5.5.1.2 Example 2: Control of Botnets via Mashups

Botnets are networks of millions of small software programs installed by malware on users’ machines which are used for extortion usually financial – for more information see Botnets – the silent threat 37. Botnets are normally controlled by channels such as Internet relay chat IRC; however security researchers have recently identified attacks which use Web 2.0 features such as blog postings and email to RSS interfaces to control Botnets. The use of such channels for command and control of the botnets makes tracing the attacker much more difficult and, because of the open nature of the mashup architecture, it means that control interfaces are very difficult to shut down. Mashups are perfectly suited to massively distributed systems with untraceable control structures and are therefore likely to lead to a variety of related attacks see Use of Web 2.0 technologies to control botnets 38 and With Web 2.0, a new breed of malware evolves 39 for more information.

5.5.2 Vulnerabilities of Collaborative Knowledge Systems

The most unique vulnerability of collaborative knowledge-bases is the editing mechanism. By default, articles on a wiki grant ‘write’ privileges to both anonymous and registered users. The access control is generally very coarse, falling into the following categories: • Editable by anyone; • Editable only by registered users; and • Editable only by editors. There is usually little or no means of establishing trust, integrity or the provenance of statements made. For example, there is often no validation of user-identity, no signature available for content and often no use of reputation-based systems. If reputation-based systems are used then the vulnerabilities in these – eg, collusion, whitewashing, Sybil attacks, etc – are often not addressed. For more information, see Reputation-based systems: a security analysis 40.

5.5.2.1 Example: Medical Data

The unreliability of information can have dangerous consequences – for example only 25 of users surveyed in Online Health Search 2006 41, who search the Internet for health advice regularly, check the source and date of the information they find to assess its quality. Tools such as Wikiscanner 42, which trace source IPs of collaboratively produced articles, show that the deliberate introduction of bias and misinformation is frequent.

5.5.3 Metadata Attacks

The use of metadata formats such as ID3 for mp3, RSS and other RDF metadata is central to the operation of Web 2.0 applications. Metadata has several important security vulnerabilities: • Integrity and trust infrastructure for metadata is virtually non-existent – ontologies, tag clouds and schemas can often be altered or substituted or used to provide an attacker with extra information via unintended inferences 43.There are also serious problems with digital signatures for RDF data such as ontologies and RDF, which means that tools for digital signatures over RDF are non-existent 44. • There is no standardised way to add provenance data to most metadata formats – this lies at the root of many of the knowledge management vulnerabilities described above, eg, those related to syndication. • Metadata misuse is often the source of phishing attacks because it can be used to mislead the user about where a web resource comes from, eg, a wrong link attached to an image. Web 2.0 Security and Privacy 27