Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

FTC To Take a Second Look at P2P

Posted by ScuttleMonkey on Tue Oct 23, 2007 12:27 AM
from the any-excuse-to-cause-trouble dept.
The Internet Government Security Politics
BlueMerle writes to mention that the House Committee on Oversight and Government Reform has asked the FTC to take another look into the world of peer-to-peer file sharing. This time around however the inquiry has nothing to do with copyright. "But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available. This has already happened several times, as the Oversight Committee learned in July when it held hearings on the USPTO report and its findings. At that hearing, representatives were also shown real-time P2P search data. While most of the searches were for porn, movies, and music, the committee noted a surprisingly number of searches for private financial information."
+ -
story

Related Stories

Submission: FTC to look at P2P - Again! by BlueMerle (1161489)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

FTC To Take a Second Look at P2P 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Just wonderful. (Score:4, Funny)

    by adolf (21054) <adolf@phreaker.net> on Tuesday October 23 2007, @12:32AM (#21081637)
    Now, instead of RIAA, I have to worry about the Secret Service and the NSA when I'm browsing pirate bay looking for some mus

    *bright flash of concussion grenade*

    $#(FRe2%DEK#NO CARRIER

    • Re:Just wonderful. (Score:5, Interesting)

      by Technician (215283) on Tuesday October 23 2007, @01:00AM (#21081785)
      Now, instead of RIAA, I have to worry about the Secret Service and the NSA when I'm browsing pirate bay looking for some mus

      Your search for muscle building is probably not going to raise any eyebrows. The fact you are sharing your entire My Documents folder with your Turbo Tax records is of a bigger concern. Go to any P-P site and do a search for common applications extensions. .doc, .xls, .ppt, are just the tip of the iceberg. Try searching for .pwl.. enjoy.

      Many people just don't get the fact they shouldn't use their home directory as a place to download their goodies. It is what they share without even knowing is what is dangerous.

      Here is a WSJ article detailing the problem..
      http://online.wsj.com/public/article/SB118134946950829716-QWDmBwH_qAgisaepbCCMoT_4cPA_20070710.html?mod=fpa_editors_picks [wsj.com]
      Compuerworld article;
      http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9012961 [computerworld.com]
      and an article regarding an ID theft and arrest
      http://www.smh.com.au/news/security/man-used-filesharing-program-to-steal-data-money/2007/09/07/1188783469524.html [smh.com.au]

      They are not interested in your searches for marginal photos. They are interested in the security leaks.

      So just where are you pointing your downloads? Just what are you making available?

      • Many people just don't get the fact they shouldn't use their home directory as a place to download their goodies. It is what they share without even knowing is what is dangerous.
        Then when they lose all their money to identity theft and starve it can be treated as clear cut case of Darwin Laws in action and we post it slashdot as positive confirmation of the theory of evolution.

        Anyone that stupid should not be using the internet.
        • Anyone that stupid should not be using the internet.

          True, but they do. As an example of a large collection of these people, visit My Space.
        • Old method for getting free music via the internet:
          1. Download and install LimeWire
          2. Search for desired artist/song.
          3. Download songs that others are sharing.

          New method for getting free music via the internet:
          1. Download and install LimeWire
          2. Search for Quicken and TurboTax files that others are sharing.
          3. Transfer their assets to bank account in Cayman Islands.
          4. Use money in said account to buy CDs.

          Just one extra step, and no angry settlement letters from the RIAA!

      • Re:Just wonderful. (Score:4, Interesting)

        by bombastinator (812664) on Tuesday October 23 2007, @03:34AM (#21082415)
        While Technician makes a very valid point, I suspect a major impetus for this is going to turn out to be RIAA lobbying. After all it's OK to be a bastard as long as it's a matter of national security.

        IMHO the P2P developer groups are going to have to get off their butts right fast and do some kind of patch to fix this hole, Such as an auto folder creation, or major pop warnings or something, or they are going to find themselves legislated out of existence.

        And I do mean really really fast. There is a major attitude about foreign military and industrial espionage. This is the kind of legislation that has legs. It's got both fear and money on it.

        • Re: (Score:3, Informative)

          by cayenne8 (626475)
          "While Technician makes a very valid point, I suspect a major impetus for this is going to turn out to be RIAA lobbying. After all it's OK to be a bastard as long as it's a matter of national security.

          There is a major attitude about foreign military and industrial espionage. This is the kind of legislation that has legs. It's got both fear and money on it."

          Yup...if copyright won't get rid of P2P or other potentially corporate threatening technology, lets use the good old standby of 'national security'.

          I

          • Re: (Score:3, Interesting)

            by bombastinator (812664)
            True, but there's truth and then there is marketing. Remember there are well funded organizations who want to end file sharing. It doesn't have to actually be true it merely has to be a truthy excuse.

            Off hand I would ignorantly guess that it at least needs to be made clear that anyone who manages to get their stuff shared unintentionally is a giant idiot. Traditional liability requires a gate lock equivelant, which in this case would be a default setting that did not allow main directory sharing, with a wa

  • I may not be a bureaucrat ... (Score:5, Insightful)

    by Arabani (1127547) on Tuesday October 23 2007, @12:34AM (#21081645)
    But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?

    • Re:I may not be a bureaucrat ... (Score:4, Interesting)

      by adolf (21054) <adolf@phreaker.net> on Tuesday October 23 2007, @12:38AM (#21081669)
      A better answer would be to stop giving everyone personal computers if they're not supposed to be, well, personalizing them.

      Not to be too fucking obvious, here.

      • A better answer would be to stop giving everyone personal computers if they're not supposed to be, well, personalizing them.

        Not to be too fucking obvious, here.

        How about using deductive reasoning instead of putting the finger in the dike?

        I mean, its already illegal to share illegal stuff illegally. Why focus on p2p? This kind of information could be spread via email, snail mail, http, ftp, newsgroups, pencil and paper, smoke signals, telephone, telegraph, stenography, steganography, etc, etc, etc.

        I can't
        • There are alternatives to what are commonly known as PCs. One alternative is to have a dumb terminal (I'm sure they've got a much more flashier name these days, but they're the same thing). You can't install your own software on those.

    • Re:I may not be a bureaucrat ... (Score:5, Insightful)

      by MoonFog (586818) on Tuesday October 23 2007, @12:39AM (#21081685)
      And teach them that, even at home, sharing the entire "My Documents" folder when you keep your private and work related stuff there is a bad idea. I mean, most P2P programs I know of don't just make your entire harddrive available, you actually have to put these documents up for grabs.

    • Re:I may not be a bureaucrat ... (Score:4, Funny)

      by cybereal (621599) on Tuesday October 23 2007, @01:47AM (#21082029) Homepage

      But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?
      I'm sorry. You forgot to file form 23-B "Request for request to criticize" and amendment form 27-B-A2 "Amendment to criticism for system specific criticisms involving apes, lepers, or government employees," and submit it the resulting form along with a notarized copy of your mother's birth certificate request form, so I have the unfortunate duty to file a form to request the manual to instruct my assistant on how to file the request to have your bureaucrat grade demoted.

      Remember to file the acceptance forms or risk a lengthy repeat of this entire process!

      Stamp stamp stamp stamp stamp

    • If only so many apps the gov bought weren't so crappy and didn't require the user to be administrator for them to run I speak from experience too :(
      • Shouldn't that information be encrypted? If it isn't readable, downloading it from p2p wont help much unless hackers have a super computer built up of zombie machines to crack it.
        • Generally, sensitive government information is already physically shielded from the Internet - they simply don't connect their computers to it. I have some friends who don't even feel comfortable telling me what their wives' jobs are, and I doubt it's anything really cool that deserves to be secret. As far as I can tell, government security is working quite well. Heck, I can't even find anyone who wants to talk about that secret hypersonic plane I'm pretty sure we built. You'd think there'd be be nothin

  • Why is P2P always to blame? (Score:5, Insightful)

    by MoonFog (586818) on Tuesday October 23 2007, @12:37AM (#21081657)
    But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available.

    How is this even remotely related to any P2P protocol? That's an issue no matter what protocol used. Hell, in Norway there have been lots of screaming because some soldiers have put information and pictures that were confidential in one way or the other up on Facebook. Making confidential information available is a breach of security no matter what protocol you use to distribute it. Perhaps things get distributed more with P2P, but you still have to look for information and download before (while) you distribute it yourself.
    • It's about changing the internet from its present P2P nature where anybody can run a server into centrally controlled repository of "authorized" servers where uploading, like present day broadcasting, will require a license. Chances are the public will fall for it and go along. And the ISPs are already doing their part by restricting upload speeds and volume.
      • And then, we will see the rise of pirate websites, just like how there are pirate radio stations now.

        You could go a step further and conceive a world in which not only servers, but even things we take for granted, such as a hard drive or DVD-R disc, would be regulated. Admittedly, this is a highly extreme case, but considering there's already a trend toward making web applications for everything, it wouldn't be too difficult to convince the less technically apt people that they don't need a "real" computer
      • ...and suggest that to even connect to the Internet as a client in the future, you'll need a licence and an approved software stack. The licence will be in the form of an officially endorsed key pair, and your OS will (1) sign all your outgoing packets with this key pair, and (2) respond to remote attestation requests about the software running on your machine. You'll be able to opt out of this, of course, but if you do, you can't connect to the Internet, because routers at your ISP will refuse to carry tra

    • Re: (Score:3, Informative)

      by Technician (215283)
      Making confidential information available is a breach of security no matter what protocol you use to distribute it.

      Many people simply don't read the manual. They go "Oh, goody, freebies" and point the software at their My Documents folder. Later they wonder why someone else is using their credit card info. Have you ever saved a confirmation screenshot for an online purchase? Does it include your shipping info, full name and credit card details? This oops in security is the focus of the article.

      The I di
    • Lucky those soldiers weren't American or the FTC would be looking into the http protocol.
    • P2P is always to blame because there is a group with money ready to blame it. The finger prints are all over this.

      How could a legislative committee discover, discuss and decide to take action on a problem like this before the leading edge of the community, which is to say here, has even heard about it? Remember these guys don't even type themselves, they have people to do that. That intertube guy genuinely thought he was being insightful at the time.

      There may be other evidence. Where an when did these

  • How convenient... (Score:4, Funny)

    by jamstar7 (694492) on Tuesday October 23 2007, @12:37AM (#21081659)
    So, since the MafIAA couldn't stop all those 'illegal filesharing piratical thieves' it's now going to be a national security issue like personal encryption was back in the 90's.

    How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????

  • Great! (Score:4, Insightful)

    by LordPhantom (763327) on Tuesday October 23 2007, @12:38AM (#21081673)
    Brilliant! Bribery didn't work, so let's make it about national security. Why, precisely, is this any more dangerous than "ssh encrypted file transfers" (aka sftp), or this newfangled thing called FedEx and "paper"? Sure, because it's an information-sharing protocol you can (drum roll) share information. That, in of itself is not a heinous thing.

      • It's dangerous because file sharing applications (what they really mean) generally cause people to make information available that they didn't mean to. People don't think, and just share as much as they can for whatever reason they have.

        Just how fucking stupid do you have to be to upload your entire My Documents contents? I was using p2p apps when I was a kid (the only time I ever used them) and I still didn't manage to accidentally upload stuff. Oh wait, I forgot, these are government employees. Nevermind.

  • Your honor... (Score:4, Funny)

    by Romicron (1005939) on Tuesday October 23 2007, @12:39AM (#21081677)
    Financial information is more important data. All those numbers take up lots of tube space. Soon we'll have all those tubes clogged up with dollars and cents* unless we can cut off the P2P box from trying to get this data! *Dollars and cents are number figures, not actual coins. Please don't go digging around and cutting open the tubes for money.

  • "But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available. This has already happened several times
    There are a lot of other ways information gets around, it isn't all P2P and even if it was, that isn't their problem. The idea that you can stop information flow any more is in the realm of the insane.

  • A surprising number of searches? (Score:3, Insightful)

    by Romicron (1005939) on Tuesday October 23 2007, @12:48AM (#21081735)
    I love it when qualitiative terms are applied to quantitative data. Out of 100% of searches made, there'll be A% for porn, B% for music, C% for movies... and D% for "sensitive financial information?" What was that number? "A surprising amount." (Skimmed the article too). What number were you expecting? 0%? 0.001%? 1%? I'd like to know a) exactly what the numbers are, b) what constitutes a search for "sensitive financial information". Searching for a credit report on someone is a lot different than searching for how much money some celebrity makes.
    • What number were you expecting? 0%? 0.001%? 1%? I'd like to know a) exactly what the numbers are, b) what constitutes a search for "sensitive financial information".

      Most P-P stuff is copyright violations of photos (porn) movies (Hollywood & Porn) and sound (RIAA stuff which is mostly audio soft porn and cursing with parental advisory stull the parents won't let the kids buy) Most P-P stuff does not involve theft (unless you ask **AA who will tell you copyright violations is theft) and when ID is stol

  • What is P2P? (Score:3, Insightful)

    by Anonymous Coward on Tuesday October 23 2007, @12:53AM (#21081763)
    Isn't the entire Internet a P2P network?

  • I have to ask this... (Score:5, Insightful)

    by Storlek (860226) on Tuesday October 23 2007, @01:01AM (#21081793)
    Why are classified documents even on a computer that's connected to the internet in the first place? The government has their own separate [wikipedia.org] networks [wikipedia.org] for that stuff.
    • Every classified document is not "Top Secret" or intelligence related. I don't know about the US, but at least in Norway, a form that is filled with personal information is called "Classified", and the article specifically mentions confidential information being used for identity theft. If you work for a company that participates in bid wars, the bidding documents will be classified, and sales persons may bring that around on their laptops as they travel. They definitely should be careful, but this isn't ab
        • So people are taking documents that should be on a separate server, places it on a machine that is connected to the internet (which isn't supposed to happen) and then proceeds to share this information over a P2P network? Why is the FTC going after P2P again? Seems to me they need to evaluate the people cleared to handle these documents and the procedures and processes involved.
        • That always depends on what the article means by "confidential". I'm in the same situation - I've got clearance and have worked with the information, and when working with commercial companies it annoys people no end that they insist on the footer "private and confidential" when what they mean is "private and in confidence because it is [insert company name] proprietary".

          It's even worse when you've got an outbound mail filter that then trips over it and blocks it. It's a lower case "confidential" in the art
    • Those networks are for Secret and Top-Secret. I don't think you realise how much information out there is classified but isn't Secret+. The administrative overhead with a Secret+ document can be horrifying, you don't just want to slap it onto every document the government touches.
    • "Why are classified documents even on a computer that's connected to the internet in the first place?"

      For the field. Not every place gov't workers with clearance go to has a connection to their seperate networks.

  • p2p is too democratic, a danger to the US (Score:5, Interesting)

    by br00tus (528477) on Tuesday October 23 2007, @01:14AM (#21081847)
    I've done various work with p2p for a while, including writing my own Gnutella application. Peer to peer technology is much too democratic and egalitarian to be allowed free reign. For example, currently if I wanted to publish a 30 minute video online, I would have to pay a lot of money to host it. Nowadays, I could send it to sites like Youtube if I was willing to accept it being surrounded by advertising (or possibly banned if running afoul of their rules). With peer-to-peer, anyone can publish, and if it's popular enough, the "cost" is really paid for by the consumer. For a society like the US, with most of the media in the hands of a few conglomerates, this is far too much freedom and equality, and I knew it was just a matter of time before they attempted to get their claws on peer-to-peer, at the behest of those conglomerates.

    Last year Javed Iqbal, a satellite installer, was thrown in jail. His crime? He allowed people in the US to watch Al-Manar, the television station of Hezbollah. Of course Hezbollah is legally considered to be a terrorist group - if you're a country that is or formerly was a British colony. Or, for some reason, Holland. Outside of Holland and current/former British Dominions, the rest of the world considers Hezbollah to be what it is, a representative of Palestinians pushed into southern Lebanon by the Israelis from 1948 on. But anyhow, the US and UK are at odds with the rest of the world on this as so often they are, Iqbal was thrown in the slammer, and nary a word is heard about it or the supposed First Amendment. Meanwhile, narcissistic attention-seekers like Salman Rushdie are feted and praised year after year. In fact, this is done by the same corporate media propaganda machine which is working to dismantle things like peer-to-peer, all the while of course never reporting on what they are in fact doing, or about many things that are going on in the country of interest but that we'll never know about.

    • Wait a second... Salman Rushdie? Don't you mean Britney Spears? Or are you stuck in a parallel universe where highbrow authors rule the airwaves and pop tarts grovel for table scraps of media attention while dodging reactionary assassination attempts?

      If so, are there any vacancies?
    • P2P is being targeted because democratically allows people to share things they aren't allowed to share.

  • Chasing the wrong goat (Score:4, Insightful)

    by Camael (1048726) on Tuesday October 23 2007, @01:24AM (#21081897)
    From the original article:

    The committee has a bee in its collective bonnet about the issue of data security, and believes that P2P users across the country are inadvertently leaking private information and financial records into the tubes. Such information could be used for identity theft (and also has national security implications in some cases), and the Oversight Committee wants the FTC to do something.
    So why is the committee going after the medium (p2p) instead of the users leaking the secrets? Going by their logic, other methods of communication like email, msn, icq, snail mail etc. are also potentially capable of leaking national secrets. Isn't it simpler, cheaper and more importantly, less inconvenient to the general public to just issue a directive to all government officials not to use any p2p at their work computers or at all?
    • Because it works like this.

      Rep Dumbass(RIAA-R): Hey, Bogknock, check this bill out. It's for "Banning All P2P For Any Reason Totalitarian". Heh, I love the acronym, a real work of the Congressional art there. Do you know what a P2P is?

      Rep Bogknock(Tobacco-R): *blushes* Er, no, but I sure don't like the sound of it!

      Dumbass: So, it's fair to say that banning it wouldn't inconvenience you or anyone you care about?

      Bogknock: Nope, not a bit.

      Dumbass: Me neither, so who the hell cares? Ban it!

  • the committee noted a surprisingly number of searches for private financial information.

    Looks like the "X is bad, X ON TEH INTERNETS is worse!11!!" meme is mutating into "X ON P2P is worserer!11!!"

  • So it's again about a dangerous protocol, not a dangerous use of an application, or company policies allowing dangerous program use?

    Well, e-mail has proven to be a pretty bad thing too. With e-mail, many things that shouldn't have leaked out to the public has.

    I think things have even leaked out via HTTP. :-(
  • Don't all Windows and Linux distros by default allow offsite users remote access to a computer (with some sort of authentication needed of course) in order to help with tech support questions? If so shouldn't the government stop using Windows (and can't move to Linux for the same reason) in case someone accidentally gives someone remote access? Do Macs have this feature as well? If so they might need to resort to typewriters or at least remove access to the internet.
  • P2P has been used in video games for a long time. In fact serverless P2P MMORPGS are feasable with enough anti-hack code. The only problem stopping true P2P from becoming big is the NATS on routers everyone uses. I think once IPV6 becomes popular, there will be a whole new generation of P2P. There are two reasons IPV6 will be a boon to P2P. The first is obvious: With everyone having a unique IP, you don't need a server to get a list of IPs, you can just ping IPs yourself as if it was a phone book. Th
    • Newsflash: Nazis used trains and trucks to transport jews to their death. I haven't heard of a nationwide ban on trains or trucks. I don't believe people would support such a ban either.

      Just because the Nazis used something doesn't mean its evil.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.