Tom’s hardware guide offers a comprehensive online publication that reviews developed computer hardware and computing technologies. This means that it is an important start for all information technology professional resources. In the article titled Wi-Fi security: cracking WPA with CPUs, GPUs and the cloud, a posting by Andrew Ku, argues that despite the convenience associated with wireless Wi-Fi networks, security is a major problem ranging from the cracking of passwords at the desktop level to the cloud (Ku 2011). The Wi-Fi is a potential for security breaches. The increasing perception that information is secure when online facilitates increased the use of online applications. However, instances of computer security vulnerabilities are imposing significant constraints to the user confidence regarding the use of online applications and wireless networks. The article aims at exploring the vulnerabilities that wireless networks and applications that are executed over the cloud. The article also discusses the First Line of defense security measures that can be implemented when adopting wireless security strategies (Ku 2011). The article also suggests that WEP encryption is obsolete as hackers can bypass the encryption methods that are mostly deployed by wireless networks. Strategies that can be used in securing a WPA network are also discussed in the article. This essay offers a comprehensive discussion of what was learn from the Tom’s hardware website with respect to the core aspects of the module. The main focus of the post is with respect to the security issues of web 2.0 technologies.
The articles found in the Toms hardware website offers comprehensive review regarding the security of web 2.0 technologies are vital in the current data communications field. A significant characteristic of the Web 2.0 platform is that mobile users are the ones who undertake actions such as generation and uploading of content to the web sites (Ku 2011). This is increasing evident as large enterprises are embarking on the adoption of Web 2.0 tools, which include blogs and RSS. With such features, the Web 2.0 is vulnerable to exploitation by malicious users, implying that organizations have to implement appropriate mobile security strategies (Ku 2011). One of the most significant mobile threats associated with web 2.0 technologies is cross-site scripting, which allows malicious users and hackers to inject client-side script into web content that has already been accessed by other users. Basically, cross-side scripting provides a framework through hackers can evade the access controls. Cross-site scripting accounts for approximately 80 per cent of Web 2.0 threats; as a result, large enterprises should deploy appropriate strategies to combat this threat. In addition, the detection of attacks initiated by cross-side scripting is normally difficult, and is used by malicious users to maximize the effects of the attacks. XSS uses the Browser Exploitation Framework to establish an attack on the user environment and the web content (Ku 2011).
The second mobile threat that Web 2.0 technologies is susceptible to is SQL injection attacks, which primarily entail the use of a code injection technique in order to take advantage of a security vulnerability associated with the Web 2.0 technologies. Web 2.0 is susceptible to injection attacks due to the fact that users can generate and upload web contents to a web site. This in itself is vulnerability, through which malicious users can initiate an SQL injection attack. Other injection attacks can be initiated in the form of Java Script Injection and XML injection. Because Web 2.0 technologies significantly depend on client side code, hackers make use of client-side input validation in order to evade the access controls.
The third issue associated with mobile security in Web 2.0 technology is information leakage that is initiated by the user generated content. Hackers exploit this feature of the Web 2.0 technologies to upload and run their malicious code on the web site. This could result to a large enterprise hosting an inappropriate content, which could not only result to cases of data breaches, but also affect the brand. Information leakage has significant effects on the operations of a company and normally serves as a threat to data integrity and confidentiality (Ku 2011).
Insufficient anti-automation also makes the initiation of attacks on Web 2.0 applications easy. This is facilitated by the programmatic interfaces of most of the Web 2.0 applications. Inadequate anti-automation can foster the automated retrieval of information and the automated opening of accounts in order to facilitate access to the web content. Such threats can be curbed by the use of Captchas. Information leakage is also another mobile security issue associated with Web 2.0 technologies. The aspect of mobility of Web 2.0 technologies facilitates content sharing, which can initiate a vulnerability that malicious users can exploit in order to gain access to the system. It is arguably evident that the internet revolutionized the way businesses are conducted and how people undertake their work. The Web 2.0 is an important aspect of the internet that played a significant role in enhancing business functionality. A significant limitation is that with its increased usage implies increased risk; as such, they offer opportunities through which malicious users can inject and run malicious code in web content (Ku 2011).
There are also various links within the website that are helpful to follow up. Some of them include For IT Pros, Charts, Brands and Articles that offer comprehensive information concerning hardware and a review of the computing technologies. Other salient information concerning the website is that it can be used a starting point for conducting hardware reviews basing on performances, benchmarks and costs for people intending to acquire computer hardware. Altogether, the site is an important tool for an IT professional owing to the diverse pool of articles that covers almost all domains of information technology ranging from computer hardware, computing technology, emerging computing trends and so on.
Reference
Ku, A. (2011). Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud. Web.