Sunday, December 7, 2008

Music Sharing, Malware, And You

I want to talk about music sharing. Not about the ethicality of it, that’s just a waste of breath. People are adamant about their beliefs on the subject on both sides, and I’ve found it’s useless to try and change anyone’s opinions on it. I want to talk about the consequences of music and/or file sharing, and I don’t mean the consequence of getting caught.

P2P (peer to peer) file sharing can be a very valuable tool. It’s central to quite a few things we take for granted, like SMTP email, which uses a P2P configuration between it’s mail transfer agents (or mail servers), coupled with a client-server connection with the end user (you). It also allows many users to share many files without the need for huge central servers, which can cave under the pressure of a sudden multitude of simultaneous downloads. All in all, it’s a pretty slick concept.

The problem is, when you install a P2P client such as BitTorrent or LimeWire on your home PC to share music and video, you open yourself up to a plethora of problems. Up to 30% of all music files available to download from your peers are infected, and no matter how careful and smart you are, sooner or later you’re going to hit a file that’s carrying a virus or malware that your protection software doesn’t yet have a definition for. A raging infection or two, combined with the added cpu usage from file sharing requests, can bring your system to it’s knees quick, fast and in a hurry.

Also, improper set up on installation with regards to files or folders to share, can leave you wide open to information theft. Here’s a link to a great article on InformationWeek, where the reviewer used LimeWire Pro to search out keywords such as “ssn”. The amount of personal information he culled from other users was downright scary. Now think about a double whammy, picking up malware that changes your file sharing settings, steals your personal info, then leaves the door open for others to find that same data. Oh yeah, and trashes your computer while it's at it. Yikes!

All this being said, if you do decide to venture into these murky waters, be sure to have a rescue plan in place. Take the time to make sure that your system is properly protected and backed up. Here’s a link to a simple guide, just to get you thinking in the right direction.

And if you do get hosed up, don’t call me. I know that you’re going to reinstall the P2P client as soon as you get the machine back. Don't give me that innocent look, you will, and I just don’t have the time or patience these days for that kind of “Ground Hog Day” like behavior.

That is all.

No comments: