What company needs to allow programs like Limewire, Kazaa, ShareBear, or any of the other P2P programs? Why not just block all P2P traffic and let people infect their systems at home if they want illegal music or file downloads?
Anybody have a legitimate use for P2P in an office environment?
Re: IM attacks up nearly 80%, Akonix says.
Anybody?
Latest security headlines from Network World:
China Netcom falls prey to DNS cache poisoning
Lockdown monitors the security of your computer
Analyzing fundamental flaws: Opening vs. unlocking
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
P2P In Businesses
Some people find ways to bypass security measures and download P2P software anyway. Management needs to deal with people it finds doing this, but sometimes the damage has already been done by the time it is discovered.
Attacks?
When the word "attacks" is used I think of an actual incident where some malicious code is successfully run on another computer, using IM (in this case). In this article (and perhaps the industry as a whole), it seems that this word is used in the sense I describe, and also in the sense of the code, or concept itself. Which is it? Without a precise usage of this word, this becomes a real misleading article. Are the number of threats up 78% over last year, or are the number of "attacks" up? This article has no evidence, beyond the use of the word "attacks", that anything more than the number of threats is up.
Attack vs. Vulnerability
The IM security center (www.imsecuritycenter.com) tracks "attacks", which are unique viruses, worms, trojans, or malicious web pages that have been discovered in the wild (i.e. these are not lab viruses)that use the instant messaging vector to propagate. It is a fair assumption that all of the executables and their variants have infected more than zero PC's, since Akonix's early warning system only detects new threats upon their release to the Internet. Akonix doesn't invest in theoretical lab work or research to find vulnerabilities or non-propagating threats. Our IM Security Center investment is entirely devoted to protecting our customers from real-life risks that come with the use of IM.
The evidence you seek is publicly available at www.imsecuritycenter.com, where each malicious executable is listed with a link to a description of the code, its impact, its risk level, etc.
We use the world "vulnerability" to describe the potential for exploiting weaknesses in applications (such as IM clients), if there is no evidence that the vulnerability has been exploited yet. For example, we were also quoted in an article on Friday, Jul.27, about a vulnerability that had been discovered in Yahoo Widgets. In this case, we do not use the word "attack" because there's no evidence, or even expectation that this vulnerability has been exploited, or that any viruses have been written or released that would exploit the vulnerability.
Don Montgomery
Akonix Systems, Inc.
News vs. self-serving promotion
When the source of the information is from the entity which stands to benefit how can you trust what they say? Objectivity aside, Akonix is in the business of selling an appliance that allegedly stops these kind of threats. Are threats on the rise? Perhaps, but how are we to know. This is one data set while there are millions of operational permutations. Is Akonix the only technology to stop these problems? No! And there are some very simple and extremely cost-effective methods of addressing these problems without installing new hardware or software. Training, monitoring usage & policy enforcement. Thank you very much.
Radio Stations, for one.
Radio Stations, for one. Specifically talk stations, that music they play coming into or going out of the shows? No station has the budget to purchase all that music, nor do they need to. As long as those snips of music are under 60 seconds, they are not required to pay any licensing.
The ability to obtain such music on the fly, especially when it's related to the content in some way, is very useful and helps create compelling programming.
Legitimate business use for P2P?
How about Open Office?
http://distribution.openoffice.org/p2p/
P2P
.Net 3 now had built in Peer Channel suppor to make it easy for programers to start incorporating P2P features into their software... the business of P2P is just starting... many of the newer video services are using P2P to help distribute the data... P2P collaboration software is becoming more common... P2P is going to become more common over the next few years... block all P2P? Why not just outlaw PCs that would fix it...
Open Source Software
I use a Windows desktop that is controlled by a "Mordok, preventer of information services" type IT manager. So, I now also bring in my new Dell Linux laptop that has the open source software and command line utilities I have become quite good at using (gnuplot, octave, scilab, gimp, firefox among others). Usually, Bittorrent is the best way to download new distributions, new versions of Open Office, and other big files so P2P certainly has a valid use.
I think bringing up the question of whether there is a valid use for P2P in the office merely exposes the author as someone who is ignorant of computing. It shows he tacitly thinks every single workplace is the same. Fortunately, those of us who actually know something about computers are usually able to dodge the heavy-handed and close-minded red-tape instituted by such people.
"I think bringing up the
"I think bringing up the question of whether there is a valid use for P2P in the office merely exposes the author as someone who is ignorant of computing. It shows he tacitly thinks every single workplace is the same. Fortunately, those of us who actually know something about computers are usually able to dodge the heavy-handed and close-minded red-tape instituted by such people."
spoken like a true user. There are reasons why certain things are not allowed on a network. It is not your personal play toy it is millions of dollars of company money specifically used for company purposes. Not your hobbies. If you wish to use uncontrolled P2P SW such as bittorrent you will deserve it when you are released for infecting the corporate network.
As a software developer
As a software developer deploying new versions, you might use P2P. For example, Blizzard's downloader (used in World of Warcraft) is P2P.