ZDNet.com ran an article today stating that RSS Feeds may present a security risk to subscribers. You can read about it here:
Blog feeds may carry security risk
The question should arise, "What about Quikonnex RSS Feeds?"
The article lists "Bloglines, RSS Reader, RSS Owl, Feed Demon, and Sharp Reader as vulnerable" as well as other systems that use Windows Internet Explorer to display feed content. The risk is that someone could put a malicious Javascript into the content of the feed and this could do harm to a subscribers computer. This would be no different than visiting an unfamiliar website and having the owner of that site (or the cracker that busted into their site) run similar malicious javascripts. Another risk for blog owners is that visitors can insert javascript into comments on their articles. If the blog owner uses these comments in their blog's RSS feed, then these scripts could be passed to their subscribers.
So how is Quikonnex.com and it's publishers affected by this? First of all, there's the fear factor. For example, there are many folks that think Cookies are going to harm their computer so they block them. Cookies WILL NOT hurt your computer, but they will make your Internet surfing experience less than optimal if you turn them off. So naturally, there will be some folks who will not subscribe to an RSS feed but of this potential risk. If you subscribe to a newsletter via email is there a risk that the publisher will send you a virus via email? Yes, but it's highly unlikely. Likewise it's highly unlikely that a subscriber to a Quikonnex RSS Feed is going to be harmed by a malicious javascript. And here's why:
-
Quikonnex Publishers pay for their services on Quikonnex.com. This means there's a monetary trail between Quikonnex.com and the publisher, thus making it VERY difficult for them to hide if they put a malicious javascript into their blogs or in their feeds.
-
Commenters on Quikonnex Publisher's blog pages can not utilize any HTML code, thus eliminating their ability to insert javascript. Viewing Quikonnex Publisher's comment via an RSS feed would not subject the subscriber to attack.
- Quikonnex subscribers using the Quikonnex DeskView or QuikView applications to view non-Quikonnex RSS Feeds will not see the HTML code used in those feeds. Quikonnex Publisher's feed can contain HTML, but non-Quikonnex Publisher's cannot. This is not only for the protection of the subscriber, but for protection of the Quikonnex servers.
My business partner, Carolyn, and I have often used the term "Trusted Information Providers" or TIPS to describe publishers in the Quikonnex community. This is the real way to protect yourself on the Net. Seek information from trusted providers. It's this trust that keeps our publishers working through Quikonnex to reach their subscribers and creates synergies with publishers working with each other.
Good point. Those of us publishing RSS content should come up with a way to disable javascript content. The only functionality available should be a simple link to other websites. Then of course, other things could happen.
Doesn't hurt to be careful, but home4success was on target also- depends on whose feeds you publish.
Good points Jim. I am so thankful that the publishers in the Quikonnex community have you and Carolyn to rely on for information. This is the best system out there and you offer so much to the publishers. Your care and support can't be beat. Thanks so much.
Good article Jim.
I believe in the integrity of the Deskview System and the awesome power of Quikonnex.
I have always liked the way you guys do business. I stand for the same things as you. Reliability, honesty and integrity.
Hats off to all you do for us!
Butch Hamilton
http://webtrafficconnection...
Doesn't hurt to be careful, but home4success was on target also- depends on whose feeds you publish.