“A team of Canadian medical researchers have inadvertently provided a very clear picture of the current state of the security risks posed by P2P networks. The authors intended to determine whether P2P clients were exposing personal health information, but their approach—downloading all files from a set of common document formats—provided them a clear picture of just what’s being made available on Gnutella and eDonkey: personal identification, health, and medical information, and a healthy collection of trojans.
The motivation for the work is pretty simple. With the increasing digitization of health records, individual users are more likely to exchange e-mails and files with their doctors, insurers, and other health care officials. An obvious consequence is that personal health information (PHI) will end up on the users’ hard drives, which creates a potential security hole. In the past, the research team has found that they could scrounge PHI from roughly 10 percent of the used hard drives available through second-hand computing vendors.”
Article
John Timmer, Ars Technica, 2 March 2010
