Stories
Slash Boxes
Comments

SoylentNews is people

Netflix to Roll Out HTTPS on Video Streams

posted by martyb on Sunday April 19 2015, @02:19PM   Printer-friendly
from the when-does-a-video-stream-become-a-river? dept.

kadal writes:

Ars Technica reports that Netflix is about to encrypt all its video streams with HTTPS. The feature will be rolled out in the coming year. This comes after one failed attempt six months ago.

Netflix's entry into the HTTPS party comes as privacy and security advocates are calling on all websites to encrypt all their traffic. The rationale behind the request is that continuous and complete HTTPS protection thwarts state-sponsored attacks that countries like the US and China launch from the Internet backbone. Web encryption is also useful against man-in-the-middle attacks that hijack huge chunks of Internet traffic. In both cases, HTTPS prevents the attacker from surreptitiously injecting malicious packets into the targeted data stream.

According to El Reg, this change will increase costs considerably for Netflix:

Netflix has battled with the overheads HTTPS incurs; Watson estimated a capacity hit between 30 to 53 percent thanks to encryption computational overheads and a lack of optimisations to avoid data copies to and from user space.

Such a hit would cost Netflix potentially hundreds of millions of dollars a year.

Tweaks could cut that overhead by a third while speculative advancements in the next several years could crush it by up to 80 percent.

Do we really need encrypted video streams?

 
This discussion has been archived. No new comments can be posted.
Netflix to Roll Out HTTPS on Video Streams | Log In/Create an Account | Top | 50 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by tempest on Monday April 20 2015, @02:23PM

    by tempest (3050) on Monday April 20 2015, @02:23PM (#173129)

    In TLS1.2 we're basically down to Camellia and AES (forgetting Ghost and Koren oddballs). Chacha20 would probably be the best option considering the range of devices connecting (Roku/PS3/phones/TV embedded/etc) which don't have AES acceleration, but is still in the process of being adapted. I think they'll be using special hardware for acceleration regardless.

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 3, Informative) by frojack on Monday April 20 2015, @09:49PM

    by frojack (1554) on Monday April 20 2015, @09:49PM (#173298) Journal

    That fits with what I was remembering.

    You might start with AES-128 or something for session initiation, but once you start a data stream you quickly switch to some more efficient cipher to handle the speed.

    --
    No, you are mistaken. I've always had this sig.