Mon01222018

Last updateThu, 21 Dec 2017 2pm

 

Introducing – Tools for Cinema Quality Assurance

cat_pr1_sm_jpg

Cinema Test Tools for the non-Technical Manager – Post Installation Quality Assurance Has Begun

Cinema Test Tools is a free resource for the cinema industry, tuned most particularly for the non-technical manager. The tools include several DCPs, all with interesting means of testing the sound and picture quality for the interested by lightly trained staff. The lessons on sound and light are written to provide a foundation to communicate with the technician who must respond quickly and well to the information that they discover.

The key is a free Managers Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

The superior man, when resting in safety, does not forget that danger may come. When in a state of security he does not forget the possibility of ruin. When all is orderly, he does not forget that disorder may come. Thus his person is not endangered, and his States and all their clans are preserved. Confucius Chinese philosopher & reformer (551 BC - 479 BC)

Your Own Penetration Test

Paul Ruben's The Do-It-Yourself Security Audit

If someone in your organization is interested in getting more hip to IT security issues, one of the goals should be that they are able to take a professional approach to the network, including trying to breach it with the tools that professionals (and hackers) use. There is no better overview than this document. Following are some samples of its scope.

Read more ...

Ex-Army man cracks popular security chip

Hardware hacker Christopher Tarnovsky just wanted to break Microsoft's grip on peripherals for its Xbox 360 game console. In the process, he cracked one of the most heavily fortified chips ever put into a consumer device.

The attack by the former US Army computer-security specialist is notable because it goes where no hacker has gone before: into the widely used Infineon SLE 66PE, a microcontroller that carries the TPM, or Trusted Platform Module designation of security. The hack means he can access sensitive data and algorithms locked away in the chip's digital vault and even make counterfeit clones that could fool the many devices that rely on it.

Read more ...

Social Engineering Preview

Social Engineering LogoSocial Engineering (SE) is both incredibly complex and amazingly simple.

What really is social engineering? Social Engineering is defined as the process of deceiving people into giving away access or confidential information. Wikipedia defines it as: "is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim."

Read more ...

Example of PC Vulnerability, and Why Important

DCinema systems live in secure hobbit holes, guarded by the fact that they were professionally set up and no one, never, ever lets that peaceful garden be invaded.

But where do the keys come from. Or, can you put a PDF file onto a media server to read it where you need to use it?

Eventually, someone will figure out that the game is getting a clever piece of code onto a media server. Will it be done? Who knows? Can it be done? Don't be so certain.

 

Read more ...

Hackers For Charity - MetaSploit Unleashed

Mastering the Framework is the chant behind this marvelous idea - put together a great set of test programs, put together the technical data that teaches on how to use it, and ask for a 4$ contribution to help feed people.

Offensive Security is a white hat group who teaches people to think like blackhats, so that they can better protect their environment. Find someone in your organization who can take advantage of this now, and make it a part of your procedures.

Happens to the best of them-Apache Passwords Exposed

Hackers have attacked the Apache Software Foundation’s (ASF) project server and stolen the passwords of all its users.

The attack began on 5 April when hackers broke into Apache’s Atlassian JIRA software – used to track all its projects and any bugs that emerge.

They sent server admins a TinyURL link claiming they were having problems whilst browsing projects. When admins clicked on the link, it compromised their sessions and allowed the hackers to get hold of administrator rights.

By 9 April, the hackers had planted a password stealing programme and taken full control of JIRA, as well as Apache’s Confluence and Bugzilla programmes.

Read more ...

Subcategories

There are a lot of experts in security out there. What they write is often dry as a bone. But there are a few sites that stay on top of the events, and express themselves in ways that us mere mortals can comprehend.

Bruce Schneier -  He wrote the books, he writes the newsletters, he has the blog. Top of the list for a reason. The link is to his monthly CryptoGram...subscribe now.

Hagai Bar-el - Information Security Specialist whose websites focus on security engineering and on managing innovation processes. Good source for definitions. There is also a blog and RSS feed.

Handbook of Applied Cryptology - All Chapters are free for the download. Get them off the cloud now.

We are putting millions of dollars of library materials into the hands of people trained to believe that MP3s and everything else should be free. We give them all the late hours unsupervised. What is wrong with this picture?

Security issues should always be taken seriously. Then again, so should consistent exercise and taking regular breaks from madness. Notwithstanding, here's the recent news in the field of security.

Security is mostly a superstition. It does not exist in nature.... Life is either a daring adventure or nothing.
~ Helen Keller (1880 - 1968), The Open Door (1957)