# The Dangers of P2P Sharing...



## LarryFlowers (Sep 22, 2006)

Anyone who has been around here for a while and has read any of my tech posts knows that my opinion of P2P and Bit Torrent sites is pretty bad. For whatever good they may provide they are a hotbed of criminal activity.

Nothing may hammer that home as what has now happened...

Mac computers are now forming botnets and creating DDOS attacks. Symantec started detecting the problem about 6 weeks ago and it has been traced back to bootleg copies of iWork 09 which were infected with a trojan called iWorkServices. The software was shared over P2P networks. Looks like someone has finally decided it was worthwhile to go after the Mac World.

But the issue isn't the Mac's... it was inevitable that sooner or later someone would set out to prove that the Mac was no more secure than the PC... file sharing is the issue. It's a bad idea and getting worse by the day.


----------



## turey22 (Jul 30, 2007)

Do you have an article? I would like to read it.


----------



## turey22 (Jul 30, 2007)

http://blogs.zdnet.com/security/?p=3157
SOrry I found it.


----------



## Carbon (Sep 22, 2006)

That sir is why you use USENET


----------



## roadrunner1782 (Sep 28, 2008)

I agree P2P is dangerous. That's why I now use i tunes instead of limewire for my music.


----------



## Grentz (Jan 10, 2007)

File Sharing is a tool, what is put on it is what can be bad. Torrenting does have many good uses, it is awesome for distributing large files and limiting the need for large servers to host and provide the bandwidth. But it obviously also has become a haven for illegal files because those pros also translate into pros for illegal sharing.

Its like saying HTML or PHP is bad since some people make very malicious code with it. In fact they are almost worse as they can be the delivery mechanism and the malicious piece all in one vs. file sharing that just shares code of any type.

All that being said, you could get the exact same download with the exact same malicious issues from usenet, a friends DVD, or even just a regular website download.



Carbon said:


> That sir is why you use USENET


What makes it any safer? It was not the delivery mechanism at fault, it was the file itself. You could have gotten the same file over usenet.


----------



## Marlin Guy (Apr 8, 2009)

To add to and reinforce what Grentz said above, bit torrent technology is a distribution and delivery method.
Blaming bit torrent for what it delivers is just as narrow-minded as blaming TCPIP or your ISP for the delivered content, or blaming DirecTV for the Jerry Springer Show. :nono2:

By the same standards, one could also blame Microsoft and Apple for making personal computing opertating systems, for without them there would be no hosts for evil torrents.

Looking back through some old posts on these forums, I even ran across one of the top dogs here using bit torrent as a delivery method for a special video he created and shared with others here.

A zip file can contain a virus, but Win-Zip isn't to blame.
God knows there's been more than one malware package delivered via Active-X, but is Microsoft to blame for the content? of course not.

I don't want to get personal, but this is a REALLY, REALLY uninformed and ill-conceived notion.

Not all music, movies, and software are DRM protected.
The more open-minded and forward thinking communities already know this and they use bit torrent as a distribution method quite effectively.

Yes, there are viruses out there in bit torrents, so as with the rest of the Internet, E-mail, and other data-sharing technologies, it's best to exercise some common sense and wear protection.


----------



## Brandon428 (Mar 21, 2007)

Carbon said:


> That sir is why you use USENET


I would love to try USENET but I am completely clueless on how it works and how to use it.


----------



## BattleZone (Nov 13, 2007)

As the other folks have said, the problem isn't the various tools, it is the CRIMINAL USE of the tools that's the problem.

Criminals can coordinate using the phone system (or the cell phone system today), but that doesn't make phones bad or inherently evil/criminal. Criminals can use weapons, but that doesn't make weapons evil. Criminals can use poisons or acids, or hurt/kill people with vehicles, but it doesn't make those objects criminal.

Don't fall into the trap of blaming a tool or technology for a crime. Crime is always committed by a criminal, a human being. Blame the spammer, the (criminal) hacker, the script kiddie; they're the problem.


----------



## Marlin Guy (Apr 8, 2009)

Brandon428 said:


> I would love to try USENET but I am completely clueless on how it works and how to use it.


No offense, but that's exactly what I love about it!


----------



## Rob-NovA (Jan 10, 2008)

Marlin Guy said:


> God knows there's been more than one malware package delivered via Active-X, but is Microsoft to blame for the content? of course not.


No, but they are to blame for shoddy coding that allowed Active-X to be used as the vector for said malware. And, to be fair, that's not a knock on Microsoft alone. There are plenty of vendors out there who don't do the basics when it comes to including security in the software development lifecycle.

I would amend LarryFlowers' original statement to say that unfettered access to file sharing networks is a bad idea.


----------



## turey22 (Jul 30, 2007)

File sharing is bad but why put Trojans or viruses. I don’t get people that do it. Is it for the fun? Hell of it? Or what? I don’t see anything funny in messing with some ones computer or stealing their identity. 

But it’s a good way to get your stuff for free. If you do file share there is a price to pay, a Trojan or virus.


----------



## Tom Robertson (Nov 15, 2005)

turey22 said:


> File sharing is bad but why put Trojans or viruses. I don't get people that do it. Is it for the fun? Hell of it? Or what? I don't see anything funny in messing with some ones computer or stealing their identity.


File sharing as a concept is not "bad". Unfortunately one could argue there should be more safeguards in the implementations. Some modicum of anti-virus protection, perhaps better hacking protections against vectors via the services themselves, and much better limiting of what files are accidentally shared.


turey22;2073980
But it's a good way to get your stuff for free. If you do file share there is a price to pay said:


> Alas, "get[ting] stuff for free" as an implication of getting things that normally aren't free without paying for them is flat out wrong. And is the big issue P2P members create. So much of the shared stuff is not legally shared. Very bad form.
> 
> And once you get past the illegally shared content, most people don't really have a need for file sharing of legally shared stuff. I used to share a big file once every other yea ror so, tho I can see more of that happening as we start making more digital content instead of film based content.
> 
> ...


----------



## Hansen (Jan 1, 2006)

turey22 said:


> File sharing is bad but why put Trojans or viruses. I don't get people that do it. Is it for the fun? Hell of it? Or what? I don't see anything funny in messing with some ones computer or stealing their identity.
> 
> But it's a good way to get your stuff for free. If you do file share there is a price to pay, a Trojan or virus.


As to the question of why and who, it's my understanding that the largest perpetrator of malware is modern day organized crime. Of course, there is always the ding bat individual seeing what mischief can be done but the real player is the organized criminals.


----------



## Rob-NovA (Jan 10, 2008)

Hansen said:


> As to the question of why and who, it's my understanding that the largest perpetrator of malware is modern day organized crime. Of course, there is always the ding bat individual seeing what mischief can be done but the real player is the organized criminals.


+1

In my line of work, we are seeing that this is very much being orchestrated by organized players, for both financial gain as well as cyberwarfare (some may want to call it hacktivism, but I think it's more sinister than that, IMHO). Eastern European (primarily Russian) and Chinese groups are the main perpetrators, but there's a lot of activity in South America, mostly in Brazil. The "script kiddies" are few and far between. The target is information, be it financial account info, credentials or simple corporate espionage. The bad guys are using advanced forms of social engineering to deliver the malware.

So, to reiterate, file sharing, per se, is not bad, but the content usually is. Again, unfettered access to file sharing networks is bad. All IMHO, of course.


----------



## RobertE (Jun 10, 2006)

Mac: "Hi I'm a Mac"

PC: "And I'm a PC"

Mac: "Hey, PC did I show you my cool new photo program... UGHHHH OH GOD!! I FEEL LIKE MY INSIDES ARE ABOUT TO EXPLODE!!!"

PC: "Mac? Are you feeling okay??"

Mac: (says nothing and collapses)

PC: (Pulls out Mac's emergency card from his wallet. In case of fire... call 911... in case of malfunctioning graphics... call 911... in case of antivius... *reads* Ha ha ha I don't get antivirus)

PC: "Well I guess I'm not sure what do..." :whatdidid *walks off*

Mac: *dies*


----------



## turey22 (Jul 30, 2007)

RobertE said:


> Mac: "Hi I'm a Mac"
> 
> PC: "And I'm a PC"
> 
> ...


HA thats funny...maybe its windows new commerical. lol


----------



## sideswipe (Dec 4, 2008)

turey22 said:


> HA thats funny...maybe its windows new commerical. lol


what I was thinking, already seeing it in my head, now just need the HD feed on the web....


----------



## Brandon428 (Mar 21, 2007)

Marlin Guy said:


> No offense, but that's exactly what I love about it!


I never felt like learning. lol I hear though it's much better. I guess I'll have to look into it.


----------



## Mark Holtz (Mar 23, 2002)

LarryFlowers said:


> Mac computers are now forming botnets and creating DDOS attacks. Symantec started detecting the problem about 6 weeks ago and it has been traced back to bootleg copies of iWork 09 which were infected with a trojan called iWorkServices. The software was shared over P2P networks. Looks like someone has finally decided it was worthwhile to go after the Mac World.
> 
> But the issue isn't the Mac's... it was inevitable that sooner or later someone would set out to prove that the Mac was no more secure than the PC... file sharing is the issue. It's a bad idea and getting worse by the day.


Larry, I cannot believe that you would put out something this bad for a computer guru.

Anytime you have a computer hooked up to the outside world, you have the potential for viruses. It was like that when people passed around files using a diskette, it was like that in the BBS times when you downloaded the file via ZModem, it was like that when the file was available through anonymous FTP, it was like that when you download the file via http, and it is like that when you download the file via a file sharing application.

So, we have folks who pirate an application like iWork and, surprise, surprise, IT HAS A VIRUS ON IT. What's the solution? Obtain the file legitimately. It isn't the P2P technology that is the people, it's the origination of the file.

The reason why I mention this is because there are large files that circulate primarily through P2P because of the huge size. Off the top of my head, there's OpenOffice and the Linux distros. Only Microsoft would consider those two apps "viruses" because they compete with their own products.


----------



## xmguy (Mar 27, 2008)

RobertE said:


> Mac: "Hi I'm a Mac"
> 
> PC: "And I'm a PC"
> 
> ...


HA!! :hurah::hurah:


----------



## ncxcstud (Apr 22, 2007)

Is usenet like mIRC?? If so, I used to use that all the time


----------



## Marlin Guy (Apr 8, 2009)

Brandon428 said:


> I never felt like learning. lol I hear though it's much better. I guess I'll have to look into it.


One free tip: Learn the ways of the .nzb


----------



## Shades228 (Mar 18, 2008)

I don't see how the danger of P2P is getting a virus or something else that's malicious. That's just the danger of doing something on your computer that you don't know enough about. That trojan could have been put in freeware game and sent out. It has nothing to do with P2P.

This article was nothing more then a typical let's scare people who don't know better and make them think that a file distribution system is bad. When really it should be a people who don't know better and though macs were immune from security issues learned better after breaking the law.


----------



## Brandon428 (Mar 21, 2007)

Marlin Guy said:


> One free tip: Learn the ways of the .nzb


Thanks for the tip. Much better than torrents.


----------

