Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible RSS Abuse in Longhorn

Posted by Zonk on Thursday June 30, 2005 @04:55AM from the really-sleazy-stuff dept.

dMill writes "There has been a lot of discussion about Microsoft's decision to bake RSS into Longhorn (see previous Slashdot coverage) but the obvious security implications seem to be on the back burner. eWeek has a story discussing the risks and Don Park is also warning about the potential for abuse and exploitation. For example, the primary mechanism behind podcast, RSS enclosure, can be used to deliver worms and worse to the desktops. If there are any vulnerabilities in iPod (or any MP3 player hooked up to podcast sync client) codec, then podcasting is a good way to deliver overflow inducing content."

3 of 214 comments (clear)

OS X by m0rph3us0 · 2005-06-30 05:00 · Score: 5, Insightful

I guess OS X must be REALLY insecure then.

There is a big difference between RSS being a security risk and a bad implementation of an RSS reader and poor security model being insecure.
Blah! We don't have to worry... by slapout · 2005-06-30 05:01 · Score: 5, Funny

...cause Longhorn is going to be built on secure .Net technology......oh wait....nevermind. :-)

--
Coder's Stone: The programming language quick ref for iPad
The perfect slashdot article by gowen · 2005-06-30 05:13 · Score: 5, Insightful

vulnerabilities in iPod codec, then podcasting is a good way to deliver overflow inducing content.
Only on slashdot can people find a way to blame (putative) Apple vulnerabilities on Microsoft.

--
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.