Network Attack Resolved

Chinese attempt at brute force attack foiled.

On Saturday November 11th, 2018 at 04:30 EST SoniXCast was contacted by the United States Federal Bureau of Investigation that there was a brute force attack occurring on the SoniXCast edge network that serves US government systems. Within a short period of time the attack expanded to other SoniXCast networks in Canada and Europe that serve federal and commercial services including retail branch services.

The attack was mounted from the US.

The attack was mounted from 3 separate US location from Virtual Private Servers located in Atlanta Georgia, Dallas Texas and San Francisco California. Payment came from an offshore financial services company known to be associated with Chinese Intelligence Services. The attack was in form of a bot that would attempt multiple password variations in order to gain root access to a system. By evaluating TCP headers, technicians were able to backtrack connections to a server in Taiwan China.

The Resolution

SoniXCast emergency attack protocol was immediately implemented which confuses most modern network attacks. However, the protocol also confuses customer systems so some minimal downtime was experienced. There seems to have been a timeout associated with the attack script so that when the requested ip-address and port was no longer available, the bot gave up and moved on to another system which minimized downtime overall.

SoniXCast is cooperating with the US federal government and has contacted cyber attack units in countries where the attack on SoniXCast networks occured. Once a full report has been issued, the network team will evaluate and advise if further actions are necessary.

BB38 Update

BB38 has reached minimum thresholds.

The master server image for BB38.sonixcast.com has been moved to a new dedicated hardware primarily to allow for more resources for customers, but also to ensure for adequate resources are available for future customer sign-ups.

BB38 has been running in ‘hot-swap’ (switching between dedicated hardware) mode for the last 72 hours due to high loads and the decision has been made in order to eliminate any possible downtime to upgrade the backing hardware.

BB38 will run redundantly (all images running simultaneously) for the next 24 hours in order to allow adequate time for proper worldwide ip-address replication before taking the old images offline.

Customer Impact

IP-Addresses will change, however these changes will be reflected in our worldwide DNS and AnyCastIP nodes and no customer impact is expected. Customers are however encouraged to double check any file uploads made within the last 72 hours to ensure that they were properly replicated during the upgrade process.

More upgrades in the works

BB34.sonixcast.com and cc.sonixcast.com images are very close to reaching minimum resource allotment and will be similarly upgraded to new hardware over the next days or weeks. In each case an announcement will be made separately.

New SSL Relay Network

SoniXCast’s Relay Network now supports SSL (https)

For a while customers have been requesting SSL (https) support for the listen urls they give their listeners and for embedding on their secure websites and now we’re happy to announce that SSL support is finally here. Try it for yourself -> https://relay.sonixcast.com

Who needs SSL?

The https protocol is trusted by the internet community at large and bolsters the reputation of content providers. Hardly any serious provider (be it google.com or microsoft.com) would consider doing business without a secure connection to their website and more and more devices have begun requiring a secure (https) connection due to privacy concerns. Web browsers especially make it well known to the visitor whether the connection is secure or not and some security conscious listeners may actually move on if it is not. Therefore, it behoves all content providers (and radio stations) to offer SSL support on their website.

Those who already have SSL enabled will be able to eliminate the annoying ‘Mixed content types & security threats associated‘ message that usually is displayed when a unsecure link to their stream is embedded on their webpage. All-in-all offering SSL support will make your listeners trust you better and they will listen to your station longer.

The Challenge

SSL has been around for a while and is rich with configuration options. The challenge for us was to build a suite of profiles that would support as many devices and browsers as the less secure http protocol. The only practical way to achieve this was to test each device and browser type and generate logic that would enable or disable certain SSL features on a per device/browser basis. For example: Many older Java-based devices do not support TLS which is the defacto standard for smartphones. Or the browser application Internet Explorer 6 (IE6) (much more widespread as one would think) does not support encryption algorithms found in more modern browsers like FireFox or Chrome. Over 200 different devices and browsers have been tested and certified to date.

Now what do I do?

SSL (https) runs side-by-side with the http protocol, so there is nothing that you must do unless you want to. The Relay Network will continue to work as before. You just have the added option of using https instead of http in your listen urls if you like. End user devices and browsers will transparently handle the secure communication, so your listeners may not even notice the difference unless they are watching for it.

Performance and Scope

SSL is baked into just about everything, so theoretically there should be no performance difference between using http or https. There may be compatibility issues with older devices or browsers we have not yet certified where you might receive a security message, but with all the devices and browsers we’ve worked on, we think you will be hard pressed to find something that is not compatible.

Only AnyCastIP™ and the SoniXCast Media Server (SXMS) have been secured with SSL. The Redirect Network and direct stream access are as before unsecured. Read here for more information on the different types of networks that are offered to customers.

What is SSL?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys – a Private Key and a Public Key.

The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) – a data file also containing your details. You should then submit the CSR. During the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL. Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer’s web browser.

The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session. All SSL Certificates are issued to either companies or legally accountable individuals.

Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site’s SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL.

SoniXFM.com Released

SoniXFM.com is here…

SoniXFM™ has long been known as the radio aggregation and populization platform driving music services like Amazon, iTunes and Microsoft and more recently on devices like Roku, Playstation and XBox. But now music lovers can listen to their favorite radio at a click of a button on any device, anywhere in the world. Just visit SoniXFM.com! Developed and tested to work with every browser on almost every device, the new SoniXFM.com is the straightforward and intuitive way to find and tunein to high quality radio broadcasting.

Blazing Fast Search Engine

Search for any type of media content by keyword, genre, format even country at speeds found nowhere else. Our highly optimized search engine will scan through over 2 million unique content providers to find the content you want right now! See why the SoniXFM platform is so popular with music service providers and listeners alike.

Tunein in an Instant!

All streaming is proxied through AnyCastIP, the broadcasting network used by millions to listen to radio regardless of device or location at the same speed and high quality as listening at home. SoniXCast Broadcast Network (SBN) and BoomBox customers already use AnyCastIP, but now third party streaming content providers benefit from faster startup times and higher quality for their listeners worldwide as well.

Want to learn more?

SoniXFM has been around for a long time, but not always as a consumer product. Only recently has there been demand for a central website for listeners to go to and SoniXFM.com now answers that call. SoniXFM, like all SoniXCast products is under constant development in order to offer consumers and providers the best possible content and latest technologies. If you are interested in whitelabeling the SoniXFM aggregation services, contact support@sonixcast.com. If you are interested in reading more about SoniXFM and underlying technologies, visit the SoniXFM About page.

Database Connectivity Issue Resolved

On 8/22/18 we experienced an issue with the main database server which caused a few hours of downtime for all applications (SoniXCast, GML, GPP, CentovaCast…) which has now been permanently resolved.

The legacy system which maintained the main database server was experiencing intermittent network interface dropouts and we were in the process of moving all databases into the AWS (Amazon.com) cloud when the server just gave up completely.

It was all hands on deck to get the databases moved into the cloud and get all the applications working again. However now all databases are hosted on a high availability, multi-point redundant platform that will ensure that future issues with database connectivity can never occur.

No data was lost or compromised during the operation and we apologize to all for the inconvenience.

Updates to BoomBox, SoniXFM and CentovaCast

We are happy to announce the release of updates to BoomBox, SoniXFM and CentovaCast which address issues reported by customers and consumers. See the changelog below for detailed information:

BoomBox™ Radio Automation (RA)

  • Upgraded from 3.1 to 3.2
  • Complete rewrite of the core subsystem
  • Expanded monitoring to auto restart account services unless otherwise disabled
  • Introduction of enhanced media management and auditing
  • Re-introduction of the global music library (GML)
  • GeoTrend fixes and enhancements (Phase 1 of 3)
  • Listener Session fixes and enhancements (Phase 1 of 3)
  • Server and transcoder fixes and enhancements (Phase 2 of 4)
  • Nomenclature adjustments (Phase 3 of 6)
  • Numerous UI enhancements and fixes

SoniXFM™ Global Relay Network (GRN)

  • Added 14 additional nodes in South America, Asia and Oceana
  • NIST/GPS synchronization enhancements
  • European RDS integration released (Phase 1 of 2)
  • Embedded device (Roku, SmartTV…) fixes and enhancements
  • 44 additional AM/FM Channels added to the terrestrial radio program
  • Digital Satellite Radio (SirusXM, DirectTV, Hughes…) fixes and enhancements
  • DAB and DAB+ (Europe) fixes and enhancements

SoniXCast™ Global Popularization Platform (GPP)

  • Added Pandora, Slacker and Spotify platform support
  • ClearChannel (iHeartRadio) platform fixes and enhancements
  • iTunes, TuneIn, Nobex fixes and enhancements
  • Amazon, Live365 fixes and enhancements
  • Discontinued ShoutCast.com integration
  • Extended Xiph.org integration
  • Added Hindi, Basque and Farsi language support

CentovaCast

  • Installed ftp service on all slave systems (cc2x.sonixcast.com)
  • Upgraded the max file upload size to 500MiB
  • Amazon.com album lookup integration
  • Expanded DNS support for widgets and players
  • Numerous UI enhancements and fixes

Additional Information

Customers are encouraged to login to their respective control panels and verify that the patches applied resolve any reported issues.

The ShoutCast.com integration into the GPP has been discontinued as Radionomy has not granted SoniXCast API access despite repeated requests (No response from the support team). Customers must maintain their ShoutCast.com profile manually from now on.

SoniXFM™ Global Relay Network (GRN) and SoniXCast™ Global Popularization Platform (GPP) remain exclusively available to BoomBox Producers only.

Although initially planned, CentovaCast integration into the GPP and GRN has been put on hold indefinitely. CentovaCast has announced that a major update to their platform is in the works and it makes more sense to wait until it has been released and our systems have been upgraded before considering integration.

The majority of User Interface (UI) fixes and enhancements revolve around supporting individual browser idiosyncrasies and final integration of the Bootstrap 4 platform with full worldwide CDN integration.

The majority of stream and broadcast fixes and enhancements revolve around music metadata support for the individual platforms as the standards for such is not well-defined nor normalized.

The BoomBox Liquidsoap integration is ongoing and is, as before, slated for final release in version 3.5. However, updates have been made to the legacy transcoder which mirrors much of the basic functionality found in Liquidsoap, so that producers may become familiar with the system beforehand.

New Blog & Social Network Footprint

In the past our blog (sonixcast.com/blog) functioned as the central communication portal, however with the recent advent of integrated group collaboration tools, we’ve decided to shut down the SoniXCast community and move everything to Facebook and Google. The blog will now function (as it should) just as the central announcements, information and documentation portal for everything SoniXCast.

We are introducing two new focus groups where Producers, Customers and Consumers can collaborate:

Producers Forum

Membership only group where you can connect with other SoniXCast producers, exchange info and experiences, take part in discussions and help direct the future of Webcasting.

  • On Facebook: https://www.facebook.com/groups/SXProducers/
  • On Google: https://groups.google.com/d/forum/sxproducers

Premiere Support

Our membership only premier support groups are manned 24/7 by our support team. Important: Whenever posting a new technical issue please supply the hostname and main port of your service in order to expedite your request.

  • On Facebook: https://www.facebook.com/groups/SXSupport/
  • On Google: https://groups.google.com/d/forum/sxsupport

 

New Pricing

We are happy to announce new CentovaCast Pricing!

With the recent release of the SoniXCast/CentovaCast hybrid architecture, we were able to sink costs immensely and are passing the savings on to you! New sign-ups can save up to 20% over competitors and existing customers could save up to 30%!

What Happened?

As stated in our initial release announcement for CentovaCast, our dedicated development team has been customizing CentovaCast to work with the SoniXCast/AnyCastIP™ architecture and were able to complete the new CentovaCast Cluster ahead of schedule.

What are the benefits?

The new CentovaCast Cluster not only takes advantage of our failover virtual machine architecture guaranteeing uptimes of better than 99.9%, but ip-failover feature ensures that the ip-address follows the virtual machine as it is spun up on different hardware and our new 8.6 petabyte direct access storage (DAS) ensures rock-solid data protection, security and near limitless storage for music and videos.

Since the architecture applied to the CentovaCast Cluster is the same we provide to our Professional customers, Hobbyists and Webcasters now benefit from the cutting edge technology and (more importantly) the huge cost savings.

What about Pricing?

We offer two, globally licensed, programs designed (and appropriately named) to fit the needs of Hobbyists and Webcasters…

Hobbyist Program

Small businesses that wish to provide custom content, station operators who are just starting out or Musicians who wish to showcase their music, do not need the AutoDJ or concurrent listener features offered with other programs. Available with the ShoutCast or Icecast server option, the Hobbyist programs is optimized for price, stability and ease of use. Pricing starts at: $3.95/month (icecast/ices, 96Kbps), $4.95/month (shoutcast/shoutcast, 96Kbps) for maximum 100 listeners and 2 mount points.

Webcaster Program

Geared towards semi-professional station operators or those who wish to broadcast video, the Webcaster program is optimized for for medium to large listener bases. Like the Hobbyist program, both ShoutCast and Icecast streaming server options are available and pricing starts at: $5.95/month (icecast/liquidsoap, 96Kbps), $6.95/month (shoutcast/liquidsoap, 96Kbps) for unlimited (999) listeners and unlimited mount points.

CentovaCast Features

  • Easy web-based stream configuration
  • AutoDJ support with powerful playlist scheduler
  • Drag-and-drop AJAX media library – demo
  • Comprehensive statistics and royalty reports – demo
  • Automatic stream monitoring/restarting
  • Feature-rich, automatic station home pages – demo
  • Much, much more — take the tour!

ShoutCast versus Icecast

As far as listening quality and performance are concerned, there isn’t much difference between the two. All modern html5 and flash players support each equally and both offer the mount point feature. However, ShoutCast offers more specialized features like ShoutCast CDN, integrated popularization tools and station management on the popular shoutcast.com website. Whereas Icecast is more compatible and stable with more seamless handover between Live and AutoDJ source clients.

Upgrade/Downgrade Options

Current customers cannot upgrade to the new CentovaCast Cluster, however our support team will work with you in upgrading your current package. Simply contact support from the customer area.

It is possible to upgrade or downgrade Hobbyist and Webcaster packages within minutes. Simply login to the customer area, navigate to your service and select the Upgrade/Downgrade option.

Whats Next?

The development continues… Next will be integration of the CentovaCast Cluster in our Global Relay Network which will add to broadcast quality and worldwide saturation and then there will be the integration into the SoniXFM.com popularization platform which will make stations available on (among others) the Smart-TV’s, Google Play, iTunes and Amazon and much more. Watch for the announcements.

SoniXCast & CentovaCast Partner Up

We are happy to announce that SoniXCast is now offering Globally Licensed CentovaCast stream hosting packages!

Click here for ShoutCast Packages and Pricing

Click here for Icecast Packages and Pricing

Why CentovaCast?

CentovaCast is the preferred radio automation control panel by Hobbyists and Webcasters worldwide. It’s mature, stable and well known by Web Radio Producers. And, more importantly, it was requested over and over by our customers. CentovaCast offers features that are not yet available on the BoomBox platform and integrates seamlessly with SoniXCast’s Global Relay Network and SoniXFM™ Aggregation Service. Read more about CentovaCast here. Check out the Demo here. Take the guided Tour here.

What about BoomBox?

Freed of trying to provide legacy support, BoomBox will continue to be developed more towards Professional and Terrestrial Radio Stations which makes up the majority of our customer base and who demand more cutting edge technologies. This change in direction takes BoomBox out of direct competition with CentovaCast as they now address two fundamentally different vertical markets.

Can I switch from BoomBox to CentovaCast?

Unfortunately No. The BoomBox and CentovaCast systems are incompatible and pricing is structured differently. The only way to ‘change over‘ is to cancel your BoomBox service and setup a new CentovaCast service.

What about Licensing?

Like BoomBox, all streaming services are licensed for worldwide broadcast with same restrictions, guidelines and recommendations with the difference that CentovaCast streaming packages do not receive an official Station ID (CSNX-XXXX) and are instead licensed under our umbrella license agreement with SOCAN. Read more about SoniXCast Global Licensing here.

Hosting Infrastructure

CentovaCast services are maintained in our AnyCastIP™ global network with over 50 geographically dispersed relay nodes and hosted on our cutting edge failover virtual server infrastructure technology which offers unmatched uptime and availability.

What about Resellers?

Unlike BoomBox, SoniXCast offers multi-tiered reseller and affiliate programs for CentovaCast services. At the time of writing, price structuring was still being developed, but those interested are encouraged to contact support@sonixcast.com and ask about the program. The release of the Reseller program will be announced separately.

What about Bundling?

Yes. SoniXCast will offer CentovaCast and CPanel Web Hosting bundled packages. At the time of writing, the team was still working on price structures and once finished, the release of bundled packages will be announced separately.

Amazon Prime Goes Live

We are happy to announce that SoniXCast Stations are now on Amazon Prime!

Today we received notification that Amazon Prime Music is now listing SoniXCast Stations bringing SoniXCast Radio Content to over 7 million new subscribers.

…But there were issues…

Amazon developers never could tell us exactly how much network traffic would be generated and when they turned up the service it caused some network slowdown and in some cases services went offline from the load.

Our smallest network (SoniXCast Canada) which provides streaming services to small internet radio stations and hobbyists was impacted the most. But some of our professional broadcast networks in Brazil and Australia suffered some network slowdown as well.

This was all due to a burst in indexing of SoniXCast Radio Stations by the Amazon Servers. Network traffic has normalized now and we have tweaked our networks so that going forward we won’t experience such a slow down.

Is there more to come?

Yes. We’ve acquired four more professional broadcast networks and are still working on partnership agreements with Verizon, GM and AT&T. However, the lessons learned with Apple and Amazon has taught us to expect much higher traffic loads than estimated and we’ve quadrupled our expectations for future integrations and we will keep tweaking these numbers until we get it right.