Serious Questions Raised About CNN's Use Of Stealthy P2P Video For The Inauguration

from the security-risks-abound dept

CNN got a lot of attention on inauguration day as being the online site of choice for people to watch the streaming video of the events. However, as reader Jim Wood alerts us, many people are probably unaware that they agreed to do so by sharing their bandwidth via a P2P application. Now, first off, I actually think this is a good general use of P2P and have wondered in the past why more streaming apps don't make use of bandwidth sharing P2P in a similar manner. However, it does appear that there are many, many issues with how this was implemented. CNN told people they had to install Octoshape Grid Delivery to watch the video -- and it turns out that wasn't true. You only had to install it if you wanted to make use of the more efficient bandwidth sharing. Also, it doesn't appear that it was clearly explained to users at all what they were agreeing to. This is especially problematic at a time when more and more ISPs are using broadband caps that often include upstream traffic. Users might not realize at all that they were giving up a significant amount of their bandwidth.

Separately, the EULA for the software contains some totally ridiculous clauses, including: "You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software." Yes, if you install the software, you can no longer monitor your own traffic usage, at least according to those terms.

There are also serious concerns about potential security problems associated with the software, since the software can automatically be activated by visiting any "Octoshape-enabled" website. That seems like a zombie-scammer's dream setup: a secretive P2P network that people don't even know they have that can use up a ton of bandwidth, can't be sniffed (legally) and uses an unexpected port.

Again, there are definite useful ways to make use of P2P to spread out the bandwidth, but it needs to be done in a much more transparent, reasonable and safe manner. Unfortunately, this implementation doesn't seem to have done that -- and millions of trusting CNN users may now run into problems because of that.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: eula, inauguration, p2p, security, video
Companies: cnn


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    iHateMalware, 6 Feb 2009 @ 4:38pm

    Remove It

    Well, at least it is easy to remove.
    Unlike a certain piece of malware courtesy of Sony.

    link to this | view in chronology ]

  • identicon
    RD, 6 Feb 2009 @ 5:26pm

    Hardly a surprise

    ...considering the shit website they run. CNN.com is the ONLY website that consistently locks or crashes my browser almost every time I go there (using Firefox). I can surf all day on any of the other sites I frequent, but go to CNN.com, and, randomly mind you, click around a few times and BANG! "Firefox must close" or total lockup. Friggin morons.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Feb 2009 @ 1:57pm

      Re: Hardly a surprise

      You sir/madam, must have a seriously screwed up firefox profile. I suggest removing old extensions, and definitely remove all old plugins, then reinstall them with new versions.

      The website design is not causing firefox to crash. You may choose to believe me on that, or not, but in either case it is the truth.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Feb 2009 @ 3:14am

      Re: Hardly a surprise

      maybe it's you...?!?!

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Feb 2009 @ 10:00pm

    Liberals at their finest.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Feb 2009 @ 7:31am

      Re:

      Liberals at their finest.

      Thank you for your outstanding contribution the dicussion at hand. I do not know what i would do without your insight into the situation.

      link to this | view in chronology ]

  • identicon
    Anon as well, 7 Feb 2009 @ 11:33am

    Shifting the costs

    Although this may sound good, all it does is shift the cost of video delivery to the consumer. This is my bandwidth and I don't want a video provider leaching off my upstream so they don't have to pay ISP costs.

    In the end this will cost the consumer more and content isn't paying their 1/2 of Internet bandwidth costs.

    Be careful what you wish for, you just may get it.

    link to this | view in chronology ]

  • identicon
    Jim, 7 Feb 2009 @ 12:03pm

    Shifting the costs

    i changed my mind a bit after reading this article from the turner guy.
    http://tech.slashdot.org/comments.pl?sid=1117229&cid=26755081

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Feb 2009 @ 4:03pm

      Re: Shifting the costs

      i changed my mind a bit after reading this article from the turner guy.

      In which way did it change? After seeing how that public relations piece danced around the issues raised above with a bunch hyperbole and without providing any real evidence to the contrary, I'm even more convinced that there is a real problem with CNN and Octoshape.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2009 @ 2:06pm

    King Obama

    I for one welcome our overlord King Obama, and fully agree to whatever use the King, or his delegates such as CNN request of the plebes

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Feb 2009 @ 2:06pm

    King Obama

    I for one welcome our overlord King Obama, and fully agree to whatever use the King, or his delegates such as CNN request of the plebes

    link to this | view in chronology ]

  • identicon
    Yakko Warner, 7 Feb 2009 @ 6:46pm

    Good concept, poor execution

    I think the concept is a pretty sound idea, actually. Blizzard uses the same tech in distributing patches for World of Warcraft, to get the data bits around to everyone more efficiently.

    The issues with their execution, of course, are that CNN did this with deceptive language ("you must use this"), no disclosure, and ridiculous EULA restrictions; all of which are worth all the criticism they get.

    Does it shift the cost to end users? Yes, but it shouldn't be a big deal, for the same reason most P2P apps (including the WoW downloader) aren't a big deal. But the bandwidth caps throw a new monkey wrench into the works, making it so we end users don't necessarily have the extra bandwidth to share to provide this "public service" to CNN's video stream.

    It just illustrates a point Masnick has made several times about bandwidth caps -- implementing them is a deterrent to innovating new internet services that may make use of more bandwidth, which is a much less limited resource than these artificial restrictions make them out to be.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 8 Feb 2009 @ 7:40am

      Re: Good concept, poor execution

      I'm not so sure about the merits of this "concept" as it is unclear whether the agreed to p2p app continues to use the platform for additional streams. It does not seem to be an equitable exchange if the website is allowed unlimited use of an individuals bandwidth including streams other than the one viewed. Not sure if this is addressed in the EULA because I did not read it. In case you are wondering, no - I did not install the app. There is no way I would ever let any such crapware anywhere near my machines.

      link to this | view in chronology ]

  • identicon
    DS, 8 Feb 2009 @ 6:53am

    Wait, you're going to tell me that they lied about 'holograms' next, arn't you?

    Or that the US Army used chemical weapons on Viet Nam deserrters was a lie as well.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.