On 27 Apr 2005, at 6:00 pm, Bob Wyman wrote:
Paul Hoffman wrote:The order of entries is not significant for the subject attack. TheQuestion (not a disagreement): Why wouldn't the later entry be dropped instead of the first one being flushed?
reason is that it is possible for an attacker to mount an "anticipatory"
attack by discovering and predicting the atom:ids that will be generated by
a publisher under attack. In the simplest case, the author under attack
might use an id generating method that distinguished between ids by simply
incrementing a counter. Thus, if you knew the id of the last item published,
you could generate a "blocking" entry that used what was probably going to
be the next id generated. The fake id would block "real" posts if the rule
was to always drop the second or later instance of an id. This permits the
attacker to impose a prior-restraint or anticipatory block against a
publisher.
After years of dealing with seriously crappy RSS feeds, aggregator authors are smart enough to know everything in a feed is merely a hint and should not be not be trusted. This attack is not worth worrying about, though for completeness may be worth mentioning in the security section.
Graham Parks
