inside the man

Wednesday, December 07, 2005

How to hijack a podcast

There is an interesting story about a hijacked podcast at eWeek. It includes details of how a vegan podcaster's feed was hijacked and held for ransom. From the article:

"The manner in which the purported hijacking occurred exemplifies the fact that RSS feeds are far more vulnerable to squatters than Web site domains. The method doesn't require stolen passwords or other overtly illegal methods.

Rather, it merely involves finding a target Podcast and creating a unique URL for it on a Web site that the hijacker can control. The hijacker then points his URL to the RSS feed of the target Podcast.

Next, the hijacker does whatever it takes to ensure that, as new Podcast engines come to market, the page each engine creates for the target Podcast points to the hijacker's URL instead of to the Podcast creator's official URL.


No comments:

About Me

My photo
Edmonton, Alberta, Canada
Returned to working as a Management Consultant, specializing in risk, security, and regulatory compliance, with Fujitsu Canada after running the IT shop in the largest library in the South Pacific.

CC Developing Nations
This work is licensed under a Creative Commons Developing Nations license.

Site Meter