news / tech talk

Know Thy Programs

by Lee LeClair
04/15/2008
As seen in Inside Tucson Business

While traveling recently, I stayed at a large hotel and used their in-room Internet connection. As I worked, I listened to music on my laptop’s iTunes software. I noticed under the iTunes menu that there were a couple of other user’s names in the “shared music” section. I was surprised to see the name of a colleague I was traveling with. I selected his name and after a moment, saw the contents of his iTunes music library. Out of curiosity, I tried to see if I could copy any songs but I was not able to (at least not easily or simply) and when I tried to play one of his songs, I was prompted to login to the iTunes store.

I called my colleague to let him know that his iTunes were visible on the hotel network and that I was surprised that he listened to Dan Fogelberg. The more disturbing thing to me was that iTunes shared at least the index of the music library it contained by default. One has to go under preferences and specifically disable the default share. The general lesson is that there is a lot of useful software out there but it is very important to be thoroughly familiar with whatever you choose to load and use. Obviously there are Trojan programs in the wild that are malicious, but one has to be careful even with “honest” software. This is particularly true for those that want to use peer to peer programs like Limewire or Instant Messaging programs.

File sharing and peer to peer programs are geared towards making file transfers and sharing simple so if you are going to use one, be careful to read some documentation on it. Also, go through the preferences and options menus and make sure you understand how files are shared and transferred. Normally, the user has a lot of options for limiting how much, how fast, and to what extent sharing or transfers occur. Ensure you understand these and set them according to your preferences. Also, make sure you understand how the services install themselves. Many set themselves to start up when the system boots up and to minimize themselves to the system tray even when a user hits the “kill window” button. Again, this is not malicious but the most common use of these types of programs since they are often left operating in the background all the time. If you do NOT want this behavior, you need to modify the default behavior.

Do not limit this kind of scrutiny to file sharing and IM programs, afterall iTunes is a music program. Familiarize yourself with all of the software you normally use and of course closely examine any new programs you are thinking of using. Finally, use a good personal defense software package on your mobile workstation. Often these will alert you and/or block sharing or file transfer attempts from programs until you say it’s cleared; this is a good thing. There are a number of vendors for this type of software from ZoneAlarm, Symantec, McAfee, etc. Load one and keep it up to date since many of these are multi-purpose (anti-virus, anti-spyware, firewall, etc.). It is a rough cyber world out there and while security packages help, it is ultimately up to Internet citizens to be aware, knowledgeable, vigilant, and cautious to keep from being owned.

Lee Le Clair is the CTO at Ephibian. His Tech Talk column appears the third week of each month in Inside Tucson Business