blind_html [Fwd: Watch a live video, share your PC with CNN]
- From: Nimer <nimerjaber1@xxxxxxxxx>
- To: blind_html@xxxxxxxxxxxxx
- Date: Thu, 05 Feb 2009 13:02:09 -0700
-------- Original Message --------
Subject: Watch a live video, share your PC with CNN
Date: Thu, 5 Feb 2009 11:40:13 -0800
From: Alan Paganelli <alanandsuzanne@xxxxxxxxxxxxx>
Reply-To: Blind-chit-chat@xxxxxxxxxxxxxxx
To: <blind-chit-chat@xxxxxxxxxxxxxxx>
If you would like to subscribe tothis news letter here is a link for the
free version. They also have a paid account with more content. The good
news is anybody can afford a paid subscription for a year. You send them
what you can afford. This news letter has saved my bacon more times then
I can count. Here's the link to the free version.
http://windowssecrets.com/links/zc6u8g799k2jd/882624h/?url=WindowsSecrets.com%2Finfo%2F
<http://windowssecrets.com/links/zc6u8g799k2jd/882624h/?url=WindowsSecrets.com%2Finfo%2F>
TOP STORY
Watch a live video, share your PC with CNN
Brian Livingston
By Brian Livingston
Many people who watched live streaming video of the inauguration of U.S.
President
Barack Obama on Jan. 20 may not realize that their PC was used to send
the video
to other PCs, too.
Clicking "yes" to a CNN.com dialog box installed a peer-to-peer (P2P)
application
that uses your Internet bandwidth rather than CNN's to send live video
to other viewers.
The P2P application is called Octoshape Grid Delivery and is managed by
Octoshape
ApS, a company based in Copenhagen, Denmark.
Web surfers who visit CNN.com and select a live video stream for the
first time see
in their browsers a dialog box, shown in Figure 1, saying, "This site
requires the
Octoshape Grid Delivery enhancement for Adobe Flash Player." The dialog
box doesn't
appear when playing an ordinary video file, only when starting a live
feed. (Feeds
labeled LIVE typically appear in the upper-right corner of CNN.com's
home page during
business hours.)
CNN Octoshape dialog box
Figure 1. Users who select a CNN.com live video feed see a dialog box to
install
the Octoshape Grid Delivery application.
According to Octoshape's
end-user license agreement
(EULA), what's installed is a peer-to-peer app that will "deliver parts
of the video
and audio stream to other end users of the Software."
Why should you care? Windows Secrets contributing editor Ryan Russell,
using a network
sniffer, measured Octoshape using upstream bandwidth of 320 kilobits per
second on
a broadband connection. Dan Ferrell, in a
comment
on contributing editor Susan Bradley's blog, reports seeing 600 Kbps of
upstream
traffic. At first glance, Ferrell adds, the multiple connections to his
PC looked
on his security alert system like some kind of SQL attack.
The Internet Storm Center, an Internet security organization,
reported
that traffic on Jan. 20 had jumped to a level thousands of times higher
than usual
on port 8247, which is used for UDP, the User Datagram Protocol. (See
Figure 2.)
The center quickly identified the source as legitimate — CNN — but
security consultant
Raul Siles warned in his report, "It would be easy for an attacker to
hide his actions
on this port if we simply ignore it."
ISC Octoshape UDP traffic
Figure 2. The Internet Storm Center measured an enormous increase in UDP
traffic
on Jan. 20.
In a telephone interview, Octoshape's P2P nature was confirmed by Mike
Wise, group
technical advisor for platform R&D at Turner Broadcasting System, the
parent of CNN.
Wise emphasized that the news network had selected the most considerate
software
for the job: "The Octoshape technology uses a congestion control
mechanism that's
less aggressive than TCP and most UDP implementations." As one example
of the way
Octoshape gives priority to user tasks, he explained, "we chose an
implementation
that wouldn't interfere with consumer's VoIP [Voice over Internet
Protocol] applications."
As a European company, Octoshape's technology was initially used on the
continent
to stream live feeds of such high-profile events as the Eurovision Song
Contest and
the UEFA Cup. "We're their first big United States customer, as least
that I know
of," says Wise.
"We did some limited trials leading up to the election" on Nov. 4, as
Wise describes
it. The big test came with the Jan. 20 inaugural address. More than 26
million live
feeds (including restarts of crashed streams) were served that day by
CNN.com, according
to a Jan. 25
article
and
chart
in the New York Times. CNN's nearest rivals served "only" 9.1 million
(MSNBC) and
8 million (AP).
To my surprise, I've seen only a few blogs comment on the implications
of CNN using
so much upstream bandwidth — and almost no headlines in the mainstream
U.S. media.
Most Internet service providers support far less bandwidth in the
upstream direction
(from a PC to the Internet) than they do downstream (from the Internet
to a PC).
But that isn't the only concern with CNN's use of people's Internet
connections:
Deceptive marketing.
Octoshape's dialog box warns that playing a live video "requires"
installing new
software. Despite this, however, if you click "no" to Octoshape, you can
play the
feed using the streaming video capability built into Windows Media
Player or Adobe's
Flash Player, although possibly with less fidelity. Small links to
choose one of
the two standard formats appear in the bottom-right corner of the
playback window.
The Octoshape EULA doesn't become available until after the user is
required to select
"yes" or "no" to install the app. But even if the EULA appeared before
the buttons,
burying in legalese the commandeering of a person's PC isn't my idea of
"informed
consent." Only a clear explanation of the repurposing of a PC's
bandwidth — in on-screen
text, readable without scrolling — is an adequate way to inform users of
such a technique.
Cost-shifting to ISPs.
CNN's use of Octoshape might make live feeds look somewhat smoother to
end users,
but the primary benefit is a reduction in cost to the cable news network.
The TorrentFreak
blog
cites an unnamed insider as saying 30% of CNN's live feed traffic was
served from
individual PCs and not the network's own servers. That saves CNN big
time on bandwidth.
But the cost doesn't just disappear — it's shifted to ISPs.
Brett Glass, the owner of Lariat.net, a small ISP in Laramie, Wyoming,
testified before the FCC
last year on cost-shifting. Bandwidth, he explains, can cost hundreds of
dollars
per Mbps per month to providers in rural areas like his. "CNN is setting
up a server
on the ISP's network without permission or compensation," he told me in
an interview.
"CNN's not a charity, in fact it's doing a lot better than some ISPs."
Costs to end users.
Many ISPs around the world restrict how much bandwidth users can
consume. Those
providers charge by the megabyte for any traffic above that level. Users
who installed
Octoshape's app and served traffic upstream as well as down may get an
unpleasant
surprise in their next monthly bill. Octoshape anticipated this in the
company's
EULA
by saying, "You are responsible for any telecommunication or other
connectivity
charges incurred through the use of the Software."
In addition, ISP terms of service usually prohibit customers from using
their Internet
connection to host a server. The FCC ruled last year against Comcast, a
major U.S.
ISP, on peer-to-peer restrictions, as explained in an Ars Technica
article
. But other legal issues on home-grown servers remain unsettled.
(In an interview, Comcast spokeswoman Jenny Moyer declined to address
CNN's use of
Octoshape, saying, "I don't think it's anything we're going to be able
to comment
on at this time.")
Ludicrous license terms. Anyone who reads Octoshape's
EULA
after clicking "yes" to install the app finds that they've agreed to
some hilarious
prohibitions:
"You may not collect any information about communication in the network
of computers
that are operating the Software or about the other users of the Software
by monitoring,
interdicting or intercepting any process of the Software. Octoshape
recognizes that
firewalls and anti-virus applications can collect such information, in
which case
you not are allowed to use or distribute such information."
Company policies on outbound traffic.
No one has suggested that Octoshape is doing anything other than
relaying live video
streams to other PCs. In a
blog comment
, Johan Ryman, Octoshape manager of strategic partnership and sales,
assures users
that the app is well-behaved and stops consuming upstream bandwidth
within five seconds
of a live stream being closed.
Many companies, however, have policies against sending data outside
their LAN. How
many CIOs will be comfortable with an app that sends unknown information
to random
PCs?
Use of Flash's install mechanism.
Octoshape is the only outside company that's allowed to download
software using
the Adobe Flash Player's so-called Express Install feature, according to
a Flash
Magazine
technical analysis
. Express Install is used by Adobe to push updates and other software,
such as Acrobat
Connect and the Adobe AIR runtime.
IT admins who'd like to turn off the installation of Octoshape within
their companies
could disable Flash's update mechanism, as explained in Adobe TechNote
16701594
. But doing so would disable all auto-updates from Adobe, not just
Octoshape.
Security vulnerabilities.
The Octoshape app is supported by an established company and is not any
kind of
virus or worm. However, most programs have bugs, and Octoshape
specifically communicates
with its own servers and other PCs in ways that are not apparent to end
users.
Any Web site you visit that is "Octoshape aware" can invoke the
application. If a
security vulnerability is discovered in the Octoshape software, hackers
could exploit
the weakness.
Media players expose PC users to serious security flaws more often than
Windows itself
does, as WS associate editor Scott Dunn reported on
Aug. 16, 2007
. For instance, several new vulnerabilities were discovered in Flash
Player version
9 in 2008 alone, including one rated "highly critical," according to
advisories
by the security firm Secunia.
In a follow-up article on
Sept. 6, 2007
, Scott reported that Flash Player 9 was found to be unpatched in 62% of
the Windows
PCs that participated in a test. End users can correct these holes by
patching the
player or upgrading to version 10, but too few do so.
Corporate revolving doors.
It's remarkable to see how a small company in Denmark has managed to
gain exclusive
contracts with Adobe and CNN. I'm all for innovative software firms
selling cutting-edge
technology.
At the same time, I wonder how these relationships came into being. Last
month, Octoshape
hired as its new U.S. CEO Scott Brown, previously a vice president of
Turner Broadcasting,
according to the Business of Video
blog
. Sounds like the connection between CNN and Octoshape is getting
stronger all the
time.
The question isn't whether peer-to-peer technology is "good" or "bad."
P2P is here
to stay.
But if all TV programs are going to be streamed live by media giants, as
I'm sure
will eventually happen, the question is what impact this will have on
Internet bandwidth
— and who will pay for it.
I'd like to see the computer industry start a well-publicized discussion
in the major
news media about this. If we're going to stream TV across the Internet,
shouldn't
we select an open standard (the TorrentFreak blog likes
P2P-Next
), rather than proprietary technology that's restricted to a few parties
with patents?
What to do if you have Octoshape on your PC
As I mentioned earlier, the Octoshape app isn't currently a threat. But
I personally
would rather put up with a slightly jerky video than run an application
on my PC
that's sending God-knows-what to who-knows-whom.
Fortunately, the Octoshape program isn't hard to find or remove:
Step 1.
To find out whether the Octoshape app is running, you can use Windows'
built-in
Task Manager. (Right-click a blank space on the Task Bar, and then click
Task Manager.)
As Susan Bradley shows in a
blog post
, when you're viewing a live stream from CNN.com, you'll see in Task
Manager a service
called
octoshape.exe.
(In the illustration on her blog, instances of the service are shown to
be consuming
63MB of RAM, but a lot of this memory may be taken up by the Flash
Player itself.)
Step 2.
To remove Octoshape's app, you can use the Control Panel in either
Windows XP or
Vista. In XP, the applet is called
Add or Remove Programs.
In Vista, it's Programs and Features.
The "Octoshape add-in for Adobe Flash Player" is the name of the program
to uninstall.
Strangely, there isn't an uninstaller for the Mac version of the app.
You have to
manually delete the Octoshape folder.
These removal procedures are explained in detail at the bottom of the
Octoshape Grid
Delivery
FAQ
.
There's much more to write on this subject, but I'll stop here. If you
have additional
specifics on any of this, please send a tip via the Windows Secrets
contact page
. Thanks!
Regards,
Alan
Please click on: http://www.home.earthlink.net/~alanandsuzanne/
<http://www.home.earthlink.net/%7Ealanandsuzanne/>.
There, you'll find files of my arrangements and performances played on
the Yamaha Tyros keyboard. I often add files so check back regularly!
The albums in Technics format formerly on my website are still
available upon request.
__._,_.___
Messages in this topic
<http://groups.yahoo.com/group/Blind-chit-chat/message/90082;_ylc=X3oDMTM1bDAzMmdoBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEbXNnSWQDOTAwODIEc2VjA2Z0cgRzbGsDdnRwYwRzdGltZQMxMjMzODYyODIwBHRwY0lkAzkwMDgy>
(1) Reply (via web post)
<http://groups.yahoo.com/group/Blind-chit-chat/post;_ylc=X3oDMTJwYTgxYmV0BF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEbXNnSWQDOTAwODIEc2VjA2Z0cgRzbGsDcnBseQRzdGltZQMxMjMzODYyODIw?act=reply&messageNum=90082>
| Start a new topic
<http://groups.yahoo.com/group/Blind-chit-chat/post;_ylc=X3oDMTJkZWl0ZzI3BF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDbnRwYwRzdGltZQMxMjMzODYyODIw>
Messages
<http://groups.yahoo.com/group/Blind-chit-chat/messages;_ylc=X3oDMTJkZzNiNTk0BF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDbXNncwRzdGltZQMxMjMzODYyODIw>
| Files
<http://groups.yahoo.com/group/Blind-chit-chat/files;_ylc=X3oDMTJlaTRxYjdvBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDZmlsZXMEc3RpbWUDMTIzMzg2MjgyMA-->
| Photos
<http://groups.yahoo.com/group/Blind-chit-chat/photos;_ylc=X3oDMTJkdGkyYWVxBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDcGhvdARzdGltZQMxMjMzODYyODIw>
| Links
<http://groups.yahoo.com/group/Blind-chit-chat/links;_ylc=X3oDMTJlNzhtYzZhBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDbGlua3MEc3RpbWUDMTIzMzg2MjgyMA-->
| Database
<http://groups.yahoo.com/group/Blind-chit-chat/database;_ylc=X3oDMTJiN3JnMTZhBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDZGIEc3RpbWUDMTIzMzg2MjgyMA-->
| Polls
<http://groups.yahoo.com/group/Blind-chit-chat/polls;_ylc=X3oDMTJlZmZqNDZvBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDcG9sbHMEc3RpbWUDMTIzMzg2MjgyMA-->
| Calendar
<http://groups.yahoo.com/group/Blind-chit-chat/calendar;_ylc=X3oDMTJjOHUxOGc3BF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDY2FsBHN0aW1lAzEyMzM4NjI4MjA->
MARKETPLACE
------------------------------------------------------------------------
From kitchen basics to easy recipes - join the Group from Kraft Foods
<http://us.ard.yahoo.com/SIG=13r9gi10l/M=493064.12016295.13271503.10835568/D=groups/S=1705189052:MKP1/Y=YAHOO/EXP=1233870020/L=/B=3FLySkPDhEY-/J=1233862820509577/A=5530388/R=0/SIG=11nuutlas/*http://explore.yahoo.com/groups/kraftmealsmadesimple/>
Yahoo! Groups
<http://groups.yahoo.com/;_ylc=X3oDMTJjbGJoZGhsBF9TAzk3NDc2NTkwBGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDZ2ZwBHN0aW1lAzEyMzM4NjI4MjA->
Change settings via the Web
<http://groups.yahoo.com/group/Blind-chit-chat/join;_ylc=X3oDMTJlcDVxbzRlBF9TAzk3NDc2NTkwBGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDc3RuZ3MEc3RpbWUDMTIzMzg2MjgyMA-->
(Yahoo! ID required)
Change settings via email: Switch delivery to Daily Digest
<mailto:Blind-chit-chat-digest@xxxxxxxxxxxxxxx?subject=Email%20Delivery:%20Digest>
| Switch format to Traditional
<mailto:Blind-chit-chat-traditional@xxxxxxxxxxxxxxx?subject=Change%20Delivery%20Format:%20Traditional>
Visit Your Group
<http://groups.yahoo.com/group/Blind-chit-chat;_ylc=X3oDMTJjc3IzczFqBF9TAzk3NDc2NTkwBGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA2Z0cgRzbGsDaHBmBHN0aW1lAzEyMzM4NjI4MjA->
| Yahoo! Groups Terms of Use <http://docs.yahoo.com/info/terms/> |
Unsubscribe <mailto:Blind-chit-chat-unsubscribe@xxxxxxxxxxxxxxx?subject=>
Recent Activity
*
3
New Members
<http://groups.yahoo.com/group/Blind-chit-chat/members;_ylc=X3oDMTJldm90bXE3BF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA3Z0bARzbGsDdm1icnMEc3RpbWUDMTIzMzg2MjgyMA-->
Visit Your Group
<http://groups.yahoo.com/group/Blind-chit-chat;_ylc=X3oDMTJkcWVqOWJtBF9TAzk3MzU5NzE0BGdycElkAzMxMDU1NARncnBzcElkAzE3MDUxODkwNTIEc2VjA3Z0bARzbGsDdmdocARzdGltZQMxMjMzODYyODIw>
Check out the
Y! Groups blog
<http://us.ard.yahoo.com/SIG=13o68mj6q/M=493064.12016258.12582637.8674578/D=groups/S=1705189052:NC/Y=YAHOO/EXP=1233870020/L=/B=3VLySkPDhEY-/J=1233862820509577/A=5191952/R=0/SIG=112mhte3e/*http://www.ygroupsblog.com/blog/>
Stay up to speed
on all things Groups!
Yahoo! Groups
w/ John McEnroe
<http://us.ard.yahoo.com/SIG=13oebsgil/M=493064.12016283.12445687.8674578/D=groups/S=1705189052:NC/Y=YAHOO/EXP=1233870020/L=/B=3lLySkPDhEY-/J=1233862820509577/A=5202322/R=0/SIG=11aijbghb/*http://new.groups.yahoo.com/allbrangroup>
Join the All-Bran
Day 10 Club.
Yahoo! Groups
Cat Owners Group
<http://us.ard.yahoo.com/SIG=13o6ffe3e/M=493064.12016263.12445670.8674578/D=groups/S=1705189052:NC/Y=YAHOO/EXP=1233870020/L=/B=31LySkPDhEY-/J=1233862820509577/A=5522126/R=0/SIG=11kt0eu7c/*http://advision.webevents.yahoo.com/domoreforcats/>
Connect and share with
others who love their cats
.
__,_._,___
blind_html
To unsubscribe, please send a blank email to
blind_html-request@xxxxxxxxxxxxx
with unsubscribe in the subject line.
To access the archives, please visit:
//www.freelists.org/archive/blind_html
Thanks
Other related posts:
- » blind_html [Fwd: Watch a live video, share your PC with CNN] - Nimer
