LIME WIRE L LC
377 BROADWAY NEW YORK, NY 10013 TEL: 512.519.6000 FAX; 313.219.6006
May 1, 2009
Delivered by Electronic Mail
And Facsimile
Chairman Edolphus Towns
Ranking Member Darrell Issa
The Honorable Peter Welch, Member of Congress
Congress of the United States
House of Representatives
Committee on Oversight and Government Reform
2157 Rayburn House Office Building
Washington, DC 20515-6143
Dear Chairman Towns, Ranking Member Davis, and Your Honor, Peter Welch,
I write in response to your letter of April 20, 2009. At the outset, let me reiterate to the
Committee on Oversight and Government Reform (the "Committee") what I testified to on July
24, 2007:
• Lime Wire is absolutely committed to helping protect our users against inadvertent file-
sharing.
• Lime Wire is absolutely committed to making changes to our software toward that end.
True to my word, Lime Wire has absolutely done this.
Lime Wire LLC ("Lime Wire") has continually upgraded its software, "LimeWire", to make sure it
is safe and easily understood for our all our users. LimeWire 5 culminates a concerted effort to
combat and eliminate inadvertent file-sharing. I am proud to be able to detail for the
Committee how users of LimeWire 5 can use LimeWire with ease and safety.
Over the course of the past two years, Lime Wire has worked with the Distributed Computing
Industry Association-sponsored Inadvertent Sharing Protection Group ("ISPG") and federal
regulatory authorities to develop industry best practices to ensure the safety of LimeWire
users, and made sweeping changes to its software to protect our users from inadvertent file-
sharing. l During this process, we developed and presented to appropriate agencies our plans
1 "Voluntary Best Practice for P2P File-Sharing Software Developers to Implement To Protect Users Against
Inadvertently Sharing Personal or Sensitive Data". Distributed Computing Industry Association.
http://www.dcia-info/activitie5/i5Pg/inadvertentsharingprotection.pdf
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 2 of 9
for a series of upgrades. In so doing, we considered myriad solutions. In the end, Lime Wire
implemented the most robust of all possible solutions: one that does not merely alert a user as
to inadvertent sharing, one that does not hinder the efficiency of the peer-to-peer network,
one that gets to the very core of the matter. Still, we realize that users sometimes either ignore
or do not understand the technology. As such, LimeWire 5 did away with recursive sharing, did
away with directory sharing, did away with "folder" sharing, and did away with default
document sharing. Specifically,
• LimeWire 5 by default does not share documents even if a user purposely attempts to
do so.2'3 LimeWire will not allow it.
• In fact, LimeWire 5 goes so far as to automatically un-share documents that a user may
have shared using a 4.y version of LimeWire.
• LimeWire 5 by default will not share documents -
o no matter whether they exist in a folder a user elects to share with the peer-to-
peer network,
o no matter whether a user shared such document previously in a 4.y version of
LimeWire, and
o no matter whether a user is using the LimeWire 5 library to manage their media
and/or personal files and has documents in their library.
• If a user affirmatively elects to share the contents of a folder or a specific directory using
LimeWire 5, nothing (no file of any type) will be shared that the user adds to that folder
or directory at a later point in time unless the user affirmatively elects to do so.
• In short, there is absolutely no way to access a LimeWire 5 user's documents unless that
user affirmatively elects to make them available.
2 In fact, to share sensitive file types in LimeWire 5 or beyond, a user must change his/her settings by going toTools -> Options -> Security and clicking Configure under the heading "Unsafe Categories", and disregarding the
following warning, "We strongly recommend you do not enable these settings". Should a user elect to continue
beyond this point, he/she then has to affirmatively "check" a box stating "Allow me to share documents with the
P2P Network" and then click "O.K." in disregard for the following warning: "Enabling these settings make you more
prone to viruses and accidentally sharing private documents". If a user was running a previous LimeWire 5.y
version, AND affirmatively changed the settings as described above to allow document sharing, AND affirmatively
elected to share a specific document (because merely changing the settings to allow document sharing does not
automatically share any documents), upon upgrading to a more recent version of LimeWire 5.y, then those
documents will be shared per the user's settings. However, such a user will receive notification of such when this
occurs.
3 "Documents" files are by default not shared by LimeWire 5. LimeWire considers the following extensions to
be "document" files: "html", "htm", "xhtml", "mht", "mhtml", "xml", "txt", "ans", "asc", "diz", "eml", "pdf', "ps",
"eps", "epsf, "dvi", "rtf", "wri", "doc", "mew", "wps", "xls", "wkl", "dif', "csv", "ppt", "tsv'V'hlp", "chm", "lit",
"tex", "texi", "latex", "info", "man", "wp", "wpd", "wp5", "wk3", "wk4", "shw", "sdd", "sdw", "sdp", "sdc", "sxd",
"sxw", "sxp", "sxc", "abw", "kwd"
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 3 of 9
LimeWire 5 has addressed not only document sharing, but sharing of all file types - for new
LimeWire users, LimeWire 5 does not share any file of any type without explicit permission
from the user. What's more, LimeWire 5 allows the user to clearly see what is shared and with
whom (choices: no one, friends, or the P2P network). Additionally, LimeWire does not display
known virus file-types in search results in an effort to protect users from compromising their
computer.
To understand first-hand the level of security we have achieved I encourage any member of the
Committee to do a default install of LimeWire 5 or later on any computer and attempt to share
a document type file: LimeWire will not permit it.
The Lime Wire software powers a global digital network which harnesses the computing power
of tens of millions of users without costly data centers or server farms. With a staff of nearly
70, Lime Wire regularly meets with content and technology businesses to discuss, develop and
apply LimeWire's technology and resources to the development of technological and economic
opportunity for companies and individuals of all sorts.
As concerns the Committee's specific inquiries, I offer the following:
1. The availability of information on the President's helicopter, of private health records, and
of personally identifiable information threatens and concerns each and every one of us, the
hundreds of employees of the many Lime companies are no exception. Lime Wire has been
and remains eager to assist in investigating and preventing these incidents. That being said,
the Committee's letter is the first time Lime Wire has been contacted by a state or federal
actor regarding the incidents mentioned by the Committee.
The LimeWire file-sharing software allows the computers of its many users to communicate
with each other, ultimately forming a network with no central database or server. To be
clear, LimeWire is not a "service", it is a piece of software that once run, needs no
participation from the company Lime Wire, or any Lime Wire servers, in order to function as
designed. It is not possible for Lime Wire to monitor user activity. As Lime Wire has not
been provided any specific information about the incidents, Lime Wire has no unique
information about the incidents beyond what is available to the public generally and has no
records pertaining to such. In light of and in lieu of that, Lime Wire does all it can to
encourages all users to upgrade to LimeWire 5 as the most effective means of file-sharing
while still safeguarding private data. At present, despite having been released only months
ago, nearly 50% of measurable LimeWire users have upgraded to LimeWire 5. Based on
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 4 of 9
historical percentages, that number will be 75-80% by September 25, 2009.
2. I am not certain what the Committee means by "induced sharing of sensitive or private
information", so I am not able to answer that portion of the Committee's question. As Lime
Wire does not have the ability to monitor user activity, Lime Wire has no unique
information about any such incidents and has no records pertaining to such incidents.
3. Since my deposition testimony on July 24, 2007, Lime Wire has made the following changes
to address the Committee's concerns regarding inadvertent file-sharing:
A. In LimeWire 4.13.13, released July 24th, 2007, Lime Wire updated the "sensitive
directory check" to include Windows Vista's "Documents and Settings" directory.
The "sensitive directory check" is used to warn users when a sensitive directory may
be shared.
B. In LimeWire 4.15.0, released November 29, 2007 (the first major release following
my testimony):
i. The first major change was designed to help the user understand what was
being shared and to make more clear how to remove things he/she may not
want shared. This change introduced a link, always visible on the search
screen, that said, "View your ### shared files", where ### was the number of
files that were shared. Clicking on it would open up a tab that displayed
every single shared file. You could right-click on any file and choose to stop
sharing that file.
1. A link was introduced on the page displaying your shared files that
said, "You are sharing ### files. You can configure which files
LimeWire shares." Clicking on that link would open up LimeWire's
sharing preferences, where the user would have greater control over
which folders were shared.
ii. The second major change was designed to give more control over what file
types were shared. This change introduced a new step in LimeWire's set-up
that let the user choose which extensions would be shared. Extensions were
categorized into "Audio", "Video", "Documents", "Images", "Programs" and
"Other". The user could uncheck any category, or any extension within a
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 5 of 9
category, and LimeWire would stop sharing all files that were in that
category.
1. In order to provide even greater control over sensitive file types,
certain sensitive file extensions (including but not limited to .doc and
.pdf) were marked as "sensitive". An option was added to this page
that said, "Do Not Share Sensitive File Types" and was checked by
default. Unless the user unchecked this option, LimeWire refused to
allow any sensitive file type from being shared when a directory was
shared.
iii. The third major change was designed to warn the user in the event an
ordinate number of files where being shared by that user. If LimeWire
detected that a large number of files were shared, or a large number of
folders were recursively shared, LimeWire displayed a warning telling the
user that many files were being shared and giving the user the ability the go
to their options menu and change this. These warnings were displayed every
time LimeWire started until the user actively chose to either correct the
problem or hide the warning.
iv. The fourth major change was designed to reduce confusion over what is
shared and what is saved. This was accomplished by splitting the Sharing &
Saving directories. Previously, LimeWire would create one directory called
"Saved" where downloads would be saved to. Users also frequently elected
to "share" this folder. In order to reduce confusion, this was changed so that
downloads would be saved to a folder called "Saved" and a separate folder
called "Shared" would be shared by default. The "Saved" folder was no
longer shared by default.
v. The fifth major change was designed to make sure that all default options
were skewed to not sharing sensitive information. This was accomplished by
reviewing all prompts where the user was asked whether or not they really
wanted to share something. The review focused on defaulting to the
negative for any folder or file that was deemed sensitive.
vi. Minor Changes: (1) A bug was fixed so that Windows Vista's "Documents"
directory was properly considered a "sensitive directory". (2) A bug was fixed
so that if a sensitive directory was shared through recursive sharing,
the user was properly warned. (3) The "Cookies" folder was added to the list
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 6 of 9
of folders that cannot be shared.
C. In LimeWire 4.17.6, released March 27th, 2008, Lime Wire made additional changes
to make it more clear to users how LimeWire shares and what sorts of information is
likely to be sensitive information.
i. When a user chose a new "Save" folder, LimeWire warned them if this folder
could contain sensitive information and allowed the user to choose a new
location to store downloaded files.
ii. In addition we improved the wording for sharing individual files,
extensions that are shared, partial file-sharing & .torrent file-sharing, so that
it would be clearer to the user what was being shared.
iii. We audited every possible way a file or folder could become shared and
verified that proper warnings are displayed. A few issues were found where
the user wasn't properly warned that some files could not be shared, so
warnings were added. Prior to this, the folder would still not be shared, but
the user was not informed why it was not shared.
D. In LimeWire 5.0, released to the public on December 9th, 2008, LimeWire
fundamentally changed the way file-sharing works. Lime Wire started from the
ground up and addressed the fundamental problems that led to inadvertent file-
sharing.
i. Persistently Shared Folders were removed entirely. A user can drag a folder
into LimeWire to share it, but the folder itself is no longer shared. Only the
files that were in the folder at the time it was dragged are shared. If a new
file gets added to the folder at a later point in time, that new file is not
shared. Dragging a folder into LimeWire to share it is simply a shortcut for
selecting many files and sharing them each individually.
ii. Because shared folders no longer exist, recursive sharing (i.e., automatic
sharing of newly added files to a shared folder) also no longer exists. In order
to drive this point home, recursive sharing doesn't even happen when a user
drags a folder to be shared. If the user drags a folder into LimeWire to share
it, only the contents of that specific folder are shared. Nothing in any
subdirectories is shared.
iii. Documents cannot be shared with the P2P network by default. In order to
change this, a user must change his/her settings by going to Tools -> Options
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 7 of 9
-> Security and clicking Configure under the heading "Unsafe Categories",
and disregarding the following warning, "We strongly recommend you do not
enable these settings''. Should a user elect to continue beyond this point,
he/she then has to affirmatively "check" a box stating "Allow me to share
documents with the P2P Network" and then click "O.K." in disregard for the
following warning: "Enabling these settings make you more prone to viruses
and accidentally sharing private documents".
iv. Viruses are typically contained within program files. To address viruses,
LimeWire 5.0 completely removed the ability to manage, share, or download
any kind of program file. In order to change this setting, the user must go to
the same "Unsafe Categories" option with the same warnings as described in
3,E,iii, above.
E. With these changes, LimeWire 5 put the final nail in the coffin of inadvertent
sharing of sensitive files.
4. In the arena of inadvertent file-sharing, LimeWire 5 is the most secure file-sharing software
available. Please see the response to the Committee's question number 3, above, for a
more detailed explanation.
5. Following months of development, technology and usability testing, LimeWire 5 was first
released to the public on December 9, 2008. By default, LimeWire 5 does not share
documents even if a user purposely attempts to do so; LimeWire 5 automatically un-shores
documents that a user may have shared using a 4.y version of LimeWire; LimeWire 5 will
not share documents no matter whether they exist in a folder a user elects to share with
the peer-to-peer network, no matter whether a user shared these document file types
previously in a 4,y version of LimeWire, and no matter whether a user is using the LimeWire
5 library to manage their media and/or personal files and has documents in that library. If a
user affirmatively elects to share the contents of a folder or a specific directory using
LimeWire 5, nothing (no file of any type) will be shared that the user adds to that folder or
directory at a later point in time unless the user affirmatively elects to do so.
LimeWire 5 was designed to prevent inadvertent file-sharing. Its effectiveness in preventing
inadvertent file-sharing is proven in the successful function of its design.
6. Rather than risk less then complete upgrades to existing versions of LimeWire, Lime Wire
distributes a new version of the LimeWire software in any instance where improvements
have been made. A new version will be indicated by a version number higher than that of
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 8 of 9
the previous version, e.g., version 5.1.2 is the "new version" of 5.1.1. The new version
completely replaces a user's pre-existing version, i.e., the LimeWire installer completely
uninstalls the old version of LimeWire and then installs the new version, complete with all
improvements. In this example, version 5.1.1 is completely uninstalled and in its stead is
installed version 5.1.2, complete with all upgrades and improvements made to 5.1.2. Please
see my response to the Committee's question number 3, above, for specifics as to when
these measures were implemented, the purpose of each measure and the date the measure
was implemented.
7. Lime Wire does not distribute "upgrades". With each improvement made to LimeWire, Lime
Wire distributes a wholly complete and new version of the LimeWire software. In this way,
Lime Wire ensures maximum uptake and benefit to the user of the myriad improvements
that come with each version. Lime Wire's frequent and consistent release of new versions
ensures maximum protection for the user.
8. Lime Wire continues to be proactive in eliminating any illegal activities associated with its
software. Following the Committee's investigation in 2007, in an attempt educate users on
copyright law, Lime Wire posted a "Copyright Information" section on its website.4 Here
Lime Wire inform users, among other things, that the use or purchase of LimeWire software
"does not constitute a license in or to share unauthorized or unlawful materials" and that
copyright laws still apply to all contents that may be made available using LimeWire.
On or about January of 2009, Lime Wire implemented an End User License Agreement
("EULA") which expressly provides that "it is unlawful to use the LimeWire program to
infringe the intellectual property rights of others, or to share, distribute or download others'
protected, proprietary and/or confidential information or share, distribute or download
unlawful pornographic materials (collectively "Illegal Materials")".5 A user's license to use
LimeWire is conditioned upon their agreement to bide by the laws of copyright,
confidentiality and/or trade secrets, and obscenity. Failure to do so results in immediate
termination of that user's license to use the software.
Lime Wire is proactive in these efforts because identifying the illegal activities associated
with the use of LimeWire in real time is no easier for Lime Wire than it is for Ford to identify
4 Lime Wire's Copyright Statement is available here: http://www.limewire.com/about/copyright.php
5 LimeWire's EULA is available here: http://www.limewire.com/learnmore/eula.php
Chairman Towns
Ranking Member Issa
The Honorable Peter Welch, Member of Congress
May 1, 2009
Page 9 of 9
in real time the illegal speeding done by the users of its automobiles. The reason for this is
that Lime Wire itself does not host, control or have means to monitor user transactions on
any peer-to-peer network. This is true even when a user accesses the peer-to-peer network
with the LimeWire software.
9. LimeWire provides a "Copyrighted Content Filter" designed to help ensure that all sharing
respects the law, the users of the peer-to-peer network and the wishes and rights of
copyright owners. When filtering is enabled, before a LimeWire user can download a file to
his/her computer, LimeWire compares the digital signature of the particular file with a list
of files that copyright holders have requested be filtered. If a copyright owner has
requested that a file not be shared, LimeWire prohibits the user from downloading file.
I appreciate the opportunity to tell of you how the team at Lime Wire LLC has made
LimeWire 5 the safest file-sharing client available.
Sincerely,
Mark Gorton.