SPI Dynamics Security Engineer Robert Auger has found that both Web-based and local RSS readers are prone to code injection exploits, which may be used to steal users’ credentials, cookies, and keystrokes. When the integrity of an RSS code is compromised by either its author or a hacker, the results can potentially affect many of the feed’s subscribers. Sean Michael Kerner has the story.

ZDNet Ryan Stewart and Richard MacManus divide RSS readers into three categories and choose the best in each. They picked Rojo for best Web-based reader; and Newsgator for best desktop-based reader. Unable to come to an agreement on the best rich-interent application reader, they are pointing out three prominent applications in the category: Google Reader, FeedLounge, and Goowy.

Shel Holtz reports that more employers are now restricting access to RSS and podcasting at the firewall level, citing reasons ranging from excess bandwidth consumption to work productivity issues. Holtz is very critical of their approach. First, he argues, if the employee is expected to work overtime and take some work home, then by the same token some of home may be brought to work. Second, procuctivity is measured by how much work is getting done, not by how much time is spent on non-work-related activities. Third, RSS and podcasting are essential tools for keeping the employees up-to-date in their areas of expertise, and are not inferior to offline forms of employee training. Finally, he concludes, monitoring the workers’ computers or placing further access restrictions is bound to send a message that they can’t be trusted, which can be devastating to staff morale, in turn triggering diminished productivity.

In its recent e-commerce report, The New York Times describes the use of RSS feeds by online retailers. This allows merchants to reach consumers who have created personalized pages on various Web sites. But reporter Bob Tedeschi says there’s still a long way to go: “According to a Forrester survey last year, just 14 percent of Internet users even know what R.S.S. is, and fewer than 5 percent have used it.”

The Los Angeles Times’ “Internet Traveler” column has a review of RSS usability within the travel industry. James Gilden explains that from the end-user’s perspective, unwanted RSS content is less of a hassle the plain old e-mail spam: “if a particular news item fed to your desktop does not interest you, you simply ignore it (unlike e-mail that demands you act on it in some way — read it, delete it, get mad and try desperately to unsubscribe).” But Laura Johnston offers a different way to categorize the recepients: “‘People who tend more toward RSS than e-mail want to be in control’ of the information they receive.”

Harrold Swalve explains the importance of integrating RSS into every search engine marketing campaign. He suggests that out of the three possible ways to code it (HTML, Java, and PHP), the latter is the only way to go. Finally, he outlines a 5-step plan on how to implement it.

B!Soft has just released RSS Builder 2.1.3, a Windows-based application used for creating RSS feeds and on one’s Web site. Beginning with version 2.1.0, podcasting functionality was added. Its built-in FTP client supports RSS v2.0