Kazaa trial highlights P2P dangers

Kazaa trial highlights P2P dangers

Summary: The ongoing civil trial involving P2P file sharing network Kazaa highlights the risks corporates face by not locking down employees' desktop applications, say security experts.Kazaa's parent company Sharman Networks is currently involved in the largest copyright infringement case in Australian history and record industry heavyweights hope it will stop illegal P2P file sharing activity and provide some compensation for past copyright infringements.

SHARE:
TOPICS: Legal, Malware, Piracy
0
The ongoing civil trial involving P2P file sharing network Kazaa highlights the risks corporates face by not locking down employees' desktop applications, say security experts.

Kazaa's parent company Sharman Networks is currently involved in the largest copyright infringement case in Australian history and record industry heavyweights hope it will stop illegal P2P file sharing activity and provide some compensation for past copyright infringements.

However, security experts say that the trial has also highlighted the fact that by allowing -- or not actively stopping -- P2P use, companies are opening their internal networks to spyware, adware, viruses and Trojans.

Graham Connolly, territory manager Australia and New Zealand at Internet security firm Websense, said that in a recent survey the company found that almost a third of Australian organisations do not have an Internet access policy and only a quarter have software protection against P2P file sharing applications.

"P2P applications open a door for viruses and other malicious content outside of copyrighted material. Many viruses now use P2P to propagate, such as MyDoom did, by copying itself to Kazaa folders and naming itself Winamp3 (for playing music)," said Connolly.

Connolly estimates that at any given moment, roughly 5 million users are swapping more than 900 million files via P2P networks.

"Given these stats it would be naïve to think this activity is restricted to the home. Many organisations have unlimited Internet access, fat pipes and large amounts of hardware. This is the perfect recipe for bored employees to access P2P networks and download movies, music, games, software, or porn," said Connolly.

Vincent Gullotto, vice president of McAfee's antivirus emergency response team, said that 2004 has seen a massive increase in adware found on corporate systems and companies have been slow to react to the potential dangers.

"There is a lot of spyware and adware out there today but it is the adware that is the problem. Some people don't care about adware but today's spyware does what tomorrows adware will do -- and take personal information. Adware is not just looking at where [people] surf so it can throw a custom advert at them. It can also download a bot that makes your machine vulnerable or turns it into a zombie," he said.

But it is not only the shared files that create a risk. Professor Leon Sterling, chair of Software Innovation and Engineering for the Department of Computer Science and Software Engineering in the University of Melbourne, who was giving evidence at the Kazaa trial in Sydney on Tuesday, said that the P2P applications themselves could be spying on their users.

Sterling said that although he was unable to identify whether statistics about user activity was being collected by the developers of Kazaa, he thought the application "could have been designed in order to do this".

"Kazaa Media Desktop (KMD) could easily collect statistics that could be gathered at supernodes if it does not do so already," said Sterling.

Kristyn Maslog-Levis contributed to this report

Topics: Legal, Malware, Piracy

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion