The Web experienced a roller-coaster ride in 2007 with Social Networking emerging as the happening area. More and more user activity moving to the clouds was another phenomena. But it was also the year which raised serious questions on security around web applications and web services.
Issues galore
Just a couple weeks back Carsten Cumbrowski mentioned a few bugs and issues with Google’s products ( Part 1 and Part 2).
Google is famous for the frequency at which it pumps in new features in its products. With more services bound to go online, especially on the enterprises front, anti-malware firms have tolled the bell on the security issues confronting the Web.
Window of response
Chief among the issues enabling malware propagation over the web is their spread in the time it takes for security agencies to respond to attack vectors. With no mechanism or solution to ensure patched uptodate versions of software running on individual PCs accessing the web, its always an advantage for the Trojans, botnet herders and account hijackers.
Reducing the window of response
Minimizing the time interval between the occurrence of an attack and reporting of the vector can come a long way in bolstering the anti-malware approach. There have developments in the search front that can aid in this. Web crawlers have indeed come of age to grab the latest events on the Web. Google is known to have pages indexed only minutes after they are uploaded on the web. This is indeed phenomenal considering the zero barrier entry to content creation on the web on a global scale.
Semantic technologies have been developed with the intent of making the Web “understandable” at the machine level. Instead of having the Web as a repository of information, the Semantic Web is about enabling seamless flow of data on the web across applications.
Combining the indexing capability of search engines with semantic technologies that can compute concepts could go a long way in bringing major issues around security breaches to the attention of concerned firms. Blogs and forums have emerged as the vox-populi on the net and are the hub of online activity. Services that can deploy semantic technologies to index forums and posts and perhaps bring them to the attention of a consortium of anti-malware companies could minimize the window of response, making the web a more secure place.
