Who needs Napster when you have Windows?

A new program called Share Sniffer makes file trading easier than ever before -- and more dangerous.

By Judith Lewis

The courts may be well on their way to killing Napster, but neither the Recording Industry Association of America nor intellectual copyright advocates have any hope against the technology that drives it: peer-to-peer file sharing, the cooperative method of swapping files among computers. So far, file-sharing utilities such as Gnutella and Freenet have been mentioned in the news as alternatives to Napster, but little attention has been paid to the most obvious way to share files — by exploiting a notorious security hole in the Windows operating system.

The hole is a networking protocol called “NetBIOS,” and if you don’t know it’s there — or, say, if you’ve inadvertently instructed it to open your computer to the world (it happens) — it’s more like a gaping maw. NetBIOS allows any number of computer users to make all or part of their system visible to others by configuring the control panel’s network settings for file sharing, which entails little more than checking a box that says, literally, “I want to be able to give others access to my files.” Nefarious virus propagators have long used the ill-considered vulnerability of home networks to spread their handiwork. In March of last year, according to an incident note from the Computer Emergency Response Team (CERT), vandals used so-called open shares to spread a worm that instructed the modems of infected computers to dial 911.

Advocates of uncensored file sharing, however, are now looking at open shares as a possible alternative to Napster, an easy-to-implement system that will allow music trading without the middleman. The only impediment is finding out who’s got files to share. So along comes Share Sniffer, a software program released on Feb. 23 and created by a 40-year-old named Kerry Rogers. Share Sniffer scans a list of Internet protocol addresses for open computers. (A “sniffer” in gearhead-speak susses out various activities on a network.) Install Share Sniffer, enter a block of IP addresses to scan and walk away for a few hours; the program will then find all the computers on that portion of the Net with files open to the public, and alert you with a little “ka-ching” sound with each one. The nuts-and-bolts version is free, with various upgrades available for a cost of anywhere from $10 to $100.

Michael Pommerer, president of Share Sniffer Inc., insists that the release of the software wasn’t timed to capitalize on the injunction against Napster. “We’re so much more than Napster,” he argues, but agrees that the program can be used to swap music in much the same way, without any of Napster’s legal hassles. “Napster was cataloging information on users and retaining it,” he says. “All Share Sniffer does is execute a call to Windows and register the response.

“Kerry developed this product way back in ’95, when that kid who came up with Napster [Shawn Fanning] was in grade school,” says Pommerer. “Kerry’s got a BBS background, and his original intent was to post shares across the Web for people who develop shareware. It was only with the introduction of broadband services [cable and DSL] that it was feasible. That was the big push. We just think it’s very important for people to be able to exchange information without censorship using the Internet.”

For better or worse, Share Sniffer works, and using it — which I did on a Pentium II with 64 megs of RAM and a slightly flaky DSL connection — is ridiculously easy. One afternoon I asked Share Sniffer to look for open shares on Pacific Bell’s ADSL network; in an hour, it found 22. So I spent nearly eight hours combing through the contents of other people’s computers, whose contents appeared on my screen as if they were my own, clearly displayed in a Windows Explorer file menu.

Most of these people had enabled Windows file sharing to exchange information with other computers in their homes. Some of them were sharing only a few carefully selected folders; others, however, had foolishly made entire hard drives accessible. Most of them, I’m sure, had no clue I’d have access to their files. And if I wasn’t doing something illegal — or at least morally reprehensible — by poking around on their boxes, it sure felt like I was. Unlike my fellow music swappers on Napster, the people I spied on, including the thrillingly dull man who writes telemarketing scripts and stores the cellphone number of a woman named Trish on his desktop, had no way of knowing why their drives were grinding a little harder than usual.

Did it matter to him? Probably not. I’m not going to publish the cellphone number or the contents of his scripts. Were he someone I had any interest in exploiting, however, I could have rubbed out every one of those files I found, copied a virus from my computer to his, disabled his e-mail and made him run Linux at least part of the time. I could also publish his address on a newsgroup the makers of Share Sniffer plan to set up, so that others with more destructive intentions could mess around on his hard drive as well.

Pommerer calls the existence of unintentional shares “unfortunate,” but contends that the software company isn’t doing anything wrong by releasing a tool that exploits them. “It’s not like any Windows system comes with file sharing turned on,” he says. “Somebody has to enable it. Microsoft has great security modules that people should be using, and people need to get educated about these things. And at least we’re being upfront about it — we’re even posting information on our site to raise awareness about security.”

CERT is unfazed. “The program makes it easier to get into other people’s systems,” says Internet security analyst Art Manion, “but the actual behavior is rather old. We recommend that consumers just disable Windows file sharing unless they have a really good reason to use it, especially if they have a DSL or cable connection.”

On the other hand, if you decide to participate in an agreed-upon network of file sharers — a music community, for instance — intentional and well-informed use of a tool like Share Sniffer means the Napster tradition can live on without Napster in the middle. Rogers is introducing a completely new user interface called “Share Navigator” in the first week of April that will make Share Sniffer even simpler, and Pommerer says the site has seen 80,000 downloads. If the trend continues, Napster will wither away, and the record industry will have to look hard for someone to finger for music swapping. And Hillary Rosen, president of the RIAA, might just be out of a job.