Web 2.0, meet Internet attack 2.0
SAN FRANCISCO--The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday.
"Security was a challenge to begin with, but if anything it's getting harder in the Web 2.0 world," said Jacob West, manager of the security research group at Fortify, a company that helps companies make sure their software is secure. He made his comments during a talk at the Web 2.0 Expo in San Francisco here.
West was pessimistic that fundamental progress would help reduce vulnerabilities. Companies with browsers and Web sites are reluctant to embrace change that would break compatibility with older technology, for example.
"We're talking about fixes that are going to come in the 10-year time frame," he said.
Other toolkit makers were not so responsive, though, he said: "Microsoft and Yahoo wrote back and said, 'Nope, we're not going to fix that.'"