Website naming used to be a simple function directly related to the product or theme surrounding the product itself. For example, if you are building a website that talks everything about cars, you would rush to register www.cars.com. A little different to that, someone who wants to feature videos that he doesn’t like on the internet would register something like www.stupidvideos.com. I can spend one whole day on these examples but I think you already get what I mean.

Some smart guys saw an opportunity to make lots of money just by registering domain names belonging to big names who were slow in adopting the internet then, and then sold those domain names to the companies, who were in fact holding the trademark of the names. Cybersquatters were laughing all the way to the banks until one day the law came down hard on them… that was sometimes in 1999 when Anti-Cybersquatting Consumer Protection Act was enacted in the US.

Now let’s say, hypothetically, there was no law banning cybersquatting. What do you think would have happened now?

While a lot of people benefit from the new ways web applications are created and presented to the masses in this Web 2.0 era, cybersquatters will definitely regret they were in the trade. At least that’s what I think anyway.

How do you think those cybersquatters expected some weird names, some had even called it stupid, like www.pytagor.com? You would be forgiven if you thought it is about Pythagoras’ theorem or even python, that large non-venomous snake. Pytagor is an online desktop and web collaboration solution.

Again, I can spend whole day here too explaining the eccentricity of Web 2.0 names, but with names like Xuqa, Thoos, Nowsy… you should get what I am trying to convey.

The cyber squatters must have been thankful to the Anti-Cybersquatting Consumer Protection Act, forcing them to venture into something more legitimate like web hosting and domain registration business, for if not because of that, they would probably be registering some stupid names like Ghaa, Yooowt expecting to be picked up by some Web 2.0 startups who have named their products Ghaar, Yooowtxyz… or whatever.

And just in case you have not read about someone ranting about how stupid some Web 2.0 names are, check it out at The Next Big Web Thing Hall Of Internet Shame.

Enjoy your reading!

I am off to check out if some surviving cybersquatters had registered www.xyz#%$&^#.com for my… ahhhh… never mind.

Examining further on this highly interesting topic of Web 2.0 security, let’s look at other factors that can pose threats to Web 2.0 applications that are gaining momentum of phenomenal acceptance by the public at large.

XML Poisening

Because of highly interactive nature of Web 2.0 applications, there is a lot of traffic going back and forth between the server and the browser-running clients, passing along lots of XML-based data required to perform the tasks within the Web 2.0 application. While the XML technology itself is not new, the way it can be exploited by an attackers, due to the commonality of XML data travelling within the huge internet traffic, can be of concern.

XML parsing mechanism adopted at the server side (SAX and DOM) can be compromised by an attacker by way of producing what is called malformed XML that can disrupt logic intended for the Web 2.0 application. In addition to that, XML external entity reference is an XML property which can be manipulated by an attacker, leading to arbitrary file or TCP connection openings that can be leveraged by an attacker. XML schema poisoning is another method which can change execution flow. This vulnerability, if used in an ill-mannered way, can lead to confidential information theft, which is very worrying since there are an awful lots of personal information being transmitted within a web-based application.

Malicious AJAX code execution

AJAX is really a great invention that has helped spur the complexity and sophistication of Web 2.0 applications. But it doesn’t come without any price in terms of security. Using some methods common to web programmers, read hackers as well, it is possible to make an unauthorised AJAX call to any website, stealing whatever information saved in the cookies at that particular session.

One simple scenario in this security compromise is when you are performing a Web 2.0 based transaction that may involve personal information being saved by the cookie, maybe during an online purchase. It is not uncommon when we open another window to surf for other information while performing that transaction, only to eventually end up at an attacker site, which can silently make an AJAX call to the other website you are still performing some transaction, stealing your personal and sensitive information from that session.

Firefox users also are not spared from this vulnerability of AJAX technology. Check out how your personal information can be hacked and stolen just by browsing the internet using the highly popular Firefox browser.

I think that is enough for this reading about Web 2.0 Security – Part 2. In the next installment, I will try to cover more security issues presented by other technologies adopted by Web 2.0 application developers. Do subscribe to my RSS feed to get latest update on this topic in the future.

Popular or not, mashup webs are gaining much popularity in the Web 2.0 world.

While typical mashed potatoes recipe primarily made up of… well… just potatoes (and salt, cream, butter, milk, salt and pepper), mashup webs are an exciting interactive Web applications that make use of content aggregated from external data sources to create entirely new and innovative web applications.

Traditionally, mashed potatoes comes topped up with just one but popular creamy sauce. Mashups web applications, on the other hand, can take shapes in quite a few combination of traditional data sources, producing quite tasty ‘flavors’ in itself, sometimes simply out of this world, just like some of the Web 2.0 applications featured here at Profy.

Web 2.0 applicatons can generally be categorized in either one or a combinaton of the following genres:

Mapping mashups where all sorts of data (for example property for sale or rental) are mashed onto maps. The limitation is almost endless.

Video and photo mashups are gaining so much popularity. On top of traditional video and image hosting, the possibility in this area is quite interesting. Content providers can make use of metadata associated with the videos and images they host (such as who took the picture, what it is a picture of, where and when it was taken, and more).
Mashup designers can then mash potatoes opsss… photos and videos with other information that can be associated with the metadata.

Search and Shopping mashups actually have existed long before the term mashup was coined. To facilitate mashups and other interesting Web 2.0 applications, consumer marketplaces such as eBay and Amazon have released APIs for programmatically accessing their content.

News mashups makes use of RSS technology. Syndication feed mashups can aggregate a user’s feeds and present them over the Web, creating a personalized newspaper that caters to the reader’s particular interests.

I don’t expect mashed potatoes will ever revolutionize into something of totally different shape and taste in the foreseable future, but I am pretty positive Web 2.0 applications will pop up in many different flavors never tasted by the world wide web customers.

Technology is where mashed potatoes have some hope of matching the rival Web 2.0 mashups. As there are quite a lot of different technologies that can be used for creating mashed potatoes, there are also various technology involved in the creation of Web 2.0 mashups.

Ajax, Simple Object Access Protocol (SOAP), Representational State Transfer (REST), Screen scraping, Semantic Web and Resource Description Framework (RDF), RSS, and ATOM, just to name a few, are some of the currently available tools for Web 2.0 applications.

I am not going to discuss these tools at length here, but suffice to say there will be a lot more different tools created as the technology for Web 2.0 matures.

Mash potato technologists, on the other hand, will still stick to shiny, stainless steel coated tools in their quest to produce the same old fashioned mashed potatoes. May be Jamie Oliver could think of something to revolutionize the mashed potatoes industry? Who knows…

For now, I am off to Kentucky Fried Chicken for my favourite finger-licking-good fried chicken and mashed potato. See you there!

Source [IBM]

“We’re continuing to make the same mistakes by putting security last,” said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics.

One of the key components of Web 2.0 is new programming techniques called AJAX. But AJAX doesn’t just help make web applications more interactive and lively, it also provides new ways for irresponsible intruders to hack a Web server and cause much damage to the community of Web 2.0 users.

One of the major vulnerabilities associated with AJAX is what is called cross-site scripting. By taking advantage of this capability, a hacker can hijack user accounts, launch information-stealing phishing scams or even download malicious code onto users’ computers. The possible damage is unthinkable.

But cross-site scripting issues are only one risk. Other potential problems in AJAX code include race conditions, code correctness issues, object model violations, insecure randomness and poor error handling, said Brian Chess, chief scientist at Fortify Software, a maker of source-code analysis tools.

You would have thought this kind of risk only affects websites created and run by smaller players who may not have necessary budget to address security issues in their development. The fact remains quite contrary. Hackers are more likely to attack big players because the hypes and publicity generated by such acts are more prominently highlighted all over the world wide web compared to an attack on an average Joe’s website.

However, the hacker can very well be any Tom, Dick or Harry. In one case, Gmail account had been compromised by a 14-year-old blogger, yes you get it right… a 14-year-old blogger, utilizing a security flaw that allows JavaScript code to run when viewing a message in Gmail, potentially allowing malicious code to be used by an attacker to compromise a Gmail account.

I believe the hackers are having field days in their quest to prove who is better. Perfect security may never be achieved due to the fact that every technology has its own soft spot that can be used against the technology itself, but I hope Web 2.0 developers out there would practice safe computing to a level that is sufficient to at least make security compromises are harder to be accomplished and any reported hacking is quickly resolved to restore confidence among web surfers.

In the next installment of a potentially long series of Web 2.0 Security, I will look further at other security vulnarabilities that are of concern to the Web 2.0 community.

Read CNET

The recipes have apparently been submitted by raw food lovers from around the world. The site has been up and running for just about a couple of weeks at the time of this writing and it has already a compilation of 43 and growing, mouth watering raw foods recipes… really I mean it… just by looking at the pictures of the featured dishes.

You don’t believe me? Let’s see what I mean.

Banana Crepe
Ingredients
5 bananas
1 cup macadamia nuts
1 cup cashews
1 teaspoon lemon juice
1 dash braggs
1 teaspoon water, or more for consitency
1 cup blueberries

And here is how it looks. Isn’t it yummy?

Fancy for Zucchini Fettuccine with Marinara?

Or if you like cilantro… why not try Cilantro Lime Vinaigrette Dressing…

Hmmm… I am hungry.

Step 1 – Select the files to convert (up to 100MB in size)
Step 2 – Choose the format to convert to
Step 3 – Enter your email address to receive converted files
Step 4 – Convert (by clicking you agree to Zamzar Terms of Service)

All the four steps are completed in just one screen. You also do not have to install any application software on your PC. Converting files has never been so easy. And the best part is that Zamzar is FREE… at least for now.

You can convert four different categories of files: Document, Image, Music and Video Formats.
For each category, the most popular file types are supported. And I can tell you there are more files types than you normally have.

When a file conversion is completed, an email containing a link to the converted file will be sent to you. You can download the converted file within 24 hours after which it is deleted. And there is no limit in the number of files you can convert but you can only convert maximum 5 files in a session. Registration? Zilch… none required.

Happy converting…

Do you do a lot of pictures editing for whatever reasons? If you do, most likely you will have installed some kind of image editing software to fulfill your needs. More often than not, these applications are huge in size and have lots of features you don’t really need.

I am already hooked to Snipshot. It is browser based and doesn’t require any download. Plug-in installation? Nope! Simply add Snipshot bookmarklet in your browser favourites and you are ready to go.

When you visit a webpage that has some pictures or graphics that you like, you will use the bookmarklet to import the pictures into Snipshot. Once the graphics are imported to Snipshot, you can do some basic editing effortlessly. I normally use it for resizing and cropping images. You wouldn’t believe how easy it is. Once done you can save it in different formats, but I normally save it into the JPEG format.

You would think this kind of image editing has limited capability in size handling but Snipshot can actually edit pictures up to 10MB or 5000×5000 pixels.

You really have to try it for yourself to appreciate how much this Web 2.0 editing application can make your life a lot easier.

Have fun…

This Web 2.0 property search engine for UK is cool. OnOneMap.com makes searching for new property to buy or rent so much fun with its interactive features, which is a very different experience from traditional house hunting in the newspaper or even normal property listing website.

OnOneMap is also incredibly easy to use. You enter either a postcode or name of a city, town or village in the search and click OK. Properties will start appearing on the map as little red houses. You click on a house to view its photo and brief details. To see the details of the property, you just follow the “view” link available next to the brief details.

You can also enter more criteria to get the types of house you like:
Maximum/minimum number of bedrooms
Maximum/minimum price
The type of home (currently a choice of house, flat or either)

When you click OK to confirm your criteria, all the houses will disappear and be replaced by a new set that all meet your criteria. There are also navigation tools to move around the map to locate the preferred area, not to mention the zooming feature to get more detailed view of the area being displayed.

What I like most of this Web 2.0 applications is that I can see exactly where the property I am interested in is located on the map. No more guessing game or trying to imagine where the property is located.

I wouldn’t want to shop for a property any other way if I am in UK. OnOneMap is the only one way.

Ohh… if you are using a dial up internet connection, you might be better off dialing up your real estate agent instead, you will probably find a suitable property faster that way….

Being a Web 2.0 company, YouTube amazes me further with its vast collection of short video clips that feature people from all walks of life doing all things you never imagined.

In my research for Web 2.0 stuff for Profy.com, I just tried my luck by keying the magic word ‘Web 2.0′ and upon pressing enter, a whole list of video clips tagged Web 2.0 appeared on my screen.

The first entry in the list, ‘Web 2.0 www.thefirstpost.co.uk’ instantly raised my curiosity. Web 2.0 video in YouTube? No, I am not talking about the likes of Michael Arrington’s Web 2.0 interviews that was captured on video and made available at YouTube or anything like that.

I am talking about ‘crazy’ and creative people producing a video clip defining what is Web 2.0. And since the video has no voice narration, words just can’t describe the content of the video, you have to see it to appreciate how creative people are describing Web 2.0 using whatever skills and tools they have.

Check out this amazingly ‘silly’ definition of Web 2.0 at YouTube.

To give you an overview how much YouTube audience enjoy this video version of Web 2.0 definition, it has been viewed 544,571 times, commented 1482 times and favorited 2920 times.

Enjoy!

The advent of Information Technology (IT) has brought a lot of benefits to a lot of people and organizations. By deploying solutions driven by IT, businesses are able to increase efficiency, make their customers more happy (and in certain cases… sad), streamline their business processes… just to mention a few. As a result of adopting IT, bottom lines also improve for many organizations that have successfully implemented IT-based business solutions.

But there is always the other side of the coin. With all the good things about IT, there is also the dark side of it. One Michael Vizard is bold enough to crack his head and come up with the thirteen scariest things in IT. Here are what he could think of:

1.   The BlackBerry
2.   Application Development
3.   Golf
4.   Head Hunters
5.   Vista
6.   Management by Book of the Month Club
7.   CFOs
8.   Business Process Integration
9.   License Management
10. Industry Consolidation
11. Globalization
12. The End of the Quarter
13. The Merger

Interesting reading? Hold on….they say pictures tell a thousand words and for that Michael had asked his buddy (I assume) Brian Moore to illustrate each and every point to convey the message better. Check out the slide shows of The Thirteen Scariest Things in IT and be prepared for a nightmare… or a good laugh.

If this is not scary enough, why not share with us your list of Scariest Things in IT right here at Profy.com? Any taker?

Source [eWeek.com]