Web 2.0 creates a need for a more secure web?

We have all become used to viruses and security holes in mainly Microsoft products. I have myself mostly seen viruses as attacks towards Microsoft but the fact is that it is an attack towards the private user. All phising and worm attacks are attacks towards you and your privacy. Most of us all have virus protection, firewalls, spamkillers, ad-blockers and antispyware softwares to protect us when out on the web. I have started to feel really secure, especially after I got a new Apple Powerbook a year ago.

Javascript has for long been used on websites but has with Ajax and Web 2.0 become more common. A technology blog at Guardian Unlimited brings once again up the danger of javascript. Javascript as been questioned before but with Ajax it became popular again. Comments to the posting claims AJAX can be replaced by a safer way to create Web 2.0 application – Xforms. Still AJAX is popular and if javascript, as the article from Cnet tells about, is such a security risk there is a question what to do. Hopefully websites will change to Xforms (if it offers the same possibilities). Everyone is happy about what Web 2.0 brings to the online experience and no one would like to go back to how it was before. The danger with javascript is that it runs in the browser so firewalls cannot do anything to protect you. Another article from Cnet talks about security risks in Web 2.0: “AJAX doesn’t just help make Web pages and sites more interactive. It could also provide ways for hackers to hit a Web server and to exploit sites in attacks on visitors, experts said.” In the article there is also a comment from Hoffman, who will give a presentation on AJAX security at next week’s Black Hat security event in Las Vegas. He describes it as a house: “A traditional Web site is like a house with no windows and just a front door. An AJAX Web site is like a house with a ton of windows and a sliding door. You can put the biggest locks on your front and back doors, but I can still get in through a window.”

The web in itself can be a little scary, not only because there are so many websites with malicious stuff such as pop-up ads, viruses and so on, But also in the way young kids are being exploited and threatened on communties and how private information are stolen. Now with this threat from AJAX and Web 2.0 maybe we will see some new solutions or standards for using the web. Maybe a kind of certificates or secure networks, making sure that the websites you visit are secure. We have seen a lot of consolidation and maybe that is a solution, large companies such as Yahoo and Google buying up smaller ones and guaranteeing the security. It could be a business model to compete with. Of course it will be bad for the smaller ones and offer a possibility for nations to censor content, threating the open arena that Internet offers. But maybe we need to have the option to do daily business in a secure arena but also be able to go out into the wild arena to find what we are looking for.

~ by Andreas Sigurdsson on August 6, 2006.

One Response to “Web 2.0 creates a need for a more secure web?”

  1. I am not sure I follow. People want a rich online experience, and if not for Javascript, it will have to be programmed in another way — remember ActiveX? Xforms seems like only part of any solution.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: