- Secure Computing
- Guarding privacy
- File sharing overview
Filesharing overview
- Overview
- Top 3 ways to ensure compliance with the law
- How can I be identified as sharing files?
- File sharing - Frequently-asked questions
- Legal alternatives for online music & media
Peer to peer file sharing
Peer-to-peer (P2P) file-sharing technology allows users to make files available for other users to download and use. File sharers store files on their computers and the file-sharing software enables other users to download the files onto their computers. Examples of P2P file sharing networks include KaZaA, Gnutella, and FreeNet, among others.
How you use P2P software may violate federal copyright law and University Policy. If you use P2P software, you may receive notices of copyright infringement and or be subject to other legal action.
P2P file sharing can violate University policy
University Policy prohibits the use of the Yale computer network to violate copyright law (see http://www.yale.edu/policy/itaup.html). Additionally, University policy 1610 forbids activity that threatens the security of the Yale University network and computing environment. P2P software can undermine network security and expose your computer to threats, such as viruses, malware, password and identity theft, spyware, and other threats that can incapacitate computers. P2P file-sharing software can also impede legitimate Yale network traffic at busy times of the day.
University policy covering use of the Yale network extends to any computers you connect to the Yale network, whether at home or elsewhere off campus. If you’ve registered your wireless router using your NetID, any activity that occurs on the router can be tracked back to you. If you use VPN connections from home, your home network becomes visible as part of the Yale network.
P2P file sharing can be illegal
Using P2P file-sharing software that copies and distributes music, videos, software, games, or other copyrighted works without permission of the copyright holder is a violation of US copyright law. If you have P2P file-sharing applications installed on your computer, you may be sharing copyrighted works illegally without even realizing it. Even if you do not intend to engage in infringing activity, installing P2P software on a computer can easily end up sharing unintended files (copyrighted music or even sensitive documents) with other P2P users, and you may then be personally responsible for the legal and financial consequences of illegal file sharing on your computer.
Content owners, such as the recording industry, movie studios, and game and software companies, are specifically targeting illegal file sharing on university networks. The RIAA has employed aggressive legal strategies to address illegal file sharing, such as forwarding the University “early settlement letters” for alleged infringers and filing infringement lawsuits. Since September 2003, the Recording Industry Association of America (RIAA) has filed suits against more than 20,000 individuals using P2P software worldwide, and Yale students have been among those threatened with lawsuits.
Instant messaging can also pose a threat
Instant messaging (IM) allows users to send each other text, voice messages and files. Examples of IM are AOL Messenger (AIM), MSN Messenger, ICQ, and Yahoo!Messenger. Most IM clients do not provide strong authentication, making it hard to know if you're really talking to someone you know. Also, IM clients are vulnerable to electronic eavesdropping. Many IM clients now also have file sharing capabilities, which can be used to send malicious files.
Reducing IM security threats:
- Make sure you have a strong password, and don't allow the program to automatically sign-in to your IM program upon computer startup.
- Don't allow auto-accept file transfers. This is the fastest way for viruses or malware to transfer among IM communities.
- Free Internet IM programs generally do NOT encrypt your session or data, and at no time should you consider their IM conversations to be completely secure. Never discuss confidential information.
- Do not accept incoming messages from sign-in names that are not on your contact list. If someone wants to begin to communicate with you via IM, they should email you or phone you to exchange IM sign-in names.
- Most IM companies will contact you when a new upgrade or security patch is available. Install the upgrade or patch ASAP since many times the company is addressing a security flaw.
Next → Top 3 ways to ensure compliance with the law
