Mnet :: RSS Feeds And Security

Main Page

Secure

About Us

Privacy

News

World News

Recent Entries

What's Your Company Story?

A Quick Tour Of Italy - Palermo, Sicily

Unstoppable

Happiness Is Your Choice

Tall Twister Tales

Recent Reviews

Fifteen Minutes of Shame

So you're a man? Go on, prove it...

New Book Explores the Hidden Story Behind Sky-Rocketing Debt in America

Biotech 2008 —Life Sciences: A 20/20 Vision for 2020(1)

Amidst Economic Chaos, a Voice of Reason Arises -- Grant Cardone!

This Month

Month Archive

October 2006
September 2006
August 2006
July 2006
June 2006

Main Page » News » Tech News

Previous:	Cell Phone Accessories And Your Cell Phone
Next:	HP Ranked No. 1 in Worldwide Distributed System Management Software

RSS Feeds And Security

by Mnet on Fri 18 Aug 2006 02:58 AM AKDT | Permanent Link | Cosmos

RSS Feeds And Security
Author: Joshua Miller

The growth rate of RSS is amazingly fast. RSS when first made
its appearance was recognized as a techie device but nowadays
it has become so popular that the general mass is using this
tool. But remember that RSS, a blessing for us doesn't come for
free but often with carrying some unwanted gift for us! – The
RSS spam. This spam which contain dynamically generated
balderdash feeds stuffed with keywords created by the content
publishers are not headaches because of their nonsense but they
often endangers the security. Spam included in RSS is not only
irritation to the search engines but also feeds pales compared
to the probable security concerns that might have been in the
future of the RSS.

RSS related security implications

If RSS increases, the security gets more endangered. While the
publishers are fast in innovating new uses for RSS feeds, the
hackers are watching it all. Even in its raw form, the
extendibility and the power of RSS can make it very vulnerable.
The very abode of these vulnerabilities is the expansion
abilities of the specification of RSS, mainly the enclosure
field which is the launcher of podcasting phenomenon.
Basically, this enclosure field is not a headache, since the
enclosure tag is not used by RSS feeds. The tag is generally
used in linking file types such as word documents, mp3 files,
images, and executables and in the same terms in email
attachments.

RSS Distributing these file types has helped the immensely the
syndicate standard users but long with that it has also created
problems. But we don't take these problems as risks since we
select the content received which limits spreading of viruses,
spyware through RSS; still we run at a risk if an infected file
is spread.

This risk is the effect of technology and our poor education.

Several RSS readers, pod catchers, news aggregators
automatically download the information from the enclosure field
even if they don't know their sources or file types. This
ignorance often calls for dangerous insecurities for our
computers.

Generally speaking almost all the RSS developers admit the
risks that are attached with the enclosure field but a very few
developers don't care to equip the RSS feeds with screening,
filtering and authentication abilities and a myriad of
automatically download enclosures.

It is very unfortunate that every RSS readers or aggregators or
pod catchers ponder over the probable security implications
related with RSS feeds or podcasts. Usually some work
automatically downloading enclosures sans any warning or any
concerns about the security. So ensure to introspect the
handling of files by your RSS reader.

About The Author: Joshua Miller is an author and technician.
See more articles at http://www.firewallprotectionsoftware.info

Posted to:

Tech News