P2P under Congressional scrutiny - FTC to investigate

Although there are legitimate uses for P2P (peer to peer) software, there is no doubt that there are a lot of dangers to using it, also.

Officially, the concerns are how this exposes people to identity theft -- but this costs the entertainment industry (who probably have a few lobbyists dedicated to this matter) a lot of money when they don't get their royalties (money) on music and videos -- which people download for free using P2P.

Now Congress is asking the Federal Trade Commission to take a deeper look into the matter.

Still worried that peer-to-peer filesharing networks like Lime Wire are causing users to "inadvertently" expose sensitive documents, posing potential security risks, members of Congress are now asking for a formal investigation into the phenomenon.

The latest concern from the House of Representatives Committee on Oversight and Government Reform, judging by a 7-page letter (click for PDF) dated Wednesday to Federal Trade Commission chairwoman Deborah Majoras, appears to be this: Peer-to-peer networks may make unsuspecting consumers vulnerable to identity theft.

The same group of politicians, led by Reps. Henry Waxman (D-Calif.) and Tom Davis (R-Va.), suggested earlier this summer that peer-to-peer networks can pose a "national security" threat by allowing users to expose sensitive information unwittingly. (Some politicians, particularly those with entertainment industries in their districts, also took the opportunity once again to condemn unlawful transfer of copyrighted content via the networks.)

I've written a little about why it isn't a good idea to use some of the P2P networks out there:

Japanese cop exposes confidential information on 6,000 people using P2P (file-sharing) software

How P2P Software like Limewire Compromises Personal and Financial Information

Besides being a potential national security threat and an identity theft venue, most of this software is liable to do a lot of damage to your system. And unless you are pretty technically inclined, you will probably have to spend a little of your hard-earned money to fix the damage it will cause!

CNet news blog story, here.

Japanese cop exposes confidential information on 6,000 people using P2P (file-sharing) software

Japanese police car picture courtesy of Flickr

We spend a lot of MONEY protecting computer systems and the information in them. Despite this, information is stolen or compromised from computers, pretty frequently.

One reason for this is it only takes one person, with access to compromise a system and it's security.

Recently, Japan Today, disclosed that a policeman did just this by using P2P file sharing software:

Personal information on some 12,000 people related to criminal investigations has leaked onto the Internet from a computer of a Tokyo police officer via Winny file-sharing software, the Metropolitan Police Department said Friday. This is believed to be the largest volume of data leaked from the police on record, the department said.

In case you've never been exposed to P2P (file sharing) software, it's normally used to share porn, movie, or music files.

Wikipedia lists the dangers of using this type of software, of which there are many:

• poisoning attacks (e.g. providing files whose contents are different from the description)
  
  
• polluting attacks (e.g. inserting "bad" chunks/packets into an otherwise valid file on the network)
  
  
• defection attacks (users or software that make use of the network without contributing resources to it)
  
  
• insertion of viruses to carried data (e.g. downloaded or carried files may be infected with viruses or other malware)
  
  
• malware in the peer-to-peer network software itself (e.g. distributed software may contain spyware)
  
  
• denial of service attacks (attacks that may make the network run very slowly or break completely)
  

• filtering (network operators may attempt to prevent peer-to-peer network data from being carried)
  
  
• identity attacks (e.g. tracking down the users of the network and harassing or legally attacking them)
  

• spamming (e.g. sending unsolicited information across the network- not necessarily as a denial of service attack)

Using any of these services, normally slows a computer down to a slow crawl. It can even destroy your computer.

Besides that, it's illegal to share copyrighted material (I think it's considered stealing). Not a very good situation for a policeman to get caught up in. What was he thinking?

Japan Today story, here.

Here is another post, I wrote about the murky world of P2P last year:

How P2P Software like Limewire Compromises Personal and Financial Information

Attrition.org tracks how often information is compromised, and the reasons why, here.