Who would have thought that advertising, music, and software as a service would have been a few of the driving forces to bring back the popularity of the Internet? From the downfall of the dot-com to the success of Google Ads, from Napster’s demise to Apple’s comeback with iTunes, and from the ASP (Application Service Provider) market collapse to the explosion of hosted software solutions (Software as a Service), Web 2.0 looks strangely similar to Web 1.0. However, underneath the Web 2.0 platform, consumers are seeing a whole collection of technologies and solutions to enrich a user’s online experience. The new popularity came about due to organizations improving existing items that have been around awhile, but with a better offering to end users. Web 2.0 technologies are a big part of that, allowing applications to do a lot more than just provide static HTML to end users. With any new and/or emerging technology, security considerations tend to pop-up right at the end or not at all. As vendors are rushing to get features out the door first or to stay competitive with the industry, security requirements, features, and protections often get left off the Software Development Life Cycle (SDLC). Hence, consumers are left with amazing technologies that have security holes all over them. This is not only true in Web 2.0, but other emerging technologies such as Voice Over IP (VoIP) or iSCSI storage. This book covers Web 2.0 security issues from an attack and penetration perspective. Attacks on Web 2.0 applications, protocols, and implementations are discussed, as well as the mitigations to defend against these issues.
• The purposes of the book are to raise awareness, demonstrate attacks, and offer solutions for Web 2.0 security risks. This introduction will cover some basics on how Web 2.0 works, to help ensure that the chapters in the rest of the book are clear to all individuals.
Go To Base64 & Decode: