New security concerns with Google Reader

By Alan Harten

A new feature that permits users to include notes in the Shared Items feed of Google Reader may be flawed.

The highest item in the Shared Items feed indicates that users can change text not only in their own articles, but also in any article, at least according to Ryan S. on Duff’s Device.

He is unable to locate the permalink in his Shared Items Feed, this in turn could result in unscrupulous people being able to change existing text, or possibly making new additions to that text.

If that were to become widespread it would not be possible to know if the content was all original, as it had been intended by the author, or if a third party had added to, or altered, the original text.

Another concern is that the full HTML markup of each article is available, which could lay the article open to many kinds of abuse.

According to ‘Mashable’ this potential to gain access to the original HTML and make alterations within ‘notes’ has the potential risk of allowing access to users’ PCs.

This ‘open door’ could also permit damage to tracking and ranking, aggregation utilities that are based on shared feeds, as well as making it possible to change the whole nature of the article content.

Mr. Ryan also voiced concerns about possible vulnerabilities in the area of security - if malicious code were to be added it could migrate to users PCs.

There is no practical way to track or even detect article content that has been modified, not even with the powerful algorithms at Google’s disposal.