Who Is Downloading the Torrented Facebook Files?

eldavojohn writes "Gizmodo's got an interesting scoop on a list of IPs acquired from Peer Block revealing who is downloading the Facebook user data torrented this week: Apple, the Church of Scientology, Disney, Intel, IBM and several major government contractors just to name a few. The article notes that this doesn't mean it's sanctioned by these companies or even known to be happening, but the IP addresses of requests coming to one of the users' machines match to lists of IP blocks for each company."

needs control group

[FuckingNickName]

On an average popular torrent, are these companies also listed?

Re:needs control group

I bet they are.

At the company I worked for the IT department had a machine which was always on and whose only purpose was to download files like that over BitTorrent. Of course only a few people inside IT knew about this machine.

The company had about 10'000 employees. I guess a company like Intel (which has around 80'000 employees) downloading some random file over BitTorrent is absolutely nothing special.

Re:needs control group

[linzeal]

Try it at Intel, you will be walked out of the door in 30 minutes. What kind of IT department would expose the company to liabilities like that ?

Re:needs control group

[PinkyGigglebrain]

Which highlights the point that whoever is downloading the torrent at Intel must be doing so with authorization.

As to your question of "what kind of IT department ..." I can answer that one. Last place I worked as IT manager, but not by my choice, I wanted to lock the firewall down and block everything but web, email and a VPN port. I was overridden by the Boss, seems one of the guy in the machine shop (who also did the IT support before me, Goddess! what a mess!) had been downloading torrents of MS Office, Solidworks, MasterCam, Win XP and just about every software app they had in the office. Every time I tried to bring up the issue and try to get auth to start getting licenses I was told it would be too expensive. This was during the same time that the boss/owner took $400,000 out of the company accounts to buy a new house, he was also laying people off because their wasn't enough work for them.

When the employee count got down to 25 I was laid off too on the premise that they didn't think they needed a full time IT department, the guy from the machine shop was going to babysit the network again. Thing that pisses me off if as long as he doesn't fuck with it will run smoothly until a hardware failure. I had set everything up to be just about idiot proof. Makes me think I did my job too well but its the only way I know how to do things.

Re:needs control group

[c0mpliant]

Just because an IT department is strict does not mean the IT guys themselves are. Many feel they are above the law.

You're right, which is why its usually a good idea to isolate your IT Security team from the IT department at large. Don't give them access to implement policy, just make it and monitor for abuses.

Re:needs control group

[PinkyGigglebrain]

The boss is not always right, but they are always the Boss.

And I did what I was told, most of the time.

I dug my heals in at times, refused to delete backups containing financial information rather than buy extra backup media, which would have been a felony under some of the laws that got passed after Enron, or refused to put the company at risk by trying to download apps on torrents, lest it attract the BSA's attention. I may be willing to follow orders but I was not going to risk jail time or the lively hood of my co-workers.

I think the biggest thing that got me was I did my job too well. When I started the network needed daily babysitting, some printer wasn't working, or a VOIP phone was buggy. Always something, so I was running around dealing with brush fires all the time, they saw that and thought "Oh, hes doing something". After I had cleaned up the network configs, updated phone firmware, etc., I spent most of my time in my office improving the automation, security and reliability of the IT operations. To an outsider it looked like I wasn't doing anything, and they didn't understand when I explained it to them. Hence I was considered unneeded.

Re:needs control group

[JWSmythe]

had set everything up to be just about idiot proof. Makes me think I did my job too well but its the only way I know how to do things.

    That's the best way to do it. It makes your job easier while you're there. As we've learned, there is no company loyalty. They expect us (the employees) to be loyal to the company, but when the time comes to save money, they aren't loyal to us.

    Don't worry, I'm sure he took your nicely configured system, and managed to mangle it in horrendous ways.

    The last real big place that I worked, I had everything running like clockwork. It looked like it was easy, because I did it so well. Within a month of them letting me go ungracefully, people started dropping me emails saying there were problems. They weren't related to the company, they just knew I ran everything. My only answer for them was "They fired me. I don't care. If they want me to fix it, I'd only go back with a huge raise and a bulletproof contract on my terms." They fixed problems. They made worse problems. Still, a few years later, I get the occasional email "their site is down.", which always gets the same response, "I don't care." :) The day they stopped paying me was the day I stopped caring. I do miss that job though. There's a certain feeling of accomplishment to have a well tuned machine running like clockwork.

    The thing in both of our cases is, we know they cut us loose because someone else said they could do it for a fraction of our price. And for that, we know they got someone with a fraction of our ability.

Not Really News

[CheshireCatCO]

Looking over the long list of companies, you see what amounts to a list of large employers. Since we can't know if the downloading was an individual or a company decision, this tells us exactly nothing. There's no story here because there's no useful information.

Heck, if I were a company that wanted that torrent, I'd get someone to download it at home and walk it in to our office. Companies aren't always that foresighted, of course, but they're also not generally stupid if they're successful.

(It's like noting that an IP from the NSA checks Slashdot. It could be Slashdot being monitored or, more likely, it could be a random employee just posting.)

Re:Not Really News

[bsDaemon]

Or, it could be a random NSA employee posting to provide a cover of plausible deniability to the monitoring! But seriously, the only thing the torrent does is make the information more easily obtained at one go. You can still click through the whole database and get all the information at http://facebook.com/directory. I really don't see where any actual news is involved in this story, even from the beginning.

Re:Prone to prosecution?

[Darkness404]

See the thing is the profiles were all public someone just made a web crawler to create it then put it up as a torrent download. No privacy was violated that wouldn't be with a normal search.

Re:Prone to prosecution?

[brasselv]

The profiles are NOT private, nor there is anything "hacked" here.

This archive contains only the information that users made publicly available (consciously or not) - this stuff was just crawled from the web and put together in one large file.

There is no news here... if I were Apple or Cisco, I would crawl this public info myself, rather than relying on some dude that posted it on a torrent...

Re:hmm...Church of Scientology

[WrongSizeGlass]

I wonder what they want with Facebook info? I hope it isn't to harass people.

I'm sure they have a more palatable word for it. Perhaps "save", "convert", "assist", etc.

Tormented

[kamukwam]

What is a tormented Facebook file??

Re:I would not be too surprised

[WrongSizeGlass]

I would not be terribly surprised if the organizations that were listed had instructed their employees to download this torrent.

If a company sanctioned it (and that is purely an assumption) they could be looking for info on their own employees.

Re:Prone to prosecution?

Actually, the profiles were all private, and then facebook changed the default privacy settings to make them public and 100 million chumps didn't know/care enough about their privacy to change things.

Re:Program limitations

[crow_t_robot]

Do you really manage a database that large in Excel? Does your computer shit parts of its motherboard out of its optical disk drive every time you open the file?

Re:hmm...Church of Scientology

[Runaway1956]

You can be assured that if they find their own MEMBERS acting out in unapproved ways, those members will be disciplined. The rest of the data? Maybe they'll sift through it, looking for potential rich converts. They can't rest on their laurels, after all. They need to continue bilking wealthy people out of their money!

Re:hmm...Church of Scientology

The Scientology word for it is "Audit."

Re:hmmm

[pandrijeczko]

No, they are completely different - one is a bunch of rich religious zealots trying to force their opinions on everyone else, the other was founded by L. Ron Hubbard.