Twitch Data Breach Makes Another Case For Real-Time Streaming Independence


As the costs of relying on big hacker-infested streaming platforms grow ever steeper, providers of live-streamed video services are finding they have more reason than ever to operate over their own infrastructures. The urgency of the situation flashed bright red with recent revelations that Amazon’s Twitch had suffered a massive data breach that could severely… Continue reading Twitch Data Breach Makes Another Case For Real-Time Streaming Independence

As the costs of relying on big hacker-infested streaming platforms grow ever steeper, providers of live-streamed video services are finding they have more reason than ever to operate over their own infrastructures.

The urgency of the situation flashed bright red with recent revelations that Amazon’s Twitch had suffered a massive data breach that could severely damage operations for some time to come. According to press reports, the 125-gigabyte trove of stolen Twitch data included codes bearing on security, software development and device configurations, information related to individual streamers’ income, and much else.

While, as reported by The Verge, the leakers claimed their goal was merely to “foster more disruption and competition in the online video streaming space,” they’ve opened a malignant Pandora’s Box that Twitch will be hard-pressed to slam shut. In fact, they promised that the first data dump was just the beginning of what they had in store.

As a result, the leading supplier of streaming support for the online multiplayer game and esports markets now faces ongoing threats from hackers who can exploit what’s already been leaked to distribute malware, intercept user data, and restream stolen content. Future leaks could offer even more direct routes to acquiring financial and other information from users.

It was a stunning development, but not surprising.

An Expanding Set of Drawbacks to Reliance on Shared Infrastructures

Amid the intensifying onslaught of data theft, content piracy, malware attacks, and other types of cybercrimes across all segments of the online ecosystem, a consistent theme has been: the bigger the target, the greater the vulnerability. There are many reasons whoever hacked Twitch, not to mention much of the rest of the world, is decrying big tech dominance. But, for providers of live-streamed content, the attack itself was a stark reminder of the aspect of that dominance that poses the biggest immediate threat to their bottom lines.

It made sense in the early days of online video game playing to rely on Twitch and big competitors like YouTube Gaming and Facebook Gaming to supply low-latency streaming infrastructure for common use. And once those suppliers built huge audiences among gamers, they were the obvious conduits for game producers who wanted to enable those audiences to view esports competitions online.

But now it’s far easier and cheaper than it once was to instantiate a free-standing cloud-based streaming infrastructure. Doing so allows producers not only to operate with smaller hacker targets on their backs, but also to benefit from business models free of adherence to someone else’s rules of engagement.

As noted in a previous blog, esports producers have much to gain by avoiding revenue sharing, subscription limitations, and other policies imposed by third-party platform providers. Such policies, along with the ability to aggregate audiences for participation in chat rooms, accumulation of tokens for purchases across multiple streaming services, and other benefits have increasingly made those third-party providers competitors—as well as partners.

These issues apply not only to the surging esports business, but also to the distribution of live sports, especially in niche categories from producers trying to reach younger audiences. Leading distribution platforms in this space include Facebook Live and YouTube Live, as well as Twitch.  And limits on business model flexibility apply to smaller. third-party platforms as well.

A Superior Alternative to Prominent Shared Infrastructures

In all cases, the benefits of independent network operations are especially strong when the reduction in hacking vulnerabilities dovetails with business strategies that take full advantage of interactive real-time connectivity provided by Red5 Pro’s Experience Delivery Network (XDN) platform.

As explained in this white paper and many blogs, multi-cloud XDN infrastructure not only eliminates the one-way, high-latency impediments imposed by traditional content delivery networks (CDNs). XDN does away with the scaling, quality, synchronization, and other functional hurdles live content producers encounter when they try to socialize viewing experiences by augmenting CDN distribution with reliance on third-party video conferencing or watch-party platforms.

Everything essential to enabling multidirectional live streaming in real time from primary sources and any number of users is embodied in XDN architecture. The multi-cloud platform

supports streaming in any direction at any distance with end-to-end latencies no greater than 400ms. Lower latencies at 50ms or below are attained in instances where usage is limited to a small geographic area or the applications running on the XDN rely on 5G connectivity to users, as occurs in the tie-ins between XDN infrastructure and 5G as described in this blog.

Providers of live-streamed video have ample reasons to take advantage of XDN architecture just on the merits of these performance capabilities. But, if they need another reason, certainly independence from the vulnerabilities of relying on big suppliers of aggregated streaming infrastructure fills the bill.

Confronting the Growing Impact of a Piracy-Friendly Environment

Where security is concerned, the benefits that come with independence from high-profile distribution platforms are as significant to esports producers as they are to traditional sports and other event producers. That applies not only to the avoidance of hacks against high-value targets like Twitch, but also to lowering vulnerabilities to content theft, which is shaping up to be as consequential for esports as it has for traditional sports.

Ampere Analysis calculates illegal sports streaming worldwide is costing online sports producers and distributors $5.4 billion annually. Now, with the global esports audience estimated by Juniper Research to have reached 800 million—on its way to topping one billion by 2024, pirates have an opportunity to draw another big revenue stream from the huge pool of consumers who habitually use illicit websites, apps, and devices to view stolen content.

In the U.S., 20% of broadband households use a piracy device, app, or website, according to Parks Associates. A 10-country survey of over 6,000 sports fans conducted by Ampere found that over 51% are watching content from pirate services at least once a month.

The problem for any live-streamed content provider relying on mass aggregation platforms isn’t just related to their prominence as inviting targets for pirates and hackers. They also play a major role in normalizing illicit viewing by serving as streaming platforms for thieves.

Wired, in a story proclaiming “Twitch Has Become a Haven for Live Sports Piracy,” cited several documented instances of illicit restreaming of high-profile sports events on the platform’s channels. For example, three channels streaming a FIFA World Cup match in December 2019 were in the top ten of the most viewed Twitch channels that day.

Twitch, of course, is not alone. YouTube, Facebook, and smaller but influential social media platforms like Discord figure predominantly in fostering a cultural climate for piracy. One study conducted for an unnamed major esports producer uncovered nearly 400 channels that were streaming one of its events on platforms like Twitch, Facebook, and YouTube.

Leveraging tools supplied by the distribution platforms, pirates are able to deliver a user experience comparable to legal streaming services. They can organize the content into multi-language presentations and offer many of the same features available from legitimate sources. For example, as Wired reported, some of the illicit services on Twitch offer live chats that utilize the Twitch chats code.

Piracy also benefits from ad hoc marketing assistance when regular users of their services pass out links to illicit services through these aggregation platforms’ social media outlets. Wired noted that users on Discord’s gaming chat site “distribute links to soccer livestreams like handfuls of pigeon feed at the park.”

In a survey of 2,700 consumers in the 18-24 age bracket, creative services agency Anatomy Media found that two thirds of the 70% who access pirated content think such activity is legal. As the agency’s report noted, “There is nothing to distinguish a pirate site from a legitimate content aggregator or to signal to the user that they are participating in something illegal,”

Superior Performance Benefits Are Intrinsic to XDN Architecture

There’s no better way to get free of this toxic atmosphere than through implementation of an independent distribution infrastructure based on XDN technology. The platform achieves the real-time interactive streaming and scalability parameters noted earlier with fail-safe redundancy through automated orchestration of hierarchies of Origin, Relay, and Edge Nodes in one or more cloud clusters.

XDN architecture makes use of the Real-Time Transport Protocol (RTP) as the foundation for interactive streaming via WebRTC (Real-Time Communications) and Real-Time Streaming Protocol (RTSP). In most cases, WebRTC is the preferred option for streaming on the XDN platform by virtue of its support by all the major browsers, which eliminates the need for device plug-ins.

There are also other options for receiving and transmitting video in real time when devices are not utilizing any of these browsers. RTSP, often the preferred option when mobile devices are targeted, can be activated through Red5 Pro iOS and Android SDKs. And video can be ingested onto the XDN platform in other formats as well, including Real-Time Messaging Protocol (RTMP), Secure Reliable Transport (SRT) and MPEG-Transport Protocol (TS). The XDN retains these encapsulations while relying on RTP as the underlying real-time transport mechanism.

The XDN platform also provides full support for the multi-profile transcodes used with ABR streaming by utilizing intelligent Edge Node interactions with client devices to deliver content in the profiles appropriate to each user. And to ensure ubiquitous connectivity for every XDN use case, the platform supports content delivery in HTTP Live Streaming (HLS) mode as a fallback. In the rare instances where devices can’t be engaged via any of the other XDN-supported protocols, they will still be able to render the streamed content, albeit with the multi-second latencies that typify HTTP-based streaming.

XDN Nodes can be deployed on multiple cloud infrastructure-as-a-service (IaaS) platforms. This can be done by leveraging pre-integrations with major suppliers like AWS, Google Cloud, Microsoft Azure, and DigitalOcean, or through integrations with many other IaaS platforms enabled by Red5 Pro’s use of the Terraform multi-cloud toolset.

A Robust, Cost-Effective Alternative to DRMs

Of course, independence from high-profile hacker targets like Twitch doesn’t obviate the need to take protection measures against pirates and hackers. But in standalone mode, live-streamed content providers can decide for themselves how to go about implementing such protections.

This is an especially important advantage when it comes to protecting against theft on the XDN platform. For example, providers of live-streamed content can attain the full scope of protection afforded by advanced third-party digital rights management (DRM) platforms without incurring the costs of engaging with those platforms.

In some cases, it may be impossible to avoid use of those DRM systems in light of requirements set by license holders, although license holders willing to adjust policies on the merits would find no reason not to accept the alternative mode of protection available at no cost with use of XDN infrastructure. Moreover, distributors of sports, esports, and other live content are often the license holders and, therefore, are free to take the lower-cost approach.

Ironclad, advanced DRM-caliber encryption security is automatically implemented with XDN streaming through application of the Secure Real-Time Transport Protocol (SRTP), which, as the name implies, is a mandated specification in the RTP protocol stack and its WebRTC and RTSP offshoots. In addition, SRTP is the native payload protection mechanism used with SRT and so automatically comes into play when Red5 Pro origin servers ingest SRT formatted content for streaming to SRT-enabled clients.

As described in this blog, SRTP, using Advanced Encryption Standard (AES) 128 protection, applies security mechanisms comparable or superior to high-end DRM systems to all communications, media, and data payloads. The Red5 Pro SDKs relieve users of all the complexities attending signaling and other steps related to setting up SRTP protection. In addition, Red5 Pro’s RoundTrip Authentication validator, through implementation of server-to-server validation mechanisms, automates authentication of all participants in restricted sessions with no discernable impact on latency.

Watermarking Optimized for Real-Time Streaming

Encryption protection is vital, but not always enough. Increasingly, the battle against theft of live-streamed content requires implementation of forensic watermarking.

This is another area where XDN security benefits come into play. As explained in this blog, XDN Edge Nodes are intelligent points of execution in real-time streaming that can be used to support approaches to watermarking that overcome the latency-inducing complexities of other approaches.

Watermarking modes, initially mandated as an added layer of protection for new movie releases formatted for on-demand distribution in 4K UHD, weren’t designed to accommodate efforts to thwart the billion-dollar business that has grown up around live-streamed content theft. The issue relates to how fast watermarks associated with stolen content can be extracted and examined to establish the identity of a piracy source.

If a perpetrator can’t be identified and measures taken to disrupt the flow of a live sports or esports event early enough to seriously impact the user experience, there’s little to discourage viewers from repeated reliance on illicit sources, even if a specific source is finally identified and targeted for follow-up action. As things stand today, there are significant drawbacks to both server-side and client-side watermarking solutions, including newer ones designed for combatting live content piracy.

Upgraded server-side platforms using the A/B method of watermarking still incur untenable delays in watermark extractions, and they add to streaming latency and costs by utilizing server resources to create two versions of marked content. Even the fastest server-side injection processes add in the neighborhood of five seconds to end-to-end latency, and extraction can take several minutes.

Client-side solutions lead to faster results with extraction processes that can be performed in a minute or so, and they don’t contribute to latency. But they depend on instantiation at the hardware level or use of client plug-ins. And for many license holders, the client-side approach is not secure enough, because the accessibility of client-based code to skillful hackers, no matter how vigorously the code is protected, is perceived as too great a vulnerability.

The best of all worlds for providers who would rather not resort to client-side watermarking to enhance live content security would be a solution that leverages the edge intelligence and user-specific distribution techniques of the XDN. By eliminating the two-server A/B marking process and maintaining real-time streaming latency parameters, this forthcoming approach to watermarking will provide a security benefit for live streaming over XDN infrastructure that can’t be found anywhere else.


Providers of high-value live-streamed video content have reached a moment of decision where the security downsides of reliance on big third-party distribution platforms far outweigh the upsides that once made them the logical choice for a fledgling live streaming market. With the superior performance capabilities of XDN infrastructure now at hand, service providers no longer have to endure those intensifying downsides to reach their audiences.

They can accommodate any use case at any scale and distance in real time. And they can do it with the greater security that results from operating independently on a platform that offers much better approaches to protecting content. To learn more about the benefits of operating on XDN infrastructure, contact or schedule a call.