The Dangers of Web 2.0: Page 2
Knowing full well that most consumers arent as jaded and suspicious as me, I took a quick spin through Meebos About Us section of their website and learned that if I signed up, the keys to my online realm would be under the care of people like Biz Guy, Mr. Sparkle, an Abraham Lincoln re-enactor, and someone called Server Chick, who just quit her day job.
The site also provided a link for something called privacy principles, which stated that while the company is very committed to security, were not all the way there yet.
Ironically, those candid revelations make Meebo among the most honest and forthright of all the Web 2.0 start-ups regarding the risks arising from such experiments in openness and wide-eyed trust.
While start-ups like Meebo are busily creating new possibilities for privacy and security disasters, the established Internet companies are also rushing headlong into their own potential problems. Among them is the current front-runner for my Greatest Looming Web 2.0 Disaster Award: the new API for the Yahoo! Mail service.
Earlier this month, Yahoo! announced that they were opening up their mail system to third-party developers who want to create applications that incorporate access to users Yahoo! email accounts. By utilizing the API, which reportedly includes an updated user login and authentication process, any developer can add the ability for users to send and receive email messages via their existing Yahoo! Mail account from within that developers proprietary application.
The idea is to make it easier for the Web 2.0 development community to integrate Yahoo! Mail into various new and interesting experiences, allowing Yahoo! to be more deeply embedded in the Internet of tomorrow.
But in my mind, the benefits of opening up the system are outweighed by the potential to create even more sophisticated kinds of man in the middle hacker attacks and new twists on the growing epidemic of phishing.
Phishing is the process by which hackers trick users into providing their usernames and passwords by creating sham versions of websites that masquerade as legitimate. Phishing works because most users arent very skeptical or discriminating when they are asked to log into their email, online banking account, eBay or PayPal account, or other online service.
Even if there is a way to secure the login process and to make it less susceptible to being replicated by phishers, theres still the matter of ill-intentioned application developers.