1 min read

CNN's legal security blunder

Răzvan STOICA

February 06, 2009

CNN's legal security blunder

We had the opportunity to witness this week two rather amusing examples of Old Media grappling with Scary New Internet issues. On the one hand, we’ve got ESPN360.com – a website which streams sports matches that don’t get aired in real-time demanding payment from ISP’s wishing to grant their customers access to the content.

This week, CNN dipped their corporate toe in the murky waters of P2P with a video streaming service of their but took it right back out with a wondrous EULA that forbids those accepting it to “collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software”. Moreover, “Octoshape recognizes that firewalls and anti-virus applications can collect such information, in which case you not are allowed to use or distribute such information.” Which means, in non-lawyer speak, that your connection, antivirus and firewall logs are off-limits to yourself once you install the octoshape thingy.

Hold back for a second the amusing idea of using some third-party computer to monitor communications and thus skirt the EULA and let’s consider the security implications. What if, for instance, a remotely exploitable vulnerability is found in the octoshape P2P service that allows someone to hijack and use it for their own purposes? Depending on your definition of “use”, your system could be distributing virus-laden child pornography spamvertisements with databases of stolen credit card data attached and you’d be none the wiser – because you interpreted the EULA as saying that you’re not supposed to know about what passes through your connection and you really, really truly want to watch CNN. An interesting notion, to be sure.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read