The goal of the report was to improve understanding of the causes of inadvertent file sharing by analyzing data released to the House Committee on Oversight and Government Reform by LimeWire prior to a hearing held by the committee in July, according to the PFF. The report also assesses the efficacy of LimeWire’s efforts to improve the LimeWire program since that hearing.
The report was written by the same authors who composed an analysis published by the U.S. Patent and Trademark Office in March, entitled “Filesharing Programs and Technological Features to Induce Users to Share.” At the House committee hearing in July, much of the discussion surrounded points raised in the report published by the USPTO in March.
At the committee hearing, LimeWire CEO Mark Gorton expressed surprise and chagrin that his company’s product apparently was so vulnerable to the problem and pledged to do “everything in my power to fight inadvertent file sharing.”
According to the PFF, their subsequent analysis of LimeWire’s response raised significant doubt as to whether his company had in fact done anything substantial to address the problem in the months since the House committee’s hearing.
The PFF report identified a number of “the problematic behaviors” still present in the software, including that all of the software’s “sharing-related interfaces recursively share subfolders of selected folders;” the software’s partial-uninstall feature “makes its default behavior so unpredictable that neither LimeWire’s Response nor its CEO can correctly describe it;” and the software’s Individually-Shared-Files (ISF) feature “still tags all downloaded files as ISFs, forcing users who want to stop sharing downloaded files to complete a complex, multistep process across multiple interfaces.”
Inadvertent sharing “has become a documented threat to national, military, corporate and personal security and a known cause of identity theft,” according to the PFF.
Tom Sydnor, director of the Center for the Study of Digital Property at the PFF and principal author of the report, told XBIZ that while he believed that an investigation into the practices of file-sharing software is needed, passing new legislation is not the answer.
“Vigorous enforcement of existing laws is what we need,” Sydnor said. “This is not an issue where we need new laws to deal with it. Tricking people into clicking links, or tricking them into installing software or sharing files is illegal to begin with, under any number of laws.”
Since the problem of inadvertent file sharing has been known about and reported on for years, and the companies involved in the creation and distribution of file sharing software generally insist that they are serious about fixing the problem, Sydnor said “the real question that lurks in the background is ‘why does this problem persist?’”
“These programs are very difficult to use properly, or to use safely,” Sydnor said. “If you look at LimeWire’s testimony [in front of the House committee], their CEO basically claims it is a ‘stupid user’ problem.”
Sydnor said that the PFF’s latest report calls LimeWire out on their “stupid user” explanation, and makes the case that it is not a question of stupid users, but of software that is crafted — intentionally or otherwise — to encourage inadvertent file sharing, a flaw that Sydnor says falls right back on the software designers.
“The real question is whether it is a ‘stupid’ design, or a malicious one,” Syndor said. “That’s what we need an investigation to determine.”
XBIZ was unable to reach representatives of LimeWire for comment; the contact form on the LimeWire website was dysfunctional as of press time and simply returned an error message stating that an “unknown error occurred while attempting to send your message.”
XBIZ was unable to locate any documents or postings directly relating to the PFF report on LimeWire’s website. On its website, LimeWire provided a document entitled “About Using P2P Software Safely” that was published in response to a consumer alert previously issued by the Federal Trade Commission.
On the website’s FAQ, the question “Are there security risks associated with using LimeWire?” was replied to as follows: “As long as you don’t share your entire hard drive, you shouldn’t encounter any significant security risks using Gnutella. However, make sure you are sharing only files you want to share, and to be completely safe, don’t run executable programs that you obtain from the Gnutella network.”
