Slashdot Mirror


P2P Leaks Surprises

kilian.cavalotti writes "A new Web log is posting what it purports are pictures, documents and letters from U.S. soldiers and military bases in Iraq and elsewhere--all of which the site's operator claims to have downloaded from peer-to-peer networks such as Gnutella. The "See What You Share" site has been online for a week and has published photos ranging from a crashed military jet to a screenshot of a spreadsheet file that appears to include names, addresses and telephone numbers of marines. The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be."

12 of 389 comments (clear)

  1. I think is was said somewhere else... by agraupe · · Score: 4, Insightful

    If you choose to expose security weaknesses, don't take advantage of them. Tell those who can fix it/do something about it, and no one else. What this person is doing will just give other people ideas.

  2. my email to Glen by rpdillon · · Score: 5, Insightful

    Glen Breakwater-

    As a former member of our armed forces, and an avid technophile as well as outspoken supporter of freedom in all its forms, I have a question:

    What exactly are you advocating?

    It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining. Do you want to ban P2P services? Do you want to attempt to make yet more copy protection systems? Or are you doing what Michael Moore does and complaining about a situation while having no solution whatsoever?

    As for my view: it is the price of freedom. If you don't want Secret/NOFORN documents distributed on the web, then don't hand them out to people! Make sure the only machines that have them are on SIPRNET and take out the damn floppy and zip disk drives.

    My position: people are stupid, and until we decide to take real measures to protect secret data (i.e. not providing removable media for secret computers), we'll get burned. A nation at war? Yes, I went to Iraq three times in the past three years. But don't blame the soldiers, or the P2P programs. Blame the idiots that make the information available and the idiots who build the computers and set IT policy for the DoD.

    Peer to peer filesharing is NOT a security risk. The lack of a comprehensive security program within our military is a security risk.

    Regards,

    1. Re:my email to Glen by PCM2 · · Score: 5, Insightful
      It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining.
      Um ... as a taxpaying citizen, is it really too much to ask for the military to take care of its own business, when ostensibly the security of our entire nation is at stake? Since when do you or I get to vote on how the military handles its own housekeeping? It's not up to you or I (or Glen) to establish military policy. All we can do is ask that they please address the issue. I think he's done that in a pretty alarmist way -- but he obviously feels like that's what it's going to take.

      "Ban" P2P services on military computers? By all means, if that's what it takes. Establish penalties for soldiers who fail to observe security protocols? Abso-effin-lutely. This ain't a civil liberties issue, people, and we're not talking about dismantling entire technological innovations here or anything -- this is the military. I wholeheartedly agree that, before Congress comes along and pushes through any further legislation blaming the American people for failures of security policy (i.e. the Patriot Act), the people who are really and literally on the front lines of the information security issue need to get their shit together in a big way.

      --
      Breakfast served all day!
    2. Re:my email to Glen by criquet · · Score: 5, Insightful

      Simply because someone raises an issue that concerns them without having a (stated) solution does not constitute complaining nor whining.

      Though I agree with you point that p2p is not the problem.

    3. Re:my email to Glen by composer777 · · Score: 4, Insightful

      My take on it is that all this talk of security is pretty ridiculous. You're average American belongs to the safest and least threatened group in the entire world. If we cared that much about security we would realize that the first step in creating real security is to provide it to those who need it the most, not those who need it the least. We could start at home, by providing security for those who are most threatened by violence on a daily basis, that is, the poor and the minorities. Ironcially, by focusing on increasing their security, we would in fact also be making the world safer for the most secure group, rich whites. Increasing security for the disadvantaged could involve a multi pronged approach:
      1. Create a program of effective affirmative action that would truly provide equal opportunity, as a start, providing such basic things as shelter, healthcare, etc.
      2. Eliminate racist drug laws that needlessly disciminate again the poor.
      3. Eliminate racist police offices that are one of the biggest threats to the urban population.

      Outside our borders, increasing security would involve a similar approach.
      1. Work to raise the standard of living rather than handing over resources to corporations that are only interested in plundering.
      2. Stop shooting and torturing people, which is one of the biggest threats to security of innocent Iraqi people.
      3. Stop giving Israel carte blanch support to murder, round defenseless Palestineans up into concentration camps and bulldoze their homes.
      4. Stop supporting corrupt, undemocratic regimes such as Saudi Arabia, Saddam Hussein's Iraq in the 80's, etc.

      But, we won't take these steps, our government doesn't take these steps because they realize that security isn't that big of an issue. In fact, the War in Iraq has the effect of increasing terrorism and decreasing security, not just for Americans, but also for the people of Iraq. On the other hand, the people of America won't take these steps because we're a bunch of racist cowards that think that we alone have the right to feel safe in our homes, but that black guy in the ghetto, well, he doesn't, and the Iraqi's in Abu Gharaib, well, they should have known better. It never occurs to us that increasing security of the poor might be the quickest way to create a safe and secure world for everyone. Nor does it occur to us that it is impossible to have perfect security. For some reason we believe that security is our birthright, and ours alone. I can't think of another group on this planet that has a greater expectation of perfect security than middle class Americans. It's a nice goal, but if we are truly interested in real freedom and equality, then we will realize that security can't be just a thing reserved for priveledged American whites.

  3. The Emphasis Should be on Security Issues Not P2P by The+Importance+of · · Score: 5, Insightful

    The problem is that the website author emphasizes that "Technology often outruns legislation. So is the case with Peer 2 Peer networks." He seems to assume that P2P should be legislated against. However, this is a security issue, not an issue specific to P2P systems. Education and other controls should be used to minimize this problem. The military would never let Joe Soldier run a rogue server, why would they let them run any old P2P app on a system with classified information? See, P2P Problem or Security Issue?.

  4. Absurd by cephyn · · Score: 5, Insightful

    First off, if classified info got to a P2P network, then there was a security breach BEFORE it got there. The p2p network is not the problem.

    Second, if the info isn't classified, why shouldn't it be on p2p? If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.

    --
    Moo.
    1. Re:Absurd by FerretFrottage · · Score: 5, Insightful
      If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.

      Not with the current administration....remember the casket picture incident? They [the pictures] were not classified, but you better not show them to the people.

      --
      "Look Lois, the two symbols of the Republican Party: an elephant, and a fat white guy who is threatened by change."
  5. Not the same thing. by DAldredge · · Score: 4, Insightful

    Sharing files on a p2p network is just that, sharing files. It's not like forgeting to lock your door, it's like having a flashing neon sign that same 'come in' and then getting upset when people do.

  6. Re:Nothing to see here, move along by Mz6 · · Score: 4, Insightful
    As I've stated previously on here...

    I'm sorry to say but it's NOT public knowledge to list what classification level service members have. This guy posted a document with several service member's names AND classification levels. Not only this it lists the base they are stationed at and their names and ranks. He was nice enough to blur out their SSN though...

    --
    Hmmm.
  7. Re:I got bored just after Kazaa came out. by Com2Kid · · Score: 4, Insightful

    I prefer looking up people's resume and sending them a message,

    "So, how's the weather in [insert locale here] "

  8. What's really funny is... by raytracer · · Score: 5, Insightful

    What I find really funny is just what a threat a paranoid public is to liberty and freedom of all Americans.

    I'm frankly somewhat comforted by the fact that we have pictures coming out of Iraq that have not been filtered through the military censors and government spin doctors. I think it's good that we find out about Abu Ghraib. There is a fine line between keeping information secret to promote security and keeping information secret to deny culpability.

    You can't put the genie back in the bottle: people want digital cameras, internets and camera phones. People will take pictures of things and share them with others. For the most part, I think more is gained than more is lost. The worst thing that can happen is for people to lose sight of what their government and military are doing. Are some images disturbing? Yes. Do they force us to uncomfortable conclusions about our government? Probably. But what is the alternative: to go on as if such things simply didn't happen? I hope we are braver than that.