Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

P2P Leaks Surprises

CmdrTaco posted more than 10 years ago | from the be-careful-people dept.

Privacy 389

kilian.cavalotti writes "A new Web log is posting what it purports are pictures, documents and letters from U.S. soldiers and military bases in Iraq and elsewhere--all of which the site's operator claims to have downloaded from peer-to-peer networks such as Gnutella. The "See What You Share" site has been online for a week and has published photos ranging from a crashed military jet to a screenshot of a spreadsheet file that appears to include names, addresses and telephone numbers of marines. The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be."

cancel ×

389 comments

Sorry! There are no comments related to the filter you selected.

Okay (5, Funny)

Corporate Troll (537873) | more than 10 years ago | (#9825073)

I don't care what the military shares, but I surely want to see more of her [seewhatyoushare.com] ... Redheads.... *drool* ;-)

Re:Okay (5, Funny)

stinkyfingers (588428) | more than 10 years ago | (#9825216)

I smell a new pornsite: www.p2pmilitarywives.com

I got bored just after Kazaa came out. (2, Interesting)

JPriest (547211) | more than 10 years ago | (#9825318)

And I wanted to see howe many win98 users just shared the HDD. so I searched kazaa for windows 98 password files (.plw) and sure enough. It was a script kiddie act but I amused myself with access to some of the websites I found, lol.

Re:I got bored just after Kazaa came out. (4, Funny)

topynate (694371) | more than 10 years ago | (#9825349)

I read people's mail, and after msn messenger 6, their chat logs.

Dumb people are really boring.

Start running, Rick (2, Informative)

Anonymous Crowhead (577505) | more than 10 years ago | (#9825074)

The FBI is on the way...

I think is was said somewhere else... (4, Insightful)

agraupe (769778) | more than 10 years ago | (#9825082)

If you choose to expose security weaknesses, don't take advantage of them. Tell those who can fix it/do something about it, and no one else. What this person is doing will just give other people ideas.

Re:I think is was said somewhere else... (3, Informative)

Sheetrock (152993) | more than 10 years ago | (#9825187)

He can't contact every file sharer directly. In some cases he can't be sure the sharers are the original net source for what they're posting.

This is probably the most efficient way he can get the message across: P2P has absolutely no place in a business or military environment and P2P access should be disabled at the router for security.

Unfortunately this guy could take a fall for trying to do the right thing because of the mindset that the first guy that makes the public aware of a problem is responsible for the problem. When in reality we should be looking at P2P authors.

Re:I think is was said somewhere else... (3, Funny)

Exiler (589908) | more than 10 years ago | (#9825380)

We should be looking at P2P authors for providing a medium that people use to do wrong?

Re:I think is was said somewhere else... (1)

wwest4 (183559) | more than 10 years ago | (#9825262)

Maybe the people who were careless with the stuff in the first place will do a double-take now. If the idea that this happens isn't general knowledge, then people will assume it doesn't happen and will continue being careless. Public release is an important feedback mechanism.

I would agree that it might be prudent to inform the public after plugging up any non-human weaknesses, but ultimately, the weak link here is people.

Re:I think is was said somewhere else... (1)

trentblase (717954) | more than 10 years ago | (#9825339)

Oh yeah I sure hope they are more careful. A sign for free ice water? Call the counter-terrorists. Some dude is sharing his vacation pictures? Don't let anyone see that! P2P isn't the problem, it's giving morons sensitive files in an unencrypted microsoft format that's the problem.

Re:I think is was said somewhere else... (5, Informative)

Anonymous Coward | more than 10 years ago | (#9825268)

From the 'Why this site exists' section of his site:


A few months ago, I downloaded some military briefings from the Gnutella Network. The briefings were zipped and the file contained 21 documents with classifications ranging from For Official Use Only to Secret/NO FORN. Shocked at my discovery, I notified an agency on a nearby military installation. When nothing happened, I notified another agency. I continued this course because no action was taken and for a nation at war, I was concerned for the safety of our soldiers.


So it seems, he DID tell those who can do something about it, and that nothing is getting done.

Re:I think is was said somewhere else... (3, Interesting)

Zareste (761710) | more than 10 years ago | (#9825376)

The problem is that somebody published the pictures on the network. Did anybody notice that, or would we rather just follow Rick's solution and have the people from our oh-so-trustworthy 'that blunder is confidential' military tell us what we can publish and see on the internet? Oh, sounds great. "Hey Jim, this picture has 'no war' written on it. You know what to do..."

I guess we COULD track down whoever leaked the info, but why do that when you can go after anyone on or in the remote proximity of any random network? Perfect plan. A big 'duuuhhhr' goes out to Rick who lacks the capacity to get this through his head.

1st (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9825083)

1st for a coward

my email to Glen (5, Insightful)

rpdillon (715137) | more than 10 years ago | (#9825084)

Glen Breakwater-

As a former member of our armed forces, and an avid technophile as well as outspoken supporter of freedom in all its forms, I have a question:

What exactly are you advocating?

It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining. Do you want to ban P2P services? Do you want to attempt to make yet more copy protection systems? Or are you doing what Michael Moore does and complaining about a situation while having no solution whatsoever?

As for my view: it is the price of freedom. If you don't want Secret/NOFORN documents distributed on the web, then don't hand them out to people! Make sure the only machines that have them are on SIPRNET and take out the damn floppy and zip disk drives.

My position: people are stupid, and until we decide to take real measures to protect secret data (i.e. not providing removable media for secret computers), we'll get burned. A nation at war? Yes, I went to Iraq three times in the past three years. But don't blame the soldiers, or the P2P programs. Blame the idiots that make the information available and the idiots who build the computers and set IT policy for the DoD.

Peer to peer filesharing is NOT a security risk. The lack of a comprehensive security program within our military is a security risk.

Regards,

Re:my email to Glen (0, Troll)

beee (98582) | more than 10 years ago | (#9825154)

I doubt your claim to being a former member of the armed forces. If you were, you'd be extremely familiar with the existing comprehensive security program, ASN, the online portion of which was proposed back in 1995.

Re:my email to Glen (1)

rpdillon (715137) | more than 10 years ago | (#9825237)

I'm not sure who you are, but I was a US Naval Officer, and I did deploy to the Arabian gulf three times (2001, 2003, 2004).

Whatever comprehensive security program you mention (no, I haven't heard it) didn't make it down to the deckplates on my ship, which was commisioned in 1995.

Since you know so much about military security, can you tell me if this program took care of glaring discrepancies in the SIPRNET/NIPRNET information exchange? How about something simple, like I suggested - not providing removable media on secret computers...

Re:my email to Glen (1)

iceperson (582205) | more than 10 years ago | (#9825281)

After almost 8 years in the Marines (got out in '98) and another 4+ working for the Army Corps of Engineers I've never heard of the ASN. I don't doubt that it exists, but to say that someone couldn't have served and not been familiar with it is just wrong.

One more thing (1)

iceperson (582205) | more than 10 years ago | (#9825389)

To imply that a veteran is lying about his/her service because he or she's not familiar with some obscure IT policy is pretty petty.

Re:my email to Glen (1)

grunt107 (739510) | more than 10 years ago | (#9825177)

You are absolutely correct on this. P2P is a mechanism that can be subverted into immoral/illegal acts.
The military should be requiring all correspondence to be encrypted, sensitive data (especially residence info) to be removed from common access (and also encrypted), and disclaimers to soldiers' respondents detailing how the emails should not be forwarded for said security matters (and maybe a warning of prosecution for privacy violations?).

Re:my email to Glen (5, Insightful)

PCM2 (4486) | more than 10 years ago | (#9825229)

It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining.
Um ... as a taxpaying citizen, is it really too much to ask for the military to take care of its own business, when ostensibly the security of our entire nation is at stake? Since when do you or I get to vote on how the military handles its own housekeeping? It's not up to you or I (or Glen) to establish military policy. All we can do is ask that they please address the issue. I think he's done that in a pretty alarmist way -- but he obviously feels like that's what it's going to take.

"Ban" P2P services on military computers? By all means, if that's what it takes. Establish penalties for soldiers who fail to observe security protocols? Abso-effin-lutely. This ain't a civil liberties issue, people, and we're not talking about dismantling entire technological innovations here or anything -- this is the military. I wholeheartedly agree that, before Congress comes along and pushes through any further legislation blaming the American people for failures of security policy (i.e. the Patriot Act), the people who are really and literally on the front lines of the information security issue need to get their shit together in a big way.

Re:my email to Glen (1)

rpdillon (715137) | more than 10 years ago | (#9825288)

From my experience, I doubt those programs are running on government machines...what probably happened was people copied them from government machines and shared them on their private machines. I'm highlighting ther problem that they should have never come off the government machines.

Just so my position is clear: don't legislate against P2P, make the military fix it's security problem.

Glen doesn't go one way or the other, and that's my problem. I want him to take a position on what should be done.

Re:my email to Glen (5, Insightful)

criquet (120814) | more than 10 years ago | (#9825279)

Simply because someone raises an issue that concerns them without having a (stated) solution does not constitute complaining nor whining.

Though I agree with you point that p2p is not the problem.

Re:my email to Glen (1)

chamblah (774997) | more than 10 years ago | (#9825330)

I'm thinking that Glen's purpose for this is to show the security risks of having P2P software installed on machines that can and do have access to important documents and sensitive information.

This is not to say that by Joe Nobody having it on his home machine is a security risk to the US, but it is a risk if Ensign Joe has it on his work machine inside hit tent out near Baghdad.

Re:my email to Glen (5, Funny)

kfg (145172) | more than 10 years ago | (#9825352)

It sounds an awful lot like you're complaining, but you have absolutely no idea how to solve the problem you've raised. This is not constructive...it is merely whining.

I'll bet your auto mechanic just loves it when you refuse to tell him what's wrong, but tell him how to fix it.

KFG

Re:my email to Glen (2, Insightful)

Monkeyman334 (205694) | more than 10 years ago | (#9825384)

The problem is the lack of accountability. The people sharing these files are already breaking the UCMJ, specifically failure to obey, by installing unauthorized software. If those pictures are from a military computer, then they most likely downloaded from a personal camera that shouldn't have been attached to the network as well.

2nd, these aren't classified documents or pictures. Should it be protected? Absolutely, but it's not classified. The problem isn't floppy drives specifically, there are procedures for floppies in class machines that stops data from getting back into unclass. If you work with class computers+floppies then you know the procedure.

Another thing, the picture of the girl is a common one distributed on P2P networks, and has been for maybe a year.

Where I'm going with this is... While I agree that the military needs more accountability in computers, the web site author is overstating the problem in an attempt to get some shock value out of it. He's doing that so people might be pressured/scared into securing their networks better.

Re:my email to Glen (0)

Anonymous Coward | more than 10 years ago | (#9825399)

I think what he is advocating is that before the military hands a kid a laptop, they make sure to educate the soldier that P2P is about as insecure as you can get. In my opinion, sensitive information should not be kept on any machine connected to the internet - the DoD should have it's own private network, with NO interconnection between the two. But that is just me. Glen is just pointing out by example that the military is failing to train it's computer users properly.

P2P itself isn't evil. Using P2P for purposes other than those for which it was designed is just plain stupid. P2P is designed for people that want to share files, and don't care who they share them with!

Re:my email to Glen (2, Interesting)

seafortn (543689) | more than 10 years ago | (#9825411)

As another former member of the armed forces, with plenty of trips to plenty of places, I say hell yes - ban p2p on official computers - in fact, p2p software is already prohibited by most unit signal officers - these people are probably blatantly disregarding rules designed to protect them - I say go one further, track this stuff back to the originating computers, and get these numskulls Article 15s for not complying with published regulations...

You might argue that p2p could be useful, but obviously the people using these computers can't be trusted with it, so don't screw around - take it away - anything that really needs to be shared can go over email, networked file sharing, or (gasp) - walking the damn things over on a disk!
I don't want some (terrorist, criminal, anybody else who would take advantage of my absence) to have my wife's home address because some idiot wanted to download cool files from the computer that the alert roster was stored on...

Surely (0)

Anonymous Coward | more than 10 years ago | (#9825412)

SIPRnet Computers are NOT directly connected to the Internet. Atleast here they aren't. This means that someone would have to physically take the documents from a higher classified machine and move them to a NIPRnet machine and somehow have a P2P sharing program installed.... Hmmm...

Leprechauns, rainbows, and gold! (-1, Offtopic)

garcia (6573) | more than 10 years ago | (#9825086)

The only surprising thing there was that I found out CowboyNeal is a lady leprechaun! I want to see the gold at the end of THAT rainbow!

MOD THE PARENT UP! (0, Offtopic)

Anonymous Coward | more than 10 years ago | (#9825260)

Off Topic? You morons, it's obvious he was talking about the redhaired, green garbed, chick half-naked.

You are a bunch of half-baked, brain dead, morons.

Hmm (2, Informative)

triffidsting (594096) | more than 10 years ago | (#9825088)

Sounds more like he is trying to train them in target practice to me.

heil hitler (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9825089)

heil hitler

The Emphasis Should be on Security Issues Not P2P (5, Insightful)

The Importance of (529734) | more than 10 years ago | (#9825090)

The problem is that the website author emphasizes that "Technology often outruns legislation. So is the case with Peer 2 Peer networks." He seems to assume that P2P should be legislated against. However, this is a security issue, not an issue specific to P2P systems. Education and other controls should be used to minimize this problem. The military would never let Joe Soldier run a rogue server, why would they let them run any old P2P app on a system with classified information? See, P2P Problem or Security Issue? [corante.com] .

Re:The Emphasis Should be on Security Issues Not P (1)

scumbucket (680352) | more than 10 years ago | (#9825131)

P2P was a neat concept way back when it was called a bulletin board. I guess it still is a neat concept, now that we have IM for sharing snapshots and web-camera streams. The truth, however, is that it isn't nearly as effective in pushing around bits as administering a cheap Linux box with 200GB of HD off a cable modem with a bunch of college frat buddies.

Moreover, it isn't nearly as good as having a private server with 500+GB of storage on a college LAN... I lost count after the 5th HD was added to my frat's file server. Dues in a frat house go to the 60"HDTV, game systems, parties (It's all about the Super Bowl), and the file server "as needed". As long as you meter/throttle the bandwidth so that the file sharing outbound network doesn't spike the University's network admin's attention (or better yet, have a student network admin in your frat), bandwidth consumption looks just like a massive Quake (or other FPS) game. Match that to the right port for Quake, etc, and even the best sysadmins are fooled.

Give that man a cigar (4, Interesting)

Atario (673917) | more than 10 years ago | (#9825390)

You hit the nail on the head. The same principles apply to soldiers gabbing about classified stuff F2F, never mind P2P.

Oh, and I submitted this with a funnier headli...er, wait, this isn't Fark, is it.

Well, I did submit it, with a link to a ZDNet article [com.com] about it, in which they give a little more detail about what happened with the blogger's attempts to get the authorities involved:
In an interview from Germany, where he lives with his wife, a U.S. Army officer, Wallace said he had contacted local military intelligence about the issue. They forwarded the information to a higher level, but there was little further response until he contacted the office of Sen. Conrad Burns, who represents Wallace's home state of Montana, Wallace said.
...
Shortly after Wallace got in contact with Burns' office, the file of classified documents disappeared from Gnutella.
Ummmm...what??? How powerful is this senator, that he can pluck a given file off a decentralized P2P network? How did he do that? Am I going to get an insistent knock on my door for even questioning this?

Tell my wife I love her! AIEEEE!!!

I think the DoD is going to show him personally... (3, Funny)

markana (152984) | more than 10 years ago | (#9825092)

the risks of P2P.... especially publicly exposing security holes.

olde news... (3, Funny)

grub (11606) | more than 10 years ago | (#9825097)


search your favourite P2P network for things like ".XLS". When you find some that are obviously not intended for public viewing then look at the person's shared files for more goodies.

not that I'd ever do that.

Re:olde news... (-1, Troll)

beee (98582) | more than 10 years ago | (#9825201)

When you search a P2P network for .xls and subsequently invade a user's privacy, you're no better than Big Brother or anyone else threatening our online rights.

Re:olde news... (1)

jbltk (801038) | more than 10 years ago | (#9825296)

How exactly is that invading someone's privacy? They shared the files out in the open. If they're too retarded to learn the simple steps of only sharing appropriate files, they get what they deserve.

Re:olde news... (1)

beee (98582) | more than 10 years ago | (#9825314)

If I forget to lock my apartment door at night, do I deserve to be robbed?

Improper analogy (1, Insightful)

Anonymous Coward | more than 10 years ago | (#9825369)

Sharing your files on a P2P network is saying "Here are my files that I have chosen to share with you, please download as you wish".

Your analogy is not correct.

Re:olde news... (3, Insightful)

trentblase (717954) | more than 10 years ago | (#9825374)

If you have a system installed whereby I ring your doorbell and documents get thrown out the mail slot, then you deserve to lose them.

Re:olde news... (0)

Anonymous Coward | more than 10 years ago | (#9825379)

After looking at your posting history, I have determined that you are not a troll but merely a complete and utter asshole.

Not the same thing. (4, Insightful)

DAldredge (2353) | more than 10 years ago | (#9825381)

Sharing files on a p2p network is just that, sharing files. It's not like forgeting to lock your door, it's like having a flashing neon sign that same 'come in' and then getting upset when people do.

Re:olde news... (1)

jbltk (801038) | more than 10 years ago | (#9825416)

Yes, actually. If you live in an area where you know leaving your door unlocked isn't such a bright idea, you deserve the consequences of your action. The only way you'll learn to lock your door is if you lose things you care about. The same thing goes for your files you may accidentally share on your computer via P2P. If you lose your job because you let confidential corporate papers out on a P2P network, you'll never do something that stupid again, will you? It's what we pragmatists call "learning from your mistakes". Unfortunately, in this day and age, no one seems to want to take responsibility for their actions.

Re:olde news... (1)

lothar97 (768215) | more than 10 years ago | (#9825245)

Even better, search for .pst and find email, or "My Documents" to find lots of fun files.

I think the problem is not necessarily better security, but increased user education. Tell people not to "search my hard drive for files to share," to choose what folders are being shared, and to verify periodically what folders/files are shared.

I always thought... (4, Interesting)

digitalsushi (137809) | more than 10 years ago | (#9825104)

I always thought military desks had two machines on them. A public internet and a military internet, and at no point were they ever interconnected. Is there any shade of truth of that *at all* in any branch of our military? It certainly sounds like any casual remark anyone might make at the watercooler, but it'd be interesting to hear from someone who's been there.

Re:I always thought... (5, Informative)

rpdillon (715137) | more than 10 years ago | (#9825176)

You are correct...there is NIPRNET (public internet) and SIPRNET (an entirely seperate, secret and very large network for military). The problem is that sometimes presentation computers are NIPRNET, and sometimes you have to give secret briefs. Or sometimes someone doesn't have SIPRNET set up correctly (its an involved process), so some idiot copies secret files to a floppy. As I said above in my email: SIPRNET computers shouldn't have floppies or zip. No removable media. Oh, and while youre at it, can we ditch all the MS contracts too, and move to something secure?
This is the case all over, and I got tired of it when I was in the military...the security is not where it should be an no one cares.

Re:I always thought... (3, Informative)

PhxBlue (562201) | more than 10 years ago | (#9825230)

I always thought military desks had two machines on them. A public internet and a military internet, and at no point were they ever interconnected.

This is true at the base level, but not at the desk level - at least not for most folks. SIPRNET-linked computers, at least at the Standard Systems Group (and DISA, which are both on the same campus), are housed within secure facilities; and computers linked to the NIPRNET (the regular 'Net) are not.

Eh. (0)

Anonymous Coward | more than 10 years ago | (#9825109)

First

Why This Site Exists (2, Interesting)

diagnosis (38691) | more than 10 years ago | (#9825110)

Taken from the web site:

Why This Site Exists
Technology often outruns legislation. So is the case with Peer 2 Peer networks. Many people obtain P2P software so they can download music or movies. A large number of those people do not have any idea what they are sharing.

A few months ago, I downloaded some military briefings from the Gnutella Network. The briefings were zipped and the file contained 21 documents with classifications ranging from For Official Use Only to Secret/NO FORN. Shocked at my discovery, I notified an agency on a nearby military installation. When nothing happened, I notified another agency. I continued this course because no action was taken and for a nation at war, I was concerned for the safety of our soldiers.

It may appear that I am picking on certain institutions. This is true. I want everyone to know that we can be our own worst enemies when we don't understand the full power of our technology. I want every military and government agency to see first hand what is being shared with anyone who has a computer. Since a picture is worth a thousand words, I can save myself some talking.

----------------------
Freedom or Evil: Freevil.net [freevil.net]
G. W. Bush says, "You decide!"

Re:Why This Site Exists (1)

jesuscash (668623) | more than 10 years ago | (#9825336)

Sadly, I think that a lot of people would be worried about losing face, esspecially for a security hole like that. In the military there could be some severe consequences.

As for governments cracking down on P2P, that is the worst option. It is up to the military's system admin to prevent these kind of leaks.

Oh no... (2, Insightful)

ALeavitt (636946) | more than 10 years ago | (#9825111)

This is just going to lead to more cracking down on P2P file sharing, even the legitamate kind. Really, accidentally sharing files only comes from ignorance, obliviousness, or some combination of the two. If you don't know what you're sharing, you shouldn't be using P2P. It's that simple. I guess I just thought it was common sense to keep track of what people have access to on one's computer. It seems that a lot of people lack common sense.

Oh, and barring any posts while I'm writing this, FP!

Re:Oh no... (1)

jrockway (229604) | more than 10 years ago | (#9825274)

Crackdown my ass. I bet that nobody in power really cares. Or can really do anything. Nobody owns the internet (too fucking bad for them, isn't it).

Besides, if you intend to share this stuff, you should be using Freenet anyway. No encryption key = no data.

Rick Wallace's behavior is disgusting (1, Troll)

beee (98582) | more than 10 years ago | (#9825113)

There are ways he could've made this information available to the military without also sharing that sensitive information. Why not just contact them and inform them of users and networks offering this material? Why has he put our servicemen and servicewomen at risk by not only pointing out this flaw, but providing pictures and information on his website?

Couldn't his point have been made without actually doing harm to our people? What disgusting behavior.

Re:Rick Wallace's behavior is disgusting (1)

DAldredge (2353) | more than 10 years ago | (#9825203)

How have they been harmed?

Re:Rick Wallace's behavior is disgusting (1)

flibberdi (800264) | more than 10 years ago | (#9825210)

As I understand it, he HAVE been in contact with various agencies... And this isn't really that sensitive material, is it?

Re:Rick Wallace's behavior is disgusting (1)

gorbachev (512743) | more than 10 years ago | (#9825316)

He DID contact the military, several times. They took no action. Read the info on the website.

Well we had some freedoms (3, Insightful)

SteroidMan (782859) | more than 10 years ago | (#9825116)

Yikes! Is he trying to get what little liberties we have left removed? And we thought the RIAA/MPAA were the biggest threat to P2P networks. They have nothing on a peeved military!

Place your bets now! (4, Interesting)

koganuts (526569) | more than 10 years ago | (#9825117)

It'll be interesting to see how long it'll take before the operator of that weblog is arrested, even though he's trying to prove a point.

Why would they arrest him? (1)

Saeed al-Sahaf (665390) | more than 10 years ago | (#9825402)

Why would they arrest him? There is nothing very interesting or sensitive about ANY of the screen shots / pics.

Wierdest thing? (0)

Anonymous Coward | more than 10 years ago | (#9825118)

That wouldn't be the wierdest thing I've found on a p2p network.......*hurls*

He's asking for it (2, Insightful)

Dukeofshadows (607689) | more than 10 years ago | (#9825121)

Would anyone else be surprised if this site is shut down or sternly repremanded (perhaps quite publicly) within the week?

His intentions are good, but we all know about that cliche.

Re:He's asking for it (0)

Anonymous Coward | more than 10 years ago | (#9825222)

Your post and your sig seem to live in 2 different dimensions.

glad he blurred out addresses... (0)

Anonymous Coward | more than 10 years ago | (#9825123)

But remember, giving people the ability to encrypt p2p file-sharing is BAD...

I want more pictures of the girl! (0)

Anonymous Coward | more than 10 years ago | (#9825125)

Who's with me?

Saw this earlier (0)

Anonymous Coward | more than 10 years ago | (#9825132)

Is this guy not liable for posting this stuff? I guess he's re-posting, but he is openly hosting all this stuff. Names changed/blurred or not, he should not be allowed to do this. Not to sound like a republican troll asshat, but isn't he helping the badguys in a way?

Re:Saw this earlier (0)

Anonymous Coward | more than 10 years ago | (#9825342)

but isn't he helping the badguys in a way

How so?

But the REAL question is, (5, Funny)

whoever57 (658626) | more than 10 years ago | (#9825149)

... where are the other "raunchy" photos?

Re:But the REAL question is, (1)

russler (749464) | more than 10 years ago | (#9825313)

When I was in Basic training a few years back, we had a guy in the unit with a fairly common name. He received some letters from an address he did not recognize so he sent it back. Twice. The third time it came to him he opened it and read the letters. And we all enjoyed the many enclosed photos of a lingerie-clad young lady who was trying to help her man through challenging times. :)

These pictures are quite common -- as is the willingness to share them. They must be floating around out there somewhere, but probably not on the web. You want all the guys to know you have the pics, but you certainly do NOT want the young ladies to know they are entertaining an entire platoon. (Ok, some ladies would probably get into that....)

Absurd (5, Insightful)

cephyn (461066) | more than 10 years ago | (#9825158)

First off, if classified info got to a P2P network, then there was a security breach BEFORE it got there. The p2p network is not the problem.

Second, if the info isn't classified, why shouldn't it be on p2p? If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.

Re:Absurd (5, Insightful)

FerretFrottage (714136) | more than 10 years ago | (#9825298)

If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.

Not with the current administration....remember the casket picture incident? They [the pictures] were not classified, but you better not show them to the people.

Re:Absurd (1)

nine-times (778537) | more than 10 years ago | (#9825347)

Second, if the info isn't classified, why shouldn't it be on p2p? If a jet crashed and there's a picture, and its not classified info, then there's nothing wrong with it being public information, because it IS public information.

Good point. In fact, how does he know that all this data was on P2P networks by accident? I hope some of these people shared some of the non-classified data on purpose. Or do we all believe the RIAA's claim that the only purpose of P2P networks is to infringe on copyrights?

Maybe this will turn out for the best. (2, Funny)

Mr. Vandemar (797798) | more than 10 years ago | (#9825165)

File sharing in the military could be a good thing. Hopefully the RIAA will make the mistake of trying to sue the military for copyright infringment, causing the US military to begin taking out "targets of opportunity" here in the US *cough Mitch Bainwol & Hilary Rosen cough*...

The P2P Disclosures (3, Insightful)

enforcer999 (733591) | more than 10 years ago | (#9825167)

I believe that the problem is not P2P vulnerabilities but the users knowledge of the software and how to secure their own files. What it boils down to consumer education.

This is nothing new. (2, Insightful)

inotocracy (762166) | more than 10 years ago | (#9825185)

..I remember doing searches on Gnutella networks for camera picture prefixes (dcim*, pc101*, dcf*) and getting all kinds of personal pictures back-- if the person allows the program to index their hard drive, they are morons.

Serious security risk (3, Funny)

EnnTeeDee (799496) | more than 10 years ago | (#9825190)

he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be

He's right -- P2P networks are used to distribute weapons of mass destruction [britneyspears.com] .

I remeber... (1)

Peden (753161) | more than 10 years ago | (#9825196)

ALOT of people sharing email etc. inbox.dbx and whatnot on the Direct Connect network. On Direct Connect it is a requirement to share alot to gain access to the good sites, and some people just share their entire harddrives.

This can't be too good... (3, Interesting)

Eberlin (570874) | more than 10 years ago | (#9825200)

This is different from full-disclosure of software vulnerabilities because this is more a human error than anything else. It's not like there's software to be patched...it's a matter of educating the user as to what they're doing wrong.

The only real problem here is the public disclosure of personal information -- if I were one of the names shown, I'd probably be upset. (of course if this is going on in a widespread fashion, I'd be upset anyway) In the end we can only hope that the "shock value" of presenting these to the public will create enough awareness to minimize the problem.

Otherwise we can all watch as the spinsters pull another argument for their "p2p is evil" campaign.

Wait a second... (0, Offtopic)

halivar (535827) | more than 10 years ago | (#9825213)

I think I found my credit card number in there. Hurray for me, I'd had it stolen before I memorized it.

Re:Wait a second... (0)

Anonymous Coward | more than 10 years ago | (#9825362)

fix your sig

Quite interesting (1)

manavendra (688020) | more than 10 years ago | (#9825215)

Not sure what he is advocating/saying, other than probably whining, but its interesting to see the guy has his own censorship ....leaves me speechless

Office LAN (2, Interesting)

jekewa (751500) | more than 10 years ago | (#9825221)

I once consulted at a place where someone thought to bring some questionable P2P software in to "bring his music software to the office." He ran the same software on his home PC where he did have a collection of ripped CDs, as well as previously P2P downloaded music and videos.

He was not cautious about his setup, and I very quickly showed him how I could basically browse his entire computer hard drive, and (granted with a little hands-on) very quicky map every network resource his system had access to. I suggested that he remove that lest some dishonest version of the software do the additional mapping unbeknownst to him.

P2P is a potential blessing and a damned curse.

Anyone notice (1)

jbltk (801038) | more than 10 years ago | (#9825223)

Anyone notice his profile says he's 30 years old? Judging by the photo on the site, I'd venture to say that's off by about 20-30 years at the very least. I'm confused. Is he advocating the military crack down on P2P in general, or on the use of P2P by soldiers? It's not like shutting off their access to P2P is gonna prevent the info from getting on there, it'll only prevent them from directly doing it themselves. The only way to do that is to prevent internet access entirely.

Re:Anyone notice (0)

Anonymous Coward | more than 10 years ago | (#9825285)

Anyone notice his profile says he's 30 years old? Judging by the photo on the site, I'd venture to say that's off by about 20-30 years at the very least

Yeah, because that photo must be of him. There is no way he could have upload some random face.

I believe him completely all those files are legit (1)

InsaneGeek (175763) | more than 10 years ago | (#9825224)

because you know nobody messes with anybody on those networks. Case in point download a video that's got a filename "brittney_spears_lez_nasty_anal_horse_beast.mpg" if you take off your glasses and squint you can tell it's really her behind the thick german accent.

Read before you throw a fit (4, Informative)

cyberlotnet (182742) | more than 10 years ago | (#9825242)

Did you read http://www.seewhatyoushare.com/2004/07/why-this-si te-exists.html

He made valid and physical attempts to inform the proper people about the issues and he saw no response, no action, he was basically ignored.

Well I bet they are taking notice now.. I would like to see every single person he talked to in the military that did Nothing up on military charges and kicked out of the military with nothing.

No better yet a true example should be set and they should end up in prison for threating the security of our nation.

Re:Read before you throw a fit (1)

cyberlotnet (182742) | more than 10 years ago | (#9825273)

Take a look even further, He even took the time to blank out possible "important" data.. Nothing at all on his website reveals any important information at all.

He has done his best to both protect while providing enough information to maybe just maybe wake someone in washington up.

30? (1)

UnixRawks (705739) | more than 10 years ago | (#9825247)

Are we supposed to believe the guy running the weblog is 30? He's got lines deeper than Keith Richard's!!

This headlines should have been different (1)

marika (572224) | more than 10 years ago | (#9825250)

It's not a peer-to-peer problem. It's always the people that sounds alarming who gets the attention but the real problem is the user. It always been the user and it will always be the user. If you can't protect your information, if you don't have the basic knowledge to use something, if you are neglecting basic rules and if all your ports are open then you can't blame the internet.

Page views from his website... (1, Offtopic)

CmdrTostado (653672) | more than 10 years ago | (#9825253)

See What You Share on P2P
Site Summary

VISITS

Total 27,272
Average Per Day 558
Average Visit Length 3:08
Last Hour 2,312
Today 24,281
This Week 3,908

PAGE VIEWS

Total 161,116
Average Per Day 4,686
Average Per Visit 8.4
Last Hour 13,010
Today 129,905
This Week 32,805

Wonder where else he posted this site today to get 129,905 today and only 13,010 in the last hour (since posting on slashdot)

Finding the right target group (1)

Luguber123 (203502) | more than 10 years ago | (#9825265)

Teaching the military about consequences may be a little far fetched.

Good Job! (1)

Dust'-_-'Worm (800626) | more than 10 years ago | (#9825269)

And I say, good job my friend! There should be more people exposing military, gov, etc. secrets so that people are more carefull on the Internet or any other network. I am for it cuz i know so many ppl that have no clue about security and they call themslef IT professionals. So, please ppl think twice before entering the high speed of networks about whatever u do there can be and most of the time is seen by millions if not billions of ppl around the world.

I wonder. . . (1)

PhxBlue (562201) | more than 10 years ago | (#9825276)

I kinda hope someone will bother to talk to Capt Farnham about failure to properly handle FOUO and Privacy Act data before his commander gets wind of it.

Surprising (4, Interesting)

Quila (201335) | more than 10 years ago | (#9825300)

In the extremely large military network I worked on, all P2P ports were blocked (the rule was deny all, allow by exception) and the IDS was tweaked to catch anyone who fiddled with the ports to get around that. The security guys were not nice to people they caught.

I guess some areas of the military just aren't set up that well.

What's NOT in Joan's suitcase? (3, Funny)

canter (43098) | more than 10 years ago | (#9825308)

It sure seems like Joan is a Harley Davidson freak. It looks like she's completely outfitted for a week of sun and fun..

Leather Jacket.. Check
Swim Suit.. Check
Necklace.. Check
Gold dress.. Check
Bras.. Check
Shoes.. Check
Panties.. Umm. hmm. Not Check.

I think I'm in love.

Nothing to see here, move along (5, Informative)

2Wrongs (627651) | more than 10 years ago | (#9825340)

Finally a slashdot article I can comment on knowledgably.

I'm an officer in the US Army and on a casual glance through the file list there's nothing on there that's classified. You can look up most of these manuals on google.

Here's a site that lists a couple: US Army Fields Manuals [globalsecurity.org] Not hugely helpful unless you have training and equipment, but I guess if I were a (bored) terrorist, I'd read em.

Sounds like a crackpot to me (1)

John the Kiwi (653757) | more than 10 years ago | (#9825351)

A few months ago, I downloaded some military briefings from the Gnutella Network. The briefings were zipped and the file contained 21 documents with classifications ranging from For Official Use Only to Secret/NO FORN. Shocked at my discovery, I notified an agency on a nearby military installation. When nothing happened, I notified another agency. I continued this course because no action was taken and for a nation at war, I was concerned for the safety of our soldiers.

Doesn't all information want to be free? Only a true patriot could come up with this reason for banning P2P networks. Great Propaganda and a real good excuse for the mrs when you're caught downloading porn again.

John the Kiwi

Good luck in Federal Pound-you-in-the-ass Prison.. (0, Troll)

skermit (451840) | more than 10 years ago | (#9825406)

Regardless of sender/receiver transmission laws or digital rights/security issues, publically broadcasting classified and internal documents of our armed forces can be construed as a breech of national security. I doubt once this hits the major newslets (as of /. wasn't major enough) this website will be shut down, and he will be prosecuted to the fullest extent of the law. I thought I'd just find pictures, but there are security details, parts/order lists, confidential call numbers... this guy should/will hang.

military response (3, Funny)

spirit_fingers (777604) | more than 10 years ago | (#9825420)

The military will see this as a security breach and fix it by arresting Glen and taking his blog down, then they'll go after the P2P software on their PCs. Of course, none of this will, in the end, improve security or help protect our troops. But it will play well in Peoria on the 6 o'clock news.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>