Last updateThu, 30 Sep 2021 9am


Introducing – Tools for Cinema Quality Assurance


Cinema Test Tools for the Non-Technical Manager 

  • A free resource for the cinema industry
  • Tuned most particularly for the non-technical manager.
  • Tools include:
    • Several DCPs for testing the sound and picture quality
    • Lessons on sound and light
    • Written to help communicate with the technicians

The key is a free Online Managers Online Walk Through Checklist that correlates with the many DCPs. It helps bring an understanding of the many nuances of the auditorium's situation in a straightforward way. 

Krack'd WPA2...and now, ROCA

KRACK Wifi bug logoWPA2 is the most common protocol used for protecting WiFi signals from being used by nefarious people for horrible things. As of 16 October, WPA – and all  its variants of WPA1, WPA2, personal and enterprise, including with TKIP, AES and GCMP – is officially broken. Until repairs are made to all equipment involved in a WiFi network – that means, equipment providing the signal and equipment using the signal – it is no longer a valuable security tool. The force is called KRACK = Key Reinstallation Attacks

The above video shows how a Man in the Middle attack is easily mounted against a user connected to the system, intercepting the data flow as if it weren't encrypted. Although a properly set up website with https (SSL) encryption will still hide a users data, an improperly set up site will not protect the user.

It is possible that a user will go to a site, see that it is protected by the classic lock symbol appearing on the URL line of the browser, then get hacked while thinking they are securely passing credit cards, email addresses, password and other information. The video shows being broken.

The discoverer of the attack says in his paper that the problem is a weakness in the WiFi standard itself, not any particular product. See: Breaking WPA2 by forcing nonce reuse

Updates will be required on all devices; routers, phones, portable computers, whether Android or Apple or Samsung or Cisco or Belkin or Linksys or Debian or Ubuntu or any of the suppliers of chips like Broadcom or ...well, everyone. There is a site tracking information on these companies:

Other articles:

What is the good news? First, trusting a wifi network has always been hit or miss. A poorly set up system would allow me to break into your computer on the other side of the room...or at least have a chance of it. So, now more people will be wary.

Another good point is that equipment which does not get patches out quickly – I'm thinking 3rd party Android phones from smaller suppliers for example, they are going to be known for the bad actors that they are. 

Finally, I suppose it will get more of us onto VPN, where a good tunnel still works. Yahoo! more things to know...


There is another crack that just hit the public as well, this one called ROCA. It has to do with a horror for the many who have used a particular bed of generator numbers to fulfill the promise of randomness when generating public keys.

We all know public key encryption, yes? The attack is on public key encryption. Too detailed to make a simple summary article. But it is a condemnation of keeping things hidden as a method for security – what's called "Security Through Obsurity".  When it is open and public, we can all see if there are hooks for the bad guys or the government (redundant?), or just plain errors a lot sooner. Here's is the detailed Technica article about it:

Millions of high-security crypto keys crippled by newly discovered flaw