Posted by: : Category: 
After detailed information about president Barack Obama’s “Marine One” helicopter leaked over a peer-to-peer network and hundreds of thousands of tax returns, medical records, credit reports and other sensitive documents were inadvertently shared via P2P, Congress reopened an investigation to determine whether LimeWire has added security safeguards, as it promised legislators it would two years ago.
Wired.com obtained an advance copy of LimeWire CEO Mark Gorton’s response to Congress (.PDF), sent by LimeWire to the House committee Friday morning. In it, Gorton explains the extensive steps his company has taken to eliminate the inadvertent sharing of documents, including ignoring document-related file types in its default setting.
The House of Representatives’ Committee on Oversight and Government Reform demanded his response with a stern letter (.PDF) issued to Gorton on April 20 with specific questions about steps his company has taken to ensure that people no longer inadvertently publish such documents to the world at large.
Congress views this not only as a matter of personal privacy for citizens, but also of national security, because Limewire is installed on some government and/or defense-contractor computers. Detailed data about Obama’s helicopter was downloaded by an Iranian IP address, according to WPXI. And Bob Boback of Tiversa (the company that discovered the leak in February), pointed to IP addresses in China, Pakistan, Qatar, and Yemen as having sought similar information via P2P.
However, the latest version of LimeWire appears to solve the problem. Only older versions of the software put users at risk of sharing their social security number, schematics for the president’s helicopter, or whatever other sensitive documents are stored on their hard drives.
“LimeWire 5 by default does not share documents even if a user purposely attempts to do so,” writes Gorton in his response. “LimeWire will not allow it. In fact, LimeWire 5 [released in December] goes so far as to automatically un-share documents that a user may have shared using a 4.x version of LimeWire.”
The program ignores documents completely unless you blow off several warnings and decide to share them anyway, and several other safeguards are in place. For instance, the program no longer shares everything in a particular folder, only specifically-chosen files. If you set a folder to be shared, then mistakenly drag a document into that folder, LimeWire will no longer share that document.
“To understand first-hand the level of security we have achieved I encourage any member of the Committee to do a default install of LimeWire 5 or later on any computer and attempt to share a document type file,” wrote Gorton. “LimeWire will not permit it.”
After reading the full text of Gorton’s responses, we’re satisfied that the latest version of LimeWire solves the problem. We should soon find out whether Congress feels the same way.
See Also:
- LimeWire Creator Brings Open-Source Approach to Urban
- Lime Wire Adds Social Networking Features
- Music Industry Squeezes LimeWire
- Comedy Central Signs Comedians to Lime Wire Store
Source: Eliot Van Buskirk
