Wow – this is the fourth post on this topic and we’re still going strong! Today I want to tell you about “the mother of all computer infectors”………Files Downloaded Over Peer-To-Peer Programs (P2P)!! This is a nasty one!! Stay with me now!
I have two older sisters and one younger brother. When I was growing up, my mother taught us to share our things with each other and I came to see that sharing was a good thing. My brother, sisters and I, all sharing and benefiting from each others possessions. One big, unselfish, happy family – ah, how perfect! Truly: “to err is human, to share is divine”!!
Well, that’s what Peer-To-Peer programs allow you to do – share. P2P technology enables millions of computer users around the world to find, trade and share digital files with each other. P2P enables the transfer of billions of files among millions of people without knowledge of identity or even location. Everyone benefitting from each others possessions – one big, unselfish, happy world. Ah, how perfect right?
Well, actually no. To share is divine but to use P2P is to err for sure!!
There is nothing wrong with P2P programs such as uTorrent, BitComet, Limewire, Azureus, etc. in and of themselves. Like I said, these free P2P clients allow easy swapping of music, video and other files over the Internet. By using a P2P computer program, a user can scan the hard drives of millions of people and instantly acquire (download) content with the click of a mouse.
Herein lies the problem:
1) Do you really want the entire world scanning your computers hard drive? If you are not careful you will share files and directories which contain potentially sensitive information such as passwords or licenses. What to do?
A) Carefully go through the program configuration options to make sure you are sharing only the files that you really intend to share. Disable any automatic downloading features (require at least a prompt) before any file can be downloaded.
B) Create a new empty folder and only allow download and upload access to this folder. Then place copies (not originals) of all the files you wish to share into that folder, and disallow access to any other directory or drive on your system.
2) Do you really want to download and install a file that you know nothing about? There is absolutely no indication or guarantee that the actual contents of the file(s) you are downloading are legitimate or safe until you download and attempt to open them. What to do?
A) Scan any P2P downloaded file with multiple scanners (one each of a virus, trojan and spyware scanner) before opening them.
B) Look to see how many people are sharing a file. If not many people are sharing the file then it may be fake, not what it purports to be, or even worse, contain some type of “poison”. If the file is being freely shared by a large number of people it has a better chance of being safe but there is still no guarantee that it is.
C) Always keep your User Account Control (UAC in Vista and Windows 7) enabled. In Windows XP, change your account type from Computer Administrator to a Limited account. For any OS manually scan your computer quite often.
Please see part 1 of this series
Please see part 2 of this series
Please see part 3 of this series
Professor Randy says: Sharing is wonderful but not when it comes to certain P2P files! If you must share files be smart, extremely alert and do all that you can to stay safe and secure!