Web 2.0 Security

by 0 people | Log in to rate

Ranked #41,793 in Tech & Geek, #753,873 overall

Web 2.0 is all about sharing right? Well as we poor more and more of our private and business life into Web 2.0 applications security gets more and more important.

In this lens I will explore various approaches to security in Web 2.0. Hopefully I will be able to figure out what us the users should demand from our web applications as well as what service providers like myself should be doing.

Foundation reading on security for Web applications

Trust points and Breach points in Web Apps: My own introduction to security for web 2.0 applications. Introduces you to the concept of you (the service operator) being a security risk for your clients.
Top 10 Web Application Security Vulnerabilities: This list gets updated regularly by OWASP (Read their whole site).
Schneier on Security: Weakest Link Security: Funny little story about physical security which provides a lesson for web 2.0 apps as well.

Security conscious Web 2.0 sites

WideWord: This is my own encrypted document writing and sharing site.
E-Gold: These guys were doing secure web 2.0 before just about anyone else. It's a gold backed electronic currency with a huge infrastructure of independent web services on top of it.
HushMail: Secure and encrypted web email.
Loom: A very interesting approach to payments Web 2.0 style.
Strongspace.com: This is a security conscious file storage site. All connections with the server as well as some of your data such as passwords are encrypted. Bear in mind though that any files that you place on the server are not encrypted, kudos to Strongspace for specifying this upfront.

Financial Cryptography

While really about crypto for use in financial applications Ian's writings are particularly applicable to Web 2.0 applications. When will we first see phishing attacks on Basecamp?

Fetching RSS feed... please stand by