Published 19 years 4 months ago • Last updated March 22, 2025 • ⏱️ 2 min read
Microformats sound like a fantastic idea in principle, you create a simple set of html attributes to define data for humans and robots to read and use, enabling sites to exchange data easily. You could for example download a business card from a company web site and import it into your address book in one click.
In security often when something is really easy to do it usually leads to major security problems. I have read articles in magazines, listened to Podcasts from influential people in the industry and countless articles on the web all talking about Microformats, what annoys me is they have ignored the major problem with the open exchange of data. You exchange data with everyone! Even the bad guys. In order for Microformats to be a success (I hope they are not) some sort of security precautions need to be considered.
It will be tough if not impossible to apply any sort of security to any Microformat because it uses HTML which can be read by everyone, imagine a Spammer knowing where you live, your firstname, surname. A Phishing attack could be constructed with pinpoint accuracy. I know this is an extreme example but if security is not considered now it will cause havok in future.