This appears to come from a reputable source but is almost too wild to
believe. If it is true, I will stay as far away from juno as I
possibly can.
----- Original Message -----
From: "Marty Rimpau" <[log in to unmask]>
To: <[log in to unmask]>
Sent: February 26, 2001 5:36 PM
Subject: Fwd: interesting article about Juno
Not long ago, someone posted to this list an interesting article about
Juno's plans. This information explains what it's all about in more
detail.
It came from the following web site:
www.byte.com/index/monitor
If you're using Juno, you might want to be aware of this, as I find it
somewhat troubling, and in my book, illegal.
Peer-To-Peer's Dark Side
Vendors May Demand A Piece Of Your CPU
By Fred Langa
February 26, 2001
In This Article
Peer-To-Peer's Dark Side
It's P2P With A Twist
The Stealth Factor
In the dark ages of computing, when CPUs and memory were dear, many
people
(and projects) often time-shared a single computer: Each person or
project
got a tiny slice of the precious central computer's time.
Today, with hundreds of millions of cheap CPUs and who-knows how many
terabytes of RAM in the world, peer-to-peer (P2P) computing has turned
the
concept 180 degrees. Many CPUs (or even entire systems) can be shared
across
a network as if they were one large supercomputer. It's the
technological
embodiment of "e pluribus unum."
Of course, perhaps the best-known examples of P2P is the SETI@Home
project
which uses millions of Internet-connected PCs to help in the search
for
extraterrestrial intelligence. To date, almost 3 million users have
contributed an aggregate of over half a million years of CPU time,
that's
about 7e+20 floating-point operations in all, to process data from
various
radiotelescopic observations.
But this column isn't about P2P per se, nor its many benefits: That's
been
covered excellently and in depth elsewhere on Byte.Com.
Nor is this column about the first blatant, overt example of P2P
abuse--Napster-- whose ad hoc, P2P distributed-storage technology
allowed
for the free and profligate distribution of copyrighted MP3 music
files.
(The Napster case also has been covered extensively on CMP's Techweb
sites.)
Rather, this column is about a new kind of business model whereby a
software
vendor takes over its customers' CPUs in an aggressive and stealthy
manner,
and sells the aggregate computing power to third parties. The concept
is so
lucrative that if it succeeds in this first case, it surely will
spread
to
other software vendors.
Juno, the giant ISP with over 14 million subscribers, recently altered
its
Terms Of Service to include something that on the surface is a fairly
standard P2P implementation: Juno will connect its subscribers'
computers as
an ad-hoc distributed computing network.
Someone with a large computational problem will contract with Juno,
which
will divvy up the large problem into smaller chunks and feed it into
its
subscribers'
PCs, which will execute this external code and send the results of the
computations back to Juno. The process then repeats.
But it's the implementation that makes my neck hairs stand up, as you
can
see from this amazing paragraph taken from the current Juno Service
Agreement
(yes, it's long, but trust me, it's worth reading through it all!):
2.5. You expressly permit and authorize Juno to (i) download to your
computer one or more pieces of software (the "Computational Software")
designed to
perform computations, which may be unrelated to the operation of the
Service, on behalf of Juno (or on behalf of such third parties as may
be
authorized
by Juno, subject to the Privacy Statement), (ii) run the Computational
Software on your computer to perform and store the results of such
computations,
and (iii) upload such results to Juno's central computers during a
subsequent connection, whether initiated by you in the course of using
the
Service or
by the Computational Software as further described below ... you agree
not
to take any action to disable or interfere with the operation of ...
any
component
of the Computational Software.
You agree that, as between you and Juno, you shall be responsible for
any
costs or expenses resulting from the continuous operation of your
computer,
including
without limitation any associated charges for electricity, and that
you
shall have sole responsibility for any maintenance or technical issues
that
might
result from such continuous operation.
You agree that, as between you and Juno, Juno shall have sole rights
to
the
results of any computations performed by the Computational Software,
including
without limitation any revenues or intellectual property generated
directly
or indirectly as a result of such computations, without further
compensation
to you. ...[Y]ou expressly permit and authorize Juno to initiate a
telephone
connection from your computer to Juno's central computers using a
dial-in
telephone number you have previously selected for accessing the
Service
...
you agree that, as between you and Juno, you shall be responsible for
any
costs
and expenses (including without limitation any applicable telephone
charges)
resulting from the foregoing ... You agree that you will not attempt
to
reverse
engineer any such software, data, or other materials or transfer or
disclose
any such software, data, or other materials, or the results of any
such
computations,
to any third party.
You acknowledge that your compliance with the requirements of this
Section
2.5 may be considered by Juno to be an inseparable part of the
Service,
and
that
any interference with the operation of the Computational Software
(including, but not limited to, any failure to leave your computer
turned on
at all times)
may result in termination or limitation of your use of the Service.
...
In effect, Juno is saying that you must give it the right to use your
PC for
whatever purposes it chooses, when it chooses. You have no rights to
what it
does with or on your PC. You can't even try to find out what Juno's
doing.
You must perform these forced services at your own risk and expense.
You
must keep your PC on at all times in order to run Juno's calculations.
If
you don't leave your PC on -- say you want to perform system
maintenance or
just save some energy -- Juno can cancel your account. You pay for the
call
(if needed) to send in the results, and if Juno's software crashes
your
PC
and eats your data, well, tough luck.
It even emphasizes its total lack of liability, even in cases where it
is
clearly at fault, in another part of the service agreement, done up in
shoutingcapitals: "6.4. UNDER NO CIRCUMSTANCES (INCLUDING NEGLIGENCE
AND
FUNDAMENTAL BREACH) WILL JUNO OR ANYONE ELSE INVOLVED IN PROVIDING THE
SERVICE OR SOFTWARE
BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR
CONSEQUENTIAL
DAMAGES OR LOSSES FROM OR THROUGH THE USE OF OR INABILITY TO USE THE
SERVICE
OR
THAT RESULT FROM MISTAKES, OMISSIONS, INTERRUPTIONS, DELETION OF FILES
OR
E-MAIL, DEFECTS, VIRUSES, DELAYS IN OPERATION OR TRANSMISSION OR ANY
FAILURE
OF PERFORMANCE, EVEN IF ADVISED OF THE POSSIBILITY THEREOF."
I like the part where it absolves itself of liability even in cases of
negligence or fundamental breach of the agreement. It can't lose!
Amazing.
If you want to read the whole thing in context,
the entire agreement is posted.
All this might be somewhat more palatable if it were really out in the
open.
But Juno's sign-up materials make no mention of any of this. If you
surf
into
Juno's home page you'll see various come-ons for Juno 5.0; following
those
links takes you to a download page. But neither that page nor the
"more
info" link on the page mentions anything about the P2P software.
Worse, you must download AND INSTALL the Juno software before you're
presented with the service agreement; and of course, most people never
read
those long legal documents anyway.
It gets better: For all the millions of current Juno subscribers being
enticed into upgrading to the new version, the current Service
Agreement
contains the following:
"...[Y]ou agree to accept the terms of the Agreement... as if you had
signed
it. Juno may change this Agreement at any time; such changes will be
effective
immediately upon transmission.... Each time you use the Service
reaffirms
your acceptance of the then-current Agreement."
And when they do post a new agreement, it includes the magic phrase:
"This
Agreement, the Guidelines and the Privacy Statement supersede all
prior
communications
and agreements."
So, it's both stealthy and ironclad: Juno can post software that takes
over
your PC and makes it part of a P2P network over which you have no
control.
It
can notify you of this change via paragraphs buried inside a legal
document
you may never see. And if you do, it doesn't matter because it's
wonderfully
worded so that Juno can do what it wants with your system, and yet is
totally free of any liability or obligations to you if its software
screws
up your system in any way.
Imagine the benefits to Juno: It gets, in effect, a risk-free,
low-cost
supercomputer it can use for whatever purpose whatsoever. It's a
potential
gold mine!
Today, Juno. Tomorrow...?
You might be tempted to blow this off with the thought "Hey, Juno's a
free
ISP, and people who use it deserve what they get."
Even if it were just Juno, with over 14 million affected subscribers,
it's
not a small thing.
But I think that Juno's model may prove hard for other companies to
resist.
Think about how many software updates you routinely install over the
course
of a year. Worse, think of the auto-updaters you probably use for your
OS,
your office suite, your anti-virus definitions. It would be incredibly
simple for a software vendor to add a P2P component into its next
update
download. The thinking might go like this:
"Let's see. If we slip a P2P component into our next software update,
adjust
our Terms of Service to make it all retroactively mandatory, legal and
risk-free for us, then we can build a distributed supercomputing
network at
our customers' risk and expense."
And you might not even know that P2P software had been installed on
your
system ... until your system maintenance no longer worked (because
there
were no idle times when it would kick in); or when your or your
business'
own P2P projects got derailed because something else was already
sopping up
all the spare CPU cycles. Then there's the extra wear and tear on the
system, the electricity consumed by systems that never go into sleep
mode.
... Well, you get the idea.
Good Or Evil: It's All In The Implementation
Like all technologies, P2P in itself is neither good nor evil, but can
be
used for either or both. Projects like SETI@Home show the upside,
Juno's
behavior shows the dark side.
I believe that Juno may prove to be only the first of many such
backdoor
attempts to cobble together P2P networks that do little or nothing to
benefit the people lassoed--perhaps unwittingly -- into the network,
but
that offer enormous benefit to the companies setting up the stealth
P2P
networks.
===================END FORWARDED MESSAGE===================
VICUG-L is the Visually Impaired Computer User Group List.
To join or leave the list, send a message to
[log in to unmask] In the body of the message, simply type
"subscribe vicug-l" or "unsubscribe vicug-l" without the quotations.
VICUG-L is archived on the World Wide Web at
http://maelstrom.stjohns.edu/archives/vicug-l.html
|