Napster - Is it Safe?

[Allan C]

One of my clients wants to install Napster on one of the PCs in his office.
This PC is one of about 15 networked computers with XP PRO sp2 installed.

He wants to use Napster to download * only * and not share any of his
files.
Any input as to how 'safe' this is and whether/why he should avoid this
software is appreciated.

 

[Shenan Stanley]

One of my clients wants to install Napster on one of the PCs in his
office. This PC is one of about 15 networked computers with XP PRO
sp2 installed.

He wants to use Napster to download * only * and not share any of
his files.

Any input as to how 'safe' this is and whether/why he should avoid
this software is appreciated.

You have to maintain these systems?
The answer would be "No" if your answer to my question is "Yes".

The machine in his office is for work.
Unless the company he works for deals in music in some way that this is
vital to his productivity at the office - seems like a no-brainer to me. =)

 

[Allan C]

He is the owner of the company.
Do you think that it is 'safe'?

 

[David H. Lipman]

From: "Allan C" <[email protected]>

| He is the owner of the company.
| Do you think that it is 'safe'?
|

NO !

Peer-to-Peer (P2P) is NOT safe and does NOT belong on a company computer.
It leaves the security of the PC and company "at risk" as well as the companies proprietary
data.

 

[Shenan Stanley]

One of my clients wants to install Napster on one of the PCs in
his office. This PC is one of about 15 networked computers with
XP PRO sp2 installed.

He wants to use Napster to download * only * and not share any
of his files.

Any input as to how 'safe' this is and whether/why he should avoid
this software is appreciated.

Shenan Stanley wrote

You have to maintain these systems?
The answer would be "No" if your answer to my question is "Yes".

The machine in his office is for work.
Unless the company he works for deals in music in some way that
this is vital to his productivity at the office - seems like a
no-brainer to me. =)

He is the owner of the company.
Do you think that it is 'safe'?

He hired you because you are supposed to maintain the security and integrity
of his computer systems.

There is a reason that he cannot install it himself - my first inclination
is that you did not grant the users of these systems the rights needed to
install such things - no matter how "safe" it may be. Every foreign
application installed on a system (especially Internet specific
applications) opens up the possibility of trouble down the line.

Does Napster contradict what you were hired to do? Why does he not just
install it on his personal machine(s)? Will you now be supporting Napster
and any problems that arise from its installation and interaction with other
applications that may be required for actual work activities?

 

[Allan C]

According to the owner, he has a '3 pc license'.
He has installed it on 2 computers at home and wants to install the third in
his office.
I immediately recommended that he not install it and he said he would accept
my recommendation 'for now'.

We were talking about it at his companies Xmas party and he was saying that
he did try to install it at work with a non-administrator account. It failed
after about 40 minutes (using an ISDN download). He did not provide
additional details.

Basically, he wants some background music while he works.
I recommended that he play a purchased CD or burn a CD (as long as that is
legal) with songs from home.
I could tell that I put some fear into his heart in terms of damage to his
network at the office.

 

[Shenan Stanley]

According to the owner, he has a '3 pc license'.
He has installed it on 2 computers at home and wants to install the
third in his office.
I immediately recommended that he not install it and he said he
would accept my recommendation 'for now'.

We were talking about it at his companies Xmas party and he was
saying that he did try to install it at work with a
non-administrator account. It failed after about 40 minutes (using
an ISDN download). He did not provide additional details.

Basically, he wants some background music while he works.
I recommended that he play a purchased CD or burn a CD (as long as
that is legal) with songs from home.
I could tell that I put some fear into his heart in terms of
damage to his network at the office.

Napster is now supposedly a "safe" thing. It is a pay-for-play service.
You can buy individual songs.

He can download those songs, burn them to CD(put them on a portable MP3
player - suggest that - he'll love you for it), bring them to work and
listen until his ears fall off and rot without ever installing Napster on
the work computer and possibly compromising security/stability from having
an "unknown" factor on that computer. That's the beauty of downloading the
files - you shouldn't have to download them again and again and again.
Download, put on external media, take where ever you want.

 

[Allan C]

I will pass your suggestion on.
Thank you.

 

[cquirke (MVP Windows shell/user)]

On Mon, 26 Dec 2005 16:10:46 -0500, "Allan C"

Basically, he wants some background music while he works.
I recommended that he play a purchased CD

Bad recommendation, as of late 2005 (Sony rootkit refers). Better to
burn your own true audio CDRs than trust those mass-produced by media
pimps, given the Sony precident.

---------- ----- ---- --- -- - - - -

Don't pay malware vendors - boycott Sony

 

[Steven L Umbach]

Being he is the owner that brings in the element of politics and you will
have to strive for a compromise or he may just find someone else to make it
work for him. The "new" pay for Napster is a far cry from something like
kazaa. Maybe he would be willing to install it on an computer that is
isolated from the rest of the network. You could try doing that by
disabling/uninstalling file and print sharing and Client for Microsoft
Networks on that computer. Then a software firewall could be used to block
access to the other computers on the network. If you have managed switch you
could also see if the switch does "port isolation" like some of the HP Pro
Curve switches do that can allow common internet access but not access to
other computers on the network. Another possibility would be to get another
public IP for that computer and isolate it from the rest of the network that
way. Good luck. --- Steve

He is the owner of the company.
Do you think that it is 'safe'?