Saying he wants the U.S. military and other official agencies to know just how serious the risk is, a Netizen has opened a Weblog, See What You Share, on which he posts materials from American soldiers and military bases which he claims have been downloaded from peer-to-peer networks.
The materials vary from images of a crashed military jet to a spreadsheet file that seems to show personal information of members of the Marine Corps, from papers pertaining to a police investigation to documents from a Fort Eustis, Virginia transportation unit. And the blogger, known online as "Glen," told AVNOnline.com that many P2Pers could be sharing the information without even knowing it.
"Many people who use P2P software do not understand it, and as a result, they end up sharing everything," he said in a response to an AVNOnline.com query July 28. "This is critical especially for individuals who do office work on their personal computers (since you are not supposed to install software on your work computer). Also, it is critical as military members take their personal computers into a theater of operations and then return from those areas without removing sensitive information from their hard drives."
Glen insisted, however, that the last thing on his mind is taking down P2P but, rather, getting P2P users to understand implications both for certain national security issues and even for their own online privacy.
"My intent with this site is not to have P2P stopped," he said. "It will never happen. However, I would like users of P2P applications to intentionally select what files they want to share, and end the scanning of hard drives for shareable files. The 'click yes' installation for some P2P applications results in sharing everything with certain extensions (.doc, .ppt, .pps, .xls, .rtf, .rtf, .mp3, .mpg, etc.) even if they are not in any shared folder, which ultimately results in a complete loss of privacy for many P2P users."
He said software engineers should rethink the way their software might mislead users. "Do you read the fine print from top to bottom on every piece of software you install on your computer?" he said. "The default installation should be, in my opinion, share nothing, and once you are confident in what you are doing, the end user would then be able to select files for sharing, of course knowing the consequences for the files they select. I do not believe the massive leaks from the military standpoint would exist had the end user known what the P2P application was doing in the background."
The only problem so far otherwise is verifying the authenticity of the imagery Glen claims have come from such sensitive sources to a P2P swap. In the broader view, however, unmonitored file sharing has been problematic ever since Gnutella was born, letting people share the whole content of their hard drives instead of just MP3 files as Napster – the granddaddy of P2P, since reborn as a pay-to-play online music store – had been, according to CNET.
Gnutella did not return a query for comment on See What You Share before this story went to press, but CNET said network observers noted, shortly after Gnutella was born, that some users looked like they were sharing far more than they thought, from personal information to Web cookies which occasionally included passwords for credit and e-commerce accounts.
