|
||||||
|
||||||
|
RSS SecurityRSS SecurityBy S. Housley RSS is growing at a lightening speed. What was once only known as a "techie tool", RSS is becoming a tool that is continuously being used by the general population. Along with the good comes, the not so good. And while some have mentioned the emergence of RSS spam, where content publishers dynamically generate nonsensical feeds stuffed with keywords, the real concern relates to security. While an annoyance to the search engines, spam in RSS feeds pales in comparison to the possible security concerns that could be in RSS' future. Security Implications Related to RSS. As RSS gains momentum security fears loom large. As publishers are quickly finding innovative uses for RSS feeds, hackers are taking notice. The power and extendibility of RSS in its simplest form is also its achilles heel. The expansion capabilities of the RSS specification, specifically the "enclosure" field which has launched the podcasting phenomenon, is where the vulnerabilities lie. The enclosure field in itself is not the problem, in fact the majority of RSS feeds do not even use the enclosure tag. The enclosure tag is essentially used to link to file types, things like images, word documents, mp3 files, power point presentations, and executables and can be thought of in similar terms to email attachments. The fact that RSS can be used to distribute these file types has opened a myriad of doors to users of the syndication standard, but also has created cause for concern. Most people do not feel that the risk is significant because people "choose" the content that they receive, and while it might make the distribution of malware, viruses and spy applications via RSS less prevalent, their is still the inherent risk of a infected file being distributed. The problem is one of both technology and lack of education. The danger lies in the fact that many RSS readers, news aggregators, or pod-catchers automatically download the information contained in the enclosure field regardless of its file type or source. Most RSS developers acknowledge the risks associated with the enclosure field, but few have had the forethought to include filtering, screening or authentication capabilities and many automatically download enclosures. Nick Bradbury of Bradsoft/NewsGator seems to be proactive, designing FeedDemon with security in mind. FeedDemon uses an editable safelist of file types as well as allowing users to monitor what files are automatically downloaded. FeedDemon also contains hard-coded warnings related to specific file types. Developers of ByteScout took a different approach to the handling of enclosure files, ByteScout does not automatically download anything without user intervention for each download. Unfortunately, not all RSS readers, aggregators and podcatchers consider the possible security implications associated with RSS feeds and podcasts, some will automatically download enclosures without warning or any thoughts of security. Be sure to examine how your RSS reader handles files contained in the enclosure field of an RSS feed. With the increased use of RSS and podcasting, the security risks increase with it. Their is cause for concern, however proactive users and conscientious developers can easily subvert the risk by taking precautions seriously. Computer viruses and malware are cause for legitimate concern, there is ample time and action that can avert potential problems. Permissions: Permissions and notification of use not required. About the author: About the Author: Sharon Housley manages marketing for FeedForAll http://www.feedforall.comsoftware for creating, editing, publishing RSS feeds and podcasts. In addition Sharon manages marketing for FeedForDev http://www.feedfordev.coman RSS component for developers. Circulated by Article Emporium Get Business Fit One Minute At A Time Copyright 2005 Hirini Reedy Too many online entrepreneurs spend long hours working online to think about their health and fitness. Your online success is related to your energy levels. How fit are you? Have you looked at your hips or butt lately? We all know that we need to ... Are you making these Deadly SEO Mistakes? Copyright 2004 Ed Zivkovic Black Hat SEO: Web Spamming and Linking to Bad Neighborhoods So you want to exchange links with other web sites in order to get higher search engine rankings? So you want to create hundreds of auto-generated, keyword rich pages fo... 7 Reasons to Add Podcasting to Your Business Marketing Mix Copyright 2005 Rodney Rumford Leveraging podcasting technology can give you a marketing edge that will allow you to increase your online visibility, increase your client acquisition rates and improve customer loyalty. The smart businesses and marketing companies will add pod... Proven Step-By-Step Formula Creates Website That Makes People Pull Out Their Credit Cards And Buy Copyright 2005 Rick Miller Have you ever wished you had a magic formula that would cause your website visitors to hand over their money to you? In a recent interview with Tellman Knudson for the List Crusade program, Patric Chan revealed his secrets for building a web... 10 Best Reasons Why You Should Start Your Own Home Business © 2005 Odilia Paula http://www.MakingMoneyGetRetire.com Picture this! When your neighbor must wakeup early morning and run for their live to avoid get angry for their bos, you can wake up what ever you want and go to your office without worrying about what the “BOS... Good Content, to survive your web site needs lots of it Do you ever ask yourself if Affiliate Marketing is really what it's cracked up to be? Can many of you, of us, make serious money selling other peoples' products? Or is it only a few big guns that have the right to succeed! At the beginning I was very skeptical, but a... RSS Security RSS Security By S. Housley RSS is growing at a lightening speed. What was once only known as a "techie tool", RSS is becoming a tool that is continuously being used by the general population. Along with the good comes, the not so good. And while some have mentioned the... Making Your Home Business Work Copyright 2005 Heidi Chartier http://www.MakingMaximumWealth.com/pips.html Running your own home based internet business is a piece of cake. Right? You have probably heard how easy it is to rake in tens of thousands of dollars practically over night, and how yo... Dropship Wholesale; 7 Secrets to Dropship Success Dropshipping offers a the little guy the opportunity to get ahead on the internet by offering top products, even name brand products without having to invest thousands of dollars of inventory, shipping products, or manufacturing. Deopshipping is the opportunity fo... Have You Just Hit 'The Wall'? Have you hit the 'brick wall' yet? No? Well it won't be long. I started tinkering with the internet at the start of 2003, then finished my property maintenance business towards the end of that year and went full time online. In the two years since then I'... How To Prioritize And Grow Your Home-Based Business By Ken Leonard, Jr. © KLJ Online Life is all about making choices, and setting priorities. You have made a choice to get away from the "work at a job" world, to pursue making a living at home using your PC, or you wouldn't be reading this right now. On... Article on the timing of events with Site Build It Firstly let me say that I think Site Build It, it rocks. When I started on this journey, that I am still on, I started reading everything about mail marketing, web marketing etc etc. I had already been ripped off with the developers of my first site so I was not going to let that... Make More Sales By Airing Your Dirty Laundry Copyright 2004 Clifford Mee There's an old saying, "Don't air your dirty laundry". If you're selling any product or service either online or offline this is horrible advice. You see sooner or later, your customers are going to find out the negative aspects ... What is Creative Commons? What is Creative Commons? By S. Housley Creative Commons is a nonprofit organization that allows artists, authors, publishers and musicians the option of creating and defining a flexible copyright for their creative works. Creative Commons was officially launched in 20... 10 Marketing Tips for Entrepreneurs Nothing happens in business until a sale is made. Marketing is simply about getting new customers and keeping them. If you're not doing something everyday to market and promote your business, your competitors are. Here are ten easy-to-implement tips to effectively market and grow y...
|
|
|||||
|
||||||