Are P2P networks leaking military secrets?

By John Borland
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: Judge: RIAA can unmask file swappers
July 27, 2004; Senator wants to ban P2P networks
July 22, 2004; Gnutella swapping cookies, too
February 8, 2001

A new Web log is posting what it purports are pictures, documents and letters from U.S. soldiers and military bases in Iraq and elsewhere--all of which the site's operator claims to have downloaded from peer-to-peer networks such as Gnutella.

The "See What You Share" site has been online for a week and has published photos ranging from a crashed military jet to a screenshot of a spreadsheet file that appears to include names, addresses and telephone numbers of Marines.

The site's operator, a 30-year-old named Rick Wallace, wrote in a blog posting that he is trying to help the military understand how serious a security risk unmonitored peer-to-peer file sharing can be. CNET News.com could not independently verify the authenticity of the documents posted on the site.

"I want everyone to know that we can be our own worst enemies when we don't understand the full power of our technology," Wallace wrote in a posting explaining the site. "I want every military and government agency to see firsthand what is being shared with anyone who has a computer. Since a picture is worth a thousand words, I can save myself some talking."

Among the items appearing on the site were documents from a transportation unit at Fort Eustis in Virginia. A Fort Eustis spokesperson contacted could not immediately comment.

The issue of unmonitored file sharing has been a problem since the release of Gnutella, which allowed people to share the entire contents of their hard drives, rather than just MP3 files, as had been the case with Napster.

Network watchers quickly noted that some people appeared to be sharing much more than they realized, including personal information and Web "cookie" files that sometimes included passwords for credit cards and e-commerce accounts.

Critics of file-sharing companies, including the Recording Industry Association of America, have often pointed to this accidental sharing of personal information as a rationale for tighter regulation of the networks.

Wallace told CNET News.com that he first downloaded a zipped file of classified documents a few months ago on Gnutella, with stamped security clearances ranging from "For Official Use Only" to "Secret/NO FORN." (NOFORN typically stands for "not for release to foreign nationals" in military parlance.) The documents contained real-time information about operations in Iraq, "stuff that could kill people," he said.

In an interview from Germany, where he lives with his wife, a U.S. Army officer, Wallace said he had contacted local military intelligence about the issue. They forwarded the information to a higher level, but there was little further response until he contacted the office of Sen. Conrad Burns, who represents Wallace's home state of Montana, Wallace said.

Burns' office confirmed that the conversation had taken place.

"We did send a letter to the secretary of the Army," Burns spokesman J.P. Donovan said. "We are monitoring this as it goes along."

Shortly after Wallace got in contact with Burns' office, the file of classified documents disappeared from Gnutella. But many other potentially sensitive files remain on the sharing network, ranging from confidential military documents to internal information on public safety authorities procedures, Wallace said.

"If you're a terrorist, imagine the damage you could do with that," Wallace said. "I don't really care if people share their love letters online. The only things I care about are when people share information that could hurt people."

Wallace said he now calls agencies once before posting information on his blog but sees the site as a way to spotlight a problem that could cost lives in the future. He said he blacks out information that could be classified before posting a file.

See more CNET content tagged:
Conrad Burns, Gnutella, military, P2P, file-sharing

Add a Comment (Log in or register) 2 comments

Mr. Wallace has a point
by July 28, 2004 1:25 PM PDT: As someone who has knowledge of this situation having been, until recently, responsible for cyber investigations in Germany for the U.S. Army, I'd like to make a couple of observations. First of all, P2P software is banned from all U.S. Army computer networks for the very reason this web site exists. This ban is/was fully enforced by the Army I.S.P. as computer security is taken very seriously there. That being said, U.S. based Army network security is far more fragmented and harder to enforce due to its geographic spread. Secondly, with respect to the Iraqi photographs, soldiers are allowed to bring cameras with them into combat zones. Many of these cameras will be digital. Soldier morale is enhanced by Internet access, ergo; images of what these soldiers are going through are going to be sent back to the "home front". It is entirely possible that the images "from Iraq" are actually being shared from computers in the United States as P2P works anywhere in the world. I'm not attempting to excuse anybody's behavior here, just trying to put it in a little perspective. Finally, as with any news story, you generally only hear half the story. I think Mr. Wallace has done a service for all of us in highlighting this particular issue, but when is the axe finally ground enough? plf5403@spymac.com; Reply to this comment

Secrets leaked on P2P, and?
by July 29, 2004 3:37 AM PDT: No disrespect to what the author of the website is trying to highlight about P2P networks, but the internet as a whole can be used for the same purposes. The information could easily have been uploaded to a hijacked ftp server or even openly posted on a website. It seems to be that P2P is taking more than it's fair share of critisism; if people wish to leak information, there are many means other than P2P. As for people making themselves vulnerable by sharing things that they shouldn't, well such things will/would happen without P2P. Look at the number of phishing scams that happen, and people fall for them.

Give P2P a break, it can be a useful technology, but like any other it can be abused, however it seems to be the only one getting the attention for it's misuse. If people would care to look for the amount of misuse of ftp servers etc, then maybe they'd realise that P2P isn't as bad, or is only as bad as other technologies.; Reply to this comment

Latest tech news headlines

Foxmarks syncs your passwords across PCs
Posted in Webware by Rafe Needleman

October 15, 2008 5:19 PM PDT
IMDB turns 18
Posted in News - Gaming and Culture by Daniel Terdiman

October 15, 2008 5:17 PM PDT
FBI targets rise in cybercrime from U.S. and abroad
Posted in News - Politics and Law by Stephanie Condon

October 15, 2008 4:19 PM PDT
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
IDC: Netbook shipments up, expect constrained IT budgets
Economic turmoil drives lowered consumer and professional spending on PCs, but makes cheaper Netbooks more attractive.
Gallery
Photos: Solar business heats up the Golden State
The Open Road
Ah, the irony! SAP freezes internal IT purchases
SAP is halting internal IT purchases. Should its customers do the same?
Coop's Corner
Vint Cerf backs Obama for U.S. president
Internet legend says he's casting his vote because of Obama's position on Net neutrality.
Video
'Prototype This' invents the future
News - Wireless
FCC chairman backs use of 'white space' spectrum
The chairman of the FCC said Wednesday that he supports the use of unused "white space" spectrum for wireless broadband services.
Video
Apple laptop redesigns and a lower price
News - Gaming and Culture
IMDB turns 18
You might not know it, but the site that has become the definitive repository of information about movies is older than the Web.
News - Cutting Edge
'60 Minutes' video: Drone warfare in Iraq
UAVs like the Predator are a highly valued asset for the U.S. military as it pursues "fleeting and perishable" targets. Lesley Stahl reports.
Gallery
Photos: 'Popular Mechanics' breakthroughs
Webware
Foxmarks syncs your passwords across PCs
Use more than one computer and hate managing passwords on them? Check this out.
Green Tech
Tesla Motors replaces CEO, plans layoff
Elon Musk, company investor and chairman, will take over as CEO, replacing Ze'ev Drori, who will join the board. Layoffs are also planned as part of a corporate review.