Revision3 Blog: XLR8Rtv tag

UPDATE - Unfortunately, we’re going to have to reschedule tomorrow’s live streaming from the Revision3 studio during Tekzilla’s taping. We apologize for the short notice - the new date will be next week, July 1st 2008 at 5:30 PM Eastern/2:30 PM Pacific. We hope you all can join us next week. thanks.

One of the exciting things about Revision3 is the opportunity to do ground breaking and innovative things in the world of Internet Television and we’re psyched to to be challenging ourselves to do this day-in-and-day-out and today, we’ve got something very cool we hope you all will take part in.

As you know, we’ve built a state of the art studio ideal for for our needs in producing great shows like Tekzilla. The wizards in our engineering department have recently made it possible for us to stream live from the studio and we thought what would be cooler than inviting you all into the studio, virtually, to watch a taping of Tekzilla?

Mark your calendars - June 24, 2008 at 5:30 PM (eastern), Veronica Belmont, Patrick Norton and the rest of the Tekzilla crew will be taping the episode of Tekzilla which will be released on June 27th and you’re invited to come watch! Just go to revision3.com/watch to tune into the live stream and chat with other Tekzilla fans. Who knows, maybe Patrick and Veronica will take a break from the show and jump into the chatroom too! When we’re live, anything can happen!

Now, this won’t be a live run through of Tekzilla, rather the raw taping of the show which is then edited into the show that comes out on Fridays, so there will be lots of unfiltered moments behind the scenes. The entire taping will last a few hours, so plan to stick around if you can. I know Patrick and Veronica are excited to share this taping experience with all of you, so we hope you will join us on June 24th!

Hey everyone! Everyone here at Revision3 is putting a whole bunch of effort into building out a brand new Revision3 store and merchandise site. That means new shirts, hats, hoodies, stickers, wristbands, headbands, mouse pads, mugs, beer openers, and everything else awesome.

In an effort to make sure we provide you with everything that you want / need, we are looking to you for thoughts and suggestions about products we could supply from the store. We are open to any and every idea (as long as it is appropriate and possible) for every show. For example, AJ Vaynerchuk (a summer intern of ours) designed a concept for a Revision3 sneaker:

As you can see when we say anything, we really mean it! In addition to the products available in store, we’re going to be planning on some great free giveaways and stuff like that.

If you want to make a suggestion you can either leave a comment on this blog post, or make your way over to the Revision3 forums (here) and join the discussion there! An early favorite of the forums posters (and ours) is the laptop skins!

We are truly excited about getting this thing going and thank you in advance for all of the suggestions!
- David Prager

This truly is an epic announcement. I’m overjoyed to say that the amazingly entertaining, cool and ground-breaking show Epic Fu is now a part of the Revision3 lineup.

You can read all about it in our Revision3 Epic Fu press release. But let me just add a few more comments.

First, if you’ve never seen Epic Fu, you are in for a BIG treat. The show is wonderfully produced, full of great information about the web and modern culture, and so fast paced, even the Taz the hyperactive Tasmanian Devil would love it.

Second, host Zadi Diaz is a legitimate force on the internet. She’s developed an amazingly strong and loyal fan base, and via their innovative social network, Epic Fu has created an awesome on-line community, called MIX that extends the experience of the show out in virtually every direction. I’m excited to both bring Revision3’s core audience into that community, and to learn from them as we extend and enhance the communities around our other shows.

Finally, producer Steve and Zadi are some of the nicest people I’ve ever had the privilege to work with. Someone said to me recently that the truly talented are the most humble and real, and that obnoxiously over the top egotists are comparatively lacking in the talent department. If that’s true, Steve and Zadi are prime examples. They are genuine, real, talented and wonderful to work with. I encourage you to watch, download and subscribe. I know you’ll quickly become a passionate Epic Fu fan… just like me!

Come to the Totally Rad Show New York Meet-up!

Thanks to YOUR votes we won a Webby Award! And thanks to YOUR donations, we’re able to come to New York to accept it at the awards ceremony! So, since YOU had so much to do with our trip out east, we want to hang out and say thanks!

When: Sunday, June 8th from 2-4pm

Where: The Dave & Busters in Time Square.
234 West 42nd street, New York, NY 10036

Info: There is an age policy of:
•Over 21 with valid I.D. (state ID, drivers license, passport or military ID)
•If you are UNDER the age of 21 you must be accompanied by someone 25 or older with a valid ID.
•One person 25 years or older can accompany up to 6 minors.

HOWEVER! If you are under 21 and wearing any kind of TRS shirt (or any Revision3) we’ve been told that you will be allowed into the meet-up (but no drinking for you!).

Thanks for supporting the show! Hope to see you at Dave & Busters!

-The TRS Guys

As many of you know, Revision3’s servers were brought down over the Memorial Day weekend by a denial of service attack. It’s an all too common occurrence these days. But this one wasn’t your normal cybercrime – there’s a chilling twist at the end. Here’s what happened, and why we’re even more concerned today, after it’s over, than we were on Saturday when it started.

It all started with just a simple “hi”. Now “hi” can be the sweetest word in the world, breathlessly whispered into your ear by a long-lost lover, or squealed out by your bouncy toddler at the end of the day. But taken to excess – like by a cranky 3-year old–it gets downright annoying. Now imagine a room full of hyperactive toddlers, hot off of a three hour Juicy-Juice bender, incessantly shrieking “hi” over and over again, and you begin to understand what our poor servers went through this past weekend.

On the internet, computers say hi with a special type of packet, called “SYN”. A conversation between devices typically requires just one short SYN packet exchange, before moving on to larger messages containing real data. And most of the traffic cops on the internet – routers, firewalls and load balancers – are designed to mostly handle those larger messages. So a flood of SYN packets, just like a room full of hyperactive screaming toddlers, can cause all sorts of problems.

For adults, it’s typically an inability to cope, followed either by quickly fleeing the room, or orchestrating a massive Teletubbies intervention. Since they lack both legs and a ready supply of plushies, internet devices usually just shut down.

That’s what happened to us. Another device on the internet flooded one of our servers with an overdose of SYN packets, and it shut down – bringing the rest of Revision3 with it. In webspeak it’s called a Denial of Service attack – aka DoS – and it happens when one machine overwhelms another with too many packets, or messages, too quickly. The receiving machine attempts to deal with all that traffic, but in the end just gives up.
(Note the photo of our server equipment responding to the DoS Attack)

In its coverage Tuesday CNet asked the question, “Now who would want to attack Revision3?” Who indeed? So we set out to find out.

Internet attacks leave lots of evidence. In this case it was pretty easy to see exactly what our shadowy attacker was so upset about. It turns out that those zillions of SYN packets were addressed to one particular port, or doorway, on one of our web servers: 20000. Interestingly enough, that’s the port we use for our Bittorrent tracking server. It seems that someone was trying to destroy our bittorrent distribution network.

Let me take a step back and describe how Revision3 uses Bittorrent, aka BT. The BT protocol is a peer to peer scheme for sharing large files like music, programs and video. By harnessing the peer power of many computers, we can easily and cheaply distribute our huge HD-quality video shows for a lot less money. To get started, the person sharing that large file first creates a small file called a “torrent”, which contains metadata, along with which server will act as the conductor, coordinating the sharing. That server is called the tracking server, or “tracker”. You can read much more about Bittorrent at Wikipedia, if you really want to understand how it works.

Revision3 runs a tracker expressly designed to coordinate the sharing and downloading of our shows. It’s a completely legitimate business practice, similar to how ESPN puts out a guide that tells viewers how to tune into its network on DirecTV, Dish, Comcast and Time Warner, or a mall might publish a map of its stores.

But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?

Along with where it’s bound, every internet packet has a return address. Often, particularly in cases like this, it’s forged – or spoofed. But interestingly enough, whoever was sending these SYN packets wasn’t shy. Far from it: it’s as if they wanted us to know who they were.

A bit of address translation, and we’d discovered our nemesis. But instead of some shadowy underground criminal syndicate, the packets were coming from right in our home state of California. In fact, we traced the vast majority of those packets to a public company called Artistdirect (ARTD.OB). Once we were able to get their internet provider on the line, they verified that yes, indeed, that internet address belonged to a subsidiary of Artist Direct, called MediaDefender.

Now why would MediaDefender be trying to put Revision3 out of business? Heck, we’re one of the biggest defenders of media around. So I stopped by their website and found that MediaDefender provides “anti-piracy solutions in the emerging Internet-Piracy-Prevention industry.” The company aims to “stop the spread of illegally traded copyrighted material over the internet and peer-to-peer networks.” Hmm. We use the internet and peer-to-peer networks to accelerate the spread of legally traded materials that we own. That’s sort of directly opposite to what Media Defender is supposed to be doing.

Who pays MediaDefender to disrupt peer to peer networks? I don’t know who’s ponying up today, but in the past their clients have included Sony, Universal Music, and the central industry groups for both music and movies – the RIAA and MPAA. According to an article by Ars Technica, the company uses “its array of 2,000 servers and a 9GBps dedicated connection to propagate fake files and launch denial of service attacks against distributors.” Another Ars Technica story claims that MediaDefender used a similar denial of service attack to bring down a group critical of its actions.

Hmm. Now this could have been just a huge misunderstanding. Someone could have incorrectly configured a server on Friday, and left it to flood us mercilessly with SYN packets over the long Memorial Day weekend. If so, luckily it was pointed at us, and not, say, at the intensive care unit at Northwest Hospital and Medical Center But Occam’s razor leads to an entirely different conclusion.

So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, Vice President of Operations at Media Defender.

First, they willingly admitted to abusing Revision3’s network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only – to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.

Second, and here’s where the chain of events come into focus, although not the motive. We’d noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender’s servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of “Hi”s brought down our network.

Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.

“Media Defender did not do anything specific, targeted at Revision3″, claims Grodsky. “We didn’t do anything to increase the traffic” – beyond what they’d normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender’s back-door access to the server, “traffic piled up (to Revision3 from MediaDefender servers because) it didn’t get any acknowledgment back.”

Putting aside the company’s outrageous use of our servers for their own profit, and the large difference between one connection every three hours and 8,000 packets a second, I’m still left to wonder why they didn’t just tell us our basement window was unlocked. A quick call or email and we’d have locked it up tighter than a drum.

It’s as if McGruff the Crime Dog snuck into our basement, enlisted an army of cellar rats to eat up all of our cheese, and then burned the house down when we finally locked him out – instead of just knocking on the front door to tell us the window was open.

In the end, here’s what I know:

• A torrential flood of SYN packets rained down on Revision3’s network over Memorial Day weekend.
• Those packets – up to 8,000 a second – came primarily from computers controlled by MediaDefender, who is in the business of shutting down illegal torrent sites.
• Revision3 suffered measurable harm to its business due to that flood of packets, as the attacks on our legitimate and legal Torrent Tracking server spilled over into our entire internet infrastructure. Thus we were unable to serve videos and advertising through much of the weekend, and into Tuesday – and even our internal email servers were brought down.
• Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act.

Although I can only guess, here’s what I think really happened. Media Defender was abusing one of Revision3’s servers for their own purposes – quite without our approval. When we closed off their backdoor access, MediaDefender’s servers freaked out, and went into attack mode – much like how a petulant toddler will throw an epic tantrum if you take away an ill-gotten Oreo.

That tantrum threw upwards of 8,000 SYN packets a second at our servers. And that was enough to bring down both our public facing site, our RSS server, and even our internal corporate email – basically the entire Revision3 business. Smashing the cookie jar, as it were, so that no one else could have any Oreos either.

Was it malicious? Intentional? Negligent? Spoofed? I can’t say. But what I do know is that the FBI is looking into the matter – and it’s far more serious than toddlers squabbling over broken toys and lost cookies.

MediaDefender claims that they have taken steps to ensure this won’t happen again. “We’ve added a policy that will investigate open public trackers to see if they are associated with other companies”, promised Grodsky, “and first will make a communication that says, hey are you aware of this.”

In the end, I don’t think Media Defender deliberately targeted Revision3 specifically. However, the company has a history of using their servers to, as Ars Technica said, “launch denial of service attacks against distributors.” They saw us as a “distributor” – even though we were using Bittorrent for legitimate reasons. Once we shut them out, their vast network of servers were automatically programmed to implement a scorched earth policy, and shut us down in turn. The long Memorial Day weekend holiday made it impossible for us to contact either Media Defender or their ISP, which only exacerbated the problem.

All I want, for Revision3, is to get our weekend back – both the countless hours spent by our heroic tech staff attempting to unravel the mess, and the revenue, traffic and entertainment that we didn’t deliver.

If it can happen to Revision3, it could happen to your business too. We’re simply in the business of delivering entertainment and information – that’s not life or death stuff. But what if MediaDefender discovers a tracker inside a hospital, fire department or 911 center? If it happened to us, it could happen to them too. In my opinion, Media Defender practices risky business, and needs to overhaul how it operates. Because in this country, as far as I know, we’re still innocent until proven guilty – not drawn, quartered and executed simply because someone thinks you’re an outlaw.

- Jim Louderback
CEO - Revision3

UPDATE
We’ve received several requests for some technical data to illustrate the specifics of the attack. So we’ve provided a text file with some more “under the hood” data.

This file represents every packet we identified as being part of the DoS for a period of time less than .02 *seconds* on Monday morning. If you count, there’s a total of 96 packets. (We removed 12 legitimate packets from the trace). We used a combination of tcpdump and wireshark to gather this information. (this particular trace is from tcpdump)

View the text file: rev3packettrace.txt

Attention New Yorkers! Do you like the Internet? Do you like Diggnation? Then on June 4th, you’ve GOT to be at the live Diggnation show in New York City. It’s Internet Week in New York City (one of our fave cities) and we figured, how better to participate than to bring Kevin Rose and Alex Albrecht to New York to finally tape an episode in front of a New York audience!?

But we didn’t stop there, as if Kevin and Alex wasn’t enough, Brian Brushwood, host of the smash hit Scam School will be there to shock and amaze, and make fools of a couple of people with his dazzling array of bar tricks. See if you can stand toe to toe with the king of the scam. Plus, DJ Bears and Bears Repeating will be performing as well for all you music fans.

This event will also be serving as the Digg Meet-up. Digg CEO Jay Adelson will be in attendance along with founder Kevin Rose and a few others from the Digg crew and community.

Here are the details:
When:
Wednesday, June 4 - 6:00 p.m. EST

Where:
Studio B
259 Banker Street
Between Meserole Ave. & Calyer St.
Brooklyn, New York

Google Map:

Let us know you’re coming: Meetup

Directions from Manhattan:
BY SUBWAY: Take the Brooklyn-bound L train to Bedford Avenue (1st stop into Brooklyn); Exit subway near the intersection of N 7th St and Bedford Ave; head North on Bedford Ave past N 8th St; Turn left onto N 12th St; Turn right onto Berry St; Turn right onto Nassau Ave; Turn left onto Banker St; Total travel: 30 mins;

BY CAR: FROM WILLIAMSBURG BRIDGE: Take Williamsburg Bridge (inside lanes) to BQE (BROOKLYN QUEENS EXPY/I-278 E) (0.5 mi); Take the Humboldt St. exit (Exit 33) toward McGuinness Blvd (0.1 mi); Turn LEFT onto HUMBOLDT ST.; Stay STRAIGHT to go onto MCGUINNESS BLVD S. (0.6 mi); Turn LEFT onto MESEROLE AVE. (0.3 mi); Turn RIGHT onto BANKER ST. (0.0 mi); End at 259 Banker St Brooklyn, NY 11222-2601; Estimated Time: 14 minutes/Estimated Distance: 4.57 miles;

BY CAR: FROM MIDTOWN TUNNEL: Take Midtown Tunnel to I-495 E (Portions toll) (1.5 mi); Take the BORDEN AVE./ PULASKI BR. exit.; Turn RIGHT onto BORDEN AVE. (0.1 mi); Turn RIGHT onto VERNON BLVD.; Turn SLIGHT RIGHT onto JACKSON AVE/ NY-25A E. (0.2 mi); Turn RIGHT onto 11TH ST/ PULASKI BRIDGE. Continue to follow PULASKI BRIDGE. (0.6 mi); PULASKI BRIDGE becomes MCGUINNESS BLVD. (0.4 mi); Turn RIGHT onto MESEROLE AVE. (0.3 mi); Turn RIGHT onto BANKER ST.; End at 259 Banker St Brooklyn, NY 11222-2601; Estimated Time: 13 minutes/Estimated Distance: 4.84 miles

Official Flyer:

Ever since we launched the mobile version of Revision3 over at m.revision3.com, we’ve gotten a lot of feedback from our users about how great it is to watch Revision3 content when they’re away from their computers. Our partners at Transpera informed us that for users of Verizon Wireless, specifically the Verizon Voyager, it’s even easier now to watch Revision3.

Now, Voyager users simply have to open their web browser, choose VIDEO and then Revision3 is available as a video option. This is a great improvement for accessibility and getting right to Revision3 when you want to. We’ve got pics below of the Voyager in the wild, pulling up your favorite new Revision3 show, popSiren

I’m sure many of you out there don’t have the Voyager. If you are a customer of Verizon Wireless, you can expect to see Revision3 getting more and more accessible to other handsets down the road. If this is something you want on your phone, let Verizon know!

And for you iPhone loyalists, you’ll be please to see that Apple now recognizes Revision3 Mobile as a Web App availble for your iPhone. The Mobile revolution is nigh and Revision3 is right at the front lines! Hope this makes your commute a little more bearable!