Skip to main content

Web 2.0 technology brings new security threats

Web 2.0 style services (opens in new tab)and applications have laid the foundation of a new battlefield between hackers and criminals and the rest of us, a Security Expert speaking at Open Web Application Security Project (OWASP) U.S. 2007 conference said.

The conference was organised by eBay and is a place where security professionals can meet and exchange ideas with their peers and is the forerunner to next years Read Team eBay security conference.

Petko Petkov said that tools are readily available for criminals to use and nascent technologies like mashups will soon enable hackers to move up several notches.

The security researcher said that it wouldn't be easy for service providers like Microsoft or Google to close an app or a widget down in a bid to cull an attack.

More worrying, the use of RSS to email services to send commands to Zombie computers in a smart way as RSS feeds are not blocked by firewalls.

Rather than the technology behind Web 2.0 phenomenon, it is the permeability and the "open-all-day" approach that embodies the Web 2.0 mindset that will ultimately breach security defences.

It is still early days for Web 2.0 hacking but things have evolved since the first hackers and the first viruses were written; criminals have got much nastier this time.

Désiré Athow
Contributor

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.