Mashups with the Google Mashup Editor

published: June 25th, 2007

I have started a discussion on the security aspects around mashups not that long time ago when I presented my talk on Advance Web Hacking in OWASP, Italy. At that time I was experimenting with Yahoo’s Pipes system and Dapper which I used to create a powerful web spider in JavaScript, which circumvents the same origin policies, online filesystem based on TinyURL (again in JavaScript) and last but not least, GHDB, the online Google Hacking Database Interface. I am going to talk a lot more on the security aspects in mashups very soon. For now, I recommend that you have a look at Google’s Mashup Editor which is a new product designed to rival Yahoo’s pipes. In short, this means that you should take all of the stuff that I talked about in OWASP in triple their severity level.

» more | » comments rss | posted by pdp | syndication and integration ( )

Respond

In order to preserve the high standards of GNUCITIZEN, before you post a comment, please take note of the following guidelines:

Commenting is provided as a courtesy only.
Please be brief and relevant to the post.
Please be polite even in disagreement with us or others.
Support claims you wish to make using sources and links.
No personal attacks, name calling, or commercial commenting.
Anyone creating false or multiple identities will be banned.
If you don't have a cogent argument, you will be censored.
If you are purposefully deceptive, you will be censored.
No spamming or flooding.

We appreciate your time and effort in contributing to GNUCITIZEN.

name: (required)

mail: (required)

website:

comment:

GNUCITIZEN Products

	Blogsecurify is a division of GNUCITIZEN. The initiative was established to provide social media security services through our free automated testing engine. The Blogsecurify team is also engaged to deliver quality content on issues concerning social media technologies.
	Netsecurify is a division of GNUCITIZEN. The initiative was established to provide network security services through our free automated testing engine. The service is still in private-beta.
	Websecurify is a division of GNUCITIZEN. The initiative was established to provide a free web application security framework for automated and manual penetration testing. The service is still in private-beta.
	Secapps serves as an application directory of all online tools which the GNUCITIZEN team has built over the years.
	Securls serves as an information security intelligence tool, combining news and articles from the best information security resources online.

Visit the GNUCITIZEN Network for a complete listing of all GNUCITIZEN initiatives, products and partnering organizations.

GNUCITIZEN

Navigation