« Feed Security and FeedDemon | Main | ANN: FeedDemon »

Wednesday, August 23, 2006


Feed You can follow this conversation by subscribing to the comment feed for this post.

Reading this post, I again realize that the (little bit of) money I spent to buy FeedDemon, was very well spent. Thanks.

Thanks, Nick, for jumping on this. I'm with Anne on the worth of the investment.

Thanks a lot for commenting on this. We have decided to go with another approach and did not use the IE engine, but just an html viewer to show the rss feeds in our reader. So no vulnerabilities from this side, because there is no engine to execute any script language.

I wonder, if there is not way to stop script execution completely in the IE activex.

Anne, Sterling: thanks for the kind words!

Siegfried: there is a way to turn off scripting in the IE engine, but that also means that FeedDemon newspapers can't use JavaScript. Also, I should add that the exploits aren't specific to using the IE engine - web-based aggregators are vulnerable as well, even when viewed in Firefox.

Glad to hear you're on top of it, Nick :D

Nick. I would like to contact you about the details of your solution but have no idea where to find your email :).


Ben, I have your email, so I'll drop you a note shortly.

Nick, as the developer of a 'hybrid' RSS reader, I'd be interested in your solution to these issues too. Thanks!

Brian, I'm traveling for a couple of days and don't have the details with me, but I'll email you the details when I return home.

The comments to this entry are closed.