.

  • If the web site is definitely unsafe, they will always get the warning and never be allowed to directly click to it.
  • If the IP address of the station’s web site is at a trusted hosting service, or controlled by the station owner, the link will forward right to the station web site. You still might get a page from the hosting service like “Is this your domain?” “This domain is for sale” – but nothing more annoying or dangerous.
  • If the IP address is sketchy (or hasn’t been classified) and hasn’t been looked at in more than 180 days, they’ll get the warning.
  • If the IP address is sketchy, but not unsafe, and has been looked at in the last 180 days, no warning. For reasons I don’t fully understand, some US radio stations (mostly Spanish language) have their web sites on Amazon’s servers in Europe, for instance.

If a domain expires and/or the DNS is “taken over”, then the domain will no longer point to the real radio web site, and immediately be flagged as unsafe. Australia and Germany seem to be the hotbeds for those hijacked pages with potato salad recipes or advertisements written in Chinese to urge you to buy herbal cures.

That takes off some of the pressure to “hurry up and look at every station!”, which still is going to take months unless a sudden swarm of helpers show up, which is looking less and less likely.

I’ve had an informal inquiry from one of the streaming service providers (they control about 15% of the radio streaming) wanting to know if I want to make a deal to hand over the web site to them. So far, I’m not expressing interest in that proposal. It’s unlikely they want to continue to operate the server for listeners, just use the domain to sell their streaming services to radio stations. I would rather return an empty page than do that – but I haven’t talked to them yet in person.

This entry was posted in About the Guide, Volunteer. Bookmark the permalink.

Leave a Reply