RSS Feeds And Security

Joshua Miller
Contributing Writer
2006-09-26

The growth rate of RSS is amazingly fast. RSS when first made its appearance was recognized as a techie device but nowadays it has become so popular that the general mass is using this tool.

But remember that RSS, a blessing for us doesn't come for free but often carrying some unwanted gift for us! - RSS spam. This spam which contains dynamically generated balderdash feeds stuffed with keywords created by the content publishers are not headaches because of their nonsense but they often endanger security. Spam included in RSS is not only irritation to the search engines but also feeds pales compared to the probable security concerns that might have been in the future of RSS.

RSS related security implications

If RSS increases, the security gets more endangered. While the publishers are fast in innovating new uses for RSS feeds, the hackers are watching it all. Even in its raw form, the extendibility and the power of RSS can make it very vulnerable. The very abode of these vulnerabilities is the expansion abilities of the specification of RSS, mainly the enclosure field which is the launcher of podcasting phenomenon. Basically, this enclosure field is not a headache, since the enclosure tag is not used by RSS feeds. The tag is generally used in linking file types such as word documents, mp3 files, images, and executables and in the same terms in email attachments.

RSS Distributing these file types has helped the syndicate standard users immensely but along with that it has also created problems. But we don't take these problems as risks since we select the content received which limits spreading of viruses and spyware through RSS; still we run at a risk if an infected file is spread.

This risk is the effect of technology and our poor education.

Several RSS readers, pod catchers, and news aggregators automatically download the information from the enclosure field even if they don't know their sources or file types. This ignorance often calls for dangerous insecurities for our computers.

Generally speaking almost all the RSS developers admit the risks that are attached with the enclosure field but a very few developers don't care to equip the RSS feeds with screening, filtering and authentication abilities and a myriad of automatically downloaded enclosures.

It is very unfortunate that every RSS reader or aggregator or pod catcher ponders over the probable security implications related with RSS feeds or podcasts. Usually some work automatically downloading enclosures sans any warning or any concerns about the security. So ensure to introspect the handling of files by your RSS reader.

About the Author:
Joshua Miller is an author and technician. See more articles at http://www.firewallprotectionsoftware.info

More news_security_news Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials