Question

1. What is Web 3.0? Is it different from the Internet of Things? What are the different aspects of Web 3.0 in itself?

2. List at least three security threats that a firewall will not protect a company against. Explain why.

Answer 1

1. Web 3.0 is slated to be the new paradigm in web interaction and will mark a fundamental change in how developers create websites, but more importantly, how people interact with those websites. Computer scientists and Internet experts believe that this new paradigm in web interaction will further make people's online lives easier and more intuitive as smarter applications such as better search functions give users exactly what they are looking for, since it will be akin to an artificial intelligence which understands context rather than simply comparing keywords, as is currently the case.

Even as we continue to define what Web 3.0 means, we are simultaneously moving beyond it, and toward the Internet of Things. The Internet of Things (IoT) will likely be the next era, as it takes the notion of an ever-present internet to a new level. Smart devices in the Internet of Things not only use the internet, but speak to each other via machine-to-machine communication (M2M) to accomplish tasks without the need for human input. There are already an abundance of smart devices, as well as automated, internet-connected systems that run without human input, such as automated building climate control.

Below are 5 main features that can help us define Web 3.0:

1) Semantic Web
The next evolution of the Web involves the Semantic Web. The semantic web improves web technologies in order to generate, share and connect content through search and analysis based on the ability to understand the meaning of words, rather than on keywords or numbers.

2) Artificial Intelligence
Combining this capability with natural language processing, in Web 3.0, computers can understand information like humans in order to provide faster and more relevant results. They become more intelligent to satisfy the needs of users.

3) 3D Graphics
The three dimensional design is being used extensively in websites and services in Web 3.0. Museum guides, computer games, ecommerce, geospatial contexts, etc. are all examples that use 3D graphics.

4) Connectivity
With Web 3.0, information is more connected thanks to semantic metadata. As a result, the user experience evolves to another level of connectivity that leverages all the available information.

5) Ubiquity
Content is accessible by multiple applications, every device is connected to the web, the services can be used everywhere.

2)

Firewalls can't protect against attacks that don't go through the
firewall. Many corporations that connect to the Internet are very concerned
about proprietary data leaking out of the company through that route.
Unfortunately for those concerned, a magnetic tape can just as effectively
be used to export data. Many organizations that are terrified (at a
management level) of Internet connections have no coherent policy about how
dial-in access via modems should be protected. It's silly to build a 6-foot
thick steel door when you live in a wooden house, but there are a lot of
organizations out there buying expensive firewalls and neglecting the
numerous other back-doors into their network. For a firewall to work, it
must be a part of a consistent overall organizational security architecture.
Firewall policies must be realistic and reflect the level of security in the
entire network. For example, a site with top secret or classified data
doesn't need a firewall at all: they shouldn't be hooking up to the Internet
in the first place, or the systems with the really secret data should be
isolated from the rest of the corporate network.

Another thing a firewall can't really protect you against is traitors or
idiots inside your network. While an industrial spy might export information
through your firewall, he's just as likely to export it through a telephone,
FAX machine, or floppy disk. Floppy disks are a far more likely means for
information to leak from your organization than a firewall! Firewalls also
cannot protect you against stupidity. Users who reveal sensitive information
over the telephone are good targets for social engineering; an attacker may
be able to break into your network by completely bypassing your firewall, if
he can find a ``helpful'' employee inside who can be fooled into giving
access to a modem pool. Before deciding this isn't a problem in your
organization, ask yourself how much trouble a contractor has getting logged
into the network or how much difficulty a user who forgot his password has
getting it reset. If the people on the help desk believe that every call is
internal, you have a problem.

Lastly, firewalls can't protect against tunneling over most application
protocols to trojaned or poorly written clients. There are no magic bullets
and a firewall is not an excuse to not implement software controls on
internal networks or ignore host security on servers. Tunneling ``bad''
things over HTTP, SMTP, and other protocols is quite simple and trivially
demonstrated.