Comments on: Can peer-to-peer coexist with network security?

Following congressional complaints about sensitive data leaks, P2P software providers are modifying their apps to make them safer for use in enterprises.

[Jesterace77]

I guess it's a good thing that I don't use peer-to-peer software.

[n3td3v]

There was no leak of Obama's helicopter, the file was found on a computer. The intelligence services know which computer it came from and what computer it went to. The data in the file wasn't read by anyone, the information is still secret.

[RacerX7]

"The data in the file wasn't read by anyone, the information is still secret."

Source?

[n3td3v]

"Source?"

n3td3v March 6, 2009 11:36 AM PST

[pentest]

Wow, you are such an expert that you can source yourself?

[getwired]

Um. Last I heard it was on a P2P network, being shared out of Iran. I don't believe the Internet tubez work the way you think they do. The doc is long gone as far as confidentiality or information disclosure are concerned.

[contentcreator--2008]

If user-originated files can't be shared, aren't you pretty much conceding that the whole point of file sharing is to share other people's stolen content???? (OK, except for that 0.3% who might occasionally use it for a linux distribution, cough cough?)

[Imalittleteapot]

I don't pirate, but I use torrents to download lots of open source software. I'm currently using Ubuntu right now that was downloaded via torrent. Why do I use torrents? Because on big downloads sometimes the download can fail half way through and you have to start over. That's exactly what happened to me when I first tried to download Ubuntu directly via HTTP. I got to about 100 meg and it died. It's true there are HTTP and FTP download managers that can resume, but that doesn't always work and a few servers still don't support resume.

Torrents allow me to pause the download, resume the download later whenever I want or in case the connection has dropped, and in some cases torrents have even been used to repair corrupted files by redownloading the few small chunks that have been damaged. Also, I can give back to the community and use torrents to take the bandwidth load off someone else that's trying to distribute gigantic files for whatever net community they're currently focused on. Also, as time goes on files and data are only going to get bigger. Because of this I bet torrents will become ever more popular for just everyday things that have nothing to do with piracy.

Also, your 0.3% is probably entirely wrong, because if only %0.3 percent of people used some kind of P2P technology for legal purposes it is highly unlikely any of those %0.3 of people would have noticed your post in the big mass that is the internet. The fact that I replied to you so fast probably means statistically there are many more people than you think using P2P for legal means. However, we don't really have enough data or evidence to say that, but that'd be my guess.

[Imalittleteapot]

And no, I don't have any idea how my % signs got completely on the wrong side there. Oh well.

[contentcreator--2008]

0.3% is the market share reported by recent browser surveys, if memory serves. Sure Linux is used in datacenters and embedded, but market share is very low in the bulk of the population using file sharing (ie even lower than the 0.3%).

[Imalittleteapot]

contentcreator--2008
Linux is not the only free software program on the planet. I say people also use torrents as a download manager for anything that's big and not just Linux. I'm sad now that you couldn't figure that out. A storm or something messed up the net in my neighborhood. Downloads became very slow and connections were dropping for everyone for about a week while they fixed it.

This around when the latest Open Office came out. So, as to make sure my download would not fail I also downloaded OO via torrent. My friends and I have also seeded torrents to each other of video that we've shot because some of us are into photography and video editing. That's a lot data. Gigs and gigs. A little too much to be transferring through an instant messenger connection. I could give you example after example.

Has nothing to do with Linux. Your just gonna have to face the fact that your bias is wrong. Add up all the large software programs and content that's out there and you'll find many people use torrents for completely valid things. I's just a protocol like HTTP or FTP. It doesn't mean the content is all illegal. You could shut it down if you want, but you can download pirated stuff via HTTP and FTP just the same. You're not fixing the problem, you're just ruining a completely awesome technology that can be used for good or bad. Just like any other technology.

You think I never downloaded an MP3 or ISO file via HTTP before? I have, and guess what? Stolen music mostly comes in MP3 format and many stolen videos come in ISO format and much stolen software comes in ISO format. Pirated material can be transferred with or without torrents. So, your bias against torrents is just ignorant. It won't solve the problem, however using P2P technology can save companies loads of bandwidth like when Blizzard uses torrents to download updates for their games.

You're really just uneducated and don't know what your taking about here. You don't understand P2P is a bandwidth saving technology. It's not designed for the purpose of pirated material. Just like HTTP and FTP wasn't designed for that either. Pirates just use whatever technology is available to them including the internet. Following your solution to its logical conclusion would mean shutting down the entire internet because as long as it's up, pirates will take advantage of it. If you actually feel that way then please feel free to hit the power button on your computer.

[Imalittleteapot]

Also, one more thing I just thought of. Most email is sent by spammers. Spam is illegal. Are you saying we should down down email too because it's mostly used for illegal purposes? You'd better because if you don't the pirates can just email each other their stolen goods. See how that works now? It can be used for good or bad.

[ddanckaert]

Answer: No Way

[pentest]

Why are corporations giving its employees admin or root rights? It is amazing, the biggest threat to any network are its users not outsiders, yet many allegedly professional IT departments ignore this.

[Michichael]

I'd like to see any of our employees try this. Ingress and Egress filtering/auditing do a lot to lock down on this kind of stuff.

[random truth]

Because alot of windows programs do not work correctly without root privileges.

[pentest]

If admin privileges are needed to install and run something the IT department can set that up if it is necessary.

If P2P is necessary for one to do her job, there are plenty of business friendly solutions, but the employee should never be allowed to install anything for any reason.

More work for IT departments? Yes, but the long term cost savings is worth it.

[gggg sssss]

start with firings, then civil suits, then espionage charges.

[getwired]

The person who installed the software and compromised the document should be brought up on criminal espionage charges. They did not perform the duties of their job, to protect confidential information.