Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible RSS Abuse in Longhorn

Posted by Zonk on from the really-sleazy-stuff dept.

dMill writes "There has been a lot of discussion about Microsoft's decision to bake RSS into Longhorn (see previous Slashdot coverage) but the obvious security implications seem to be on the back burner. eWeek has a story discussing the risks and Don Park is also warning about the potential for abuse and exploitation. For example, the primary mechanism behind podcast, RSS enclosure, can be used to deliver worms and worse to the desktops. If there are any vulnerabilities in iPod (or any MP3 player hooked up to podcast sync client) codec, then podcasting is a good way to deliver overflow inducing content."

12 of 214 comments (clear)

  1. Blah! We don't have to worry... by slapout · · Score: 5, Funny

    ...cause Longhorn is going to be built on secure .Net technology......oh wait....nevermind. :-)

    --
    Coder's Stone: The programming language quick ref for iPad
  2. Re:Worse than worms?!? by Trigun · · Score: 3, Funny

    copying a folder of lolita child porn to your hard drive, mucking with the dates, and sending a tipoff to the FBI?

    I'd rather have the worms than Hepatitis and UPIAs in the shower.

  3. What!? by jb.hl.com · · Score: 3, Funny

    What retard decided to put binary data in RSS? Or would allow execution of code linked to by an RSS feed? That is truly the most retarded thing Microsoft could have done with regards to security. It's like a condom with the capability to have semen smeared on the outside. Utterly fucking stupid.

    --
    By summer it was all gone...now shesmovedon. --
    1. Re:What!? by Mark+of+THE+CITY · · Score: 3, Funny

      Actually, it's analog; binary plays only a bit part.

      --
      The clearance system sounds logical. It is not. It is completely arbitrary. -- John Bolton
    2. Re:What!? by I+confirm+I'm+not+a · · Score: 3, Funny

      ...the smearing of cement on condoms...

      Dude, I am so not having sex with you.

      --
      This is where the serious fun begins.
  4. OMG Don Park is Warning! by Anonymous Coward · · Score: 2, Funny

    Oh I see,
    Don Park is warning!

    Glad to hear what Don Park has to say about this story.

    I love Don Park, I read every word he writes!

    WHO THE FUCK IS DON PARK?

  5. Always report RSS abuse by stinerman · · Score: 3, Funny

    RSS abuse has gone on far too long. It may seem unthinkable to some people who long for an RSS of their own (but have had to adopt), but some people do abuse RSS.

    If you see your RSS feed has some broken links or other irregularities, report it immediately to your sys admin -- even if the RSS explains it away as random line noise or CRC errors. Protecting one's abuser is a sign of continued abuse.

    Only YOU can help stop RSS abuse!

  6. Is somebody hungry? by B5_geek · · Score: 4, Funny

    ...decision to bake RSS into Longhorn... ...on the back burner.

    No wonder MS says they can't remove things like IE from the operating system; They cook it all together!!!

    --
    "The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
  7. Re:Worse than worms?!? by gclef · · Score: 3, Funny

    This

  8. Easier way by Anonymous Coward · · Score: 4, Funny

    Can't MS just develop a specific API for people trying compromise windows machines, it would be less work for everyone.

  9. Re:Worse than worms?!? by Anonymous Coward · · Score: 1, Funny

    Autosubmitting postings to "alt.wesley.crusher.die.die.die" in your name?

    (Sorry man, couldn't resist.)

  10. Worrmcasting? by Scott+Byer · · Score: 2, Funny

    Using phish for bait?

    --
    > cat ~/.signature | grep -v bullshit

    >