Wednesday, July 22, 2015

Never Use P2P

July 22, 2015

Why You Should Never Use Peer-to-Peer

For those of you who don’t already know, peer-to-peer file sharing is a big deal, not only for “legitimate” purposes (i.e., trading of non-contraband files), but also for more nefarious purposes such as trading in illicit images and videos.  This has become big business for law enforcement because the growing use of peer-to-peer (p2p) networks has made the searching for, downloading, collecting and trading of child exploitation images much easier and more prolific than it ever was before these networks existed.  But that’s not all they’re used for.  Arguably, the majority of traffic across p2p networks is for bootlegged music, movies, TV shows, etc.  This slightly more “legitimate” use of p2p services is not quite as damaging (or grotesque), but still opens users up to a myriad of potential problems.

What is Peer-to-Peer (p2p)?

Simply put, p2p is an internet-based service that allows other users (peers) to trade files across an open global network.  For example, if you’re a big fan of Beyonce, you can download one of several p2p software utilities (Shareaza, Limewire, Ares, etc.), which are generally free of charge and, once it’s installed, simply connect to the internet and search for “Beyonce” and voila! You will immediately receive hundreds of hits from other users all over the world sharing files with the title bearing the name “Beyonce”.  This sounds great, right?  Easy, fast and free.  Almost sounds too good to be true!

The Good

So the good things about p2p are that it’s free, fast and easy.  That’s about it.  And while that may be enough to convince you that you’ll log on right now and download a p2p utility and start your library exploding exponentially, please keep reading… Because free, fast and easy usually comes with a price.  This is true in p2p and in life.

The Bad

So what’s so bad about p2p?  We’ll get into the REALLY bad parts in the next section, but here’s some pretty bad side-effects for starters:

1)      You don’t know where your files are coming from

While you may be able to see an IP address and/or a country of origin of the files you’re downloading, that’s about it.  And unless you have subpoena power (and even that won’t help you in a foreign country), you have absolutely no idea where your files are coming from.  In fact, they could be coming from one of several different sources.  This is a common default setting in p2p software to speed up the downloads.

2)      You don’t know what you’re downloading

I’ll talk about this a little bit more later, but best-case scenario is you may be downloading files that contain malware, viruses, spyware, or any other of a number of digital “bugs” that could slowly (or quickly) destroy your computer system.  The fact is, these files aren’t verified and they aren’t authentic much of the time, so just because the file name says “Beyonce” doesn’t mean that’s what you’re getting.  Even if it is what you’re getting, the potential for some malicious code to be inserted that will log all of your keystrokes or save and send all of your passwords is fairly high.  Why take the risk for a free song or movie?

3)      You’re allowing others on the internet an open door into your computer system

As you may have been able to figure out by now, p2p isn’t all about getting files from others.  In order to get more downloads quicker, you have to share your files too.  Think about all the valuable information that may be on your computer – Banking records, website history, important documents… do you want all of that available to a savvy user of p2p in China?  Plus, sharing is turned on by default upon installation of these programs and these default settings sometimes go as far as naming what types of files will be shared on your system.  Again, more on sharing later.

The Ugly

So here’s why you really don’t want to ever use p2p software: Most of the content that you’ll find on p2p networks is illegal.  Sure, people sometimes share a PowerPoint deck they created or a story they wrote, but those are the exception.  More often, p2p users are sharing bootlegged copies of TV shows, music and movies.  You can download entire seasons of TV shows with one click.  Problem is, all of that material is copyrighted and therefore illegal to obtain for free. 

The other thing that p2p is routinely used for is pornography in all of it’s forms.  As former police detective who investigated the trafficking of illegal images, I’ll just tell you to think of some of the worst, most disgusting images you can imagine and go about 10 levels higher and that’s what is trafficked on p2p. Sure, there’s “normal” pornography on there, too, but anyone can get that from any number of websites.  Those who are interested in truly dark niche images turn to the p2p networks to download it because legitimate websites won’t post that material.

So let’s say you’re not into any of that stuff and you just want to download bootleg movies.  I said before that you never know what you’re getting, right?  Well when you search for files on a p2p network, the search hits are returned by file name.  Problem is, anyone can name a file anything they want, regardless of the actual content.  So if you’re looking for a movie starring Denzel Washington, you may get some legitimate hits, but you may also get hits from files that have people in them that look like Denzel Washington and someone inserted his name into the file name and threw it up on the p2p network and it happens to contain illegal images.  Guess what, you just broke more than copyright law!

The other problem has more to do with the underlying motive for even using p2p in the first place: laziness.  In many cases that I’ve worked, the target or client claims that they just performed a search for “normal” porn using the key word of “teen” (because they’re allegedly interested in 18 and 19 year-olds).  They get several dozen hits, click the top hit, scroll to the bottom and hit SHIFT + click and download the entire list.  This also happens with bit torrent files (google it).  Now they’ve just grabbed an entire library of potentially illegal material, whether it was intentional or not.  They do this because it’s quick, free, easy and they’re lazy.

Finally, the sharing comes into play.  It’s one crime to possess illegal images, it’s wholly another to distribute them.  The way the criminal justice system views it is that the victims in those illegal images are being victimized all over again every time someone views them, so to distribute them is much worse.  But as I said before, sharing is turned on by default and law enforcement targets those who are sharing illegal files.  It’s also quite possible to download an illegal file and be sharing it before you’ve even had a chance to view it and determine it’s something you really don’t want on your system.  Next thing you know, the police are knocking on your door.  That’s a bad day.

Advice is free and it’s always up to the receiver to take or leave it.  But speaking as one who has seen many, many cases come before the courts and many defenses attempted and failed, I’m forced to ask ‘why would anyone use peer-to-peer?’  It’s a bad idea, even if your motives are mostly legitimate.  The internet is the wild west -- it’s not regulated and seldom policed.  But my advice is don’t put yourself in the potential position to get caught up in something that could wind you up in prison.  When the digital media evolution happened, I decided that it’s worth the $1.00 or so you pay Apple or Google for a song.  It’s worth it to rent or buy movies legitimately from legitimate, verified sources.  It’s not worth it getting caught up in something you don’t ever want to be a part of…  Trust me on this one.

Patrick J. Siewert, SCERS, BCERT, LCE
Principal Consultant
Professional Digital Forensic Consulting, LLC
Based in Richmond, Virginia
Available Globally

About the Author:
Patrick Siewert is the Principal Consultant of Pro Digital Forensic Consulting, based in Richmond, Virginia.  In 15 years of law enforcement, he investigated hundreds of high-tech crimes, incorporating digital forensics into the investigations, and was responsible for investigating some of the highest jury and plea bargain child exploitation cases in Virginia court history.  A graduate of both SCERS and BCERT (among others), Siewert continues to hone his digital forensic expertise in the private sector while growing his consulting business marketed toward litigators, professional investigators and corporations.
Twitter: @ProDigital4n6