Netflix says subscriptions just boomed but tells investors it's no money heist and they should expect stranger things

And starts deploying TLS1.3 to make streams faster and more secure

Netflix has released its Q1 FY20 results and revealed some unusual coronavirus impacts.

Made most plain in its Form 10-Q [PDF], Netflix said: “The COVID-19 pandemic has also led to an increase in our net paid membership additions relative to our quarterly forecast and historic trends.”

Indeed, the company reported 15.5m new subscribers in the quarter for a total of 182.86 million, almost double recent quarters' subscription growth.

But the filing warns the surge “may not be indicative of results for future periods.”

“Our increase in net paid membership additions may reflect the acceleration of growth that we would have seen in subsequent periods, and membership growth may slow or reverse, due to slower acquisition and/or higher cancellations, as government and other restrictions are relaxed,” the document adds.

CEO Reed Hastings’ letter to shareholders [PDF] opens with “In our 20+ year history, we have never seen a future more uncertain or unsettling” and goes on to explain that on-boarding a rush of new users has actually damaged Netflix’s average revenue-per-user.

The CEO also explained that the pandemic will impact the streamer’s pipeline of new shows, because most film crews worldwide have had to stop working (although animators were quickly back at work and writers mostly just kept writing).

Revenue for the quarter was US$5.7bn and operating income hit $958m, both the best results the company has achieved in recent history. And that’s after taking into account the strength of the US dollar, which reduces the value of subscriptions in other nations.

Hastings also wrote that Netflix’s investment in caching systems appears to have paid off, both in terms of user experience and letting it respond to government request to reduce its impact on networks.

The company has also blogged about its introduction of support for TLS 1.3.

Senior software engineer Sekwon Choi wrote that TLS 1.3 has moved on from its predecessor’s use of weak ciphers and a chatty handshake process. Of special interest to Netflix is the new 0-RTT feature that Choi says “allows an application to include application data with its initial handshake message, instead of having to wait until the handshake completes.”

For Netflix this means it can do a full handshake with a device with one roundtrip, or sometimes without a roundtrip at all. That translates into faster starts for streams and less traffic on networks, both of which Choi thinks will be appreciated.

“Therefore, we have started deploying TLS 1.3 on newer consumer electronics devices and we are expecting even more devices to be deployed with TLS 1.3 capability in the near future,” he wrote.

But subscribers ought not to expect more new features. Hastings' letter added that while Netflix's devs are now working from home and that transition has gone well, but: "As a precaution, we have temporarily reduced the number of product innovations we try, while continuing to release features that we know will add meaningful value for our members, such as improved parental controls." ®

Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022