幹壞事是進步最大的原動力
看到「Now Anyone Can Embed a Pirate Movie in a Website」這邊介紹的東西,直接輸入 IMDb 的編號 (包括 tt 開頭的那串編號),他就自動拉出 embed code:
然後可以直接線上觀看:
然後還支援字幕 (唔):
Interestingly, should one of those sources be Google Video, Vodlocker says its player offers Chromecast and subtitle support.
官網有寫來源是到處找:
VoDLocker searches all general video hosters like youtube, google drive, openload...
看起來整塊技術其實都是現成的。透過 search engine 加上定期的檢查機制與回報機制就可以做完 @_@
在「Netflix found to leak information on HTTPS-protected videos」這篇看到了研究員透過 VBR 所透露出的 side channel 資訊,成功的取得了被 HTTPS 保護的 Netflix 影片資訊。這對於美國的 ISP 是個大利多 (加上之前通過的法案),但對於個人隱私則是嚴重的打擊。
這項研究的準確率非常高:
To support our analysis, we created a fingerprint database comprised of 42,027 Netflix videos. Given this collection of fingerprints, we show that our system can differentiate between videos with greater than 99.99% accuracy. Moreover, when tested against 200 random 20-minute video streams, our system identified 99.5% of the videos with the majority of the identifications occurring less than two and a half minutes into the video stream.
而且他們居然是用這樣的單機分析:
苦啊...
在 Hacker News 上看到的專案,readbeyond/aeneas:
aeneas is a Python/C library and a set of tools to automagically synchronize audio and text (aka forced alignment).
馬上想到的是... 這根本就是字幕組的福音 XDDD
支援的語言:
Confirmed working on 38 languages: AFR, ARA, BUL, CAT, CYM, CES, DAN, DEU, ELL, ENG, EPO, EST, FAS, FIN, FRA, GLE, GRC, HRV, HUN, ISL, ITA, JPN, LAT, LAV, LIT, NLD, NOR, RON, RUS, POL, POR, SLK, SPA, SRP, SWA, SWE, TUR, UKR
除了 ENG 以外,有 JPN... XD
在手機裡面裝木馬後故意讓別人偷走,然後觀察小偷的行為並且拍成紀錄片:「Student Lets Thief Steal His Phone, Spies On Him For Weeks To Make This Documentary」。
影片已經有人翻譯完,有中文字幕可以開起來看:
裡面用的木馬 (防盜軟體) 是 Cerberus。
在「AT&T users will be able to stream DirecTV Now without using their data」這邊才看到 FCC 在這個月月初針對電信商對特定服務的 zero rating 發出警告:「The FCC tells AT&T it may be violating net neutrality with its DirecTV plans」:
AT&T is far from the only US carrier to zero rate data. T-Mobile has been ostentatiously offering free data for music and movies for a year now, and Verizon also zero rates video from its Go90 app. But in zero rating DirecTV, the FCC thinks AT&T may have gone too far.
AT&T 說任何人只要付錢都可以參加這個 plan:
AT&T’s argument is that any company that participates in its Sponsored Data program has to pay AT&T for it, and that includes DirecTV.
但問題還是在 AT&T 擁有 DirecTV,所以是左手付到右手:
Except, again, AT&T owns DirecTV, so even if one division is paying another, the overall company still ends up not paying any money.
而且這筆金額其實不小:
The situation for other companies is very different — and the FCC believes that the price they’d have to pay is “significant[.]”
不過總統快換人了,很有可能會往更糟的方向前進...
《薩利機長:哈德遜奇蹟》講的是「全美航空1549號班機事故」,有不少資料可以先看過再去看電影。(這部片要整個劇透透光後,去電影院刷個兩次會特別有感覺)
特別推薦看 IMAX 版,螢幕大感覺就是不一樣... 另外結尾的彩蛋有兩則,請不要看完第一則就跑掉了。(話說回來,上上星期五去長春國賓看的時候居然沒看到第二則就被工作人員告知已經結束,不知道是怎麼一回事...)
首先是維基百科的資料 (當作入口點):
中文版會容易看一些,不過英文版的資料比較豐富。
另外維基百科上面也有人從 FAA 所公開的資料中截出 New York TRACON 的錄音抓出對應的部份,並且將對話過程抄寫出來:「File:Flight 1549 FAA New York TRACON audio extract.ogg」,電影的確照實將這些對話演出來:
在「Flight 1549 3D Reconstruction, Hudson River Ditching Jan 15, 2009」這邊依照公開的錄音 (從在機場起飛開始) 以及所有公開的對話記錄 (黑盒子的記錄),配上模擬機上的畫面,也可以看一看:
包括機長對著哈德遜河樹旗的「uh what a view of the Hudson today」... 然後是另外一個角度,混入 LGA 的錄音記錄以及雷達記錄:
再來是在電影裡面提到的 35 秒延遲實驗,這可以在 NTSB 的官方報告裡面看到對應的說明 (取自「Loss of Thrust in Both Engines After Encountering a Flock of Birds and Subsequent Ditching on the Hudson River - US Airways Flight 1549 - Airbus A320‐214, N106US - Weehawken, New Jersey - January 15, 2009」這份 PDF):
Regarding the second flight scenario, 20 runs were performed in the engineering simulator from a preprogrammed point shortly before the loss of engine thrust in which pilots attempted to return to either runway 13 or 22 at LGA or runway 19 at TEB. Five of the 20 runs were discarded because of poor data or simulator malfunctions. Of the 15 remaining runs, in 6, the pilot attempted to land on runway 22 at LGA; in 7, the pilot attempted to land on runway 13 at LGA; and in 2, the pilot attempted to land on runway 19 at TEB. In eight of the 15 runs (53 percent), the pilot successfully landed after making an immediate turn to an airport after the loss of engine thrust. Specifically, two of the six runs to land on runway 22 at LGA, five of the seven runs to land on runway 13 at LGA, and one of the two runs to land on runway 19 at TEB immediately after the loss of engine thrust were successful. One run was made to return to an airport (runway 13 at LGA) after a 35-second delay, and the landing was not successful.
也就是做了 20 次的模擬,而有效的模擬有 15 次,其中 8 次成功降落回機場 (成功次數分別是 LGA 22 跑道 2/6、LGA 13 跑道 5/7,以及 TEB 19 跑道 1/2),這些都是鳥擊後馬上選擇回機場迫降。
而加上 35 秒的反應時間後的 LGA 13 跑道則做了一次,那次降落則是不成功。
在 NTSB 報告上,加上 35 秒後的測試只有一次有點怪,但電影裡機長 Sully 臨時要求把「人性」加進去的劇情剛好符合這個解釋。所以有可能就如同電影所演出的,是現場追加的測試?
最後,有幾部記錄片則是透過不同的角度來看這次事故,都很值得看:
這些在網路上找一下都有,這邊就不提供連結了。
Netflix 對於寫了一篇關於隱私保護的技術細節:「Protecting Netflix Viewing Privacy at Scale」。
其中講到 2012 年的 Netflix Open Connect 中的 Open Connect Appliance (OCA,放伺服器到 ISP 機房的計畫) 只有單台伺服器 8Gbps,到現在 2016 可以達到 90Gbps:
As we mentioned in a recent company blog post, since the beginning of the Open Connect program we have significantly increased the efficiency of our OCAs - from delivering 8 Gbps of throughput from a single server in 2012 to over 90 Gbps from a single server in 2016.
早期的 Netflix 走 sendfile() 將影片丟出去,這在 kernel space 處理,所以很有效率:
當影片本身改走 HTTPS (TLS) 時,其中一個遇到的效能問題是導致 sendfile() 無法使用,而必須在 userland space 加密後改走回傳統的 write() 架構,這對於效能影響很大:
所以他們就讓 kernel 支援 AES 系列加密 (包括 AES-GCM 與 AES-CBC),效能的提昇大約是 30%:
Our changes in both the BoringSSL and ISA-L test situations significantly increased both CPU utilization and bandwidth over baseline - increasing performance by up to 30%, depending on the OCA hardware version.
文章開頭也有提到選 AES-GCM 與 AES-CBC 的一些來龍去脈,主要是 AES-GCM 的安全強度比較好,另外考慮到舊的 client 不支援 AES-GCM 時會使用 AES-CBC:
We evaluated available and applicable ciphers and decided to primarily use the Advanced Encryption Standard (AES) cipher in Galois/Counter Mode (GCM), available starting in TLS 1.2. We chose AES-CGM over the Cipher Block Chaining (CBC) method, which comes at a higher computational cost. The AES-GCM cipher algorithm encrypts and authenticates the message simultaneously - as opposed to AES-CBC, which requires an additional pass over the data to generate keyed-hash message authentication code (HMAC). CBC can still be used as a fallback for clients that cannot support the preferred method.
另外 OCA 機器本身也都夠新,支援 AES-NI 指令集,效能上不是太大的問題:
All revisions of Open Connect Appliances also have Intel CPUs that support AES-NI, the extension to the x86 instruction set designed to improve encryption and decryption performance. We needed to determine the best implementation of AES-GCM with the AES-NI instruction set, so we investigated alternatives to OpenSSL, including BoringSSL and the Intel Intelligent Storage Acceleration Library (ISA-L).
不過在「Netflix Open Connect Appliance Deployment Guide」(26 July 2016 版) 這份文件裡看起來還是用多條 10Gbps 透過 LACP 接上去:
You must be able to provision 2-4 x 10 Gbps ethernet ports in a LACP LAG per OCA. The exact quantity depends on the OCA type.
可能是下一版準備要上 40Gbps 或 100Gbps 的準備...?
由 MPAA 資助的報告顯示 DVD 的發行時間差異導致盜版:「DVD Release Delays Boost Piracy and Hurt Sales, Study Shows」,報告在「Windows of Opportunity: The Impact of Piracy and Delayed International Availability on DVD Sales」這邊可以看到。
用真實資料計算得到:
"When we run our regressions on Spain and Italy alone, we observe a 10% drop in sales for every 10-day delay in legal availability, as compared to a 2% drop in sales for every 10-day delay in the entire sample," the paper reads.
"Our results suggest that an additional 10-day delay between the availability of digital piracy and the legitimate DVD release date in a particular country is correlated with a 2-3% reduction in DVD sales in that country," the researchers write.
時效的重要...
剛剛看到 2017 年將會有最新一季的 Star Trek:「New Star Trek Series Premieres January 2017」。
Star Trek 在科技史上是部很重要的影集與一系列的電影,在 NASA 裡甚至有很多人是被 Star Trek 所影響才加入 NASA 的。
明年 2016 年將會有五十週年活動:
Star Trek, which will celebrate its 50th anniversary in 2016, is one of the most successful entertainment franchises of all time.
來等看看好了,之前有些 series 有點雷,新的不知道怎樣 XDDD
這大概是這幾天最刺激的事情... Amazon 決定在自家購物往站上停售 Google Chromecast 與 Apple TV:「Amazon to Ban Sale of Apple, Google Video-Streaming Devices」。
引用新聞的報導說明,因為 Chromecast 與 Apple TV 不相容於 Amazon 自家的 Prime Video,所以下令所有的店家停售:
The Seattle-based Web retailer sent an e-mail to its marketplace sellers that it will stop selling the Apple TV and Google’s Chromecast since those devices don’t "interact well" with Prime Video. No new listings for the products will be allowed and posting of existing inventory will be removed Oct. 29, Amazon said. Prime Video doesn’t run easily on its rival’s hardware.
至於會不會引起反壟斷調查呢?站在看好戲的立場當然是很希望,但這兩個產品就算不在 Amazon 上買,也有一卡車的競爭對手有賣... 不曉得後面會怎麼發展。