RSS Security Issues

Monday, June 6th, 2005
by Lockergnome

It’s quite evident that RSS enclosures are a security threat, especially if RSS aggregator developers don’t start automatically (by default) blocking certain types of content item “attachements”. If they don’t, RSS could easily be used to “infest” trusting people with harmful executable files.

Furthermore, in an IT Manager’s Journal article, Richard Stiennon, vice president of threat research at anti-spyware company Webroot, warns against the possibility of profit seekers going further and finding new and new ways of exploiting RSS.

Malicious code in full-text content items is the first that comes to mind.

via MarketingStudies.net

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

RSS Talk - Sep 28, 2006

New-look Google Reader Is Stunning!

The Engadget Podcast now supports AAC and Ogg feeds!
Thursday, September 21, 2006
How to explain RSS the Oprah way
Thursday, September 21, 2006
The Anatomy of an RSS Feed
Friday, September 15, 2006
RSS and AJAX: A Simple News Reader
Friday, September 15, 2006
RSS’ Security Deadline
Friday, September 15, 2006

RSS Talk - Sep 8, 2006

Start to publish RSS feeds smarter

Dave and Tim
Friday, September 8, 2006
Windows Live Writer Blog This for RSS Bandit
Friday, September 8, 2006
InfoCenter vs. iTunes: The Battle of the Podcatchers?
Friday, August 25, 2006
Blog feeds may carry security risk
Friday, August 25, 2006
Robot rabbit reads RSS feeds out loud
Friday, August 25, 2006

RSS Talk - Jul 21, 2006

Icons: It’s Still Orange

Tech.Life.Blogged - Send me voice mail for free and how to get yours
Friday, July 21, 2006
Yahoo plus RSS - We purposely kept it hidden and just let it leak out to the blogosphere
Friday, July 21, 2006
FeedRinse
Friday, July 14, 2006
Microsoft Releases New Beta of IE7
Friday, July 14, 2006
The Art of News Feeds
Friday, July 14, 2006

RSS Talk - Jun 23, 2006

Web-Design Expert

Getting Your Site Indexed in Yahoo
Friday, June 23, 2006
Fresh from the oven: RSS Feeds
Friday, June 23, 2006
NY Times research says people don’t want RSS
Friday, June 16, 2006
A guide to email newsletters and RSS usability
Friday, June 16, 2006
Feed icon madness
Friday, June 16, 2006

What else is new in RSS & Atom Tips?

The Anatomy of an RSS Feed

Friday, September 15th | No Comments

RSS and AJAX: A Simple News Reader

Friday, September 15th | No Comments

RSS’ Security Deadline

Friday, September 15th | No Comments

Start to publish RSS feeds smarter

Friday, September 8th | No Comments

Dave and Tim

Friday, September 8th | No Comments

Random Posts From the Archives

New-look Google Reader Is Stunning!

Thursday, September 28th | 3 Comments

The Engadget Podcast now supports AAC and Ogg feeds!

Thursday, September 21st | No Comments

How to explain RSS the Oprah way

Thursday, September 21st | No Comments

The Anatomy of an RSS Feed

Friday, September 15th | No Comments

RSS and AJAX: A Simple News Reader

Friday, September 15th | No Comments

60 queries / 3.068 seconds.