Terrified by Web 2.0
I’m a user of Web 2.0 applications and on the whole I find them great. However although I know almost nothing about the current technologies involved used in their development, although I’ve become increasingly nervous about their complexity. Then I listened to a very scary talk by Rasmus Lerdorf who invented PHP and now works for Yahoo. Rasmus explained some of the security issues associated with modern JavaScript dependent web sites. Rasmus concluded that it’s essentially impossible to ensure that the web is a secure place to work and he himself for example uses two browsers, one for personal work (buying, selling, banking etc) and one for everything else. He mentioned IBM’s web site on Cross Site Scripting pointing out that it was in fact vulnerable to Cross Site Scripting!
He went further saying that he had developed a scanning tool that looked for web sites that were vulnerable to various attacks but couldn’t release it because he found that almost every site on the web was vulnerable. He didn’t want to be responsible for bring down the whole Internet.
I finished listening to this talk a very worried man, but the worry faded over time, until today I read this article on the Google Android initiative which included the following statements:
“Web 2.0” has to be the worst programming environment to ever achieve wide popularity. It is incredibly buggy, poorly standardized, slow, and basically broken in every imaginable way. So it is rather difficult to see its very real virtues.
and
“Web 2.0,” which is basically a collection of random unspecified features written by 23-year-old goth acidheads at Netscape in 1995, cannot even begin to solve the kinds of application problems that an Android Java application can solve. And the Web 2.0 platform is mature. You can slap layers on it, but the standard is unfixable and unimprovable.
Worse, every comment agreed with the analysis! Now I suppose I should commit some real effort into exploring the reality of these risks.
Only last week I was looking through the reliability stats for my PCs and noticed that web browsers (IE, Maxthon and Firefox) that I use were by far the least reliable applications that I use, doesn’t fill me with confidence as I depend more and more on these increasingly complex applications.
1 Response
Enterprise Collaboration and Virtual Teams Report (November 26, 2007)…
The Technology Trends of Enterprise Collaboration and Virtual Teams Approver Update … Approver updated its online document approval service. “The fixes mostly had to do with workgroups, contacts and inviting users to review documents.” Approver Int…