Sunday, March 19, 2006

Winny: Man Bites Dog

The file-sharing software Winny has been in the news a lot lately here in Japan, none of it good. It has security flaws that cause it to spread private info off of your PC out onto the Internet at large; that's rarely a good thing. Winny has been blamed for the leaks of 2,800 hospital patients, 1,500 crime victims, and, worryingly, door access codes for restricted areas at airports.

Now we have a case where crime was brought to light by Winny, a kind of "man bites dog" story: an illegal in-house betting ring was revealed at Kintetsu Railways because of a Winny data leak.

Most of these events that are making the news are cases where employees have used their private personal computers for work purposes. (I presume the reason it's not happening to more work PCs is that most companies here don't allow users to install software on their PCs; you have to use just what your IT folks provide.) This appears to be because, despite years of tax incentives for Japanese companies to buy IT equipment, many companies are still under-automated, leading people to bring their own PCs to work and use them. (They may also be finding this desirable because they're not allowed to install SW.) So, the government's solution to this (besides asking people not to use Winny) is to pony up money for the Self Defense Forces (which have also been hit by leaks) to buy 56,000 more PCs.

While it's not a bad thing that organizations will be improving their IT infrastructure, it's pretty busted when your solution to some form of malware is to buy more hardware. Just another reason to be angry about the state of the world of software today...

My memory tells me that the author is currently in jail and has offered to fix the problems if he's released, but at the moment I can't find a story on that...


Post a Comment

<< Home