Behind the Revision3 attacks Video
Behind the Revision3 attacks Video Transcript
[ Music ] ^M00:00:03 [ Background Music ]
>> Hey there! I'm Kara Tsuboi, CNET News.com. I'm joined by Jim Lauderback, CEO of Revision 3, who over the Memorial Day weekend unfortunately, site went down. You guys got hacked.
>> Well, you know, we had a little bit of a problem. We weren't necessarily hacked. Well, what happened is we had a flood of packets delivered to our devices that sit on the outside of the network, and they basically went down because they got too many of them. So to us--it kinda looked like a Denial-of-Service attack.
>> And I guess we can't really call it hacking because there's a lot of legality that goes with using that word.
>> Well, to me, hacking is when you sneak into a system and kind of change it around and do that. Denial of Service is a little bit different. It's more like just tossing things at somebody so quickly that they can't keep up.
>> And do you know who did this?
>> Well, yeah. We traced the IP addresses that, you know, any packet on the internet has sort of where it's going, the address, and where it came from. Most of them, 90 percent of these things came from a company called Media Defender.
>> And where are they based?
>> They are based in L.A.
>> And they have some big-named clients.
>> Well, I don't know who their client list is right now, but in the past, they work with the RIAA, the MPAA, Warner Brothers and various--So their job--what they're in business to do is to help protect people who own copyrighted content on the internet and they do this in large part by spoofing torrent networks. So--and you know, I have no problem with their business and the way they do it. I think trying to protect people who own copyrights is an admirable thing. What they did was they worked through the Torrent server that we have to put their spoof stuff out there. Once we locked it down, their servers freaked out and started sending all these packets at us and that brought us down.
>> So they're saying that, yes, they did do it but they did not intend to shut you guys down.
>> Right, and that they said that they didn't really send a flood of packets to us, that it was just a couple here and there, but we've got the proof and we just posted less than 0.2 seconds of what happened over that time period and there are over 100 packets coming from their servers, and that's, you know, less than 0.2 seconds. That's like 5000 a second.
>> What's the legality of this? Where--what does they--where do they fall as far as right or wrong?
>> You know, I'm not a lawyer, I'm not a cop. First of all, it's kind of unethical to use our servers for that. I mean, we would love if they had just said, "Hey, guess what? Your server is open. There is a potential that people can use it as a way to create indices to copyright the stuff that's being traded illegally. You ought to shut it down!" We would have done it in a minute. So first of all, I cannot take offense to that, like tell us. Please tell us. But, once we actually did, you know, the appropriate thing and shut it down and create--it's only our files could be accessible through it, don't start throwing packets at us because there's a problem.
>> So what kind of recourse do you have? Where are you taking this next?
>> You know, there's not really that much when you think of what, I mean I could send them a bill which I'd probably will. They're certainly, you know--were they malicious? I don't think you can say that. I mean, I did contact the FBI before we knew what was really going on and they'll probably look into it. There really isn't that much recourse for us. There's a big difference between new media and old media. In the new media world, we use things like we believe that media, that our viewers wanna be able to use it and do it, watch it anyway they want, that it's open, that--that it's in their control. We don't have DRM. We set it free. We use the creative comments license. We don't like to call it open-source TV.
>> Sure.
>> We set it out there and they can watch it anywhere, anytime, any device, any service. Old media believes that they wanna control the experience in a walled garden with DRM so you only watch it here, and basically, what we see here is kind of this clash between new media which is "the viewer is in charge" and old media which is "the people who created are in charge" and this is just an example of a company, I believe, that's designed to protect old media, not even realizing that these things can be used for legit purposes for new media to create the new world with the way the people consume content. And you know, when I look back at it, you know, and you know, after I get over the angst of this weekend we had, and it's like I can't believe they took our company down. It's that--it's just those one of those battles. Just like the writers' strike was with, you know, the new media content, all these. This is another one of those battles over what's gonna be a wrenching 10-year change between--as we move from this sort of rigid old media models to the new world of anywhere, anytime, any device, any service and putting the viewer in charge. If you are in the business out there of trying try to defend existing copyrights and you're doing it by trying to tweak or take advantage of loopholes in existing networks, check your programming to make sure that when something changes, you're not affecting a legitimate business.
>> Yeah.
>> 'Cause that's what happened to us and, you know, we lost 3 days.
>> Wow! Yeah. I mean, this is really like you said the fringe of the new media. We've got to get some things figured out, you know, so this doesn't continue to happen to small businesses or businesses with the heart in the right place.
>> Exactly.
>> Yeah. Well, Jim. Thank you very much.
>> Sure. Thank you.
>> I hope the--I hope the site stays open.
>> Oh! It's better now. We took care of it.
>> Okay. Whew!
>> Well then the cool thing is this that, you know, I mean, it happens at the beginning of the Memorial Day weekend. We couldn't reach anybody at their ISP. We couldn't reach anybody at the company. By the time we did get to them on Tuesday, when they finally picked up their phone, they basically were like, "Oh!" you know, they were shocked and they stopped it. So, you know, an hour--an hour and a half later, it was done but the damage was done. The damage was done, so yes, they responded as soon as we told them, but we shouldn't have had to do that to begin with?
>> In the first place.
>> Yes.
>> Absolutely. Thanks.
>> Sure.
>> Good luck. Kara Tsuboi, CNET News.com. ^M00:05:30 [ Music ]
Over the Memorial Day weekend, popular Internet video site Revision3 crashed due to a flood of decoy traffic to its servers. CNET News.com's Kara Tsuboi sits down with Revision3 CEO Jim Louderback, who talks about who was responsible for the denial-of-service attacks and why, and how "old" media and "new" media are going to have to learn to get along.
