Serious Questions Raised About CNN's Use Of Stealthy P2P Video For The Inauguration

from the security-risks-abound dept

CNN got a lot of attention on inauguration day as being the online site of choice for people to watch the streaming video of the events. However, as reader Jim Wood alerts us, many people are probably unaware that they agreed to do so by sharing their bandwidth via a P2P application. Now, first off, I actually think this is a good general use of P2P and have wondered in the past why more streaming apps don't make use of bandwidth sharing P2P in a similar manner. However, it does appear that there are many, many issues with how this was implemented. CNN told people they had to install Octoshape Grid Delivery to watch the video -- and it turns out that wasn't true. You only had to install it if you wanted to make use of the more efficient bandwidth sharing. Also, it doesn't appear that it was clearly explained to users at all what they were agreeing to. This is especially problematic at a time when more and more ISPs are using broadband caps that often include upstream traffic. Users might not realize at all that they were giving up a significant amount of their bandwidth.

Separately, the EULA for the software contains some totally ridiculous clauses, including: "You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software." Yes, if you install the software, you can no longer monitor your own traffic usage, at least according to those terms.

There are also serious concerns about potential security problems associated with the software, since the software can automatically be activated by visiting any "Octoshape-enabled" website. That seems like a zombie-scammer's dream setup: a secretive P2P network that people don't even know they have that can use up a ton of bandwidth, can't be sniffed (legally) and uses an unexpected port.

Again, there are definite useful ways to make use of P2P to spread out the bandwidth, but it needs to be done in a much more transparent, reasonable and safe manner. Unfortunately, this implementation doesn't seem to have done that -- and millions of trusting CNN users may now run into problems because of that.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    iHateMalware, Feb 6th, 2009 @ 4:38pm

    Remove It

    Well, at least it is easy to remove.
    Unlike a certain piece of malware courtesy of Sony.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    RD, Feb 6th, 2009 @ 5:26pm

    Hardly a surprise

    ...considering the shit website they run. CNN.com is the ONLY website that consistently locks or crashes my browser almost every time I go there (using Firefox). I can surf all day on any of the other sites I frequent, but go to CNN.com, and, randomly mind you, click around a few times and BANG! "Firefox must close" or total lockup. Friggin morons.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 7th, 2009 @ 1:57pm

      Re: Hardly a surprise

      You sir/madam, must have a seriously screwed up firefox profile. I suggest removing old extensions, and definitely remove all old plugins, then reinstall them with new versions.

      The website design is not causing firefox to crash. You may choose to believe me on that, or not, but in either case it is the truth.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 8th, 2009 @ 3:14am

      Re: Hardly a surprise

      maybe it's you...?!?!

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 6th, 2009 @ 10:00pm

    Liberals at their finest.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 7th, 2009 @ 7:31am

      Re:

      Liberals at their finest.

      Thank you for your outstanding contribution the dicussion at hand. I do not know what i would do without your insight into the situation.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anon as well, Feb 7th, 2009 @ 11:33am

    Shifting the costs

    Although this may sound good, all it does is shift the cost of video delivery to the consumer. This is my bandwidth and I don't want a video provider leaching off my upstream so they don't have to pay ISP costs.

    In the end this will cost the consumer more and content isn't paying their 1/2 of Internet bandwidth costs.

    Be careful what you wish for, you just may get it.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Jim, Feb 7th, 2009 @ 12:03pm

    Shifting the costs

    i changed my mind a bit after reading this article from the turner guy.
    http://tech.slashdot.org/comments.pl?sid=1117229&cid=26755081

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 7th, 2009 @ 4:03pm

      Re: Shifting the costs

      i changed my mind a bit after reading this article from the turner guy.

      In which way did it change? After seeing how that public relations piece danced around the issues raised above with a bunch hyperbole and without providing any real evidence to the contrary, I'm even more convinced that there is a real problem with CNN and Octoshape.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 7th, 2009 @ 2:06pm

    King Obama

    I for one welcome our overlord King Obama, and fully agree to whatever use the King, or his delegates such as CNN request of the plebes

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 7th, 2009 @ 2:06pm

    King Obama

    I for one welcome our overlord King Obama, and fully agree to whatever use the King, or his delegates such as CNN request of the plebes

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Yakko Warner, Feb 7th, 2009 @ 6:46pm

    Good concept, poor execution

    I think the concept is a pretty sound idea, actually. Blizzard uses the same tech in distributing patches for World of Warcraft, to get the data bits around to everyone more efficiently.

    The issues with their execution, of course, are that CNN did this with deceptive language ("you must use this"), no disclosure, and ridiculous EULA restrictions; all of which are worth all the criticism they get.

    Does it shift the cost to end users? Yes, but it shouldn't be a big deal, for the same reason most P2P apps (including the WoW downloader) aren't a big deal. But the bandwidth caps throw a new monkey wrench into the works, making it so we end users don't necessarily have the extra bandwidth to share to provide this "public service" to CNN's video stream.

    It just illustrates a point Masnick has made several times about bandwidth caps -- implementing them is a deterrent to innovating new internet services that may make use of more bandwidth, which is a much less limited resource than these artificial restrictions make them out to be.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 8th, 2009 @ 7:40am

      Re: Good concept, poor execution

      I'm not so sure about the merits of this "concept" as it is unclear whether the agreed to p2p app continues to use the platform for additional streams. It does not seem to be an equitable exchange if the website is allowed unlimited use of an individuals bandwidth including streams other than the one viewed. Not sure if this is addressed in the EULA because I did not read it. In case you are wondering, no - I did not install the app. There is no way I would ever let any such crapware anywhere near my machines.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    DS, Feb 8th, 2009 @ 6:53am

    Wait, you're going to tell me that they lied about 'holograms' next, arn't you?

    Or that the US Army used chemical weapons on Viet Nam deserrters was a lie as well.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This