Return-Path: <sentto-279987-4320-1011211618-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 16 Jan 2002 12:10:08 -0800 (PST) Received: (qmail 12314 invoked by uid 510); 16 Jan 2002 20:07:06 -0000 Received: from n4.groups.yahoo.com (216.115.96.54) by all.net with SMTP; 16 Jan 2002 20:07:06 -0000 X-eGroups-Return: sentto-279987-4320-1011211618-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.163] by n4.groups.yahoo.com with NNFMP; 16 Jan 2002 20:06:58 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_3); 16 Jan 2002 20:06:58 -0000 Received: (qmail 89218 invoked from network); 16 Jan 2002 20:06:58 -0000 Received: from unknown (216.115.97.167) by m9.grp.snv.yahoo.com with QMQP; 16 Jan 2002 20:06:58 -0000 Received: from unknown (HELO red.all.net) (12.232.72.98) by mta1.grp.snv.yahoo.com with SMTP; 16 Jan 2002 20:06:57 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g0GK8AS29538 for iwar@onelist.com; Wed, 16 Jan 2002 12:08:10 -0800 Message-Id: <200201162008.g0GK8AS29538@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 16 Jan 2002 12:08:10 -0800 (PST) Subject: [iwar] [fc:Is.your.computer.inviting.voyeurs?.Embarrassing,.private.text.files.find.their.way.onto.the.Net] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Is your computer inviting voyeurs? Embarrassing, private text files find their way onto the Net By Bob Sullivan, MSNBC, 1/15/2002 <a href="http://www.msnbc.com/news/686184.asp">http://www.msnbc.com/news/686184.asp> Jan. 14 - There it was, just sitting out there on the Internet, for all to see. "The keys to the condo are located in a lock box mounted on the wall outside the entry door. The combination is 0-8-3-6." The recipient of the instructions, Catalina, is only weeks away from a long-awaited vacation at a ski resort, but she had no idea that her computer was telling the world where she was going, when she would be there, and how to break into her rental condo until MSNBC.com contacted her. WHEN YOU LEAVE for vacation, you certainly don't want the world to know when and where you are going. But that's one of the unintended consequences of file-sharing programs with names like Gnotella and BearShare. The programs are essentially software front-ends to a file-sharing system known as Gnutella - it's not quite heir to the Napster throne, but a place where plenty of free, illegal music swapping still goes on. But music isn't the only thing being shared. Videos, audio files, even text documents and spreadsheets can be swapped - and often are, by accident. It's akin to taking the Microsoft Windows "My Documents" folder and placing it out on the Internet for all to see. Monte Phillips, retired hobbyist and former Air Force radar technician, has made himself into a one-man posse who hunts down such recklessly broadcast information and warns potential victims. He passed Catalina's condo reservation confirmation letter to MSNBC.com. But Phillips has seen much worse in his surfing. He regularly spots personal letters and memos, files containing various usernames and passwords, Word documents containing bank account numbers with PIN numbers. Once he learned about intense negotiations taking place between a small Canadian firm and a major U.S. energy company. Compromised business documents can't compare to the government information he says he's spotted, however. Among them, over 200 case files and private correspondence from a Texas district attorney's office, files from a computer at an Army base in Korea, even background check files generated soon after Sept. 11 on a person of Arab descent living in the United States from what appeared to be an federal investigator's computer. "Everyone worries about sophisticated hackers, but people don't realize that the threat is themselves," Phillips said. "They haven't got a clue about the technology they are using, and don't stop and think what it is they are leaving about." Monte Phillips has found all kinds of embarassing and revealing documents using file swapping service Gnotella. Often, Phillips will find a phone number attached to the documents he finds, so he calls up the "victim." He's not completely comfortable digging through the information but figures it's the equivalent of opening a wallet to find out whom to return it to. After the initial shock, most victims thank him for his efforts. Why is he spending so many of his retired hours telling Internet users to cover up their naked computer files? "Oh, it's probably a character defect," he laughed. "I was born and raised on a farm in Nebraska - if the neighbor's bull gets out, you just get him back inside their fence, and let the neighbor know. I haven't got any halos." HOW DOES IT HAPPEN? Catalina's real name and other details of her trip are being withheld to protect her family; but she was shocked to find files from her computer had been accessed from a file-sharing network. "Unbelievable," she said. Initially, she had no idea how it happened, but after a few questions remembered that her 10-year-old son uses a music-swapping program named "BearShare." "I will certainly take measures to stop this," she said. Catalina's situation is typical - children often sign up their home computers for services that parents don't quite understand. Suddenly, the family's financial spreadsheets can be found using a simple search like "accounts" in a file swapping service. But children don't account for files from a district attorney's office making their way onto the Net. Also typical is when one person in the office signs up for a service, not understanding how it can expose critical company files also on that computer. Use of the programs, which are generally considered a serious security risk by experts, seems to be somewhat common among U.S. government offices. A quick scan by MSNBC.com found hundreds of megabytes of music - including about 50 Beatles songs, 50 Jim Croce songs, and perhaps 100 John Williams compositions, among many others - shared out from a computer operated by a Naval Hospital called the Bureau of Medicine and Surgery in Beaufort, South Carolina. That irks Phillips. "None of these programs belong on business or government computers, period," he said. "There is no ethical justification for it." Attempts to reach the technicians at the Naval Hospital weren't immediately successful. USERS TO BLAME Shaun Sidwall, the software developer who created Gnotella, said he sympathized with users who accidentally place personal items before the public. But ultimately, the user - and not his software - is to blame. "You know (accidents) happen... It is surprising to see every once in while what people share," he said. But he argues that outside the occasional embarrassing realization, he doesn't think many users have actually been victimized accidentally shared files. "Most users of the network aren't searching for that kind of stuff. So chances are very few people have actually been maliciously affected by this," he said. Sidwell designed the software to generally only share out files placed in a specific, safe folder on a user's computer. But inexperienced users are apparently making much wider swaths of their personal files available to the network - in some cases, sharing their entire hard drives, for example. Because there might be a legitimate reason to do that, Sidwell resisted the notion of limiting Gnotella so it couldn't make all files on a computer available. Those using file-sharing programs - or allowing their kids to do so - should be very careful about exactly what files and directories are open to the world. If there's any confusion, the safest way to protect yourself is to use a separate hard drive. Or deploy an even more aggressive tactic, like Phillips. "My personal solution is to have a separate machine entirely for this," he said. "And if there's any files on your computer you don't want the world to, store them on a zip disk or floppy, and take them out of the computer." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST