Slashdot Mirror
P2P Leaks Surprises
kilian.cavalotti writes "A new Web log is posting what it purports are pictures, documents and letters from U.S. soldiers and military bases in Iraq and elsewhere--all of which the site's operator claims to have downloaded from peer-to-peer networks such as Gnutella.
The "See What You Share" site has been online for a week and has published photos ranging from a crashed military jet to a screenshot of a spreadsheet file that appears to include names, addresses and telephone numbers of marines. The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be."
I don't care what the military shares, but I surely want to see more of her... Redheads.... *drool* ;-)
The FBI is on the way...
If you choose to expose security weaknesses, don't take advantage of them. Tell those who can fix it/do something about it, and no one else. What this person is doing will just give other people ideas.
Glen Breakwater-
As a former member of our armed forces, and an avid technophile as well as outspoken supporter of freedom in all its forms, I have a question:
What exactly are you advocating?
It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining. Do you want to ban P2P services? Do you want to attempt to make yet more copy protection systems? Or are you doing what Michael Moore does and complaining about a situation while having no solution whatsoever?
As for my view: it is the price of freedom. If you don't want Secret/NOFORN documents distributed on the web, then don't hand them out to people! Make sure the only machines that have them are on SIPRNET and take out the damn floppy and zip disk drives.
My position: people are stupid, and until we decide to take real measures to protect secret data (i.e. not providing removable media for secret computers), we'll get burned. A nation at war? Yes, I went to Iraq three times in the past three years. But don't blame the soldiers, or the P2P programs. Blame the idiots that make the information available and the idiots who build the computers and set IT policy for the DoD.
Peer to peer filesharing is NOT a security risk. The lack of a comprehensive security program within our military is a security risk.
Regards,
Sounds more like he is trying to train them in target practice to me.
Non, je ne veux pas coucher avec toi ce soir.
The problem is that the website author emphasizes that "Technology often outruns legislation. So is the case with Peer 2 Peer networks." He seems to assume that P2P should be legislated against. However, this is a security issue, not an issue specific to P2P systems. Education and other controls should be used to minimize this problem. The military would never let Joe Soldier run a rogue server, why would they let them run any old P2P app on a system with classified information? See, P2P Problem or Security Issue?.
the risks of P2P.... especially publicly exposing security holes.
search your favourite P2P network for things like ".XLS". When you find some that are obviously not intended for public viewing then look at the person's shared files for more goodies.
not that I'd ever do that.
Trolling is a art,
I always thought military desks had two machines on them. A public internet and a military internet, and at no point were they ever interconnected. Is there any shade of truth of that *at all* in any branch of our military? It certainly sounds like any casual remark anyone might make at the watercooler, but it'd be interesting to hear from someone who's been there.
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
First
Taken from the web site:
Why This Site Exists
Technology often outruns legislation. So is the case with Peer 2 Peer networks. Many people obtain P2P software so they can download music or movies. A large number of those people do not have any idea what they are sharing.
A few months ago, I downloaded some military briefings from the Gnutella Network. The briefings were zipped and the file contained 21 documents with classifications ranging from For Official Use Only to Secret/NO FORN. Shocked at my discovery, I notified an agency on a nearby military installation. When nothing happened, I notified another agency. I continued this course because no action was taken and for a nation at war, I was concerned for the safety of our soldiers.
It may appear that I am picking on certain institutions. This is true. I want everyone to know that we can be our own worst enemies when we don't understand the full power of our technology. I want every military and government agency to see first hand what is being shared with anyone who has a computer. Since a picture is worth a thousand words, I can save myself some talking.
----------------------
Freedom or Evil: Freevil.net
G. W. Bush says, "You decide!"
This is just going to lead to more cracking down on P2P file sharing, even the legitamate kind. Really, accidentally sharing files only comes from ignorance, obliviousness, or some combination of the two. If you don't know what you're sharing, you shouldn't be using P2P. It's that simple. I guess I just thought it was common sense to keep track of what people have access to on one's computer. It seems that a lot of people lack common sense.
Oh, and barring any posts while I'm writing this, FP!
This sig has been stolen. Return it to its original user for a reward.
There are ways he could've made this information available to the military without also sharing that sensitive information. Why not just contact them and inform them of users and networks offering this material? Why has he put our servicemen and servicewomen at risk by not only pointing out this flaw, but providing pictures and information on his website?
Couldn't his point have been made without actually doing harm to our people? What disgusting behavior.
+ Donald Gunth
+ Email: dgunth@quicktek.net
"Caffeine is the greatest lubricant ever created." -ESR
Yikes! Is he trying to get what little liberties we have left removed? And we thought the RIAA/MPAA were the biggest threat to P2P networks. They have nothing on a peeved military!
It'll be interesting to see how long it'll take before the operator of that weblog is arrested, even though he's trying to prove a point.
That wouldn't be the wierdest thing I've found on a p2p network.......*hurls*
Would anyone else be surprised if this site is shut down or sternly repremanded (perhaps quite publicly) within the week?
His intentions are good, but we all know about that cliche.
As long as there is a Second Amendment, there will always be a First Amendment.
But remember, giving people the ability to encrypt p2p file-sharing is BAD...
Who's with me?
P2P was a neat concept way back when it was called a bulletin board. I guess it still is a neat concept, now that we have IM for sharing snapshots and web-camera streams. The truth, however, is that it isn't nearly as effective in pushing around bits as administering a cheap Linux box with 200GB of HD off a cable modem with a bunch of college frat buddies.
Moreover, it isn't nearly as good as having a private server with 500+GB of storage on a college LAN... I lost count after the 5th HD was added to my frat's file server. Dues in a frat house go to the 60"HDTV, game systems, parties (It's all about the Super Bowl), and the file server "as needed". As long as you meter/throttle the bandwidth so that the file sharing outbound network doesn't spike the University's network admin's attention (or better yet, have a student network admin in your frat), bandwidth consumption looks just like a massive Quake (or other FPS) game. Match that to the right port for Quake, etc, and even the best sysadmins are fooled.
CMDRTACO CHECK YOUR EMAIL!
Is this guy not liable for posting this stuff? I guess he's re-posting, but he is openly hosting all this stuff. Names changed/blurred or not, he should not be allowed to do this. Not to sound like a republican troll asshat, but isn't he helping the badguys in a way?
... where are the other "raunchy" photos?
The real "Libtards" are the Libertarians!
First off, if classified info got to a P2P network, then there was a security breach BEFORE it got there. The p2p network is not the problem.
Second, if the info isn't classified, why shouldn't it be on p2p? If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.
Moo.
File sharing in the military could be a good thing. Hopefully the RIAA will make the mistake of trying to sue the military for copyright infringment, causing the US military to begin taking out "targets of opportunity" here in the US *cough Mitch Bainwol & Hilary Rosen cough*...
Vandemar.org
I believe that the problem is not P2P vulnerabilities but the users knowledge of the software and how to secure their own files. What it boils down to consumer education.
..I remember doing searches on Gnutella networks for camera picture prefixes (dcim*, pc101*, dcf*) and getting all kinds of personal pictures back-- if the person allows the program to index their hard drive, they are morons.
he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be
He's right -- P2P networks are used to distribute weapons of mass destruction.
ALOT of people sharing email etc. inbox.dbx and whatnot on the Direct Connect network. On Direct Connect it is a requirement to share alot to gain access to the good sites, and some people just share their entire harddrives.
This is different from full-disclosure of software vulnerabilities because this is more a human error than anything else. It's not like there's software to be patched...it's a matter of educating the user as to what they're doing wrong.
The only real problem here is the public disclosure of personal information -- if I were one of the names shown, I'd probably be upset. (of course if this is going on in a widespread fashion, I'd be upset anyway) In the end we can only hope that the "shock value" of presenting these to the public will create enough awareness to minimize the problem.
Otherwise we can all watch as the spinsters pull another argument for their "p2p is evil" campaign.
I think I found my credit card number in there. Hurray for me, I'd had it stolen before I memorized it.
Not sure what he is advocating/saying, other than probably whining, but its interesting to see the guy has his own censorship ....leaves me speechless
http://efil.blogspot.com/
He was not cautious about his setup, and I very quickly showed him how I could basically browse his entire computer hard drive, and (granted with a little hands-on) very quicky map every network resource his system had access to. I suggested that he remove that lest some dishonest version of the software do the additional mapping unbeknownst to him.
P2P is a potential blessing and a damned curse.
End the FUD
Anyone notice his profile says he's 30 years old? Judging by the photo on the site, I'd venture to say that's off by about 20-30 years at the very least. I'm confused. Is he advocating the military crack down on P2P in general, or on the use of P2P by soldiers? It's not like shutting off their access to P2P is gonna prevent the info from getting on there, it'll only prevent them from directly doing it themselves. The only way to do that is to prevent internet access entirely.
because you know nobody messes with anybody on those networks. Case in point download a video that's got a filename "brittney_spears_lez_nasty_anal_horse_beast.mpg" if you take off your glasses and squint you can tell it's really her behind the thick german accent.
Did you read http://www.seewhatyoushare.com/2004/07/why-this-si te-exists.html
He made valid and physical attempts to inform the proper people about the issues and he saw no response, no action, he was basically ignored.
Well I bet they are taking notice now.. I would like to see every single person he talked to in the military that did Nothing up on military charges and kicked out of the military with nothing.
No better yet a true example should be set and they should end up in prison for threating the security of our nation.
Personal Website
Are we supposed to believe the guy running the weblog is 30? He's got lines deeper than Keith Richard's!!
I
It's not a peer-to-peer problem. It's always the people that sounds alarming who gets the attention but the real problem is the user. It always been the user and it will always be the user. If you can't protect your information, if you don't have the basic knowledge to use something, if you are neglecting basic rules and if all your ports are open then you can't blame the internet.
This is totally insecure, but very convenient.
See What You Share on P2P
Site Summary
VISITS
Total 27,272
Average Per Day 558
Average Visit Length 3:08
Last Hour 2,312
Today 24,281
This Week 3,908
PAGE VIEWS
Total 161,116
Average Per Day 4,686
Average Per Visit 8.4
Last Hour 13,010
Today 129,905
This Week 32,805
Wonder where else he posted this site today to get 129,905 today and only 13,010 in the last hour (since posting on slashdot)
Off Topic? You morons, it's obvious he was talking about the redhaired, green garbed, chick half-naked.
You are a bunch of half-baked, brain dead, morons.
Teaching the military about consequences may be a little far fetched.
And I say, good job my friend! There should be more people exposing military, gov, etc. secrets so that people are more carefull on the Internet or any other network. I am for it cuz i know so many ppl that have no clue about security and they call themslef IT professionals. So, please ppl think twice before entering the high speed of networks about whatever u do there can be and most of the time is seen by millions if not billions of ppl around the world.
I kinda hope someone will bother to talk to Capt Farnham about failure to properly handle FOUO and Privacy Act data before his commander gets wind of it.
!#@%*)anks for hanging up the phone, dear.
In the extremely large military network I worked on, all P2P ports were blocked (the rule was deny all, allow by exception) and the IDS was tweaked to catch anyone who fiddled with the ports to get around that. The security guys were not nice to people they caught.
I guess some areas of the military just aren't set up that well.
It sure seems like Joan is a Harley Davidson freak. It looks like she's completely outfitted for a week of sun and fun..
Leather Jacket.. Check
Swim Suit.. Check
Necklace.. Check
Gold dress.. Check
Bras.. Check
Shoes.. Check
Panties.. Umm. hmm. Not Check.
I think I'm in love.
And I wanted to see howe many win98 users just shared the HDD. so I searched kazaa for windows 98 password files (.plw) and sure enough. It was a script kiddie act but I amused myself with access to some of the websites I found, lol.
Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
Finally a slashdot article I can comment on knowledgably.
I'm an officer in the US Army and on a casual glance through the file list there's nothing on there that's classified. You can look up most of these manuals on google.
Here's a site that lists a couple: US Army Fields Manuals Not hugely helpful unless you have training and equipment, but I guess if I were a (bored) terrorist, I'd read em.
A few months ago, I downloaded some military briefings from the Gnutella Network. The briefings were zipped and the file contained 21 documents with classifications ranging from For Official Use Only to Secret/NO FORN. Shocked at my discovery, I notified an agency on a nearby military installation. When nothing happened, I notified another agency. I continued this course because no action was taken and for a nation at war, I was concerned for the safety of our soldiers.
Doesn't all information want to be free? Only a true patriot could come up with this reason for banning P2P networks. Great Propaganda and a real good excuse for the mrs when you're caught downloading porn again.
John the Kiwi
Sharing your files on a P2P network is saying "Here are my files that I have chosen to share with you, please download as you wish".
Your analogy is not correct.
Sharing files on a p2p network is just that, sharing files. It's not like forgeting to lock your door, it's like having a flashing neon sign that same 'come in' and then getting upset when people do.
To imply that a veteran is lying about his/her service because he or she's not familiar with some obscure IT policy is pretty petty.
Oh, and I submitted this with a funnier headli...er, wait, this isn't Fark, is it.
Well, I did submit it, with a link to a ZDNet article about it, in which they give a little more detail about what happened with the blogger's attempts to get the authorities involved:Ummmm...what??? How powerful is this senator, that he can pluck a given file off a decentralized P2P network? How did he do that? Am I going to get an insistent knock on my door for even questioning this?
Tell my wife I love her! AIEEEE!!!
"A great democracy must be progressive or it will soon cease to be a great democracy." --Theodore Roosevelt
Why would they arrest him? There is nothing very interesting or sensitive about ANY of the screen shots / pics.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Regardless of sender/receiver transmission laws or digital rights/security issues, publically broadcasting classified and internal documents of our armed forces can be construed as a breech of national security. I doubt once this hits the major newslets (as of /. wasn't major enough) this website will be shut down, and he will be prosecuted to the fullest extent of the law. I thought I'd just find pictures, but there are security details, parts/order lists, confidential call numbers... this guy should/will hang.
-Christopher Wu
http://www.christopherwu.net/
SIPRnet Computers are NOT directly connected to the Internet. Atleast here they aren't. This means that someone would have to physically take the documents from a higher classified machine and move them to a NIPRnet machine and somehow have a P2P sharing program installed.... Hmmm...
The military will see this as a security breach and fix it by arresting Glen and taking his blog down, then they'll go after the P2P software on their PCs. Of course, none of this will, in the end, improve security or help protect our troops. But it will play well in Peoria on the 6 o'clock news.
He is using P2P as an example of a technology that can become a major security risk that he feels has been overlooked. He never said it was the only one. But we do need to step up security policies taking into consideration p2p technology.
Mathematics is made of 50 percent formulas, 50 percent proofs, and 50 percent imagination.
Gah, he links to lgf. Automatic -5 to his credibility.
I know a guy who flies planes he builds from kits. Even HE has seen nothing in the way of restrictions beyond a little more care in checking the i's are dotted and t's crossed in the existing regs and forms.
It's like you whiners have this sick fantasy of being an oppressed little prole under a fascist dictatorship, so you pretend and make up conspiracy theories.
Sometimes telling people of the problem isn't enough for them to react to stop it. I don't know if this is the best way to make those in power aware this situation, but I'm sure it will be effective. The pictures I saw didn't look too bad, so quick action to stop this from happening in the future might be better than not making it public where it wouldn't get anyone's attention to stop it.
Perhaps he found worse and only publicly show what would not get him sent to prison?
Now they are on the net as well. not like they wouldnt have been in the first place. This isnt top secret clasified hush hush stuff. movae along people.....
Rick Wallace is hanging upside down in a cage in Cuba with electrodes tied to his privates.
Meanwhile P2P usage in the military continues unabated.
Nothing to see here. Move along. You're safe. We're not violating the Geneva Convention. Move along--NOW!
This site conVENiently created just as they're having trouble passing legislation to ban P2P. They never tire of scare tactics, and are still stinging from the leaks at Abu Ghriab. Cockroaches do tend to scurry when you shine the light on them, they'd apparently prefer we all remain in the dark...
It's just like guns and encryption-- if P2P is outlawed, only outlaws will have P2P. (Or EMail for that matter, as it's P2P...)
Site's got some interesting stuff on it though. Lots of links to conservative blogs... No way the guy's 30, looks more like he's 60. Guess the livestock biz wears you out...
and who works in a museum, no less. All I feel is pity for the guy.
Is the juice worth the sqeeze?
You can't really argue that this is likely to give people ideas and hurt the country, because while it's not a very obvious course, it's highly unlikely that he's the first person who's ever thought of looking for sensitive documents on p2p networks. To say that it's "helping the bad guys" is being naive and underestimating the intelligence gathering skills of the 'enemy'.
To quote the most famous example of terrorism against the United States, if a terrorist organisation is coordinated enough to slip various teams with weapons onto several seperate aircraft, and crash those planes into US buildings, I wouldn't say searching internet resources (be they web or p2p) for sensitive information that has been leaked or poorly secured is beyond them, by any stretch of the imagination.
It's also similar to the "Deceptive Duo", who were Americans who hacked military websites and defaced them with screenshots of personnel databases, under the flag of 'patriotism'; in an attempt to make the military realise the importance of security within their systems. The difference being of course that they intentionally penetrated military networks to achieve this, and used uncensored screenshots of databases, revealing private information on government personnel. As such they were arrested for it.
This site hasn't gone so far as to display any critical security data, or illegally access any systems. I have seen and heard of many examples where a hacker has warned a sysadmin on several occasions about the dangers of vulnerabilities in a network, only to be ignored until finally the site ended up being defaced, so I can understand his impatience to some extent. The next person to run off and harvest this information might not be so eager to censor what they consider to be personal data.
There might be an influx of curious people running off to p2p networks to see what they can turn up, but I really don't see this as too much of a concern in the grand scheme of things; what security risk does a 14 year old kid who wants to look cool pose? It's not information that anyone particularly wants public, but in the hands of the average private citizen, it's not drastically critical. A US citizen could probably get a fair few details from public records, or socially engineer contact details out of people. But any "terrorist" who would have been intelligence gathering has more than likely done this sort of activity already.
It's not the easiest problem to rectify though, without some sort of drastic overhaul in the system, and some method of securing or blocking p2p systems across all military computers, which would be a rather hard thing to enforce, and would annoy many soldiers who are used to using these systems. But of course, national security has to come first. If nothing else, an explanation of the importance of not sharing entire drives would be a start.
He might have had a noble reason for doing it, like music pirates, but I expect we'll all be staying after class for this one.
You never know what I good admin might do when he's bored.
If one doesn't question and provokes their liberties, what liberty is there to have ?
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
... not only you can find the Microsoft Windows sources, but the Slashdot sources too!
(posted anon for obvious reasons)
.jpgs on the drive. And yes, I had his full permission to do this. I even asked him if there were any directories I should avoid due to personal reasons. Well. You sure do learn a person's fetishes this way - he had a kazaa download folder just full of "raunch".
:)
A while back, my ex-employer called me up asking for help. Seems his workstation's drive had died, and as I used to be tech support for them, he wondered if I could attempt some data-recovery on it. Well, the drive wasn't dead, it was just flaky. I managed to get a dump of it eventually, minus a few bad sectors.
Now, the idiot was storing some semi-crucial corporate data on it, which should have been on the server (backed up nightly) like I had told him years before. He insisted on keeping this stuff on his personal machine's drive because he was convinced his staff shouldn't have access to it. ACLs etc just went over his head.
So anyway, a lot of this data was photographs. I didn't want to play hunt & peck with his convulted directory structure, so I just browsed into all
Now, some of these legitimate business photos were in weird locations, so I poked around further, just to make sure everything copied over nicely, and if not, to tell him what areas were lost. I stumbled upon a folder full of photos called "Jane" (name changed to protect the innocent). Jane, by the way, is his ex. Most of the photos were just vacation shots, etc. However, apparently she let him do a pretty thorough photo shoot one day. I mean *thorough*. Complete, unedited, posed in ways you usually only see on porn sites. With no question of who it was. This is a girl I knew fairly well, and I'm pretty sure she wouldn't be too pleased to know I've now seen her in all her glory. Thankfully I haven't ran into her since this happened.
Needless to say, I copied the data to a new disk for him, admonished him for not keeping it on the server, and collected a nice paycheque.
And learned one important lesson: never EVER trust the s.o. when they say they'll delete those nude photos of you if you ever break up
...he will be dumped in gitmo and his house leveled with the ground.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
P2P is as uncorruptable as our technology can make it. Politicians will always be corrupt and all governments are tools in the hands of the rich.
Which one do you trust to provide 'governmental services' like implementing the will of the people, disseminating important information and generally looking out for our best interest? My vote is on p2p technologies. The present government can rot. P2p IS our next government.
What the hell are you talking about? Too much bong resin stuck in your beer-addled brain or something?
Bad frat boy, no cookie!
P2P was a neat concept way back when it was called a bulletin board. I guess it still is a neat concept, now that we have IM for sharing [stuff]
You don't even understand what peer-to-peer means if you think a bulletin board or instant messaging are P2P. Not that I'm surprised that a typical frat boy is as dumb as a sack of shit.
The next technological invention will be a google service to search through all of those files from the web.
When that happens, more people will get smart about security. Right now, one person can only make so much noise.
Some of the documents have parts "blurred" out, rather than deleted. I assume it is just some photoshop blur algorithm. Anyone know if that algorithm is reversible? Or is the data really gone? I'm sure the guy running the blog site doesn't know the answer. If you are going to black out sensitive info, you should be absolutely sure you aren't doing it in a reversible way. Just turn all those pixels the same color. Just be careful an attacker can't get any information from the width/height of the area blanked out.
This is really interesting. Some of the photos on the blog include EXIF information, such as the camera model that took the photo and the date and time the photo was shot. Just more inadvertent information leakage.
-Letter
P.S. I used the command-line program exif to view the EXIF information, but I am sure any decent digital photo software on Windows can view it too.
What a load of bollocks, you cant blame file-sharing because some incompetent people didn't look after their documents. That's blaming the messenger if ever i saw it. ROFL at the girl in the green dress (well barely) and "Due to the sensitivity of this material, some information has been blurred/blacked out."
If anything its a lesson to offices, agencies etc everywhere to take common sense secuirty measures. You have a legal right for your personal information to be kept secure by companies/orgs/etc that hold it so if they aint, then throw the book at them.
This comment does not represent the views or opinions of the user.
In addition to piracy, porn, and secrets, it has also poisoned our water supply, burned our crops, and delivered a plague unto our houses!
If someone says he and his monkey have nothing to hide, they almost certainly do.
Just do what the RIAA/MPAA does, flood the P2P networks with bogus files with attractive names. A bunch of phoney spreadsheets with fake phone numbers on them should do the trick!
Looks like a few other sources have some info on this.
What I find really funny is just what a threat a paranoid public is to liberty and freedom of all Americans.
I'm frankly somewhat comforted by the fact that we have pictures coming out of Iraq that have not been filtered through the military censors and government spin doctors. I think it's good that we find out about Abu Ghraib. There is a fine line between keeping information secret to promote security and keeping information secret to deny culpability.
You can't put the genie back in the bottle: people want digital cameras, internets and camera phones. People will take pictures of things and share them with others. For the most part, I think more is gained than more is lost. The worst thing that can happen is for people to lose sight of what their government and military are doing. Are some images disturbing? Yes. Do they force us to uncomfortable conclusions about our government? Probably. But what is the alternative: to go on as if such things simply didn't happen? I hope we are braver than that.
There is much pleasure to be gained in useless knowledge.
I don't know about the fellas on either side, but the lady in the middle looks like Alyssa Milano. She did at least one USO visit in 2003. That was a Navy show, but it mentions ground forces (the Army guys?) and at least we can place her in the area at some point.
Mr. Wallace has an interesting point -- stuff is being accidentally shared that people would probably prefer not to be shared. This is interesting. However, I do not agree with his conclusion, that "legislation has not caught up with the P2P world". All P2P does is enable data to be transferred -- people have been accidentally sharing data for a long time. I remember when an journalist (I believe it was Adam Engst, of TidBITS) wrote an article about how he accidentally placed some pictures of himself that he didn't want made public in a directory with an unusual name on a webserver. They were eventually accidentally made public. This is certainly not a problem inherent to P2P systems -- it can be done on any system that allows data transfer, and on any system that is worldwide and allows anyone to provide data (such as P2P networks or the Web), it is quite certain that accidental distribution of data will happen.
Now, I can agree that some P2P apps could use some revision. P2P apps should not scan the entire hard drive for files -- they really need a "shared" directory to be designated, even if it requires the user to do some extra work. But this is a software user interface issue, not a legal issue that requires legislative intervention, as Mr. Wallace seems to feel.
There is certainly nothing of particular significance to P2P when it comes to potential data leaks. Client-server models can allow just as much a problem.
May we never see th
It's pretty clear that this Astroturf hitman for Orin Hatch has it in for P2P even though the real problem he has found is unsecured networks. As much as he claims he is trying to "alert the military," his motives are as suspicious as the I'm "30" years old claim One thing is for sure, he doesn't own the copyrights to the photos he's posting. All photos are automatically copyrighted by the person taking the picture. Blurring our someone's eyes doesn't give you clearance to post the photos for your own uses...
He inserted significant randomness into it from scratching the smudge tool over the area.
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
personally identfifiable information. T
here were quite a few documents which listed ssn's and the like.
I believe sb1386 only applies to companies which do business in california, but I wonder if it could be interpreted in such a way as to include the military.
"Glen" looks like he does in above photo, and claims to be 30. I am *not* looking forward to the big 30. Either that or Glen has some serious issues.
Computers are useless. They can only give you answers.
-- Pablo Picasso
http://12.100.23.254:8080/photos/iraq/
Yeah, but...but his dad totally owns a dealership!
vi ~/.emacs
Yea, just like in the good old days, shoot the messenger!
Such things run nice at the moment, together with "kill the evildoers' and "they just want to hit us because of our freedom"...
The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be.
In the latest news: Mr. Wallace's information was posted on the Internet. While he was gone his home was broken into and his family brutally murdered. Sources say this should give Mr. Wallace a good idea of how serious security should be.
These leaks are exactly why the "old media", and the politics (Republican, Democrat, Libertarian, you name it) they protect, fear P2P technology so much. Their power, and the profiteering it perpetuates, depends on their central control of the "official truth". One of the mechanisms that accelerated the demise of the Soviet Union was the spread of fax machines in Eastern Europe, which made Pravda ("Truth") too complicated to manage in the minds of the people it oppressed. Now the more nuanced American media control is threatened by more advanced technology, and regime change is in the air.
P2P has some disadvantages, like level of confidence in the content. But that can be mitigated by evolution of the same technology, with corroboration amid complex webs of trust. But the leaks of actual recordings of repellant acts make it much harder for their actors to pretend they're anything but trouble. Cameraphones for peace!
--
make install -not war
Actually, you are not supposed to connect a classified computer to a network with non-classified computers let alone the Internet. If he found classified material on P2P, the guy who shared it is in a whole heap of trouble.
Michael Moore is stark raving mad. His delusions and perceptions of reality indicates that he may be psychotic. If you see him in person, be sure not to let your eyes meet. He may attack you and steal your food.
Are you saying he is a slashdot reader?
So, who do you think is paying for this person ? The RIAA or the MPAA ?
"We must outlaw p2p because it endangers our military secrets !"
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
...what some of the problems are with P2P and condifential info. But... that scantily clad redhead wasn't a threat to national security. Not to mention, what's the problem of sharing nudies of your wife online. It's not like these people don't know that other people can see it.
Un-news
Well the picture of the woman may be more upseting to the DOJ and the Bush admin than all the rest knowing what they think about nudity and porn.
Okay, just imagine... that green thingie slips down... and... It's a shemale!
I'm convinced it is.
o mpany_21.html/
And is that upskirt?
http://www.seewhatyoushare.com/2004/07/bush-and-c
-/McK
The same can be done with google: filetype:xls.
"Long run is a misleading guide to current affairs. In the long run we are all dead." (John Maynard Keynes)
The security risk from unauthorized public P2P military photo exchanges is a lot like the risk to early American armies in tribal American lands. American technologies, like wagon trains (dust plumes), bullet reports, railroad exhaust, and even the first generations of thudding hooves of alien horse species, all advertised the locations of foreign troops in tribal lands, as the invasions reached ever farther across the continent. The genocidal solutions have left severe defects in American society, some of which (like unlimited weapons proliferation) threaten more American lives than tribal warfare ever did. Hopefully the modern version of those solutions will be informed not only by the military history, but also its consequences.
--
make install -not war
Show us more of the girl in Green. Hubba Hubba I love redheads.
Right now in Iraq there is some guy asking one of his fellow soldiers this, and when the guy says "no" responding with the classic...
"Want some?"
Looks a lot like a MIG that was bombed while it was on the ground.
If he were 16, I would cut him some slack, but at 30, he should know how the game is played:
1) Go to any reputable news organization (from CNN to Fox, or anything in between), and tell them that you have managed to acquire military briefings through an online file-sharing service. Let them know that you tried to contact the military and nothing happened.
They will be glad for the scoop, happy to look patriotic, and will know how to shame the military into action
2) If that doesn't work or doesn't appeal, contact John Warner's office (senate, head of Armed Services Committee) with your story. Heads will roll.
Human being (n.): A genetically human, genetically distinct, functioning organism.
While this guy undoubtedly has balls, I'd also say he's lacking in brains. Patriot Act, anyone? I think he'll land in jail faster than you can say "John Ashcroft".
The world is full of idiots, and in particular where P2P software is concerned. However, the idiot who points out the other idiots' idiocy is generally also made very quickly into the sacrifical lamb.
This is about as good a justification for the INDUCE act as anyone could come up with. Never mind that it should probably be covered by military regulations, never mind that most of the information is not all that sensitive. Never mind that INDUCE is a seriously bad idea. This will be used to make P2P of any sort look ever so much more dangerous. Orrin Hatch is probably dancing around the room now with glee.
Salary history, layoff, divorce, and my personal favorite, confidential.
The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to have himself and all his belongings seized and destroyed by Navy SEALS in the dead of night this week.
DRM 'manages access' in the same way that a prison 'manages freedom'
or better yet, social security!
Is this the same Rick Wallace that appeared in Pokey the Penguin? Man, that guy's famous even without the blog!
http://www.yellow5.com/pokey
http://www.rit.edu/~flf1754/pokey/pokeyfaq.html
Rock on, Rick Wallace!
Comment of the year
having read a good half of the posts below I must I say I'm impessed that about every of them commented from a military/state's interest perspective. No one seems to take the point of view of those who were sent there (more or less willing) to conflicts which, at least some of them, are viewed by large parts of this worlds population as questionable at best. Those pics posted and apparently shared are not very exciting, just part of the every day reality of guys and gals forced to service.
Nothing to see here, move on.
Why shouldn't they have the right to show their sights of the world?
Security - haha. It has been the aim of many big leaders before to tighten up all the leaks, make them underlings stop chatting by draconian sentences. Lots and lots of cruel deaths on that record. History is full of failed attempts of that ilk - people keep talking, wanting to communicate their whereabouts. P2p is just the actual version, it used to be pubs or latrinae (and probably still is).
605413? Yes, it's a prime.
...So, someone needs to call up the US military, and tell them to put middle eastern languages specialist up on the P2P services, and see if the 'opposition' has let anything slip.
Sure, security is probably tight in a terrorist cell, but who knows what might be found, right?
HA! I just wasted some of your bandwidth with a frivolous sig!
There will be more and more of this all over the internet. Soon it will be almost impossible to do anything without it being publicly available. This can be good or bad, but if everyone is subjected to it equally, it will be good.
Seriously, if you got get any other pics, please post a location. Here's the problem... I didn't take them. If it's her I've got some stuff to handle when I get home. I'm not kidding when I say I'm pretty sure it's her.
The only possible way for someone to receive information over a p2p program would be if they took it home or e-mailed their personal address. P2P is simply blocked by our firewall.
Lets say I was in an industry where I wanted to limit competitors or strangle wider innovation for my companies gain:
1) Identify the fear du jour.
2) Align my competitors/competition with that fear.
Example:
1) Pesky p2p filesharers and their RIAA buggering ways.
2) Fix it so wider public perception is that "Music Downloads compromise security". Proof see: look what these people dabble in.
Problem solved.
In post Patriot Act America, the library books scan you.
People who wear brands, like harleydavidmnson (and whatever) to wrap themselves in a propagandized commercial image are unsettling.
your clothes mean nothing. get over it. joan is a fucking moron.
"Another thing, the picture of the girl is a common one distributed on P2P networks, and has been for maybe a year."
Oh! Um, email me some.. I have.. uh.. research to.. uh.. complete. yeah..
Every method of human communications has been used to get secrets where they weren't supposed to be going. E-mail, the Web, Usenet, P2P, and even snailmail, are merely the most modern examples. P2P is special because?
The problem is the idiots who made them available to begin with. These documents didn't just appear on P2P because of some special evil that pulled them out of Rick Wallace's asshole, they appeared because imbeciles either set their P2P setups to make their entire HDs available or put them there themselves. The solution is better security. There are some systems that do not need Kazaa or Gnutella installed.
Legislation to shut down P2P will only help America's internal enemies of freedom in the *AA organizations.
Tech Public Policy stuff
If you just like looking at good looking women, redheads or not, Visit Orfie's avvies site and see the Avatars that she uses on Stumble Upon and other places. I think a few of them are redheads too.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
According to our favourite tv show CSI, all you need to do is run a blur-reversal algorithm on those 'altered' images, and in about 3 minutes, 'Bing', you'll have a complete list of military staff including pager, home, work and social security numbers. Ah, technology!
It's no crime to locate classified documents in an insecure location and then point them out to an appropriate authority.
Human being (n.): A genetically human, genetically distinct, functioning organism.
I fired an email his way before this story made it to slashdot, so I was able to get a reply. He seems to believe that P2P is definitely important and should be preserved, just somehow regulated.
Personally, I think it's fine the way it is. And if someone is stupid enough to broadcast personal photos all over the web well, that's their lookout. But the freakazoids at the **AA are definitely going to use stories like this to justify banning it altogether.
Not sure if you all know this or not, but Megadeth is releasing a new album on September 12... all of which was released to P2P networks a day ago. Dave Mustaine is obviously upset, as they only handed out a few promo copies of the disc to close ties...
From what they are saying though, each copy was digitally signed with a unique signature so tracking down the 'leaker' should be fairly easy.
Linux with kernel panic...
MadPenguin.org
That should be NO PORN, which is the military's designation for secret information other than porn. Classified porn, of course, gets its own category.
He has shown nothing that is sensitive at all. Nothing; not even a FM manual or something that might be detrimental.
Fire, police, a roster with phone numbers and addresses. Seriously, waste of time. Terrorist can't look into a phone book? A semi-naked chick smiling into the camera? Blah.
now that kazaa is officially a terrorist weapon p2p is really up a creek. Thanks alot....
"It's so convenient to have a system where everyone is a criminal" - A. Hitler
The guy is stupid. Not only does he not know anything about the US military or the regular GI do with their spare times. I do not know if those list are real or fake but the image is nothing to worry about. Most enlisted don't know jack about what the higher echelon is doing until the finial phase. Case in point: My friend got a notice to ship out. He had a one-day notice. No one on the ship except the Captain and his XO know in advance of what was going on. My friend doesn't even know when he will come back. It wasn't a special mission or anything. In fact when he got back home, he told us that they just ran around in circle for ten days doing nothing. This is just a small example of how the military works. The US military don't think like regular civilian.
t laws?page=1
On the pictures issue, if you go to any gun or military website forum, you will see a lot of pictures that were taken by GIs all over the world, from combats to RR. There are in fact millions of pictures floating around websites that show those kinds of pictures. You don't need P2P to find out. GIs have their own website, units have their website, and God know how many other military related website on the web that show those kind of pictures.
Here is an unit with their website and images. Some of the pictures are from Iraq. I found some of them enjoyable.
http://www.strykernews.com/gallery/ou
That my friends is someone who is alot older than 30.
"You win again Gravity!" -Futurama (Zapp)
he is trying to help the military understand
I am afraid "to help the military understand" is an oxymoron no matter which country you live in.
There you are, staring at me again.
In my corner of the military, at least. On a regular basis, all systems connected to the WAN are scanned - for viruses, for messenger programs, for P2P programs, and anything else that shouldn't be on those computers. Finding any of those programs can get a computer kicked off the network, and anyone found actually using those programs can get their right to use government systems revoked. I've already had it happen to one person who was looking at pr0n on a government system.
Now, were these files coming from government systems, or from people who were taking their work home with them? Its a lot harder to control what people do at home. A lot of things I deal with are SBU - sensitive but unclassified. Meaning that the media the information is on (CPU, floppy disk, file cabinet...) doesn't have to have a little sticker stating its classification, but its still information that needs to be protected, such as listings of SSNs.
The government has already made Norton and MacAffee's antivirus programs available for home use to qualifying personnel for free, but just how much can they do about what people do at home?
Also, if a person were using unauthorized software on a government system, the correct action to take would be to contact that person's chain of command. First it would help if you knew who that person was, or at least what unit they were in, but that's just that.
Let me be the judge of that.
Look out for hungry looking sorority chicks, dude.
How many people here on /. run off to register funny made up domain names they see posted here or elsewhere?
-+-=-+-=-+-=-+-=-+-=-+ *** http://www.mountainfort.com *** +-=-+-=-+-=-+-=-+-=-+-
What killed me is the 26 July update. In the document that identifies soldiers that are married to other soldiers, it identifies one of the unit member's spouses as being Absent WithOut Leave (AWOL). When that memo makes the rounds in the unit, it's bound to cause some awkward conversations.
"So, let's see where your hubby's assigned t.......oh, I see Leavenworth is in his future."
Mr. T pitied this fool on 27 July 1992.
THinks this is a security risk how? Are Iraqi troops going to see these photos and recognize a rock and then scud them?
As for the list has he not heard of disinformation, why would anyone send out a list of names and addresses through P2P, email would be much more secure and alot faster. My guess is they want the list to be seen.
As for troops you think Jane or Joe America in the trenches knows every movement they are going to make. If they did we wouldn't need radio operators to coordinate. The average troop would already know where he or she should be.
You can damn well be that our government monitors what passes through their networks, it would be assinine to assume otherwise. There are blackout periods where friends that I have on ship aren't allowed to use a computer to even check their email.
Military netwroks in combat are as secure, if not more secure than any regular network, or at least as secure as a network can be.
If our troops do want to share with us the images they see when over seas, then I support them in that. It gives the people they left back home a glimpse into what has become their daily lives, it's almost like having them home.
And the ships out at sea. I read one post who said a friend of his got deployed on a days notice and went out for ten days and made giant circles in the ocean. I think they call it a readiness exercise.
Most times when a ship pulls out, the captain only has coordinates to where he is either to open his orders or radio back for them, then they are told what they are doing and where they are going.
To our troops overseas. Share away my brothers and sisters. Share away.
I am Bennett Haselton! I am Bennett Haselton!
I'm not *as worried* about Michael Moore being anything, since he's not likely to get anywhere near the nuclear football, as I am about certain other people, whom can (and sometimes have) do more than /steal my food/...
[Now, I'm off to lift my le... Um, visit... at another place.]
that old hackneyed phrase - "Military Intelligence"?
[Now, I'm off to lift my le... Um, visit... at another place.]
Project much, Mike?
taken! (by Davidleeroth) Thanks Bingo Foo!