(Mis)Uses of Technology

by Mike Masnick


Filed Under:
eula, inauguration, p2p, security, video

Companies:
cnn



Serious Questions Raised About CNN's Use Of Stealthy P2P Video For The Inauguration

from the security-risks-abound dept

CNN got a lot of attention on inauguration day as being the online site of choice for people to watch the streaming video of the events. However, as reader Jim Wood alerts us, many people are probably unaware that they agreed to do so by sharing their bandwidth via a P2P application. Now, first off, I actually think this is a good general use of P2P and have wondered in the past why more streaming apps don't make use of bandwidth sharing P2P in a similar manner. However, it does appear that there are many, many issues with how this was implemented. CNN told people they had to install Octoshape Grid Delivery to watch the video -- and it turns out that wasn't true. You only had to install it if you wanted to make use of the more efficient bandwidth sharing. Also, it doesn't appear that it was clearly explained to users at all what they were agreeing to. This is especially problematic at a time when more and more ISPs are using broadband caps that often include upstream traffic. Users might not realize at all that they were giving up a significant amount of their bandwidth.

Separately, the EULA for the software contains some totally ridiculous clauses, including: "You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software." Yes, if you install the software, you can no longer monitor your own traffic usage, at least according to those terms.

There are also serious concerns about potential security problems associated with the software, since the software can automatically be activated by visiting any "Octoshape-enabled" website. That seems like a zombie-scammer's dream setup: a secretive P2P network that people don't even know they have that can use up a ton of bandwidth, can't be sniffed (legally) and uses an unexpected port.

Again, there are definite useful ways to make use of P2P to spread out the bandwidth, but it needs to be done in a much more transparent, reasonable and safe manner. Unfortunately, this implementation doesn't seem to have done that -- and millions of trusting CNN users may now run into problems because of that.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 6 Feb 2009 @ 10:00pm

    Liberals at their finest.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.