2008
Hacking FriendFeed with Metafeeds
I did a search in FriendFeed and noticed that at the bottom it had a feed icon. This gave me the idea of creating an imaginary friend out of the search results so that I could get everything about “meta”, for example, in my FriendFeed home page. This could be really useful; kind of like Google Alerts but streamed into my FriendFeed.
I tried it and it works great! Trying to learn about CouchDB or some underground tool that has little documentation? No problem. Just add the search for it as an imaginary friend, and anyone on FriendFeed that posts anything about it will show up in your feed. It’s like a customized news feed of the entire web streaming directly from the hackers using and creating stuff, even when you don’t know who they are.
This gave me another thought though… What if I added “http://friendfeed.com/search?q=meta&public=1” or even “http://friendfeed.com/public” as one of my own feeds. Every single FriendFeed post would theoretically show up in my feed, which should also show up in http://friendfeed.com/public, creating a self-referential loop of importing posts of imported posts of imported posts, etc., etc.
I tried it, and it really works. This could potentially lead to an exponential blowup of posts, and possibly even a DoS vulnerability, depending on how FriendFeed is implemented. I tried to contact FriendFeed about this, but I got no response. As smart as they are, I trust they’ve taken this into account. If not, I’m sure they will as more people discover it.
