A rather Phony Attack on Peer-to-Peer File-Sharing ApplicationsJuly 30, 2009
This would have been a funny story, destined for the “weird” section of the hallway bulletin board. Unfortunately, someone is taking this so seriously that we’ve now had a Congressional hearing that lambasted the publisher of LimeWire software for security flaws that the software doesn’t have!
But now, a public-service announcement: top-secret files don’t belong on computers that have unrestricted access to the Internet. In fact, there are a whole set of rules to keep classified material from mixing with “normal” computers. If some classified file has wound up on the Peer-to-peer file-sharing networks, then something has gone terribly wrong many steps before that happened!
So, here’s the breakdown:
Limewire is file-sharing software. It’s feature-rich, stable, and mature. It’s also not very popular — a distant third in the popularity polls behind #1 BitTorrent and #2 Emule.
Limewire, like most other file-serving software, used to let the user choose a directory for sharing. Anything in that directory was shared. Many users pointed it to their Music folder. Some users screwed this up and pointed it to the root of C:, which shared everything. This wasn’t exactly a Limewire bug, but a user-misconfiguration issue.