Tue01232018

Last updateThu, 21 Dec 2017 2pm

 

Introducing – Tools for Cinema Quality Assurance

cat_pr1_sm_jpg

Cinema Test Tools for the non-Technical Manager – Post Installation Quality Assurance Has Begun

Cinema Test Tools is a free resource for the cinema industry, tuned most particularly for the non-technical manager. The tools include several DCPs, all with interesting means of testing the sound and picture quality for the interested by lightly trained staff. The lessons on sound and light are written to provide a foundation to communicate with the technician who must respond quickly and well to the information that they discover.

The key is a free Managers Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

The superior man, when resting in safety, does not forget that danger may come. When in a state of security he does not forget the possibility of ruin. When all is orderly, he does not forget that disorder may come. Thus his person is not endangered, and his States and all their clans are preserved. Confucius Chinese philosopher & reformer (551 BC - 479 BC)

Breach Mitigation or Bust?

"It’s better to assume your organisation has already been compromised and develop defences based around that assumption."

The maxim is that you can try to protect your network one angle at a time, but hackers can pop the bubble from any place on the sphere. This article from ITPro points to some of the simple things to consider when protecting your network.


I was recently talking to someone who brute forced a BT Business Hub, the sort used by hundreds of thousands of businesses across the UK, using hardware costing less than £35 and it supposedly took him less than 48 hours to crack the 10 character default WPA key.

Invest just a little more money and that timescale starts to look like an absolute age. The truth is that it's a lot easier than you may imagine to breach the network perimeter these days, and if an attacker is determined enough then the chances are they will succeed.

Read more ...

How To Break Into Security-Part One

Kreb's How To Break Into SecurityKrebs on Security has started a series named How To Break Into Security.

I decided to ask some of the brightest minds in the security industry today what advice they’d give. Almost everyone I asked said they, too, frequently get asked the very same question, but each had surprisingly different takes on the subject.

 


How to Break Into Security, Ptacek Edition — Krebs on Security

Now might be a good time to give the job of reading these to your apprentice.

 

The Basics and a Tool for Creative Commons

A nice article giving the basics of the Creative Commons License from Katherine Noyes in PC World: How to Protect Your Artistic Works With a Creative Commons License | PCWorld Business Center

Followed by another of her articles that refer to a tool that helps decide which license to choose for your situation: Need to Choose a Creative Commons License? This New Tool Can Help | PCWorld Business Center

Password Ideas...There Will Be No Sympathy

It is probably past time anyway, but since the recent password losses by LinkedIn and a few other companies, it would be a good weekend task to come up with a great password set and start going down the list. Change everything.

I spot something easy and obvious in front of me, for example a book. Well, I used to. I don't seem to have any books anymore so I can't give an example. But I remember the American Heritage Dictionary was the basis for passwords for a long time. AmHeDi for simple sites, Am9He5Di1 for more complicated sites that might give access to spending my money.

 

Read more ...

July 9 – Prepare For No Doom [Update]

More than 300,000 computers will be disconnected from the internet on 9 July. How can you be one of them?

Easily.

[Update: The day came...with all the attention, the amount of computers with the trojan plummeted. The US FBI tracked the numbers fall by half in the US. On the day of the event, ISPs also started diversion practices of their own. No one is predicting how that will work out, but it mitigated the effect while allowing compromised computers to continue. Applause, though short-lived perhaps.]

Read more ...

Wireshark 101 Webinar Offline–A First

Explaining nuance to those who are merely tangential to the field of that nuance always gets close to explaining magic. At CinemaCon, the marketing gurus (or teams) who win the excellence awards fortunately won't explain what it is they did to achieve the year's or lifetime prize. (Spoiler: Teamwork and happy clients.) Likewise, the technology award show that the Academy of Motion Pictures Arts and Sciences held the week before the more famous event doesn't become a course in the latest de-Beyerization technology. (Teamwork and excited photons. See: Albert Einstein: Why Light is Quantum)

For those who with a 'tween events craving for awards, the DCinemaTools Security Section would like to give the "Explaining  to non-technical people what the interwebz looks like while it is working" Award to the Wireshark University founder and chief explainer Laura Chappell. [This may take a re-working of what non-technical really means.] And in a great quirk of fate, since we encouraged everyone to sign up for the 101 Course webinar last month (but really...how many people did it?) ...the usually online only course is suddenly available for offline viewing...even downloading!

Here is what the email says:

Yes – I have good and bad news about the Wireshark 101 webinar you were scheduled for tomorrow. I have a conflict on my schedule and will need to cancel the webinar. (That’s the bad news.)

The good news is that at 3:00am this morning I uploaded the newly-recorded webinar (as so many people have requested). The Wireshark 101 class is now available for online or offline viewing! (Seriously – download the FLV files if you want!)

View/Download Location: www.lcuportal2.com (click Free Wireshark Class on left) – or click the direct link here.

There are four sections in the class:

Part 1 [14:17]: Wireshark Internals and Placement (drivers, capture on switched networks, capture at the client first)

Part 2 [10:54]: Creating Profiles and Using Capture Filters (customization, capture filtering, capture to file sets, ring buffer)

Part 3 [14:17]: Display Filters and Coloring Rules (fast display filter techniques, color-coding lousy traffic patterns)

Part 4 [15:00]: Expert, Charts and Graphs (launching the Expert, interpreting IO/RTT/Time-Sequence graphs)

I know folks have asked for this for a loooooong time. The conflict on the schedule pushed me to get this done!

If you have questions after watching the course, email those questions to Joy DeManty (This email address is being protected from spambots. You need JavaScript enabled to view it.) – I’ll be adding a “Most Commonly Asked Questions” video to the set!

I'm not sure why you are reading further. Get those instructional videos for yourself and your friends. Don't waste time around here. And bookmark the ChappellU site so that you can grab those Most Commonly Asked Questions when they are released.

Subcategories

There are a lot of experts in security out there. What they write is often dry as a bone. But there are a few sites that stay on top of the events, and express themselves in ways that us mere mortals can comprehend.

Bruce Schneier -  He wrote the books, he writes the newsletters, he has the blog. Top of the list for a reason. The link is to his monthly CryptoGram...subscribe now.

Hagai Bar-el - Information Security Specialist whose websites focus on security engineering and on managing innovation processes. Good source for definitions. There is also a blog and RSS feed.

Handbook of Applied Cryptology - All Chapters are free for the download. Get them off the cloud now.

We are putting millions of dollars of library materials into the hands of people trained to believe that MP3s and everything else should be free. We give them all the late hours unsupervised. What is wrong with this picture?

Security issues should always be taken seriously. Then again, so should consistent exercise and taking regular breaks from madness. Notwithstanding, here's the recent news in the field of security.

Security is mostly a superstition. It does not exist in nature.... Life is either a daring adventure or nothing.
~ Helen Keller (1880 - 1968), The Open Door (1957)