[prev in list] [next in list] [prev in thread] [next in thread]
List: xml-dev
Subject: RE: [xml-dev] Wrapping Scripted Media in RSS: Secure?
From: "Bullard, Claude L (Len)" <len.bullard () intergraph ! com>
Date: 2005-06-30 21:08:40
Message-ID: 15725CF6AFE2F34DB8A5B4770B7334EE072070EA () hq1 ! pcmail ! ingr ! com
[Download RAW message or body]
Thanks Jeff and Bill.
Apparently, any media type developed with internal scripting
is a candidate for exploitation. That's painful. Almost
every media type that is fun to do has that as a feature.
I was asking originally because a fellow BoD member for the
W3DC (X3D) asked about putting 3D worlds inside RSS. It is
a great idea, but then we have to cope with the kiddies and
the criminals.
This is interesting reading.
http://www.wired.com/news/infostructure/0,1377,68004,00.html?tw=rss.TOP
It corresponds to the darker thoughts I've had since 1989. The only
really safe approach is to recognize the Internet is inherently insecure
and start over with the humbling knowledge that we have to plan for
the dark and dumb sides of human nature when building world wide
systems. So yeah, let's put a semantic engine on top of the current
system and see what they do with that given the unreasonable way
people accept whatever comes out of these boxes.
Off tomorrow. Happy 4th to those to whom that is a happy day... as
for the Brits, TDBYRCBs! :-)
len
-----------------------------------------------------------------
The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
initiative of OASIS <http://www.oasis-open.org>
The list archives are at http://lists.xml.org/archives/xml-dev/
To subscribe or unsubscribe from this list use the subscription
manager: <http://www.oasis-open.org/mlmanage/index.php>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic