TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Why File Sharing is Dangerous?
1. Why File Sharing Network are
Dangerous?
Arinto Murdopo
arinto@gmail.com
2. P2P Application
• 1st generation P2P application – find the file, and
download from node that has the file
– FastTrack network – KaZaA
– Gnutella network – Frostwire
– eDonkey - eMule
• Common characteristics: users need to share a
specific files/folders
3. Why do we analyze these?
• Lots of users & traffic – doubled between ‘03 to ‘07
• Wide adoption
4. Exposed Sensitive Information
• Sounds impossible, but it does happen!
– Misplaced file
– Confusing UI
– Incentives to share large number of files
– Lazy users
– Dumb wizard
– Share and forget
– Poor organizational habit
5. Exposed Sensitive Information
• Searching-file experiment
– Birth Certificate – 45 Results
– Passport – 42 Results
– Tax Return – 208 Results
– Free Application for Federal Student Aid – 114 Results
6. The trend?
• Growing usage -> More leaks
• Set and forget -> Increases loses
• Global loses
• Digital wind spreads files
• Existence of malware
7. Honeypot experiment
• To illustrate the threat in P2P network
• Honeypot – deliberately expose things to observe
the attack
• In this case…
– Email contains active VISA card and phonecard
– Three mock business documents
8. Email with VISA card..
• Email showing 25 USD VISA prepaid card
• 210-minute-calling card
10. Email with VISA card..
• Within a week, no
money left!
• No minute left!
• File distribution ->
11. Business Documents…
• Within a week…
– Documents taken 12 times
– Secondary disclosures do happen!
12. Observation
• Successfully illustrate risk of disclosure
• Identity theft!
• Persons with intention to use and hide documents
do exist! (and they always search!!!)
13. Conclusion
• Suggested counter-measures
– Improve UI design
– User education
– File naming and organization
14. Discussion…
• Privacy issue, why? Agree, disagree?
• Malware distribution, how to counter-
measure?
• How about BitTorrent? Security concern?
• This paper is about “Passive” attack, how
about “Active” attack? Give example
– Active attack : communications are disrupted by
the deletion, modification or insertion of data.