[home: http://monkeyfist.com]
home | contact | about | archive | swag
essays · argument · politics · technology · culture

Megginson on XML Sabotage

by Niel BORNSTEIN

Saturday, 04 March 2000


[icon] Printer version
[icon] Permanent URL
[icon] Support this author's work

In a presentation at XTech 2000, conference co-chair David Megginson described some interesting vulnerabilities of XML.

For example:

  • Trusted Code
    Megginson said he regularly uses code from James Clark and others, even running setuid root without checking for vulnerabilities.
  • CSS Attacks
    Megginson explained how simple changes in a stylesheet can obscure text or otherwise vandalize content.
  • Entity Spoofing
    Megginson demonstrated how to add content to any web page by replacing &emdash; with the Communist Manifesto. Cool!


Let's be careful out there.

· More about XML
· More by Niel Bornstein
· More web pages like this article
· Discuss this article

Home
Writer's Guidelines
Discussion list
Subscribe · Archives
Related sites
White Privilege
The Daily Churn
Ftrain.com
randomWalks
Indy Media
Misnomer
Black Commentator
Zoe Mulford's album, Traveling Moon
Hacking Food
Py
the Dominion
Features & subjects
G8 Protests
NYC WEF Protests
Quebec City Protests
Austin Protests
RNC-Philly Protests
A16.DC Protests
DNC-LA Protests
Politics
Activism
Life
Politech
Technology
Music
WEEKLY REVIEW
Search
Alternate Views
Back Issues | XBEL | RSS
Tip Jar
Show your love.
Infogeekorama
Monkeyfist.com is also known as <urn:ISSN:1546-7791>.
© Copyright 1999-2003 The Monkeyfist Collective.