Tech-T Productions

How We Can Help

With experience from multiple fields including Advertising, Broadcast, Education, Engineering, Entertainment, Marketing, Pre-Press & Web, we have the ability to produce exactly what you need.

The War on Privacy Protection and Personal Security

How big of a threat is there right now on your private data? The news seems to be constantly beating the drum of a new hack or imminent threat. While some of it can by hype for a slow news day, there is truth in that we are under attack every single day (as evidenced by eBay, HomeDepot and Target from just this last year). Check out the live map from IP Viking to get an idea of what’s currently going on around the world.

Unfortunately, though with the news cycle as it is, we often don’t see any resolution to these problems. I just wanted to take a few minutes to review the latest “problems” that have been reported and see where we are today in making ourselves safer.

Masque Attack

This is from the most recent bit of news. Masque Attack is specially crafted to iOS users (iPad, iPhone, etc…). It can only infect your device if you download software from some place other than the Apple App Store.

What You Should Do – Nothing. Just buy your apps from the App Store and you’ll have nothing to worry about.

Poodle

Probably because of the name and by the time it was reported, we just were numb to this one. Its an attack towards SSL (the secure lock icon in your browser).

What You Should Do – Nothing. Some experts report that this attack is very difficult to pull off, if not impossible. The steps necessary assume that the attacker has control of the system already.

Darkhotel

These are attacks on business people traveling in the Asia area. When connected to hotel wifi, you are usually asked to enter your name and room number to grant access. At this step, attackers are sifting through the supplied info to see if it is a target worth spying upon. If it is, a pop-up window is displayed notifying the user that they need to update some piece of software (such as flash). Doing so will install the spying software.

What You Should Do – NEVER install anything from the web when not at home or your office on a trusted network. This and other mischievous/damaging things can be easily done on public wi-fi networks. This includes networks which you may even pay for, such as a coffee shop or hotel.

Shellshock

This vulnerability was found in the BASH system used by Unix type operating systems. It allowed attackers to put their own code into the computer and perform just about any function desired. In order for the attack to work, the computer being attacked had to employ one or more of the following routines:

CGI – web server, Open SSH, a rouge DHCP server, qmail or the IBM HMC

What You Should Do – If you don’t know what any of the previous stuff is, do nothing. If you are running a service from the list above, you should have updated already and be patched. (The tricky part is ensuring someone doesn’t hop on your network and operate a poison DHCP server….but that’s for the sysadmins to worry about.)

Heartbleed – Similar to Poodle as listed above in that it targeted secure internet connections.

What You Should Do – Nothing. All systems by now should be patched.

BadUSB – This one has the potential to be really bad. It is an infection which is spread by USB devices. Because it infects the firmware of the USB device, antivirus software does not see it. Once the device is plugged into a computer, it performs its deed in the background, quite possibly without you ever knowing. But wait, there’s more! Now you have the infection on your computer and each USB device you plug in now gets infected as well and is able to spread to other computers as the USB device is shared. Where this will probably have the most effect is with USB memory sticks/USB flash drives.

What You Should Do – Don’t get too hostile yet, as no known attacks have used this methodology yet in the public. So far it has only been experimental. But it is possible and not very difficult. So try not to share USB devices with strangers. Suggest cloud storage instead, to share files (though nothing sensitive/secret, since your connections will probably be in the clear and susceptible to spying). Hopefully, the manufacturers will soon release devices which either lock the firmware or require signed keys to alter it. Because how many times have you updated the firmware on your mouse?

One Last Consideration – Setup a VPN

A VPN (Virtual Private Network) allows you to communicate to a network with a secure and encrypted connection. So, say you are at that suspicious hotel and you need to check you company email. If you connect to the VPN first, you can be sure that there are no men in the middle spying on your corporate secrets. Or even personally, when you are at the coffee shop and need to check your bank account balance, using a VPN keeps you safe. It also provides the added benefit of not showing anyone your current location. All activity looks like it is coming from the VPN computer you are connected to at that time. (I like this especially since I have Verizon so I can dodge their perma-cookies, but since I am VPNed to the computer at my house, I still can easily access gmail and other secured connections without hassle as that computer is already trusted.)

There are services which offer VPN service, some even for free. I am personally wary of these services. I haven’t heard anything bad come from them yet, but its just not something I’m willing to trust yet. ALL of your internet traffic is going to go through this VPN and they can potentially see everything that you are doing (and maybe even save it).

If your company doesn’t offer VPN access, make a request to the IT folks. It may already be there and you not know it. They should be eager to help you get setup if you ask nicely, because it will only make their job easier in the end knowing that your computer is more secure.

At home, if you have a computer sitting around not doing much, setup your own. It’s not too difficult and wise to keep work stuff at work and home stuff at home. If you have a Windows PC, check out this link:

http://www.practicallynetworked.com/security/set-up-a-personal-windows-vpn.htm

or, if you have a Mac, then go this route:

http://www.techrepublic.com/blog/apple-in-the-enterprise/apple-os-x-server-how-to-configure-a-vpn-service/

Either way, do what you can to keep your data yours and out of the hands of others.

ApplePay Could Be a Boom to the DSA

While I usually advocate for cash payment as much as possible, ApplePay may be the most secure payment method we have available today. Between biometric authentication and tokenization, no other method of payment has these security practices right now. While NFC has had it’s setbacks, the added layers of security Apple has implemented revolutionizes the current thinking of contactless payment.

Some people have been hesitant in praising this new technology and that’s understandable to some degree, but let me outline where there is new opportunity.

Update: President Obama just recently signed an executive order which will also help speed the process of NFC adoption. Some of the highlights include that by January 1, 2015, government benefits are paid via chip and pin and that all consumer facing agencies accept chip and pin. (http://www.whitehouse.gov/the-press-office/2014/10/17/executive-order-improving-security-consumer-financial-transactions)

iCloud isn’t secure, so how will Apple secure my credit card? – While I agree that Apple didn’t employ the best in security practices for iCloud, the servers were never hacked. The servers simply didn’t restrict access after a number of bad attempts, so people were able to continually guess at passwords until they got lucky. The better argument would be that Apple has over 800 million credit cards on file through iTunes and has never had a problem. In addition, the credit cards are not actually stored by Apple, they are on the phone, BUT in a totally different physical location on the phone which is secured and inaccessible by normal means.

The only problem at this point is that there isn’t a way to pay person to person with ApplyPay. Direct Selling Association companies like Pampered Chef, Scentsy and others would greatly benefit from this. It’s only a matter of time though. In the meantime, in app purchases are able to use ApplyPay, so if companies are able to provide and promote an Apple app which could handle the order and payment while still compensating the host, then this segment could be enhanced. The good thing about waiting is that it will give Apple and businesses time to work out any bugs they may encounter. By the time person to person payments are allowed to use ApplyPay, hopefully we’ll have a flawless and secure payment system.

Is your WiFi up to snuff for your next corporate event?

After planning the stage design, lighting, video, graphics, sound, table center pieces and all the other seemingly endless options, internet connectivity tends to get the short end of the stick. The considerations here though are not small (nor small on the budget) and should have a thought process that goes from start to finish along with the entire project.

A few reasons to ensure your event has internet connectivity readily available.

1. Wifi is in demand. True demand. Clients and attendees become annoyed at best when connectivity is not available for their mobile devices. It has become a part of our everyday life, whether it be productivity like email or personal like facebook or games.

2. Presenters often have internet content within a slide deck. Most of the time, they may not even be aware that it is a link, assuming it was embedded in the presentation because it worked before in their office.

3. Stuff happens! Changes occur all the time before and sometimes during a show. You need a way to get those new assets! Clients expect a fast connection because it’s what they are used to back at the home office.

4. Networking can make life much easier in a production environment. Though it may not (and probably should not) have internet connectivity, considerations need to made for how these networks can be created and maintained. I personally love to be able to vnc into remote machines, like a wayfinder display, and update content without having to carefully dismantle part of the display to access the computer.

Alright, so we are pretty sure we want/need some wifi at our next gig. This really does come at the beginning of our design – do a site survey. You are probably already doing this to see the rooms, power locations, ceiling/chandelier heights, etc….just add this as one more thing on your list. It would be best to do a scan on an active day, not when the building is empty.

wifi-scan

As we can see in the image above, this is a very congested venue. There were 113 individual wifi access points that I could see just standing still at one point in the room. This doesn’t include the rest of the building! Of those scanned, 46 were operating in the 2.4GHz band. In that band, there are only three truly distinct and usable channels; 1, 6 and 11. So even if evenly distributed, there are at least 15 access points stepping on each other! Not only does this cause problems for computer networking and internet access, but any other systems using these frequencies, such as wireless mics or wireless DMX.

Every venue is going to be different. Some venues may even purposely make it difficult to create networks so that you rely on their systems and pay their pricing. Just this last week, the FCC was fining a hotel for blocking any networks that were not part of their system. gigaom story

This may or may not deter other venues from doing the same thing. They could also just hog the spectrum as seen above to make your system unusable. If clear spectrum is confirmed, next we need to coordinate with all areas to see what expectations there are for on-site use. Again, the different departments may have specific needs including audio, video, graphics, admin, guests, wayfinding and attendees. Don’t leave the attendees last on your list though, we don’t want them tweeting about how terrible the internet access is at your event!

After figuring out how the systems will be used, we need to determine the bandwidth that is going to be consumed. Above and beyond what our wireless systems need to do, we need to consider any hardwired systems. The biggest chunk would probably go to any video streaming that maybe happening. This alone is a huge issue and should have considerable time invested into planning for it. Streaming can become extremely difficult if there are a huge number of unexpected end users, as was seen with the Apple event releasing the new iPhone 6 last month. streamingmedia story

Make sure you are working with experienced and dedicated professionals when venturing into this new world of broadcasting. With a little bit of time and planning you can have a successful event with wonderful interaction from your attendees to elevate your show and attendee experience to the next level. But be sure to leave some room for an audible, because we all know stuff changes and it sure will when you least expect it.

ATEM 1 M/E Production Switcher

We recently purchased this switcher made by Blackmagic Design. After putting it through some torture in a live production, it performed flawlessly and we were sold. We'll have more info and pictures soon. Check back later.
ATEM 1 M/E Production Switcher Diagram

Nothin' Beats a Good CD

Here's one that can really fluff some feathers in the audio community. Brad Meyer and David Moran have written a paper, "Audibility of a CD-Standard A/DA/A Loop Inserted into High-Resolution Audio Playback", and published by AES, essentially saying that no one can tell the difference between CD and all other high quality formats (DVD-A, DSD, etc...). The specs of the setup can be viewed at the Boston Audio Society web page. While we subscribe to the notion that most listeners are not able to discern the difference, it is still imperative to capture the source at higher rates (and bit depths). The original audio is still processed at some point via mixing, mastering, and format conversion in which more data available in the source leads to less distortion (quantization error) in the audible range. However, one last word of advice, professional (level conscience) mastering is still the most impactful process on sound quality as it relates to the medium for which it is produced.

DNS problems?

Earlier this week, I reported having DNS troubles over the weekend. I thought that there might be some folks who would want more information on the topic. I found an excellent snippet of a book over at O'Reilly Media. The book is titled,

Learning Windows Server 2003, Second Edition

by Jonathan Hassell. It gives very in depth information on the subject.

The Mac can catch a cold!

One of the big trumpeting points for Mac lovers has been that they have always seemed invincible to the invitation of viruses, worms, and other such ickies. Now it seems that someone has turned that smiley face on its head.

There really was not ever some big secret that the Apple team had to look so superior to the beige box of the Windows PCs. It came down to two big points:

Apple Inc. (at the time Apple Computer Inc.) used proprietary hardware, including the CPU.
When compared to the total number of computers in the world very few were Macs. So, why would someone derive a virus which would maybe infect a few hundred computers (because it seems very unlikely that it would reach every Mac in the wold), and have to go through so much trouble to learn proprietary coding for such little return.

Read the rest of the story here.

Bye-bye Apple RAID

Apple has discontinued their RAID hardware. Many are saying that this is actually a good thing, though don't tell that to the guy or gal who just bought one last week. The good is that we now should have a broader choice in manufacturers and hardware configurations. The current blessed by Apple system is from Promise Technology. They have crammed in MUCH more storage than what Apple had available. I personally like the smaller options that are dropping in price quite rapidly. When I tried Promise's site it seemed to be overloaded and I couldn't view anything other than the home page. I did find much more information over at PC Connection.