The news that a House committee was reopening its investigation into security risks posed by file-sharing software reminded me of something one of my pals in the computer-security field once told me. The biggest vulnerabilities aren't caused by deficiencies in machines or their software; they're caused by the humans who use them. It's a point that seems lost on the committee. Ever since successors to Napster's song-swapping program made it possible for users to share any file stored on their PC, people have been unwittingly sharing address books, financial records, resumes and other personal items. They did this because they didn't bother to check which folders the software was offering to the public, or they put items into shared folders that didn't belong there. And they continued to do it even as the programs changed their default modes to force users to be more selective about their sharing. When the file-sharers are using office or government computers, the leaks can be even more damaging. The problem can be mitigated with better software design, but it can't be eliminated -- just as the government can't stop defense contractors from carelessly losing their laptops. The Oversight and Government Reform Committee had conducted hearings in 2007 into the inadvertent sharing of sensitive and personal information over LimeWire and other peer-to-peer networks. At the time, they extracted a promise from the Lime Group (the company that makes and distributes LimeWire software) to change the program to deter such leaks. But the trade group representing file-sharing companies, the Distributed Computing Industry Assn., had already been working with the Federal Trade Commission on this problem, and it offered to work with the committee as well. In fact, the association had been active on the issue since at least 2004. Lime Group spokeswoman Linda Lipman told the Associated Press that the latest version of LimeWire software was designed not to share the file types associated with spreadsheets and documents. "In fact, the software does not share any file or directory without explicit permission from the user,” she said. Nevertheless, the chairman and the top Republican on the Oversight and Government Reform Committee -- Reps. Edolphus Towns (D-N.Y.) and Darrell Issa (R-Vista) -- declared in a letter to the Lime Group, "t appears that nearly two years after your commitment to make significant changes in the software, LimeWire and other P2P (peer-to-peer) providers have not taken adequate steps to address this critical problem." More... Hmm... seems someone wants to ban p2p technology outright.