March 14, 2006
by: Bill Matherly

(For all those who religiously check the Security Catalyst website for my weekly column, I do apologize for the length of time it has taken me to get this article out, I have been battling the flu for the last couple of weeks and am just not getting over all the symptoms that have made me feel like death warmed over, and I was physically able to prepare this weeks column. Thank you for your patience.)
Picture this…

You are one of the countless millions of individuals in the United States who put off preparing taxes until the very last minute. You’ve been up most of the night on the 14th day of April rushing to meet the IRS deadline of Midnight April 15th. Finally all that hard work pays off and you’ve completed the horrid task of preparing your taxes and you use the e-File system for a faster refund. All is well with the world, now right?

Think again!

A very disturbing trend is cropping up, affecting hundreds of thousands of personal computers in the United States. Many tax preparation software packages, such as Turbo Tax, store your tax filing information directly on the hard drive for archival purposes. This, by itself is not bad — it’s handy to have in case the tax man wants to have a little chat with you about your return. Let me ask you this:

Do you have a peer to peer application installed on your computer?

You know programs like:



If you do, there is a pretty good chance that your tax information is available for the entire world to download and view with just a few keystrokes. Very non tech savvy individuals make a simple mental mistake and instead of sharing a folder usually designated for audio and video files, they unintentionally share the entire contents of their hard drive, thus exposing every sensitive information about themselves or others in the household.

Since peer to peer software are legitimate pieces of software that are widely available, they are not scrutinized as computer threats by computer security software thus leaving the peer to peer software alone to share every bit of your hard drive to the world.

If you haven’t done so by this time, it’s time to examine all peer to peer software configurations to be sure that you are only sharing folders that are made specifically for the purpose of sharing files such as the folder marked as “Shared”, while at the same time removing all other folders from the sight of the peer to peer application so that your personal information doesn’t fall into the hands of the digital dumpster divers looking to capitalize financially on others mistake.
Bill Matherly is a computer security consultant in Oklahoma City, and is a regular contributor of The Security Catalyst website. He can be reached via email at bi**************@gm***.com. All views and opinions expressed in this article are not necessarily the views and opinions of The Security Catalyst web site or administrators.

About the Author Michael Santarcangelo

The founder of Security Catalyst, Michael develops exceptional leaders and powerful communicators with the security mindset for success.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Don't know where to start?

Check out Security Catalyst Office Hours to meet your peers and celebrate the good, help each other, and figure out your best next step. We meet each Friday… and it’s free to attend.