Do Blog Feeds carry a security risk?

Why BlogBridge Rocks
1. It looks cool and is easy to use … (more)
2. It has super powers. … (more)
3. It handles hundreds of feeds with the greatest of ease … (more)
4. It is Open Source … (more)
5. It works on YOUR computer … (more)
Links of Interest
For Your Information
BlogBridge is for ...
Our users' top rated blogs

See Top 100
- John Battelle's Searchblog (Feed)
- TechCrunch (Feed)
- Boing Boing (Feed)
- Javalobby - The heart of the Java developer community (Feed)
- Slashdot (Feed)
- Joel on Software (Feed)
- Engadget (Feed)
- ReadWriteWeb (Feed)
- O'Reilly Radar - Insight, analysis, and research about emerging technologies. (Feed)
- d2r (Feed)
New in the Library

See Them All

August 5, 2006

Do Blog Feeds carry a security risk?

Filed under: BlogBridge — Pito Salas on 9:05 am

C|Net has an article claiming that: Blog feeds may carry security risk.

Personally I think this is a bit alarmist. I’ve not done a count, but I think most aggregators don’t execute Javascript encountered in RSS Feeds. In fact the quality of the HTML found in RSS is so bad that I think most of us do some major scrubbing and cleaning to get it to be meaningful.

BlogBridge does not process Javascript and thus is not vulnerable to this attack. I bet this is true of many if not most of our esteemed competitors.

In general though I think it’s much more likely that malicious Javascript affects pages displayed in the Web Browser, so the focus correctly should remain there.