Welcome!

ColdFusion Authors: Mike Kavis, Yakov Fain, Maureen O'Gara, Nancy Y. Nee, Tad Anderson

Related Topics: ColdFusion, AJAX & REA, Web 2.0

ColdFusion: Article

Did You Get the Web 2.0 Memo?

No, you did not miss the memo or a software upgrade notice, yet you've already arrived at Web 2.0

No, you did not miss the memo or a software upgrade notice. Yet you’ve already arrived at Web 2.0.

The “upgrade” from Web 1.0 to the new Web 2.0 world has been an evolutionary process, continually driving the Web to be more interactive, useful, and interesting for consumers and the business community. The evolution from Web 1.0 to Web 2.0 has been about improvements in the Web “experience” – from that of simply browsing static content and graphic images that display upon request, to an all-new highly interactive, programmable, and much more useful Web.

Oh, and also a much more dangerous place as well.

Back in the early 1990s, our Web usage resembled that of a visit to a library in search of information or data. And as far we know, rarely has anyone ever been attacked by a book in a library. In the new Web 2.0 world, however, the library is so real that the page on which you’re reading about lions seems to come alive – so much so that the next step may be that they actually jump out and take a bite out of you. Worse, the thing that you reach for to take off the virtual shelf may look like a book, but may not be a book at all; instead, it may be something else altogether – something disguised to look like a book, possibly a bomb that explodes upon contact. The lesson? Beware. To quote an old phrase, you cannot judge a book by its cover in the new World Wide Web.

The Web has evolved beyond simply serving up static content. It now incorporates a myriad of technology innovations such as highly interactive page content (things literally jump, spin, beep and entertain us), real-time updates from RSS feeds, Weblogs, social networking sites, podcasts, and mashups. We’ve also embraced asynchronous programming languages and Internet protocols (e.g., AJAX) that dramatically enhance the users’ interactive experience. In addition, new Web 2.0 technologies make it easy to actually contribute content, contribute attachments, and even contribute entire Web pages to Web sites like Wikipedia, YouTube, and MySpace, to name just a few Web 2.0 examples.

Risky Business
But the news isn’t all good: Today’s hackers don’t even have to compromise a Web site to inject malware for distribution; they are actually being invited to put anything on any Website they want to. Talk about letting the fox into the hen house!

What risks do we now face? Here’s a prime example: in November of 2006, Top Tech News (an Internet news and information site) reported that malware writers had used a Wikipedia article to lead users to a linked booby-trapped page. The page contained malicious code designed to plant viruses on the computers of unsuspecting users.

It was quite a creative ploy. The fraudulent Wikipedia page offered a bogus Windows security update for a version of the Lovesan/W32.Blaster worm, and included a link to an external site that was labeled with the name “wikipedia-download.org”. The malware writers reportedly used the archive storage function on Wikipedia to plant the malicious code on multiple pages. The attackers simply directed users to those archived pages through e-mails that used the Wikipedia logo, and claimed that the encyclopedia site had been asked by Microsoft to help with worm patches. When the users clicked to get the helpful patch for the Microsoft vulnerability, they got the Lovesan/W32.Blaster worm instead.

The Journey to Web 2.0
Before we explore the additional benefits and risks associated with Web 2.0, it’s important to understand how Internet applications have evolved. Wikipedia actually provides a very good timeline representation (see Figure 1) of this evolution to Web 2.0.

Some would argue that the term Web 2.0 is nothing more than marketing hype being applied to technologies that have already been a part of the Internet for a long time, in some attempt to invigorate more interest in these technologies. Regardless, there’s a bigger picture to keep in mind. The significance of Web 2.0 is not any specific new technology like AJAX (Asynchronous JavaScript and XML). Rather, Web 2.0 represents a material change in the way both programmers and users of the Web (now and in the foreseeable future) will use it as a computing and networking platform. Most Websites today incorporate at least some of the concepts and/or components of Web 2.0. There are many widely known examples such as Google, MySpace, Flickr, YouTube, Wikipedia, and Bloger that demonstrate the real capability and power that can be achieved by using Web 2.0 development techniques, software, applications, and tools.

The original concept of Web 2.0 has been credited to Tim O’Reilly and MediaLive International and was said to be the result of a brainstorming session that resulted in the first Web 2.0 conference. On May 16, 2006, the United States Patent and Trademark Office (USPTO) began allowing them to trademark the term Web 2.0 for use in their conferences.

In the initial brainstorming session of Tom O’Reilly and MediaLive International, they formulated a sense of Web 2.0 by example:

The original Web 2.0 article written in 2005 by Tim O’Reilly provides his highly regarded definition of Web 2.0.

More Stories By Paul A. Henry

Paul Henry is global information security expert, with more than 20 years' experience managing security initiatives for Global 2000 enterprises and government organizations worldwide. At Secure Computing, he plays a key strategic role in new product development and directions. In his role as vice president of technology evangelism, he also advises and consults on some of the world's most challenging and high-risk information security projects, including the National Banking System in Saudi Arabia, Department of Defense's Satellite Data Project, USA, and both government as well as telecommunications projects through out Japan.

Comments (1) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
Julian 09/19/07 07:23:21 PM EDT

Awesome read - well done...
We recently wrote a blog post that's probably also of interest to readers on this topic. http://julian101.com/archives/88

It talks about Web2.0 and sheds some light on whether we're really at Web2.0 or Web 16.0...

Julian Stone - ProWorkflow.com