Tue01232018

Last updateThu, 21 Dec 2017 2pm

 

Introducing – Tools for Cinema Quality Assurance

cat_pr1_sm_jpg

Cinema Test Tools for the non-Technical Manager – Post Installation Quality Assurance Has Begun

Cinema Test Tools is a free resource for the cinema industry, tuned most particularly for the non-technical manager. The tools include several DCPs, all with interesting means of testing the sound and picture quality for the interested by lightly trained staff. The lessons on sound and light are written to provide a foundation to communicate with the technician who must respond quickly and well to the information that they discover.

The key is a free Managers Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

Security issues should always be taken seriously. Then again, so should consistent exercise and taking regular breaks from madness. Notwithstanding, here's the recent news in the field of security.

More Military Systems Hacked

This time it is that hackers have managed to break into the networks of arms manufacturer Lockheed Martin as well as those of other US military contractors. Reporting this is not meant to be a gossip laff-o-meter article. It is merely to point out that big, nasty, well-devised secure systems get broken into, especially if people ever have to interact with it. 

See: Hackers break into Lockheed Martin - The H Security

Read more ...

Stuxnet and SCADA - New News

Stuxnet is a piece of malware that attacks industrial process computers running a certain set of standardized controls. The troubles that this standard is facing now that there are people paying attention to it is only interesting to us if we consider that eventually "black hats" will turn their attention on Ddcinema systems. But why would anyone want to do that.

Following is an article on Schneier on Security.

Read more ...

Maxell 256AES USB Drive

Maxell is making available a 256-bit AES secure Guardian USB Backup Drive. The attempt is to use hardware encryption for file security during storage and transport. Following is the press release.

Read more ...

[Update] Security Lesson – Sony PlayStation Breach

Weeks later, Sony still in trouble: Read Sony yet to fully secure its networks: expert | Reuters

 


 

For the past week, rumors about a potential breach of all customer information in the vast online PlayStation world has turned from 'maybe' to the worst possible situation. Read the Krebs On Security report for details: 

Millions of Passwords, Credit Card Numbers at Risk in Breach of Sony Playstation Network — Krebs on Security

While not directly associated with digital cinema, it shows the extent that hackers are able to cleverly exploit nuances of sophisticated code that even the largest corporations attempt to keep secure. One of the basic rules of encryption is that anyone can create a secure system that they themselves can't breach.

One of the strengths of Open Source software is that a world community is able to research code to find and fix problems. This is the path that DCI and SMPTE tried to follow, using international standards such as AES and ___ for the packaging, transport and playout, to protect the intellectual property that we are all given to play to our customers.

It appears that the transition from PlayStation 2 to PlayStation 3 allowed some glitches into the code. These were apparently discovered when hackers worked to allow PlayStation 2 users to enter the online system that had cut them off. Code in the PlayStation 3 developers kit provided the tools. Where Sony didn't use enough outside help to give oversight by "White Hat Hackers", "Black Hat Hackers filled the gap. Now, only as an after thought post-catastrophe, outside help is being asked to help secure a newly designed system.

This is relevant to the DCienma world as we transfer from Series I to Series II projectors, external to internal media blocks (IMBs to the cognoscente) and maintaining InterOp format deliver while transferring to SMPTE compliant formats and equipment. 

The lesson is: Learn more. Pay Attention. The other basic rule of security is Constant Vigilance, which requires a trained staff from top to bottom. That includes corporate executives, local management, chief techs, chief projectionist and each person in the stream who touches a security key.

Good luck to us all. The studio personnel are not the top of this chain. The artists, the producers, the writers and their lawyers are the top of the chain who are trusting us to keep their materials secure. As a professional in the industry, don't let your name be on the list of defendants in a lawsuit for breach of duty.

Beware the Firesheep

Firesheep: Making Web-connection hijacking easy

One of the joys of living in the Internet age is the increasing ubiquity of Wi-Fi hotspots. More and more businesses - particularly those where consumers congregate - are offering Wi-Fi access. It's often free, as well as being free of any password requirements or encryption.

While that's convenient, it's also dangerous. Security experts have long warned that connecting to a non-encrypted hotspot leaves you vulnerable to attack. It's a warning that most Wi-Fi users gleefully ignore, as they sign in to check their Facebook walls, scan e-mail messages or browse their Twitter streams.

Read more ...