Quantcast

Forum Login

feed image
Directory News Latest News

Limewire, Government Leaks, and Tiversa "Spin" PDF Print E-mail

lwsetup.jpgGeneral Wesley Clark, speaking as a board member of a security software company Tiversa before the House Oversight and Government Reform Committee on Tuesday, cited a study revealing the presence of hundreds of classified documents being spread via Limewire . Over at Betanews we noticed the following quote, which is the biggest clue that there's a hidden agenda here.

"The material, it was discovered, was copied from the computer of a single Pentagon contractor, who happened to be a LimeWire user. She didn't share those files intentionally; instead, her local file system was exposed through LimeWire."

The problem? This is NOT how Limewire behaves.

Limewire *DOES NOT* expose the local filesystem, except for one explicit folder, *UNLESS* the user overrides this behavior MANUALLY. Furthermore focusing on Limewire fails to take into account Limewire is but one of MANY clients that connect to the Gnutella network. Focusing on Limewire solely (being the most popular Gnutella client), and ignoring the FACTS regarding how Limewire does, and most importantly DOES NOT expose filesystems, makes it clear that this is nothing but "spin". They're either too stupid to have realized Limewire DOESN'T expose the entire filesystem without manual changes to the client preferences, thereby letting a government employee completely off the hook, or they do realize this and fail to mention it on purpose.

Is Tiversa interested in facts? Or interested in obtaining government contracts? Betanews reports...
In testimony before the House Oversight and Government Reform Committee on Tuesday, Gen. Wesley Clark - the former supreme commander of NATO forces and US presidential candidate, speaking as a board member of and advisor to security software company Tiversa - cited a study by his company revealing that in a period of two hours' search time on the P2P file-sharing system LimeWire, over 200 classified US Government documents were discovered.

"If you saw the scope of the risk," Gen. Clark testified, "I think you'd agree that it's just totally unacceptable. The American people would be outraged if they were aware of what's inadvertently shared by government agencies on P2P networks. They would demand solutions."

Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Google! Live! Facebook! Slashdot! Technorati! StumbleUpon! MySpace! Yahoo! Free social bookmarking plugins and extensions for Joomla! websites!
Comments
Add NewSearchRSS
The Truth
securityguru (24.241.6.xxx) 2007-07-29 14:46:48
In the comment thread on this article @ betanews, here's the most telling and intelligent response I found.

"This is not a P2P problem, it is a security architecture problem. Is congress going to look at separate legislation for each of the hundreds of vulnerabilities in NCS and hit-on technology providers such as LimeWire or are they going to solve the basic problem of security architecture? This same government incompetence that looms in approaches to secure e-Visas, e-Passports and port security as well."

This seems to be a security company playing to the lack of understanding among members of congress as to what the security threats really are. And....it's a wee bit self-serving.
Reply | Quote
0 0
jpedersen (128.241.104.xxx) 2007-07-30 10:46:47
Hmmmmm.....

I read in PC World that Tiversa reported:

"It's the malicious user writing code that will expose the entire hard drive," he said. "Just because that user is a Lime Wire user, it makes it look as though Lime Wire indexed their system, when actually it was an executable within a download."

Yet, you claim that they reported that it was Limewire. Did you see that article? Are you implying that General Clark is lying under oath to get a government contract? As former military myself, I would highly doubt that such a decorated General would stoop to such acts.

In the written testimony online, it also cites multiple individuals of releasing this type of sensitive information. Are you suggesting that there are several people that are actively and knowingly committing treason against the United States by releasing classified information by resetting or overriding their defaults? That seems a bit outrageous. Or could there be something more…. This also do...
Reply | Quote
0 0
What I'm saying
securityguru (68.119.34.xxx) 2007-08-01 04:16:31
The whole POINT is this...

The modern internet connected world is potentially unsafe for the stupid. Blaming Limewire, or limewire exploiters MISSES THE POINT. The security policy that would allow government contractors to allow their employees to get away with such fundamentally poor security shows that we're once again blaming the "gun" for the "crime".

Poor security policy, poor employee oversight, and passing the buck however are the status quo. When Homeland Security gets a better grade than "D" from the GAO, let me know.

The speech given by General Clark obviously wasn't a lie. Noone (we included) claimed that it was. But it's a clear obfuscation of the real issues involved, pushed by a company with a vested self interest in passing blame to and using fear against the very p2p networks they SELL THEIR SERVICES to protect industry and government from. In any situation where your being given information, you should be 1). skeptical and 2). take the sourc...
Reply | Quote
0 0
Write comment
Name:
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
Security Image
Please input the anti-spam code that you can read in the image.

Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved.
 
© 2003-2008 Fastsilicon Media. All Rights Reserved