Archives

For anyone who follows me on social media, or is following the latest technology news, you’ve seen that there has been a significant amount of news generated by a new DDoS attack vector. The memcached UDP-reflection attack, that some are referring to as memcrashed, spoofs origin IP addresses to take control of memcached instances exposed to the public internet. One result of this type of attack was the largest DDoS attack ever recorded last week, levied against GitHub at 1.35 Tbps, or roughly twice the volume that the Mirai botnet levied against the Krebs site (a prior record).

From a streaming media perspective this is significant, since memcached instances are a common element in technology stacks powering streaming media infrastructure. Just because a business has implemented memcached does not mean that they are susceptible to having their machines taken over, however at the time of this writing there are nearly 60,000 memcached instances that are openly accessible. Since UDP is easy to spoof, these instances are not only vulnerable, but can amplify traffic by a factor of over 50,000, meaning a 203 byte request results in a 100 megabyte response. So if an attacker spoofs the IP address with that of their target, they have the means to generate a potentially massive DDoS attack.

The important thing to consider is that because of the way this attack vector works, and how relatively easy it is to initiate, the potential exists for even larger attacks to come. In fact, if you look at reports from Akamai and others, in a 24 hour period there were reports of attacks from 190 Gbps, 500 Gbps, and subsequently the largest reported at 1.35 Tbps. This means that any media company or digital business needs to have a strategy in place and take action. Most are blocking the default port used by memcached: UDP port 11211, but beyond that, you should be reviewing the SLA provided by your current DDoS protection provider to understand their capacity limits and behaviors if you come under attack. You don’t want one of your high value or critical streams to be disrupted or taken offline because your provider started to black hole your traffic.

All CDNs inherently protect you from most volumetric attacks, but more sophisticated stuff will require active filtering (or for these ports to be default blocked). Recent attacks are bigger than most any non-institutional DDoS provider to absorb themselves. If you were monitoring these events last week, you might have seen this tweet from Thousand Eyes highlighting their capture of GitHub withdrawing their routes from the telcos (and a subsequent writeup they performed on the entire event) providing their service and moving them to Akamai’s Prolexic platform. Because GitHub had already configured their platform for Prolexic, once they routed on to the platform they were able to restore service.

But more importantly, you need to know what the actual mitigation plan is with your DDoS provider. If there is going to be a hard cut into scrubbing mode, you need to plan for down time. What’s that going to do to your failover? What systems will be impacted? Are you sure you can recover gracefully? Github engineered for this, so their downtime was “only” 6mins. For most web facing applications, it should just come right up, but if you’re cutting over an API which you AND your customers rely on, how’s that going to behave? Akamai, Amazon, Fastly, Google and others all offer edge cloud based WAF and DDoS services and customers should look for solutions that are inline all the time and fully distributed across the entire network/platform.

Across the industry, CDNs continue to evolve their solution set and cloud-based WAF and DDoS solutions have become the new products CDNs are investing heavily in. While video was the killer app for a long time, security is now the new CDN.

In case you haven’t heard, in partnership with the NAB I’m launching a new series of focused conferences at the NAB shows in Vegas and NY, dedicated to the streaming media industry. See my blog post here with all the details.

The call for speakers is now open and am looking for those that want to present and speak on a host of business, technology and content topics, on April 11th. OTT, live workflows, content monetization and packaging, transcoding, HEVC, future technologies in a multiscreen world (VR and AI) and a host of other subjects.

I’m looking for how-to technical presentations, case studies, moderators for round-table sessions and those that can present on business topics. If you’re interested in speaking, please reply to this email and send me your ideas. The show is only six weeks away, so now is the time to reach out to me with any/all suggestions. dan@danrayburn.com

And if you’re headed to Vegas for the NAB show, I’ll be hosting a big Beer Garden networking reception on Tuesday, April 10th at 5pm. Stay tuned for more details!

Save

Save

GlobalLogic, the design and engineering firm that has developed and worked on some of the most widely used OTT apps and platforms in the market, currently has two sales positions open, in LA and NYC. Details on the jobs are below, contact me if you’d like an intro.

The ideal candidate is someone with strong experience in establishing new customer relationships and has established connections with technology executives in the Media and Entertainment industry.

Responsibilities:

• Identify and develop key relationships with potential clients to grow sales revenue
• Work directly with senior decision makers; Chief Technology Officer, Chief Digital Officer, Chief Product Officer, VP of Engineering and their teams
• Deep engagement with customers to understand their needs and build/ nurture long term relationships
• Conduct client presentations, proposals and negotiations
• Own the sales funnel across the entire cycle – from lead to close
• Own all sales conversion metrics and monthly goals

Experience required:

• A minimum of 10+ years of proven experience selling technology products and services to Media industry customers
• Strong network of key decision makers in the target (media) segment
• Proven track record in new business acquisition
• Expert understanding of the technology needs of target segments
• Exceptional verbal and written communication skills
• Exceptional prospecting skills and excellent closing skills

Target segments and customers:

• Entertainment: TV Networks, Studios, Distributors, vMVPDs, technology providers
• Publishing: Magazine and Newspaper publishing customers
• Education: Publishers of education content

GlobalLogic Service offerings:

• Strategic Design, User Experience and Technology Development for Digital Transformation, New Products Creation, Tools for internal needs and Platform Customization
• Technology development for Video delivery through OTT, Liner TV, TV Everywhere
• Development of “native” client apps for Big-screen, Mobile and Web platforms
• Cloud native software application development, Analytics platform development, Automation using AI / ML technologies

On Sunday February 25th, Ericsson is hosting a special one-day “UDN Global Partnership Forum” around the topic of content delivery at the Hotel ARTS in Barcelona. This executive event brings together business and technical leaders from over 50 leading service providers and content providers worldwide to explore creative ways to transform content distribution and grow new revenue streams.

I’ll be kicking off the event with my thoughts on some of the latest trends in the market and moderating a round-table session later in the day. Executives from Telstra, Bharti, Vodafone, Rogers, KDDI, NTT DoCome, FOX, Sky, ESPN, Al Jazeera, Warner brothers and many others are confirmed. There will also be a welcome reception taking place the night before at 7pm on Saturday, February 24th.

If you are a carrier, telco, major content owner or broadcaster and would like to attend the event, please reach out to me. It’s going to be a great event, with a lot of networking and tickets are free for those that are qualified.

And if you’d like to hear more about the topic, listen to the L8ist Sh9y Podcast where Yves Boudreau from Ericsson provides insight into what webscale customers are looking for in the Edge as they think about balancing their applications from public cloud services to future edge clouds.

Save

Save

Save

Save

Save

Save

Based on CDN pricing data I collected in December, a lot of customers are currently using multiple CDNs to deliver their content, even for customers not spending millions of dollars per year. To get a better insight into how customers make content routing decisions and where in their technology stack these multi-CDN routing decisions are being made, I’m doing a quick 10 question survey. Please click the survey button below to take the survey and see the data I am collecting.

Save

Save

I am excited to announce that in partnership with the NAB, we are launching a new series of focused conferences at the NAB shows, dedicated to the streaming media industry. Called the “Streaming Summit by Dan Rayburn“, the event will kick off at NAB Vegas on April 11th as a one-day, three-track show, and will grow into a much larger conference, covering two-days at the NAB show in NYC on October 17-18. (nabstreamingsummit.com) [I’ll be giving away some free passes to the show, so tweet out your request using @danrayburn and the hashtag #streamingsummit for your chance to win.]

The NAB shows have more streaming media related vendors, content owners, broadcasters, and industry attendees all in one place, than any other event. Now, with a dedicated focus on the technology and business around streaming media, my goal is to foster a much tighter community that together, can bring more exposure and awareness to the streaming media market. The new Streaming Summit isn’t just a one-off event but rather is the first piece of a brand new media company I am building, that will give vendors and end-users a better way to collaborate, share information, gain exposure, and learn from each other.

For the past 15 years I have been an extension for many in the industry, using the platforms I have to try to help inform, educate and empower others, to help our industry grow. With the reach the NAB has and their marketing power to get the message out, I now have a much larger platform and more resources to help us all. This is your chance to help shape your industry and I WANT to hear from you! I’m looking to get as much feedback as possible from individuals and on behalf of companies who have been going to the NAB shows, so I can hear what you want to see at the events and other resources you want to see in the market.

I’m also now accepting all speaking suggestions and proposals for the Vegas show and anyone interested in presenting, moderating, etc. can email me directly.

Today, an entire industry of professionals relies on streaming and online video services for their livelihood. And I believe that it’s time that together, as an industry, we do everything we can to “make video matter”. I’m excited for this new opportunity and look forward to hearing your ideas and as always, you can reach out to me at anytime at 917-523-4562 or email (mail@danrayburn.com).

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

The live stream of Super Bowl 52 is looking great so far, across all the devices and platforms I’ve tried. I’ve tested the stream on Amazon Fire TV (NBC Sports App, SlingTV), MacBook (Firefox, Chrome, Safari), iPad Mini (NBC Sports App), Xbox One (NBC Sports App, Sling TV), Apple TV 3/4, (NBC Sports App) and on mobile using the Yahoo Sports App and NFL Mobile App on iPhone, both celluar and WiFi. (Updated 8:14pm ET: Sony’s live streaming service PlayStation Vue is having major problems, in multiple cities, keeping many from being able to watch the Super Bowl. Seems to be fixed in some cities but not others.) (Updated 10:40pm ET: Hulu’s live stream of the Super Bowl has gone down for users in some markets.)

There is a massive difference per device on how behind the stream is when compared to the TV feed as well as startup times. The Fire TV is 20+ seconds behind, and the NBC App on the iPad is taking 15+ seconds to startup. But once started, none of my streams, across any device or platform has buffered once. I don’t have the encoding specs as of yet, but max bitrate looks to be about 800Kbps on mobile and 3.5Mbps on desktop, with max being 30 frames per second.

Ironically, the only problem I have seen so far is that my local NBC affiliate had an error cutting over to a commercial break at 7:38pm ET. So anyone who saw that on their stream, it’s not a streaming issue. Yes, broadcast TV can still have problems but NBC re-ran the ad properly at 7:46pm ET.

NBC Playmaker Media isn’t saying how many viewers they are expecting for the live stream, but I predict they will have 1M or less simultaneous streams. The third-party CDNs delivering the streams include Akamai, Amazon, Limelight, and Level 3. Will update this post if I get more tech details.

Save

Save

Save

Save

Save

Save

Save