How safe is P2P?
March 2, 2009 8:04 PM   Subscribe

How worried should I be about the recent rash of stories in the mainstream media about P2P software being used to commit identity theft?

For instance, this article about medical data being found on P2P clients like Gnutella. Or this one about a family's financial data making its way onto LimeWire.
I have no experience with these particular clients, but I have used Grokster and Morpheus back in the day. Is it really possible for someone else to download your files if you haven't taken a positive action to indicate that you want to make specific files available? Is this just a case of people who are even less l33t than yours truly not understanding how P2P software works and/or having lousy security on their computers? Or is this just another case of the MSM trying to mess with my head?
posted by The Ardship of Cambry to Computers & Internet (9 answers total) 2 users marked this as a favorite
 
If you put sensitive information into a folder you've set to be shared, and you also set it up to share any files in that folder instead of just *.zip, *.mp3, *.ogg, etc., then yes—Gnutella or Limewire could help someone steal your identity.

On the other hand, if you point a gun at your head and pull the trigger then the gun will kill you.
posted by sonic meat machine at 8:09 PM on March 2, 2009


Is it really possible for someone else to download your files if you haven't taken a positive action to indicate that you want to make specific files available?

Not really, but a lot of people accidentally leave folders open for sharing. I remember when i was in college everyone shared using windows built-in sharing on the huge, campus wide LAN. Every once in a while you'd find people who had their entire C: drives shared. You see the same thing with P2P software every once in a while.

Another possibility is that people's computers might be otherwise compromised, like leaving their C: drives shared with windows sharing or having an un-patched OS that's remotely compromise able by just knowing the IP address and hackers might use P2P software to find hackable IPs.

And the biggest risk would be naive users downloading Trojans thinking they are music or something and having their machines into botnets for sending spam.

But most of these articles are just about people who have accidentally overshared, I think.
posted by delmoi at 8:13 PM on March 2, 2009


what the others have said...just be sure to choose specific folders to share and make sure those aren't the ones that you use for personal stuffs.
posted by legotech at 8:26 PM on March 2, 2009


I know a guy who once downloaded an entire folder - meaning to get an entire album - and wound up getting all manner of term papers, chats , and a PDF of the other user's mom's house appraisal. If he'd wanted to be malicious, he could have been.
posted by notsnot at 8:32 PM on March 2, 2009


Is this just a case of people who are even less l33t than yours truly not understanding how P2P software works and/or having lousy security on their computers?

Yes.
posted by qxntpqbbbqxl at 8:55 PM on March 2, 2009


Note also that it's pretty much impossible to point the gun at your head with torrents.
posted by Zed at 10:05 PM on March 2, 2009


There's a reason that these programs have shared folders. If you set it to share "My Docs," it will share ALL of My Docs. The people mentioned in the articles were not smart enough to realize it.
posted by majikstreet at 4:09 AM on March 3, 2009


Thanks, everyone, for talking me down.
posted by The Ardship of Cambry at 7:53 AM on March 3, 2009


I actually had the same question yesterday. All the news stories I saw or read were lacking in details, and really did nothing but scare people.

Except for downloading via uTorrent, I have no recent experience with P2P stuff, but I work with a lot of inexperienced users. So I downloaded the latest Limewire (5.0) and installed it.

The DEFAULT settings would have shared all pictures, music, videos and documents on my desktop and in the My Documents folder.

So yeah, its pretty easy to protect yourself--just uncheck the boxes in your sharing settings. But honestly, the fact that Limewire would try to share the entire desktop and documents folder by default is very troubling.
posted by General Tonic at 8:11 AM on March 3, 2009


« Older Is difference in voltage and pins an issue with...   |   How do I deal with super-sensitive skin? Newer »
This thread is closed to new comments.