The use of LimeWire, a popular peer to peer (P2P) service, as a tool for identity theft has been highlighted by a court case in Seattle.
Frederick Wood was sentenced to three years in prison today for stealing LimeWire to steal personal information, using that to fraudulently buy goods online and then selling them on Craigslist.
Wood admitted to using LimeWire to trawl the hard drives of user’s computers, entering terms like "tax return" and "account" to find financial information.
He also searched for college application forms because of the wealth of financial information they contained.
When police raided his computer they found the financial information for more than 120 people. This data had been used to forge cheques which were used to buy electrical goods.
He was only caught because of a more low tech crime. He arranged to sell a laptop face to face and switched the computer’s box, leaving the potential customer with a box containing a book and a vase.
Limewire and other peer-to-peer systems need very careful setup when they are first installed, since the default setting is to share all the information on the hard drive online.
This is not only a problem for consumers but also for business.
Congress has heard in the last month that key government data, including details of presidential safe houses, was available through the P2P system because IT administrators were not barring LimeWire either on the computer or via the firewall.
