Last updateMon, 03 Aug 2020 9am


Introducing – Tools for Cinema Quality Assurance


Cinema Test Tools for the Non-Technical Manager 

Cinema Test Tools is a free resource for the cinema industry, tuned most particularly for the non-technical manager. The tools include several DCPs, all with interesting means of testing the sound and picture quality for the interested by lightly trained staff. The lessons on sound and light are written to provide a foundation to communicate with the technician who must respond quickly and well to the information that they discover.

The key is a free Online Managers Online Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

The superior man, when resting in safety, does not forget that danger may come. When in a state of security he does not forget the possibility of ruin. When all is orderly, he does not forget that disorder may come. Thus his person is not endangered, and his States and all their clans are preserved. Confucius Chinese philosopher & reformer (551 BC - 479 BC)

Certificate Authorities and DCinema

This weeks news brings up a sore subject: Trust.

In DCinema, this means Trusted Device Lists (TDL) and Certificate Authorities as specified in the SMPTE/ISO and DCI documents.

In the outside world, the foundation is also a group of companies who issue certificates that bring different levels of trust to different websites or those who access the websites. These companies are the CAs or Certificate Authorities. Last year, one was found to have been hacked.

Read more ...

Phishing Your Employees 101

Krebs on Security describes how to find those employees who need work on their security skills:

Phishing Your Employees 101 — Krebs on Security

A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most security tools, this one could be abused by miscreants to launch malicious attacks.

Read more ...

Half of Fortune 500s, US Govt. Still Infected with DNSChanger Trojan

More than two months after authorities shut down a massive Internet traffic hijacking scheme, the malicious software that powered the  criminal network is still running on computers at half of the Fortune 500 companies, and on PCs at nearly 50 percent of all federal government agencies, new research shows.

Source: FBI

The malware, known as the “DNSChanger Trojan,” quietly alters the host computer’s Internet settings to hijack search results and to block victims from visiting security sites that might help scrub the infections. DNSChanger frequently was bundled with other types of malware, meaning that systems infected with the Trojan often also host other, more nefarious digital parasites.

See the full article at:

SSL Breaches & Duqu; What is DCinema Interesting

More and more news articles are pointing out more and more compromised systems. The systems are not the computers of us simple folk, but rather computers just like ours that sit behind sophisticated firewalls and have sophisticated staff working to prevent problems.

They use the same words that the DCinema world uses when discussing security: Trusted Devices, digital certificates, revocation of keys, and the like. 

Read more ...

Lesson One: Who's on the Network

You have built yourself quite a neighborhood with that intranet of yours. Somewhere there is perhaps a list of all the addresses, some allocated on purpose, some snuck in to let a tech roam around while waiting for a part. When was the last time you updated that list against reality? Or worse, when was the last time you checked to see if something odd was there?

Solar Winds has a nice tool that creates a spreadsheet of this data, which also allows you to make notes and permanently allocate zones and the like.

Here is a Youtube shot of the system in action.

Read more ...

Who Else Was Hit by the RSA Attackers?

"Almost 20 percent of the current Fortune 100 companies are on this list."

"Below is a list of companies whose networks were shown to have been phoning home to some of the same control infrastructure that was used in the attack on RSA."

Krebs On Security – Who Else?

The data breach disclosed in March by security firm RSA received worldwide attention because it highlighted the challenges that organizations face in detecting and blocking intrusions from targeted cyber attacks. The subtext of the story was that if this could happen to one of the largest and most integral security firms, what hope was there for organizations that aren’t focused on security?

Read more ...


There are a lot of experts in security out there. What they write is often dry as a bone. But there are a few sites that stay on top of the events, and express themselves in ways that us mere mortals can comprehend.

Bruce Schneier -  He wrote the books, he writes the newsletters, he has the blog. Top of the list for a reason. The link is to his monthly CryptoGram...subscribe now.

Hagai Bar-el - Information Security Specialist whose websites focus on security engineering and on managing innovation processes. Good source for definitions. There is also a blog and RSS feed.

Handbook of Applied Cryptology - All Chapters are free for the download. Get them off the cloud now.

We are putting millions of dollars of library materials into the hands of people trained to believe that MP3s and everything else should be free. We give them all the late hours unsupervised. What is wrong with this picture?

Security issues should always be taken seriously. Then again, so should consistent exercise and taking regular breaks from madness. Notwithstanding, here's the recent news in the field of security.

Security is mostly a superstition. It does not exist in nature.... Life is either a daring adventure or nothing.
~ Helen Keller (1880 - 1968), The Open Door (1957)