As the Internet has evolved our collaboration options have evolved with it. We have gone from email to ftp to web to im. Now everyone’s talking about Web2.0, which offers social networking and online worlds as personal and, increasingly, as business collaboration tools. Each new collaboration method has ignored security issues at first, and has encountered reputation and take-up problems as a result. Web2.0 is set to conform to this time honoured pattern. One of the very difficult things about Web2.0 is its similarity to real life. On-line networking is like real-world networking and on-line worlds are like the real world – even to the point of having convertible currency in many cases. But on the other hand, we want the freedom in an on-line world to do things which would be dangerous, illegal or impossible in real life. That makes it very difficult to know what the rules should be in Web2.0. Is hate speech in an online world as bad as in real life? Should virtual smoking be banned in virtual restaurants? Most Web2.0 hosts are doing as little as they possibly can and legislating on a case by case basis when real problems come to their attention. They aren’t attempting to work within an overarching framework. Actually, I think this is the correct approach. Web2.0 hosts are developing common law rather than Roman law. As a member of the Anglosphere, I approve. But will Web2.0 be able to develop the security, privacy and reliability levels that business needs? If not, it will have to stay as ‘just a game’. I am indebted to my colleagues in the UK’s Security Consulting Practice, Anish Mohammed and Steve Allen, for contributing their know-how in this area.
Welcome to Web2.0 – with the same old same old Security
jarnold
10 Comments
Category :
About the author
10 Comments
Leave a comment
Web2.0 already has a certain level of security via Open Auth (http://www.oauth.net and Open ID (http://openid.net/)? Or do you mean something else?
The spread of internet and its evolution has been so rapid and fast paced over past decade that we have yet 2 fully understand its broader implications on our private, cultural ,social and political space. Web2 has a bubble around it which can produce crass but nobody wants 2 go against it as it may amount 2 crystal grazing. I mean think about it. Someone virtual being stopped from virtual smoking in a virtual restaurant. Is it supposed 2 be funny or simply dumbing down of us!
The spread of internet and its evolution has been so rapid and fast paced over past decade that we have yet 2 fully understand its broader implications on our private, cultural ,social and political space. Web2 has a bubble around it which can produce crass but nobody wants 2 go against it as it may amount 2 crystal grazing. I mean think about it. Someone virtual being stopped from virtual smoking in a virtual restaurant. Is it supposed 2 be funny or simply dumbing down of us!
Interesting points John. Banning virtual smoking. I like the analogy! At one point we will probably indeed need laws in the virtual world too.
And hasn't security always been the changeling of the project? Sometimes, security is even overstressed. I am thinking of the usage of the low budget MIFARE Classic chip that has a simple security mechanism by design, for seemingly high security applications. Now that this chip is cracked (which shouldn't have been that hard), every one is suddenly blaming the chip's vendor... (maybe we should blog about that sometime, I have some notes about this already).
And hasn't security always been the changeling of the project? Sometimes, security is even overstressed. I am thinking of the usage of the low budget MIFARE Classic chip that has a simple security mechanism by design, for seemingly high security applications. Now that this chip is cracked (which shouldn't have been that hard), every one is suddenly blaming the chip's vendor... (maybe we should blog about that sometime, I have some notes about this already).
I've been thinking about something recently that is related to this: in real life, sex with children is an offense. However, imagine you are in second life, someone else (an adult) is acting as a child (avatar) and offers sex, and you as an adult agrees to that. Should you be punished as well for that? It's an interesting discussion, since you can also wonder if people can be punished for their fantasies or things they would like to do (but don't do). You can also wonder then if we should have a system like that movie with tom cruise where they could predict future crimes and where they stopped it before it could happen.
Lee, you mean "The Minority Report". This gets very interesting now. Are you saying that we should monitor people's virtual behavioral patterns to predict crimes in the real world? Something like firing a teacher who uses the services of that adult with the child avatar on 2nd life? Could be very realistic, indeed.
@Mark
Is there still a difference between the real world and the virtual world? Perhaps for some, however I think we will join The Matrix within 10 years. Virtual and real worlds will be mixed up nobody can tells the different anymore and nobody needs to tell the difference anymore since is all has been accepted than.
"Have you ever had a dream, Neo, that you were so sure was real? What if you were unable to wake from that dream? How would you know the difference between the dream world and the real world?"
Is there still a difference between the real world and the virtual world? Perhaps for some, however I think we will join The Matrix within 10 years. Virtual and real worlds will be mixed up nobody can tells the different anymore and nobody needs to tell the difference anymore since is all has been accepted than.
"Have you ever had a dream, Neo, that you were so sure was real? What if you were unable to wake from that dream? How would you know the difference between the dream world and the real world?"
@Rick,
The full virtual live is already present. You can order anything from the web, earn your money from the web and there are unlimited reasons not to get out of the house when you are a digital native.
Although this has a downside in regard to the human social environment (and possibly reproduction issues), it has upsides when it comes to traphic, housing, polution and other major issues. You could argue that digital natives are especially valueble when compared to "ordinary people" when you look at something as basic as return on investment.
The full virtual live is already present. You can order anything from the web, earn your money from the web and there are unlimited reasons not to get out of the house when you are a digital native.
Although this has a downside in regard to the human social environment (and possibly reproduction issues), it has upsides when it comes to traphic, housing, polution and other major issues. You could argue that digital natives are especially valueble when compared to "ordinary people" when you look at something as basic as return on investment.
@rick @mark @arnoud
We still don't have an answer whether virtual offenses should be treated equal to real life offenses?
Im inclined to say no, since perhaps executing a fantasy in a virtual world, might prevent doing someone the same in the real world.
On the other hand, let's say we are in a quite a realistic virtual world where you rape someone, the emotional damage to the victim might just be as hard as in real life. So...?
*confused*
We still don't have an answer whether virtual offenses should be treated equal to real life offenses?
Im inclined to say no, since perhaps executing a fantasy in a virtual world, might prevent doing someone the same in the real world.
On the other hand, let's say we are in a quite a realistic virtual world where you rape someone, the emotional damage to the victim might just be as hard as in real life. So...?
*confused*
hmmmm... nice comments on a blog that has a direct link from capgemini.com
