17 December 2017
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

739Posts 2,050,818Views 62Comments

Government Tries to Thwart P2P Identity Theft

06 October 2009  |  2263 views  |  0

Computerworld reports the House Energy and Commerce Committee passed the Informed P2P User Act, a law that supposedly makes it safer to use peer-to-peer, or P2P, file-sharing software. Yawn.

The bill now goes to the House for one more round of  approval. If passed, the bill requires developers to explain to users how their files will be made available for sharing with others on a P2P network.

The bill would make it illegal for P2P developers to make software that causes files from a computer to be inadvertently shared over a P2P network without a user’s knowledge.

Peer to peer file sharing allows Internet users to access other P2P users PCs and share files such as music, movies, software, games, and documents. Unfortunately many people don’t set up P2P programs correctly and they end up sharing their most important files including bank records, tax files, health records, and passwords. This is the same P2P software that allows users to download pirated music, movies and software.

This can result in data breaches, credit card fraud and identity theft. I’ve seen numerous reports of government agencies, drug companies, mortgage brokers and others discovering P2P software on their networks after personal data was leaked.

In my own research, I have uncovered tax returns, student loan applications, credit reports and Social Security numbers. I’ve found family rosters which include usernames, passwords and Social Security numbers for entire family. I’ve found Christmas lists, love letters, private photos and videos (naughty ones, too) and just about anything else that can be saved as a digital file.

Information on a U.S. Secret Service detail for the First Family was discovered via P2P.

Even if P2P were made illegal, P2P file sharing is a wild animal that can’t be tamed. There are already millions of P2P programs in circulation that can easily be set up inappropriately, and plenty of developers flying under the radar programming from countries all over the world unregulated by the US government.

There are millions of PCs loaded with P2P software, and users/parents/employers are usually clueless about the exposure of their data. P2P offers a path of least resistance into a person’s computer, so be smart and make sure you aren’t opening a door to identity thieves.

Savvy users lock down P2P to prevent someone else from tooling around with thier settings. If your IT abilities are scant then:

  • Don’t install P2P software on your computer.
  • If you aren’t sure whether a family member or employee has installed P2P software, check to see whether anything unfamiliar has been installed. A look at your “All Programs Menu” will show nearly every program on your computer. If you find an unfamiliar program, do an online search to see what it is you’ve found.
  • Set administrative privileges to prevent the installation of new software without your knowledge.
  • If you must use P2P software, be sure that you don’t share your hard drive’s data. When you install and configure the software, don’t let the P2P program select data for you.
  • Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.
  • And invest in identity theft protection. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.
TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Robert

What Was Scary About Blackhat 2017?

02 August 2017  |  6232 views  |  0 comments | recomends Recommends 0 TagsSecurity

Black Hat 2017 was an Amazing Event

29 July 2017  |  6805 views  |  0 comments | recomends Recommends 0 TagsSecurity

Blackhat Hackers Love Office Printers

28 July 2017  |  5411 views  |  0 comments | recomends Recommends 0 TagsSecurity

Getting Owned or Pwned SUCKS!

13 June 2017  |  5785 views  |  0 comments | recomends Recommends 0 TagsSecurity

Parents Beware of Finstagram

27 April 2017  |  5249 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
732 posts62 comments

Who's commenting on Robert's posts

Ketharaman Swaminathan