Click here to get twenty dollars off Webhosting at DreamHost
Powered by MaxBlogPress 

CNN Shares With Your Bandwidth



February 14th, 2009 02:52 am | by Ed |

Are you one of the millions of people who watched the live video stream on CNN's website of Obama's inauguration on Jan. 20? If you are, then it's very likely that your computer and your bandwidth was probably used without your direct knowledge to send that video to other people who were watching it.

According to a story on Windows Secrets, CNN has started using a P2P app called "Octoshape Grid Delivery". Apparently, the first time you try to watch a live video feed the flash player informs you that the Octoshape Grid Delivery add on for Adobe's flash player is required in order to get the feed.

octoshape install

The truth of the matter is that you don't need Octoshape to watch those feeds. On the lower right corner of the playback window are links for using the normal Adobe flash player or Windows Media Player to watch the feed. They're just saying it's "required" because they want as many people as possible to get with the Octoshape program.

Essentially CNN end up using your bandwidth for it's purposes (without paying you for it I might add!). As you might expect, this plays havoc with your available bandwidth. Octoshape grabs any where from 320 to as much as 600 kilobits per second of your upstream bandwidth. This can make a major dent in your total available bandwidth and I don't doubt that it'd slow a lot of other connections down in the process.

This is bad enough for a single user setup but then there's the growing number of people that are connecting two or more computers to their router. On one machine somebody's looking over some websites for ideas for their next Orlando vacations and then on another machine using the same connection somebody starts watching one of those Octoshape aware CNN things and the 1st person suddenly might think about taking a vacation or at least a nap while their pages load.

What's really sneaky about it is that the fact that it's going to take over a big chunk of your pc's resources and internet bandwidth isn't made clear up front. Instead it's written in legalese and hidden in the license agreement (you know, the one's that hardly anyone reads on account of how convoluted they are.) and you don't get to see it until after you have to click yes or no to install it.

There's a lot more on the Windows Secrets site and it's very much well worth reading. Suffice it to say that in MY opinion, if you get a dialog box asking if you want to install Octoshape, Click NO just as fast as you can.

Technorati Tags: bandwidth, p2p, just say no, bandwidth hog, evil p2p, octoshape flash, cnn, octoshape grid delivery, flash add on, deceptive license

Be Sociable, Share!
  • email
If you enjoyed this post, make sure you subscribe to my RSS feed!
Want to link to this post?
Just copy this code and paste it on your site where you want the link to appear:

4 Comments

  1. HackedServer on 14.02.2009 at 17:18 (Reply)


    You are very over dramatic. A mountain out of a mole hill as some may say.

    The use of p2p technologies to deliver the content to all the users was the only thing that allowed you to even view the video. Without it there is no way CNN could have broad casted that video to the millions and millions of people.
    A good example of this is when Microsoft released Windows 7 Beta for download, they got so overran that they took it down. If they used the same technologies would that have happened? Certainly not.

    For those who do not understand what is happening, I’ll give a short explanation.

    Normally when you watch a video online, you download it from the website. But in this case you download the video from CNN AND other people that are watching this video. Effectively getting the video to you faster. When you download the video you also share it with other people that are watching it. So all the people at that time who were watching it were sharing it with each other.

    For those of you who are selfish like Ed is, you’ll just get the video from everyone else and not contribute back at all. The more people who do it the less of a strain it is for each individual.

    1. Ed on 18.02.2009 at 02:09 (Reply)


      I don’t think I’m being over dramatic at all. I also don’t have a problem with the use of P2P to deliver content.

      What I have a problem with is the deceptive way it’s being done.

      I have a problem with the fact that according to what I’ve read about it, Octoshape is a bandwidth hog like no other I’ve ever heard of.

      I have a problem with the terms of their EULA that essentially allows them to do pretty much anything they damned well please while forbidding the user from even doing anything about tracing where all their upstream bandwidth has gone.

      I have a problem with the way it’s making use of Flash’s installer. Something that give it unprecedented access.

      I’ve got a Big problem with the overall security risks that the user is going to end up having to deal with because of that thing.

      If CNN want’s to “cost shift” to end users, let ‘em charge up front instead of this underhanded crap.

      I have a problem with the fact that because of the way this thing’s made, any site that’s “octoshape aware” could conceivably use it’s hooks to do just about anything it wants such as install software without the user’s knowledge or consent, make use of it’s P2P technology without the user’s knowledge.

      How about taking another look at that article on Windows Secrets. There’s plenty of good reason to object to Octoshape and it’s EULA.

      http://windowssecrets.com/2009/02/05/01-Watch-a-live-video-share-your-PC-with-CNN/?n=story1

      1. HackedServer on 18.02.2009 at 15:36 (Reply)


        I read the article.

        You complain that the EULA gives them a lot of lee way, but go look at just about any product or even web site and you’ll get the same thing. They have to allow themselves to do anything or they would get sued by everyone and their grandma. If they forgot to put in the EULA that their program may make a folder on your computer and it did that, they would have to settle out of court and pay thousands of people a lot of money. So instead of that they leave a very open EULA, does this mean they are using your computer as a botnet and reading your emails? No.

        I will agree with you that they should have specified what exactly the program does, but it’s probably a smart move on their part not to, or else people wouldn’t use it and they wouldn’t be able to meet the demand.

        You act like if your view this video using the technology you will be billed not matter what. The only way you will be billed is if you go above your cap. And if your that close to going above you cap you shouldn’t been streaming a live video anyway.

        If they were to fully disclose the program to everyone you would have to read though pages and pages of legal information that most people aren’t willing to work though, so instead they gave you the option to use it and made their EULA available to read. Lets look at this another way, when you go to YouTube are you warned that watching videos will use bandwidth? Now that I think of it, I don’t remember this site warning me that viewing these web pages could potentially push me over my cap and cost me money? If I subscribe to your email feed will you warn me that your emails might fill my allowed space?

        I’m sure if you had warning on everything you viewed you would be writing a blog complaining about that too, but since we don’t have that, don’t complain that there aren’t warning. I imagine you as the person who sued McDonalds for the coffee being hot.

        1. Ed on 18.02.2009 at 20:46 (Reply)


          > You complain that the EULA gives them a lot of lee way, but go look

          Like entirely too many corporate style EULA’s It’s doing a lot more than that, it’s prohibiting the user from even trying to find out what the software is doing. If they haven’t anything to hide, why write the thing in overly complicated legalese instead of just saying in plain English what it’s going to be doing? It’d take a hell of a lot less verbiage that way.

          > at just about any product or even web site and you’ll get the same
          > thing. They have to allow themselves to do anything or they would get
          > sued by everyone and their grandma. If they forgot to put in the
          > EULA that their program may make a folder on your computer and it did
          > that, they would have to settle out of court and pay thousands of
          > people a lot of money. So instead of that they leave a very open EULA,

          Not at all. I firmly believe that they could state what the program does and what the user is and is not allowed under the agreement in three to five paragraphs if it were stated in plain ordinary English. Instead, most EULA’s are five to ten times longer, written in legalese that is so obscure that it literally takes having a lawyer examine it to get it translated.

          > does this mean they are using your computer as a botnet and
          > reading your emails? No.

          Maybe, maybe not. I expect that most users will never know will they? Then again, all that’s really needed is for somebody to discover a vulnerability in it (and you KNOW that sooner or later somebody will) and then build websites designed to reach into Octoshape enabled browsers and do what the hell ever they want, disable A/V, open ‘holes’ in the firewall from the inside, install malware, build a botnet, whatever.

          > I will agree with you that they should have specified what exactly
          > the program does, but it’s probably a smart move on their part not
          > to, or else people wouldn’t use it and they wouldn’t be able to meet
          > the demand.

          Again, if they set out, in plain English the basic details of what it’s doing and how it operates the user would be able to know in advance that this thing is going to eat a LOT of outbound bandwidth because it’s providing copies of the stream you’re watching to others.

          > You act like if your view this video using the technology you will be
          > billed not matter what. The only way you will be billed is if you go
          > above your cap. And if your that close to going above you cap you
          > shouldn’t been streaming a live video anyway.

          Think about that for a second eh? There’s TWO caps. One for inbound, one outbound. I’d venture to say that most users never even approach their upload cap. Octoshape will change that. A person could easily watch all of the inbound (as in downloading) streaming they want. However, you take that exact same connection and have others streaming FROM you on the outbound (as in upload) side. That cap is lower. Just like ADSL speeds. The upload speed is ALWAYS 1/2 to 1/4 of the download speed. for example my connection is 12476 Kbits/sec download by 2356 Kbits/sec upload. Any caps on those speeds are going to be in the same proportions. Meaning you can run out of UPLOAD one hell of a lot faster than you can run out of DOWNLOAD.

          > If they were to fully disclose the program to everyone you would have
          > to read though pages and pages of legal information that most people

          Not if it were written in plain English. For that matter take a license like the GPL. It’s not quite plain English but it’s easy to understand very quickly what I can and cannot do with a program that uses it as a license.

          > aren’t willing to work though, so instead they gave you the option
          > to use it and made their EULA available to read. Lets look at this
          > another way, when you go to YouTube are you warned that watching
          > videos will use bandwidth? Now that I think of it, I don’t remember
          > this site warning me that viewing these web pages could potentially
          > push me over my cap and cost me money? If I subscribe to your email
          > feed will you warn me that your emails might fill my allowed space?

          Again, there’s the difference between download and upload. What I’m talking about with Octoshape it it’s almost uncontrolled use of UPLOAD bandwidth which is going to have a much lower cap than download.

          > I’m sure if you had warning on everything you viewed you would be
          > writing a blog complaining about that too, but since we don’t have

          That’s not what I’m saying and you know it. I’m saying that Octoshape and by extension Adobe And CBS News are being deliberately deceptive. They may or may not be attempting to hide something nasty in Octoshape, but they ARE hiding something.

          I’m not taking the stance that there needs to be 97 labels on everything warning users about every conceivable possibility, I’m saying that they need to rewrite that EULA so that it’s not being deceptive. Preferably in plain ordinary English.

          > that, don’t complain that there aren’t warning. I imagine you as the
          > person who sued McDonalds for the coffee being hot.

          What can I say? It’s my blog and I’ll say what I bloody well want to on it without the least regard for whether any government, corporation or individual like it or not. Especially when I think some governmental or corporate dipshit is lying about something and Octoshape, Adobe and CBS are up to their eyeballs in lies over this thing and anyone who can’t see that is either blind or a willfully ignorant sheep.

          Because there IS deception involved. How about that popup that said Octoshape was REQUIRED to watch the video when it very clearly was NOT REQUIRED.?

Sorry, the comment form is closed at this time.