Topics In Demand
Notification
New

No notification found.

Web 3.0 : Revolutionary technology with potential security risks
Web 3.0 : Revolutionary technology with potential security risks

335

1

Web 3.0 Evolution

Web 3.0 at its core, comes across as a natural evolution in terms of its concept and idea. Add blockchain, smart contracts, DAOs to the mix and now it sounds like a perfect package where security can’t be broken and everything now works just as it should ideally be.

Today we live in a world where data is the oil. Its data that’s created every second all over the web. Most users are clueless about how this data is being collected and used for profiling, selling, manipulating or brainwashing masses. We are just too occupied in our daily lives with no time to dig deep and understand larger picture.

GDPR in a way did wonderful job in terms of bringing awareness about personal data and held organizations accountable for violations of privacy rights. While this could address use of PII to some extent, clearly, there is lot to address when it comes to protecting people’s voice and views on the web, especially social media. Big Techs today can shut down your social media voice anytime if your thoughts and views do not align with their policies.

Web1.0 naturally began with static web pages where the experience was more like reading books. Web 2.0 allowed users to interact and create their own content on platform. Today almost 86% of the content is created by users.

Web 3.0 Architecture 

While Web3.0 will take its own time and path to be fully implemented, the architecture looks impressive on paper. You have a blockchain in there with hash verifications to maintain integrity of your data. Crypto wallets with DAO to make transaction secure and most of all, no regulatory governing body. At the face value, it does assure control for users to protect their own data, no intermediaries to influence any decisions and the immutable block architecture. It’s still too early and no one can guess timeline when this would become a reality. While some call this revolution, others are calling it a scam. Only the time will tell, but the very architecture of web 3.0 is quite promising it terms of delivering the purpose.

Is Web 3.0 really secure?

My favorite information security quote has been “Security is always seen as too much until the day it’s not enough”. Information Security has never been just about tools and technique, its also about discipline and mindset. It’s a continuous practice, essentially with humans playing a key role as informational assets.

On a high level, web3.0 certainly has its own set of risks. Lets hope that most these risks would be mitigated by the time web3.0 becomes a reality.

1. Lack of governance and oversight — While some might see governing body as a major risk, the lack of regulatory or governing body essentially means no standard agreed practices, no uniform operating protocols, no body to resolve disputes, no entity to oversee if everyone is following the norm and so on. If there is a way develop regulations without giving too many rights to governing body, it may be a win-win situation here.

2. Vulnerable smart contracts — This could pretty much be consequence of earlier risk. Because there is no governing body, there is no standard protocol for designing, developing, assessing and validating the technology. Smart contracts are key transactions, so a security bug if exploited may lead to major losses. Recent crypto scams have already shaken the trust of many.

3. Unsecured Crypto Wallets — Securing the identity has always been the challenge in web2.0 and it will continue to be in web3.0 as well. At least until technology matures, the human element may be susceptible to phishing and malware intrusions.

4. DAO security — Decentralized organizations are key entities in this whole technology and may be prone to governance attacks where attackers can potentially borrow higher number of tokens to push through the proposal. Additionally DAOs may struggle to manage operations and frequently encounter challenges of administration and co-ordination.

5. Interoperability Issues — It’s too early to assess the impact or landscape of this risk There are too many technologies in the mix to make web 3.0 a successful implementation. The interoperability as well as incompatibility may be a potential issue.

Final words

In addition to risks listed above, obviously the concerns around protection of private data, intent of technology innovators and key stakeholders, traceability of transactions, lack of regulations and unaccountability will need to be part web 3.0 risk registers.

While we strive for web 3.0 , we might end up somewhere around web 2.5 which would be a mix of both worlds. Whatever happens, lets hope that its not the common people who again end up losing the battle and data is misused for variety of gains by those in power.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


CEO and Co-founder, CyberFIT solutions | CISO | Risk transformation and Business resilience | Privacy | Leader

© Copyright nasscom. All Rights Reserved.