Just another day of being an asshole on the internet

TL;DR:

  • Hunter.io is a service that email marketers use to get huge email lists.
  • Go to their email finder to see if you’re in their list of 200+ million addresses (you probably are).
  • Go to their claim email address page to (attempt to) remove yourself from their database.

I get a lot of emails. An overwhelming amount, in fact.

A lot of the time, I have myself to blame: they are from lists I signed up for (intentionally or otherwise) or places I have made purchases. Most of the time there is an unsubscribe link at the bottom and I just need to muster enough energy to go through the hundreds of emails and hit that link.

But sometimes, the emails are more personalized — like, actually written by a human being, not a robot — and those are far more difficult to get rid of. Here’s how an email like that might go:

Hi Chris!

I read your article https://jazzsequence.com/category/ministry-of-music/ and was really impressed! I have a site that has similar content and since you write about music, I think it might be relevant to your readers.

Can you take a look at my article at http://totallyfakemarketingwebsite.com/music-therapy/ and, if you like it, link it from your article? If you could that would be great! Looking forward to working with you!

Now, on the internet, when you are confronted by an unsolicited email or private message, you basically can do one of two things: ignore it, and hope that it goes away, and respond to it (either positively — “absolutely, I will definitely link to your content!” — or negatively — “hell no, take me off your list”). If these were sent by a robot, ignoring it would have no consequences. You could happily delete the email and go on with your day. But these aren’t sent by a robot, they are sent by a human. And dealing with it in any way other than an outright “go to hell” will result in a followup email.

Hi Chris!

I was wondering if you had a chance to read the email I sent you last week. Looking forward to hearing from you!

I want to not feed the trolls, but, it turns out, these content marketers aren’t trolls

It’s at this point that the internet rule “don’t feed the trolls” shows cracks. I want to not feed the trolls, but, it turns out, these content marketers aren’t trolls — they are some other kind of creature — and not feeding them, doesn’t make them go away. Because continued, conscious ignoring and deleting of the emails they send will just result in more emails…

Hey Chris!

Just checking in to see if you had considered my offer. Let me know what you think!

I haven’t tested how long these will go on unchecked. I usually give in and respond after the second or third iteration. Sometimes, I forget and it’s the fourth or fifth. But I haven’t found a point at which they don’t keep sending followup replies. At some point, if you want this person to stop emailing you, you’re going to have to hit the reply button.

Don’t call me a Monopoly player

It was one such exchange I had this week. I got an email from one of the two partners running gamecows.com. Now, looking at their site, I can’t tell what their business model is. Maybe it’s through affiliate links, although I don’t see any. Maybe they are just trying to build up a collection of list-icles to go on their resume for future writing gigs. There’s no advertising on the site, just a newsletter you can sign up for (and I’m not signing up for the newsletter just to test this experiment).

Whatever it is, I got an email from them that linked to my games list page. Now, this is not a post. This is not an article. This is literally  just a list of all the games that I own. It’s an experiment, and it’s a demo of my Games Collector WordPress plugin, and it’s a way for people to see what I have already, so if they wanted to get me something I don’t already have, there’s an easy way to figure out what I do have (that was the original reason I built the plugin, other features just expanded from there). There’s no content to speak of, and there isn’t even anything relevant to link from — the only links that are on the page are to Board Game Geek as a way to provide more information about a game. I suppose I could link to them in one of those, but I’m not trying to link to a review, I’m linking to a game description. I could link to Amazon if it wouldn’t then look like I was trying to profit from the game. I could link to the game’s website, but then I’d have to track down every game publisher. BGG has out of print games in its database, which makes it a much easier and more central place to get information about games. And much less biased, given that any reviews that appear on BGG are from people who’ve actually played the games and aren’t trying to profit in some way from their review. The more popular games have multiple reviews.

Anyway, this isn’t an ad for Board Game Geek. I digress.

The email was asking me to link to their review of Dominion (see what I did there?), a game that’s definitely one of our favorites. But, again, even if I did want to link to them, I have nothing relevant to link from. Not on that page. It wouldn’t make sense to link to their review of Dominion from my listing of Dominion in my game collection, it would be more confusing because it would be inconsistent with the other games on the page. Plus it wouldn’t be impartial.

I might have originally intended to respond, just because it was about games and I like games, but I didn’t. And so, sure enough, the second email comes. Except this one comes with a bite.

Chris, did you get my last email? If I don’t hear back, I’ll assume you’re more of a Monopoly person. Nothing wrong with that of course. ;)

Woah boy.

Now, it should be obvious that I’m not a “Monopoly person” just by looking at the page they linked to. If I was, there’d probably be several incarnations of Monopoly on the list. There are not. I have distinct memories of losing horribly and being angry at my Dad for winning so overwhelmingly and feeling like a failure at the game and as a human being as a result of Monopoly. Monopoly is not a fun game. Unless by “fun” you mean one person wins and makes everyone else’s lives miserable — which describes a lot of board games of the past, Risk is another great example of this. I make it a point to avoid games like these at all costs.

What’s more, if you look at the history of Monopoly, it wasn’t supposed to be fun. It was designed to illustrate the evils of capitalism, not how great capitalism is. According to Wikipedia “it was intended as an educational tool to illustrate the negative aspects of concentrating land in private monopolies.” Even their own about page mentions “the family-destroying dynamics of a ‘friendly’ game of Monopoly.”

I was angry at yet another of a long series of unsolicited emails from which there is no unsubscribe

This was an obvious baiting tactic, and one that, I felt, was particularly offensive, given that it was coming from someone who claimed to like games, directed to someone who (I should think, given that there are 100+ in our collection) also likes games, and is very much not a “Monopoly person” — something that should be obvious if you actually read the page you’re requesting a link from. So, like a chump, I took the bait. And I wrote a nasty email. Because I was pissed at the implication and I was angry at yet another of a long series of unsolicited emails from which there is no unsubscribe.

A possible solution

Here’s where the story shifts from the norm. Normally, I would respond to one of these (nasty or otherwise) and never hear from them again. In this case, that didn’t happen. On some days, I would be even more exasperated, but in this case, I made an implication that “if you just write good content, the traffic will come” which I know, really, isn’t the case. But I also know that emailing me, is not going to give them a bump in their traffic. My site doesn’t get traffic. You’re better off soliciting, well, Board Game Geek for one, to get links to your site. Or Geek and Sundry. Or, I dunno, anything else, really, because I hardly get hits on this site, and definitely not enough to make an incoming link from jazzsequence.com result in a higher ranking on Google. You’d be just as good building your own site, call it sequencejazz.com and write your own incoming link for all the good my Google juice would do you, which is the other reason why these emails exhaust me.

So they apologize for striking a nerve and I apologize for being an asshole and I said something like “I wish there was a ‘do not call’ list or something for these emails…” And this is where the real nugget of wisdom happens.

They shared with me the name of the tool that they — and many other content marketers — use to gather emails: Hunter.io. By all appearances, this seems like a fairly legit way of gathering lists of email addresses to spam send your wonderful emails to. They boast 200+ million email addresses in their database, all tested for sendability and ranked with a score. They have a search tool right on the front page their site where you can search by domain and get a list of results (with parts of the name blocked out, although with some social engineering you can figure them out a lot of the time). Go ahead and try your own (assuming you don’t have a Gmail account) — you’re probably in there.

You can even find the sources for the email addresses, and here’s where it gets really interesting. Their email finder lets you type in a full name (first and last) and a domain and it will give you the matching address. This is easy and you can do it right now to get an actual individual’s email address from, basically, anywhere, provided you can give those two things. But the sources, for me, were the most revealing. Two of my results had the tag “Removed”. I don’t really know what this means, perhaps just that my address no longer appeared on those pages. Those were my ancient ReverbNation page and a tag archive for the term “art” on jazzsequence.com! (And not just any tag archive, but, in fact, page 2, randomly.)

Hunter.io results for Chris Reynolds

My email address got entered into their database because I committed a piece of code. That code is open source and includes my email address and this is considered fair game.

The remaining (not removed) public listing of my email address is on Trac. Yes, plugins.wordpress.trac.org. So, to summarize, my email address got entered into their database because I committed a piece of code and standard practice for copyright and GPL notices in code is to put the author’s email address in the code. That code is open source, and therefore exists on the internet, and because that code is on the internet, and the code includes my email address, this is considered fair game to add me to a database of 200+ million other people who can be spammed receive unsolicited emails be emailed by this company’s users.

Hunter.io has a contact address — [email protected] — but when I emailed it, I got an auto-response that it couldn’t be delivered. The message response was, get this, “Leave failed, not a member.” This seems to imply that, because I am not a member of the service, I can’t email their public email address. Fabulous. Isn’t that fabulous?

Claim your address on Hunter.io

I did a bit of digging and, through a FAQ on their site, found that the Claim page on their site is how you can (attempt to) remove your address from their database. By entering your address into the form, you are “claiming” that address, and you can then either edit the preferences on the address or request that it be deleted entirely. Alternately, it’s entirely possible that you’re just adding your email back into their database, I guess time will tell.

At any rate, I claimed all of my email addresses, even those that didn’t come up when I searched for them. I don’t think it will block them from being added again in the future if they get indexed again, but hopefully it will null the existing matches.

If you get these emails, too, go to Hunter.io and claim your address. Bookmark the damn page and do it again in six months. I’d recommend writing a nasty letter to them, but I tried that and it bounced, so ¯\_(ツ)_/¯.

Keeping your website safe

class=”aligncenter” Once upon a time, a long time ago, you could buy a new computer and not have to worry about what type of virus scan software you needed to load onto it.  Firewalls were things only extreme geeks and intrepid hackers knew anything about.  Adware, spyware and malware weren’t even words.  Those days are so long ago that high quality, free virus scan software has not only become available, but ubiquitous, highly rated and able to hold its’ own against the big guys (see: Avast! and AVG Free vs. Norton and McAfee).

Just as the innocent days before antivirus software was a necessity are long gone, so too are the days in which website security is something to be considered only by paranoids, security professionals and government sites.  In just the last month we’ve seen WordPress sites on Network Solutions hacked (by gaining access to the database via an improperly secured wp-config.php file), GoDaddy sites hacked and then hacked again (infiltrating and embedding code into any php file — the access point of which is still, as of this writing, unknown), and then Network Solutions sites hacked again (this time by a different method, creating or editing php.ini and .htaccess files in the cgi-bin folder) including several U.S. Treasury sites.

Many of these hacks redirect the visitor to a malicious website which installs malware onto their computer which can then be used to harvest all kinds of information about the user.  Or maybe they inject your computer with malicious software and then direct you to a site that sells you antivirus software (which could, potentially, just be a cover for more data-mining spyware).  Code is indiscriminate — it doesn’t care if your site is high traffic or low traffic.  The attacks against GoDaddy and Network Solutions aren’t necessarily indications that those two webhosts have inferior security practices but rather that someone was able to find a workaround or a backdoor or had some kind of insight into the data infrastructure of those hosts which allowed them to run a script across all the sites hosted by those companies.

The point is, just because you haven’t been affected yet doesn’t mean you are safe.  It’s always better to be one step ahead of the bad guys.  Here are some ways you can keep your website, and the files it contains, safe:

File and Directory Permissions

This is the biggie.  It was due to bad file permissions that hackers were able to gain access to Network Solutions users’ databases last month.  This is also probably the most confusing safety precaution and the one most likely to accidentally render your site completely unusable (at least temporarily).  File permissions that are too permissive will allow just anyone to peek at your files, some of which may have sensitive or secure data in them.  Permissions that are too restrictive can render your site unusable by you or visitors or both.

To make things even more confusing, server permissions are generally referred to by arcane numerical codes or a string of letters, making them hard to understand for a lay person.  Take the time to familiarize yourself with what they mean, it could be the difference between your site remaining secure and having to clean hundreds of php files manually, restore from a backup, reinstall your software or risk losing all your data.

You may see permissions written out like this: drwxr-xr-x.  To a normal human being that just looks like gibberish.  To a server (and an admin or geek familiar with the lingo) the string means that: what you are looking at is a directory (drwxr-xr-x), the owner of the directory (generally the webserver or your own user account) has full read, write and execute permissions for the directory and the files contained within (drwxr-xr-x), the group (generally a server group for clients, or else an application group defined on the server) has read and execute permissions (drwxr-xr-x), and everyone else also has read and execute permissions (drwxr-xr-x).  This directory would be said to have 755 permissions:

   7      5     5
 user   group  world
 r+w+x  r+x    r+x
 4+2+1  4+0+1  4+0+1   = 755

Generally speaking, this is the default setting for most hosting environments.  And, generally speaking, it had the correct permissions to enable 99.99% of web-based applications to run correctly.  However, it does not have an ideal level of protection for anything you want to keep safe.  When WordPress sites on Network Solutions were attacked, it was pointed out that optimal permissions for the wp-config.php file should be 640 or, if that didn’t work with your hosting environment, 644 (in both cases, the execute permission is removed from all user groups — wp-config.php is a file that is read by WordPress, it is not executed, so there’s no need for the x), and in the former case, all permissions are removed from the “world” group, giving only you and your user group read permission (and only you have the ability to rewrite the file).  In most cases, you can safely increase your file permissions to 644, although typically 755 is accepted for directory permissions.

Great.  So what does that mean?

Permissions can be changed in a few different ways.  They can be done from a commandline via an SSH connection to your server, but most people probably don’t do it this way.  Permissions can be changed in an FTP program which you would have used if you uploaded a custom theme to your WordPress site or were responsible for setting up your website.  Permissions can also, often, be modified through the built-in, web-based file manager that many web hosts offer from their admin panel.  If you are using an FTP program like FileZilla, most of the time the option to change file permissions will be available upon a right-click of the file or folder you want to change permissions on, but always refer to available documentation if you have questions.  If you weren’t responsible for setting up your website and you don’t know what your file permissions are set to, contact your webmaster or designer and find out.  If they are too low, request that they change the permissions to something more secure.  Any designer worth their salt should be able to do this for you if they aren’t already (and if they can’t, you can always contact us!).

Learn more about changing file permissions.

Secure Passwords! (or: guest1234 is not a secure password…)

Now that we’ve covered the hard part (and, trust me, permissions is the hard part), we move on the the easier and more manageable stuff.  Like passwords.

You’ve been told this a million times: keep secure passwords.  You’ve been told to “keep your passwords in a secure place”.  You may even have been told never to write your passwords down (on paper or, especially not in a file on your computer).  And you’re wondering how the hell all of these things work together.  Are you really expected to memorize 20 different passwords of 8-16 alphanumeric characters and symbols?

It’s tough.  And most of us use shorthand — one password fits all, and to hell with security.

This is, increasingly, a bad idea.  Actually, this was a bad idea five years ago.  Now it’s a horrible idea.

Face it, we’re going to have to deal with this at some point and it’s better now, when your site is fine, then later, after your site has been broken into because your password for your WordPress backend, FTP and database were all “thomas13”.

There’s a couple different methods for creating secure passwords.  One is a configurable password generator.  There’s various applications you can download, websites you can go to, but the one I’m most familiar with is a plugin for Firefox.  The benefit of using a password generator is it’s completely random, therefore more secure and harder to crack, and in many cases you can specify special characters or not, numbers or not, case sensitive or not — however, the more “nots” you have in the equation, the less secure your password is.  (Even so, “SLKJJHE330” is still more secure than the day you were born and your son’s first name.  Ed. note: that’s not the day I was born or my son’s first name.  Just saying…)

What we used to do when I worked in IT and we made custom Windows install disks or used passwords for different types of apps or servers was take a word or phrase and translate it into L33+ [email protected] (“leet speak”).  Something like [email protected] is easy (easier anyway) to remember and much more secure.  Even better is the fact that misspelling words makes the password more secure!  (Presuming you can remember how you misspelled it…) You still need to be careful the kinds of things you use and try to make it not too obvious.  For example, if you run a blog about your kids, and their names are Antonio and Marie, you probably don’t want to use @nt0n10&[email protected] as your password.  While you could randomize the characters and symbols to change it up, it’s best to stay away from anything too personal as a rule.

Another method I’ve heard of people using is to take a word or phrase and inject symbols and numbers in the middle.  Today’s date is 5/4/2010, and I like Battlestar Galactica, so maybe my password could be [email protected]  Or rather than using today’s date, you could use your anniversary, your father’s birthday, the day you graduated college, anything that isn’t posted on your Facebook profile would probably work best in terms of security.

How do you keep them all straight, then?

So what if you have 5 different sites, each with a unique admin password, each with a unique database password, all hosted on the same server (so, thankfully only one FTP password, but that is different than everything else), how do you remember what’s what?  Well, you could always use the post-it method.  You could store passwords as “Notes” in Outlook or — gasp — save them in a document.  None of these are particularly great, though.  If your house was broken into, someone could easily grab all your post-its and gain access to your bank account, PayPal account, anything you use a password for.  Likewise, if your computer was ever compromised, someone could find the file that contained your passwords.  Anyone who was awake ten years ago or so would remember Microsoft Office “macro” viruses, which would enter through Outlook and then use the connectedness of the Office suite to harvest email addresses and other information from emails, your contact list, Word documents, etc, so if your passwords were stored in a Microsoft Word document, it is possible that all your passwords could be stolen by a particularly clever virus.

The solution?  Well, probably there’s some risk involved with what I’m about to suggest, but there are password managers, often protected by a password themselves, that store all of your various passwords for applications and/or websites you go to.  Many of them are built as Firefox plugins (and presumably Chrome and IE have equivalents out there as well, although I haven’t looked…yet).  This way, all of your sites can have a completely unique, completely secure password and you only need to know the one password you use to access them.  Part of me feels like even having a program like that is like putting the world’s largest diamond in a glass case and making it the centerpiece of a museum exhibit — it’s just sitting there screaming “look at me” — but, assuming you have a secure enough password to access the password manager, and — even better — change it regularly, you’ll be fairly safe, and it may be the best option in light of these new web security concerns.

Keep in mind that to be completely secure, you want your database password, FTP password, and any passwords you use to log onto  your site, or any other site, to be unique.  Using the same password means that a hacker just needs to figure out one to be able to access all of your sensitive data, and you don’t want that.

Be Prepared

So what if your site is hacked and you have no way to recover your data without trashing everything and starting over fresh?

Well, I’m sure you’ve been keeping backups, right?  You haven’t?  Oh, well in that case, you’re in trouble…

A lot of hosts will automatically create backups of all your data.  The timeframe in which the snapshots take place can range from every day to every week to every month.  Even so, it’s not safe to assume your host will have a backup — not all of them do — and even if they do have a backup, it would be beneficial to keep backups yourself, just in case your backup is more recent than theirs, or their servers go down and their backups are lost.

Within WordPress, this can be taken care of by using some highly useful plugins.  WordPress Database Backup is what we use to keep backup copies of the database, although there are others, such as WP-DBManager recommended by WPSecurityLock.  Even if you aren’t a code jockey, able to restore a database backup in your sleep, that doesn’t mean you shouldn’t keep database backups just in case you might need a code jockey to restore your database for you.  Both allow you to schedule backups and have them stored on the server or sent to you in an email.

WordPress itself can always be downloaded from WordPress.org, and that will always be a clean copy of the most recent version.  If you did need to trash everything and start over, that would be the best place to get a clean copy of WordPress.  However, what about your plugins and your WordPress theme?  WordPress Backup backs up your uploads folder, current theme and plugins directory.  Like the database backups, it can be scheduled to back up to the server or email you a copy.  This way, if your site was infected, you would have a clean copy of all the files you’d need to purge to get rid of the virus or malware infestation.

You may also want to consider hiding your site as a WordPress site.  While obfuscation is not necessarily a means of securing your site — especially if that’s the only thing you’re doing — it might not hurt.  A hacker who knows how to get into WordPress could be diverted if, for example, your wp-login.php page was moved to a different address.  Alex Denning of WPShout has some great suggestions of ways to confound potential hackers.

If you don’t have a WordPress site, never fear.  Most popular CMS software that has any kind of development community at all should have comparable equivalents of all of the above plugins.  If not, consider talking to your webhost or hiring a programmer to build a script to backup your database and/or your files and send them in an email.  Neither should be particularly difficult and could be run in a cron job (presumably they’d know what that means even if you don’t).

Make sure you are safe

In both the Network Solutions hack and the GoDaddy hack, it was my antivirus software, Avast!, which first alerted me to a problem.  Having an A/V program that has a realtime web scanning component is incredibly beneficial to finding an infiltration and protecting yourself from being infected by your own site.

If you’re running a blog, make sure you’re doing something to filter comment spam — it’s probably the easiest way to add some nefarious links on your site from the outside and is usually very easy to prevent.  WordPress comes built in with Akismet which does all the heavy lifting of filtering out spam comments — all you need to do is register a WordPress.com account to get an API key, which I strongly recommend doing.

Also, if you are running a WordPress site (or any web-based software) make sure you keep up-to-date on your updates.  It’s not going to save you from being hacked, but often there are security updates and it’s better to install those sooner rather than later. (That said, it has been suggested that too soon has its’ own risks — sometimes updates have new holes that were missed in the testing phase and may open your site up in new and exciting ways.  I usually check for updates once a month; by then, in most cases, any potential bugs that were serious have been worked out and fixed.)

If you have been hacked, here are a couple links that can help you recover:

FAQ: My site was hacked
How to completely clean your hacked WordPress installation

Web security isn’t going to go away.  These mass website hacks are not going to go away.  And it isn’t fair to assume that your host is going to be responsible enough to protect your site in what is, in their eyes, your responsibility.  Even if you have a retainer who manages your website(s), you should still make sure you are aware of what is going on in the outside world and make sure they know what’s going on, too.  A good thing is having your tech or designer fix your site in a matter of hours after you report that there’s something fishy on your website.  A better thing is having your tech contact you first to say “there’s a hack going around, I’ve taken precautions against it, and I’m monitoring your site in case of an attack.”  You don’t want to be the one left behind with the guy who says “um…what?” when you say you think your site has been hacked, whether that guy is your “web guy” or your hosting provider.

[byline]

Twitter kills bulk and automated unfollows…and we’re disappointed why?

yesterday, SocialToo announced they were discontinuing the auto-unfollow feature associated with the services they offered.  this more or less confirms my own suspicions when i went to clean out the people @ArcanePalette was following a few days ago and get rid of the spammers, marketers, and others that, from a reading and using Twitter standpoint, weren’t really adding value to our day.  Twitter Karma seemed to be having some issues and the only other mass unfollow service I could think of was Tweepular, and they were, by all accounts AWOL.

while the bulk and auto-unfollowing services provided me with a headache in having to manually go through and unfollow people, i take full responsibility for having been dumb enough to follow people i wasn’t really planning on listening, engaging, or interacting with in the first place.  in general, an automated service to unfollow someone solely because they stopped following you is the online equivalent of what my kids do in the back seat of our car when they’re arguing for the sake of arguing with no real point.  “YES!” “NO!” “YES!’ “NO!!” “YEEEESSSSS!!!” “NOOOOOOO!!! etc.  it’s like saying “well, i never liked you anyway” to someone’s back as they walk away.

the fact is that just because someone isn’t following you anymore, doesn’t mean they might not still provide value or interesting links that you’d like.  i follow @slashdot, but i don’t expect them to care about what i have to tweet about.  similarly, i don’t really expect @wilw@feliciaday, or @neilhimself to care what i’m doing at any given moment either.  there are certain people for whom it’s been accepted that we won’t receive a reciprocal follow, like say, @britneyspears and yet we somehow hold the rest of the twitterverse to a higher standard?

as i read SocialToo’s announcement, i was struck by the stubbornness of it — they obviously were removing the feature reluctantly at the direct request of twitter.  in particular:

We are sorry for any inconvenience this may cause – we are as disappointed as you are. We are still firmly set on our original goals of automating your streams while enabling you to clean them up at the same time and focus on real relationships.

why are we disappointed?  people who auto-unfollow, or use any other kind of automation, most frequently aren’t using twitter.  if you’re an automaton, and not actually tweeting for yourself, then what use is twitter to you aside from pushing your message into the face of as many people as possible?

i say this as a bit of a hypocrite; it’s true that my secondary twitter account, @teh_s3quence — which i’ve left active even when i shut all my other former genesis rocket-powered accounts down — is totally automated.  in my defense, i keep that around because i actually find some interesting links being tweeted by the robot version of myself, so i’ve just stopped pretending that it is anything other than what it is: a robot pumping links from a bunch of different places that i like.  if twitter decides someday to kill the account, i’ll be sad for like 5 minutes and then go back to my rss feeds.  so yes, there are some uses for automation, but the only reason why  you’d need to auto- or bulk unfollow anyone is because you’ve hit your following max for the number of followers you have and you need to dump people so you can get more followers.  and the only reason you would do this is because you’re trying to spam your message across twitter.

the truth is that it’s not possible to both “automate your streams” and “focus on real relationships.”  if part of automating your streams involves unfollowing people just because they unfollowed you, you obviously don’t care about relationships anyway.  you’re just writing that person off without context.  when you turn off the radio, is it because you never want to listen to the radio again?

it seems to me like twitter is going through its ranks again and pruning some of the stray branches that don’t really fit with the what the service is ideally intended to promote: microblogging, communication, interaction, and sharing.  for my part, i say: bravo.