Comments on: Comments on 14009

Post number 14009

giantkicks — Sat, 19 Jan 2002 20:56:38 -0800

Fear as the latest anti file-sharing campaign MSNBC has a whopper of an article intending to scare the poop out of users of file-sharing programs with names like Gnotella, BearShare, Morpheus etc. They can't shut the system down 'honestly', smirk, so they're beginning the fear campaign. The article is titled "Is your computer inviting voyeurs? Embarrassing, private text files find their way onto the Net". It details some frightening examples of acidentally sharing sensitive information, a lot of which seem farfetched; FBI documents, Korean military files, bank account numbers with pins.. If the courts can't stop file sharing, maybe fear will.

By: jacobw

jacobw — Sat, 19 Jan 2002 21:17:16 -0800

The last paragraph said it was the fault of inexperienced users. I agree.

By: sawks

sawks — Sat, 19 Jan 2002 21:23:29 -0800

considering that broadcasting of (potentially sensitive) documents is a feature of many recent virii (eg. sircam) - you could make the same case against the windows platform in general.... while we're here - if anyone missed Why Gnutella Can't Scale. No, Really. - its quite an illuminating look at gnutella's network design (albiet written by a napster founder)

By: mr_crash_davis

mr_crash_davis — Sat, 19 Jan 2002 21:30:41 -0800

Just for fun, I cranked up Limewire and went looking for .doc and .txt files, and in about two minutes found thousands of files that probably weren't meant to be shared. It looks like some people have their entire C: drives shared, as I could get cookies, log files, shopping lists, resumes, angry letters to AOL (that's a whole list in and of itself), and tons of other documents that people probably wouldn't let their spouses read, let alone some anonymous person who just likes to snoop. Very informative.

By: stavrosthewonderchicken

stavrosthewonderchicken — Sat, 19 Jan 2002 21:43:12 -0800

If you are dumb as a post, people will take advantage of you. This is the way of the world. If you share your entire hard drive, you are doing the equivalent of leaving your house with the doors wide open. You get what you deserve. That said, I've noticed this sort of thing a few times with WinMX in particular, and, nice guy that I am, always try to message the person suggesting they select their share a little more carefully.

By: whatnotever

whatnotever — Sat, 19 Jan 2002 21:57:16 -0800

I grabbed a cookies.txt and was messing around with some guy's Amazon account, once. He even had one-click shopping enabled! There are all *sorts* of things to be had out there...

By: hincandenza

hincandenza — Sat, 19 Jan 2002 22:42:37 -0800

sawks: That "Why Gnutella Can't Scale" document came from a biased source, and was I believe incorrect. Seeing as I connect through gnutella (Gnucleus) quite often using 10 immediate hosts and often thousands of friends, and it works fine, there's something amiss in his calculations. And that's not even considering that for some time now, Gnutella clones have been looking to implement various improvements in performance such as hostcaching and ultrapeers- higher bandwidth peers that can if online for x hours become like master hubs to aggregate various nearby clients around them and act as a search/announce proxy, creating a semi-dynamic tree structure instead of a flat all-peers-are-equal structure. These things, and others, are going to make Gnutella that much better, and a much more legitimate Napster replacement. The only drawback is few solutions allow for dialup users to work in the system very well. As for the linked MSNBC article, it did seem a bit too fearmongering for my tastes, and does raise the antenna about why it was written at all if not to pursue an anti-filesharing agenda.

By: Satapher

Satapher — Sat, 19 Jan 2002 23:56:04 -0800

that just means less idiots. bring on the fear

By: KirkJobSluder

KirkJobSluder — Sun, 20 Jan 2002 06:56:33 -0800

I find it interesting that a security vulnerability from an independent software contractor is treated as the users problem, while Microsoft is to blame for failing to make their security idiot-proof. I suspect if the same thing was written about FTP or Windows file sharing, that most of this conversation would be about how Microsoft should be taken to court for damages. I really didn't consider this article to the fear mongering. Just about any form of file sharing is an open invitation for people to common look at your data. Perhaps more importantly, it's an open invitation for script kiddies and hackers to try to get into your private files. This hasn't changed much since the old days when Linux shipped with the FTP and sendmail barn doors wide open for abuse.

By: dhartung

dhartung — Sun, 20 Jan 2002 10:45:10 -0800

Oh, right, giantkicks, Bob Sullivan, MSNBC's longtime technology reporter, is "the Man" carrying water for the "copyright cabal", right? Isn't that what you meant to say? People also consistently accuse Sullivan (and MSNBC's tech coverage) of a pro-Microsoft bias, which just proves that they don't read either regularly. Sullivan is no born-again geek, but for a technology reporter he has a good ear for a story and does a lot of hands-on followup. During the Paypal scam he was chasing down phone numbers in places like Kyrgyzstan. I'm getting more consistently disappointed with Metafilter every day, and it's crap like this that's swirling in the bowl. Gimme a break. Guess what? You use file-sharing programs improperly, YOU SHARE YOUR CRAP WITH THE WORLD. That's something people need to know, not FUD.

By: mr_crash_davis

mr_crash_davis — Sun, 20 Jan 2002 12:52:20 -0800

Well, now I am in an ethical quandary. In all the files I scooped up last night, I got a text file containing someone's credit card number and the username and password to log in to the credit card company's Web site. It works, it's an active account, and I'm just baffled as to whether or not I now have a responsibility to warn the person. Since I have access to the account, I have the person's name, address, phone number, email address, etc. If I found someone's wallet on the street, I would be ethically bound to make an attempt to return it. What do I do with this information? Should I change the password to the account on the assumption that since I got the file, others have and by changing it I'll be able to keep them out, then send the person an email with an explanation and the new password? Would this open me up to legal liabilities? Am I already guilty of something by checking to see if the information was valid? Or should I just call the person on the phone? I can see that going over really well: "Hello. You don't know me, but I have all your credit card information. No, I didn't steal it, you shared it with the world. Uh, no, I am not calling from my home phone. Hello? Hello?" On the other hand, I could do nothing at all, since this person was careless enough to share the file I can assume that they're going to get what's coming to them, right? Electronic ethics are giving me a headache.

By: sixtwenty3dc

sixtwenty3dc — Sun, 20 Jan 2002 14:16:51 -0800

it's darwinism. i pity these poor saps (only for about 10 seconds)