dimanche 19 mars 2017

Intelligence, an adventure of complexity

This article is a reflection on "Intelligence" development through its history which I try to project into the future. It is inspired to a large extent by the exceptional geneticist, philosopher and humanist Albert Jacquard, in a context of Artificial Intelligence (AI) rise and an extremely sick society (inequality, neo-fascism, terrorism..).

Intelligence is evolving complexity. Complexity is when simple elements interact with each other, and surprise you with the outcome. According to Wikipedia, Complex is composed of the Latin words com (meaning: "together") and plex (meaning: woven) characterizing a system with many parts where those parts interact with each other in multiple ways, culminating in a higher order of emergence greater than the sum of its parts. If you take two inanimate Silex stones, and you scrub them together, they produce sparks!

In the first phase of complexity evolution, a long period of 13,8 billion years, hazard (i.e. randomness) is the king. The word Hazard is derived from Andalusian Arabic Azahr, which means dice.
  • After the Big Bang, quantic perturbations created some irregularities in the big homogeneous soup that was our baby universe.
  • With the help of four fundamental forces (gravitation, weak, electromagnetic, strong) more and more complex structures were emerging: neutrons and protons, then atoms like helium and carbon, then molecules, then stars and planets.
  • One of these planets, the earth appeared 4.5 billion years ago and it was quite special because it had ocean and atmosphere, two protecting layers from dangerous and fatal cosmic rays. These layers preserved emerging complexity on earth from rapid destruction, and prepared them for next evolution.
  • 500 million years later, an amazing thing happened. The appearance of DNA molecules codified genetic information and gave it the possibility of duplicating itself, or as we now say, creating a backup of its data! That preserved it for next complexity evolution: formation of cells and bacteria, the first form of life. 
  • Another revolution happened 900 million years ago, which was sexual procreation instead of replication. In this paradigm, 2 genetic pools are mixed to produce a completely new and unique organism, instead of just replicating the same existing genome.
  • The last decisive natural hazard was a deformation in primate brain that happened a couple of million years ago. Indeed, a kind of hypertrophy that exploded the number of neurons up to 100 billion!!
With that last master piece of natural selection and randomness, the universe gave us the physical potential to go even beyond. Nevertheless, that "beyond" was from now on in the hands of humans, not nature anymore.

Some anthropologists say that the first step of moving out from animal state was when our ancestors got rid of jealousy. In fact, less male competition during mating seasons gave more place for group solidarity which is more robust against the uncertainty of nature. We are now ready for the next level of complexity: Society. Society is the crucial factory that transform our physical potential to a human being by developing our conscious. Thanks to other's "you" when addressing me, I become an "I", I become aware of my own existence, and that changes everything. Another important achievement of society is transmitting knowledge representation, in other words preserving acquired complexity, the same as DNA did to our genetic information. From that moment human never stopped conscious conquest of more and more knowledge, explore new fields, ask new questions, and control nature.

What is the next step in the adventure of complexity? All eyes are now fixed on Artificial Intelligence. I recommend reading this article series for an excellent introduction to AI. In a nutshell, AI mimics human brain by creating software-based meshed neurons (Neural Network) that trigger an output according to the input. For example the input is an image, and the output is 1 if it's an image of a bird, and 0 otherwise. In order to have an intelligent Neural Network, we need to train it, i.e. give it thousands of images and make sure it adapts itself until it makes the correct bird identification. Neural Network creates knowledge representation through training.

AI, NN are all old concepts to some extent, but gained a lot of traction recently thanks to cloud computing and big data. Indeed, training a NN requires a lot of computing power, and a huge amount of organized data. Today, our brain has 10 000 more computational power than the biggest known NN, and is very efficient energetically. With our abstract though, we don't need big data to learn, a couple of bird images are enough to identify the concept of a bird. It is the result of billions of years of training:
  • Visual perception: 540 million years of data
  • Bipedal movement: 230 million years of data
  • Abstract thought: 100 thousand years of data
AI is an important breakthrough for humanity in its relation with intelligence and complexity, though big questions are yet to be answered. One of them is about machines becoming conscious of them selves, just like what happened to us.
For me the next step of complexity is elsewhere. It's the common intelligence, the "com" (together) in complexity. Even though humanity made exponential progress, but it sill fails major challenges such as stopping wars, financial crisis, famine... The most flagrant one is climate change, which threaten our whole existence, but we are rushing into the tragedy just like the novel "Chronicle of a Death Foretold" of Marquez. Like homo became conscious of itself, we humans we must become conscious of "ourselves" as a whole and be masters of our destiny. On this idea Jesus Christ and Karl Marx agreed together:  "When you are united, I  (the superhuman) will be among you" - JC, "We do not find the essence of humanity in each human, but in the human community."- KM. The revolutions of the last centuries are somehow this next level of complexity trying to emerge.

jeudi 2 mars 2017

Video streaming security

How can I protect my OTT platform from attacks? how can I stop bad people from stealing my content and monetizing it instead of me? Any OTT actor should be having these questions on video streaming security. In this post, I will share some answers from delivery (CDN) perspective, by building on my customers experiences. Video streaming security is tackled with respect to OTT platform & content components.

Typically, the OTT platform (origin) sits behind a CDN. As a result, bad actors will either attack the origin through the CDN or completely bypass it and attack the origin directly. I suggest the following solutions and best practices to enhance your platform security:
  • Isolate the origin on a separate infrastructure from other services, like email server for example.
  • Avoid using easy-to-discover FQDN of the origin (such as my-origin.ottdomain.tv) and do not expose it publicly (better use a completely different domain name).
  • Whitelist on your firewall (a cloud-based firewall is even better) solely CDN IP ranges. Most CDNs can ensure that origin fill is done through a predefined IP range.
  • Use CDN parent cache in order to reduce traffic back to the origin. In certain cases, when an asset has a very distributed audience, all CDN edge servers will go back to the origin to fill, which might bring it down like a DDoS attack!
  • Use CDN based geoblocking in order to block traffic from countries where you do not have audience. For exemple, if not operating in Latin America, you would better block this region because it has a considerable DDoS botnet concentration.
  • Understand how your CDN is capable of mitigating DDoS layer 3/4/7 attacks.
  • Implement restrictions on CDN: block HTTP POST requests if not used, ignore query strings that are not part of your normal usage.

I've got a lot of cases where customers have suffered from having their content appearing on third party websites and thus loosing potential revenues. The following solutions can help protecting against content theft:
  • Apply simple HTTP best practices on CDN like enforcing cross origin policy, and blocking requests based on Referrer header.
  • Authenticate streams on CDN by using cookie based (pay attention to cookies device compatibility and acceptable legal framework) or path based token authentication.
  • Add DRM protection to video workflow. This is the ultimate solution but comes with cost and complexity drawbacks since the DRM industry is still very fragmented and not standardized. Make sure that your CDN is compatible with the chosen DRM technology (for exemple Widevine’s WVM format requires that the CDN supports byte range requests).
  • Use TLS for video delivery in order to reduce the risk of a third party sniffing  your content on clear unencrypted channels. Make sure that your CDN is up to date in regards to the latest TLS security and best practices (secure cipher suits, OSCP-stapling, keep alive, false start...).
  • Contact CDN & IP providers of  websites which are stealing your content in order to block illegal content and dissuade them from continuing theft practices.

One last advice, common to platform and content security, is monitoring CDN logs and building some relevant security oriented analytics around it to have better insights on your streaming and take actions quickly to mitigate any abnormal behavior.