P2P research: clue needed

 At the ShmooCon hacker conference in Washington, D.C., last week two security researchers showed the very sensitive information that people inadvertently make available over peer-to-peer networks.In their presentation, “Information disclosure via P2P networks: Why stealing an identity via Gnutella is like clubbing baby seals,” pen testers Larry Pesce and Mick Douglas said they found a lot of music, porn, malcode collections and the following:-- driver's licenses, passport and tax return forms with Social Security numbers;-- someone's will-- A retirement analysis form with savings account totals and income estimates;-- An IRS form with taxpayer identification number;-- A completed Turbo Tax form with personal information filled in.The two have started The Cactus Project to help security specialists do similar research to help organizations tighten up the information they share over P2P. They list best-of-breed tools for conducting the research, including Mutella and the Gnutella Protocol on their site http://pauldotcom.com/cactusproject.html.The Network World story quotes Douglas: “"We have to keep trying to educate people, but through this kind of research can take steps to better protect their own organizations going forward.Network World story here.These guys are clearly having too much fun. Below is a quote from the pauldotcom.com site:“I (continue reading...)