File Sharing:Who Can You Trust?
Last night I received one of several security newsletters that I get daily regarding computer security and in particular family computers. I tend to rant about file sharing but I don’t think I’ve ever seen such a serious topic like this so ignored by the “main stream media”. Dartmouth University released a report to several of our government agencies that demonstrated the prevalence of mining for bank info held on computers. It has been proven the overwhelming majority of users of file sharing software had no idea what was actually shared on their hard drive. In fact studies showed that on average 67% of the hard drive was shared including mail files and documents. It was also pointed out that someone could search for a file that has a name similar to a bank or credit card company and reveal sensitive data. Most of these users just thought hey were sharing their music files.

If the truth about file sharing programs were revealed the problem of identity theft would have been minor compared to what it is today. Most people would not use software if they knew it has the ability to trash your computer and compromise your identity. Remember that most attacks on the internet are spread through unsafe home broadband connections and a home computer can and will be taken over by bad people.

I have lost count of how many times I’ve read about various instances of data compromise and wonder when I will get targeted because of someone’s ignorance or criminal behavior. It was revealed on June 12 that an employee of Pfizer had their take-home computer compromised and used to attack the company’s network. Details weren’t released other than file sharing software was discovered on the notebook and they traced the breach to that computer. Pfizer has apparently stepped up to the plate and is doing all it can to minimize damage and help any affected people.
I do believe most companies and agencies would not leave sensitive data on portable computers, at least under the vast majority of circumstances. What is usually the case is the notebook is used as a portal to the company’s internal network and passage is obtained by compromising and then taking over the computer. Most of the time nobody will be the wiser until the network administrator detects unusual traffic that is inappropriate for that person’s position. It sounds as though some type of control software will be necessary to prevent people from harming themselves and others with the decision to use a work computer for entertainment rather than intended business.

This all goes back to what I try to stress to our clients when I see an entire family using one computer. If you think that is safe you may get an unpleasant surprise. Kids will do things that adults won’t (such as download something they totally unfamiliar with). Kids are attracted to features on the internet that adults aren’t interested in. You can account for your own behavior but not that of your kids. If you are savvy enough that you can track what the kids do then you are most likely using another system than they because you know the risks. As long as you can download music without paying for it there are going to be risks. File sharing it just isn’t worth it. It could end up costing you many times over what the music would have cost to get it the legitimate way and buy it.
-George Harding

File Sharing Identified

Since George has already explained the dangers of file sharing on this page and in previous articles, I will limit my column to a list of the currently known programs that are actively used for file sharing. We encourage parents to check their computers, and the computers of their kids to see if any of these programs are installed. If they are you should contact a professional to have the system checked immediately. I've highlighted the ones we see most often:

Find MP3
Aimster
Audio Galaxy
AudioGnome
BearShare
Blubster
Direct Connect
eDonkey 2000
FileNavigator
Filetopia
Flipr
Gnotella
Gnucleus
Grokster
Imesh
Kazaa
Limewire
Mactella
Morpheus
Napigator
Ohaha
Rapigator
Real MP3 Finder
Songspy
Swaptor
WinMX
Xolox

-Steve Weigle