TulipTools Internet Business Owners and Online Sellers Community

TulipTools Internet Business Owners and Online Sellers Community > Blogs and Blogging, Web 2.0 > Blogs and Blogging, Web 2.0 > RSS Feeds > Reading blogs via RSS or Atom feeds may expose computer users to hacker attacks
Full Version: Reading blogs via RSS or Atom feeds may expose computer users to hacker attacks
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

mandy

08-07-2006, 07:59 AM
Quote:Reading blogs via popular RSS or Atom feeds may expose computer users to hacker attacks, a security expert warned.

Attackers could insert malicious JavaScript in content that is transferred to subscribers of data feeds that use the popular RSS (Really Simple Syndication) or Atom formats, Bob Auger, a security engineer with Web security company SPI Dynamics said in a presentation at the Black Hat security event here Thursday.

The problem doesn't affect only blogs—any kind of information feed using any kind of format could potentially be used to transmit malicious content to a subscriber, Auger said. Users, for example, could subscribe to mailing lists or news websites via RSS, he said, noting "this is about the entire concept of Web feeds."...

full article: http://www.usatoday.com/tech/products/cn...risk_x.htm

whitepaper on RSS and atom security risks: http://www.spidynamics.com/assets/docume...gFeeds.pdf
TulipTools Internet Business Owners and Online Sellers Community > Blogs and Blogging, Web 2.0 > Blogs and Blogging, Web 2.0 > RSS Feeds > Reading blogs via RSS or Atom feeds may expose computer users to hacker attacks