I like RSS readers as a way to find articles of interest without wasting hours. Still need subscriptions for some sites to get the rest of the story, but it's still a big time saver. Like the morning newspaper of the olden days.

If I am not mistaken, Chrome does not support RSS last I knew. How many other browser do not?

I never dropped RSS as a means of looking at news and finding out about topics of interest. The News Feed features of SNS never did the same job for me. My heavily curated and filtered OPML is hard to beat after years of curation. I'm not sure how others have managed without it.

Chrome does not support RSS

I think that is possibly one of the reasons I still use FeedBurner on my feeds. It will format the feed into a readable document in almost any browser.

It's Time for an RSS Revival

I certainly hope not. RSS access is a throwback to the past before strict security measures became necessary.

RSS feedcheckers remain one of the most abused access agents, capable of undected site hijacks and copyright theft.

RSS Feed checkers & fetchers [webmasterworld.com]

I'm not sure it is, after all, many sites don't even have an RSS feed, unlike 10-years ago.

Interestingly, every security site I looked at - NIST Threat Database, Bruce Schneier, Threatpost, Cisco vulnerability database, etc - all offer an RSS (or Atom) feed.

And, like bill, I believe that mind viruses are more dangerous than computer viruses, which is why I quit Facebook a couple years ago but did not quit RSS.

Every method, platform, and device that we use can be compromised if thought and care and best practice given business requirements is not used. IMO that is a critical divide between the professional webdev and the non.

I do know that I've been offering a partial (not full) RSS/Atom feed for each of my sites since 2005 without problem. Granted, as with all alternative offerings, i.e. newsletters and web apps, it is used by small numbers compared to site visitor numbers but has always been ROI positive. As I've been seeing a slight but steady rise in RSS/Atom usage the past few years after a steep drop back when I'm not about to give up an advantage long cast aside by competitors.

Perhaps I should be nay saying the article's question?!

I certainly hope not. RSS access is a throwback to the past before strict security measures became necessary.

RSS feedcheckers remain one of the most abused access agents, capable of undectected site hijacks and copyright theft.

You seem to be referring to RSS software and user agents that may be abusing your site in some way. If you were not providing an RSS feed that that's understandable, but a standard RSS feed is just a static text file and the job of those feed readers is to regularly retrieve those files, look for updates, and present them to users.

If a site I want to monitor doesn't have an RSS feed, there are other services out there that will scan pages and notify you of updates. I simply do not want to visit most sites these days unless I know they have something new that I want to see.

I think this article is focused more toward those who have fallen off (or never knew about) the RSS bandwagon. Those are the people who actually get their news from their SNS feed. I've always had a well defined/filtered list of RSS sources that can provide me the news I want to see about certain topics, so I never fell into that mode.

The only time when RSS can't keep up is when I need hyper-local news. When I'm in the midst of an earthquake (which happens more than I'd like) I'll check SNS first. If there are news helicopters buzzing around my neighborhood I'll search SNS. Other than that the RSS feed wins for curated news.

You seem to be referring to RSS software and user agents that may be abusing your site in some way.

Correct, I implied nothing more. If the popularity of RSS goes through a revival, more software will spring up to accommodate it, thus more potential content hijacking & scraping to keep track of and guard against.

As always, it not the fault of the technology, it's the behavior of users that exploit that potential to their gain.

I understand your concerns about scraping and the lengths you've gone to over the years to prevent it, but are you saying that these RSS feed readers are acting like scrapers? A normal site with a feed may just have one RSS/Atom file on their site (maybe a folder dedicated to feeds). A well-behaved feed reader would look at headers of your page to determine where that feed might be so that it can retrieve it. You're saying that is not always the case?

This has been discussed here and other places before. RSS readers/checkers have been used to hijack content and display it on remote sites.

This has been reported to me by clients. It's difficult to detect since there is no referal in the server log. I only found it by doing web searches for specific phrases. Often times the offenders rank higher than the victim.

The link I supplied in my first post gives an example when an attempt was done at one of my own sites.

I can't find the discussion right now, but a few years back at Google Groups several site owners complained about Feedfetcher-Google being used to hijack their content. Google eventually issued the statement I quoted in that link:

This is what Google recommends:
Google can't restrict users from accessing it (your content.) One solution is to configure your site to serve a 404, 410, or other error status message to user-agent Feedfetcher-Google.

So not having a site that offers RSS feeds, I have only seen the abuse (albeit by criminals) related to that technology.

Now... under normal use, do RSS retrievers transmit using TLS security? I was under the impression they do not, but I haven't looked at any of them in over a year.

I don't want to take this thread too far astray, but the behavior you report in that thread of these feed readers doesn't at first glance seem abnormal. Normally you would put your RSS/Atom feed in the meta data of the index page, so that is where I would expect them to go to look. I've used several CMS that in default configuration will only include the RSS/Atom feed in a few select pages of a site.

If they're scraping content and there's no feed to be had then I think we have a different issue. Is it possible that you are interpreting these softwares looking for feeds as malicious when they may just be trying to determine where a feed might exist?

As I said, many site owners have had their content hijacked by one or more of the vaious RSS tools.

Yes, I block all RSS tools and most are likely just doing what they're intended use is designed to do... look for feeds. I am not saying they are all being misused.

The reason I block all of them is because I caught my content fed into a remote page. I discovered this because I investigated a client's hijacked content and learned how it was being done, so I searched for my own property and found it also being done at another site and being translated in the process.

Frankly I am surprised this is not well known by everyone here. We've discussed it a couple times. As I reported, Google is well aware of it and has chosen not to take any responsibility for their Feedfetcher-Google.

They say block it so I do.

If your stuff is being scraped then that's a perfectly understandable reaction to feed reader user agents. RSS was originally intended for content syndication and abuse of that led a lot of sites to stop offering full feeds, and instead only present summary data. However, it doesn't sound like you are dealing with a normal use of RSS feeds or feed reader software.

I do recall the discussions of RSS being abused, and even though I don't run sites that have been scraping targets I still limit what I offer in feeds because of that.

Techcrunch jumped on the bandwagon

RSS is undead [techcrunch.com]
RSS died. Whether you blame Feedburner, or Google Reader, or Digg Reader last month, or any number of other product failures over the years, the humble protocol has managed to keep on trudging along despite all evidence that it is dead, dead, dead.

Now, with Facebook’s scandal over Cambridge Analytica, there is a whole new wave of commentators calling for RSS to be resuscitated.

Looks like the beginning of some sort of trend ;)

I never stopped using Feedly. As a security-conscious misanthrope, it's always seemed the best way to curate content.

When all my original sources killed their feeds, it was a wonderful opportunity to break my own filter bubble (before that was even A Thing).

Can't see any reason for my site to publish one though.

I really love the fundamental use of rss and thus continue to provide them for my and my customer's sites. That being said there are specific rss feed readers that initially start out by reading only the rss, but then, over a space of months, start using the feed's URLs for a full scrape. These bots are easy to detect in your log, and easy to ban.

RSS allows very simple posting of one site's link within another, and a way to keep then current. Such interconnectivity I would rather keep.

Let's bring back Usenet and Bulletin Board Systems, too!

Let's bring back Usenet and Bulletin Board Systems, too!

I am using IRC (and slightly more secure variants) a lot more these days for various software support. These 'old' technologies are making a comeback after people finally realize what happens when you put all of your communication into the AOL walled garden.

I don't think I've seen the same resurgence in forums, but that may happen eventually.

Can't see any reason for my site to publish one though.

I run a lot of company sites, and pushing the news releases out via RSS where they're aggregated and disseminated thru PubSubHubbub (now WebSub) is built into most of them. I could see different business models where that might not make sense, but it's still one of the easiest ways for me to let sites and people know I've published updated info.

Feeds may benefit some business models, but not others.

Just as an example: my personal site would not be a candidate for any type of feed. I don't want my intellectual property served remotely, I want visitors to stay on my site, click my ads, use my navigation and buy my books.

In fact, most of my content is from my books. To get more... you buy the book.

I've run association sites that represent multiple member sites. Using rss from member sites allows me to easily aggregate (mashup) member site info up to the association site. In this way anyone on the association site can see any news from any member site. RSS is great for that purpose. Unfortunately in the recent past many CMS have rss as an extra install, so member sites were not including rss. I am hoping for more widespread rss usage.

My stats: (Operating a WP)

Opera offers the best result
Edge says unsupported
IE 11 OK
FF OK
Chrome not

Is having RRS something to promote if so how?

Which leads me back to my earlier question:

under normal use, do RSS retrievers transmit using TLS security?

Do they connect to the feed file negotiating a secure handshake?

That may be why Chrome doesn't support it.

I love RSS for two reasons:

1. As a way of getting new articles from sites I know with a good UI, and only from those sites
2. Potentially, as a way of creating a permanent connection with readers that does not depend on the vagaries or FB or twitter.

The big problem is that most people do not even know what it is. People seeing me read RSS have asked me questions like "what email program are you using?"

under normal use, do RSS retrievers transmit using TLS security?

Do they connect to the feed file negotiating a secure handshake?

https://website.com/feed/

If your WP is https then the feed is as well. If not, then feed is not.

@TorontoBoy - that's not an answer. The reader/checker needs to support TLS (and in effect SNI) in order for the connection to be secure.

I'm not saying they don't, just presenting the question. In order for there to be a Revevial it needs to be relevant.

The most popular reader clients these days like Feedly and Inoreader are web based and viewed in a browser. Those sites present the feeds on HTTPS secured sites.

Thanks, I like Inoreader.
I still need to figure out how to market my site's RSS?

I was actually talking about this very topic only a few days ago and the conclusion was if it can be deployed go for it. Any user interaction it can generate has to be worthwhile.

Mack.