{"id":3140,"date":"2001-07-19T14:59:11","date_gmt":"2001-07-19T19:59:11","guid":{"rendered":"http:\/\/smperformance.wordpress.com\/?p=3140"},"modified":"2001-07-19T14:59:11","modified_gmt":"2001-07-19T19:59:11","slug":"stratvantage-consulting-llc-mikes-take-on-the-news-071901","status":"publish","type":"post","link":"https:\/\/stratvantage.com\/index.php\/2001\/07\/19\/stratvantage-consulting-llc-mikes-take-on-the-news-071901\/","title":{"rendered":"StratVantage Consulting, LLC — Mike’s Take on the News 07\/19\/01"},"content":{"rendered":"\n\n\n
\n

From Evernote:<\/a><\/h3>\n<\/td>\n<\/tr>\n

\n

StratVantage Consulting, LLC — Mike’s Take on the News 07\/19\/01<\/h1>\n

Clipped from: http:\/\/www.stratvantage.com\/news\/071901.htm<\/a><\/td>\n<\/tr>\n<\/table>\n

T<\/strong>he News \u2013 07\/19\/01<\/h1>\n

P2P Use May Be Even More Illegal Than You Thought<\/em><\/strong><\/p>\n

It\u2019s fairly well recognized in the post-Napster world that using peer-to-peer technology can get you in trouble.<\/strong> Legal woes for Napster and its users, however, centered more around the copyright infringement issue, and not on the technology.<\/strong> Well, David McOwen <\/a>, a now-former employee of DeKalb Tech, part of the Georgia state university system, may soon be arrested and face a maximum penalty of 15 years in prison \u2013 for installing a screensaver from Distributed.net on some of the computers at DeKalb.<\/strong><\/p>\n

So what could possibly be worthy of hard time in this case?<\/strong> Well, at first you might think of the stolen CPU cycles.<\/strong> Distributed.net farms out large computing projects to many participating computers, who work on them when they\u2019re doing nothing else.<\/strong> Although idle Georgia state resources were used, it\u2019s hard to see the foul there.<\/strong> The computers weren\u2019t doing anything anyway.<\/strong><\/p>\n

It turns out the state wants to nick McOwen for using bandwidth, a very expensive amount of bandwidth.<\/strong> It claims that the Distributed.net client cost the state $415,951.<\/strong>49 in bandwidth charges, which it calculates at 59 cents per second or $1,529,280 per month.<\/strong> I want to be that college\u2019s broadband provider!<\/strong> Especially considering you can get a full T-1 for under $900 a month in DeKalb county.<\/strong> So at that price, the state is claiming McOwen stole roughly 61 terabit-seconds of bandwidth, most of it in December when few students were in school.<\/strong> Clearly, the damages must be based on something other than bandwidth.<\/strong><\/p>\n

Leaving aside the preposterousness of the monetary charges, it\u2019s clear that McOwen did make non-business use of state resources, along with probably hundreds if not thousands of other state employees.<\/strong> I can\u2019t decide if Georgia is just that clueless, or if it merely wants to set an example by crushing this poor defenseless system administrator.<\/strong> Taking a look at the math, though, makes me lean toward cluelessness.<\/strong><\/p>\n

If you\u2019re concerned about this travesty of justice, you might want to give David a hand.<\/strong> You can contact his attorney, David Joyner, of law firm Kenney and Solomon <\/a> in Duluth Georgia, at cdjoyner66@aol.com <\/a> or 770-564-1600.<\/strong><\/p>\n

Regardless of how you feel about McOwen\u2019s plight, this story underscores a key issue that businesses will have to deal with regarding P2P computing.<\/strong> While it may be ludicrous to think that McOwen\u2019s use of public property caused $415,000 in damages, it is entirely possible that employee use of P2P technology could damage a business.<\/strong><\/p>\n

Most applications in the hive computing or distributed computing class, like Distributed.net and the more famous SETI@Home, are fairly benign.<\/strong> They accept small chunks of data from a server on the Internet, and run as screen savers to process the data.<\/strong> The result is sent back to the server, and it generally is also not a large amount of data.<\/strong> It\u2019s possible that employees will leave their computers on more when running one of these applications, and it\u2019s even possible that they will get paid for using business resources.<\/strong> But outside of a little electricity and wear and tear on equipment, along with a little bit of extra bandwidth usage, there\u2019s not usually a lot of direct damage to the enterprise.<\/strong><\/p>\n

File sharing P2P applications, however, are a different matter.<\/strong> Although there is a security risk in running even hive computing applications within the enterprise, the risk is magnified when employees run consumer-grade file sharing applications.<\/strong> Although Napster may be becoming a non-factor, there are many other services like Morpheus <\/a> or KazAa <\/a> springing up to facilitate music file sharing.<\/strong> Then there are other services such as Gnutella <\/a> and Wrapster <\/a> that let users share any kind of file, even sensitive company information.<\/strong> For more information on P2P applications, see the white paper, The Buzz About Hive Computing: Putting Peer-to-Peer Computing to Work <\/a>,<\/em> or the P2P for Business Directory <\/a>.<\/strong><\/p>\n

Many enterprises solve these problems by identifying the ports and protocols the offending services use, and then blocking them.<\/strong> The problem is in keeping up with the myriad services, and knowing where to stop.<\/strong> For example, your employees may be using Instant Messaging (IM) clients such as AOL Instant Messenger, or similar programs from Yahoo and Microsoft.<\/strong> They may even be using these IM services to communicate with customers and suppliers.<\/strong> Plus, these clients can also allow users to share files.<\/strong><\/p>\n

Clearly the P2P phenomenon can mean a loss of control, at the enterprise level, over what happens on your network.<\/strong> Although there are many P2P companies such as Groove Networks <\/a>, Mercury Prime <\/a>, and 1stWorks <\/a> developing secure IM and other secure collaboration technologies, adopting these solutions doesn\u2019t address the problem of what to do with rogue Internet applications on your network.<\/strong><\/p>\n

At the very least, businesses should formulate acceptable Internet use policies and require employees to sign and abide by them.<\/strong> But make sure these policies have a heart. If you ban all personal use of the Internet, you\u2019ll make scofflaws out of every employee who wants to check the weekend weather or occasionally visit a recreational site.<\/strong><\/p>\n

There\u2019s no denying that non-work use of computers is a problem.<\/strong> According to the 2001 Web@Work study <\/a> sponsored by Internet filtering vendor Websense <\/a>:<\/p>\n