Privacy and security are at stake if you use P2P networks or IM apps that support P2P file sharing.
Most articles about the risks of peer-to-peer networks focus on piracy and copyright issues. Few have taken the time to explore other risks the technology poses and solutions to those risks. In addition to traditional P2P technologies, such as Kazaa, eDonkey, and Morpheus, many of the new instant messaging technologies have P2P features and allow the sharing of files, even very large media files, such as videos. While both P2P and, more obviously, IM applications with P2P features have many benefits, like most other Internet-related services and applications, there are risks. Luckily, there are solutions for most of these risks if you know what to look for.
Since it was first launched a few years ago, P2P has been demonized for facilitating music, movie, and software piracy (see the sidebar "Movies Are Different"). But putting the piracy issues aside for the purposes of this article, what are the risks associated with using P2P networks or IM P2P apps?
These risks include:
Infecting your computer with malicious codes, such as viruses, worms, Trojan horses, spyware, and unwanted adware;
Illegal, harmful, and child-inappropriate content;
Making your computer more vulnerable to hacking and other intrusions;
Allowing others to make your computer into a drone capable of attacking other Web sites and servers;
Corrupted files or misrepresented content; and
Sharing private files, unintentionally, with others.
There are ways to avoid these risks, if you're forewarned and use the right software and security precautions.
Malicious Code According to leading computer security experts, viruses are prevalent in P2P networks and are expected to become even more so. One study concluded that 45% of the files found by popular keyword searches were infected with viruses.
Trojan horses and other hacking programs, spyware, and adware are a growing problem as well. Many of the P2P applications include spyware and adware applications. And most inform the user that they contain such applications in their terms of service, license, or privacy policies. But few people ever read those disclosures before clicking "I accept" and have no idea they've consented to the installation of spyware and adware programs. Some files, disguised as MP3 files or other downloadables, are really Trojan-horse applications which give their users access to your computer remotely.
While laws are pending in various states and federally, the best way to protect yourself against unwanted spyware and adware applications, as well as hostile code such as Trojan horses, is by using a good antivirus program updated automatically. The addition of a firewall (either software firewalls or hardware/router firewalls) can give you the protection you need against intrusions. Make sure that your software applications work on IM and P2P programs.
Some of the more popular P2P programs offer premium services for a fee. These premium services are warranted to be ad, virus, and malicious-code free, and often promise not to include any executables, such as adware or spyware applications. Many people (especially parents) confuse the fee for the ad-free, spyware-free, and virus-free service for a license fee for music or movies available on the P2P network. They believe (wrongly) that they have now paid for the right to download music and other media. This is one issue that might require action by the Federal Trade Commission or state consumer protection agencies to clarify. I recommend that the P2P premium services make it clear what the fee is and is not for, to avoid consumer confusion. Some of the more nefarious companies and Web sites intentionally mislead consumers into believing that they're paying for the right to download music and other media when they pay a fee for the P2P software application the more responsible networks provide without charge.
Illegal, Harmful And Child-Inappropriate Content Child pornography is, unfortunately, a serious problem in P2P networks. It's an easy way to transmit larger media files, which often include videos and still images of children being molested. And help groups, such as WiredSafety.org and others, are unable to search for child pornography since to view a file in a P2P setting you must download it to your own computer. Downloading child pornography, saving it in any format, copying it, or otherwise transmitting it, are all serious crimes in the United States.
The P2P networks are now active in trying to stem the distribution of child pornography and child exploitation files. They have, in recent years, worked very closely with law-enforcement agencies and have willingly cooperated in investigations to stop and prosecute child pornographers. They're now important partners in the worldwide fight against child exploitation.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.