Category Archives: Media

$27 million a year is a bargain price to buy a government

It’s been Good Times Online as Crikey gets hold of a copy of News Australia’s detailed management accounts for fiscal year 2012-13 (I’ve uploaded a copy here, since the Crikey version, hilariously, is paywalled).

As a way of demonstrating its commitment to journalism, News has threatened to sue anyone who reports on the topic. The fact that The Australian loses $27 million a year (almost as much as the Guardian, despite being a barely-read Canberra local paper rather than a major global news organisation) has been noted as particularly hilarious.

If you try and frame The Australian as a newspaper in the traditional sense, of using content to sell readers to advertisers, then the level of fail here is baffling. News is a private company, not a charitable trust dedicated to furthering the cause of journalism. The continued existence of The Australian (and the continued employment of its coterie of gibbering morons at an average wage of $174,000) is a mystery.

But I don’t think that’s what’s going on. The News Australia accounts show that the actual value in News Australia comes from its pay-TV businesses.

News Australia’s profit for FY12-13 was $367 million. Its share of profit from pay-TV (Foxtel, Fox Sport and Sky New Zealand) was $230 million. Add in REA (which runs realestate.com.au)’s $146 million profit, and you’re already above total group profit. The newspapers in total – even including the profitable regional tabloids – contribute less than nothing [*].

That breakdown isn’t entirely fair, since it ignores $75 million of parent company costs – which are mostly, but not wholly, newspaper focused – and also $40 million of amortisation costs related to the Foxtel stake (whose accounting treatment I don’t understand). But it makes clear where the financial heart of the business lies, and it’s not in dead trees, or even their digital equivalents. It’s in having a monopoly on pay-TV delivery in Australasia.

Hell, it’s probably the only business of any real worth in the whole of News Corporation, since its assets outside Australia now consist solely of dead-tree businesses.

What are the ongoing risks and opportunities for pay-TV? Well, the biggest opportunity is in gouging people out of even more money for it, and the biggest risk is that people stop subscribing to it. Both of these depend mainly on government: the more draconian copyright legislation is, the more stringently it is enforced, the harder it is for you to just get things from Netflix and iTunes, the more crippled the ABC is, and the slower your broadband Internet is, the more value Foxtel has.

So that’s what The Australian is for. When you’re defending $230 million of annual profit, paying $27 million a year to shape the opinions of Very Serious People in Canberra regarding copyright law, competition law and telecoms policy isn’t a bad investment at all.

[*] per pages 3, 13 and 14 of the accounts. These are complicated by the fact that stakes in the various businesses changed over the year, with some some Fox Sports revenue counting as operating income and some as income from investments.

CBA’s Netbank platform was never vulnerable to Heartbleed

The suggestion has been doing the rounds, at least at the more paranoid/self-fancying end of the technology spectrum, that the Commonwealth Bank of Australia (CBA)’s Netbank online banking platform might have been vulnerable to the Heartbleed vulnerability.

TL/DR: it wasn’t.

Heartbleed only hit sites that use certain versions of the OpenSSL secure toolkit, with its Heartbeat function enabled. Netbank runs on SAP for Banking, implemented by Accenture. SAP for Banking is not affected by Heartbleed, which you’d expect given that it runs on Microsoft IIS (“Microsoft” and “open” go together like anchovies and custard). This isn’t a great surprise: no major western-world banks’ online banking platforms were ever vulnerable, because of the massively proprietary, as well as security-crazy, way in which online banking software is developed.

So why all the derp? Well, CBA’s non-transactional Commbank.com.au website does use OpenSSL, was apparently vulnerable to Heartbleed, and was apparently patched after the Heartbleed news broke. You don’t use your Netbank credentials to log into Commbank, it isn’t linked to your secure data, and it uses a different security certificate from Netbank.

This created some scope for confusion – and the scope was fully brought to reality by the combination of utterly stupid PR people, and self-satisfied circle-jerking techies happy to spread unjustified fear among CBA customers.

CBA published a blog post that completely failed to explain the difference between the two platforms, and then responded to comments asking for clarification with a meaningless copy-paste of the original post. Rather than doing the basic research that went into my post here, a whole bunch of tech folk who should know better then went crazy with the “WE DON’T KNOW IF OUR NETBANK PASSWORDS ARE SAFE OR NOT, WOES!!!!!!” line.

Stop it. Your Netbank passwords are safe. Someone in CBA’s PR department needs a long walk off a short pier, is all.

(thanks very much to Johnny and Chris for pointing me towards technical details here. Any screw-ups in this post, of course, are solely my fault.)

The Teaches Of Peaches*

I don’t normally get teary over the death of celebrities. Just out of recent far-too-young deaths, Amy Winehouse and Philip Seymour Hoffman have contributed far more to life than the rest of us ever will, and yet I was a bit sad, rather than losing-it sobbing, for those two.

Peaches Geldof wasn’t an artist on either of their scale. As far as I’m aware, she was a perfectly competent TV presenter – but not of shows that I’d consider watching in a million years, or indeed ever have watched. And yet despite me being fully aware of this, her death yesterday hit me harder than any dead celebrity I can remember. To the point of actual sobbing.

It’s always projection, and sure, this is projection. When Peaches lost her mum aged 11, I was 20 and had lost my mum aged 10 – so I was aware of what it was like to group up having lost your mum at that age from my own experience, even before you factor in the press vultures who followed her around for her entire life.

The single thing that felt worst, in my mind at the time**, about my mum’s death was the way it was reported as a top headline in the local newspaper (which I suspect is part of why I hate small towns and rejoice in the destruction of local newspapers. Big cities, where nobody knows your business unless they are your friend or you are actually famous, are the way forward). Multiply that by all of the newspapers, all of the time, forever, and you get Peaches’ entire life. Imagining how anyone could cope with that is painful.

On top of that starting point, there’s the sheer compressedness of her life. While I’ve done whatever I’ve been up to in the 15 years since Paula Yates died (which feels like about last week, and has mostly consisted of writing about things, sometimes for money), Peaches has gone from a child who lost her mum, to being the mum of two kids who are now in the same place she was 15 years ago, and that I was in 25 years ago.

But understanding the reasons why this pushes my trigger-buttons doesn’t make feel it any less real. Yesterday I was genuinely upset, to a level I rarely reach about anything, about the death of a total stranger. Suddenly some of my sneery judginess about the people who went full-mourning crazy for Princess Di feels a bit less clever and a bit more twattish.

(I’m not going to send flowers to a total stranger’s funeral, or swear at people on the internet for not caring about a stranger’s death, though. I think that’s probably still a boundary everyone would do well to maintain.)

* I hope neither Peaches would mind the title.
** The mind of a 10-year-old is a stupid place, but this is the single thing that I was most able to deal with and be cross about at the time.

The Dorkiest Fun-Spoilingest Thing Ever Written About Breaking Bad

This joke does the rounds a bit too often:
breaking_bad_cartoon

It doesn’t work.

In the show, because Walter White is a salaried professional, his insurance covers the same procedures that national healthcare insurance schemes generally cover in the sensible world.

The nature of the extremely expensive experimental cancer treatment for which he needs the money isn’t specified in the show – but quite often, such a treatment wouldn’t be deemed cost-effective for funding by the UK NHS, Australian Medicare, or the Canadian, French or German systems either. Like many experimental treatments, it also quite likely wouldn’t have had any effect – which is why insurers and national healthcare systems alike are reluctant to provide funding outside of clinical trial groups.

Now, if someone unemployed or casually employed (ie almost everyone from the subculture Walt visits after heading out on the meth-making trip) had gotten sick, that would have been a story where the outcomes were actually different in the US and the rest of the world…

The Facebook decline paper is a disgrace to Princeton’s name

The obvious answer to the question “why won’t Facebook decline by 80% by the end of December this year” is “because obviously it won’t, what kind of idiot would even claim it would?”. It’s the leading social network in all age groups, and between July and December 2013 total user numbers only fell by 3%.

However, if you’re reading the papers today, you might be forgiven for thinking otherwise. The Daily Mail is the worst offender, because obviously the Daily Mail is the worst offender, but plenty of derp is being thrown left, right and centre. I’m quoting the Mail piece, because hell, why not:

Faebook is heading for a catastrophic decline and could lose 80% of its users by 2015, researchers warned today.

(yes, Faebook in the lede is the Daily Mail’s typo. QUALITY JERNALISMS!)

The researchers in question are proper academics, more or less: they’re two PhD candidates at Princeton, John Cannarella and Joshua A Spechler. They’ve written a paper which takes a standard epidemology model, the SIR (susceptible, infectious and removed) model, and tries to apply this to the spread of social networks. It’s not a bad choice in theory: it’s generally accepted that social networks spread virally; and the SIR model applies to diseases which are fatal or immunising (so once you’ve got over it, you can’t get it again, like measles [*]) – most people who give up on a network don’t come back, so fair play.

There are a couple of obvious [**] early alarm bells: the paper is not peer-reviewed, and Cannarella and Spechler are studying for PhDs neither in the epidemiology department nor the digital cultures department. They are mechanical and aeronautical engineers. Working entirely outside your discipline doesn’t necessarily disqualify you from doing good work… but it makes the need for review by someone who does know the discipline even more important than usual.

The global headlines are based on our stupid typo

But what does it say? Well, the paper does make the claim reported in the Daily Mail, on page 6 of the full document:

Extrapolating the best fit into the future shows that Facebook is expected to undergo rapid decline in the upcoming years, shrinking to 20% of its maximum size by December 2014.

Unfortunately, this claim is solely due to the paper not undergoing peer review, or apparently proof-reading, before being made publicly available. Page 7 says:

Extrapolating the best fit model into the future suggests that Facebook will undergo a rapid decline in the coming years, losing 80% of its peak user base between 2015 and 2017.

This second conclusion fits with the charts and data presented in the paper. So nobody at all is actually predicting the 80% decline by December 2014; the journalists reporting on it are gibbering halfwits, and the writers are monumentally half-arsed for failing to spot such a basic and disastrous mistake in such a short piece of work.

But also, the premise of what we’re doing is stupid

What about the “losing 80% of peak user base by 2017″ conclusion, then? This is indeed what the authors’ model predicts.

Unfortunately, the authors’ model is not entirely robust.

My TL:DR summary of the paper’s methodology is “we modelled MySpace’s growth and decline against the number of Google searches for MySpace, and then applied the same model to the number of Google searches for Facebook”.

If you think this is a ridiculous way of doing things, given the niche, geographically and age-group limited status of MySpace versus the universality of Facebook, and given the different corporate natures of the two organisations, you are correct.

There is an excellent piece in The Week which covers these flaws in the paper’s central conceit very well (keywords: no Murdoch; profitable; less spam; universal; vast corporate cash war chest).

But also also, we’ve completely juked the stats

However, if the models line up, then – subject to critiquing the assumptions – there might be something of value in the paper, right? Well, no. This is where things move from “hmm, I’m not sure this fits with existing research on epidemiology or social networking” to “oh, go and stick your heads in a fire”.

The model used is not actually the SIR model. It is a model called irSIR, which the authors have invented (page 3). They have used this because the SIR model doesn’t work. They don’t cite any epidemiology research when justifying their irSIR model, just a “common-sense” theory about how social network users behave, coupled with a couple of descriptive papers about online network usage.

They don’t use any of the work on social ties that digital cultures theorists have spent the last 20 years developing. Nor do they use any of the work on epidemiology beyond the SIR model as detailed in first-year undergraduate classes. Because hell, where would be the fun in that?

Strangely enough, the model they have custom-built to fit their data on MySpace’s decline fits their data on MySpace’s decline almost perfectly.

However, there’s a new problem. The decline thesis doesn’t really fit the data on Google searches for ‘Facebook’, which remain at 2011 levels and don’t show much of a declining trend at all (the dotted bit is Google’s projection; feel free to ignore everything after January 2014 if you’re sceptical):
facebook_google_trends

The authors get past this problem in a way that is truly ingenious: despite not having any evidence that the increase in October 2012 is fake, they scale back all post-October data by 0.8x. As a result, they end up with this beautiful chart, which not only matches the shape of the MySpace curve, but does so over a similar time period and is even steeper:
facebook_curve_rigged

Strangely enough, following the modification to make their data on Facebook line up almost exactly with the data on MySpace, the projected decline for Facebook lines up almost exactly with the recorded decline for MySpace.

In short, this paper is incredibly sloppy, is based on a flawed premise, and only works because the data has been tortured until it confessed.

If the authors apply the same principles to mechanical and aeronautical engineering that they apply to social media uptake, then I’d be fucking reluctant to get in a plane that either of them had had anything to do with.

[*] A small proportion of people who get diseases like measles are at risk of getting them again, which more complicated models have been built by actual epidemiologists to allow for.
[**] If you are used to reading academic papers. Not, apparently, if you are a journalist.

Did globalisation kill satire? And is that for the best?

How should we judge someone’s words? By intent, by effect, or what? How much does unintended offence matter? Also, LILY ALLEN and TWERKING and EATING IRISH BABIES.

I do therefore humbly offer it to public consideration that of the hundred and twenty thousand children already computed, twenty thousand may be reserved for breed, whereof only one-fourth part to be males; which is more than we allow to sheep, black cattle or swine; and my reason is, that these children are seldom the fruits of marriage, a circumstance not much regarded by our savages, therefore one male will be sufficient to serve four females. That the remaining hundred thousand may, at a year old, be offered in the sale to the persons of quality and fortune through the kingdom; always advising the mother to let them suck plentifully in the last month, so as to render them plump and fat for a good table. A child will make two dishes at an entertainment for friends; and when the family dines alone, the fore or hind quarter will make a reasonable dish, and seasoned with a little pepper or salt will be very good boiled on the fourth day, especially in winter.

The quote above, of course, is from Jonathan Swift’s A Modest Proposal, viscerally parodying the callousness of the British regime in 18th century Ireland in letting children starve, and the harrumphing letters to the newspaper that privileged scumbags would write about feckless over-reproducing “professed beggars”.

It’s an incisive pisstake of a very shitty trope, which is vile to the poorest in society, is reproduced by the middle- and upper-classes – and a trope which is being exposed and mocked here by one of the most privileged men in the country. As a result, it’s a textbook example of Satire Done Right but also Satire Done By Someone Privileged.

Scumbag Londoner Wants Our Babies Eaten

Now imagine a version of 18th century Ireland where, as they starved, Catholic peasants were somehow able to read those words as written [*]. As you prefer, this could be based on the knowledge that Swift was writing a parody targeting the British upper- and middle-classes, or it could be completely devoid of context as if this were a book by a wicked Englishman.

In either case, it’d be hard for someone to read those words, on how your children were to be singled out and taken and raised for food, without feeling at best uncomfortable. If you knew it was written as a satire, then perhaps it’d be forgiveable and you’d understand the points being made, but at the same time it’d be hard to disentangle from the sickening way in which people were talking about eating your children. If you didn’t know it was written as a satire, you’d be understandably tempted to find the person who wants your kids raised as an alternative to turkey at Christmas and kick the bastard to death.

Internetglobalisationtwitterbollocks means that we now live in a world where, assuming the piece that you write reaches more than a niche audience of you and your mates/regular readers, it will be viewed devoid of context. There’s a good chance it’ll reach someone who is in the group whose side you’re on, but whose side you’re pretending to eviscerate for the sake of the piece – so the example of the Irish peasant given a copy of Swift is no longer outlandish.

(By The Way, He Directed Major Lazer And Nobody Cared)

Given that the whole point of satire is to upset and confront the powerful, how does that affect the appropriate way to behave in the current environment? I’m really not sure on this. The controversy raging over Lily Allen’s latest video (the best bit is the rejoinder to the horrible Robin Thicke, in which new mum Allen gloriously spells out “Lily Allen Has A Baggy Pussy” in balloons) is a good example.

It’s aimed at savaging the music industry, as highlighted by the white male exec who tells everyone what to do, and most of the content. Allen is pressured into being toned-teenage-model-bodied despite just having had two kids, in front of a mob of dancing rent-a-girls in what have become standard R&B video clichéd moves and poses. If you’re a middle-class white female British artist and a middle-class white male British director, and you both have a fair amount of experience of how terrible MTV is, this is something that might seem like a reasonable, not-especially-clever, not-especially-controversial satire on the world in which you operate.

On the other hand, the video features twerking dancers who are mostly black (four out of six, because he hired the best twerking troupe and there were four of them of whom six are black, says the director), and a couple of lines where Allen disparages rap culture materialist aspirations. Add to that the fact that the USA still dominates online discourse, and is still a society featuring a terrifying racial divide and preponderance of full-on black-hating neo-slaving lunatics even on the allegedly left-leaning side, and you have a recipe for trouble.

Which duly occurs. Both of these are excellent well-written pieces, both worth reading. Both, crucially, come from priors that are very different than any priors that white-Brit-liberal types involved in either making or watching the video would be likely to have. From an African-American perspective, the video co-opts African-American culture, ridicules it, and positions Allen as better than it. Which is quite different from just being someone who escapes the creepy white male exec and his creepy demands.

Mea culpa, mea maxima culpa; WHAT NEXT?

Anyway. Today on Twitter, I defended the video (which was a stretch, because I was pretty disappointed by the song), and I went way too far and ignored far too much of the above in doing so.

It’s easy, if the intention seems so obvious when you share the priors of the makers, to dismiss other people as ridiculous for not understanding – like the hypothetical Irish folk who read Swift’s book and believe that he’s even more evil than the average Englishman. In some cases, it’s warranted (various Stupid Onion Comments blogs testify); in others, the cultural context is far less clear, so it isn’t. There are many right-wing places, again particularly in the USA, that publish utterly despicable content; there are some sub-Onion satire blogs that publish pieces which appear more aimed at trolling for its own sake than humour; and Poe’s Law is a thing.

But it’s even easier, when someone else does understand but is still offended by the fact that they are being used instrumentally in that way, to assume they fall into the first category. Which I know I’ve done tonight, and which I regret.

This is the point that I’ve come to realise, and I’m not sure I’d thought about it properly before. When considering the second Swift In A Time Machine (hot tub not included) case, with a well-fed, Irish-born member of the English gentry trying to explain to the starving masses “no, look, the baby-eating thing was a joke to annoy the English. No, really, I’m on your side, that was the point” – I’m not sure that would cut it, even if they believed him. And I’m not sure they’d be all that unreasonable to take it in such a way.

So is there something inherently wrong with Swiftean satire and we were wrong to like it all along? Can that kind of ambiguity only be deployed by people in oppressed groups rather than by privileged people who dislike oppression? Is there something contingently wrong, which means it can only be deployed in a world that’s less connected than the world where we actually live? Or is it just that Lily Allen and Chris Sweeney are insufficiently good at it to be viewed as competent satirists, and actually our man Jonathan Swift would have done just fine?

I’m not sure. If it’s the final one, then I suspect that means everyone who isn’t Chris Morris or Jon Stewart probably needs to be a lot more careful about what they say satirically. And maybe that’s not a bad take-out.

[*] To be clear, I know Swift was a popular author among English-speaking literate Irishpeople, being one himself. Since Johnny questioned it, I should make clear that we’re using a hypothetical device that makes English-language works accessible to people who can neither read at all nor speak English.

Globalisation and the death of literary Australiana

Anne Treasure has written an excellent piece on the impact of digitisation and globalisation on the publishing industry. The piece is global in scope, and works well in the context of UK and US publishers and writers.

The picture is more complicated in Australia, where the global shift creates an additional problem. Traditionally books by UK and US authors have been distributed in Australia by their domestic publisher’s local subsidiary, and sold at up to three times the price they sell at in the UK or US. This both cross-subsidised the publisher’s local list and kept prices consistent between foreign and local titles.

Now that people can get the new Donna Tartt from Amazon for $9.99 and have it delivered in a few days (or instantly on a Kindle), paying $35 to get it in a local bookstore becomes dramatically less appealing. So the previous subsidy to Australian writers – both in the sense of direct cross-subsidy from shoring profits, and in the sense of making domestic books price-competitive with foreign books despite having a far higher breakeven price because Australia is a smaller market – disappears.

In the new environment, Australian writers writing on topics of global interest can go to where the readers are and sell what they’re doing worldwide, and maybe do better than before. Australian writers writing on topics of primarily local interest have a problem.

Thanks for all the fish

The news from the horrible (and immensely stupid: who the fuck would allow a chemical plant to be built literally next door to a school) West fire in Texas today, with its “70 injured, no I mean 70 dead, no I mean 5 dead” just reminded me of this brilliant commentary on newspaper reports of tragedies.

(from Dirk Gently; if you’ve not seen the BBC adaptation, do. And if you’ve not read the books, stop reading now and don’t come back til you have):

They started at forty-seven dead, eighty-nine seriously injured, went up to sixty-three dead, a hundred and thirty injured, and rose as high as one hundred and seventeen dead before the figures started to be revised downwards once more. The final figures revealed that once all the people who could be accounted for had been accounted for, in fact no one had been killed at all.

A related thought in my brain, which was very much shaped by the 1980s British rationalist writer community, in the light of Mr Dawkins being a dick on Twitter as usual. We’d like to imagine that if Douglas were alive today, he’d be in the camp of the Iains and Terrys, but there’s at least a possibility he would have ended up with the Martins and the Richards.

Fuck.

Pharma hackers gonna pharma hack, 2013 edition

I was Googling for an old Banditry post yesterday, as part of a discussion about that new ‘people lie about their drinking’ study. Eventually I found it, only to discover that I’d linked to a (London) Times article, and that therefore the paywall had ruined the whole thing (curiously, even though the Times now shows unregistered users the headline, lede and first sentence for new articles, it completely screws up on old ones). So I more or less gave up on the post [*].

While Googling, I was rather surprised to discover the amount of content that I’d apparently written about the availability, acquisition and applications of various medicinal substances (link will hopefully die in a few weeks as Google updates itself). I briefly considered the possibility that in a fit of poverty and/or drunkenness I’d decided to set up my own online pharmacy, then remembered that I’m based in the country with some of the tightest controls on prescription drugs in the world so that would be rather silly. Rather, I’d been hacked.

I’ve been blogging for more than a decade now, so this isn’t the first pharmaceutical spam I’ve experienced: but it is the most insidious.

Creepy crawling

The hacked pages are tainted only to Google’s crawler – if you or I or anyone in the world who isn’t Google’s crawler click through to them, then they appear as originally intended, both in the browser and in the source code. So the spam-merchant gets to benefit from my PageRank without doing suspicious things to my traffic stats or making suspicious links appear on my actual site, which has been the giveaway for previous hacks. They also, cleverly, didn’t go  for an out-and-out hack of all pages, so if you google for “johnband.org” or search the site for a specific term that isn’t drug-related, then you’ll get the correct result, with no indication that some of the pages (mostly tag pages, category pages, and monthly archives) exist to Google only as pharmaceutical billboards.

Conveniently, Google has a funky-cool Fetch As Google tool, described here by their engineer Matt Cutts, which allows you to see exactly what the Googlebot sees when it crawls any page on your site. Sticking the affected pages into the tool confirmed that Google was still seeing them as pharmaceutically compromised. And that they’d been this way since last July-August.

So, I junked my evening plans and settled in for a night of Fun With WordPress, PHP, MySQL, Unix Permissions And Google. Which is my favourite sort of fun, obviously.

Hope, cruelly dashed

The top Google hit on the pharma hack, from blogger Chris Pearson, was an extremely well-written summary which described an identical problem to mine. “Result!”, I thought. So I followed Chris’s steps, only to discover that absolutely none of them worked. The trouble is, the pharma spammers are cleverer bastards than I’d thought: once the tricks of your trade are readily visible with a quick Google, you’re at a disadvantage. And Chris’s post dates from April 2010. Three years of malware evolution later, although his macro-level points are still worth a read, the actual techniques described were way obsolete.

Bugger.

So I Googled a bit more, mostly finding sites that repeated Chris’s solution, but eventually happening upon a couple of write-ups that were closer to my problem – at least, in the sense that they also found none of the things Chris describes, nor any of the obvious hacks I’ve experienced before like a doctored .htaccess file or dodgy-sounding access permissions, nor any changes to the main WordPress database… at least, none of the changes that anyone has noted online.

The most comprehensive, although perhaps the least comprehensible unless you’re ultra-techie, was a post from Shaun Green from February 2012. Short version: the current version of the hack creates php files with names that sound like they should be real WordPress files, and distributes them throughout your WordPress install but especially in the wp-includes folder so that they’re almost impossible to find and tell apart from real WordPress files without doing extremely nerdy things.

I’m not really a deep-level coder, so following all of Shaun’s steps sounded rather painful. And my install didn’t contain the specific filenames he lists (https.php and class-sftp.php), so I would have had to literally retrace his steps rather than just following his conclusions.

Instead, I went for a slightly lower-tech option. Everything in the wp-includes folder is a standard WordPress file, which shouldn’t have changed since installation. The same is true for everything in the wp-admin folder, and for everything in the WordPress root folder except for wp-config.php (which I’d already checked to make sure it wasn’t compromised). So I downloaded a vanilla version of WordPress 3.5.1, deleted everything from my install except for the wp-content folder (where themes, plugins and pictures are stored) and wp-config.php, and then copied the untainted files across.

One quick check on Fetch As Google later and – hurrah! – the pharmaceuticals had all disappeared. Now all I need to do is wait for Google to update its cache, and everything should be back to normal.

Gone forever?

While the problem was solved in the short term, it clearly wasn’t solved in the long term: I’d started with an uncorrupted WP installation, and someone had managed to corrupt it. So – after doing the basic password changing things, obviously – I installed Wordfence and Better WP Security. If you host your own WordPress blog (anything that isn’t on wordpress.com), then so should you. Wordfence is the equivalent of an antivirus program for your WordPress install; Better WP Security automates a whole bunch of handy lockdown and obfuscation tricks. Wordfence threw up a few vaguely suspicious files associated with some of the themes that were installed, so I deleted them; everything was then fine.

I’ve also set up Google Alerts that notify me if any new content appears on johnband.org containing various spammy keywords (the usual suspects), which obviously won’t be much use until the current spam-buggered content is removed, but will then allow me to kill any future infections before they’ve completely ruined my search results. I’ll update this post in the event that anything else occurs. If I remember, I’ll update it in a couple of months if nothing else has occurred, since zero is sometimes a helpful data point.

TL/DR: Was quite painful, could have been much worse. If this happens to you I definitely recommend the “for every folder which shouldn’t have changed since WP was installed, delete the folder and reinstall” approach, although do check the database and fix any issues there first. And set up the security things even if this hasn’t happened to you yet, because it probably will.

[*] Short version of post I was going to write: epidemological studies into alcohol-related harm are also based on self-reported consumption, so while it’s likely that everyone drinks more than they say, it’s also likely that alcohol is correspondingly less bad for you than those studies have shown, by about the same margin – unless we can come up with valid reasons why people would underestimate in one sort of study but not the other. Also, News Corporation are still unimaginably bad at digital strategy.

A template for non-spammers sending ludicrous PR emails

As someone who works in social media marketing, my definition of ‘spam’ isn’t aligned with the definition among techie purists. This is mostly because I think “talk to someone unless they tell you to go away” is a completely legitimate way to behave, in life as in work, whereas techie purists tend to think “don’t talk to anyone, ever, unless they beg you to talk to them” is the way the world should be. Yes, stereotypesLOL.

I can certainly make common ground with techie purists on the concept of how fucking annoying it is when you do tell people at nominally legitimate companies (not talking “send your money to Nigeria for Viagara” crap here, all of my email addresses are on the web and I’ve not received that kind of spam for years. FILTERS: THEY WORK) to go away and they don’t.

However, given the utterly pisspoor state of lists at nearly all companies of all kinds, and the utterly urchin-child-intern nature of the poor sods who generally end up processing lists at PR firms, it seems unreasonable to get angry at the individual on the end of the email (*). So I don’t.

My recentest response to such an email is here, partly for public edification, and partly so I can Google it next time.

Dear [xxx]s as an organisation, please remove me from all of your press lists of all kinds and add me to your (DPA-mandated, so you must have one, right?) list of people who have requested that you never contact them again – obviously, apart from the email to confirm that this has been done.

Dear [yyy]l, I’ve asked your predecessors to take me off their lists before but apparently my address has still been passed on to you. Apologies for sending you a grumpy message due to wider organisational problems that aren’t your fault, please don’t take it personally.

Sorted.

(*) far more unreasonable than, say, a comedian getting angry at a heckler who’s deliberately choosing to be part of the comedy act, rather than some poor sod who’s getting paid and doesn’t want any trouble. People who get personally lairy at customer service operatives are the lowest of the low.