Recent Articles

Two Fresh Apple Security Hacks
Two new chunks of malware are making the rounds this week that allow an attacker to download code of choice on your apple computer. What is interesting is that with the increase in sales, and market penetration of...

Azureus : The Latest Search Engine Hack
This interesting Google hack returns 134 entries in Google, and 63 in Microsoft's search engine, Yahoo returns 216 results. This quick Google hack allows...

Sinowal Is A Serious Security Threat
RSA Security Blog has a fascinating digest of the Sinowal Trojan, and the idea that is has been in operation since 2006, compromising nearly 300,000 on line banking accounts. There is always a fascination to...

Belgium Outlaws Hacker Tools, Leaves Security...
When good laws go bad, Belgium opens the door to some seriously fun Google Hacking, by outlawing tools, but not addressing poor security measures in the first place. Google hacking is a great way of testing...


12.08.08

Security Engineers Have Good Reasons Using P2P Software

By Dan Morrill

Let us face it, I use P2P, and in many ways that people do not expect, I use it for Joost, I use it to down load software like open office, and Linux distro's, I also use it to download hacker tools to test and research.

P2P, Bittorrent in particular have legitimate uses, and I use Bittorrent for a great many things on the internet. I also use Bittorrent when a client has asked me to do Intellectual Property operations, find out what is out there, where it is, who has it, and how popular is it. Companies like Big Campaign and others use Bittorrent data to work out how popular titles, tracks, and movies are. Blizzard uses P2P like protocols to distribute game updates; there are a lot of very good uses for P2P protocols, and the systems that ride on top of them. Many of them are legitimate, and the open source community and the public domain community's use P2P to distribute massive files worldwide.

That does not mean that illegally downloading a movie is always a smart move. It is far too easy to track and trace what is happening on Bittorrent. But we do need to ask what is being downloaded when our friends and family start saying that they are downloading movies off the internet. This video should be shown more often.

The Fundamental Server: Everything You
Need Inside and Outside the Box - Learn More

What is interesting is the ethical dilemma that security engineers find themselves in when it comes to P2P. Security engineers are held to a high standard in how we deal with ethics, the ISC2 security engineer code of ethics sets some of those ethical baselines when we use them, but then not every security engineer is a CISSP. When people we know and care for are engaging in activities like downloading a movie, we find ourselves holding them to our Security Engineer standards, and putting themselves at risk of huge fines. We should say something, but what to say is often a complex if not confusing jumble of thoughts in our heads.

The issue of downloading material is not cut and dried, the whole world of intellectual property is complex made even more complex by the internet. I'm not going to say there is a moral, ethical, and legal absolute on this question. However, making rationalizations is the wrong way to come to a solution. Source: Voltage Security

We rationalize many of the things we do, and as Steve Burnett found out, it is very hard to listen to your friends when they are admitting that they downloaded a movie. What is not apparent though in the article is was it a public domain movie; a Creative Commons released movie, a fan flick, or something else. We immediately jump to the conclusion that it was a first run movie, one that is protected by copyright. Bittorrent and P2P have been so stigmatized at this point, that we automatically jump to the conclusion that someone is doing something illegal with it, when there are a lot of legitimate uses for the protocol and the software that we use to access it.

Continue reading this article.


About the Author:
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.
About NetworkNewz
NetworkNewz editors, writers and contributors focus on both the big picture and the details of networking. At NetworkNewz our goal is to deliver to you The Key To Network Management.





NetworkNewz is brought to you by:

SecurityConfig.com NetworkingFiles.com
ITmanagementNews.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
LinuxProNews.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com





-- NetworkNewzis an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2008 iEntry, Inc. All Rights Reserved Privacy Policy Legal

archives | advertising info | news headlines | newsletters | comments/feedback | submit article


The Keys To Network Management Ask Questions in the Networking Forum NetworkNewz News Archives About Us Feedback NetworkNewz Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact