LimeWire ID Theft Case Raises P2P Concerns

A federal court on Tuesday sentenced a Washington man to 39 months in prison for using P2P file-sharing service LimeWire to obtain personal information from unsuspecting users’ tax returns and other documents stored on their PCs.

Frederick Wood also sold illicitly obtained PCs on Craigslist and sometimes sold boxes that he said contained PCs but actually contained something else.

Wood was accused of running the scams from around July 2007 through July 31, 2008, according to court documents filed in March.

The conviction highlights the risk of P2P file sharing services, Assistant U.S. Attorney Kathryn Warma told “I’m not a techie but based on these cases and what our agents have seen, LimeWire makes PCs vulnerable,” she said.

Wood’s case is related to that of Gregory Kopiloff, who was sentenced in March 2008 to 51 months in prison for using LimeWire to commit ID theft.

“Kopiloff likely taught Wood how to do it,” Warma said. “They shared PCs and met.”

The file-sharing service has come under fire recently not only for risks to users, but also because it has been a vehicle for child pornography. In July, Norman Kidd pleaded guilty to one count of distributing child pornography and was sentenced to 80 months in prison.

In June, Eddie Randall received a 13-year sentence for downloading child pornography from the Internet into a shared folder and distributing it through LimeWire.

Cases like these caught the attention of Congress last month when Edolphus Towns, chair of the House Committee on Oversight and Reform, held a hearing on the topic.

Problem solved with LimeWire 5?

Today, a LimeWire representative referred to the testimony (available here in PDF format) at that hearing by Mark Gorton, the company’s chairman and founder. He testified that LimeWire had worked with law enforcement to improve its product and had achieved significant results.

“LimeWire 5 does not share any Documents by default,” Gorton testified. “In order for a LimeWire user to change their default settings to enable Document sharing, they have to click nine times and disregard three warnings.”

He warned the panel that LimeWire alone could not solve the problem of accidentally sharing files on the Gnutella P2P network.

“There are hundreds of P2P applications in the world that are based on the same protocol as LimeWire (i.e., the Gnutella protocol), that allow user access to this same network, and consequently, that contribute to the issue of inadvertent file-sharing on Gnutella,” Gorton said.

The problem of inadvertent file-sharing is therefore likely to continue. At last month’s hearing, Towns said he intended to draft legislation to tighten security on P2P networks.

“As far as I am concerned, the days of self-regulation should be over for the file-sharing industry,” he said.

Another lawmaker, Republican Mary Bono Mack, has already introduced a bill to that end. The Informed P2P User Act has 35 cosponsors, but has yet to emerge from the Energy and Commerce Committee.

News Around the Web