Sunday, November 27, 2011

Apple left vulnerability open for govermental spyware for three years

That iTunes update you installed earlier may have been the government spying on you. And Apple have known for at least three years.
FinFisher, a remote spying Trojan that was marketed to the governments of Egypt, Germany and other nations to permit surreptitious PC and mobile phone surveillance by law enforcement officials. The piece noted that FinFisher’s creators advertised the ability to deploy the Trojan disguised as an update for Apple’s iTunes media player, and that Apple last month fixed the vulnerability that the Trojan leveraged. [...] A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw. [...] Mikko Hypponen, chief research officer for Finnish security firm F-Secure, first blogged about FinFisher in March 2011, when protesters in Egypt took over the headquarters of the Egyptian State Security and gained access to loads of confidential state documents, including those that appear to show the government purchased licenses for the program. (Quote Krebs' blog)
A screen shot from the firm's promotion video: A fake iTunes update. Image via Spiegel.

The Telegraph / Apple iTunes flaw 'allowed government spying for 3 years', Krebs on security (blog) / Apple Took 3+ Years to Fix FinFisher Trojan Hole, Spiegel / Firm Sought to Install Spyware Via Faked iTunes Updates.

Saturday, November 12, 2011

Using Canon Legria HF R16

So, my good old FLIP camcorder broke and I picked up a Canon on sale. Thus I present: Notes on the joys and horrors of using a Canon Legria HF R16 camcorder on Linux and Mac. Practical notes and first impressions, mostly. Probably useful for most Canon camcorder models.

Believe it or not: I asked the two people working in my local camera shop if Canon camcorders worked well with Macs. They looked horrified at me, assured me Macs were nothing but trouble and that neither Canon nor JVC or any other brand would work with Macs or Linux. Of course it works (more or less) with both systems, of course it's fool proof on the Mac.

Unpacking and shooting

One's low expectations go nowhere as the package reveals the camera, a couple of cables and some CDs. Because the cables are the least you can expect, the CDs contain some PDF manuals and some - you guessed it - Windows-only software (Pixela). You'll have read what's worth reading in the printed manual long before the battery has charged.

Basic settings are set from three resolutions ("LW" 1920x1080 aka 16:9 format in 1080p, "L" 1600x1200 and "S" 640x480 both being 4:3 format) in "Normal" (grainy), "Fine" or "Super Fine" (sharp) quality and four levels of picture quality ("Long Play" 5 Mbps, "Standard Play" 7 Mbps, "XP+" 12 Mbps and "FXP" 17 Mbps) - that's 36 possible combinations already. Then there is also nine specialized settings ("Portrait", "Low light" etc), something called "Cine" mode, three specialized white balance settings beside the automatic plus some digital and image effects settings. That's a lot of possible settings just on this low end model - plus, of course, the everything "AUTO" setting.


Using it with Linux: The resolution settings are fishy

The camera mounts as read-only USB "stick". Open with a file browser (Dolphin, Konqueror, whatever) and find the recorded clips in CANON > AVCHD > BDMV > STREAM. Unfortunately, WYSI-not-WYG.

Apparently, all format settings produce *.MTS files of 1440x1080 pixels (4:3)! Where did the pixels go? If you can create a 1920x1080 pixels clip after import with Canon software on Windows - where do the extra pixels come from? Are they what the magical Windows-only software can do?

Might not be entirely cheating because the settings do appear to result in files of some difference in file size and there are some other weird files on the memory card. As usual: Avidemux can re-encode the clips to any other format.

Using it with Mac and iMovie

iMovie detects the camcorder as you connect it with USB and start an import program that lets you select which clips to transfer to which projects. Very easy. It then converts all 50 fps clips to 25 fps. Very annoying. But of course, other geeks have already worked out a very simple hack for allowing iMovie to handle both 25 and 50 fps clips. Let me guess: Apple has some other, more expensive program that will do the same at an exorbitant price?

Anyway both "L" 1600x1200 and "S" 640x480 result in imported clips of 1440x1080 pixels (encoded in "icod" which cannot be viewed in VLC). However, the "LW" 1920x1080 does yield clips that actually are - fanfare - 1920 by 1080 pixels. The people at Apple have probably paid Canon for the privilege of performing this magic.


If you know more than I do about this, please comment! I guess video clips in some cases are like sausages and politics...
"To retain respect for sausages and laws, one must not watch them in the making."
Either way my videos should drastically improve from now on. Compared to the FLIP the Canon offers much better optics, settings (portrait, low light etc.) for special recording situations and (obviously) better specifications on pretty much every other parameter. Except battery time which amazingly appears to be little more than an hour.

Two years later review: my FLIP Mino HD camera

On the 21st of September 2009 I biked to Bella Center in Copenhagen, site of the COP15 climate change conference three months later, to participate in the kick-off event for the TH!NKABOUTIT #2 blogging project. For use in our blogging each participant was given a 4 GB FLIP Mino HD camera with the European Journalism Centre logo on the cover.

The FLIPs come in a little pouch and with custom designed covers.

I never considered myself a video guy. Let alone video-blogger, or "vlogger", of which I still haven't seen a reasonable example. Video tech was also uncharted territory to me and not one I figured worth the learning curve to enter. But the FLIP changed that mostly because it's so easy to use: power on, press the big red "Record" button to start and then stop recording, flip out the USB connector and transfer the MP4-files to any computer. Also, it delivers surprisingly high quality sound and pictures, and it's the size of a mobile phone (smaller than most smartphones).

The 4 GB version lists its recording time to one hour. It's closer to 55 minutes but that's because unnecessary files are taking up space on the new recorder's drive. Fortunately, it connects like any other USB stick so the handful of PDFs and an .exe file (who needs .exe files?) can be quickly moved to your computer for safekeeping or simply deleted. This will bring up recording time to almost an hour again - until next time you upgrade your FLIP software and the unnecessary files will reappear.

So, I began clipping segments of recordings using avidemux in Linux; first example a jumpy walk through a crowded outdoor photo exhibition (not impressive film art). Also in avidemux I started using the xvid codec and for example managed to fit this 51 minutes speech into a just 225 MB file suitable for my free Vimeo account (still not impressive and should have fixed the sound). And I strapped it to my bike to make a recording of my daily trip home from work. I snugged it out to get some rare footage from inside Cairo Airport during the revolution curfew. As a Macbook Pro entered the picture, I must admit ambitions sky rocketed. iMovie was to my editing ambitions what the FLIP was to my recording ambitions - userfriendliness inspiring a new hobby. The FLIP comes with idiot-proof software that will make you instant "MagicMovies" and handle your files easily. Even as I started using more and more advanced features of iMove, I still have thrown in segments of FLIP MagicMovies here and there (the trained eye will notice, for example from 17 seconds to 27 seconds into my first Urban Greening video).

In short, the FLIP cameras were bargains in 2009. Being very small, very easy to use and quite cheap at the same time I have to wonder why they weren't more popular. Now, of course, they face competition from smartphones and more expensive camcorders designed smaller and smaller too. But they are even cheaper now and come with 8 GB. Still something I'd consider buying. And I did consider buying a new FLIP recently - because during recording of my second Urban Greening video it fell from my pocket and unfortunately the display broke. So sad. And the bottom line is: FLIP and the TH!NKABOUTIT project has changed me into a person who wants to film. And even after two years of frequent use I was still very happy with the FLIP Mino HD.

The display is obviously out of order.

I can wholeheartedly recommend you buy a FLIP - if you don't already have a smartphone or DSLR with HD video capabilities, of course. Alternatively, a FLIP would serve great as a second camcorder if your other one is a bit too expensive to strap onto flying objects or operating during intoxication or other risky situations.

My choice for a new (budget) camcorder fell on a Canon Legria HF R16 found on sale. You can probably expect rants about its software and attitude towards Linux and Mac in the near future, a slightly more thought through review in two years. And perhaps more crazy videos made with my old FLIP now strapped onto more and more hazardously placed objects?