[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xml-dev
Subject:    RE: [xml-dev] Wrapping Scripted Media in RSS:  Secure?
From:       "Bullard, Claude L (Len)" <len.bullard () intergraph ! com>
Date:       2005-06-30 21:08:40
Message-ID: 15725CF6AFE2F34DB8A5B4770B7334EE072070EA () hq1 ! pcmail ! ingr ! com
[Download RAW message or body]

Thanks Jeff and Bill.

Apparently, any media type developed with internal scripting 
is a candidate for exploitation.  That's painful.  Almost 
every media type that is fun to do has that as a feature.

I was asking originally because a fellow BoD member for the 
W3DC (X3D) asked about putting 3D worlds inside RSS.  It is 
a great idea, but then we have to cope with the kiddies and 
the criminals.

This is interesting reading.

http://www.wired.com/news/infostructure/0,1377,68004,00.html?tw=rss.TOP

It corresponds to the darker thoughts I've had since 1989.  The only 
really safe approach is to recognize the Internet is inherently insecure 
and start over with the humbling knowledge that we have to plan for 
the dark and dumb sides of human nature when building world wide 
systems.  So yeah, let's put a semantic engine on top of the current 
system and see what they do with that given the unreasonable way 
people accept whatever comes out of these boxes.

Off tomorrow.  Happy 4th to those to whom that is a happy day... as 
for the Brits, TDBYRCBs! :-)

len

-----------------------------------------------------------------
The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
initiative of OASIS <http://www.oasis-open.org>

The list archives are at http://lists.xml.org/archives/xml-dev/

To subscribe or unsubscribe from this list use the subscription
manager: <http://www.oasis-open.org/mlmanage/index.php>


[prev in list] [next in list] [prev in thread] [next in thread]