在北美盜版 IPTV 產生的流量比 BitTorrent 還多

算是前陣子的新聞,在北美地區的盜版 IPTV 流量比 BitTorrent 的流量還多:「IPTV Piracy Generates More Internet Traffic Than Torrents」。

During peak hours, 6.5% of all downstream traffic on fixed networks is generated by TV piracy services.

To put this into perspective; this is more than all BitTorrent traffic during the peak hours, which was “only” 1.73% last year, and dropping.

如果把影音網站都考慮進去,最大的還是 YouTubeNetflix 這兩個啦,不過盜版的量也不小...

然後也有把最大的量分析出來,這裡面最大的量是 Indian Star Plus HD,應該是印度裔或是印度籍的人看家鄉的東西?

The most viewed of all in North America, with 4.6% of all pirated TV traffic, is the Indian Star Plus HD.

不過 Sandvine 一直都有方法分析整個北美流量,讓人感覺不太舒服...

維基百科各語言與各地區的綜合資訊

維基百科推出了新版的介面:「Just how many people are reading Wikipedia in your country, and what language are they using?」。

We recently released a new interactive visualization of Wikipedia traffic by country and language. Called WiViVi, which stands for Wikipedia Views Visualized, the new visualization shows the geographic distribution of pageviews to any or all Wikipedias from two different perspectives[.]

這個介面可以看到每個版本在每個地區佔的比率,像是中文維基百科的情況:

不過翻牆 VPN 的不知道怎麼算...

WPA2 安全漏洞

話說 WPA2 也撐了十三年了:

WPA2 became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard.

這次的漏洞可以參考「Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping」這邊。

PoC 稱作 KRACK (Key Reinstallation Attacks),漏洞將會在十一月正式發表,從會議的標題名稱大概可以知道方向,是對 Nonce 下手:「Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2」。另外站台 www.krackattacks.com 已經放好,等後續的發表更新了。

對於無線網路的各種漏洞,老方法還是目前最有效的方法,也是這次的 workaround 之一:上強度足夠的 VPN。

Update:補上論文「Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2」。

Amazon Route 53 對地區的微調功能

Amazon Route 53 推出新功能,針對地區微調資源的比重:「Amazon Route 53 Traffic Flow Announces Support For Geoproximity Routing With Traffic Biasing」。

範例大致上說明了這個功能的能力,假設你在兩個點都有服務可以提供,你可以利用這個功能微調某個比率到某個點:

For example, suppose you have EC2 instances in the AWS US East (Ohio) region and in the US West (Oregon) region. When a user in Los Angeles browses to your website, geoproximity routing will route the DNS query to the EC2 instances in the US West (Oregon) region because it's closer geographically. If you want a larger portion of users in the middle of the United States to be routed to one region, you can specify a positive bias for that region, a negative bias for the other region, or both.

有點 CDN 的想法在裡面...

Google 產品 (包括 YouTube) 使用 HTTPS 的情況

YouTube 公佈了 Google 產品使用 HTTPS 的情況,這次包括了 YouTube 在內:「YouTube's road to HTTPS」。

Netflix 與 YouTube 在北美是兩個最大的 internet 流量 (Netflix, YouTube video streaming dominate internet traffic in North America),要注意的是 Netflix 也是全上 HTTPS (It wasn’t easy, but Netflix will soon use HTTPS to secure video streams):

Netflix makes up a huge part of internet downloads, the company said, with the streaming service accounting for 37.1 per cent of all downstream traffic in North America during September and October.

YouTube accounted for the second-largest share of download traffic, at 17.9 per cent, followed by regular internet browsing at 6.1 per cent.

海外的部份 YouTube 就更高了,所以 YouTube 的 HTTPS rate 其實對整個 internet 很重要。而 YouTube 宣佈目前已經有 97% 的量上 HTTPS 了,應該是 Google 資料中心最大的流量:

We're proud to announce that in the last two years, we steadily rolled out encryption using HTTPS to 97 percent of YouTube's traffic.

利用 CloudFlare 的 reCAPTCHA 反向找出真正的 Tor 使用者

Cryptome 這邊看到可能可以被拿來用的技巧:「Cloudflare reCAPTCHA De-anonymizes Tor Users」。

Tor 使用者連到 CloudFlare 上時,常常會出現 reCAPTCHA 的提示,要求你驗證,而這個驗證過程的 traffic pattern 太龐大而且很明顯,當情治單位同時可以監控 CloudFlare 的上游 (像是「Airtel is sniffing and censoring CloudFlare’s traffic in India and CloudFlare doesn’t even know it.」這篇提到的問題) 或是監控 Tor 的 exit node 的上游,再加上同時監測使用者可能的 ISP,就可以對照湊出使用者:

Each click on one of the images in the puzzle generates a total of about 50 packets between Tor user's computer and the Cloudflare's server (about half are requests and half are real-time responses from the server.) All this happens in less than a second, so eventual jitter introduced in onion mixing is immaterial. The packet group has predictable sizes and patterns, so all the adversary has to do is note the easily detectable signature of the "image click" event, and correlate it with the same on the Cloudflare side. Again, no decryption required.

短短的一秒鐘內會產生 50 個封包,而且 pattern 很清楚...

Uber 在泰國曼谷提供 UberMOTO 服務:機車載客

Uber 在泰國曼谷推出 UberMOTO:「Uber launches its first motorcycle service」,官方的英文新聞稿:「Bangkok, UberMOTO is arriving now!」。

可以用現金或是信用卡付款:

At the end of your trip, you can pay with either cash or credit, depending on what you chose before requesting the ride. You’ll also receive an electronic receipt.

各種新嘗試 XD

更簡單設定 Route53 的方式:Route53 Traffic Flow

AWS 每個產品最近都丟出好多東西 (因為年底要到了嗎?),這次是 Amazon Route53 透過拖拉界面簡化 DNS 的設定:「New – Route 53 Traffic Flow」。

可以從這幾張畫面看出來 Traffic Flow 的用法:

r53_create_endpoint_1

r53_weighted_rule_1

r53_failover_rule_1

看畫面的資訊,功能都是本來在 Route53 上就有的,這次是設計界面讓使用者在 AWS Management Console (也就是 Web Console) 上更容易設定進階的分流。

分析網站流量的工具

在「Find Out How Much Traffic a Website Gets」這邊講到了五個分析網站流量的工具,分別是 AlexaCompeteSimilar WebSEM Rush 以及 Quantcast

由於你不可能知道其他網站的實際流量,這些都是估算值,就只是拿來參考用的,幫助你稍微有個概念而已 :p