Saturday, July 31, 2010

Internet security - when should you pay?

People often ask me about what security software I use. I'm of the opinion that you want solutions you don't have to think too much about. OpenDNS fits that bill entirely but here are some other thoughts;
  1. Firewall - ten years ago before Windows XP and when your broadband connection was probably via a USB modem (and you had an internet-facing, routable IP address) it made a lot of sense to have a software firewall - Zone Alarm or somesuch. Since XP SP2 (when the Windows firewall is on by default) and hardware NAT routers there is no good reason to spend money on yet another firewall. Your NAT router acts as a very effective hardware firewall because any packets that aren't a direct response from outgoing connections (from one of the machines on your network) are ignored. You could quite happily run Windows (or Mac or Linux) behind a NAT router with no firewall.

  2. Web filtering software - Cybersitter etc. You may well want to filter your incoming traffic but having a piece of software on every machine is not the way to do it. By far the best solution is to use a DNS filter - every DNS lookup that your router sends out goes not to your ISP's server but to OpenDNS who (based on their database and your settings) will return null DNS entries for sites you might not want accessed. I've been using it for a year and it's excellent - nothing needs to be done to new machines as the router has the IP addresses for OpenDNS in it's settings. OpenDNS also blocks all known phishing and malware sites and since they have a worldwide userbase of tens of thousands they are more likely to block new threats before you try and go to them.

  3. Web filtering pt.2 - NoScript is an excellent plugin for Firefox that stops active content from running on pages. It's a bit of a pain when you first install it as you're constantly clicking on the settings icon and allowing a domain (BBC iPlayer isn't much use without Flash!). But after a while you get used to it an the sites you visit often where you need active content soon outnumber those that you visit occasionally (and you may not want them to run JavaScript, Flash, ActiveX etc - common vectors of infection).

  4. Antivirus - Microsoft Security Essentials sneaked out earlier this year with little fanfare but has been getting excellent crits with detection scores near the top of the test tables. Definitely better than Norton, Panda, and AVG. It integrates well with XP through Windows 7 and I found it to be very unobtrusive. It's what I'm using on all my Windows machines.
  5. Spybot etc AntiMalware - Windows now has the Malicious Software Removal tool - MRT.exe (you can run it from Start>Run whenever you like). It updates itself silently on patch Tuesday and is as effective as anything else at removing malware. It's free and unless you've deselected it from Windows update any machine running Win 2K or later has it.
So there it is - not paying for security, far from being the cheapskate option is, I think, the best policy. Have you sat down to use a machine that had a full-up Norton or McAfee install and realised how cumbersome and slow this computer (which five years ago would have been considered workstation-class) now is. The firewall is fighting the Windows firewall, the antivirus is popping up reminders to renew the subscription ('cause you only got 90 days with Dell!) and you can't access files on your server for some reason.

The dirty little secret the anti-virus industry never mention is that once your machine has been compromised they can't be sure they've rid you of whatever nastiness crawled in. Root Kits and other techniques mean it is nigh on impossible to ever trust a PC that has been virus infected. You need to reformat the hard drive and re-install Windows. It's not hard and you'll find your machines feels like new again as you will have lost the detritus that Windows picks up along the way.

Thursday, July 29, 2010

Colour calibration probes for less than a grand?

I'm often asked if the kind of colour calibration gadgets you can pick up on Tottenham Court Road are of any use in setting up monitors for film or TV grading – I’ve played around with a couple of those sub-£1k colour probes and although they are OK for getting your monitor in the ballpark for print-prep they aren’t suitable for film and TV usage for the following reasons;

  • Luminance level – Computer displays tend to sit white at 200Cd/m2 or even higher so the probe must be able to work over that range. The white level we use in TV is 80Cd/m2 and some film guys prefer 60Cd/m2 (delta-E increases a luminance goes down). This means the probe which (at best) is a ten bit (but probably eight bits) is operating over a fraction of it’s range when used for setting up a monitor for TV grading which means it’s now only a five or six bit probe. There is no way on earth it can measure better than the ½ GND that you need for calibrating for TV & Film.
  • Metamerism – Photometers (of which this is one) rely on the relative metameristic performance of the display – CRTs are different from LCDs in this respect. That’s why our £5k photometer (Phillips PM5639 in case you’re asked) says on page one of the manual “...only for CRTs, not for LCDs” – I’ve sat a CRT next to an LCD and had quite different colours on both displays and the probe says they’re the same – it’s a limitation of photometers but the Huey claims to be able to do both CRTs and LCDs – not sure how it gets around this as it’s not a calibration issue, it’s physics baby! You need a spectroradiometer to be able to accurately measure both kinds of displays and they start at £15k!
  • Colour space – computers monitors tend to be set up for RGB working and not for the colour-space we use in TV (rec 709) with a white point at 6500k.
So I think these things are worse than useless – they give you a false sense of security for no actual worth.

Friday, July 23, 2010

How to serve your Wiki off DropBox

Firstly I wanted to mention how powerful DropBox is - I've tried a few cloud-based storage solutions (Humyo, SkyDrive etc) and this is the one that works more reliably than all of the others. You install the client on your Windows/iPhone/Mac/Linux box and you have a folder that synchronizes with every other authenticated instance of that account. You always have access to your documents and the iPhone app is superb. Even if you only have a web browser you can download what you need. It sits in the background and trickles stuff up to their data centre without you realising.
A really powerful feature is that there is a public folder which if you drop files into you can right-click and get a URL you can email to someone.

Something else I find very interesting is the one-file compact Wikis that you see - the best one I've found is TiddlyWiki which is superb for small collaborative projects.

By placing the index.html file (which includes everything you need for the Wiki - style sheets, database, everything!) in your public folder and getting the URL (which you could make easier with TinyURL or stick it on your domain in a frameset).

See for an example. Of course it's only editable by about four machines, but that's part of the strength of it.

Thursday, July 22, 2010

Back from a job - a few thoughts on DVI, HDMI & audio

Having just got back from a slightly unusual build (all HDMI capture off games machines for a 24-7 HD channel on Sky) I had a few observations that might save you some head-scratching;
  • DVI extenders; I normally recommend extending DVI and HDMI over fibre; twisted pair copper isn't really up to it. It works most of the time so long as patch cords and wallboxes are avoided and you can't realistically do that in edit suites. Anyhow - on this job we discovered we needed to extend and extra DVI into a couple of the edit rooms after cables were run and we'd used up all our fibres on the edit machine's GUI displays. So - with a spare cat6 we gave it a try. The model we used had an eq tweak on the receiver with an LED that lit when the signal was tuned. Only it didn't! Turned out the lit LED meant 'sub-optimal'! Hmm - OK when I discovered!
  • HDMI vs DVI and interlaced 1080 video - the Samsung domestic panels that we were using for the time-line display wouldn't work with 1080i video over DVI, only 1080P (at whatever fancy framerate you wanted - 23.976P, 24P etc). Turns out that model only does DVI progressive. Changes the cable from the extender to feed the monitor's HDMI port and it's all good.
  • AJA k-box's unbalanced audio outputs aren't buffered. We had a set of PPMs that were loading the signal earths (but not enough to effect the accuracy of the meters) but it was enough to load the unbalanced outputs which fed the speakers - cut the screen on the XLRs behind the PPMs and it's all good.
On the subject of HDMI and DVI it should be stressed that from a signal point of view the TDMS data lanes are the same in each - you can use DVI extenders to carry HDCP and audio data which aren't part of the spec, it's only the equipment at each end that generates/won't recognise those things.

Friday, July 09, 2010

Tektronix and audio loudness measurement

I just had a rather splendid lunchtime presentation from Tek regarding the new firmware for WFM & WVR-series test sets. EBU rec 1770 has been around for some years but a couple of things have stopped it's widespread adoption.
  • It's integration time for short-period measuring is three seconds - Channel Four (who previously were the only UK broadcaster who got shirty about perceived loudness) always specified a Chromatek meter which used a four second rolling window.
  • It's long been understood that most archive material fails 1770 in it's original state but the inclusion of a silence gate mitigates this.
It seems like whole industry is tip-toeing around the dirty little secret that commercials producers mix audio with a very limited dynamic range so as to make them more punchy. It's in their interest (and the broadcasters who make their living out of them) to not embrace this. It's why my Mum complains to me about how loud the ad breaks are. The EBU should stop pretending this is about programmes, it's about commercials and the sooner they enforce loudness limits the better!
We got to have a play with the new Tek firmware and they have done an excellent job of interpreting the LUFS scale. They make it very easy for an operator to see where a programme is and if the Dolby DialNorm (dialogue) and Dynamic Range figures match what is measures.
More when I've got a copy to put into my WFM 7120.