Slashdot Mirror
Lawmakers Caught Again By File-Sharing Software
An anonymous reader writes "A document, apparently a 'confidential House ethics committee report,' was recently leaked through file-sharing software to the Washington Post. According to the article, 'The committee's review of investigations became available on file-sharing networks because of a junior staff member's use of the software while working from home.' Of course, P2P software is entirely at fault for this incident. If you begin seeing more interest in DRM from Congress, you now know why."
Reader GranTuring points out that the RIAA took the opportunity to make a ridiculous statement of their own. They said, "the disclosure was evidence of a need for controls on peer-to-peer software to block the improper or illegal exchange of music."
Don't blame the person who actually leaked it, blame the damned software!
Ahh...I love politics.
"The difference between genius and stupidity is that genius has it's limits" - Albert Einstein
So long as two computers can communicate with each other, so you will have P2P.
Luckily, we have politicians who's only education is in English, law, history, politics, art. So it's easy to push any techno-babble on them because they are dangerously uneducated fools.
Take Nobody's Word For It.
The government is starting to sound like Britney Spears.
Cannot find REALITY.SYS. Universe halted.
Why should our government even have ethics documents that are confidential?
Now that the politicians know how it's happening, they'll plug this leak. Our only hope is another one opens up.
* - I think "politician" is the most derogatory name you can call someone.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
"Lawmakers?" Is the word "legislators" really so hard to use that everyone in the media makes a careful, conscious effort to avoid it? Or do they all just mindlessly parrot one another and this perchance happened to be the word that was chosen?
No it isn't. Any document of importance should be encrypted. Anyone who has access to sensitive files is responsible for securing those files. That includes making sure that the system they are accessing these files on does not share these files because of a setting in file sharing software.
Sigs are too short to say anything truly profound so read the above post instead.
The amazing thing about these "Information Security Awareness Monthly" postings is that they blame P2P and then cite the example of a user using a P2P network to download an executable that contains a trojan. I guess that executables taken from regular webservers are fine, then.
Any sort of malware can be picked up by browsing the Web if the browser or its plugins are exploitable.
And with litigious entities able to pry into any computer or data storage you own entirely on the basis of an IP address given them by people they employ or contract, I just don't feel it's an acceptable risk to allow any computer with government information to be anywhere near a device capable of using an IP address. Even if said device is a laser printer.
This is completely insane. Blaming P2P for the leak instead of having control over the documents. I know with the NMCI system, anything that is transferred to a external hard drive is encrypted. If the US Government wants to stop these types of leaks, maybe they should ask Al Gore how to stop his wonderful invention.
...the need for more ethical members of Congress?
For months now, some RIAA-influenced Congressmen have been working on a crazily overbroad P2P regulation bill, H.R. 1319: The Informed P2P User Act. It just passed out of committee last month.
I would expect Congressmen to be falling all over each other to bring this to a vote now. After all, it's they're no longer just doing it for the RIAA/MPAA "campaign contributions." Now, it's personal.
No, I'm not blaming P2P for anything, but rather I am saying this is the exact situation where DRM could be useful. A proper document management system would have prevent an information leak, even if the document itself had leaked.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
How unfortunate for the RIAA that their biggest target can't leak information like that.
There, fixed that for you.
If you seriously think that this was inadvertent, they you should probably read more Machiavelli
The RIAA would love for networks and the Internet to vanish. Sharing information electronically obviously upsets them.
Which cave did they crawl out of?
Many files have been copied and accessed due to Windows file sharing mistakenly enabled on a public LAN, should it be banned too?
The computer and the internet are potent forces for destablization, but they are also potent forces for control. We're fortunate to live in an age where we can watch people grapple over their initial implementation.
Any time you read "peer to peer software" in a RIAA statement or legal proposal, you should
substitute "open information networks", because there is no essential difference between those
concepts.
So what the RIAA is saying is:
"the disclosure was evidence of a need for controls on open information networks to block the improper or illegal exchange of music."
That allows us to frame the debate properly.
Where are we going and why are we in a handbasket?
The problem was the leak, not the subsequent distribution. DRM, applied at the source (the Legislature's offices) would have stopped the leak. Or at least provided a trail to its source. But once information is out there in the wild, its too late.
From the RIAA's point of view, stopping most of the distribution of copied content is good enough. But for leaks like this, one or two copies forwarded to the right people is sufficient to do damage. For example, the Pentagon papers didn't need widespread distribution to cause a stink.
Have gnu, will travel.
We don't need any more file sharing, or file sharing rules. We really need politician sharing! Let's start sharing politicians with the Moon, Mars, Jupiter, and especially with Uranus. Oh - wait - that last would be redundant, wouldn't it?
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
On sheer technicals alone, that bill would outlaw the internet. Viewing a webpage is a peer to peer event involving downloading files (html code, images, javascript, etc) to another computer.
Understanding the scope of the problem is the first step on the path to true panic.
a 'confidential House ethics committee report,' was recently leaked through file-sharing software to the Washington Post.
Hi Government,
I like when the government tells me, even unintentionally, about things that it is doing to investigate allegations of wrongdoing. I would like you to do more investigations and to loop us (your employers) in on the details of the process and the outcomes. Some people will misinterpret such investigations in both directions. That is not cause to shield us from the information, it is cause to shed more daylight on the process so we, your employers, can understand what you are up to each day. This is much like my boss asking me to keep him in the loop on the projects I work on, and is commonly referred to as "accountability."
In short: More disclosures, please -- accidental, intentional, and malicious alike.
Sincerely,
Your Boss
Stop-Prism.org: Opt Out of Surveillance
...now they'll stop using P2P software and we'll never find anything out.
So i guess this means that P2P software would be a lot more stealthy so things like this dont happen ;)
--- I was far from home, and the spell of the Eastern sea was upon me. -Lovecraft-
Should have called some of Bush's old IT people - not only did they avoid leaks, they were fans of destroying incriminating evidence *before* it leaked!
This has NOTHING to do with P2P. They might not even be able to show P2P software had anything to do with it. The issue is that ANYONE who is stupid enough to hook a machine dealing with confidential information to the net is a bleeding fool and this includes all my lawyers' secretaries who had their word processing machines on the net - the lawyer who sent me his complete client list, a certain accountant who dropped off at a pawn shop (for $25 bux) all her clients income tax returns along with her DLT7000 (70 GB folks & the tape was in the $3500++ drive!). She used it to backup what ultimately would fit on a couple CD's! She _could_ have simply copied each years tax return to a floppy disk for the specific client! The list also includes a company that had their accounting staff re-input months of work because they picked up a virus in their key machines.
Computers are so cheap that it makes no sense what so ever to take chances like this.
You should had read better our latest memo. Our company proposal targets exactly the source of the current information leaking problem. By using stealth technology, disguising as one of the culprit software, it infiltrate in their networks and kill those pesky PEBCAK softwares that are giving so much headaches lately. Give our company full freedom to act and that problem will be terminated.
Yours Truly
John Connor III
Cyberdyne Systems
That bill is there so that someone has to fry.
No longer can you say, "I didn't know it had installed itself and started downloading all the new movies in music, and then saved them to my 'Movies' folder." and have a reasonable doubt. Now you'll have to prove that the software in question didn't tell you that it was installing, and if it's true, the company will get nailed to the wall for it.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
That bill you linked to qualifies as "mostly harmless" - the keywords and tricky phrases you should be paying attention to are "owner or authorized user".
Note that it's all about what people who are NOT the "owner or authorized user" are allowed to inflict upon the "owner or authorized user".
Note that since you are, presumably, the "owner or authorized user" of your personal computer, nothing in this bill would have any effect whatsoever on what you can do with your own computer.
"I do not agree with what you say, but I will defend to the death your right to say it"
It wasn't the parent! Spellcheck "fixed" his proper grammar incorrectly. Damn you spellcheck!
I don't think it's a big deal. It just means that a program must tell a user, "Your files you send via this program will be visible to other people." Most P2P programs, and even web browsers, already do this so nothing's going to change.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
I don't think it's crazy to say that a piece of software that 90% of people think of as being for downloading, but that also shares your files automagically in a non-transparent way, is a bad idea. Any file-sharing should be opt-in, not automatically and quietly sharing an unspecified are of your drive.
My Photography - http://ian-x.com
The Deathlings (comic) - http://thedeathlings.com
....that P2P software would 'used' as a tool of democracy and open government?
Didn't see that coming.
deleting the extra space after periods so i can stay relevant, yeah.
This mistake kind of seems similar to accidentally clicking "Reply All" for an email message.
It figures the RIAA would use this to their advantage, even though illegal music downloads have nothing whatsoever to do with a house ethics committee report.
And you believe that???
DRM is about selling you a movie that you can watch but not sell it to you so you can read it.
ENCRYPTION is about keeping something secret.
IANAL, but I'd never before heard of a law that explicitly required software to behave in a very specific way, and display very specific warnings. That alone tips this bill into the "big deal" category for me.
Add to this the tendency of prosecutors to misuse Federal statutes in ways that clearly exceed the legislative intent, and this law seems to open the door for prosecution of any government-targeted "bad guy" who also happens to have such 'illegal' network software.
And, of course, the original reason for this bill also stinks: it's almost certainly an RIAA-bought-and-paid-for law clearly designed to eliminate the "I didn't know" defense when suing file-sharers.
Government shold censor mail to prevent exchange of book parts and base64ed music!
Which is where selective enforcement would happily come into place...unless you actually RTFB.
My issue with it is that it specifically requires apps to change. If the app doesn't change, it's illegal. I'm not sure though what I can do to block it from being passed. Any ideas?
Want to defeat the law? Easy! Just bring more cash to the table than the **AA.
Also: This law protects America against leaking National Security information. Why do you hate America?
If we're going to blame P2P software, we might as well blame the reason they were even invented - copyright and censorship.
If it wasn't for laws impeding the free flow of information, there wouldn't be a need for tools that try to keep the flow of information below the radar. Everything you could possibly want would be available as a direct HTTP or FTP download. It would probably even be mirrored by ISPs to cut bandwidth costs.
Need a motive to craft censoring legislation?
Induse some "junior staffer" to have a brain fart, placing a confidential file where it can be vampired off and forwarded as a "leak" to a rag in dire need of boosting its readership.
Has anyone thought to ask who this junior staffer was, and why they had this document at home in an insecure setting?
No, of course not.
Some days it's just not worth
chewing through my restraints.
You are a fucking idiot.
and other such things our government engages in, could ultimately be exposed on a P2P network rather easily.
I can see why lawmakers...excuse me, corporations are rather in a hurry to pass laws to make software of any kind, not approved by the government...(sorry...there I go again....I mean corporations of course....living in the past I guess...) illegal, punishable by long prison sentences, hard labour or both.
-Hack
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
Look, this kind of stuff is only possible because it all exists in an abstract world called the Internet. In real life, such a bill would be ridiculous. By banning P2P, the only way you can communicate with a friend would be through centralized mass media, which analogue online are service providers like gmail. No possibility of gossip without a Big Brother eavesdropping. I sure as hell do not entertain there being no possibility to not let a third-party through my communications. After restricting torrents, I'm certain e-mail will be the next to be DRM'd.
Why the heck isn't someone reaming out the employee/staffer who used his government computer system for personal use? A screw-up like this in the private sector would get him/her fired from many companies for violating company policy regarding the allowed use of the computer system. If that member of congress's office didn't have an acceptable use policy, I'll bet they have one by Monday. It may not be popular to write this on Slashdot but if your employer provides you with a PC for use in your work, it's not really a "personal" computer and you really shouldn't be placing anything on it more personal than, say, a favorite wallpaper.
CUR ALLOC 20195.....5804M
Odi profanum vulgus et arceo
That would be software with a name like copy, or cp. Dangerous, deadly stuff that. Computers seem to be full of software like this, be it copy, cp, memcpy, backup, sync, etc. ATROCIOUS! Surely the recorded music industry can charge a fee for every time data is duplicated. Doesn't matter if its music or not.
thanks you http://www.kapindir.com/
The solution is to put child-safety locks on weapons.
"We live in a global world" - Harvey Pitt, former Securities and Exchange Commission Chairman
>Why the heck isn't someone reaming out the employee/staffer who used his government computer system for personal use
Because, like most politicians, he was good at covering his ass, and in this case, probably said something to the effect of, I had no control over it, it just started downloading on its own, when we all KNOW that you can configure your limewire, or utorrent to only include certain folders to share. People like this give p2p a bad name, and yet linux and m$ both have been using it to improve their downloads for patches and updates. P2P is not the enemy, misguided users are.
Of course though, people use this to catapult into a debate about P2P and torrent technology, not knowing how it works, and
plan to ban the use of these apps....what non sense!!