Privacy and security are at stake if you use P2P networks or IM apps that support P2P file sharing.
Most articles about the risks of peer-to-peer networks focus on piracy and copyright issues. Few have taken the time to explore other risks the technology poses and solutions to those risks. In addition to traditional P2P technologies, such as Kazaa, eDonkey, and Morpheus, many of the new instant messaging technologies have P2P features and allow the sharing of files, even very large media files, such as videos. While both P2P and, more obviously, IM applications with P2P features have many benefits, like most other Internet-related services and applications, there are risks. Luckily, there are solutions for most of these risks if you know what to look for.
Since it was first launched a few years ago, P2P has been demonized for facilitating music, movie, and software piracy (see the sidebar "Movies Are Different"). But putting the piracy issues aside for the purposes of this article, what are the risks associated with using P2P networks or IM P2P apps?
These risks include:
Infecting your computer with malicious codes, such as viruses, worms, Trojan horses, spyware, and unwanted adware;
Illegal, harmful, and child-inappropriate content;
Making your computer more vulnerable to hacking and other intrusions;
Allowing others to make your computer into a drone capable of attacking other Web sites and servers;
Corrupted files or misrepresented content; and
Sharing private files, unintentionally, with others.
There are ways to avoid these risks, if you're forewarned and use the right software and security precautions.
Malicious Code According to leading computer security experts, viruses are prevalent in P2P networks and are expected to become even more so. One study concluded that 45% of the files found by popular keyword searches were infected with viruses.
Trojan horses and other hacking programs, spyware, and adware are a growing problem as well. Many of the P2P applications include spyware and adware applications. And most inform the user that they contain such applications in their terms of service, license, or privacy policies. But few people ever read those disclosures before clicking "I accept" and have no idea they've consented to the installation of spyware and adware programs. Some files, disguised as MP3 files or other downloadables, are really Trojan-horse applications which give their users access to your computer remotely.
While laws are pending in various states and federally, the best way to protect yourself against unwanted spyware and adware applications, as well as hostile code such as Trojan horses, is by using a good antivirus program updated automatically. The addition of a firewall (either software firewalls or hardware/router firewalls) can give you the protection you need against intrusions. Make sure that your software applications work on IM and P2P programs.
Some of the more popular P2P programs offer premium services for a fee. These premium services are warranted to be ad, virus, and malicious-code free, and often promise not to include any executables, such as adware or spyware applications. Many people (especially parents) confuse the fee for the ad-free, spyware-free, and virus-free service for a license fee for music or movies available on the P2P network. They believe (wrongly) that they have now paid for the right to download music and other media. This is one issue that might require action by the Federal Trade Commission or state consumer protection agencies to clarify. I recommend that the P2P premium services make it clear what the fee is and is not for, to avoid consumer confusion. Some of the more nefarious companies and Web sites intentionally mislead consumers into believing that they're paying for the right to download music and other media when they pay a fee for the P2P software application the more responsible networks provide without charge.
Illegal, Harmful And Child-Inappropriate Content Child pornography is, unfortunately, a serious problem in P2P networks. It's an easy way to transmit larger media files, which often include videos and still images of children being molested. And help groups, such as WiredSafety.org and others, are unable to search for child pornography since to view a file in a P2P setting you must download it to your own computer. Downloading child pornography, saving it in any format, copying it, or otherwise transmitting it, are all serious crimes in the United States.
The P2P networks are now active in trying to stem the distribution of child pornography and child exploitation files. They have, in recent years, worked very closely with law-enforcement agencies and have willingly cooperated in investigations to stop and prosecute child pornographers. They're now important partners in the worldwide fight against child exploitation.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.