Page 224 - DCAP104_EXPOSURE_TO_COMPUTER_DISCPLINES
P. 224
Unit 11: Programming Process
networks but they are still tracked in websites’ server logs, and particularly web beacons Berners- Notes
Lee and colleagues see hope in accountability and appropriate use achieved by extending the
Web’s architecture to policy awareness, perhaps with audit logging, reasoners and appliances.
In exchange for providing free content, vendors hire advertisers who spy on Web users and base
their business model on tracking them. Since 2009, they buy and sell consumer data on exchanges
(lacking a few details that could make it possible to de-anonymize, or identify an individual).
Hundreds of millions of times per day, Lotame Solutions captures what users are typing in real
time, and sends that text to OpenAmplify who then tries to determine, to quote a writer at The
Wall Street Journal, “what topics are being discussed, how the author feels about those topics, and
what the person is going to do about them”.
Microsoft backed away in 2008 from its plans for strong privacy features in Internet Explorer,]
leaving its users (50% of the world’s Web users) open to advertisers who may make assumptions
about them based on only one click when they visit a website. Among services paid for by
advertising, Yahoo! could collect the most data about users of commercial websites, about 2,500
bits of information per month about each typical user of its site and its affiliated advertising
network sites.
11.4.6 Security
The Web has become criminals’ preferred pathway for spreading malware. Cybercrime carried
out on the Web can include identity theft, fraud, espionage and intelligence gathering. Web-
based vulnerabilities now outnumber traditional computer security concerns, and as measured
by Google, about one in ten web pages may contain malicious code. Most Web-based attacks take
place on legitimate websites, and most, as measured by Sophos, are hosted in the United States,
China and Russia. Through HTML and URIs the Web was vulnerable to attacks like cross-site
scripting (XSS) that came with the introduction of JavaScript and were exacerbated to some degree
by Web 2.0 and Ajax web design that favors the use of scripts. Today by one estimate, 70% of all
websites are open to XSS attacks on their users.
Proposed solutions vary to extremes. Large security vendors like McAfee already design
governance and compliance suites to meet post-9/11 regulations, and some, like Finjan have
recommended active real-time inspection of code and all content regardless of its. Some have
argued that for enterprise to see security as a business opportunity rather than a cost center,
“ubiquitous, always-on digital rights management” enforced in the infrastructure by a handful
of organizations must replace the hundreds of companies that today secure data and networks.
Jonathan Zittrain has said users sharing responsibility for computing safety is far preferable to
locking down the Internet.
11.4.7 Standards
Web Standards
Many formal standards and other technical specifications and software define the operation of
different aspects of the World Wide Web, the Internet, and computer information exchange. Many
of the documents are the work of the World Wide Web Consortium (W3C), headed by Berners-Lee,
but some are produced by the Internet Engineering Task Force (IETF) and other organizations.
Usually, when web standards are discussed, the following publications are seen as foundational:
(a) Recommendations for markup languages, especially HTML and XHTML, from the W3C.
These define the structure and interpretation of hypertext documents.
(b) Recommendations for stylesheets, especially CSS, from the W3C.
LOVELY PROFESSIONAL UNIVERSITY 217
