Advertisement
Promo

Mail & messaging Toolkit

US gov't leaks data through file sharing

Declan McCullagh CNET News

Published: 30 Jul 2009 15:53 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Sensitive files such as US Secret Service safehouse locations, military rosters and IRS tax returns can still be found on file-sharing networks, according to a report to a US House of Representatives committee on Wednesday.

In many cases, it is because US federal government employees or contractors had installed peer-to-peer software on their computers without paying attention to which documents would be shared, Robert Boback, chief executive of P2P intelligence company Tiversa, told the panel.

Boback said Tiversa had found the Secret Service's evacuation plans for the first lady and motorcade routes earlier this year, which led some politicians to announce that new federal laws were necessary to stop inadvertent file sharing.

"I'm planning to introduce a bill," said Edolphus Towns, a New York Democrat who heads a House oversight committee. He said his legislation would limit the use of P2P software on all computer networks operated by the federal government or its contractors.

In addition, the Federal Trade Commission should investigate whether P2P software developers are violating the law and the Obama administration should "undertake a national campaign to educate consumers about the dangers of file-sharing software", Towns said. In April, Towns' committee informed the FTC it had reopened an investigation into inadvertent file sharing.

Peter Welch, a Vermont Democrat, suggested a similar approach. He wanted to know: "whether there's some legal action that should be taken to protect intellectual property, to protect kids from pornography, to protect classified medical information, national security information."

Read this

Why scammers find rich pickings on Facebook

People shed their normal caution on social-networking sites, leaving the scammers and worm-writers to rub their hands with glee...

Read more +

The two-and-a-half hour hearing singled out LimeWire, which is probably the highest-profile P2P client in use today. It is distributed by Manhattan-based Lime Wire, which sells a more featured version called LimeWire Pro, and it uses the BitTorrent and Gnutella networks.

Lime Group chairman Mark Gorton tried to defuse some of the criticism: "The current version of LimeWire does not share any documents by default." He added that many security improvements were included in version 5 of the software — released in December 2008 — that were absent from the previous version.

Gorton also tried to make a more subtle point: the Gnutella network is an amalgamation of scores of various P2P clients, many of which may have different default settings, and Lime Wire should not be held responsible for someone's decision to share files using a program written by a different company. It didn't work.

"It is chilling what the public now has available to it," Towns said. "The idea that you can look at the first lady's information — where she's going, how she's getting there, tax records, things of that nature. We need to get to the bottom of this."

Not helping was the fact that Gorton testified at an earlier hearing in July 2007 on the same topic.

"Mr Gorton, I find your testimony today stunning," said Paul Hodes, a New Hampshire Democrat. "You promised us two years ago you were going to fix LimeWire."

Gorton replied: "LimeWire does not control the computers of people around the country." He later added: "It's not unreasonable to expect that people who install file-sharing software want to share files."

Other suggestions were more extreme. Bill Foster, an Illinois Democrat who's more technically-inclined than most politicians with his doctorate in physics, said "the nuclear option is to block the Gnutella protocol" on a national basis.

But he acknowledged, that was not likely to work. Another option, he said, would be to create a new version of the Gnutella protocol that allowed only limited clients — that curbed what folders or file types could be shared — to connect to it.

Credit: Congress: file sharing leaks sensitive data from CNET News

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
8 out of 8 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

1 comment

  1. Now there's a surprise... CA

Related Links

More In Mail & messaging


Company/Topic Alerts

Create a new alert from the list below:






Video icon

Video

Sentry Posts Blog

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters