Friday, June 09, 2006

If you found a USB drive, would you use it?

Dark Reading | Social Engineering the USB Way
We recently got hired by a credit union to assess the security of its network.

We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.

The next hurdle we had was getting the USB drives in the hands of the credit union’s internal users. I made my way to the credit union at about 6 a.m. to make sure no employees saw us. I then proceeded to scatter the drives in the parking lot, smoking areas, and other areas employees frequented.
Drives seeded: 20.
Drives found by employees: 15.
Drives plugged into company computers: 15. Yes, all of them.
Employees who realized anything was going on: 0.

It's unreported whether anyone tried to find the "lost" drives' owners.

Thursday, June 01, 2006

Art is never finished, merely abandoned

Star Wars -- by which I mean the original 1977 theatrically-released science-fiction movie, which did not call itself "Chapter Four: A New Hope" -- may well hold the record for having been released in more different home-video editions and media than any other film. (Does that seem right to you? I mean, it's good, but it's not that good. But I digress.)

When it was finally released on DVD, it was the 1997 Special Edition, with numerous "improvements", the infamous "who shot first, Han or Greedo" decision being one of many unpopular changes. When fans complained that they wanted to see the original theatrical release, the one they'd fallen in love with in 1977, Lucas dropped a bombshell: Ain't. Gonna. Happen. Ever. This (the 1997 edition) is it. This is "Star Wars" now.

At least, it would have been a bombshell if anyone had believed him. I don't know anyone who believes that George Lucas actually destroyed the original negatives to a film that, "flawed" as it was, made him, well, more wealth than I can imagine, and I can imagine quite a bit. (Yeah, I know, it's just so hard to avoid those cliches.)

This September, 20th Century Fox and Lucasfilm will release the Original Theatrical versions of the first Star Wars trilogy, each in a two-disc set that also contains the 1997 Special Edition...

With a catch. (Source: The Digital Bits.) Since the original negatives don't exist (ahem), the source material for this release is the 1993 laserdisc release. A thirteen-year-old transfer of a non-anamorphic widescreen print. I am going to attempt to explain why this is the video equivalent of offering a starving dog a rubber bone, in such a manner that I myself can actually understand it.

The 1993 part is easy. Has digital imagery improved since 1993? Pixar was doing Listerine commercials, and Lemmings was the state of the art in video games. You tell me.

To explain the anamorphic question, though... Let me show you a series of simulated screen captures of a scene I know you'll recognize.

First: "Normal" television (which can also be called pan-and-scan, or full-screen 1.33:1 ratio):

regular television full-screen pan-and-scan
Anamorphic widescreen -- not normally seen in this form, but this is what the image recorded on the DVD actually looks like: Your player unsqueezes it as it plays.

anamorphic widescreen
Normal television, letterboxed widescreen (2.20:1 image on a 1.33:1 screen). Your DVD player unsqueezes the image to fill your screen left-to-right, then generates a black letterbox to fill the screen top-to-bottom.

(This is also what the raw image looks like on a NON-anamorphic transfer. That is, the black letterboxing on a non-anamorphic movie is part of the image. That will be important later.)

regular television letterboxed
If all you have is a "normal" television, you can pretty much stop reading now: anamorphic vs non-anamorphic doesn't make much difference in what you see. But if you have, or ever anticipate getting, a widescreen television, read on.

Here's a digital 16:9 widescreen TV, viewing an anamorphic transfer. You still get a little letterboxing, since Star Wars was released in widescreen 2.20:1, but the image fills your screen from left to right.

Digital 16:9 television anamorphic
Here's what George Lucas thinks you want: This is how a digital 16:9 widescreen television will render a non-anamorphic transfer. Letterboxing top and bottom is part of the original image: Gray filler left and right is generated by your expensive television because this pre-letterboxed image doesn't fill the screen. (It'll actually be black: I've made it a very dark gray just so you can tell which is which.)

Digital 16:9 television non-anamorphic
Of course, your expensive digital 16:9 television can zoom in, but at the expense of crispness and resolution.

Digital 16:9 television non-anamorphic zoom
Let's look at Leia's lovely face, shall we?


All right, I'm being silly now. The point is, you've got a decision to make:

Do you believe George Lucas? If you think this man is actually capable of destroying the original negative of Star Wars, and every existing original print, and the various intermediate stages and archival copies that may exist throughout the world from which usable digital elements could be derived, then this is the best of what survives and you should probably get it before he decides to clean house again.

If you think he has something else up his sleeve for next year's 30th Anniversary of the original release of Star Wars (God, I feel old), then you might want to wait.

If you're like me and filled with revulsion at the idea of giving George Lucas any more of your money, well, there's still Rocky Jones, Space Ranger.