Octoshape Security Issues

You might have heard the publicity that Octoshape received after Obama’s inauguration.  They used “Octoshape Grid Delivery.” Octoshape’s “grid streaming technology” is just a peer to peer network, like bittorrent, except it is geared toward live streams.

There are a number of issues with this including:

Cost-shifting to ISPs and users without informing them (approximately 30% of the bandwidth for CNN’s live stream comes from peers).

Crazy license agreement.  Here are a couple of quotes from their EULA (http://www.octoshape.com/files/EULA.html) which you have to go digging on their web site for: [more]

“You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software. Octoshape recognizes that firewalls and anti-virus applications can collect such information, in which case you not are allowed to use or distribute such information.”  You mean I am violating to EULA if I try to see what is using up my upstream bandwidth?

“Accordingly, you hereby grant permission for Octoshape and other end users of the Software to utilize and share the processor and bandwidth of your personal computer system for the limited purpose of facilitating the communication between you and other end users of the Software, including Octoshape.”  Including Octoshape?

Company policies may exist concerning outbound traffic and the user would be telling any number of others what video stream they are currently watching.  Of course, there could be security vulnerabilities that could be exploited.

To learn more here is an article I recommend and it has plenty of links in it to follow: http://windowssecrets.com/2009/02/05/01-Watch-a-live-video-share-your-PC-with-CNN

An open (non-commercial) peer to peer streaming solution is from the p2p-next consortium http://www.p2p-next.org.

 

Networking Security and Compliance Security