The Year Of 2007

Fri, 29 Dec 2006 08:45:48 GMT
by pdp

It has been a long year. Too many things has happened: some good, others pretty bad but in general all interesting and valuable. The year of 2006 was quite dynamic and filled with passion, hard work and insane achievements. However, this is not what this post is about. Let's have a look into what to expect for the new 2007.

The year of 2007 promises even more fun for computer security professionals, I believe, especially for the web hackers. IMHO, the AJAX world will grow to such an extend that hardly anyone will be able to tell how this has happened. JavaScript, as a language, will be the targeted platform for many software companies. They will realize that it is easier to code for the web rather for some specific platform. This will raise the number of web enabled/based applications and also will increase the number of attack vectors affecting them. The web will become a lot more hostile in 2007.

Not only the web will be affected from the AJAX bloom but the desktop too. Browsers are already bridging web applications with the desktop and RIA (Rich Internet Application) will make the net to merge into our lives to such an extend that even our grant parents will have some knowledge of what the WEB is and how it works. Adobe with their Apollo platform will be the biggest player in the RIA circles, followed by Mozilla with XUL and Microsoft with WPF. RIA will change the way we perceive the Internet and will reduce the development time to almost a third of what is usually required. Some people speculate that 3D capabilities will be embedded into these technologies in the near future too. That will be the moving factor for new type of online gaming, the one that works from the desktop and the browser and can be played, anytime, anywhere. Mozilla will release Firefox 3 with their improved Gecko engine. The XULRunner will become the core component of the popular browser. That will be enough for web enthusiast to start codding mature, interesting and valuable RIA applications. I suppose many companies will move to XUL because of its flexibility and power. Microsoft with their WPF will also conquer a few peaks, but their technology will be practiced among geeks and some Microsoft partners. The truth is that nobody likes to write applications that work on one platform only. In the long term this makes the investment of time and efford unjustified.

As you you are probably guessing, the year of 2007 will be all about RIA and also about integrating our static desktops with the ever changing WEB. That in terms will bring new types of attack vectors that will shake the grounds your are currently standing on. When RIA combines the dear desktop with the hostile WEB, firewalls will become to some extend absolute. Some companies will come up with expensive content filtering products to protect from port 80 based attacks and they will make a lot of money. Hackers will find other means of sneaking into these network. They will do it not for fun only, but for financial benefit as well.

RIA will definitely bring a lot of changes but it doesn't mean that everyone will suddenly change to the new technology. It will take some time. Attack vectors and exploits will be developed waiting for the RIA bloom which will happen no matter what. Meanwhile, browsers will be the most exploited platform. IE7 will prove to be inefficient and will fall under the category of DON'T USE BROWSERS. New vulnerabilities for Firefox will be discovered that will remind us to be careful and not to rely on what people and software vendors say. Opera will conquer the world of portable and gaming devices. It will become the defacto browser for Nintendo Wii.

The shape of the Web will change, mutate and transform into something very different from what Sir Lee originally thought. Social networks will conquer our lives. Everybody will become part of one or another network. AJAX worms will mainly target them in 2007. IMHO, almost every social network will be attacked by an AJAX worm. A chance for having a massive worm attack that spreads over two or more social networks is also quite possible. That will become the easiest way for constructing a botnet.

Speaking about botnets, some changes in this field will be observed as well. The meaning of the term botnet will change a little bit in the near future. A botnet will mean temporary gathered power. Attackers will take advantage of whatever it is out there. They will be able to create a botnets of a couple of millions machines that will last just a few minutes but for this short time they will be able to do a lot of bad stuff. How can you fight that? Dynamic botnets will emerge on the backbone of AJAX worms. That is the most easiest and convenient way of doing this kind of stuff.

Apart of botnets, other types of networks will also receive a sudden boost in 2007. The P2P will flourish with P2P TV and P2P Broadcasting. Everyone will be able to create online video channels. Hacking TV channels will become a fun and interesting activity.

As you can see 2007 will be quite interesting and exciting year. I don't claim that all of the above will happen; after all, how can we be certain about the future. Happy new year and good luck.

Archived Comments

Interesting post. Happy New Year!
Yo PP, hope you are well, your grammar is mostly appalling and eastern european, been hiding in KL too long, speak to you soon, have a good new-year
I also spoke about the RIA apps in my 2007 predictions ( and just posted an entry about attacking UIML's. Backdooring UIML's and Existing JavaScript Applications XUL has been around awhile, I see WPF to be ahead of it due to MS's immediate large user base once .net 3.0 hits mainstream. - zeno
Happy New Year! m@Xd, hehe... s*** happens. I will take your comment seriously. zeno, nice read. shall I make this a GNUCITIZEN Topic.
Happy New Year! All the best to pdp and everyone at this site. pdp, nice predictions of security field in 2007 year. I plan to make myself some words about security in new year, and I'll also say some words about your and zeno's predictions ;-). New year will be interesting in security field. If the first days of the year was so hot - it is about UXSS in PDF - try to imagine what will be next (because it is only beginning of the year). There many possible scenarios about evolution of security industry (and underground also). P.S. Pdp, really, there are to many "RIA" links on the text (about other overlinkings at the site I tell you in your other articles). Maybe you have to much free time :-) or you training in SEO, but you overdo with this links.
MustLive, thanks for the good words. Yes, 2007 seams to be very interesting. Let's see what will happen. BTW, it is a plugin I use that makes every RIA word into a link. Maybe I should disable it since it creates such a bad impression. Thanks for the comment.