UNIVERSITY of GLASGOW

IT Services
home > services > IT Services > Information Security > P2P use on Campus

P2P

The University is receiving complaints regarding copyright infringement by means of peer-to-peer (P2P) applications. Examples of P2P file-sharing applications include KaZaA, WinMX, eDonkey and BitTorrent; there are many others. These applications are commonly used to facilitate illicit downloading of copyright material, and as such, there a risk of legal proceedings against invidudual users and the University itself. Moreover, the peer-to-peer applications present a variety of security risks. Therefore use of such applications is strictly prohibited.

Copyright Law

It is an offence under UK law to make copies of commercially-produced music recordings, videos and computer software. Some people believe, incorrectly, they are permitted to make copies for personal use. This is not true. You must have permission from the rights holder to copy any such material.

Copyright infringements may result in legal action against the invidual concerned and the University as an organisation, with resulting impact on the University's image and reputation. In addition, this will be in breach of both the local IT regulations and the JANET Acceptable Use Policy.

Furthermore, most P2P applications automatically open up the computer in order to make downloaded files available to other P2P users. In effect, this is dealing in digital contraband, resulting in increased seriousness of the copyright breach committed.

Security Risks

This type of activity poses a significant security threat both to the individual user and to the University network as a whole.

P2P file sharing applications can open up a computer to abuse either by those supplying the software or by third parties. For example, the KaZaA license agreement includes a clause whereby the licensee allows the licensor the right to use all available CPU and network resources on the machine for any reason they see fit. The University absolutely cannot accept such a condition. Users must read and understand all the fine print in license agreements before installing any software.

Futhermore, many P2P downloads contain malware (viruses, worms, trojans). Unlike safer forms of downloading, such as the web, it is often impossible to know whether a file being downloaded via P2P is really what it claims. Research from TruSecure, a company specializing in risk management, found that almost half of files downloaded from KaZaA contained malware.

Legitimate Use

If you believe you have a legitimate use for P2P filesharing applications, please inform the Computing Service at p2p@gla.ac.uk, who can provide advice on reducing the risks involved.

Sanctions

Sanctions for inappropriate use may include:

  • Temporary or permenant loss of access to University's computer and network resources.
  • Legal proceedings from copyright holders.
  • Action under University disciplinary procedures.