IF YOU DO P2P, HOW TO STAY SAFE

Yesterday’s post was devoted to a basic explanation of P2P, citing several sources where you could find more information. One of those sources, OpenP2P.com, had a very distressing statement quoted earlier, and worth repeating today: the use of P2P applications means “operating in an environment of unstable connectivity and unpredictable IP addresses.” If you choose to use this medium through one of the software applications available, there will be some level of risk for the bad guys to steal whatever information you put out there, personal or otherwise. In an older article by OpenP2P.com, we are reminded of some basics when it comes to any Internet surfing or receiving of e-mail. P2p can be either secure or insecure, and that is based on the kind of technology you use. As an example, many systems were designed from the ground up to emphasize security, including Groove, NextPage and Softwax. Before you jump into the P2P craze, research the application you are buying to participate. If you’re already in, ask the software company just how good is the security they have built into the application you are using. P2P offers an excellent environment in which to spread viruses, so make sure you have good protection, and that it is up to date. And remember the age-old axiom of “curiosity killed the laptop.” Don’t open a file if you don’t know who it is from. Period! But I want to assure you this isn’t a mandate against peer-to-peer file sharing. Rather it is a signal from someone concerned over the safety of your name and personal data, and I want you to be conscious of the hazards. In my estimation, P2P has the potential to become one of the biggest catalysts for identity theft we have ever seen. One of the best sites I have found for information on just about anything is About.com. It has a piece you should read re. P2P network security titled, “Peer-to-Peer (P2P) Network Security.” The information is good, a lot of which I am documenting here, but there are also some helpful links. There are four steps to help you prevent becoming a victim, and other pointers that, again, go back to the basics. You should have a firewall, either as a part of your router or in separate software. With some applications, like BitTorrent, in order to share or access files, you will have to open a specific TCP port to communicate. At that point, you are no longer protected against the bad guys. Also, if you don’t know who you’re downloading from, you could introduce a Trojan or backdoor that would allow ID thieves to romp around your private information at will. Here are the four security steps recommended: 1) Never install P2P software on a corporate network without permission; 2) Check out the P2P software comprehensively for its quality as well as security before acquiring it; 3) Watch what you designate for sharing, making sure not to specify the “C” file in general, which includes almost everything; 4) Make sure everything you bring in is scanned by your virus software. None of this is guaranteed, but at least you’re ahead of the crooks if you prepare for the worse. More on the P2P phenomenon later.