Something about RSS [RSS news and comments]
RSS blog with information, news, comments, software and articles.
Thursday, March 31, 2005
Last days we had some problems with website security. First problem was reported by Zinho regarding some minor problems with cross-site scripting. I think it's only a minor issue because there was nothing wrong that could be done, nothing to steal or reveal. However we took seriously this problem and fixed it. Thanks Zinho.
Second one, I think unrelated with first one, was an attack of our forum. Somebody found our site with google.com.vn and used an IP address from Australia. Then used an old SQL injection vulnerability, posted something in forum and changed admin password. This problem also has been solved now.
I don't find interesting these attacks especially second one, as long as they used old methods public documented on security sites. If you want to prove something find new holes in softwares and help people make them more secure, not applying old, no-brain script.
Monday, March 21, 2005
Iraq Cultural Property Monitor:
I received a very interesting email from Mr. John Simmons, Chairman of The Baghdad Museum Project (Iraq Museum International) saying they used our ebay2rss free script to create an eBay automated monitoring for stolen Iraq artifacts. They also provide a real-time RSS feed with live auctions from eBay, based on this script, at http://www.baghdadmuseum.org/icpm_rss.php.
Unfortunately, selling stolen artifacts is a reality, difficult to control or monitor. Any effort in stopping or reducing this problem is appreciated. Of course, we never thought when made this script that could be used for such a purpose, but we are very glad if helped.
Thanks for letting us know about using ebay2rss and good luck in your work.
My RSS feeds: