Security? Privacy concerns regarding feed suggestion!

If I try to add a new URL I get suggestions of feeds with a subscriber count.
My question is: are those only taken from shared stories or are they taken from ALL feeds of all users?

This would be a security/privacy problem if someone used ‘keys’ in the URL.


1 Like…

Thanks John - exactly the info I was searching for.

But the info seems to be imprecise or there is a bug.
The screenshot shows feeds with only 7 subscribers.

Those are links to google web scripts that may not be intended for public use!?

Interesting. Perhaps Samuel can clarify if this behaviour has changed since then. I don’t see anything with just one subscriber, though there’s at least one with just two.

Those feeds at one point had 10 subscribers, but three of the subscribers unsubscribed (or perhaps deleted their accounts).

Also, I’m happy to add words to that blacklist. So ‘keys’ and ‘login’ may make the cut.

Well, I think the best protection for now is the one that the limit of 10 different subscribers must be reached (for the exact feed including all parameters).

A blacklist is nice but not secure. A Flickr ‘guest pass’ or a Google web script do not contain any of this words. And then you have all the different languages.

Maybe (in a future release) you can add an option to mark certain feeds as ‘private’.


I just had an idea that this ‘option’ should already be possible with a little trick:

In most cases one could add an additional parameter to the URL like &private=true In most cases this additional parameter should just be ignored but should trigger the blacklist filter.