Friday, September 30, 2011

The Monty Hall problem

This is a scenario made popular by the American game-show "Let's make a deal"; The host, the eponymous Monty shows the contestant three doors and tells them there is a car behind one of the doors and booby prizes (typically goats) behind the other two. The contestant gets to choose a door and then Monty opens one of the doors they didn't choose showing them a goat. He then offers them the chance to change their mind. Initially most people say something like "'s fifty-fifty, so no, I won't change" - but it's not 50/50, changing your mind at this point doubles your chance of getting the car.

Possibly because I did a year of Game Theory on my degree the first thought I had when I initially heard this problem was "where are the odds invested?". When you pick your first door your odds are a third. However - two-thirds odds are invested behind the other two doors and when Monty shows you which of those doors has a goat you know that none of the odds are now behind the door he just showed you; the car can't be behind that door (Monty showed you the goat). Your original door still has a third of the odds and so now the final door MUST carry the two-thirds odds that you didn't choose initially. Changing your mind now doubles your odds.
It's not a straight fifty-fifty because Monty introduced some new information half-way through the game. He showed you which of the two-thirds doors don't have the car.

The Wikipedia article is very good - I nicked the picture from there.

The problem is interesting because it shows how little innate understanding of game theory (and statistics, and probability) most people have. You gotta trust the maths, not your instincts.

Thursday, September 29, 2011

Recovering corrupt flash memory cards

The good thing about paid-for photo-recovery software is that they have an easy trial-model; they show you the images and videos they can recover and you stump-up your $50 to register the software and get at your pictures. I've had varying success with a coule of paid-for apps but I came across PhotoRec yesterday (it's part of a larger suite of tools).
Now, granted, the pay apps have nice GUIs while PhotoRec runs in the UNIX shell in a text-based interface, but it requires little interaction and gets the job done. It also runs on just about any common OS platform from Mac OS X to Windows to Linux to Solaris, etc. Link in the title.

Wednesday, September 14, 2011

Things that peaked my interest at IBC

I spent just a couple of days over at the RAI in Amsterdam. It was splendid to catch up with some old pals and Bryant Broadcast do an excellent night out. My main observation is that 3D/stereoscopic was no where near as prominent as it was last year and as the number of network delivery solutions increases the number of 'proper' transmitter companies seems to drop.

Newtek - updates to TriCaster, new model & control panel. The new 450 is very similar to the 850 but has only four HD inputs (against eight). The other things that I think are significant;
  • 3Play - their "poor man's EVS" has been improved. Running on what looks like a Tricaster 850 chassis it now has eight inputs and can run two outputs simultaneously. For sports slow-mo it is an excellent quick turn-around solution at the fraction of the cost of EVS.
  • VTR-style control for the DDRs in Tricaster; might suite some people.
  • Tricaster Extreme upgrade - allows for eight ISO records (can be either cameras or other internal/external sources, at different rasters and codecs than the main record).
  • They fixed the AUX audio in embedded HD-SDi I'd been moaning about!
  • The network sources (iVGA feeds) can now carry audio as well.
VidCheck - file-based QC is getting good! In fact this one looks like it needs serious consideration! I have a demo license on the way and will report back. Along with being able to test all the usual codecs etc it does full ITU.1770 audio loudness AND has numerous correction facilities; Tektronix AND Eyeheight, you might say.
  • Containers: MPEG-2 TS, MPEG-2 PS, MXF, MP4, MOV, ASF, AVI, LXF, GXF, FLV, F4V
  • Formats: Web, SD, HD, D-Cinema and many custom formats
  • Video: MPEG-2, IMX, XDCAM, D10, HDV, DV25, DVCPro50, DVCPro100/HD, AVC/H.264, VC-1, ProRes, DNxHD/VC-3, MJPEG
  • Audio: MPEG, PCM, WAV, AAC, stereo, 5.1 / 7.1 Dolby, multiple different language tracks
The really significant thing is the price €5k with paid options (DolbyE, ProRes etc) in the hundreds rather than thousands of pound. It also seems to handle multi-core computers much better, a single instance scaling to 28 cores.

AutoQue - they make broadcast monitors, who would have thunk it? They seem to be pitching them very much against the JVC DT-V24 series at the bottom end (a grand cheaper) and the VuTrix at the edit suite/grade-1 end (again, a lot cheaper). I have demo stock coming so I will write a bit more when I've seen them.

Other things worthy of note - Tek now have all their 3D analysis tools in the WVR/WFM-8000 series 'scopes. I had a very informative half-hour with Lee Ballinger from Tektronix going over them.

Friday, September 09, 2011

Security and the Diginotar debacle

You might have been following the trouble that the Dutch SSL-certificate issuing firm Diginotar have been suffering recently. It transpires that Iranian hackers have got into their system and have spent several months issuing themselves wildcard certs for well known domains, most notably * - it essentially means these ne'er-do-wells can sign certificates that look like they have come from Google and your browser would be none the wiser. In fact it's not that severe unless you've been the victim of another attack;
  • Man-in-the-middle attack - you might be in a coffee shop where someone has managed to poison the ARP-table in the router and inserted themselves into your wireless comms. If they served up the fraudulent cert they could make any domain (especially there own server) look like you were securely connected to.
  • DNS-poisoning attack - as highlighted by Dan Kaminsky a couple of years ago it is possible to for elderly versions of BIND and more contemporary versions of IIS to incorrectly serve up DNS look-ups. Once this is in place the fraudulent cert on the same server would have you believing you had a secure connection.
  • Corporate decrypting proxies; many corporations install their own certificate on all client machines and essentially do a man-in-the-middle SSL intercept. Your traffic to is encrypted, but it goes via the proxy where it is momentarily decrypted for your boss to look at! If a corporate proxy was compromised dodgy SSL certificates could have you believing you had an encrypted connection to Amazon.
All of this raises issues with SSL - when I first started using an SSL browser (Netscape Navigator v.2 IIRC in '95!) there were around seven or eight trusted issuing CAs. Now there are hundreds (including the Hong Kong Post Office!) and it comes as no surprise that some of them get compromised sometimes. What I don't understand is why browsers don't keep a record of the CA associated with domains and when they see a change (particularly if a cert had time to run) inform the user? There is a plugin I use for Firefox called "Certificate Patrol" that does just that and it's easy to use and unobtrusive.
Now then - the whole Diginotar story started three months ago and they didn't spill the beans until last week; security is never served by secrecy. Also - it took Apple far to long to patch Safari. I think if you're concerned about network security then avoid Safari on OS-X.