FTC To Take a Second Look at P2P

BlueMerle writes to mention that the House Committee on Oversight and Government Reform has asked the FTC to take another look into the world of peer-to-peer file sharing. This time around however the inquiry has nothing to do with copyright. "But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available. This has already happened several times, as the Oversight Committee learned in July when it held hearings on the USPTO report and its findings. At that hearing, representatives were also shown real-time P2P search data. While most of the searches were for porn, movies, and music, the committee noted a surprisingly number of searches for private financial information."

Just wonderful.

[adolf]

Now, instead of RIAA, I have to worry about the Secret Service and the NSA when I'm browsing pirate bay looking for some mus

*bright flash of concussion grenade*

$#(FRe2%DEK#NO CARRIER

Re:Just wonderful.

[Technician]

Now, instead of RIAA, I have to worry about the Secret Service and the NSA when I'm browsing pirate bay looking for some mus

Your search for muscle building is probably not going to raise any eyebrows. The fact you are sharing your entire My Documents folder with your Turbo Tax records is of a bigger concern. Go to any P-P site and do a search for common applications extensions. .doc, .xls, .ppt, are just the tip of the iceberg. Try searching for .pwl.. enjoy.

Many people just don't get the fact they shouldn't use their home directory as a place to download their goodies. It is what they share without even knowing is what is dangerous.

Here is a WSJ article detailing the problem..
http://online.wsj.com/public/article/SB118134946950829716-QWDmBwH_qAgisaepbCCMoT_4cPA_20070710.html?mod=fpa_editors_picks [wsj.com]
Compuerworld article;
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9012961 [computerworld.com]
and an article regarding an ID theft and arrest
http://www.smh.com.au/news/security/man-used-filesharing-program-to-steal-data-money/2007/09/07/1188783469524.html [smh.com.au]

They are not interested in your searches for marginal photos. They are interested in the security leaks.

So just where are you pointing your downloads? Just what are you making available?

Re:

[Ash Vince]

Many people just don't get the fact they shouldn't use their home directory as a place to download their goodies. It is what they share without even knowing is what is dangerous.

Then when they lose all their money to identity theft and starve it can be treated as clear cut case of Darwin Laws in action and we post it slashdot as positive confirmation of the theory of evolution.

Anyone that stupid should not be using the internet.

Re:

[Technician]

Anyone that stupid should not be using the internet.

True, but they do. As an example of a large collection of these people, visit My Space.

Re:

[Xichekolas]

Anyone that stupid should not be using the internet.

Maybe you missed out on the 90s, so I'll recap it in three letters for you:

AOL

Re:

[MrNiceguy_KS]

Old method for getting free music via the internet:
1. Download and install LimeWire
2. Search for desired artist/song.
3. Download songs that others are sharing.

New method for getting free music via the internet:
1. Download and install LimeWire
2. Search for Quicken and TurboTax files that others are sharing.
3. Transfer their assets to bank account in Cayman Islands.
4. Use money in said account to buy CDs.

Just one extra step, and no angry settlement letters from the RIAA!

Re:Just wonderful.

[bombastinator]

While Technician makes a very valid point, I suspect a major impetus for this is going to turn out to be RIAA lobbying. After all it's OK to be a bastard as long as it's a matter of national security.

IMHO the P2P developer groups are going to have to get off their butts right fast and do some kind of patch to fix this hole, Such as an auto folder creation, or major pop warnings or something, or they are going to find themselves legislated out of existence.

And I do mean really really fast. There is a major attitude about foreign military and industrial espionage. This is the kind of legislation that has legs. It's got both fear and money on it.

Re:

[cayenne8]

"While Technician makes a very valid point, I suspect a major impetus for this is going to turn out to be RIAA lobbying. After all it's OK to be a bastard as long as it's a matter of national security.

There is a major attitude about foreign military and industrial espionage. This is the kind of legislation that has legs. It's got both fear and money on it."

Yup...if copyright won't get rid of P2P or other potentially corporate threatening technology, lets use the good old standby of 'national security'.

I

Re:

[bombastinator]

True, but there's truth and then there is marketing. Remember there are well funded organizations who want to end file sharing. It doesn't have to actually be true it merely has to be a truthy excuse.

Off hand I would ignorantly guess that it at least needs to be made clear that anyone who manages to get their stuff shared unintentionally is a giant idiot. Traditional liability requires a gate lock equivelant, which in this case would be a default setting that did not allow main directory sharing, with a wa

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Mister Whirly]

"Try searching for .pwl.. enjoy."

Why would I care about a Windows 95/98 password file? You can have full access to either OS without it.

Re:My Bad

[Technician]

when you are using bittorrent though, you aren't setting a shared directory- you have to upload the torrent that you want to share- how is this any more non-secure than accidentally uploading your my documents to an ftp or a web host?

My bad. I used torrents as just an example of P-P. The article was more specific mentioning Limewire.

Clip from the artice....
"Gregory Thomas Kopiloff primarily used Limewire's file-sharing program to troll other people's computers for financial information, which he used to o

I may not be a bureaucrat ...

[Arabani]

But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?

Re:I may not be a bureaucrat ...

[adolf]

A better answer would be to stop giving everyone personal computers if they're not supposed to be, well, personalizing them.

Not to be too fucking obvious, here.

Re:

[hackstraw]

A better answer would be to stop giving everyone personal computers if they're not supposed to be, well, personalizing them.

Not to be too fucking obvious, here.

How about using deductive reasoning instead of putting the finger in the dike?

I mean, its already illegal to share illegal stuff illegally. Why focus on p2p? This kind of information could be spread via email, snail mail, http, ftp, newsgroups, pencil and paper, smoke signals, telephone, telegraph, stenography, steganography, etc, etc, etc.

I can't

Re:

[speaker of the truth]

There are alternatives to what are commonly known as PCs. One alternative is to have a dumb terminal (I'm sure they've got a much more flashier name these days, but they're the same thing). You can't install your own software on those.

Re:

[jhfry]

Try "Thin Clients"

Re:I may not be a bureaucrat ...

[MoonFog]

And teach them that, even at home, sharing the entire "My Documents" folder when you keep your private and work related stuff there is a bad idea. I mean, most P2P programs I know of don't just make your entire harddrive available, you actually have to put these documents up for grabs.

Re:

[cayenne8]

"And teach them that, even at home, sharing the entire "My Documents" folder when you keep your private and work related stuff there is a bad idea. I mean, most P2P programs I know of don't just make your entire harddrive available, you actually have to put these documents up for grabs."

What is this "My Documents" folder you speak of......I have no such folder on my systems...

:-)

Re:

[MadUndergrad]

Or you could teach them to use your work computer only for work, whether or not it's at home. My dad, a DoD employee, rarely lets me touch his work laptop even for as much as a google search, much less installing anything! That with me being in my 20's, and extremely well-versed in how-not-to-get-screwed when using a computer. If more people were so careful with their machines these problems wouldn't be so prevalent.

Re:I may not be a bureaucrat ...

[cybereal]

But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?

I'm sorry. You forgot to file form 23-B "Request for request to criticize" and amendment form 27-B-A2 "Amendment to criticism for system specific criticisms involving apes, lepers, or government employees," and submit it the resulting form along with a notarized copy of your mother's birth certificate request form, so I have the unfortunate duty to file a form to request the manual to instruct my assistant on how to file the request to have your bureaucrat grade demoted.

Remember to file the acceptance forms or risk a lengthy repeat of this entire process!

Stamp stamp stamp stamp stamp

Re:I may not be a bureaucrat ...

[speaker of the truth]

You think you're joking but how is needing a permit to protest much different?

Re:

[me at werk]

If only so many apps the gov bought weren't so crappy and didn't require the user to be administrator for them to run I speak from experience too :(

Re:

[Midnight Thunder]

But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?

The argument they are using is pure hockus. They say P2P is an issue because a number of the searches are for private and confidential information. This sort of argument can also be applied to search engines such as Google or anything else on the internet. There is also a big difference between s

Supportive idea

[Thomas Shaddack]

Put a file with certain name string into the documents directory of every computer at risk, at install time. Make it read-only. Periodically and frequently search P2P networks for that file name. Matches automatically identify a computer at risk. File can contain a substring identifying the owner of the computer, to automatically send him a warning.

Blanket bans are difficult to enforce. Such early warning will instead shrink the window of opportunity for the adversaries.

Could be even sold as a commercial

Re:

[sjames]

If government employees have really become that blindingly stupid just remove all of the obvious lawyer mandated warning labels from everything in government offices and let Darwin take it's course. Think of the money we'll save on pensions and paychecks!

More seriously, if an office that handles sensitive documents can't be staffed with people who will exercise rasonable care, it's an HR problem, not a p2p problem. Take away p2p and the only leaks left will be leaving folders in the restaurant, trading pa

Encryption

[elucido]

Shouldn't that information be encrypted? If it isn't readable, downloading it from p2p wont help much unless hackers have a super computer built up of zombie machines to crack it.

Re:

[smilindog2000]

Generally, sensitive government information is already physically shielded from the Internet - they simply don't connect their computers to it. I have some friends who don't even feel comfortable telling me what their wives' jobs are, and I doubt it's anything really cool that deserves to be secret. As far as I can tell, government security is working quite well. Heck, I can't even find anyone who wants to talk about that secret hypersonic plane I'm pretty sure we built. You'd think there'd be be nothin

Why is P2P always to blame?

[MoonFog]

But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available.

How is this even remotely related to any P2P protocol? That's an issue no matter what protocol used. Hell, in Norway there have been lots of screaming because some soldiers have put information and pictures that were confidential in one way or the other up on Facebook. Making confidential information available is a breach of security no matter what protocol you use to distribute it. Perhaps things get distributed more with P2P, but you still have to look for information and download before (while) you distribute it yourself.

Re:Why is P2P always to blame?

[iminplaya]

It's about changing the internet from its present P2P nature where anybody can run a server into centrally controlled repository of "authorized" servers where uploading, like present day broadcasting, will require a license. Chances are the public will fall for it and go along. And the ISPs are already doing their part by restricting upload speeds and volume.

Re:

[Storlek]

And then, we will see the rise of pirate websites, just like how there are pirate radio stations now.

You could go a step further and conceive a world in which not only servers, but even things we take for granted, such as a hard drive or DVD-R disc, would be regulated. Admittedly, this is a highly extreme case, but considering there's already a trend toward making web applications for everything, it wouldn't be too difficult to convince the less technically apt people that they don't need a "real" computer

Re:

[jamstar7]

They already license tvs and radios in Europe, from what I've been told.

Licensing a car, I can see. You're driving it on the road and could possibly run over somebody, so it's in the public interest you have some minimal level of skill to drive it, say, eyesight. But licensing a tv, radio, or computer? How many times they want you to pay for it?

Re:

[Agripa]

You could go a step further and conceive a world in which not only servers, but even things we take for granted, such as a hard drive or DVD-R disc, would be regulated.

Mike said, "First thing you need is Social Security and driver's license."
Gordon looked puzzled. "Driver license? For what, mass driver? Disk drive?"

http://www.baen.com/library/067172052X/067172052X.htm [baen.com]

I'd go further than that...

[Cheesey]

...and suggest that to even connect to the Internet as a client in the future, you'll need a licence and an approved software stack. The licence will be in the form of an officially endorsed key pair, and your OS will (1) sign all your outgoing packets with this key pair, and (2) respond to remote attestation requests about the software running on your machine. You'll be able to opt out of this, of course, but if you do, you can't connect to the Internet, because routers at your ISP will refuse to carry tra

Re:

[Technician]

Making confidential information available is a breach of security no matter what protocol you use to distribute it.

Many people simply don't read the manual. They go "Oh, goody, freebies" and point the software at their My Documents folder. Later they wonder why someone else is using their credit card info. Have you ever saved a confirmation screenshot for an online purchase? Does it include your shipping info, full name and credit card details? This oops in security is the focus of the article.

The I di

Re:

[speaker of the truth]

Lucky those soldiers weren't American or the FTC would be looking into the http protocol.

Why is P2P always to blame? Answer:

[bombastinator]

P2P is always to blame because there is a group with money ready to blame it. The finger prints are all over this.

How could a legislative committee discover, discuss and decide to take action on a problem like this before the leading edge of the community, which is to say here, has even heard about it? Remember these guys don't even type themselves, they have people to do that. That intertube guy genuinely thought he was being insightful at the time.

There may be other evidence. Where an when did these

Re:

[nine-times]

How is this even remotely related to any P2P protocol?

That's what I came in here to say. It's not about P2P protocols. If you share your home directory with P2P apps, yeah, it's a security problem-- but then again it's a security problem if you set up an FTP server and give access to your home directory without a password. It's not about the protocol.

However, the article seems to indicate that what they're talking about is not regulating the protocol, but regulating the software vendors who sell P2P a

How convenient...

[jamstar7]

So, since the MafIAA couldn't stop all those 'illegal filesharing piratical thieves' it's now going to be a national security issue like personal encryption was back in the 90's.

How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????

Re:How convenient... Maybe it is...

[PetriBORG]

How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????

Maybe it is and you just didn't notice - its probably hiding somewhere in the mature section. ;-)

Re:

[dkf]

How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????

You want pictures of Larry Craig?

Great!

[LordPhantom]

Brilliant! Bribery didn't work, so let's make it about national security. Why, precisely, is this any more dangerous than "ssh encrypted file transfers" (aka sftp), or this newfangled thing called FedEx and "paper"? Sure, because it's an information-sharing protocol you can (drum roll) share information. That, in of itself is not a heinous thing.

Re:

[speaker of the truth]

It's dangerous because file sharing applications (what they really mean) generally cause people to make information available that they didn't mean to. People don't think, and just share as much as they can for whatever reason they have.

Just how fucking stupid do you have to be to upload your entire My Documents contents? I was using p2p apps when I was a kid (the only time I ever used them) and I still didn't manage to accidentally upload stuff. Oh wait, I forgot, these are government employees. Nevermind.

Your honor...

[Romicron]

Financial information is more important data. All those numbers take up lots of tube space. Soon we'll have all those tubes clogged up with dollars and cents* unless we can cut off the P2P box from trying to get this data! *Dollars and cents are number figures, not actual coins. Please don't go digging around and cutting open the tubes for money.

Re:

[Red Flayer]

Please don't go digging around and cutting open the tubes for money.

To a certain extent, this may be a self-correcting problem [techdirt.com].

they know better than this surely

[wizardforce]

"But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available. This has already happened several times

There are a lot of other ways information gets around, it isn't all P2P and even if it was, that isn't their problem. The idea that you can stop information flow any more is in the realm of the insane.

It's definitely financial information...

[Professr3]

Definitely. It's not government secrets, or embarrassing facts about the war on terror...

A surprising number of searches?

[Romicron]

I love it when qualitiative terms are applied to quantitative data. Out of 100% of searches made, there'll be A% for porn, B% for music, C% for movies... and D% for "sensitive financial information?" What was that number? "A surprising amount." (Skimmed the article too). What number were you expecting? 0%? 0.001%? 1%? I'd like to know a) exactly what the numbers are, b) what constitutes a search for "sensitive financial information". Searching for a credit report on someone is a lot different than searching for how much money some celebrity makes.

Re:

[Technician]

What number were you expecting? 0%? 0.001%? 1%? I'd like to know a) exactly what the numbers are, b) what constitutes a search for "sensitive financial information".

Most P-P stuff is copyright violations of photos (porn) movies (Hollywood & Porn) and sound (RIAA stuff which is mostly audio soft porn and cursing with parental advisory stull the parents won't let the kids buy) Most P-P stuff does not involve theft (unless you ask **AA who will tell you copyright violations is theft) and when ID is stol

What is P2P?

[Anonymous Coward]

Isn't the entire Internet a P2P network?

Re:

[Cassius Corodes]

Its not a truck, its a series of tubes.

Re:

[ScrewMaster]

The GP's point is still valid, it just that the Internet is a T-2-T (Tube-to-Tube) network.

I have to ask this...

[Storlek]

Why are classified documents even on a computer that's connected to the internet in the first place? The government has their own separate [wikipedia.org] networks [wikipedia.org] for that stuff.

Re:

[MoonFog]

Every classified document is not "Top Secret" or intelligence related. I don't know about the US, but at least in Norway, a form that is filled with personal information is called "Classified", and the article specifically mentions confidential information being used for identity theft. If you work for a company that participates in bid wars, the bidding documents will be classified, and sales persons may bring that around on their laptops as they travel. They definitely should be careful, but this isn't ab

Re:

[Storlek]

Ah yes, but by the official US government definition, anything that "does damage" or is otherwise "prejudicial to state security" should be classified at a minimum of Confidential, and precautions are supposed to be taken to ensure those documents are handled completely on separate networks which don't even touch internet-connected computers at all.

(Full disclosure warranted, I do have a clearance, and knowing about this kind of stuff is a part of my job.)

Re:

[MoonFog]

So people are taking documents that should be on a separate server, places it on a machine that is connected to the internet (which isn't supposed to happen) and then proceeds to share this information over a P2P network? Why is the FTC going after P2P again? Seems to me they need to evaluate the people cleared to handle these documents and the procedures and processes involved.

Re:

[erlenic]

So people are taking documents that should be on a separate server, places it on a machine that is connected to the internet (which isn't supposed to happen)...

You'd think people would know better. Unfortunately...

...and then proceeds to share this information over a P2P network?

I've seen exactly the situation this article talks about, on a military computer. Luckily the only thing shared was pamphlets about military health benefits.

Re:

[IBBoard]

That always depends on what the article means by "confidential". I'm in the same situation - I've got clearance and have worked with the information, and when working with commercial companies it annoys people no end that they insist on the footer "private and confidential" when what they mean is "private and in confidence because it is [insert company name] proprietary".

It's even worse when you've got an outbound mail filter that then trips over it and blocks it. It's a lower case "confidential" in the art

Re:

[TeraCo]

Those networks are for Secret and Top-Secret. I don't think you realise how much information out there is classified but isn't Secret+. The administrative overhead with a Secret+ document can be horrifying, you don't just want to slap it onto every document the government touches.

Re:

[MobileTatsu-NJG]

"Why are classified documents even on a computer that's connected to the internet in the first place?"

For the field. Not every place gov't workers with clearance go to has a connection to their seperate networks.

Re:

[wronskyMan]

No! Having a secret-rated laptop connected to the public network could be grounds for losing your clearance or worse. There are specific devices/setups (basically certified portable VPN-type stuff) available if remote SIPRNET drops are needed (google TACLANE).

Re:

[elrous0]

This isn't about protecting data. It's about stopping whistleblowers who leak stuff like the existence of secret U.S. prisons, NSA illegal wiretapping, torturing of prisoners, etc. This isn't about national security, it's about covering up embarrassing or illegal activities by the Bush Administration.

p2p is too democratic, a danger to the US

[br00tus]

I've done various work with p2p for a while, including writing my own Gnutella application. Peer to peer technology is much too democratic and egalitarian to be allowed free reign. For example, currently if I wanted to publish a 30 minute video online, I would have to pay a lot of money to host it. Nowadays, I could send it to sites like Youtube if I was willing to accept it being surrounded by advertising (or possibly banned if running afoul of their rules). With peer-to-peer, anyone can publish, and if it's popular enough, the "cost" is really paid for by the consumer. For a society like the US, with most of the media in the hands of a few conglomerates, this is far too much freedom and equality, and I knew it was just a matter of time before they attempted to get their claws on peer-to-peer, at the behest of those conglomerates.

Last year Javed Iqbal, a satellite installer, was thrown in jail. His crime? He allowed people in the US to watch Al-Manar, the television station of Hezbollah. Of course Hezbollah is legally considered to be a terrorist group - if you're a country that is or formerly was a British colony. Or, for some reason, Holland. Outside of Holland and current/former British Dominions, the rest of the world considers Hezbollah to be what it is, a representative of Palestinians pushed into southern Lebanon by the Israelis from 1948 on. But anyhow, the US and UK are at odds with the rest of the world on this as so often they are, Iqbal was thrown in the slammer, and nary a word is heard about it or the supposed First Amendment. Meanwhile, narcissistic attention-seekers like Salman Rushdie are feted and praised year after year. In fact, this is done by the same corporate media propaganda machine which is working to dismantle things like peer-to-peer, all the while of course never reporting on what they are in fact doing, or about many things that are going on in the country of interest but that we'll never know about.

Re:

[adminstring]

Wait a second... Salman Rushdie? Don't you mean Britney Spears? Or are you stuck in a parallel universe where highbrow authors rule the airwaves and pop tarts grovel for table scraps of media attention while dodging reactionary assassination attempts?

If so, are there any vacancies?

I call strawman

[TheVelvetFlamebait]

P2P is being targeted because democratically allows people to share things they aren't allowed to share.

Re:

[foniksonik]

I'll take the bait. Once a group has been classified as a terror group, due to active hostile activities, they get the treatment warranted by that classification, regardless of any other activities they may want to pursue. If Hezbollah wants to be a political group that gets respect by other political entities, they need to act as one and stop funding violence, stop passing out munitions to their members.

If their goals were to raise up their people and gain them the respect from the world they deserve, they

Not violence

[Tony]

If their goals were to raise up their people and gain them the respect from the world they deserve, they would do so by treaty and negotiation not violence.

Jeez. If only the US would do that.

Re:

[foniksonik]

The US does do that, we're doing it right now with Turkey, the Kurdish group and Iraq. We're doing it with North Korea. We've been doing it with Russia, China the whole European Union, with Canada with Mexico, with the entire rest of the world.... for the last 50 years. Imagine if the US didn't use treaty and negotiation. The entire world would be a freakin warzone.

Re:

[foniksonik]

Iraq is a whole different beast of a situation. I don't agree with everything that has happened with Iraq, I don't agree with the official reason we invaded, I do agree that Saddam was due to be deposed regardless of WMD status... he was arbitrarily oppressing 75% of the population there and something needed to be done about it. The resulting power struggle over whom would be in charge and the infiltration by Al Quaeda troublemakers was handled poorly.

The US and allies should have pre-negotiated various agr

Re:

[operagost]

So suicide bombing is no longer considered a terrorist act? How about having a manifesto that reads, "From the inception of Hezbollah to the present the elimination of the State of Israel has been one of Hezbollah's primary goals," and "our struggle will end only when this entity is obliterated."?

Re:

[br00tus]

You are correct that the Palestinians are predominately Sunni, and that Hezbollah are mostly Shia currently in Southern Lebanon, and that Hezbollah has Christian members. You are incorrect to say they are not Palestinians though - one tenth of Lebanon's population is comprised of Palestinian refugees, and they comprise a large percentage of Hezbollah's membership.

Chasing the wrong goat

[Camael]

From the original article:

The committee has a bee in its collective bonnet about the issue of data security, and believes that P2P users across the country are inadvertently leaking private information and financial records into the tubes. Such information could be used for identity theft (and also has national security implications in some cases), and the Oversight Committee wants the FTC to do something.

So why is the committee going after the medium (p2p) instead of the users leaking the secrets? Going by their logic, other methods of communication like email, msn, icq, snail mail etc. are also potentially capable of leaking national secrets. Isn't it simpler, cheaper and more importantly, less inconvenient to the general public to just issue a directive to all government officials not to use any p2p at their work computers or at all?

Re:

[aeschenkarnos]

Because it works like this.

Rep Dumbass(RIAA-R): Hey, Bogknock, check this bill out. It's for "Banning All P2P For Any Reason Totalitarian". Heh, I love the acronym, a real work of the Congressional art there. Do you know what a P2P is?

Rep Bogknock(Tobacco-R): *blushes* Er, no, but I sure don't like the sound of it!

Dumbass: So, it's fair to say that banning it wouldn't inconvenience you or anyone you care about?

Bogknock: Nope, not a bit.

Dumbass: Me neither, so who the hell cares? Ban it!

Re:

[ScaryMonkey]

other methods of communication like email, msn, icq, snail mail etc. are also potentially capable of leaking national secrets.

I agree completely, and I think its high time we limit government bureaucrats' access to these potentially damaging technologies. To this end, we should isolate them in in a sealed room without any outside access. Futhermore, since communication is possible via sound waves that travel across air, we should take the precaution of pumping all the air out of these rooms, thus ensuring our national secrets are inviolably safe.

Re:

[Deliveranc3]

Um, just about anything is easier then getting G.W.B. to not fuck up.

Re:

[nine-times]

So why is the committee going after the medium (p2p) instead of the users leaking the secrets?

If you re-read the quote you just quoted, you'll see that they're largely (or at least partially) concerned with normal citizens having their information leaked inadvertently, and therefore exposing themselves to identity theft. The article says that, because of this, they are discussing some regulation of P2P software vendors to ensure that each vendor makes it clear what is being shared in their P2P applicatio

Also ban HTTP, email and touch-tone, pls.

[xigxag]

the committee noted a surprisingly number of searches for private financial information.

Looks like the "X is bad, X ON TEH INTERNETS is worse!11!!" meme is mutating into "X ON P2P is worserer!11!!"

The protocol, not the application usage?

[Jugalator]

So it's again about a dangerous protocol, not a dangerous use of an application, or company policies allowing dangerous program use?

Well, e-mail has proven to be a pretty bad thing too. With e-mail, many things that shouldn't have leaked out to the public has.

I think things have even leaked out via HTTP. :-(

Re:

[marcosdumay]

Please, don't stop there. We should lobby to the abolishment of paper and pencils.

Remote Access

[speaker of the truth]

Don't all Windows and Linux distros by default allow offsite users remote access to a computer (with some sort of authentication needed of course) in order to help with tech support questions? If so shouldn't the government stop using Windows (and can't move to Linux for the same reason) in case someone accidentally gives someone remote access? Do Macs have this feature as well? If so they might need to resort to typewriters or at least remove access to the internet.

Re:

[dave420]

Windows machines can have that disabled by the active directory in a couple of clicks. As for Macs and Linuxesesses I don't know.

Re:

[speaker of the truth]

You can also disable p2p in a couple of clicks. In fact it takes clicks to install p2p in the first place.

Re:

[MyDixieWrecked]

Don't all Windows and Linux distros by default allow offsite users remote access to a computer (with some sort of authentication needed of course) in order to help with tech support questions?

AFAIK, with windows, the user has to specifically request a help session. If you want to be able to connect remotely to a windows box without the request, you've got to check the box enabling RDP (the Remote Desktop Protocol).

The mac has all remote services turned off by default except for Bonjour (automatic service d

Is it going to ban P2P video games too?

[CrazyJim1]

P2P has been used in video games for a long time. In fact serverless P2P MMORPGS are feasable with enough anti-hack code. The only problem stopping true P2P from becoming big is the NATS on routers everyone uses. I think once IPV6 becomes popular, there will be a whole new generation of P2P. There are two reasons IPV6 will be a boon to P2P. The first is obvious: With everyone having a unique IP, you don't need a server to get a list of IPs, you can just ping IPs yourself as if it was a phone book. Th

That's a mighty big phonebook

[Nursie]

It's 128 bit address space. That means there are 2x10^38 addresses. You might be pinging for a while before you find anything.

ok, it is surely a problem, but why the USPTO?

[someone1234]

Please enlighten me, why is this a concern of the patent office?
They should rather care about fixing their patent approval process.

How you use the data...

[Chapter80]

Interesting that this is a USPTO issue (Patent Office).

I think more frightening is how one can use the data, once it's "discovered" on a P2P network.

Imagine if there were a company with a collection of what people are searching for, generally, plus patent-specific searches. [google.com] And imagine that company, while professing that they will do no evil, notices that there's a whole lot of patent searches coming from a certain domain or IP-address (say a competitor like Microsoft) for some technology key words.

Wh

Will somebody please

[Rob T Firefly]

think of the children^H^H^H child-like civil servants?

On a slightly related and marginally entertaining note, in 2002 I lashed together an experimental poem made up of nothing but bits of personal data people were sharing over Kazaa. It's still available near the bottom of this lovable old zine issue. [phonelosers.net]

ARGH.

[glindsey]

That does it. Let's outlaw conversation. Seriously. It's basically the original "peer to peer" method of communication, right?

From now on, nobody is allowed to communicate with anybody except for specially designated "servers". These "servers" must relay all messages from one person to another, vetting the communication to make sure there is nothing illegal, immoral, obscene, libelous, traitorous, unpatriotic, or just plain questionable about it.

It's for our own safety, dammit.

"...a surprisingly number of searches..."

[RiffRafff]

What does that mean?

Just another angle...

[moxley]

So there's a small minority of users on P2P searching for financial information (private or otherwise). How does this make P2P any different from Google or the rest of the internet?

I am suspicious of this; it seems to me like part of the this ongoing decentralized campaign: "The Internet is a DANGEROUS place." (Dangerous for children; dangerous for you and your banking/personal information, dangerous to the entertainment conglomerates)..
I have seen over the past few years; which has especially intensified l

Let's solve the REAL problem

[octaene]

The problem here isn't that dumb Government users running their computers as Administrator/root have installed P2P software and indexed their entire unencrypted disks for searching.

The problem is that the Government can't get their shit together enough to enforce a security policy that won't let those users do this kind of thing.

If P2P is illegal. . .

[krunk7]

This is the old cart and horse problem their going after and should serve as some heavy food for thought for any of those that don't understand the importance of privacy and fall back onto the "if you don't have anything to hide" tripe.

If P2P is illegal, only criminals will use P2P. The line between criminal and law abiding citizen is only a congress away.

I think a little Thoreaux quote is rather apropos:

"Under a government which imprisons any unjustly, he true place for a just man is also a prison."

Took them long enough

[nurb432]

I was wondering when they would swtich to ' we are losing money ...wahhh...' to ' only terrorists use P2p '.

Stupidity

[Anon-Admin]

So we need laws to protect the idiots from sharing there private data? Man, what are we coming to?

I have an idea, how about we get rid of the credit reporting system. Each person is given credit based on there references and the history they provide. This way we remove the incentive for identity theft.

FTC to take a look at TCP/IP, HTTP and SIP

[skintigh2]

Seriously, where does this road lead?

The REAL plea to end p2p

[keraneuology]

Copyright concerns won't kill p2p. Trade secret concerns won't kill p2p. National security concerns probably won't kill p2p. Only one place left to go.... Won't somebody please think of the children?

(Bah... if only I could embed a .wav file into my /. post at least attach one...)

So...

[rrohbeck]

how are they going to regulate open source, serverless P2P systems?

Yea like letting lose with SS Information...

[N3WBI3]

"P2P installs could adversely affect national security when they made confidential government information available." -- Oh wait, that was someone leaving a laptop around.. Speaking of which if the people running government IT shops did their job users would (a) not be able to install P2P software and (b) not be able to send traffic over the commonly used P2P ports..

Re:

[speaker of the truth]

Newsflash: Nazis used trains and trucks to transport jews to their death. I haven't heard of a nationwide ban on trains or trucks. I don't believe people would support such a ban either.

Just because the Nazis used something doesn't mean its evil.