SlideShare una empresa de Scribd logo

Why File Sharing is Dangerous?

Arinto Murdopo
Arinto Murdopo

Slides for Decentralized System assignment. Explaining about why file sharing is dangerous.

Tecnología
1 de 14
Descargar para leer sin conexión
Why File Sharing Network are Dangerous? Arinto Murdopo arinto@gmail.com
P2P Application • 1st generation P2P application – find the file, and download from node that has the file – FastTrack network – KaZaA – Gnutella network – Frostwire – eDonkey - eMule • Common characteristics: users need to share a specific files/folders
Why do we analyze these? • Lots of users & traffic – doubled between ‘03 to ‘07 • Wide adoption
Exposed Sensitive Information • Sounds impossible, but it does happen! – Misplaced file – Confusing UI – Incentives to share large number of files – Lazy users – Dumb wizard – Share and forget – Poor organizational habit
Exposed Sensitive Information • Searching-file experiment – Birth Certificate – 45 Results – Passport – 42 Results – Tax Return – 208 Results – Free Application for Federal Student Aid – 114 Results
The trend? • Growing usage -> More leaks • Set and forget -> Increases loses • Global loses • Digital wind spreads files • Existence of malware
Honeypot experiment • To illustrate the threat in P2P network • Honeypot – deliberately expose things to observe the attack • In this case… – Email contains active VISA card and phonecard – Three mock business documents
Email with VISA card.. • Email showing 25 USD VISA prepaid card • 210-minute-calling card
Email with VISA card.. • File quickly taken and re-taken
Email with VISA card.. • Within a week, no money left! • No minute left! • File distribution ->
Business Documents… • Within a week… – Documents taken 12 times – Secondary disclosures do happen!
Observation • Successfully illustrate risk of disclosure • Identity theft! • Persons with intention to use and hide documents do exist! (and they always search!!!)
Conclusion • Suggested counter-measures – Improve UI design – User education – File naming and organization
Discussion… • Privacy issue, why? Agree, disagree? • Malware distribution, how to counter- measure? • How about BitTorrent? Security concern? • This paper is about “Passive” attack, how about “Active” attack? Give example – Active attack : communications are disrupted by the deletion, modification or insertion of data.

Recomendados

Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Angelo Christopher Dy
 
Internet and its application in education
Internet and its application in educationInternet and its application in education
Internet and its application in education
Lakshmi Kalpana Venkatasubramanian
 
Application of internet
Application of internetApplication of internet
Application of internet
ChaudharyPC
 
Online community-tools
Online community-toolsOnline community-tools
Online community-tools
snoonan
 
Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Chrizia Oñate
 
Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Marjolaine Bustillos
 
ICT introduction
ICT introductionICT introduction
ICT introduction
Angelito Quiambao
 
Social networking and security
Social networking and securitySocial networking and security
Social networking and security
sarathsandeep mandalapu
 

Recomendados

Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Angelo Christopher Dy
 
Internet and its application in education
Internet and its application in educationInternet and its application in education
Internet and its application in education
Lakshmi Kalpana Venkatasubramanian
 
Application of internet
Application of internetApplication of internet
Application of internet
ChaudharyPC
 
Online community-tools
Online community-toolsOnline community-tools
Online community-tools
snoonan
 
Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Chrizia Oñate
 
Activity 13 Common Online Terminologies
Activity 13 Common Online TerminologiesActivity 13 Common Online Terminologies
Activity 13 Common Online Terminologies
Marjolaine Bustillos
 
ICT introduction
ICT introductionICT introduction
ICT introduction
Angelito Quiambao
 
Social networking and security
Social networking and securitySocial networking and security
Social networking and security
sarathsandeep mandalapu
 
Telecommunication services
Telecommunication servicesTelecommunication services
Telecommunication services
ConnorJohnAdkins
 
Common Online Terminologies
Common Online TerminologiesCommon Online Terminologies
Common Online Terminologies
kitkatherina
 
Red Etech
Red EtechRed Etech
Red Etech
RedCyrielPalomo
 
The Avenues of Internet
The Avenues of InternetThe Avenues of Internet
The Avenues of Internet
Jaze1105
 
Activity 13 common online terminologies
Activity 13 common online terminologiesActivity 13 common online terminologies
Activity 13 common online terminologies
uineomino
 
Activity 9 common online terminologies
Activity 9 common online terminologiesActivity 9 common online terminologies
Activity 9 common online terminologies
Juan Carlo Fetalino
 
C4 - The Internet & Social Media
C4 - The Internet & Social MediaC4 - The Internet & Social Media
C4 - The Internet & Social Media
Fatin Nazihah Aziz
 
Social Networking in Libraries
Social Networking in LibrariesSocial Networking in Libraries
Social Networking in Libraries
Meredith Farkas
 
E resources
E resourcesE resources
E resources
avid
 
Common online terminologies
Common online terminologiesCommon online terminologies
Common online terminologies
Phantomizer24
 
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry OnSnow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
Bex Lewis
 
3.3 Internet Services
3.3 Internet Services3.3 Internet Services
3.3 Internet Services
Fizaril Amzari Omar
 
Digital Natives
Digital NativesDigital Natives
Digital Natives
ChauTran09
 
Internet, accessibility and word processing
Internet, accessibility and word processingInternet, accessibility and word processing
Internet, accessibility and word processing
Linda Wallin
 
Application of the internet
Application of the internetApplication of the internet
Application of the internet
Layani Malsha
 
Ict Powerpoint
Ict PowerpointIct Powerpoint
Ict Powerpoint
bradlaura
 
ternet Services and how to use library filed
ternet Services and how to use library filedternet Services and how to use library filed
ternet Services and how to use library filed
shanika kalpani
 
Activity 11 common online terminologies
Activity 11 common online terminologiesActivity 11 common online terminologies
Activity 11 common online terminologies
beatrice varela
 
The birth of an online module about privacy - Schoutsen & van Putten
The birth of an online module about privacy - Schoutsen & van PuttenThe birth of an online module about privacy - Schoutsen & van Putten
The birth of an online module about privacy - Schoutsen & van Putten
IL Group (CILIP Information Literacy Group)
 
Common Online Terms
Common Online TermsCommon Online Terms
Common Online Terms
Clarice Rowan Rieza
 
Moodboards eda
Moodboards edaMoodboards eda
Moodboards eda
edaozdemir
 
Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.
persi-10
 

Más contenido relacionado

La actualidad más candente

Telecommunication services
Telecommunication servicesTelecommunication services
Telecommunication services
ConnorJohnAdkins
 
Common Online Terminologies
Common Online TerminologiesCommon Online Terminologies
Common Online Terminologies
kitkatherina
 
The Avenues of Internet
The Avenues of InternetThe Avenues of Internet
The Avenues of Internet
Jaze1105
 
Activity 13 common online terminologies
Activity 13 common online terminologiesActivity 13 common online terminologies
Activity 13 common online terminologies
uineomino
 
Activity 9 common online terminologies
Activity 9 common online terminologiesActivity 9 common online terminologies
Activity 9 common online terminologies
Juan Carlo Fetalino
 
Social Networking in Libraries
Social Networking in LibrariesSocial Networking in Libraries
Social Networking in Libraries
Meredith Farkas
 
Digital Natives
Digital NativesDigital Natives
Digital Natives
ChauTran09
 
Ict Powerpoint
Ict PowerpointIct Powerpoint
Ict Powerpoint
bradlaura
 

La actualidad más candente (20)

Telecommunication services
Telecommunication servicesTelecommunication services
Telecommunication services
 
Common Online Terminologies
Common Online TerminologiesCommon Online Terminologies
Common Online Terminologies
 
Red Etech
Red EtechRed Etech
Red Etech
 
The Avenues of Internet
The Avenues of InternetThe Avenues of Internet
The Avenues of Internet
 
Activity 13 common online terminologies
Activity 13 common online terminologiesActivity 13 common online terminologies
Activity 13 common online terminologies
 
Activity 9 common online terminologies
Activity 9 common online terminologiesActivity 9 common online terminologies
Activity 9 common online terminologies
 
C4 - The Internet & Social Media
C4 - The Internet & Social MediaC4 - The Internet & Social Media
C4 - The Internet & Social Media
 
Social Networking in Libraries
Social Networking in LibrariesSocial Networking in Libraries
Social Networking in Libraries
 
E resources
E resourcesE resources
E resources
 
Common online terminologies
Common online terminologiesCommon online terminologies
Common online terminologies
 
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry OnSnow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
Snow, Floods Swine Flu Terrorist Threats Keep Calm and Carry On
 
3.3 Internet Services
3.3 Internet Services3.3 Internet Services
3.3 Internet Services
 
Digital Natives
Digital NativesDigital Natives
Digital Natives
 
Internet, accessibility and word processing
Internet, accessibility and word processingInternet, accessibility and word processing
Internet, accessibility and word processing
 
Application of the internet
Application of the internetApplication of the internet
Application of the internet
 
Ict Powerpoint
Ict PowerpointIct Powerpoint
Ict Powerpoint
 
ternet Services and how to use library filed
ternet Services and how to use library filedternet Services and how to use library filed
ternet Services and how to use library filed
 
Activity 11 common online terminologies
Activity 11 common online terminologiesActivity 11 common online terminologies
Activity 11 common online terminologies
 
The birth of an online module about privacy - Schoutsen & van Putten
The birth of an online module about privacy - Schoutsen & van PuttenThe birth of an online module about privacy - Schoutsen & van Putten
The birth of an online module about privacy - Schoutsen & van Putten
 
Common Online Terms
Common Online TermsCommon Online Terms
Common Online Terms
 

Destacado

Moodboards eda
Moodboards edaMoodboards eda
Moodboards eda
edaozdemir
 
Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.
persi-10
 
Cultura mites
Cultura mitesCultura mites
Cultura mites
Comalat1D
 
153 test plan
153 test plan153 test plan
153 test plan
< <
 
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
yaying-yingg
 
Pankki 2.0-hankkeen esittely
Pankki 2.0-hankkeen esittelyPankki 2.0-hankkeen esittely
Pankki 2.0-hankkeen esittely
Pankki2
 

Destacado (20)

Moodboards eda
Moodboards edaMoodboards eda
Moodboards eda
 
Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.Practica 2 luis ivan cruz val.
Practica 2 luis ivan cruz val.
 
The counting system for small animals in japanese
The counting system for small animals in japaneseThe counting system for small animals in japanese
The counting system for small animals in japanese
 
Netcare csi kelvin's talk aug 2015
Netcare csi kelvin's talk aug 2015Netcare csi kelvin's talk aug 2015
Netcare csi kelvin's talk aug 2015
 
Distributed Computing - What, why, how..
Distributed Computing - What, why, how..Distributed Computing - What, why, how..
Distributed Computing - What, why, how..
 
Cultura mites
Cultura mitesCultura mites
Cultura mites
 
153 test plan
153 test plan153 test plan
153 test plan
 
UX homework4
UX homework4UX homework4
UX homework4
 
how to say foods and drinks in japanese
how to say foods and drinks in japanesehow to say foods and drinks in japanese
how to say foods and drinks in japanese
 
Architecting a Cloud-Scale Identity Fabric
Architecting a Cloud-Scale Identity FabricArchitecting a Cloud-Scale Identity Fabric
Architecting a Cloud-Scale Identity Fabric
 
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
Queens Parh Rangers AD410 น.ส.ฐิติมา ประเสริฐชัย เลขที่8
 
Sam houston chess team
Sam houston chess teamSam houston chess team
Sam houston chess team
 
 
Maailmassa on parempia pankkeja
Maailmassa on parempia pankkejaMaailmassa on parempia pankkeja
Maailmassa on parempia pankkeja
 
Uso correto de epi´s abafadores
Uso correto de epi´s abafadoresUso correto de epi´s abafadores
Uso correto de epi´s abafadores
 
Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services Intelligent Placement of Datacenter for Internet Services
Intelligent Placement of Datacenter for Internet Services
 
Facebook
FacebookFacebook
Facebook
 
Pankki 2.0-hankkeen esittely
Pankki 2.0-hankkeen esittelyPankki 2.0-hankkeen esittely
Pankki 2.0-hankkeen esittely
 
An Integer Programming Representation for Data Center Power-Aware Management ...
An Integer Programming Representation for Data Center Power-Aware Management ...An Integer Programming Representation for Data Center Power-Aware Management ...
An Integer Programming Representation for Data Center Power-Aware Management ...
 
Quantum Cryptography and Possible Attacks
Quantum Cryptography and Possible AttacksQuantum Cryptography and Possible Attacks
Quantum Cryptography and Possible Attacks
 

Similar a Why File Sharing is Dangerous?

E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
Cengage Learning
 
backup-and-recovery-1234722875295639-2.ppt
backup-and-recovery-1234722875295639-2.pptbackup-and-recovery-1234722875295639-2.ppt
backup-and-recovery-1234722875295639-2.ppt
IrfanAthallah1
 
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
Health IT Conference – iHT2
 

Similar a Why File Sharing is Dangerous? (20)

E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
 
Cyber Security - ASGFOA
Cyber Security - ASGFOACyber Security - ASGFOA
Cyber Security - ASGFOA
 
Usable Privacy and Security: A Grand Challenge for HCI, Human Computer Inter...
Usable Privacy and Security: A Grand Challenge for HCI, Human Computer Inter...Usable Privacy and Security: A Grand Challenge for HCI, Human Computer Inter...
Usable Privacy and Security: A Grand Challenge for HCI, Human Computer Inter...
 
User Interfaces and Algorithms for Fighting Phishing, at Google Tech Talk Jan...
User Interfaces and Algorithms for Fighting Phishing, at Google Tech Talk Jan...User Interfaces and Algorithms for Fighting Phishing, at Google Tech Talk Jan...
User Interfaces and Algorithms for Fighting Phishing, at Google Tech Talk Jan...
 
css ppt.ppt
css ppt.pptcss ppt.ppt
css ppt.ppt
 
Data Management 101
Data Management 101Data Management 101
Data Management 101
 
Data Storage & Preservation
Data Storage & PreservationData Storage & Preservation
Data Storage & Preservation
 
Practical Best Practices for Data Management
Practical Best Practices for Data ManagementPractical Best Practices for Data Management
Practical Best Practices for Data Management
 
Digital Citizenship_Lecture.pptx
Digital Citizenship_Lecture.pptxDigital Citizenship_Lecture.pptx
Digital Citizenship_Lecture.pptx
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
 
Health Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of PrivacyHealth Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of Privacy
 
Quality of information
Quality of informationQuality of information
Quality of information
 
backup-and-recovery-1234722875295639-2.ppt
backup-and-recovery-1234722875295639-2.pptbackup-and-recovery-1234722875295639-2.ppt
backup-and-recovery-1234722875295639-2.ppt
 
Digital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR ExecutivesDigital Forensics, eDiscovery & Technology Risks for HR Executives
Digital Forensics, eDiscovery & Technology Risks for HR Executives
 
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
116 Machine learning for Product Managers
116 Machine learning for Product Managers116 Machine learning for Product Managers
116 Machine learning for Product Managers
 
Machine learning for product managers. Presented at Boston ProductCamp (June...
Machine learning for product managers. Presented at Boston ProductCamp (June...Machine learning for product managers. Presented at Boston ProductCamp (June...
Machine learning for product managers. Presented at Boston ProductCamp (June...
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Introduction to Digital Preservation
Introduction to Digital PreservationIntroduction to Digital Preservation
Introduction to Digital Preservation
 

Más de Arinto Murdopo

Más de Arinto Murdopo (18)

Distributed Decision Tree Learning for Mining Big Data Streams
Distributed Decision Tree Learning for Mining Big Data StreamsDistributed Decision Tree Learning for Mining Big Data Streams
Distributed Decision Tree Learning for Mining Big Data Streams
 
Distributed Decision Tree Learning for Mining Big Data Streams
Distributed Decision Tree Learning for Mining Big Data StreamsDistributed Decision Tree Learning for Mining Big Data Streams
Distributed Decision Tree Learning for Mining Big Data Streams
 
Next Generation Hadoop: High Availability for YARN
Next Generation Hadoop: High Availability for YARN Next Generation Hadoop: High Availability for YARN
Next Generation Hadoop: High Availability for YARN
 
High Availability in YARN
High Availability in YARNHigh Availability in YARN
High Availability in YARN
 
An Integer Programming Representation for Data Center Power-Aware Management ...
An Integer Programming Representation for Data Center Power-Aware Management ...An Integer Programming Representation for Data Center Power-Aware Management ...
An Integer Programming Representation for Data Center Power-Aware Management ...
 
Quantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slideQuantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slide
 
Parallelization of Smith-Waterman Algorithm using MPI
Parallelization of Smith-Waterman Algorithm using MPIParallelization of Smith-Waterman Algorithm using MPI
Parallelization of Smith-Waterman Algorithm using MPI
 
Dremel Paper Review
Dremel Paper ReviewDremel Paper Review
Dremel Paper Review
 
Megastore - ID2220 Presentation
Megastore - ID2220 PresentationMegastore - ID2220 Presentation
Megastore - ID2220 Presentation
 
Flume Event Scalability
Flume Event ScalabilityFlume Event Scalability
Flume Event Scalability
 
Large Scale Distributed Storage Systems in Volunteer Computing - Slide
Large Scale Distributed Storage Systems in Volunteer Computing - SlideLarge Scale Distributed Storage Systems in Volunteer Computing - Slide
Large Scale Distributed Storage Systems in Volunteer Computing - Slide
 
Large-Scale Decentralized Storage Systems for Volunter Computing Systems
Large-Scale Decentralized Storage Systems for Volunter Computing SystemsLarge-Scale Decentralized Storage Systems for Volunter Computing Systems
Large-Scale Decentralized Storage Systems for Volunter Computing Systems
 
Rise of Network Virtualization
Rise of Network VirtualizationRise of Network Virtualization
Rise of Network Virtualization
 
Consistency Tradeoffs in Modern Distributed Database System Design
Consistency Tradeoffs in Modern Distributed Database System DesignConsistency Tradeoffs in Modern Distributed Database System Design
Consistency Tradeoffs in Modern Distributed Database System Design
 
Distributed Storage System for Volunteer Computing
Distributed Storage System for Volunteer ComputingDistributed Storage System for Volunteer Computing
Distributed Storage System for Volunteer Computing
 
Apache Flume
Apache FlumeApache Flume
Apache Flume
 
Why Use “REST” Architecture for Web Services?
Why Use “REST” Architecture for Web Services?Why Use “REST” Architecture for Web Services?
Why Use “REST” Architecture for Web Services?
 
Distributed Systems
Distributed SystemsDistributed Systems
Distributed Systems
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Why File Sharing is Dangerous?

  • 1. Why File Sharing Network are Dangerous? Arinto Murdopo arinto@gmail.com
  • 2. P2P Application • 1st generation P2P application – find the file, and download from node that has the file – FastTrack network – KaZaA – Gnutella network – Frostwire – eDonkey - eMule • Common characteristics: users need to share a specific files/folders
  • 3. Why do we analyze these? • Lots of users & traffic – doubled between ‘03 to ‘07 • Wide adoption
  • 4. Exposed Sensitive Information • Sounds impossible, but it does happen! – Misplaced file – Confusing UI – Incentives to share large number of files – Lazy users – Dumb wizard – Share and forget – Poor organizational habit
  • 5. Exposed Sensitive Information • Searching-file experiment – Birth Certificate – 45 Results – Passport – 42 Results – Tax Return – 208 Results – Free Application for Federal Student Aid – 114 Results
  • 6. The trend? • Growing usage -> More leaks • Set and forget -> Increases loses • Global loses • Digital wind spreads files • Existence of malware
  • 7. Honeypot experiment • To illustrate the threat in P2P network • Honeypot – deliberately expose things to observe the attack • In this case… – Email contains active VISA card and phonecard – Three mock business documents
  • 8. Email with VISA card.. • Email showing 25 USD VISA prepaid card • 210-minute-calling card
  • 9. Email with VISA card.. • File quickly taken and re-taken
  • 10. Email with VISA card.. • Within a week, no money left! • No minute left! • File distribution ->
  • 11. Business Documents… • Within a week… – Documents taken 12 times – Secondary disclosures do happen!
  • 12. Observation • Successfully illustrate risk of disclosure • Identity theft! • Persons with intention to use and hide documents do exist! (and they always search!!!)
  • 13. Conclusion • Suggested counter-measures – Improve UI design – User education – File naming and organization
  • 14. Discussion… • Privacy issue, why? Agree, disagree? • Malware distribution, how to counter- measure? • How about BitTorrent? Security concern? • This paper is about “Passive” attack, how about “Active” attack? Give example – Active attack : communications are disrupted by the deletion, modification or insertion of data.