A General Introduction to Web 2.0 Technologies and Applications

advertisement
A General Introduction to Web 2.0
Technologies and Applications
Presented by: Prof Mark Baker
ACET, University of Reading
Tel: +44 118 378 8615
E-mail: Mark.Baker@computer.org
Web: http://acet.rdg.ac.uk/~mab
March 23, 09
mark.baker@computer.org
A General Thanks
• Firstly, I would like to say a big THANK YOU to
all the speakers that I have harassed over the
last couple of months to participate in this
workshop.
• The event has talks on:
–
–
–
–
–
Web 2.0 technologies,
Clouds,
User/Usability,
Application,
Tutorials, which should help start people in some of
these technology areas.
March 23, 09
mark.baker@computer.org
Outline
•
•
•
•
General Introduction,
What is Web 2.0?
Gartner Hype Curve…
Web 2.0 Technologies:
–
–
–
–
–
–
–
Wikis, Blogs, RSS, Tagging,
Social networking,
Flickr, Slideshare, YouTube,
Twitter, REST AJAX,
iGoogle, google gadgets,
Web Semantics, Twine,
Security concerns,
• Summary/Conclusions.
March 23, 09
mark.baker@computer.org
General Introduction
• Various technologies seem to appear in waves, some are
taken up and are successful, and others die out quickly.
• I have been working in the parallel, distributed
computing and HPC arena for 20+ years.
– Seen lots of interesting technologies come and go!
• CORBA, Jini… etc…
– Spent a lot of time work on grid technologies and e-Science.
• However, the Web 2.0 area seems to have been one of
those domains of interest that has taken off like a
rocket!
• Hence the keen interest with this workshop, and the
Edinburgh eSI theme that is exploring – ”The Influence
and Impact of Web 2.0 on e-Research Infrastructure,
Applications and Users”…
March 23, 09
mark.baker@computer.org
General Introduction
• It would be easy to ask questions as to why we want to
explore this area… but these are some reasons!
March 23, 09
mark.baker@computer.org
What is Web 2.0?
• Tim O'Reilly first coined the term back in 2004.
– The terms became more significant after the O'Reilly Media
Web 2.0 conference in 2004.
• Tim O'Reilly said that “Web 2.0 is the business
revolution in the computer industry caused by the move
to the Internet as a platform, and an attempt to
understand the rules for success on that new
platform”…
• Many of us back in those days really wondered exactly
what Web 2.0 was…!?
– At that stage we thought the Web 2.0 stack was fairly empty…
but since those days the extent that people collaborate,
communication, and the range of tools and technologies have
rapidly changed.
March 23, 09
mark.baker@computer.org
What is Web 2.0?
• Another more compact! description from Tim O'Reilly…
– Web 2.0 is the network as platform, spanning all
connected devices;
– Web 2.0 applications are those that make the most of the
intrinsic advantages of that platform:
• Delivering software as a continually-updated service that
gets better the more people use it,
• Consuming and remixing data from multiple sources,
including individual users, while providing their own data and
services in a form that allows remixing by others,
• Creating network effects through an "architecture of
participation," and going beyond the page metaphor of Web
1.0 to deliver rich user experiences.
March 23, 09
mark.baker@computer.org
Web 2.0
• Web 2.0 has many aspects:
– Business Models that survived and have promise for
the future.
– Approaches such as services instead of products,
the Web as a platform, ...
– Concepts such as folksonomies, syndication,
participation, reputation, ....
– Technologies such as AJAX, REST, Tags,
Microformats, ...
– And many others ...
March 23, 09
mark.baker@computer.org
What is Web 2.0 ?
•
•
•
•
A concept not a product.
A way of thinking.
A way of working – collaborative and social.
About:
– Sharing information with others,
– Information coming to you,
– Deciding how you receive and view the information.
• All sorts of technologies but….
• Examples:
– Blogs, RSS, Wikis, social bookmarking (e.g. Furl,
Del.icio.us, Connotea) Flickr, Facebook, MySpace, web
based forums, email discussion lists, YouTube, Second
Life……
March 23, 09
mark.baker@computer.org
Gartner Hype Curve
March 23, 09
mark.baker@computer.org
Gartner's 10 strategic technologies for 2009
• The "potential for significant impact on the enterprise
in the next three years":
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Virtualization,
Cloud computing,
Servers (beyond blades),
Web oriented architectures,
Enterprise mashups,
Specialised systems,
Social software / networking,
Unified communications,
Business intelligence,
Green IT.
March 23, 09
mark.baker@computer.org
Web 2.0
Web 1.0
Web 2.0
DoubleClick
Ofoto
Akamai
mp3.com
Britannica Online
personal web sites
Evite
 Google AdSense
 Flickr
 BitTorrent
 Napster
 Wikipedia

Blogging
 Upcoming.org and Events and Venues
Database
Domain name speculation  Search engine optimisation
Page views
 Cost per click
Screen scraping
 Web Services
Publishing
 Participation
Content management systems 
Wikis
Directories (taxonomy)
 Tagging ("folksonomy")
Stickiness

Syndication
From Tim O’Reilly’s “What is Web 2.0”on O’ReillyNet, 9/30/2005;
http://www.oreillynet.com/pub/a/oreilly/tim/news/2005/09/30/w
hat-is-web-20.html?page=1
March 23, 09
mark.baker@computer.org
Wikis
• wiki-wiki – Hawaiian meaning quick.
• First wiki was the WikiWikiWeb, Ward Cunningham
1995.
• A collaborative web application that allows users to
easily add and edit content.
• Can be used for:
– Developing documentation,
– Project management:
• History keeps a record of the changes and different versions of
the documents.
– Developing a conference programme.
• Encourages collaboration.
• Many have blog like discussion areas and RSS feeds.
March 23, 09
mark.baker@computer.org
Wikis
• Relatively standardised format and layout “Makes our
contributors concentrate on content rather than
wasting time on pretty layouts”.
• Default in most Wikis will let anyone create and edit a
page:
– Need to protect Admin functions and limit creation, edit and
access rights,
– Can “lock” individual pages or sections,
– Can require registration to set up new pages or edit existing
ones.
March 23, 09
mark.baker@computer.org
Wikipedia
Option to edit
the page
March 23, 09
mark.baker@computer.org
Wikipedia (2)
No edit
option
March 23, 09
mark.baker@computer.org
Wikipedia - history
Date of edits
March 23, 09
Author/editor
mark.baker@computer.org
What are wikis used for in real life?
• Wikis for training materials and conference organising:
– NeSC/eSI do this.
• Wikis for compiling subject guides.
– We create manuals/user-guides in our private Wiki, then have
some PHP that lets us expose the content to the public.
• Using a Wiki on an Intranet for internal purposes.
March 23, 09
mark.baker@computer.org
Blogs
• What is a Blog?
– Short for web log,
– Content management system that publishes
information chronologically,
– Content can range from self-indulgent drivel to
extreme depth,
– Easy to use and publish from anywhere, therefore
there is a high proportion of utter rubbish in the
“blogosphere”,
– Blogs automatically generate RSS feeds.
March 23, 09
mark.baker@computer.org
Anatomy of a Blog (2)
Tags
Archives
List of recent
posts
March 23, 09
Blogroll of
related blogs
mark.baker@computer.org
Applications of Blogs
• Instead of, or in addition to, a printed, emailed or
static web-based newsletter:
– Current awareness for staff, users, researchers and clients “What’s new”,
– Publicising new services/products, encourage feedback via
comments.
• Marketing tool inside and outside of the organisation.
• Recording professional development and reflective
practice plus project development and discussions.
• Comments or “suggestions” box.
• Monitor blogs for information and competitor
intelligence.
• Alternative publishing medium.
March 23, 09
mark.baker@computer.org
Blogs as sources of information
• Blogs by industry gurus and experts are a good way of
keeping up to date with what is happening in a
particular sector.
• Look for the Blogroll of List of Links on a relevant
blog.
• Google Blogsearch http://www.google.com/blogsearch
– Uses advanced search to search within an individual blog.
• Ask http://www.ask.com/ – Blogs and feeds.
• Live Feeds search - http://search.live.com/feeds.
• Blog search engines and directories:
– http://www.technorati.com/
– http://www.blogpulse.com/
– http://www.quacktrack.com/
March 23, 09
mark.baker@computer.org
What is RSS?
• Stands for Really Simple Syndication, or Rich Site
Summary or RDF site summary.
– Depends on version:
• Rich Site Summary (RSS 0.9x),
• RDF Site Summary (RSS 0.9 and 1.0),
• Really Simple Syndication (RSS 2.x).
– Also ATOM (Google).
– Written in XML.
– Look for the orange logos.
• A means of delivering headlines, alerts, tables of
contents.
Regarded as the de
facto standard
March 23, 09
mark.baker@computer.org
Why RSS is not that popular?
You need a feed “reader”…
March 23, 09
mark.baker@computer.org
http://www.google.com/reader
….like Google Reader
March 23, 09
mark.baker@computer.org
RSS instead of email
• Reduces the overload in your email inbox.
• By-passes spam filters.
• Quicker and easier to scan and spot individual
headlines within an alert or newsletter and decide
what is relevant.
• Can set up filters to pick up stories that mention
specific products, companies...
• You control when you receive and read the feeds.
• Easier to “unsubscribe”.
March 23, 09
mark.baker@computer.org
Tagging on Del.icio.us
March 23, 09
mark.baker@computer.org
Some Common Uses for Del.icio.us
• Storing bookmarks online so they can be accessed
from the Internet.
• Consolidating bookmark collections to eliminate the
confusion of attempting to locate bookmarks stored
on multiple computers.
• Personal interests – shopping, vacations, hobbies, and
so on.
• Academic Pursuits – keeping track of online source
materials in one location.
• Sharing – Bookmarks via the public.
• Expertise Mining – all bookmarks on del.icio.us have
been chosen by a human being.
– Exploring the results of their previous searches is a great
labour saver
March 23, 09
mark.baker@computer.org
March 23, 09
mark.baker@computer.org
Facebook Facts
• Not just for College students anymore.
• Anyone with a valid e-mail address can join…
• Over 175 million active (users who have returned to
the site in the last 30 days).
• Company has 700+ employees.
• More than half of Facebook users are outside of
college with the fastest growing demographic being
those 30 years old and older.
• Average user has 120 friends on the site .
• More than 3 billion minutes are spent on Facebook
each day (worldwide).
http://www.facebook.com/press/info.php?factsheet (Feb/09)
March 23, 09
mark.baker@computer.org
Facebook
March 23, 09
mark.baker@computer.org
March 23, 09
mark.baker@computer.org
Flickr
•
•
•
•
http://www.flickr.com/
Owned by Yahoo!
Share photos with selected individuals or make public.
Put photos of your library’s or organisation’s events on
Flickr:
– Promote your department, information centre, organisation,
– Direct journalists to your “album” when they ask for photos
to accompany articles about you,
– Make sure you tag and describe them,
– Organise into sets,
– Decide on copyright and Creative Commons licenses.
March 23, 09
mark.baker@computer.org
Flickr
March 23, 09
mark.baker@computer.org
Slideshare,
• Share presentations.
• Include an accompanying commentary.
• Keep private, share with selected people, or
make public.
• Slideshare does not keep animations and
embedded links.
• Slideshare - http://www.slideshare.net/
• Embed Slideshare in your blog, web site,
Facebook profile, start page ……..
March 23, 09
mark.baker@computer.org
Slideshare
March 23, 09
mark.baker@computer.org
YouTube
• http://www.youtube.com/
• Owned by Google.
• Videos of varying content and quality:
–
–
–
–
–
News broadcasts,
Various videos and corporate broadcasts,
PR, advertising campaigns,
Videos of events, new service launches, anything,
The Queen has a YouTube channel!
• http://www.youtube.com/user/TheRoyalChannel
• Embed YouTube videos in your Blog, Facebook
page, start page, web site etc.
March 23, 09
mark.baker@computer.org
Twitter
• http://www.twitter.com/
• Microblogging:
–
–
–
–
–
“tweets” are 140 characters,
What are you doing?
“follow” friends,
Lots of plugins for your browser and desktop e.g. TwitKit,
Send first 140 characters of your blog postings to Twitter
using http://twitterfeed.com,
– Add Twitter to your Facebook profile.
• Search for friends and colleagues, and topics:
– Twitterment, Tweet Scan etc.
• Analyse a person’s tweets with Tweet Clouds:
– http://www.tweetclouds.com/
March 23, 09
mark.baker@computer.org
Twitter
March 23, 09
mark.baker@computer.org
Who is on Twitter?
The
BBC
The
Times
10 Downing
Street
March 23, 09
mark.baker@computer.org
Conference Twitter Streams
• “Blogging conferences is so 20th century!”
– Twitterers/tweeters abound at conferences,
– The INSOURCE Conference Twitter Experiment
http://www.rba.co.uk/wordpress/2008/02/11/theinsource-conference-twitter-experiment/ ,
– Can set up a Twitter event stream,
– Delegates, conference chairs, moderators can all
comment on and monitor the proceedings,
– Send tweets to your blog using LoudTwitter:
• Generates a chronological list of your tweets by day and with
the oldest listed first,
• Easier to read as a record of the event.
March 23, 09
mark.baker@computer.org
Second Life
March 23, 09
mark.baker@computer.org
What next?
• Play and experiment.
• You do not have to try everything.
• Focus on what you think will make your work
easier, more productive, more effective.
• If it does not work or it takes longer to carry
out a task without significant benefits, ditch it!
• There is no law that says you have to use
something just because it has a Web 2 .0 tag.
March 23, 09
mark.baker@computer.org
What is AJAX ?
• AJAX is the acronym for Asynchronous JavaScript
and XML.
• The purpose is to create more dynamic and responsive
web pages
• It is also about building web clients in a Service
Oriented Architecture that can connect to any kind of
server: J2EE, PHP, ASP.Net, Ruby on Rails, etc.
• AJAX involves existing technology and standards:
– JavaScript and XML
• Pattern: Page view displayed in a web browser where it
retrieves data or mark-up fragments from a service
and refreshes just a part of the page.
March 23, 09
mark.baker@computer.org
What is AJAX ?
• AJAX is non-trivial, it requires deep and broad skills
in web development .... but the benefits to be gained
can be huge compared to classic web applications.
• AJAX enables major improvements in responsiveness
and performance of web applications, e.g. used at
Yahoo! Mail, Google Maps, live.com, and others.
• AJAX is NOT hype – it is very real and very useful for
highly interactive applications.
March 23, 09
mark.baker@computer.org
AJAX compared to classic Web UIs
Browser
Server
In the typical web application,
each request causes a complete
refresh of the browser page
March 23, 09
Browser
service
Server
An Ajax application begins the same
way.
After the initial page loads,
Javascript code retrieves additional
data in the background and updates
only specific sections of the page
mark.baker@computer.org
What is REST ?
• REST is the acronym for “Representational State
Transfer“ – an architectural model for the Web!
• Principles of REST:
–
–
–
–
Resource centric approach,
All relevant resources are addressable via URIs,
Uniform access via HTTP – GET, POST, PUT, DELETE,
Content type negotiation allows retrieving alternative
representations from same URI,
• REST style services:
– Easy to access from code running in web browsers, any other
client or servers - popular in the context of AJAX
– Takes advantage of the Web caching infrastructure
– Can serve multiple representations of the same resource
• See http://www.ics.uci.edu/~fielding/pubs/dissertation/top.
htm
March 23, 09
mark.baker@computer.org
Tycho
A Resource Discovery Framework and Messaging System
for Distributed Applications
http://acet.rdg.ac.uk/projects/tycho/
March 23, 09
mark.baker@computer.org
Tycho Architecture
• Tycho consists of the following
components:
– Mediators that allow producers
and consumers to discover each
other and establish remote
communications,
– Consumers that typically
Mediator
subscribe to receive
information or events from
Registry
producers,
Core
– Producers that gather and
publish information for
consumers.
• There is an asynchronous
messaging API.
• In Tycho, producers and/or
consumers (clients) can publish
their existence in a Virtual
Registry (VR).
March 23, 09
Producer
Registry
Core
WAN (HTTP)
WAN (P2P)
Consumer
mark.baker@computer.org
LAN (Socket)
Producer
Consumer
Tycho Design
• Tycho is a based on a publish, subscribe and bind
paradigm.
• Design Philosophy:
– We believed that the system should have an architecture
similar to the Internet, where every node provides reliable core
services, and the complexity is kept, as far as possible, to the
edges:
• The core services can be kept to the minimum, and endpoints can provide
higher-level and more sophisticated services, that may fail, but will not
cause the overall system to crash.
– We have kept Tycho’s core small, simple and efficient, so that
it has a minimal memory foot-print, is easy to install, and is
capable of providing robust and reliable services.
– More sophisticated services can then be built on this core and
are provided via libraries and tools to applications.
• Allows Tycho to be flexible and extensible so that it
will be possible to incorporate additional features and
functionality.
March 23, 09
mark.baker@computer.org
iGoogle
March 23, 09
mark.baker@computer.org
iGoogle
•
•
•
•
iGoogle portal is a free Google service,
Is a customisable web portal,
Users can add “Gadgets” to the page,
Customisations are saved to the user’s account and
retrieved when logging in again.
March 23, 09
mark.baker@computer.org
Google Gadgets
March 23, 09
mark.baker@computer.org
Google Gadgets
• Gadgets are small user interface components:
– Could also be called portlets or widgets.
• Example: eBay Search Plus Gadget.
March 23, 09
mark.baker@computer.org
Gadgets are Dynamic Web Applications
• Gadgets can be static, but then are of limited use.
• Dynamic Gadgets are more common.
• Three general approaches when making a dynamic
gadget:
– Time dynamic – the content changes over time, e.g. a news
gadget,
– User input dynamic – the content changes via a user
interacting with the gadget (forms and links),
• User preference dynamic – the user sets preferences
that persist across user sessions (e.g. eBay).
• Gadgets need not include a page header/footer, they
focus on the specific application they surface.
March 23, 09
mark.baker@computer.org
Gadgets are NOT hosted by Google
•
•
•
•
Google Gadgets can be created by anyone.
Gadget must be deployed on a public web server.
Once deployed, anyone can use the Gadget.
iGoogle supports a Gadget library to help users find
Gadgets they may want to use.
March 23, 09
mark.baker@computer.org
Google Gadgets are Web Pages
• Google Gadgets are implemented behind public URLs.
• Any public server that speaks HTTP and returns
HTML can be a Gadget host:
–
–
–
–
–
Apache web server,
PHP,
Ruby on Rails,
ASP .NET,
Java Application Servers (Servlet Containers).
• Important: Your web server must be exposed to the
Internet!
March 23, 09
mark.baker@computer.org
Approaches to Web Semantics
•
•
•
•
Tagging,
Statistics,
Linguistics,
Semantic Web:
–
–
–
–
–
RDF – Store data as “triples”,
OWL – Define systems of concepts called “ontologies”,
Sparql – Query data in RDF,
SWRL – Define rules,
GRDDL – Transform data to RDF.
• Artificial Intelligence.
March 23, 09
mark.baker@computer.org
A Mainstream Application of
the Semantic Web…
March 23, 09
mark.baker@computer.org
What is Twine?
• Twine is a new service for managing and sharing
information on the Web.
• Works for content, knowledge, data, or any other
kinds of information.
• Designed for individuals and groups that need a better
way to organise, search, share and keep track of their
information.
March 23, 09
mark.baker@computer.org
How Twine Works
1. Collect or author structured or unstructured
information into Twine via email, the Web or the
desktop.
2. Twine creates a knowledge web automatically:
–
–
–
Understands, tags and link information automatically,
Automatically does further research for you on the Web,
Organises information automatically.
3. Provides semantic search, discovery and interest
tracking.
4. Helps you connect with other people and groups to
grow and share knowledge webs around common
interests.
March 23, 09
mark.baker@computer.org
Security Issues
• The Web Browser is now the Web 2.0 platform.
• It needs cross application features with a solid
security model.
– For example - currently, one area that has not been solved in
Web 2.0 is that the browser does not sandbox the various
Web 2.0 components that you may need to use.
– So for example if you are using mashups from various sources
(google/amazon/yahoo) within the browser the JS from one
component can interact with the JS of another component,
play with your cookies and probably screw other browser
hosted components!
• Google search - Web 2.0 security issues - gave MANY
hits!
• Many area of Web 2.0 that are open security issues,
probably AJAX is one of the biggest!
March 23, 09
mark.baker@computer.org
Security
•
•
AJAX is a hacker's dream come true.
It offers an increased attack surface,
•
In general, if you want to secure AJAX applications you
must do six things:
–
–
–
–
Direct API access,
Vulnerability to reverse engineering,
Susceptibility to amplifying Web attacks,
Vulnerability to offline attacks.
1. Perform authentication/authorisation checks on both Web
pages and Web services,
2. Group code libraries by function,
3. Validate all input for your application, including HTTP headers,
cookies, query string and POST data,
4. Verify data type, length and format,
5. Always use parameterised queries,
6. Always encode output appropriately.
Source: Billy Hoffman runs HP Security Labs, author of Ajax Security (Addison-Wesley)
March 23, 09
mark.baker@computer.org
Firebug - Great Debugging/Hacking Tool
March 23, 09
mark.baker@computer.org
SQL Injection
• SQL injection plays on a simple problem:
– A Web page's input fields often fail to distinguish between
innocent user data - information like names or dates - and
malicious commands,
– When a hacker's hidden instructions are entered into a
Web site's input forms, the site may confuse them with
user data and pull the commands into its SQL database,
where they can become integrated into the database's
code.
– That lets the hacker access the site's data or add
commands to the page so as to infect a visitor with
malicious software,
– A survey of major Web sites by the Web security firm
White Hat Security found that 16% of sites were
vulnerable to this tactic.
March 23, 09
mark.baker@computer.org
Cross-Site Scripting
• About 65% of the major sites surveyed by security analysts
White Hat Security are vulnerable to an attack called crosssite scripting, which allows a disturbing upgrade to phishing
attacks.
• The typical phisher e-mails users a link that brings them to a
fraudulent site, conning them into sharing credit card
information or other sensitive data.
• In a cross-site scripting attack, the link instead folds hidden
command into a destination site's code.
• That means even a legitimate page can be secretly tweaked
so that when a user enters bank codes or other sensitive
information, the data ends up in the hands of the phisher.
• The threat of cross-site scripting is yet another reason to
watch out for links in unfamiliar e-mails.
March 23, 09
mark.baker@computer.org
Cross-Site Request Forgery
• Cross-site request forgery, sometimes known as
"sidejacking”, takes advantage of a vulnerability that is
common to password-protected Web pages.
• When a user logs in to a private site their identity is
marked with a "cookie” - a temporary file downloaded
to a user's browser.
• But if that user can be tricked into visiting a malicious
site, while still logged in to that password-protected
page, the second site can secretly steal his or her
cookies, and with them, the user's access to the first
site's private information.
March 23, 09
mark.baker@computer.org
Google Hacking
• About two out of every three Web searches starts at Google.
• So, it seems, do many attacks on Web sites.
• "Google hacking" uses the search engine to probe the entire
Web for sensitive information or hackable vulnerabilities in
code.
• Just by entering the right search string, for instance,
hackers are sometimes able to find repositories of credit
card information or social security numbers stored on the
Web.
• Recently, an attack seeming to originate in China used Google
to probe the Web for sites vulnerable to a certain strain of
SQL injection, targeting more than half a million pages and
infecting them with malicious software.
March 23, 09
mark.baker@computer.org
Forced Browsing
• In some cases, "hacking" a Web site is as simple as
changing a single digit in a Web address.
• By shifting the characters in a page's address that
refers to a name or date, a malicious user can sometimes
gain access to pages they are not intended to see, a
process security professionals call "forced browsing.”
• In 2006, Phil Angelides, a Democratic contender in the
California gubernatorial campaign, was accused of
hacking rival Arnold Schwarzenegger's Web site and
obtaining a confidential audio file.
• But a source close to the Democratic campaign told
News.com that Angelides' aides had merely tampered
with a URL to find the file.
March 23, 09
mark.baker@computer.org
Timing Attacks
• As much as Web sites try to hide their inner workings from
hackers, some pages reveal information in signs as subtle as
how quickly they load.
• Security researchers have shown that software that guesses
random usernames on a Web application's login page
sometimes reveals which usernames are valid even without a
password - that is because a valid username causes the site to
pause for a slightly shorter time than an incorrect username
would.
• In some cases, spammers can use that simple trick to collect
thousands of valid e-mail addresses, which they then target!
• In a 2005 issue of the hacker magazine 2600, another
researcher revealed how to use timing analysis to determine
the dealer's hand in an online blackjack gambling site.
March 23, 09
mark.baker@computer.org
Captcha Breaking
• One major challenge for security professionals is distinguishing
humans from software "bots" on the Web.
• In a webmail service, for instance, users are shown a "captcha,"
a distorted word or image, and asked to identify the text or
picture.
• The goal is to foil software designed to sign up for accounts
for the purpose of churning out spam.
• But in some cases, spammers have beaten the countermeasure
by creating sites that enlist users to solve captchas by the
hundreds in exchange for pornographic images.
• Google's Gmail captcha was the latest victim of cybercriminals.
• Because the site offers an audio function that reads captchas
aloud for blind users, hackers were able to use speech-to-text
software to defeat the test automatically.
March 23, 09
mark.baker@computer.org
Distributed Denial Of Service
• Sometimes a hacker's goal is not to steal information or
infect users with malicious software but rather to a shut
down a site altogether.
• In those cases, cyber-criminals often employ distributed
denial of service attacks (DDOS), a technique that floods
a Web server with requests for information and
overwhelms it.
• Using botnets, armies of unsuspecting computers are
hijacked with invisible software, cyber-criminals can
vastly multiply the size of their attacks and also mask
their origins.
March 23, 09
mark.baker@computer.org
Conclusions
• More and more people are using Web 2.0 technologies
– the other speakers within this workshop will present
and show how these technologies and ideas are helping
their research.
• Some people like the ideas related to Web 2.0, other
feel they are not good!
• There has been a lot of discussion on the Internet
about Web 3!
• Jim Hendler sees Web 3.0 as the “Semantic Web
technologies integrated into, or powering, large-scale
Web applications”.
• From my own view point, Web 3.0, will probably be the
integration of Web 2.0 and the Semantic Web.
March 23, 09
mark.baker@computer.org
Web X Roadmap
Connections between Information
Nova Spivack
CEO & Founder
Radar Networks
Intelligent Web
Web 4.0
Web OS
2020 - 2030
Intelligent personal agents
Web 3.0
Semantic Web
Distributed Search
SWRL
OWL
2010 SPARQL
Semantic Databases
2020
OpenID AJAX
Semantic Search
ATOM
Widgets
Social Web
RSS
Mashups
P2P RDF
Office 2.0
Javascript
Flash
SOAP XML
2000 - 2010 Weblogs Social Media Sharing
Java
The Web
HTML
SaaS Social Networking
HTTP
Directory Portals Wikis
VR
Keyword Search Lightweight Collaboration
The PC
BBS Gopher
Websites
1990 - 2000
SQL
MMO’s MacOS
Groupware
SGML
Databases
Windows
File Servers
Web 2.0
Web 1.0
The Internet
FTP
IRC Email
PC Era
1980 - 1990
USENET
PC’s
File Systems
March 23, 09
mark.baker@computer.org
Connections between people
Research3.Org
March 23, 09
mark.baker@computer.org
Forthcoming Events
March 23, 09
mark.baker@computer.org
Meteorological Event at Reading
March 23, 09
mark.baker@computer.org
Download