Thursday, December 3, 2009

A Famous Elf Delivers Web 2.0 Presents?

I was scouring the web to find something a bit different than what we, as a class, had seen so far. I guess you could say I hit the jackpot. I was going to verify if this site listed what my classmates had contributed thus far but, I can’t afford to do so seeing that I’m so far behind the 8-ball as it is.

In a collaborative effort to see if has a close-to-comprehensive list, I therefore invited them all to play a game. I asked that they visit the site and see if they could find their contributions there. Time will tell if anyone wants to play! An initial estimate suggests there are approximately 3000 Web 2.0 tools listed on this site.

At first glance, there are a lot of similar tools. There are a few I thought I’d share. I’m copying and pasting the write-ups, which includes direct links to the original sites. Some of my own comments are intertwined on this blog as well.

Web 2.0 for Wee-Ones

I was particularly impressed by this one, strictly designed for kids. Just don’t forget to send your kids outside to play too!

Game Platform for Kids
“Game Classroom is a one-stop web destination for accessing high-quality educational games, and homework help for K-6 students. Game Classroom offers math games, homework help, worksheets and more. It is a great site for kids, parents and teachers.”

Tired of the Same Old Fonts?
I do a significant amount of graphics and imaging. Photoshop is a great tool but it comes with a limited set of fonts. For a fee, you can augment your library of fonts significantly but why? This Web 2.0 tool offers a variety of fonts to be used for FREE on redundant servers. The subscription-based service is an added value to me.

An easy way to use Real Fonts
“Typekit is a subscription-based service for linking to high-quality open type fonts from some of the world’s best type foundries. Fonts are served from a global network on redundant servers, offering bulletproof service and incredible speed. And it couldn’t be easier to use.”

Luel Musings . . .
One ever-present question in my mind when discussing new technology is, what have we done to protect the unsuspecting web-based communities from the bad guys? I mean, here we are, enabling social networking with all sorts of cool tools, to a mass who is already at a disadvantage in terms of security and protection knowledge. Here's food for thought. How many times have you bumped into someone who had out-dated virus software? Did those same people even know what a PC firewall was? What about clicking on email embedded links?

While I whole heartedly embrace technological evolution, I'm all about doing so cautiously. I remember the days when no login was required to browse anyone's profile. Yesterday, CNN told us that Facebook is bringing about big changes in order to protect their users' social networks. Regional networks have become so big, they say, there is no longer sufficient privacy protection. Very proactive on Facebook's part. Great!

Here’s the link to the article: Facebook to lose geography networks, add privacy features

Why do I bring this up? Read on. . .

Turn bugs into Opportunity
“An online service to which you can delegate serving error pages and collecting user feedback on errors. You can customize your error pages in the browser and be friendlier to your users in case of errors.”

Sounds good right? Anybody who is anybody in IT security is probably already grimacing at this idea. Collecting error information from a web site is a traditional and sure way to find vulnerabilities. Still today, SQL injections plague us. Recent usage of combined XSRF and XSS has shown that we can now worm browser exploits. I'm not saying that bugsVoice would do such a thing, not at all. What I am saying is that it won't be long before someone phishes for such errors with malicious intents. It wouldn't take too much work for a savvy internet-bandit to build a Web 2.0 front to offer such a service. For me, anytime you open up a port for someone to execute code on your machine, you're asking for trouble. How much trouble? I suppose that depends.

But there's hope. . . with some limits. I'm not sure how this would help the lay-user at this point.

An article in Computerworld, October release, discusses a means to "Forging a Web 2.0 Shield". In 2006, instead of forbidding their employees to visit social web sites, BT Global Services saw an enablement opportunity. It became a business tool to help build new business relationships. Security, however, wasn't only about company property. I was also about employee privacy and safety. Some criminal mind might use the information to find out where someone lived or, if they would be out to a concert for example. BT's Ray Stanton and team devised a set of URL filtering and security technologies to afford a shield of sorts. The appliances they use give them flexibility to manage their users at a very granular level via policies. So far, Stanton's team seems to be staying ahead of the problems in spite of the high risks universally associated with social networking tools. I would be curious to find out about the cost analysis for such an investment. It seems hardware alone is expensive. I cringe at the additional man-hours needed to stay on top of configurations and management. This would definitely be interesting. I imagine BT finds enough value in it. Good of them to forage a new IT trend in the corporate world!

Incidentally, bugsVoice is in beta stage so, we’ll have to be a "bit" patient and see what snazzy methods they might devise to protect the innocent.

No comments:

Post a Comment