SoylentNews

aristarchus writes:

[Editor's Note: This is a little different from our usual offerings, but if you have 10 minutes to spare, it is an interesting read. It explains how users of Limewire - a file sharing program popular 20 or so years ago - were unintionally leaking personal and private data which gave one person an idea that just grew and grew.]

Long, interesting story on cyber-security, in The New Yorker magazine.

Before Robert Boback got into the field of cybersecurity, he was a practicing chiropractor in the town of Sewickley, Pennsylvania, twelve miles northwest of Pittsburgh. He was also selling used cars on eBay and flipping houses purchased at police auctions. The decision to branch out into computers came in 2003, after he watched a "60 Minutes" report by Lesley Stahl about pirated movies. For years, while digital piracy was devastating the music industry, Hollywood had largely been spared; limitations on bandwidth curtailed the online trade in movies. But this was changing, Stahl noted: "The people running America's movie studios know that if they don't do something, fast, they could be in the same boat as the record companies.

The story gets more interesting. Bob visits Langley.

Inside, the head of the Directorate of Science and Technology was joined by an official representing In-Q-Tel, a corporation that the C.I.A. had set up to fund new technologies. (The "Q" refers to the technician in James Bond films.) A follow-up call from one of the participants led to more trips to D.C., and suddenly Boback and Hopkins were journeying through the shadow world of the post-9/11 national-security establishment.

And, file-sharing detection as a service.

Tiversa's prominent supporters quickly helped Boback assemble an impressive client list: Capital One, Lehman Brothers, Goldman Sachs, American Express. The companies were paying for a monthly monitoring service, in which Tiversa scanned for breached corporate information, or the personal data of top executives. By this time, EagleVision X1 could access more than a million users, and its capabilities were expanding. Because peer-to-peer networks were constantly in flux, as people turned their computers on and off,
Hopkins had designed a stable repository for the system, which became known as the Data Store. EagleVision X1, programmed with search terms that were set for clients (for instance, "Lloyd Blankfein," for Goldman Sachs), would scour the networks, then deposit what it found in the Data Store. Each file was labelled to indicate when it was downloaded and what I.P. address it came from, so that its behavior could be tracked—if it remained in the same location, or if it was being shared, or if it suddenly vanished.

What happens to this respository is one of the interesting, and unanswered, questions in the article. Suffice it to say, it does not end well, to get people to buy data security services, sometimes you have to scare them by stealing or faking a theft of their data. Interesting read.

Original Submission