Accessing files on computers not running file sharing programs
 

Yesterday I was searching for documents. Some of the results were curious, so I downloaded some. (docs are small and quick to DL.) The files were patient information and medical records. Browse Host yielded the entire contents of her computer. Chat Host did not work. As it turned out, there was a good reason for that. Eventually I was able to talk to her; she is not running Limewire or any other file sharing program. She has no idea how her computer became open to the world. No one else uses her computer.
I spent most of the night learning that there are many (Since I found a few in 4 hours.) other computers out there giving the entire world access to their personal files. For example, I found a family in Washington State whose geneology, job applications, and other identity theft information is open to all. Stock trading information. Anything.
So all I can think of is virii and worms.
What gives? Anybody?

Re: Accessing files on computers not running file sharing programs
 

Um ... how did you chat to her? She obviously uses some type of gnutella client or otherwise you wouldn't have been able to browse or chat to her. She probably didn't understand what you meant by p2p program.

But yes, unbelievable that someone would be so careless. The default share location for LW is only the downld folder. So to share any other folder, etc. would have been set by the person themselves. It was said that versions of LW I think from 4.2 to 4.8.0 has a bug where someone "might" be open to access for other parts of their computer. But I've never heard of this happening before. I hope you told them to check exactly what folders they were sharing & remove only those desired to share.

I guess there's a small chance a network might be shared. But ... since you chatted with the person then obviously the mistake is theirs. I guess this also is why people should not downld to their desktop. It sounds like their downld/share folder is used for multiple purposes. They obviously keep private documents in there as well. LW 4.9 allows you to select particular files or folders not to share or to stop sharing via the LW Library window.

hmm too! He actually said he was able to TALK to her. I assumed by phone, or in person.... we are not told:confused: This is a first post... I'm curious how long andysippowitz has been using Limewire. My thoughts are of incredulity if the story is as told:confused:

I erred on the side of brevity.
I did not "chat" with her. I was able, through the medical records, to locate the doctor's office for whom she was transcribing. (On reflection, I could have tried to access her personal information to identify and contact her.) I gave them all the information I had as to how I had come to making the phone call. They knew immediately which transcriptionist it was, as I had her initials. I gave them my complete contact information, including phone number. They contacted her and passed along the number (Questionable conduct on my part, perhaps, but I am a former medical transcriptionist and knew that I was talking to a reputable medical facility). She called me this morning. She clearly had no idea how her computer got compromised. (No, P2P, file sharing, downloading music, swapping files, all of that are completely foreign to her.) She did not know what LimeWire was, had no idea what file sharing was, and shares her computer with no one.

I have been using Limewire, off and on, for a few years. I had a few thousand downloads, most of which were lost because I failed to backup the system. [Always do backups or at least duplicate your files to an external drive. Drives are so inexpensive now, we can keep a couple of them and connect one to update periodically, like off-site storage.] I am in hopes that someone can point to an infection. This person is to have an IT visit and analyse her system. I believe that she will turn out to be a live-alone, non-networked (working by modem) person who visited the wrong site and caught a bug.

Amazing. I can only guess "perhaps" it wasn't her that was sharing these files. There might be more than one copy. Yet also, someone might have accessed her computer thru a backdoor - spy program or the like / hacker. Most people wouldn't keep their own personal medical records on their own computer .. or am I misunderstanding here. It sounds like the medical office that was compromised. Be it a doctor/nurse or receptionist, etc.

So This Lady transcribes hand written notes onto her computer, and then E-mails them back to the Doctor's office? ... or might there be a network of transcribers connected to the office? If the second case the whole network could have a security flaw .... I'm really just typing my thoughts out, and I have very little knowledge of internet security, but I suspect Andy that you do. You say "I spent most of the night learning that there are many (Since I found a few in 4 hours.) other computers out there giving the entire world access to their personal files. "
I'm not sure it is wise for you divulge your secrets to the world, but It does pass through my mind "How the Hell did he do that?"

It's certainly interesting

One thought at a time.
I just e-mailed the lady in this case, and asked her if she bought the computer new or used, or did someone give it to her. I explained to her the ramifications of second hand computers, but I hope everyone here is already ahead of me.
I urged her to take it to a shop tomorrow and have it analysed.
How Medical Transcription works: In this case, she works from home. She might dial into the client's computer and listen to digital recordings, or someone could deliver tapes to her door, or she could be dialing into a tape machine (mighty unlikely, anymore). [I know these things because my daughter does it, I have been trained for it, and I worked at it in an office where our company computers connected to the client's computers.] Her finished product might have been e-mailed, in the past, but it probably is transfered as a file now.
The files I found included her stock trading files. The number of files was about right for someone that is not computer intensive and doesn't fill up with music or video. Evidently she is on a dial-up connection, because I can't access at night.

Next: I have never done this before yesterday; I'm just a quick study. :)
I will leave it up to the moderator whether or not to leave the following on the forum.
I was searching for manuals relating to my military surplus electric generators. The search was for Documents, with certain letters at the beginning of the file. This lady's files her work by the initials of the doctor doing the dictation. When I saw files with dates on them, I got curious and downloaded one. I recognized it, and Browsed Host. I wanted to contact her and alert her, but Chat Host didn't light up; naturally, since she had no knowledge of file sharing. [I am thinking that she has some obscure and obsolete p2p on a 2nd-hand computer - it makes sense.] I hunted down the phone number for the clinic that the op notes came from and called. Telling the operator that I had information on compromised patient files got me put straight through to the right person! Nothing like saying the right thing! The OM (office manager) hardly knows which way to push the buttons, but her assistant got on the speaker phone and, when I read them a few lines of the op notes, I had their full attention! They asked for a copy for verification purposes, and to be able to confront the MT. I e-mailed the file. I gave them this full explanation of how I happened to have the info, my personal phone number, and the name of my transcription employer. [I knew that they were legitimate, and wanted to put them at ease - an any good conman would.] The contacted the MT and she called me this morning. I am satisfied that she knows nothing of p2p by any name or activity.
Those of you who have stuck with me through this may now go get a beer.
So it's either malware or a used computer, I guess.
Now, for the "several more". Search for Documents by any keyword. When you find something that looks personal, Browse Host. Sort by Type and focus on txt and doc. Look for the Chat Host button: If it is greyed out, it might be a case such as I just described - Now, I am just guessing.
I reveal this for the same reason the security people tell you to keep your hedges clipped low in front of your windows: So you will know to protect yourselves.
I have no idea what her firewall situation is. If she even knows the word, she probably thinks that it is part of the floorboard of the car. And there is no way that I could ask the question without "How the llll can you be so stupid?" coming through my tone of voice. Even though I have no idea how to prevent this from happening to me.

misleading thread title
 

There had to be a gnutella client running on her computer: the client responded to search queries and to the browse host command, and returned results.

Those command were sent and returned in language only a gnutella servent would understand.

Sorry.

I hope she doesn't lose her job over your report.

Re: misleading thread title
 

Me, too. I talked to them as some length around noon Tuesday, assuring them that this was not something that she did or failed to do. But that was before I started wondering about its being a used machine. p2p apps don't install and open themselves, do they?
What is frightening is the number of other personal computers that are wide open. Where hers was evidently not a matter of her not setting the program up properly (if she did, indeed, not even know that it was there), the others that I found were doing file swapping and simply were not set up safely.

I'm sorry if this sounds rude but Andy what you are doing is no different than a hacker. Im sorry but I have a hard time believing this story. You have no right browsing personal computer data, study or not, yeah right. sorry but you are not FBI. You are snooping in others people's computers. I suggest you be careful with what you're doing or someone might file charges against you for privacy invasion, strange as it may sound. :rolleyes:

Right now, you could be considered a wannabe hacker. Yeah, you can browse hosts, thats no secret but to open personal doc files or go snooping in other folders is another matter. and, get your story straight on how you managed to contact this person or people. Because, Im really having a hard time swallowing any of it.


(sorry felt it needed to be said)

Reading this thread at the beginning was initially like a horror story. However, as the story is unfolding there are certain aspects that, as reported, just don't ring true.

I agree with both of you. I would not have gone into so much detail, except to convince the skeptics that this person and her computer were, indeed, not running (knowingly, at least) any form of file sharing software. I was, and am still, looking for an explanation other than the used computer scenario. As to snooping, it could be argued (if not convincingly) that the files are meant to be open to the world, if they are accessible to Browse Host. If my intent were simply to snoop, I would have been doing that, rather than trying to convince all and sundry to be more careful with which files you are sharing. Do I ring more true, now?

Im calling you on this. Computers ARE NOT wide open to the world, unless, said computer is run by an idiot that doesnt know any better. If using a P2P app such as Limewire, Bearshare and or others, YOU have to select a 'shared' folder and or folders. An entire hard drive IS NOT open to the world. So, like I said, I suggest you limit your snooping as if you go snoop where your nose doesnt belong, you could be brought up on charges by that person. When you browse a host, you are only browsing their shared folder, not the entire hard drive. I have mine set in Limewire to browse only the 'shared' folder and nothing else. ;)

[QUOTE]Originally posted by Sphinx
[B]Im calling you on this. Computers ARE NOT wide open to the world, unless, said computer is run by an idiot that doesnt know any better. "

Sphinx, I agree with everything you said. I have no right to snoop. If I really feel that the files are accessible by mistake, I should stay out of them; and indeed, that is what I am doing. That is why I am here, trying to reach people who can help get the word out.

I hope you are right. But this is fact: I clicked Browse Host. It yielded all of the files on the Host computer. The owner of the Host computer was unaware of the presense of a file sharing program.
If Browse Host yields results, based on what you said, the files were deliberately offered to all comers to read or use as the reader sees fit. But based on what I have observed and reported here, the files are not supposed to be open and neither I nor anyone else, no matter how well-intentioned, should open any of them even in an attempt to contact and warn the owner. So again: That is why I am here, trying to reach people who can help get the word out.

I just talked, again, with the owner of the machine in question. She said that it is a new computer. That kills the idea of its having file sharing software left over from a previous owner.
So back to my first question: How can this happen, and how can it be prevented?
Argument, in the sense of debating the issues, is welcome. Asking why I am involved in this is reasonable, as none of you have ever heard of me. Expressing doubts as to my credibility or honesty or intentions is fair. Once. One shot each but, once answered, aspersions will not be responded to.
I am running LW 4.9.33 Pro, having just upgraded. I don't know what the previous version was, but it was 4.x pro.

Please, no more "It can't happen." It did. Now, how??
"Andy"

conspiracy.

hmm, alot of users sharing their journals tonight.

Im not trying to acuse you of anything but, it cant happen unless that person has P2P software on their machine and have shared folders or, you really are a hacker and went too far with it. Even if its a new computer she has someone must have installed the P2P app. A machine, whether its old or new, still has to be setup by a user. Said user installs P2P software on their computers and setsup shared folders. So, she is really clueless or just trying to brush you off. Seriously andy, let it go, the more you press the issue, the more she might not like it, dont keep contacting people ok? really, its a waste of time and an invasion of privacy and, in the long run, you would be the one who'd get in trouble, not them. and, they'll lie to you anyway. ;)

The only way to prevent it is to not install P2P spftware and protect your computer with a firewall & an Anti Virus program.

You are only open to the world on a P2P app if its installed on your system without any protection whatsoever, if ports are left open by mistake the worst thing to happen would be aa dos attack. but, that is all up to the user to take steps to protect themselves from hacks, attacks, viruses etc. P2P apps such as Limewire are not responsible for what you do with it.

:)

Is this thread still going? :) I'll have a good read of it tonight ..Hobo SF fan

lol. I got bored while downloading. ;) :D

interesting to say the least.

Open Computers
 

Hi Guys

I have only just come across this thread, being ill with the flu, and found it very interesting. And I would like to throw my meager knowledge into the arena.

First of all, until recently installing WinXP would, by default, open most if not all (65,353) ports on your PC. This makes your PC light up on the internet like a lighthouse lights up the night. Any hacker with the right tools can seek out, find these unprotected machines and plant Trojans or viruses on them.

Now, remember a couple of years ago the sasser worm virtually ripped through every unprotected PC on the internet, every PC that got infected went on to broadcast more replicated worms onto the internet to infect other PCs.

My current PC is now three years old but last year I found pre-installed spyware on it, files that were there before I bought the machine. Now Peerless will confirm that we had a conversation where he informed me that PCs were being sold with pre-installed spyware, I was shocked at this piece of knowledge but my own findings confirmed what Peerless wrote.

What's more that spyware I found included something called "SendMail" and "Kazaa Lite"

Putting all the above together and it is quite possible that a new machine without any protection would be open to the world. And when you think of it, how many people know anything about the PC they have bought and connected to the internet. I mean, we have seen it time and time again in this very forum that the majority of people know very little about the computers that they buy and use.

Finally, although Andy's story may be fantastic but, based on my own knowledge, it is entirely possible that there are people out there without protection whose PCs are wide open and visible on the internet.





UK Bob

Sphinx, if you are right in the assumption that the user has deliberately opened her files to the world (That is what you meant, right?) then she SHOULD lose her job over breaching patient confidentiality. I was looking for an explanation that would protect her job. I have had no further contact with her, and don't expect to. If someone posts, here, a solid explanation, I will pass it along to the Clinic so they can warn their transcriptionists, and I will pass it along to the transcriptionist sites that I visit.
ukbobboy01's input is on point and helps to explain what happened. May I quote it in it's entirety to the sites mentioned above? There are only 4.
Keep in mind, folks, that all dictation by doctors has to be transcribed. They want the lowest price they can get. Most transcription is done by home-based transcriptionists, on equipment that they provide. Far too many of them don't understand computer security, and don't have the money to own a separate computer dedicated to work. The point here is that YOUR personal medical information may be scattered across many personal computers, both in the US, and in Pakistan, India, Ireland, and probably other countries that have not yet come to my attention. These that I listed are definite.
Sphinx, if I could hack, I would be DOSsing all the sites that keep sending me "male enhancement", medications deals, and other junk. But I can't.
"Andy"

some little 'facts'...

HP does indeed have about 150 instances of spy/malware preinstalled on their boxes...this is how they sell them for so cheap, as they are paid by these 'ppl' (boy, I must be loosing it to be so politically correct...) to bundle it in...

an un-firewalled computer lasts around 6 minutes online before it is infected/trojaned/etc...

this supposed medical transcriber could indeed have been hacked, and had LW (or another gnutella client) installed unbeknownst to her...it is already known that there is virus floating around which makes LW open up by itself, so it is really not a stretch of the imagination that a hacker could have taken over her machine and done what he wanted to with it...

on the flip side, it is also quite possible that this transcriber is lying to cover her ***...too many ppl answer yes to 'do you want to have your machine scanned for media to share?'..that has always pissed me off...I mean really, do the devs really want to have such data shared (seems like it don't it?)

Ok, now we're going in other directions. I was mainly referring to P2P apps. If someone is totally stupid about computers and leave them without firewalls or AV's then, yeah, of course it's possible to be open to the world and not realize it. but in XP if you dont have your windows firewall enabled then you get spammed as soon as you go online via IE browser right? so, if that person had half a brain, they would enable their firewall.

Andy's orginal post had to do with Limewire being open with users not knowing about it and I say itd too far fetched. Ive used p2p since Napster and I have yet to be wide open.The only thing users can browse on me is my shared folder, nothing more.

as far as the rest, meh. Why worry about someone elses computer being left open if they used a P2P app in the past? and, as far as I know once you uninstall a P2P the shared folders go with it, thats why I find it hard to believe.

and if she has a new computer then Im sure she must have her firewall enabled, if not, then shes not the user whos running it.

*shrug.

New PCs
 

Sphinx

I get the feeling you over estimate the amount of knowledge PC users have, for example you said:In my experience most people thrown in front of a PC for the first time to work, especially if they are approaching or are middle aged, see a PC as nothing more than a glorified type writer there to help them do their work. You will find that these people are not interested in PC security or anything PC related, it's just there to do a job and nothing more.

As for spyware, the ones I found on my PC, especially Kazaa Lite, were designed to give someone or some organisation open access to my C:\ drive. If I did not have my firewall in place and these spy(crap)ware were activated then my personal info would also be open.





UK Bob