I went to http://www.msn.com today and saw an article called ‘is Web 2.0 Safe?’. To my surprise it linked to an article
where Jeremiah Grossman and Robert Hansen
were quoted. The fact that MSN is linking to web security related articles really speaks to the change of the industry.
"As users store more data online, hackers are finding ways to break
into the new service sites. experts say the problems are deep-seated.
Samy Kamkar was really just trying to impress girls. Instead, he made
Web hacking history.
Kamkar created what is considered the first Web 2.0 worm–a
virulent bug that no firewall could block, and which ultimately forced
MySpace.com to temporarily shut down. The Samy worm (named after
Kamkar) was among the more prominent of a new generation of Web attacks
that some security experts fear may slow the fast-evolving
collaborative model of Internet development known as Web 2.0.
Kamkar was looking for a way to circumvent MySpace’s content-posting
restrictions to jazz up his profile when he found a bug that
essentially allowed him to control the browser of anyone who visited
his MySpace page. "A Chipotle burrito and a few clicks" later, Kamkar
says, he created the fastest-spreading Web-based worm of all time.
Within 20 hours, the worm had spread to approximately 1 million MySpace
users, forcing them to select Kamkar as their "hero" in their profile
page. News Corporation, the site’s owner, had to pull down MySpace to
fix the problem, and Kamkar later received three years’ probation in
Los Angeles Superior Court. "
Article Link: http://tech.msn.com/security/articlepcw.aspx?cp-documentid=5002604>1=10138
