Serious Questions Raised About CNN's Use Of Stealthy P2P Video For The Inauguration
from the security-risks-abound dept
CNN got a lot of attention on inauguration day as being the online site of choice for people to watch the streaming video of the events. However, as reader Jim Wood alerts us, many people are probably unaware that they agreed to do so by sharing their bandwidth via a P2P application. Now, first off, I actually think this is a good general use of P2P and have wondered in the past why more streaming apps don't make use of bandwidth sharing P2P in a similar manner. However, it does appear that there are many, many issues with how this was implemented. CNN told people they had to install Octoshape Grid Delivery to watch the video -- and it turns out that wasn't true. You only had to install it if you wanted to make use of the more efficient bandwidth sharing. Also, it doesn't appear that it was clearly explained to users at all what they were agreeing to. This is especially problematic at a time when more and more ISPs are using broadband caps that often include upstream traffic. Users might not realize at all that they were giving up a significant amount of their bandwidth.Separately, the EULA for the software contains some totally ridiculous clauses, including: "You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software." Yes, if you install the software, you can no longer monitor your own traffic usage, at least according to those terms.
There are also serious concerns about potential security problems associated with the software, since the software can automatically be activated by visiting any "Octoshape-enabled" website. That seems like a zombie-scammer's dream setup: a secretive P2P network that people don't even know they have that can use up a ton of bandwidth, can't be sniffed (legally) and uses an unexpected port.
Again, there are definite useful ways to make use of P2P to spread out the bandwidth, but it needs to be done in a much more transparent, reasonable and safe manner. Unfortunately, this implementation doesn't seem to have done that -- and millions of trusting CNN users may now run into problems because of that.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: eula, inauguration, p2p, security, video
Companies: cnn
Reader Comments
Subscribe: RSS
View by: Time | Thread
Remove It
Unlike a certain piece of malware courtesy of Sony.
[ link to this | view in thread ]
Hardly a surprise
[ link to this | view in thread ]
Re: Remove It
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Thank you for your outstanding contribution the dicussion at hand. I do not know what i would do without your insight into the situation.
[ link to this | view in thread ]
Shifting the costs
In the end this will cost the consumer more and content isn't paying their 1/2 of Internet bandwidth costs.
Be careful what you wish for, you just may get it.
[ link to this | view in thread ]
Shifting the costs
http://tech.slashdot.org/comments.pl?sid=1117229&cid=26755081
[ link to this | view in thread ]
Re: Hardly a surprise
The website design is not causing firefox to crash. You may choose to believe me on that, or not, but in either case it is the truth.
[ link to this | view in thread ]
King Obama
[ link to this | view in thread ]
King Obama
[ link to this | view in thread ]
Re: Shifting the costs
In which way did it change? After seeing how that public relations piece danced around the issues raised above with a bunch hyperbole and without providing any real evidence to the contrary, I'm even more convinced that there is a real problem with CNN and Octoshape.
[ link to this | view in thread ]
Good concept, poor execution
The issues with their execution, of course, are that CNN did this with deceptive language ("you must use this"), no disclosure, and ridiculous EULA restrictions; all of which are worth all the criticism they get.
Does it shift the cost to end users? Yes, but it shouldn't be a big deal, for the same reason most P2P apps (including the WoW downloader) aren't a big deal. But the bandwidth caps throw a new monkey wrench into the works, making it so we end users don't necessarily have the extra bandwidth to share to provide this "public service" to CNN's video stream.
It just illustrates a point Masnick has made several times about bandwidth caps -- implementing them is a deterrent to innovating new internet services that may make use of more bandwidth, which is a much less limited resource than these artificial restrictions make them out to be.
[ link to this | view in thread ]
Re: Hardly a surprise
[ link to this | view in thread ]
Or that the US Army used chemical weapons on Viet Nam deserrters was a lie as well.
[ link to this | view in thread ]
Re: Good concept, poor execution
[ link to this | view in thread ]