Category Archives: Security

Ssshhhh. Security by obscurity is not practiced here. So don't disturb us, we're being vigilant.

Multiple Adobe security holes closed

All of the fixed vulnerabilities were critical, with most having the potential to allow an attacker to take over a user’s system.

Read the entire IT Pro story at: Multiple Adobe security holes closed | IT PRO – By Asavin Wattanajantra, 3 Aug 2009 at 11:22

Details of how to update the Adobe software can be found in its security bulletin here. Adobe is planning…

Adobe has had a very difficult time this year, with its popular Reader and Acrobat products suffering so many problems

Cyber criminals see PDF-reading software as a good oppportunity …

Fibre-optic networks vulnerable to hacking

Once a successful tap has been achieved, … sniffers, can capture the data.

Read the entire article: Fibre-optic networks vulnerable to hacking | IT PRO – By Asavin Wattanajantra, 3 Aug 2009 at 15:33

“Organisations in the financial, insurance, healthcare, and government sectors deliver sensitive information across fibre-optic cables…

“Hence, capturing or eavesdropping on this data serves not only military purposes. …

The report also includes some past incidents of optical fibre networks being hacked, …

Fouchereau said that as it was impossible to monitor the entire optical fibre network, …

SSL-BlackHat Hacked-‘Urgent’

From an article in IT PRO: Black Hat: It wasn’t just the iPhone that got hacked… | IT PRO – By Asavin Wattanajantra, 3 Aug 2009 at 13:16

This was courtesy of vulnerabilities in SSL, allowing somebody to intercept traffic with what Marlinspike called a null-termination certificate.

Matt Hampton, chief technological officer at Imerja, said: “It’s not just something that can happen with a web browser. Something else needs to have been done beforehand.

He added: “Either a virus or malware has been downloaded on a [targeted user’s] machine that has changed the configuration, so the named servers have been changed.”

This could mean that a targeted user is pointed to a server where the attacker has created fake web pages, which could come from a location as far away as China or Russia.

“Currently if a user clicked on that link they would get a warning, because the browser doesn’t trust the certificate,” he added.

“If [the attacker] has managed to install a null-termination certificate, they won’t get the warning. It’s going to hide the fact that things have been changed.”

This could allow attackers to steal passwords or create fake online banking sites where they could steal credit card details.

Firefox 3.5 is currently protected against the attack, but not earlier versions. Chrome and IE8 are not.

The conference also revealed a hacking attack by researcher Dino Dai Zovi that could allow criminals to take control of Apple computers and steal scrambled data.

There was also a detailed report on Russian cybercrime, with a claim that Eastern European mobsters are justifying their crimes by hiding it behind extreme nationalism and anti-western sentiment.

There was even a presentation on lockpicking forensics, as interest in physical security has become an extension of the growing number of people interested in computer security.

The hacker community is thriving, and another hacker convention in the Defcon conference is currently taking place in Las Vegas.

Reports revealed that somebody tried to hit Defcon attendees this week with a fake ATM placed in the Rivera hotel, which is playing host to the annual event.

It was apparently recording the card details and PIN on anybody trying to use it, but the criminals involved probably didn’t bank on it ending up centre stage of a hacker-focused security event.

The entire article is at: Black Hat: It wasn’t just the iPhone that got hacked… | IT PRO

Civolution Acquires Watermarking Business from Thomson

Civolution announced on Tuesday that it is acquiring the digital watermarking business from Thomson.  Terms were undisclosed.

This move represents further consolidation in the watermarking market, following Dolby’s shutdown of its Cinea video watermarking division last year.  Civolution itself spun out of Philips Electronics and acquired Teletrax, the video broadcast monitoring business that uses Civolution’s technology, late last year.

With this action, the only major players left in watermarking are Civolution and the Korean vendor MarkAny.  Apart from those two, there are a few players in niche markets, such as Verimatrix (IPTV/digital pay TV), Verance (Blu-ray audio), and USA Video Interactive (Internet video delivery).

This development does not necessarily point to decline in the adoption of watermarking.   First of all, Thomson’s watermarking business was known to be in disarray amid management changes.  Thomson has had some recent success with its NexGuard technology for pre-release content protection (which combines encryption and watermarking), but it has been hard to get management’s attention alongside other Thomson product and service properties such as Grass Valley and Technicolor.  Watermarking is more of an enabling technology, which should fit much better at Civolution.

More importantly, the success of watermarking requires standardization.  As I noted last week, standardization in the “secret sauce” of watermarking algorithms is unlikely, and there have been several vendors, each with their own secret sauce.  Consolidation is a market force that will promote de facto standardization.  For example, Thomson and Philips/Civolution were the two suppliers of watermarking technology for digital cinema; with this deal, there is now only one supplier and thus a de facto standard.

Of course it remains to be seen whether Civolution will integrate its two watermarking technologies or leave them be.  Integration is better for the market insofar as it is feasible.

 

Urgent Adobe PDF Reader Alert – UPDATE NOW

This week, Adobe announced a new Security Update and said that they were going to go on a cycle of releasing upgrades on a 3 month cycle, similar to the dates that Microsoft uses for their monthly security patches.

Adobe reiterated that users must look to anti-virus programs for protection.

What are the problems and what does it mean to you?

Obviously, it is common to receive pdf files. What isn’t well understood is that withing the file there can be executable code. That would be fine if it were only multimedia files. But hackers have figured out how to put trojans and viruses into the pdf…which can execute as you read.

These trojans might do nothing obvious, but they could sit in the background collecting data? They might hang out until they decide that circumstances are ripe for spreading onto your network.

SOLUTION: Stop reading this article and upgrade every single copy of Reader on every computer you can get your hands on.

Click here to<a href=”http://www.adobe.com/support/security/bulletins/apsb09-03.html” > download the Adobe update</a>.

Arts Alliance Media Lands Cinema Milestone with ‘Iron Maiden: Flight 666’

Arts Alliance Media today announced the success of the award-winning documentary film, ‘IRON MAIDEN: FLIGHT 666’. 70% of the total admissions, which exceeded 100,000, were from one-day-only special event screenings, day and date, on April 21st. The feature length film, released exclusively on digital prints, has achieved the distinction of being the biggest ever worldwide simultaneous release of a documentary film, playing on screens across South and Central America, Mexico, all of Western and most of Eastern Europe, Russia, Japan, Australasia, USA, Canada, South Africa and India. ‘FLIGHT 666’ was distributed by Arts Alliance Media (AAM), in collaboration with EMI Records and Iron Maiden.

Read more…

Empire Leicester Square Is Europe’s First Theatre with Dolby 3D for Large Screens

Dolby Laboratories, Inc. (NYSE: DLB), announced today that the Empire Leicester Square has become Europe’s first auditorium to utilize the new Dolby® 3D Digital Cinema large screen solution. The Empire installed the Dolby 3D system in time for the United Kingdom premiere of Walt Disney Pictures’Jonas Brothers: The 3D Concert Experience. The movie will premiere in front of an invited audience of more than 1,300 guests.

Read more…

Barco Celebrates “Disney’s A Christmas Carol” Train Tour

When “Disney’s A Christmas Carol” Train Tour, sponsored by HP, makes its debut at Los Angeles’ Union Station this Memorial Day Weekend (May 22nd – 25th), and subsequently launches its 40-city whistle stop tour across the U.S. over the next 24 weeks, Barco’s DP-2000 digital cinema projectors will be on board. Disney has selected Barco’s state-of-the-art projectors to provide the public with a special sneak peek at its spectacular new holiday release, in a traveling Disney Digital 3D™ theatre that will be erected at each stop along the way.

Read more…

Sony Pictures and Sony Electronics Team to Deliver “Angels & Demons” in 4K Resolution

The growing list of feature-length motion pictures distributed in 4K resolution now includes “Angels & Demons,” the highly anticipated follow-up to 2007’s “The Da Vinci Code.” The Sony Pictures Entertainment movie, which opened worldwide on May 15, will be shown in 4K resolution using Sony 4K digital cinema projection systems.

Read more…

D&E Entertainment Selected to Theatrically Distribute and Market Eric Clapton and Steve Winwood ‘Live From Madison Square Garden’

Through their partnership with Reprise Records D&E Entertainment, the leader in theatrical distribution and marketing of Alternative Content, will be distributing and marketing the theatrical premiere of Eric Clapton and Steve Winwood’s ‘Live from Madison Square Garden’ concert film documenting their amazing performance at the world famous venue. The film will be premiered in over 50 cinemas in the US and a special London Premiere on May 18.

Read more…