Tue01232018

Last updateThu, 21 Dec 2017 2pm

 

Introducing – Tools for Cinema Quality Assurance

cat_pr1_sm_jpg

Cinema Test Tools for the non-Technical Manager – Post Installation Quality Assurance Has Begun

Cinema Test Tools is a free resource for the cinema industry, tuned most particularly for the non-technical manager. The tools include several DCPs, all with interesting means of testing the sound and picture quality for the interested by lightly trained staff. The lessons on sound and light are written to provide a foundation to communicate with the technician who must respond quickly and well to the information that they discover.

The key is a free Managers Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

The superior man, when resting in safety, does not forget that danger may come. When in a state of security he does not forget the possibility of ruin. When all is orderly, he does not forget that disorder may come. Thus his person is not endangered, and his States and all their clans are preserved. Confucius Chinese philosopher & reformer (551 BC - 479 BC)

Russian Scriptor Targeting Macs?

Krebs on Security has made contact with crimeware kit developers and salespeople who say that they have a Firefox and Chrome for Mac OSX webkit. ‘Weyland-Yutani’ Crime Kit Targets Macs for Bots

So, yet again we wonder if our Macs need protection. At best most of us are careful about social engineering scams. At worst these are very clever attackers who can take advantage of users who feel too secure. 

 

Read more ...

Maxell 256AES USB Drive

Maxell is making available a 256-bit AES secure Guardian USB Backup Drive. The attempt is to use hardware encryption for file security during storage and transport. Following is the press release.

Read more ...

[Update] Security Lesson – Sony PlayStation Breach

Weeks later, Sony still in trouble: Read Sony yet to fully secure its networks: expert | Reuters

 


 

For the past week, rumors about a potential breach of all customer information in the vast online PlayStation world has turned from 'maybe' to the worst possible situation. Read the Krebs On Security report for details: 

Millions of Passwords, Credit Card Numbers at Risk in Breach of Sony Playstation Network — Krebs on Security

While not directly associated with digital cinema, it shows the extent that hackers are able to cleverly exploit nuances of sophisticated code that even the largest corporations attempt to keep secure. One of the basic rules of encryption is that anyone can create a secure system that they themselves can't breach.

One of the strengths of Open Source software is that a world community is able to research code to find and fix problems. This is the path that DCI and SMPTE tried to follow, using international standards such as AES and ___ for the packaging, transport and playout, to protect the intellectual property that we are all given to play to our customers.

It appears that the transition from PlayStation 2 to PlayStation 3 allowed some glitches into the code. These were apparently discovered when hackers worked to allow PlayStation 2 users to enter the online system that had cut them off. Code in the PlayStation 3 developers kit provided the tools. Where Sony didn't use enough outside help to give oversight by "White Hat Hackers", "Black Hat Hackers filled the gap. Now, only as an after thought post-catastrophe, outside help is being asked to help secure a newly designed system.

This is relevant to the DCienma world as we transfer from Series I to Series II projectors, external to internal media blocks (IMBs to the cognoscente) and maintaining InterOp format deliver while transferring to SMPTE compliant formats and equipment. 

The lesson is: Learn more. Pay Attention. The other basic rule of security is Constant Vigilance, which requires a trained staff from top to bottom. That includes corporate executives, local management, chief techs, chief projectionist and each person in the stream who touches a security key.

Good luck to us all. The studio personnel are not the top of this chain. The artists, the producers, the writers and their lawyers are the top of the chain who are trusting us to keep their materials secure. As a professional in the industry, don't let your name be on the list of defendants in a lawsuit for breach of duty.

Beware the Firesheep

Firesheep: Making Web-connection hijacking easy

One of the joys of living in the Internet age is the increasing ubiquity of Wi-Fi hotspots. More and more businesses - particularly those where consumers congregate - are offering Wi-Fi access. It's often free, as well as being free of any password requirements or encryption.

While that's convenient, it's also dangerous. Security experts have long warned that connecting to a non-encrypted hotspot leaves you vulnerable to attack. It's a warning that most Wi-Fi users gleefully ignore, as they sign in to check their Facebook walls, scan e-mail messages or browse their Twitter streams.

Read more ...

Update Everything Month~! Software Vulnerability Records

October 2010 has had record numbers of updates in core programs from Windows to OSX, in Adobe Products and in Java (now owned and managed by Oracle.) Firefox, Opera, RealPlayer, you name it, Security Vulnerabilities is the new black...now white.

Security Vulnerabilities was a code word, of course. It was a nice way of saying, "A bad guy could create an object in the code of a site that would tickle a hole in the software on your computer, and make it – your computer – do one or more things."

Read more ...

Subcategories

There are a lot of experts in security out there. What they write is often dry as a bone. But there are a few sites that stay on top of the events, and express themselves in ways that us mere mortals can comprehend.

Bruce Schneier -  He wrote the books, he writes the newsletters, he has the blog. Top of the list for a reason. The link is to his monthly CryptoGram...subscribe now.

Hagai Bar-el - Information Security Specialist whose websites focus on security engineering and on managing innovation processes. Good source for definitions. There is also a blog and RSS feed.

Handbook of Applied Cryptology - All Chapters are free for the download. Get them off the cloud now.

We are putting millions of dollars of library materials into the hands of people trained to believe that MP3s and everything else should be free. We give them all the late hours unsupervised. What is wrong with this picture?

Security issues should always be taken seriously. Then again, so should consistent exercise and taking regular breaks from madness. Notwithstanding, here's the recent news in the field of security.

Security is mostly a superstition. It does not exist in nature.... Life is either a daring adventure or nothing.
~ Helen Keller (1880 - 1968), The Open Door (1957)