UMKC Information Services →  Position on Peer-to-Peer File Sharing

	Overview

UMKC Information Services (UMKC IS) blocks Peer-to-Peer (P2P) file-sharing as part of the overall Network Policy.  The Network Policy is in place to provide a reliable and secure network for the University community to use in pursuit of the goals and mission of the University.

	Definition

P2P file-sharing can be defined as a technology enabling users to share communications, processing power, and data files with other users.  P2P, if used properly, can prove beneficial to the end users.  However, there are numerous risks involved with the use of this technology.  UMKC IS considers the risks of the technology far outweigh the advantages at this time.

	Background

P2P technology basically began with Napster in 1999 as a method for users to share MP3 files (digital music) over the Internet.  P2P technology uses a system of end-user computers that facilitates the transfer of digital information.  P2P falls into two models, Napster and Gnutella, which have many variations.  Both models do not use the classic client-server configuration but a client-client configuration.  The significant difference in the two models is the Napster model maintains a master list of files and users while the Gnutella model has no such list.

The operation of the two models is reflected in the following graphic displays:

 

Gnutella Protocol

Many variants of the two models are currently in use on the Internet.  One example is BitTorrent, a variant of the Napster model.

The P2P models are the basis for the Peer-to-peer networks in use throughout the Internet.  The networks provide users with very quick searches for desired content and extremely fast downloads of that content.  The ability of P2P networks to quickly supply files and the anonymity of the users leads to the abuses that damage local area networks.  The LAN damage ranges from minor glitches to system wide failures.  The major concern is the point where the use of P2P file-sharing impedes the use of the UMKCnet in the goals and mission of the University.

There are numerous variants of the primary P2P models in use on the Internet thus presenting the problem of monitoring and determining the use and value of each one.  The majority of use for P2P software is questionable in terms of legality and very possibly unethical at the least.  Trying to determine the “proper use” of this software becomes a very time consuming and expensive endeavor.  As an example of the sheer numbers involved look at the following table which represents a very small group of the P2P clients available, although these are some of the most popular.

Peer-to-Peer Network	Clients
Ares	Ares
Blubster	Blubster
FileSpree	FileSpree
Filetopia	Filetopia
Gnutella	AquaLime, BearShare, FileNavigator, FreeWire, Gnucleus, LimeWire, Phex, Shareaza, Xolox Ultra
Direct Connect	Direct Connect, DC++, Koala DC
eDonkey2000	eDonkey2000, eMule
FastTrack	Morpheus, KaZaA, KaZaA Lite, Grokster, iMesh
OpenNap	Napster, Shuban, AudioGnone, AudioSwap, CQ EX, File Navigator, Rapigator, Spotlight, StaticNap, SunshineUN, Swaptor, WinMX OpenNap
Overnet	Overnet, eDonkey2000, MLdonkey
Piolet	Piolet
WinMX	WinMX
Freenet	Freenet, Entropy, Frost, Freenet / Entropy Controller for Darwin
Entropy	Entropy, Frost, Freenet / Entropy Controller for Darwin
WASTE	WASTE

	Risks

At one point, BitTorrent accounted for 35% of all Internet traffic.  UMKC has had several instances where P2P software has completely taken over the flow of data on parts of UMKCnet.  These instances rendered the LAN useless to faculty, staff, and students involved in legitimate use of the network resources.

Disruption of the network is not the only side effect of the P2P software.  This software takes on an ownership role on the individual computer allowing numerous problems to occur.  P2P vendors include this information in their End Users Licensing Agreement (EULA) to add an air of legitimacy to their suborning the user’s computer.  Please note this excerpt from KaZaA’s EULA:

“You hereby grant [Brilliant Digital Entertainment] the right to access and use the unused computing power and storage space on your computer/s and/or Internet access or bandwidth for the aggregation of content and use in distributed computing.  The user acknowledges and authorizes this use without the right of compensation.”

When you install the software and agree to the EULA, you have “just handed the keys to your computer” to an entity that can do anything it wants to with that computer.

As a result of this “control”, P2P has become one of the most prolific sources of viruses, worms, Trojans, spy-ware, and other undesirable software.  Even some gaming P2P software such as Wild Tangent becomes a target for this type of negative activity.  This installation of unwanted software represents the personal risk the user incurs from the use of P2P software.  Once in operation, these applications can cause general slowness in how the computer works.  Further problems can develop that require that the system be rebuilt. 

The most damaging of possible problems are the loss of identity and intellectual property.  Identity theft and/or fraud are very real and very costly issues in the world today.  There are literally thousands of instances of this starting with P2P software.  The loss of intellectual property is a major concern in the academic and the business communities.  This type of damage leads to the loss of years of research and hundreds of millions of dollars in labor and/or profit.

	Conclusion

UMKC IS has evaluated the benefits and numerous risks (only a few were mentioned above) of the Peer-to-Peer software such as BitTorrent and Gnutella.  The risks to UMKCnet and to the goals and mission of UMKC far outweigh the benefits of this technology.  As a result, UMKC IS is taking preventative measures to mitigate these risks which include, but are not limited to, blocking this technology from use on UMKCnet.