Sir Tim Berners-Lee, credited as the inventor of the Web, has described online security as a "never-ending battle".
Speaking at a lecture hosted by the Institution of Engineering and Technology in London last week, Berners-Lee said that, while he was against Web censorship per se, both technological and educational means should be employed to tackle Internet security issues.
"A lot of security work is going on [on the Web], but security is a never-ending battle," said Berners-Lee. "The Web is used by humanity, and humanity has a dark and a light side. I'm an optimist -- I think the light side wins. The Web is supposed to be a blank sheet of paper, and you can write dark things on that paper as well as light. If you tried to control the Web, you would end up with engineers deciding what the truth is, which is worse. But, if we see nasty things happening, we should try and tweak [the Web]. If you look at any protocol anywhere, there are technical and social restrictions."
Berners-Lee said that Web technology had been originally designed for "a friendly academic environment". Numerous technologies including e-mail and wikis had been conceived in a positive light, and are being used for good by large numbers of people. But he said that the negative side of technology use should be addressed.
"We made the e-mail system, and in turn it's used by a huge number of people. The person who designed wikis led to Wikipedia [being founded]. E-mail and the Web allow the mass sending of information, but were designed for a friendly academic environment. You have to look at the result: there are huge volumes of spam, phishing attacks -- that's bad, and we have to fix that -- that is the cycle of Web sites," said Berners-Lee.
Phishing attacks have the potential to damage consumer confidence in the Web, because consumers are "now not sure if it's [their] bank". Berners-Lee called for a mixture of technological and educational measures to mitigate Web-security issues. Technical means should be employed to mitigate current Web 2.0 threats, such as cross-site scripting attacks, he said, while good security practice should be encouraged among end users.
Cross-site scripting attacks exploit JavaScript flaws to inject malicious code into a Web page during a user's browser session. "Cross-site scripting attacks are a huge problem," said Berners-Lee. "Other times it's just straightforward education. Don't train users to type their passwords into Web sites in the clear. Banks are training [US users] to give their social security number. There are some security flaws they haven't thought they're training people to do."
As far as he goes,being quite generalised,Berners-Lee has been forthcoming.I however,see in the past few years,since the Internet came into being;NOT a friendly,safe environment where people can search out information for their own personal edification,enjoyment.The Web has tansformed itself into nothing much more than a disgusting,commercial enterprise which has set about to simply and plainly rip decent citizens off.Everywhere one turns today,you have to watch out for pitfalls,traps;some of which you aren't even aware of until it's too late.Whether or not the information is valid,now,comes into play.Is it one person's opinion or fact.Our trust in the Net has become a falsehood.I agree that everyone,including myself should have full and complete access to everything that is available today and not be judged by someone else who has,and is,taking it upon themselves to decide for me.Before any program/application that is available to download and install,it should have to pass muster by a solidly people-oriented body,whether it is a freeware or paid product.Why?,because within these programs/application,the creator is also inserting "other" hidden code,adding things we don't want,didn't know we are/were,getting.Subversive,covert activities are rampant.Nothing should be unavailable to me.I don't view/never have viewed even one porn site but the option should be there for those that wish to-to their detriment.I almost wish there were TWO Internets available.One for common,everyday surfers looking for information.Another for the use of commercial enterprises,so,we can stay away from that aspect.I sincerely don't know what the common answer is but as each year comes along,I use the Internet less and less,stick to sites where I have found them to be honest and above board and that list lessens each year,to the point where,soon enough you can;t trust anything or anyone at all.It's a shame really that there are so many who will take advantage of unwary people such as myself.WHERE IS THE ENJOYMENT GONE?!.Just a brief overlay of my personal experience.Have had computers long before there WAS an Internet and am totally dismayed.My thanks for the opportunity to express myself here.