Do you feel safe online? Keep yourself up-to-date with online security and PC performance with the ParetoLogic Online Safety and ParetoLogic Performance Solutions. These monthly publications, delivered by email, are chockfull of interesting news stories, tips for protecting yourself online, ways to make your PC faster and more stable, and product information.
Sign up now for free.
Want to get up to speed and be more secure? Past editions of the ParetoLogic Online Safety and ParetoLogic Performance Solutions email newsletters are filled with interesting stories and great tips to enhance your computing experience and improve your PC's performance and optimization. Now you can check out past issues through our archives and never miss another edition!
Users of peer-to-peer (P2P) applications might unknowingly be sharing a lot more than just their favourite tunes. Recent studies have shown that confidential information such as financial data, heath records, tax returns and Social Security numbers can be found by using P2P programs.
"If you are not careful in how you set it up, you can wind up sharing your whole hard drive," ParetoLogic security analyst Jean Taggart said.
The member of ParetoLogic's Spyware Analysis Team indicated that the risks now associated with P2P networks might outweigh the benefits of using them. Some analysts believe these networks could be largest distributor of malware this year. "I don't recommend using P2P anymore," Taggart said, "...the repository of information and programs that are there has too great a chance to be poisoned."
As well, there is the issue of copyrighted material being illegally distributed. The International Registry of Artists and Artwork (IRAA) has taken action against a number of people caught sharing music files. In July of 2009, a jury directed Boston grad student Joel Tenenbaum to pay $675,000 to music companies for downloading 30 songs. In Minnesota, a ruling ordered Jammie Thomas-Rasset to pay $1.92 million for sharing 24 songs. This amount was reduced in January of 2010 to $54,000.
What P2P networks carry
Peer-to-peer generally refers to a type of Internet network where a group of users connect to each other via an application that allows them to access files on their hard drives. Napster was one of the first popular P2P programs. It has since be usurped in popularity by LimeWire, BearShare, KaZaa, eMule,and others.
At the 2010 ShmooCon security conference, researchers Larry Pesce and Mick Douglas explained how they searched various peer-to-peer networks using simple terms like "doctor," "heath," "password" and so on. As well as malware, music and pornography, they discovered some interesting files whose owners are likely unaware they are available. For example, according to a Feb. 7 Computerworld.com article, they found:
- The 2008 Cheerleading World event schedule, which listed such information as the participants' names, flight and bus schedules and hotel room locations
- A completed Turbo Tax form with all of the personal information filled in
- Someone's last will and testament
- Driver's licenses and passports
Researchers at the University of Ottawa's Electronic Health Information Library conducted a similar study. According to a March 16 TechNewsDaily article, they focused on such search terms as "medical records" or "credit card."
They found that less than one per cent of P2P accessible files in the U.S. contained personal health information and just less than five per cent had financial data. While these numbers seem low, lead author Khaled El Eman was quoted as saying that this can translate into tens of thousands of computers at risk.
"There are around 250 known P2P file-sharing programs," he was quoted as saying. "And they vary in their badness. Some of them are known to automatically share everything on your machine without informing you what it's sharing. Some of them are better behaved."
How to protect yourself
To stop information thieves from raiding your hard drive from afar, you should follow some basic guidelines if you choose to share files. Taggart said that when you set up the better file sharing programs there is a dialogue asking you what you want to share. It is important to make your choices carefully.
On its website, the U.S.'s Federal Trade Commission (FTC) has a guide for file sharing security for businesses. The same principles can be helpful for personal computer users. They include:
- Delete sensitive information you don't need.
- If possible, don't store sensitive or confidential information on a computer used for file sharing.
- Name files so that they don't easily disclose what's inside. For example, avoid "tax" and "medical."
- If you share your computer, check to see that all P2P programs are configured so that they are not allowing the sharing of your sensitive information.
- Make sure everyone who uses the computer is aware of the risks of file sharing programs.
Each month ParetoLogic features one of its sophisticated powerful software products for you to try and enjoy!
To learn more about this month's featured product, click on the buttons below; they will allow you to download the product, explain how to download the product or let you view an informative video about this exciting solution.