Page 1 of 1
Web developers and users were warned Friday that security vulnerabilities in Web-based e-mail and other sites that allow user postings may be more widespread than previously thought.
"My guess is that 98 percent of the Web sites that allow users to supply text have a bug somewhere, because it's so hard to catch all the locations," said Richard M. Smith, an independent security consultant in Cambridge, Mass.
"The risks here are tremendous. If you want to choose a link and go to another URL you must log off your Web mail. If you click the link, you run the risk of infecting all your settings or having all your e-mail deleted," Battaliou said.
"There's going to have to be a lot of education for Web site developers about how to do the filtering. For users, a lot of this stuff is obscure and maybe nobody will care, but there is this very general problem," Smith said.
"It seems as though either they are aware of the problem and are thinking about doing something about it, or they are waiting for something to happen. If it's the latter, I'm sure that as time draws on something is going to happen."