Slashdot Mirror
FTC To Take a Second Look at P2P
BlueMerle writes to mention that the House Committee on Oversight and Government Reform has asked the FTC to take another look into the world of peer-to-peer file sharing. This time around however the inquiry has nothing to do with copyright. "But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available. This has already happened several times, as the Oversight Committee learned in July when it held hearings on the USPTO report and its findings. At that hearing, representatives were also shown real-time P2P search data. While most of the searches were for porn, movies, and music, the committee noted a surprisingly number of searches for private financial information."
Now, instead of RIAA, I have to worry about the Secret Service and the NSA when I'm browsing pirate bay looking for some mus
*bright flash of concussion grenade*
$#(FRe2%DEK#NO CARRIER
Kid-proof tablet..
But wouldn't the real solution be to train government employees in the arcane art of not installing P2P applications on government computers in the first place? Or does that just make too much sense to be effective?
But a USPTO report earlier this year stirred up the issue again by claiming that P2P installs could adversely affect national security when they made confidential government information available.
How is this even remotely related to any P2P protocol? That's an issue no matter what protocol used. Hell, in Norway there have been lots of screaming because some soldiers have put information and pictures that were confidential in one way or the other up on Facebook. Making confidential information available is a breach of security no matter what protocol you use to distribute it. Perhaps things get distributed more with P2P, but you still have to look for information and download before (while) you distribute it yourself.
How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????
Understanding the scope of the problem is the first step on the path to true panic.
Brilliant! Bribery didn't work, so let's make it about national security. Why, precisely, is this any more dangerous than "ssh encrypted file transfers" (aka sftp), or this newfangled thing called FedEx and "paper"? Sure, because it's an information-sharing protocol you can (drum roll) share information. That, in of itself is not a heinous thing.
Financial information is more important data. All those numbers take up lots of tube space. Soon we'll have all those tubes clogged up with dollars and cents* unless we can cut off the P2P box from trying to get this data! *Dollars and cents are number figures, not actual coins. Please don't go digging around and cutting open the tubes for money.
Sigs are too short to say anything truly profound so read the above post instead.
Definitely. It's not government secrets, or embarrassing facts about the war on terror...
I love it when qualitiative terms are applied to quantitative data. Out of 100% of searches made, there'll be A% for porn, B% for music, C% for movies... and D% for "sensitive financial information?" What was that number? "A surprising amount." (Skimmed the article too). What number were you expecting? 0%? 0.001%? 1%? I'd like to know a) exactly what the numbers are, b) what constitutes a search for "sensitive financial information". Searching for a credit report on someone is a lot different than searching for how much money some celebrity makes.
Isn't the entire Internet a P2P network?
Why are classified documents even on a computer that's connected to the internet in the first place? The government has their own separate networks for that stuff.
Bears don't normally eat things that talk and move backwards.
Last year Javed Iqbal, a satellite installer, was thrown in jail. His crime? He allowed people in the US to watch Al-Manar, the television station of Hezbollah. Of course Hezbollah is legally considered to be a terrorist group - if you're a country that is or formerly was a British colony. Or, for some reason, Holland. Outside of Holland and current/former British Dominions, the rest of the world considers Hezbollah to be what it is, a representative of Palestinians pushed into southern Lebanon by the Israelis from 1948 on. But anyhow, the US and UK are at odds with the rest of the world on this as so often they are, Iqbal was thrown in the slammer, and nary a word is heard about it or the supposed First Amendment. Meanwhile, narcissistic attention-seekers like Salman Rushdie are feted and praised year after year. In fact, this is done by the same corporate media propaganda machine which is working to dismantle things like peer-to-peer, all the while of course never reporting on what they are in fact doing, or about many things that are going on in the country of interest but that we'll never know about.
the committee noted a surprisingly number of searches for private financial information.
Looks like the "X is bad, X ON TEH INTERNETS is worse!11!!" meme is mutating into "X ON P2P is worserer!11!!"
There are two kinds of people: 1) those who start arrays with one and 1) those who start them with zero.
So it's again about a dangerous protocol, not a dangerous use of an application, or company policies allowing dangerous program use?
:-(
Well, e-mail has proven to be a pretty bad thing too. With e-mail, many things that shouldn't have leaked out to the public has.
I think things have even leaked out via HTTP.
Beware: In C++, your friends can see your privates!
Shouldn't that information be encrypted? If it isn't readable, downloading it from p2p wont help much unless hackers have a super computer built up of zombie machines to crack it.
Don't all Windows and Linux distros by default allow offsite users remote access to a computer (with some sort of authentication needed of course) in order to help with tech support questions? If so shouldn't the government stop using Windows (and can't move to Linux for the same reason) in case someone accidentally gives someone remote access? Do Macs have this feature as well? If so they might need to resort to typewriters or at least remove access to the internet.
Using openSUSE instead of Windows since 9th of October, 2007 and liking it.
P2P has been used in video games for a long time. In fact serverless P2P MMORPGS are feasable with enough anti-hack code. The only problem stopping true P2P from becoming big is the NATS on routers everyone uses. I think once IPV6 becomes popular, there will be a whole new generation of P2P. There are two reasons IPV6 will be a boon to P2P. The first is obvious: With everyone having a unique IP, you don't need a server to get a list of IPs, you can just ping IPs yourself as if it was a phone book. The second is the NAT issue mentioned earlier.
One thing that P2P brings to stuff like FPS is that it halves the latency. Another thing P2P does is that it doesn't need expensive servers to run constantly. I was writing an interesting MMORPG fighter:www.roamingdragon.com and I was able to write server/client code and play over the net with two machines that had no NAT, but I abandoned the project because everyone uses a router. Very few people will disconnect their router to play a video game and everyone needs high speed internet(low latency) to play. Other than those problems, the game played nicely multi-player.
God spoke to me.
If P2P networks were widely known to be used by neo-nazis exchanging information on targets, or on exchanging information on how to dodge tax, you know that the "privacy" and "right to freedom" arguments would have disappeared overnight and be replaced by their opposites. Hence they are simply not the result of any principles in general, just a desire to defend and preserve this specific type of file sharing (films, porn) and can be safely ignored.
P2P is always to blame because there is a group with money ready to blame it. The finger prints are all over this.
How could a legislative committee discover, discuss and decide to take action on a problem like this before the leading edge of the community, which is to say here, has even heard about it? Remember these guys don't even type themselves, they have people to do that. That intertube guy genuinely thought he was being insightful at the time.
There may be other evidence. Where an when did these guys hear about the problem? That one could say a whole lot
Groups like the senate oversight commitee are cherry appointments. They go to senators that have been in office more or less forever. That means these guys are OLD.
OLD legislators don't go online that often but the do generally make a point to read their district's local paper. Is there a suspicious cluster of spontaneous articles that have appeared there more than other equivalent publications that are not home town news for pertinent legislators?
There may also be a few various motivating factors for making an argument over this.
Is there unequal use of P2P for political purposes? I have not been following the Obama campaign but I understand he is leveraging the internet pretty heavily. If P2P is being heavily used by on party more than another, it behooves the other party to kill the medium.
The solution for this one is for supporters of both P2P and the legislator in question need to start making use of it to prove the personal need.
Espionage has recently become a hot issue. The beauty of this particular subject is it's at least superficially non-partisan, it appears, truthfully or not, to address a major news subject making them look like heroes, and of course there's the money from the RIAA to make it all tastier.
...and suggest that to even connect to the Internet as a client in the future, you'll need a licence and an approved software stack. The licence will be in the form of an officially endorsed key pair, and your OS will (1) sign all your outgoing packets with this key pair, and (2) respond to remote attestation requests about the software running on your machine. You'll be able to opt out of this, of course, but if you do, you can't connect to the Internet, because routers at your ISP will refuse to carry traffic lacking a valid signature from the central authority.
One consequence of this is that you will lose anonymity, because everything you send will be traceable to your licence. It will also enable censorship and the destruction of information, because when licences are revoked, information sent using them will simply disappear. That's perfect for any organisation that wishes to control the movement of information, from Fascist governments to record companies.
The expense of this will be justified in the usual ways ("think of the children"/"the poor starving musicians"/"the dying film industry"/"OMG TERRORISTS!1!!!!1!"), and the technology that will be used to implement it already exists. It's funny to think that possession of an unlicensed computer might be a crime in the future, since an unlicensed computer might enable someone to copy information without restriction, and obviously only a criminal would want to do that. Will possession of Linux land you in jail?
Truly the present day is the best time to be alive, because we have all this advanced technology and it is not restricted yet.
>north
You're an immobile computer, remember?
P2P is being targeted because democratically allows people to share things they aren't allowed to share.
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
Yea look at the P2P software but what ever you do, don;t look ay go2mypc or google desktop. No those are far safer.
Please enlighten me, why is this a concern of the patent office?
They should rather care about fixing their patent approval process.
Patents Drive Free Software as Hurricanes Drive Construction Industry
"What percentage is that?"
"Zero. Zero is a percent, isn't it?"
(0% certainly would be "a surprising amount", at least to me!)
I think more frightening is how one can use the data, once it's "discovered" on a P2P network.
Imagine if there were a company with a collection of what people are searching for, generally, plus patent-specific searches. And imagine that company, while professing that they will do no evil, notices that there's a whole lot of patent searches coming from a certain domain or IP-address (say a competitor like Microsoft) for some technology key words.
What a great tip-off to search the P2P networks (and the web) for hints which are actually shared.
It's 128 bit address space. That means there are 2x10^38 addresses. You might be pinging for a while before you find anything.
How much pr0n does the government have laying around, and why isn't it on Limewire yet?????????
Maybe it is and you just didn't notice - its probably hiding somewhere in the mature section.Pete/Petri "damn, my chainsaw is clogged with 1's and 0's again." --clyde
think of the children^H^H^H child-like civil servants?
On a slightly related and marginally entertaining note, in 2002 I lashed together an experimental poem made up of nothing but bits of personal data people were sharing over Kazaa. It's still available near the bottom of this lovable old zine issue.
Slashdot Burying Stories About Slashdot Media Owned
That does it. Let's outlaw conversation. Seriously. It's basically the original "peer to peer" method of communication, right?
From now on, nobody is allowed to communicate with anybody except for specially designated "servers". These "servers" must relay all messages from one person to another, vetting the communication to make sure there is nothing illegal, immoral, obscene, libelous, traitorous, unpatriotic, or just plain questionable about it.
It's for our own safety, dammit.
What does that mean?
"I might have made a tactical error in not going to a physician for 20 years." -- Warren Zevon
So there's a small minority of users on P2P searching for financial information (private or otherwise). How does this make P2P any different from Google or the rest of the internet?
I am suspicious of this; it seems to me like part of the this ongoing decentralized campaign: "The Internet is a DANGEROUS place." (Dangerous for children; dangerous for you and your banking/personal information, dangerous to the entertainment conglomerates)..
I have seen over the past few years; which has especially intensified lately. I suspect that the goal (and what the government really wants) is for anonymity online to be a thing of the past. They probably want people to have a virtual ID card...I think that thi would destroy a large part of what makes the net great if this is the case.
There are always going to be to people trying to get information that isn't theirs online. The best way for this to be dealt with is for people to learn the basics of protecting their personal information, and if the government is going to do anything (in a regulatory sense) it should be making it easier for people to protect their personal information.
The problem here isn't that dumb Government users running their computers as Administrator/root have installed P2P software and indexed their entire unencrypted disks for searching.
The problem is that the Government can't get their shit together enough to enforce a security policy that won't let those users do this kind of thing.
If their goals were to raise up their people and gain them the respect from the world they deserve, they would do so by treaty and negotiation not violence.
Jeez. If only the US would do that.
Microsoft is to software what Budweiser is to beer.
About two years ago a story came on the local news saying if you do a search in a program like Morpheus for w-4 that peoples taxes returns popped right up to download. Sure enough I tried it and it works. I felt so bad that I used the address on the form called the guy told him what I did and how I did it and that it was on the news for all to see. I then had to play tech support rep to step by step teach this guy how to change his settings so it no longer shared his My Documents folder. Just before I hung up I also told him to call one of the 3 credit agencies and flag his account for fraud. Somehow even after all that I still have bad karma on here.
This is the old cart and horse problem their going after and should serve as some heavy food for thought for any of those that don't understand the importance of privacy and fall back onto the "if you don't have anything to hide" tripe.
If P2P is illegal, only criminals will use P2P. The line between criminal and law abiding citizen is only a congress away.
I think a little Thoreaux quote is rather apropos:
The solution is simple - Afraid of security breaches ? Do not install closed source products - Compile everything yourself, check the code.... If you are a government office - have an IT policy, if an employee installs (and there are ways to prevent that also) a P2P on an office computer without authorization from the IT department his or her employment is terminated and a possible lawsuit for misconduct in the workspace can be launched...
Regulation smegulation - I say fuget about it - No need to worry, simply control what is on peoples work computers - Case closed.
What people put on their personal computers is their own business...
Only the cents come in tubes(of fifty). Dollar(bill)s come in stacks(of 100, IIRC).
Crap. What did the new CSS do with the "Post anonymously" option??
The RIAA and MPAA will both jump in, and try to manipulate this bill to contain a few of their own bans.
But I do agree with the ones posting here that the US Gov needs to tighten down, and implement better computer security rules for their employees to follow. They also need to go after those that break the new rules. Turning a blind eye, and assuming it's secure is not good enough anymore. After all they want everyone else to be secure, but at the same time they don't want to set a good example. This is just wrong.
I was wondering when they would swtich to ' we are losing money ...wahhh...' to ' only terrorists use P2p '.
---- Booth was a patriot ----
So we need laws to protect the idiots from sharing there private data? Man, what are we coming to?
I have an idea, how about we get rid of the credit reporting system. Each person is given credit based on there references and the history they provide. This way we remove the incentive for identity theft.
Seriously, where does this road lead?
(Bah... if only I could embed a .wav file into my /. post at least attach one...)
If the g'vt kept the data on you that google does you'd better believe you'd be calling it "doing evil"
The article says that they are concerned by government info going onto P2P but the info they are shown in real time is private fiancial records! So "we worried secrets could get out" but "we looked and could not find any" so "how about these unrelated items instead". Eh?
how are they going to regulate open source, serverless P2P systems?
thegodmovie.com - watch it
when you are using bittorrent though, you aren't setting a shared directory- you have to upload the torrent that you want to share- how is this any more non-secure than accidentally uploading your my documents to an ftp or a web host?
My bad. I used torrents as just an example of P-P. The article was more specific mentioning Limewire.
Clip from the artice....
"Gregory Thomas Kopiloff primarily used Limewire's file-sharing program to troll other people's computers for financial information, which he used to open credit cards for an online shopping spree, federal prosecutors said today."
I've never used Limewire, so I am not aware of how to configure it, but it seems a lot of people manage to share a lot of unintended stuff on P-P networks.
Even some stuff is left out on servers without needing P-P software.
The truth shall set you free!
yeah- limewire, like kazaa, imesh, soulseek etc. when you set up your downloads folder it is by default a shared folder- so if you say, make your c:\ your shared folder everything in that folder is available to browse and download- back in the day I actually used to troll it for fun to see what people actually had shared- you would get vacation photos, passwords, phone #s- all kinds of stuff that you shouldn't be able to get- the ability to share your "my documents" and "windows" and such was something that never should have been allowed to happen with the software providers, but it did.
this was one of the big things that changed when bittorrent took hold- it was file specific and it has to sit in your queue in your client to be shared.
Blanket bans are difficult to enforce. Such early warning will instead shrink the window of opportunity for the adversaries.
Could be even sold as a commercial service.
"P2P installs could adversely affect national security when they made confidential government information available." -- Oh wait, that was someone leaving a laptop around.. Speaking of which if the people running government IT shops did their job users would (a) not be able to install P2P software and (b) not be able to send traffic over the commonly used P2P ports..
As mentioned in the discussion of TFA on ars, it appears that Chairman Waxman http://oversight.house.gov/story.asp?ID=1553 is one of the ppl behind the push. If you want to give him a piece of your mind, you can contact him here: http://www.house.gov/waxman/contact.htm
- He who laughs last probably didn't get it...
I think this has more to do with darknets than most normal P2P file sharing clients. Of course what they want is a undefeatable backdoor. Of course this is impossible to guarantee unless the technology's supporting such networks are banned. This is a battle where the FOSS community will have to take a stand on the side of freedom or loose much of our moral authority. It will be a tough fight since the confluence of serious threat, real malicious intent with the ignorant scared masses and their appointed idiots makes for a frackin' mess. In most of the western world today complainants about one or more issues of terrorism, illegal content, or copyright have some legitimate right to be critical of darknets. At least from my limited excursions the accusations of misuse seem to have some valid claim. There does not seem to be much real use of the darknets for what I would consider important liberty related stuff as of yet. However in the near future this may not be so, besides at such a time such information would be a threat to those in power so it would be declared illegal anyway. Still I find value in a few quotes that relate here: "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety" Benjamin Franklin "It does not require a majority to prevail, but rather an irate, tireless minority keen to set brush fires in people's minds." Samuel Adams "It behooves every man who values liberty of conscience for himself, to resist invasions of it in the case of others or their case may, by change of circumstances, become his own." Thomas Jefferson "When the people fear their Government, there is tyranny. When the Government fears it's people, there is liberty." Thomas Paine "There will never be a really free and enlightened State until the State comes to recognize the individual as a higher and independent power, from which all its own power and authority are derived, and treats him accordingly." Henry David Thoreau "An appeaser is one who feeds a crocodile, hoping it will eat him last." Winston Churchill "Prohibition will work great injury to the cause of temperance. It is a species of intemperance within itself, for it goes beyond the bounds of reason in that it attempts to control a man's appetite by legislation, and makes a crime out of things that are not crimes. A Prohibition law strikes a blow at the very principles upon which our government was founded." Abraham Lincoln "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." Benjamin Franklin "We must indeed all hang together, or, most assuredly, we shall all hang separately." Benjamin Franklin When the fight comes home where will you stand? Wabi-Sabi Matthew