All posts by editor

Ongoing Sec – More Exploited Vulnerabilities Patched

Security Logo

12 November – Every freakin’ month (2nd Tuesday) there is a new set of Microsoft vulnerabilities, so much so that we have ignored reporting them.

But this month there is yet another set of Critical vulnerabilities that is being exploited in the field – read about it here at Krebs:

Zero-Days Rule November’s Patch Tuesday — Krebs on Security. This explains new Flash updates. [Your editor has eliminated Flash from his system…not worth the bother.]

But note: This does not cure the zero-day exploit that is capable of ruining your whole week~!~!~!


11 June – Another round for Adobe and Microsoft, explained by Krebs:

Adobe, Microsoft Patch Flash, Windows


14 May – Microsoft and Adobe today each released updates to fix critical security holes in their software. Microsoft’s patch batch tackles at least 33 vulnerabilities in Windows and other products, including a fix for a zero-day vulnerability in Internet Explorer 8 that attackers have been exploiting. Separately, Adobe pushed security updates for Flash Player, Adobe Reader, Acrobat and Adobe AIR.

So says Krebs On Security today. Get all the info: Microsoft, Adobe Push Critical Security Updates


6 May – Zero Day Exploit is not only in the open for IE8, but it is published for all hackers to study from.

 

If you must use a Windows computer, please change over to Firefox immediately (if you haven’t already.) Then read this:

Krebs On Security – Zero-Day Exploit Published for IE8


12 Feb – The normal tuesday repairs to the normallly insecure programs –

Fat Patch Tuesday — Krebs on Security


7 February – Critical Flash Player Update Fixes 2 Zero-Days — Krebs on Security |

These stories never end…not even interesting reading anymore. Just do the upgrades.

Updates are available for Windows, Mac, Linux and Android users. The latest Windows and Mac version is v. 11.5.502.149, and is available from this link. Those who prefer a direct link to the OS-specific downloads can grab them here. To find out if you have Flash installed and what version your browser may be running, check out this page.


16 Jan – Days after the critical Java fix, Kreb’s On Security announces that a new exploit not patch in the version 11 release is being sold on the black-hat black market. First, learn how-to and do turn-off Java until this is patch AND even then, only if you need it.
How to Unplug Java from the Browser — Krebs on Security

Second, read more about the sordid details here: New Java Exploit Fetches $5,000 Per Buyer — Krebs on Security

Security experts on Java: Fixing zero-day exploit could take ‘two years’ | ZDNet

Third: Point others to this site to learn “What Is Java” and how to use it if you absolutely must: What You Need to Know About the Java Exploit — Krebs on Security

 


 

 

13 Jan – Now it is Java wih the critical warnings…Read Kreb’s for the data, but one thing I noticed is that his link for the mac update was wrong and the auto-update that the Mac Java program points to gives an error. So here is the correct link for all OSs: Download Free Java Software, which should point to the right place. Here is where I got a successful Java for Mac download:
Oracle Ships Critical Security Update for Java — Krebs on Security Download Java for Mac OS X
Oracle Ships Critical Security Update for Java — Krebs on Security


 

8 January – Like the Australians needing new colors on their temperature maps as Ultra Hot turns to Double Extra Super Hot, Microsoft and Adobe are going to need new degrees above Critical and above Vulnerable. In this case, Microsoft should say, “Ultra Vulnerable Even After the Update”, As Krebs on Security explains: “… these vulnerabilities could be exploited to fully compromise vulnerable Windows systems without any help from users. …”

Read the entire piece since it has all the links for the Adobe Reader Flash Player plugin…and AIR and Acrobat…for both Windows and Mac OS.

Don’t delay…here is the link again: Adobe, Microsoft Ship Critical Security Updates — Krebs on Security

Australia adds new colour to temperature maps as heat soars | Environment | The Guardian


 

Continue reading Ongoing Sec – More Exploited Vulnerabilities Patched

[Update] Final Cut Pro X Stories

AppleInsider has new shots, including Motion: AppleInsider | Images claim to show Apple’s Motion 5, Final Cut Pro X

Richard Taylor has an excellent new rundown on Ken Stone’s site: Final Cut Pro X Rundown


FCP X, the next version of Final Cut Pro will be released in June. It was shown at the SuperMeet during NAB. But the version was the same that was shown 6 weeks previous to a limited set of experts.

The following links speak to a number of issues that are interesting and provocative to other experts: What is coming and will it really be the next great thing…or will it be iMovie Plus. (Apple asserts that it will be the next great thing for post-produciton. The big news is that it is 64 bit, 4k media, background rendering, will use all the cores you can throw at it, gets rid of QuickTime as the base code – substituting AVFoundation – and $299.)

Digital Content Producer: FCPX: What It Might Mean

The Sound of 1,700 Jaws Dropping: Larry’s Blog

Terence & Philip Show: Episode 25: NAB and Final Cut Pro X

Phillip Hodgetts: What are my thoughts on Final Cut Pro X? – FilmmakingWebinars.com

Larry Jordan & Michael Kammes on FCPX | 2011 NAB SHOW BUZZ

NAB11 FCP X Sneak Peek at FreshDV

AppleInsider | Apple previews new $299 64-bit Final Cut Pro X to arrive in June

PhotographBay: Final Cut Pro User Group Supermeet – LiveBlog (Updated: Final Cut Pro X Officially Unveiled)

Apple announces Final Cut Pro X | Apple Talk – CNET News

For those of you that missed the FCP X Intro at the SuperMeet | LinkedIn

Bonus: Digital Content Producer: Encoding for the Apple iPad, Part 1

Broadcasting Live Events to Cinema: DTG

The Digital TV Group, the industry association for digital television in the UK, has issued a very inclusive report on Alternative Content in the Digital Cinema universe: Broadcasting Live Events to Cinema: Recommendations for the preparation, transmission, reception and presentation of live audio-visual events into cinemas.

Continue reading Broadcasting Live Events to Cinema: DTG

What About Cannes This Year [Summary]

For winners:

2011 Cannes Film Festival Winners – ‘Tree of Life’ Takes Palme d’Or « FirstShowing.net

And, a great round-up on the festival site itself:

Festival de Cannes – From 11 to 22 may 2011


Two sites to monitor if you want to follow the Cannes Film Festival:

Complete 64th Cannes Film Festival Official Selection is Announced « FirstShowing.net

IONCINEMA.com: We heart subtitles

 

Continue reading What About Cannes This Year [Summary]

NAB / CinemaCon Future Space.Time Conjunctions

The schedule for the NATO convention now known as CinemaCon* and the NAB Convention has taken on interesting time intersection. They both occur in Las Vegas. 

In the past the NATO convention (then known as ShoWest) was 4 or 5 weeks before NAB. With the first CinemaCon this year (2011) there was a 9 day difference between the end of CinemaCon and the beginning of NAB (if you consider the SMPTE/NATO “DCienmaDays” as the beginning of NAB…the weekend before the NAB Exhibits open.

In 2012 this takes an interesting twist. NAB begins on the 14th and closes on the 19th of April, with CinemaCon beginning just a few days later on the 23rd (and closing on Thursday the 26th.

2013 brings NAB on 6-11 April with CinemaCon on 15-18.

2014 switches them; first CinemaCon on 24-27 March and NAB on 5-10 April. (Perhaps these dates were chosen because Passover is on the 15th and Easter that year is on the 20th. There is no conflicts with these floating holidays the other years.)

Now if only the Hollywood Post Alliance festival in Palm Springs were moved from February to the week before CinemaCon us Europeans could schedule one trip and get our tech fix all in one long drip-fed dose. 

 

 

*It has been confirmed that the Con in CinemaCon has nothing to do with “Putting the Con back in Cinema” as has been suspected. 

Test Bloom – AF100/F3/FS100/5DMkII

Phillip Bloom has done a quick and dirty set of tests between the Panasonic Panasonic AG-AF100 Micro 4/3 Pro HD Camcorder, and the Sony F3 and FS100…along side a Canon 5D MkII. You can see them on his blog or watch them with these links.

{vimeo}23294197{/vimeo}

AF100 vs F3 vs FS100 Part 1: The Real World from Philip Bloom on Vimeo.

{vimeo}23344796{/vimeo}

AF100 vs F3 vs FS100 Part 2: In depth and conclusions. from Philip Bloom on Vimeo.

{vimeo}22911903{/vimeo}

The Bloom Danube: Sony FS100 Smooth slow motion test from Philip Bloom on Vimeo.

Eye better than camera capturing simultaneous contrast and faint detail

The human eye long ago solved a problem common to both digital and film cameras: how to get good contrast in an image while also capturing faint detail.

Nearly 50 years ago, physiologists described the retina’s tricks for improving contrast and sharpening edges, but new experiments by University of California, Berkeley, neurobiologists show how the eye achieves this without sacrificing shadow detail.

Continue reading Eye better than camera capturing simultaneous contrast and faint detail

More on DCP Creation – Qube

Qube has a new DCP creator that works as a plug-in for Final Cut Compressor. There are 4 versions that range from generic to 3D/4K packages and from $800 (570€) to nearly $2,800 (2,000€).The title is QubeMaster Xport.

Qube Online Store Product Catalog

Qube is also announcing that in June they will have a KDM key generation service for QubeMaster Xport users to add security to the DCPs.

QubeMaster Xport enables Final Cut Pro users to save pre-defined settings as Compressor Droplets and simply drag-and-drop files to create DCI-compliant masters. All of the file formats supported in Final Cut Studio can be output to 2K and 4K, and the software can handle XYZ color space conversions, or apply custom 3D LUTs to source files while encoding.

“With major film festivals like Cannes and Venice now endorsing DCPs as their preferred delivery format, we’re seeing a surge of interest from independent filmmakers looking for better ways to master and deliver their films,” explained Eric Bergez, director of sales and marketing at Qube Cinema. “This new website gives them access to all the tools they need for generating DCP masters without the expense and complication of going to a major facility.”

Bergez pointed out that QubeMaster Xport also opens the door to the growing digital cinema market for boutique post houses and pre-show content creators. “It’s about putting distribution capabilities into the hands of those who create the content,” he added.

Russian Scriptor Targeting Macs?

Krebs on Security has made contact with crimeware kit developers and salespeople who say that they have a Firefox and Chrome for Mac OSX webkit. ‘Weyland-Yutani’ Crime Kit Targets Macs for Bots

So, yet again we wonder if our Macs need protection. At best most of us are careful about social engineering scams. At worst these are very clever attackers who can take advantage of users who feel too secure. 

 

Continue reading Russian Scriptor Targeting Macs?