[Dshield] Are P2P applications worth the risk?

Josh Ballard bal at ksu.edu
Tue Oct 7 19:07:16 GMT 2003

> "There is obvious business value in P2P applications.

I think it obviously depends on whose definition of P2P you are using. 
There are two quite different views on this topic.  The first is P2P
only referring to software such as KaZaA and all the others that allow
for the easy transfer of files between hosts.  Some business people who
don't understand this aspect of P2P see the concept as that of all
colaborative software falling into this category.  These would include
NetMeeting, any other blackboarding software, ICQ, MSN, etc. 
Essentially, P2P to them is collaboration, which is quite different than
what we all see P2P as.  If we are looking at the first (more obvious)
definition of P2P, then yes, it should be kept away from business, as it
has no business (pun intended) on your corporate network.  The person
who wrote this article is overlooking all the bad affects of P2P and
looking also at the idea of the distributive file model as well as the
new "great" technology in apps like KaZaA that can do distribute
processing.  Sure, some of these things would be great things to latch
onto, but I would NEVER use these services as provided by a company like
Sharman (maker of KaZaA), because they could care less about the
technology aspects, and just want to force their money making schemes on
as many people as possible.  I guess that's just my 2 cents, but using
P2P under the first definition in business is absurd, and under the
second definition from vendors of the first is pure idiocy.  I guess
I'll stop ranting now... ;)

Josh Ballard
oofle.com Security
Josh at oofle.com 

More information about the list mailing list