Gnutella Virus, Other Problems Expose Limitations of P2P Computing

Joyce Winslow
jwins@oregon.uoregon.edu

Peer-to-peer (P2P) computing, made famous by Napster and other popular file sharing vendors, has recently been showing its dark side.

In late February, a virus attacked users of the Gnutella file sharing service. Named W32/Gnuman.worm, or Mandragore, it was purportedly the very first virus to affect peer-to-peer communications.

This worm virus generated a malicious file that posed as an ordinary, requested media file. Unsuspecting Gnutella users requesting media files from the infected computer got the virus instead. Because the virus was disguised as a media file, it was not immediately detected (e.g., if users searched for songs containing the word "blue," the infected computer would send them a file named "blue.exe" in response).

Whereas the Gnutella virus was more of a disruptive nuisance than anything else, its appearance highlights the vulnerability of peer-to-peer computing.

For more details on the Gnutella virus, see the InfoWorld.com article at http://www.infoworld.com/articles/hn/xml/01/02/27/010227hnp2pvirus.xml?0227alert

Changes in Terms of Service. Some providers of free internet access are becoming so aggressive in trying to position themselves to offer P2P services that they are making dramatic changes to their Terms of Service agreements. The small print in these agreements authorizes these vendors to virtually take over your PC for whatever purpose they choose, and absolves them of any liability whatsoever, even in cases where they may be at fault.

You'll find a complete discussion of these changes in the article, "Peer-To-Peer's Dark Side: Vendors May Demand a Piece of Your CPU," at http://www.byte.com/column/BYT20010222S0004