For my next trick... hacking Web2.0

Fri, 31 Aug 2007 23:01:06 GMT
by pdp

After several month spent in research on Web2.0 Insecurities I've decided to sit down and write a whitepaper. The paper quickly became rather blurred due to enormous amount of notes I've collected on this subject. This is the reason why it was later restructured into stories, which provide a lot better medium for understanding the content.

For some Web2.0 symbolizes the start of a new era of the Web, for others it is merely a marketing buzzword designed to hook unaware venture capitalists on the Web2.0 hype.

The term Web2.0 appeared for the first time in 2003 at a conference organized by O'Reilly media. The event, simply titled "Web 2.0", attempted to reference the second generation of web technologies such as social communities, service oriented architectures, Wikis, blogs, collaborative environments, AJAX, etc. Since then the term has become widely adopted across the entire Web industry and it has been used ever since to describe innovation.

In simple words, Web2.0 outlines the technological, philosophical and social superset of what we used to know as just the Web. Although we know that the Web is not bound to any version number, it makes our lives a lot easier to do so, so we can refer to a particular set of features. The features of the Web2.0 era are rather blurred due to the enormous amount of different opinions on the matter but we all agree that they must include things such as feeds, data aggregators, collaborative environments, social networks, client-side technologies and SOA (Service Oriented Architecture).

Although Web2.0 has improved our ability to freely communicate and share via the means of the Net, it has brought some unimaginable dangers and as a result it is insecure. Web2.0 security is very much a collection of every single security aspects of its components. On their own they are just simple system abnormalities, but when put together they create a problem worth our attention.

In this paper we are going to outline some of the dangers of Web2.0 by combining fictional stories with technology that is real. Each story begins with a prologue, which introduces the problem, and finishes with a conclusion, which summarizes the attack techniques that are described within the story context.

Archived Comments

Nice work! Looking forward to the presentation of this 'meshup' next week. Regards, Seba
Nice job! I saved this in my paper section! Keep up the good work. Adriaan
Nice one.. very intresting paper..
Impressive presentation yesterday, you did a great research man.
Christian, I am glad that you liked it. It was a fun talk especially when you guys were so active in the process. Cheers.
Very interesting (and amusing) read :) Keep up the good work man... -P
Just stumbled onto this page. One word: AMAZING
Really, I pretty like the picture!
I'm proud to be Bulgarian ciitzen, the author of the article is fellow-countryman :)
Neo in makingNeo in making
Great job man! I appreciate it :)
excellent work should be published in newspapers worldwide or published in books or anything. bassiccally it should be conveyed to each human being using the internet
lovely work very well reaserched. I agree with Tanu(another person who gave her comments) that this should be told to each person who uses the internet it is ggggggreat. I think fantastic keep up the good work. i enjoyed every nuk-and-corner of this website. It was an eye-opener
tanu & tanessa, thanks. I am glad that you have enjoyed it.
J. DameureJ. Dameure
Awesome work and great overview this article gives. Got to read it serveral times though to get all the details :-)
Iovio sap testenIovio sap testen
Damn this article is pretty amazing, and in your conclusion you're right, and it is still growing up!