Video editing in Linux?

DVD-Software.info
Your one stop source for DVD Software

FAQ

Memberlist

Profile

Video editing in Linux? Goto page Previous 1, 2, 3 ... 12, 13, 14, 15 Next

DVD-Software.info Forum Index -> General Video Discussion

Author

Message

J.O. Aho
Guest

Posted: Tue Nov 02, 2004 8:42 pm Post subject: Re: Video editing in Linux?

SjT wrote:

Quote:

Usually you trust the md5sum that is provided by the author on the projects
homepage, of course you can trust the md5sum that is announced on other sites,
but that is like trusting a serial killer not to kill you when he has the lust
for killing.
I've noticed that you and Ian both recommend to only download from the
'official' places, whatever they may be, does this mean that people
are pissing about with source code to try and catch newbies out?!

Official downloads tend to be more secure, it's like paying your bills, you
can go to the secure place, the bank, or you could just stop someone on the
street money and just hope that your bill will be paied.

The developers do in most case give the md5sum of their packages on their
sites, this way you can download it from your favorite site and check the
md5sum to see if it matches or not, if not, don't use it.

It's more likely that when you download a CSS application that you happen to
have downloaded a trojan than your OSS source you downloaded has been modified
with backdoors.

Quote:

I'd like to know as i'll be giving SuSE a good play this week and i'm
worried now..

See to in first case use official SuSe RPMs than those that strangers mail to you.

Quote:

MS had to buy up an OS developer to be able to release another type of OS than
the add on stuff for MSDos (or should we still call it qDos, which they did
buy and equip the IBMs with an operating system).

And your problem with that is what..?!

That MS hasn't created that much themselves, but used others already written code.

//Aho

J.O. Aho
Guest

Posted: Tue Nov 02, 2004 8:50 pm Post subject: Re: Video editing in Linux?

SjT wrote:

Quote:

"J.O. Aho" <user@example.net> Kissed me, Licked me, then left me a
note:

So this is why virus detectors don't detect new types of viruses?
You can enable smart scans on the virus checkers which will stop any
virus like activity writing to your system files etc. As you well
know.

Don't help in all cases, and the MS-Win-virus writers are getting better and
better, far ahead of MS and the anti-virus-developers.

Quote:

You know that there are those which disable both your virus checker and
firewall... great ain't it?
Well just as a linux user should check their digital signatures on
file downloads

All users should do this, regadles what system they use, if it's source or
binary, but the only time a MS-Win users does any check is when they have
downloaded a rar archive of the latest priated game.

Quote:

and the groups for updates to all their current software,

Why not let the machine itself hook up to the distros site and download,
install the latest update when it's released, without bothering the user with
the dull work?

Quote:

windows users get a bit of an inkling when their firewall or
antivirus icon is showing as disabled.
I wouldn't say it's great though.

Yes, it's great when the virus has disabled your firewall and anti-virus
program and you still see the icons that says it's running, you just wonder
why your computer is unusually slow and there is so much tcp/ip traffic.

//Aho

SjT
Guest

Posted: Tue Nov 02, 2004 9:16 pm Post subject: Re: Video editing in Linux?

rec.video.production removed.

"J.O. Aho" <user@example.net> Kissed me, Licked me, then left me a
note:

Quote:

You can enable smart scans on the virus checkers which will stop any
virus like activity writing to your system files etc. As you well
know.

Don't help in all cases, and the MS-Win-virus writers are getting better and
better, far ahead of MS and the anti-virus-developers.

Totally agree, and i think it's been absolutely rife since all the
Iraw 9/11 business, i don't know whether that is a factor or not.

Spyware has been incredibly bad, in fact i find that harder to control
than traditional virus's (There's a very fine line now between the two
imo).

What kind of protection do you require on Linux for virus's and
spyware? i just presumed that it is not required, but never really
thought about it before.

Quote:

Well just as a linux user should check their digital signatures on
file downloads

All users should do this, regadles what system they use, if it's source or
binary.

Well, the only place you see digital signatures are from MS when
installing drivers IME, applications come straight down with no check
in MS Windows so there's not much you can do to check except rely on
your Anti virus working and if there is something on there that it's
been known about for a few months.

It's a pretty shit time for those that haven't a clue about computers,
and in fact that exploit which shut windows down after a minute or so
pretty much rocked every windows user and caused me no end of trouble
helping out mates and strangers who had me recommended to them. (They
always lose important documents but never the ones with your phone
number.. why is that?!:)

Quote:

windows users get a bit of an inkling when their firewall or
antivirus icon is showing as disabled.
I wouldn't say it's great though.

Yes, it's great when the virus has disabled your firewall and anti-virus
program and you still see the icons that says it's running, you just wonder
why your computer is unusually slow and there is so much tcp/ip traffic.

Yeah, anyone who knows there computer (And this probably includes the
majority of linux users) would know something is up.

Of course, and we keep getting back to them, the newbie family-types
who are totally clueless will get caught out, and really the only
answer is switch to MacOS or Linux, personally i would love to
recommend linux as it's cheap (We all know how much Apple like to
charge) but jesus i would have phone call after phone call.. Who knows
though, maybe i could convert the town where i live if me and SuSE hit
it off this week/month ;)

--
Playing: FIFA 2005.... Thats it atm
Awaiting: PES4 & HALO2 (Yawn yes i know)

Chris
Guest

Posted: Tue Nov 02, 2004 11:47 pm Post subject: Re: Video editing in Linux?

Bill Unruh wrote:

Quote:

Tony Morgan <tonymorgan@xtreme.pipex.net> writes:

]In message <clokdr$igm$1@uns-a.ucl.ac.uk>, "Daniel Kelly (AKA Jack)"
]<d.kellyNOSPAM@NOSPAM.ucl.ac.uk> writes
]>Hmm...that approach seemed to work for DreamWorks, ILM and Pixar!

]I'm not familiar with those products.

]Are they Linux apps? And are they competing with similar products in a
]large marketplace that is dominated by (functionally similar)
]established products?

???? Sheesh. YOu have heard of the United States?
Those are the three largest companies in computer animation/special
effects. They are huge companies. One or the other has been involved in
every film you have seen in the past 10 years.

You are rude aren't you. Most people associate the United States with
starting wars these days, not special effects and production companies.

Perhaps you should have said, "Afghanistan, Irag, war on terrorism.
Sheesh, you have heard of the United States?"

Ian Molton
Guest

Posted: Wed Nov 03, 2004 12:36 am Post subject: Re: Video editing in Linux?

SjT wrote:

Im going to try and consilidate some of your multi-thread replies here
to save some space...

Quote:

and this is a OSS specific problem because?

Quote:

Back up your claim.

I haven't got the drive or time to do it to be honest, but it's easy
as fuck,

So easy you can do it just like that but you dont have the time... OK.

Quote:

all i gotta do is take the source file and add my own routine
in there and send it on for someone to use..

Thats not hacking a program its social engineering. you could take a
shellscript that does 'rm -rf /*' and name it 'openoffice.exe' and
convince some schmuck to run it.

Do you know what 'hacking' is?

Quote:

When i get linux i will modify some code and send to you, just
something silly like deleting files or something along those lines.

I'll happily NOT execute it then. Your challenge is to get the malicious
content onto my machine AND executed.

Quote:

Ahh, so you *dont* have any real expertise in C then?

No, because i only use it for games and databases that's not classed
as 'real' expertise. What point are you trying to make?!

The way you talk about main.c 'calling' other things, for one. Your use
of language in this field makes it clear you are far from an expert.

Quote:

You're a very defensive cynic aren't you?! Can't you see i'm not
wanting an argument with you, neither am i wanting to bullshit you,
i'm actually asking for a hand and understanding what makes OSS so
secure over CSS.

Perhaps you are, but you'll forgive me being cynical when I rebut your
point and you come back along these lines :

You: P2P is all about piracy
Me (rebuttal): LFS uses bittorrent to distribute its sourcecode legitimately
You: yeah, well, uh. *bit torrent sucks*.

Im sure you see my point.

Quote:

the transfer method is irrelevant. I could have pigeons carry the code
from the server to my house, written on little bits of paper in hex. As
long as the signature and checksums verify, the odds are very (VERY)
good that the file is genuine.

Would you get the sigs and checksums seperate from the download? or
would you rely on them being included.. If they are included whats the
chances of them being modified too?!

seperate. often countersigned. google 'web of trust'

Quote:

It is more insecure,
If so why do M$ use linux DNS servers?
Because they are coded by themselves i would imagine.
Laughable.

You think MS are not capable of coding in linux?! You really have got
a problem with MS havent you?

Of course they're capable. In fact, theres even code in linux' kernel
written by one or two of M$ engineers, in their spare time. (or
certainly used to be).

Quote:

If it wasn't because of them you wouldn't have half the things you use
today, they've really pushed the home market excessively.

UTTER crap. Before I came to use linux on a day to day basis I used a
small british OS called RISC OS, which was very good in its day and to
this day continues to be a source of innovative new software. its GUI
has an ease of use even linux cant offer. The only reason I no longer
use it is cost - M$ managed to get the PC sop entrenched that it
marginalised the other manufacturers and made the hardware impossible
expensive. (I also consider the core kernal and OS in RISC OS to be
inferior to linux, even if a lot of the software is jsut as good).

if M$ hadnt been able to ride the 'my office uses PCs lets have one at
home because thats what I use at work' trend, we'd be a lot better off
today. we'd have multiple manufacturers competing for the market and so
prices would be at least as low as they are now.

Quote:

What do you use your computer for though? i mean it sounds like all
you do is code and tinker around, i see nothing that really pushes
linux to the point where you would have to boot up windows.

That makes no sense to me. things like continuous monitoring of the data
from my radio would be much harder on windows. I play videos, re-encode
them, listen to music, download files, hack code, play games. a lot of
what I do pushes my CPU really hard. My kernel does its best to not
waste CPU time that would otherwise be spent on those tasks. My
filesystems do thewir best to not hog the CPU and ttransfer data
quickly. My network drivers are low latency and faster than a windows
user reported here recently by a factor of about 2. Why would I want too
switch to windows where I'd have a single desktop (not 7 virtual ones)
for all those tasks, AND have my network performance halved?

Quote:

it's a marvel of programming i beleive.

Your beliefs are your own...

No other company has managed such an OS to my knowledge.

Many have. Apple, Suse, RH, Sun, Digital...

Quote:

I've noticed that you and Ian both recommend to only download from the
'official' places, whatever they may be, does this mean that people
are pissing about with source code to try and catch newbies out?!

Im sure some people do that kind of thing. It doesnt matter though -
morons / newbs will always be caught out once they move away from the
protection of their vendor and out into the big scary untrustable world.

Anyone wanting a secure box will only use software with good signatures
/ sums from reliable sources, preferably crosschecked against another
source, and even audit the code themselves. Anyone not doing this is by
definition less secure.

Distros do the checks for you on their officially supported stuff. if
you wander from there you have to check the other stuff yourself.

Same with windows. same with any other OS.

Quote:

I said that XP is a work of genius, it's only my opinion, i don't care
who wrote what bits and what code was stolen from who

Quote:

Its possible on ANY software binary.

It's possible but not as easy,

Its a piece of cake for any competant programmer.

and for the incompetant ones, simply rename nuke.exe to norton_setup.exe

[updates]

Quote:

What if i don't want to be checking to make sure i'm up to date?!

Well the distros all provide some form of auto update notification. if
you go it alone you have to do it yourself I suppose.

The notification will probably extend to any software packaged for the
distro I guess. I havent checked though.

[security]

Quote:

If that's how it is then OSS has as many cons (albeit different ones)
as CSS, which is as i thought, conversation ended.

No-one said OSS didnt have flaws.

an OSS *binary* has all the exact same pros and cons as a CSS one, no
more, no less.

however you also get the *source* which allows you to play with, hack
at, browse for holes, or whatever, the code. you can make a new binary
if you like.

the advantage this offers is that security holes are *generally* found
faster and can be fixed by anyone. There is NO disadvantage since
socially engineering hacked source onto someones PC is at least as hard
as doing the same with a hacked binary. in fact probably harder as you
have to convince them to compile and install the thing too.

[security again - installing hacked code]

Quote:

This same user could be using OSS on linux, think about that.

If I did that here, the worst I would do is wipe out my user data files.
My OS would remain untouched. (barring a kernel or SUID binary bug, of
which there are no currently exploitable examples)

You ask how a malicious contribution to a source project would be
spotted. Well the submission would (normally) go through a project
maintainer. the would read the patch and see something like

- security_check()
+ /* Remove temp files */
+ rm -rf *
+

and I would hope any smart developer would at least check that out.

Quote:

Lot of messing around though isn't it?

some significant basic security is as simple as opening a terminal
su test_user
then run the app. unless your kernel has a bug (not likely) the worst
that will happen is test_user loses ther files (no big loss as you can see).

Quote:

as you well know there are only a small number of
actual C functions as standard.

none, in fact. you're probably thinking of the C library, which isnt
actually required at all.

[project development]
Ok, so the original author of the software releases the official
package, what happens then if say 10-20 alternative versions come
back? how do they decide which one to put up?

what do you mean? 10 - 20 differnt versions that do the same thing or
10-20 new features people have created?

either way, the dev will review each patch and either reject or accept
it. often a patch will be rejected simply on the grounds that its
unrealistically large and thus uncheckable in a reasonable timeframe.
the patches author would be asked to break the patch down into
bite-sized patchlets that have more defined and checkable functions.

Sometimes a person or group of people take a project and 'fork' it into
two seperate projects. often the forks develop for a while and then
merge back into the original project. sometimes they become new projects
in their own right.

Quote:

Your 'server' isnt sitting out there in the wild, its a poxy no-load
Internal nothing server.

I thought you claimed that MS Windows couldn't stay up for as long?

Anything can stay up forever if it doesnt do anything. Well, except
windows - at least one version couldnt stay up more than something like
39 days even then...

[protection, spy/mal ware]

Quote:

Totally agree, and i think it's been absolutely rife since all the
Iraw 9/11 business, i don't know whether that is a factor or not.

9/11? ROFL yeah ok. btw, its 11/9 in the civilised world :-)

Quote:

What kind of protection do you require on Linux for virus's and
spyware? i just presumed that it is not required, but never really
thought about it before.

Blanket statements are bad, but basically, nothing. a firewall doesnt
hurt and will help you detect anything untoward. virii on unix type
systems are nonexistant despite the fact that the majority of the
(servers on the) net use it, and would be supremely plummy targets
thanks to their phat connections.

spam is just a problem in general linux mail clients wont execute it for
you, however, and there are a number of sophisticated spam detection
tools available. mozilland and konqueror disable spyware in general,
although I guess home useres will always be trickable in the long run.
It is *possible* however to deny non root users the ability to execute
programs from their home directories (the only space they can access)
however, which should cover that problem should it ever arise...

[hardware]

Quote:

So, like I said you bought the hardware, and with M$ applications in
mind, you decided that was more important to you than linux.

No, i checked the card before buying it and asus listed it as being
compatible with linux, it didnt' work on their prototype drivers so
rather than take a good card back to the shop for one with lesser
performance so i stuck with as the majority of time i will be running
windows.

Look, if you bought the thing for windows and its drivers sucked youd
have taken it back. either treat linux the same way or stop whining as
you only have yourself to blame on this one. I will *bet* it wasnt the
only device able to perform that well, there were HUNDREDS of TAs to
choose from at that time.

[DSP work]
You say that DSP work isnt CPU load dependant. You are WRONG. just
because you have a blazingly fast CPU doesnt mean this isnt true, it may
simply make it irrelevant for you.

You wrote it yourself -

"Upgrading my CPU recently i gained the benefit of adding more FX
and instruments, no more latency though."

See?

Oh btw, you claim 3ms latency on your system and think its good? I've
just done some research and found that this was the level linux was at a
few years ago (2.2.10 kernel era) and on a 350MHz K6-II at that. Further
googling found a quote from one of the linux developers as follows:

"Worst-case scheduling latency with *very* intense workloads is now
0.8 milliseconds on a 500MHz uniprocessor."

Admittedly thats scheduling latency but if your workload is in memory
(and lets face it RAM is cheap) then your audio latency wont be much
more than that.

And to finish...

Cubase equivalent - rosegarden
premiere equivalent - cinelerra
office equivalent - take your pick - gnome, kde, openoffice, and a couple
others.
media players: xmms, beep, mplayer (and others)

and thats just the stuff with GUIs...

SjT
Guest

Posted: Wed Nov 03, 2004 4:27 pm Post subject: Re: Video editing in Linux?

Ian Molton <spyro@f2s.com> Kissed me, Licked me, then left me a note:

Quote:

Im going to try and consilidate some of your multi-thread replies here
to save some space...

Good idea, although i don't like the way your finger is pointing at me
;)

Quote:

Because the possibility exists that you may be able to modify that
source code and have it accepted to appear on the official site, it
only takes a lapse and for it to be up for a day.

I'm just thinking of possibilities i'm not saying it is happening or
it will happen.

Quote:

I haven't got the drive or time to do it to be honest, but it's easy
as fuck,

So easy you can do it just like that but you dont have the time... OK.

No, i have no reason to want to modify someones source file to do
whatever you would want, i would have to first get linux installed,
find an IDE that i like using and find and learn linux netcode
libraries or file system if i just wanted to cause damage.

I really can't be arsed to do all that to prove a point to you.

Like i said, anyone with that knowledge could perform some kind of
damage to the end users machine, it goes without saying.. Sure there
are obviously methods to stop this but you must allow for human error.

Quote:

all i gotta do is take the source file and add my own routine
in there and send it on for someone to use..

Thats not hacking a program its social engineering. you could take a
shellscript that does 'rm -rf /*' and name it 'openoffice.exe' and
convince some schmuck to run it.

Yes, but they won't be running that day after day completely oblivious
to what is happening would they?!

It is totally viable that you could modify the source code out there
to perform pretty much any task you wanted it to. Getting it through
the checkers is another issue of course, but it will be breached if
enough people try, in the same way that Windows security gets
breached.

Quote:

Do you know what 'hacking' is?

no, sorry, not a clue.

Quote:

Why the fuck would i want to do that to you? I haven't got the time
or the desire to screw other people's machines up.

If you asked me years ago when i was at uni and not all settled down
then hell yeah i would've taken the challenge, but i really have not
got the time or drive to do it.

Quote:

No, because i only use it for games and databases that's not classed
as 'real' expertise. What point are you trying to make?!

The way you talk about main.c 'calling' other things, for one. Your use
of language in this field makes it clear you are far from an expert.

So you cannot call subs or functions from main.c then?

Are you mad?!

Quote:

If you rephrase it like that, sure you may have a point, but the point
i made was that not everyone can use bittorrent, a few ISP's block
ports 7001-7009 so forcing you to use alternatives causes a very very
slow download rate which is near unuseable.

I didn't say that bit torrent sucks at all. I prefere FTP's or
newsgroups as you get the full bandwidth, personal preference of
course, i think bit torrents a great idea though and to think that one
guy came up with it yet no-one really uses his software is fecking
typical.

Quote:

If it wasn't because of them you wouldn't have half the things you use
today, they've really pushed the home market excessively.

UTTER crap. Before I came to use linux on a day to day basis I used a
small british OS called RISC OS, which was very good in its day and to
this day continues to be a source of innovative new software.

Yeah i've used RISC OS, as you say, very good, excellent at
multitasking.

Quote:

if M$ hadnt been able to ride the 'my office uses PCs lets have one at
home because thats what I use at work' trend, we'd be a lot better off
today. we'd have multiple manufacturers competing for the market and so
prices would be at least as low as they are now.

Not true, alot of hardware is cheap because they know the majority
would be using it on windows, therefore they can take the option of
utilizing the cpu through windows to process what would normally be
done in hardware (i.e. like a winmodem).

That has bought hardware prices down, as the hardware only solutions
have to be competitive, on top of that Microsoft push alot of money
into pushing windows into homes and businesses and so the amount of
users grow, hence the hardware sales increases, thus lower prices.

Quote:

i mean it sounds like all
you do is code and tinker around, i see nothing that really pushes
linux to the point where you would have to boot up windows.

That makes no sense to me. things like continuous monitoring of the data
from my radio would be much harder on windows. I play videos, re-encode
them, listen to music, download files, hack code, play games.

I don't know about monitoring your data from the radio, but all those
tasks are miniscule, i doubt your cpu even hits 10% of its potential
(Thats assuming you have a modern processor) until you play a game or
re-encode video, hardly what i would define as pushing an OS.

Quote:

My
filesystems do thewir best to not hog the CPU and ttransfer data
quickly. My network drivers are low latency and faster than a windows
user reported here recently by a factor of about 2. Why would I want too
switch to windows where I'd have a single desktop (not 7 virtual ones)
for all those tasks, AND have my network performance halved?

I'm not saying you should switch to windows?!

It's horses for courses, the only option that appeals to me in that
paragraph is an efficient filesystem of course, i dont want 7 virtual
desktops or a super fast network performance at home, i just want
software that does what i want and enhances my creativity, not stifles
it.

Quote:

Not true, you have that 'innovated' option with linux, surely?
Although what you would call innovation others would label as change
and would not be happy with it.

MS have a great business model, and it is frustrating if you dont like
them, but take your hat off at what they've done in a business sense ,
they are a very aggresive company.

Quote:

Its possible on ANY software binary.
It's possible but not as easy,
Its a piece of cake for any competant programmer.

It's a piece of cake for anyone who knows what they're doing yes, and
who has time on there hands.

Quote:

and for the incompetant ones, simply rename nuke.exe to norton_setup.exe

But that's not modifying the norton code is it?! nuke.exe would be
eaten up by the virus checker upon coming down from the net.

I'm specifically talking about modifying software to run code that is
imbedded within the original source code, not tagged onto the end of
the file, not renaming a file to something else, actually built within
the core functions of the software.

Quote:

however you also get the *source* which allows you to play with, hack
at, browse for holes, or whatever, the code. you can make a new binary
if you like.

Sorry, didn't realise you could 'hack' source code when it's freely
offered?!

Quote:

[security again - installing hacked code]
This same user could be using OSS on linux, think about that.

If I did that here, the worst I would do is wipe out my user data files.
My OS would remain untouched. (barring a kernel or SUID binary bug, of
which there are no currently exploitable examples)

Whatabout running a server which opens your ports? or permissions to
delete/rename files on your HDD's?

I can't see how you can run read-only rights when re-encoding video
for example.

Quote:

maintainer. the would read the patch and see something like

- security_check()
+ /* Remove temp files */
+ rm -rf *
+
and I would hope any smart developer would at least check that out.

What?! You wouldn't go down that path at all, besides that looks more
like a batch/script file to me, if attempted to compile it i would
expect to see some errors!??

You would hide it amongst other code, i.e. add a function into one of
the files defined as an include and call it when required later in the
code.

So many options as you well know.

Quote:

then run the app. unless your kernel has a bug (not likely) the worst
that will happen is test_user loses ther files (no big loss as you can see).

And what if the app in question requires admin rights? Would you
question that?

Quote:

as you well know there are only a small number of
actual C functions as standard.

none, in fact. you're probably thinking of the C library, which isnt
actually required at all.

Yes, hence why i labelled them as 'standard'.

Quote:

[project development]
Ok, so the original author of the software releases the official
package, what happens then if say 10-20 alternative versions come
back? how do they decide which one to put up?

what do you mean? 10 - 20 differnt versions that do the same thing or
10-20 new features people have created?

I mean the original authors received 10-20 emails with attachments (Or
however they are submitted) saying 'hey, found a few bugs and fixed
them...' they then detail the bugs, and they're all vary to what has
been fixed and what hasn't. (Of course one of these could be an
arsehole who has fixed a few glitches but added some unwanted code
which causes some kind of damage. Attaching his notes to what has been
fixed in the hope that the other code isn't spotted)

Quote:

Is there ever a time when code is not approved for being too big or
deemed not to be useful, yet there is a demand for it so to obtain
this 'extra' version you would have to use non-official means?

Quote:

I thought you claimed that MS Windows couldn't stay up for as long?

Anything can stay up forever if it doesnt do anything. Well, except
windows - at least one version couldnt stay up more than something like
39 days even then...

It's hardly doing nothing.. it's serving all our users here, admit it,
in the right hands windows is pretty useful and does what it says on
the tin ;)

Although saying that we had a power cut yesterday and the frigging UPS
failed on us, so it has gone down! You caused this! ;)

Quote:

[protection, spy/mal ware]
Totally agree, and i think it's been absolutely rife since all the
Iraw 9/11 business, i don't know whether that is a factor or not.

9/11? ROFL yeah ok. btw, its 11/9 in the civilised world :-)

You don't think then?

I know here at work we've seen nothing like it before the 911
business, i mean we have a mailshot system for our customers to inform
them of product updates etc and in the past we've hit 2000-3000 emails
with very few problems, but recently our net box has been hit with
everything and the amount of virus infested mails that we have hitting
our list@ address is horrendous, luckily trend is doing a good job but
i got it updating every 30 mins.. just incase, cause its me who will
get it.

In fact i've already been moaned at this morning because the server
took a few minutes to get up and running again, i mean ffs it takes
almost as long for their machines to boot.

Quote:

So virus's are a possibility on Linux, its just that they dont exist?

Pretty interesting stuff that, what firewall would you recommend?

Quote:

spam is just a problem in general linux mail clients wont execute it for
you, however, and there are a number of sophisticated spam detection
tools available. mozilland and konqueror disable spyware in general,
although I guess home useres will always be trickable in the long run.

My email is pretty sound for spam, i'm really careful what i do with
it, i use x@mydomain.com when subscribing to lists, where x = the list
name so i know exactly where spam comes from if i get it and so deal
with it straight away.

Quote:

Well no doubt if i was prepared to wait long enough asus would have
put good drivers up, i dont know, i just wasnt prepared to sacrifice
windows functionality for a linux play-around.

I'm just showing you easily it is to be put off from linux, i'm sure i
wont have that problem now i've got a netgear though.

Quote:

[DSP work]
You say that DSP work isnt CPU load dependant. You are WRONG. just
because you have a blazingly fast CPU doesnt mean this isnt true, it may
simply make it irrelevant for you.

I said that the DSP latency does not differ when put under load, i
used to run VST on a 400mhz machine comfortably, the only limit
regarding the cpu was how many effects could be processed, if my max
was 10 then no matter whether i was using 1 or 10 the latency did not
alter.

Quote:

"Upgrading my CPU recently i gained the benefit of adding more FX
and instruments, no more latency though."

See?

Yes it didn't affect latency which, your point that latency would be
affected when the cpu was under load is incorrect.

Quote:

*snip*

I was referring that windows can turn around my line-in source, add
several effects on to it, play soft synths in real time and god knows
how many other audio tracks with real time DSP on them, all within
5.33ms.

Linux at the moment can't even do that due to the software not
existing, so it cannot be compared.

Quote:

Cubase equivalent - rosegarden
premiere equivalent - cinelerra
media players: xmms, beep, mplayer (and others)

Excellent cheers for those, very interested to see how cinelerra, main
actor and rosegarden compare to what i use currently.

Hopefully rosegarden will become popular and people will write a lot
of plugins for it.

Seriously, thanks for that it was exactly what i was looking for, just
looked online, i'm quite excited to try it out now as even sound on
sound are saying its great :D

--
Playing: FIFA 2005.... Thats it atm
Awaiting: PES4 & HALO2 (Yawn yes i know)

Ian Molton
Guest

Posted: Wed Nov 03, 2004 8:02 pm Post subject: Re: Video editing in Linux?

SjT wrote:

Quote:

No as the malicious version, say, open office for example, would run
totally normal for months and months until that person suddenly finds
out that they've been had either by some serious CC theft or just
reading a news item somewhere.

and this is a OSS specific problem because?

Because the possibility exists that you may be able to modify that
source code and have it accepted to appear on the official site, it
only takes a lapse and for it to be up for a day.

Such a lapse has not happened in any mainstream linux OSS project I am
aware of to date.

Quote:

I'm just thinking of possibilities i'm not saying it is happening or
it will happen.

Its no more or less likely than a maliciously modded CSS binary. CSS
binaries have the *dis* advantage that you cant compile another one and
compare it to the one you have, by the way, thus making it *impossible*
to check the validity of the binary without co-operation from the vendor
(not always available).

Quote:

They wouldnt need to.

besides, what about a script like

run malicious keyboard scanner in the background
run real application

that can and does go undetected for months at a time.

Quote:

It is totally viable that you could modify the source code out there
to perform pretty much any task you wanted it to. Getting it through
the checkers is another issue of course, but it will be breached if
enough people try

I disagree. if a maintainer hasnt got time / inclination to check they
wont just accept it, they will drop it.

Quote:

Do you know what 'hacking' is?

no, sorry, not a clue.

Clearly.

Quote:

When i get linux i will modify some code and send to you, just
something silly like deleting files or something along those lines.

I'll happily NOT execute it then. Your challenge is to get the malicious
content onto my machine AND executed.

Why the fuck would i want to do that to you? I haven't got the time
or the desire to screw other people's machines up.

To prove your assertion that its easy. I promise I wont sue you.

Quote:

The way you talk about main.c 'calling' other things, for one. Your use
of language in this field makes it clear you are far from an expert.

So you cannot call subs or functions from main.c then?

Correct.

Quote:

Are you mad?!

nope.

main.c doesnt call ANYTHING.

when you compile main.c, assuming we're talking of a multi-file project
here, which you clearly are, you will get a main.o object file, with
unresolved references in it. you will also get .o files for your other
source files and once you have them, you use a linker to resolve
internal and external interdependancies in the object files. At run
time, the dynamic linker resolves any remaining library references (dlls
on windows).

but main.c doesnt call squat, and in fact you could sub in a completely
different set of .o files as long as the references match up, and main.c
wouldnt have a clue you did it. The program might behave in a completely
different manner too.

eg. main.c looking like

int main(void) { // yeah, improper prototype I know */
do_something();
return 0;
}

would compile with a reference to do_something() which could be ANY
function in ANY other source file, which (when compiled) had the same
symbol (do_something).

Quote:

I never claimed everyone could.

Quote:

a few ISP's block
ports 7001-7009 so forcing you to use alternatives causes a very very
slow download rate which is near unuseable.

Huh? are you seriously suggesting some port numbers are slower than others?

Quote:

Actually RISC OS uses co-operative multitasking and any one app could
hang the system easily. so no, not really.

RISC OSes strength was a GUI which has almos the same flexibility as a
commandline. its REALLY well layed out.

Quote:

Not true, alot of hardware is cheap because they know the majority
would be using it on windows,

That wasnt the case 15 years ago when all this started.

Quote:

therefore they can take the option of
utilizing the cpu through windows to process what would normally be
done in hardware (i.e. like a winmodem).

The 'winmodem' is the only REAL example of this type of thing. not much
else does its DSP work in software, barring audio.

Graphics cards do a TINY amount of emulation, and my DVB TV tuner lets
the CPU handle mpeg decode, but thats not exactly a windows specific
acceleration.

All this came AFTER windows was dominant anyway - because if the
manufacturwers knew they could sell enough to putrely windows users to
get away with it. this wasnt the CAUSE of windows rise.

Quote:

That has bought hardware prices down, as the hardware only solutions
have to be competitive, on top of that Microsoft push alot of money
into pushing windows into homes and businesses and so the amount of
users grow, hence the hardware sales increases, thus lower prices.

Indeed. the product is not being pushed on its own merits - hardly fair.

Quote:

I don't know about monitoring your data from the radio, but all those
tasks are miniscule, i doubt your cpu even hits 10% of its potential

Im talking 2048 point fourier transform...

Quote:

(Thats assuming you have a modern processor) until you play a game or
re-encode video, hardly what i would define as pushing an OS.

Hrm. Quake3 uses about 5%-10% of my CPU time (under linux). so much for
that theory. all modern (3d type) games push the video card FAR harder
than the CPU.

Quote:

I dont see how having multiple desktops or good network performance
could stifle your productivity.

Quote:

I care. If it wasnt for the stolen code M$ would have had to write it
themselves. instead they used the advantage to crush their competition,
resulting in a stagnant (albeit cheap) market with no real innovation.

Not true, you have that 'innovated' option with linux, surely?
Although what you would call innovation others would label as change
and would not be happy with it.

Theres not much 'innovative' in linux, its a fairly typical unix class
OS. It is reasonably well written and has a lot fo reasonably well
written software available for free.

Not to say there is nothing innovative about linux but really innovation
only hapepns at the very edge of the software world (no matter what your
OS is).

Quote:

MS have a great business model, and it is frustrating if you dont like
them, but take your hat off at what they've done in a business sense ,
they are a very aggresive company.

the USA is aggressive in its international relations, yet I doubt many
would take their hat off to them...

Quote:

and for the incompetant ones, simply rename nuke.exe to norton_setup.exe

But that's not modifying the norton code is it?! nuke.exe would be
eaten up by the virus checker upon coming down from the net.

I suggest you test your theory there. I bet you a script containing that
code would sail straight through.

Quote:

I'm specifically talking about modifying software to run code that is
imbedded within the original source code, not tagged onto the end of
the file, not renaming a file to something else, actually built within
the core functions of the software.

Why do it the hard way, especially when it makes detection easier?

Quote:

On linux when you run a program it runs with the priveliges of the user
who launched it. since the applications and system setup are owned by
root, and any non-stupid user would never be running as root, it is
impossible (barring an exploitable kernel bug) to alter those files.

Quote:

I can't see how you can run read-only rights when re-encoding video
for example.

I didnt say read only. you can set things up so that you cant (as a non
root user) execute software that wasnt installed by root. thus even if
you did download a virus, it'd be owned by yourself and thus could not
be executed.

for non executable files, you would still have full read/write capability.

Quote:

maintainer. the would read the patch and see something like

- security_check()
+ /* Remove temp files */
+ rm -rf *
+
and I would hope any smart developer would at least check that out.

What?! You wouldn't go down that path at all, besides that looks more
like a batch/script file to me, if attempted to compile it i would
expect to see some errors!??

Its intended to give you some idea of what a (unified diff style) patch
looks like.

Quote:

You would hide it amongst other code, i.e. add a function into one of
the files defined as an include and call it when required later in the
code.

So many options as you well know.

patches ONLY show the *differences* between the original and the
modified version. any attempt to insert malicious code would stick out
like a sore thumb. thats the reason large patches are often rejected out
of hand btw - they are too hard to read properly.

Quote:

And what if the app in question requires admin rights? Would you
question that?

I certainly would. but you can still test those by using a chroot
environment, the rest of the system remains safe. (to a point).

Quote:

Sometimes a person or group of people take a project and 'fork' it into
two seperate projects. often the forks develop for a while and then
merge back into the original project. sometimes they become new projects
in their own right.

Is there ever a time when code is not approved for being too big or
deemed not to be useful, yet there is a demand for it so to obtain
this 'extra' version you would have to use non-official means?

Yes, however then you are really on your own and likely heading into
developer-only sort of territory. One cant defend a truely determined
idiot...

Quote:

It's hardly doing nothing.. it's serving all our users here, admit it,
in the right hands windows is pretty useful and does what it says on
the tin ;)

You mentioned its serving about 2-3000 emails a day. a 386 could do that
running linux...

Quote:

Although saying that we had a power cut yesterday and the frigging UPS
failed on us, so it has gone down! You caused this! ;)

Bwhahahaha :-)

Quote:

9/11? ROFL yeah ok. btw, its 11/9 in the civilised world :-)

You don't think then?

I know here at work we've seen nothing like it before the 911

smap was onthe increase before it and has been ever since then. I saw no
sharp rise.

Quote:

Given ANY software can have bugs, they are a possibility on ANY system.

It happens that linux is well though t out enough that despite
considerable incentive there are no current examples out there. there
was a work that targetted specific redhat machines once but that was a
long while back now.

Quote:

Pretty interesting stuff that, what firewall would you recommend?

Linux kernel has a very efficient well thought out stateful firewall
built in. you need the iptables software to control its behaviour.

Quote:

Which is exactly what I said - you bjuought it with windows more in mind
than linux, and you got what you payed for.

Quote:

[DSP work]
You say that DSP work isnt CPU load dependant. You are WRONG. just
because you have a blazingly fast CPU doesnt mean this isnt true, it may
simply make it irrelevant for you.

I said that the DSP latency does not differ when put under load, i
used to run VST on a 400mhz machine comfortably, the only limit
regarding the cpu was how many effects could be processed, if my max
was 10 then no matter whether i was using 1 or 10 the latency did not
alter.

"Upgrading my CPU recently i gained the benefit of adding more FX
and instruments, no more latency though."

See?

Yes it didn't affect latency which, your point that latency would be
affected when the cpu was under load is incorrect.

Look, some DSP processes are commutative (use a dictionary). Others
arent. there are, IOW, some effects where (theoretically) a near
infinite number can be layered without any slowdown. If you use ONLY
those, I'll agree with you.

HOWEVER not all effects can be done this way. you ARE WRONG.

Quote:

Oh btw, you claim 3ms latency on your system and think its good? I've
just done some research and found that this was the level linux was at a
few years ago (2.2.10 kernel era) and on a 350MHz K6-II at that. Further
googling found a quote from one of the linux developers as follows:

*snip*

I was referring that windows can turn around my line-in source, add
several effects on to it, play soft synths in real time and god knows
how many other audio tracks with real time DSP on them, all within
5.33ms.

Linux at the moment can't even do that due to the software not
existing, so it cannot be compared.

the software does exist, in at least 5 or six different projects that
you can choose from.

Quote:

Cubase equivalent - rosegarden
premiere equivalent - cinelerra
media players: xmms, beep, mplayer (and others)

Excellent cheers for those, very interested to see how cinelerra, main
actor and rosegarden compare to what i use currently.

Bear in mind I have never as much as downloaded rosegarden, cinelerra or
mainactor. YMMV.

SjT
Guest

Posted: Wed Nov 03, 2004 10:06 pm Post subject: Re: Video editing in Linux?

Ian Molton <spyro@f2s.com> Kissed me, Licked me, then left me a note:

Quote:

Do you know what 'hacking' is?
no, sorry, not a clue.

Clearly.

Maybe you could explain sarcasm to me too? ;)

Quote:

Why the fuck would i want to do that to you? I haven't got the time
or the desire to screw other people's machines up.

To prove your assertion that its easy. I promise I wont sue you.

Well as it's got to affect you and only you i can't see how i can do
it without affecting other users, especially as you wouldn't run
anything that i was to send you direct?! ..If i was going to take
your challenge that is. ;)

Quote:

when you compile main.c, assuming we're talking of a multi-file project
here, which you clearly are, you will get a main.o object file, with
unresolved references in it.

I have never dealt with main.o in my life, i am referring to the files
before compiling, you seem to be referring to the files which are
created after you compile?!

Remember i'm using Visual C which is a fully integrated
compiler/linker so i literary create the main.c, #include any of the
headers i require and off i go. I'm always running functions which
make calls to those header files from main.c.

And when i modify the Z80 code i'm compiling down to a hex file to
burn onto an 512K M27C style IC, which again i use a custom made IDE.

Are you perhaps referring to CPP (C++) maybe?! I am going to be
learning that after xmas as i beleive it's quicker and is based around
object orientated programming.

Quote:

a few ISP's block
ports 7001-7009 so forcing you to use alternatives causes a very very
slow download rate which is near unuseable.

Huh? are you seriously suggesting some port numbers are slower than others?

No, if your ports are blocked it limits the number of connections that
are sucessfully made and thus slows the download rate. At least
that's my understanding of it. There may be issues with resolves as
well, but i dont know.

Quote:

Yeah i've used RISC OS, as you say, very good, excellent at
multitasking.

Actually RISC OS uses co-operative multitasking and any one app could
hang the system easily. so no, not really.

Ok, looks like i'm getting confused, what i was thinking of was the
old Acorn machines that had the RISC CPU's that could multitask, i
could have sworn that was RISC OS running on them too .. it was a long
time back when i was at uni and everyone championed the machines to us
poor Amiga users. But all they could play was Lemmings. ;)

Quote:

Not true, alot of hardware is cheap because they know the majority
would be using it on windows,

That wasnt the case 15 years ago when all this started.

Exactly, MS have turned it around incredibly!

Quote:

The 'winmodem' is the only REAL example of this type of thing. not much
else does its DSP work in software, barring audio.

It bought the prices down to an affordable level though, i remember
when modems were £120+ and then the winmodems hit and they kept coming
down in price month after month, I bought one soon as they went under
a ton just to telnet into college and some US national library..
Why!?! Just cause you could at the time! :D

To think how things have progressed is hugely thanks to microsoft.

Quote:

All this came AFTER windows was dominant anyway - because if the
manufacturwers knew they could sell enough to putrely windows users to
get away with it. this wasnt the CAUSE of windows rise.

No it was the standardisation and support that MS offered which
allowed manufacturers to utilise all these new cheaper internal soft-
devices.

Trouble was they were pretty shit on performance. But it enabled alot
of people to get into computing, most notably to get online and make
the net great.

Actually as i think about onboard devices it still amazes me now when
people overlook their motherboard when upgrading, it's the backbone of
any machine yet they spend shitloads on a CPU, get the biggest HDD
they can and then slop it all ontop of the cheapest ass bitch of a
motherboard.

Quote:

Isn't that the way of the world though?! Nothing is ever as good as
its made out, pretty much everythings a dissapointment when you buy
it, and it's because there's thousands upon thousands of people out
there who's sole purpose in life is to fool us.. grr!! conspiracies
etc.

I don't think you can blame MS for taking the same stance.

Quote:

I don't know about monitoring your data from the radio, but all those
tasks are miniscule, i doubt your cpu even hits 10% of its potential

Im talking 2048 point fourier transform...

*Ding* Lights out, won't even go near that one.

Interesting stuff though, with the radio astronomy had a brief
read-up, i bet it's all a bit weird to do, like quite surreal.

Have you ever found and submitted anything yourself?

Quote:

(Thats assuming you have a modern processor) until you play a game or
re-encode video, hardly what i would define as pushing an OS.

Hrm. Quake3 uses about 5%-10% of my CPU time (under linux). so much for
that theory. all modern (3d type) games push the video card FAR harder
than the CPU.

This is true, what CPU are you running then, Quake3 sounds very
efficient and it's a pretty quick game from memory.

Does linux take full advantage of your graphics card? ive got a really
old GF2 MX400 in my machine, chances of that being supported should be
quite good i imagine?

Quote:

Not to say there is nothing innovative about linux but really innovation
only hapepns at the very edge of the software world (no matter what your
OS is).

I would say there's some great new innovative software out there, for
example what some video apps offer you is amazing, and would've taken
days to perform, the same with Audio apps, i keep praising Cubase, but
i was able to throw my guitar pedal out for a simple DSP plugin which
sounds way better and i'm able to save my guitar settings with the
song, it's really odd and quite amazing for a musician.

To be able to load up a video project or audio project and everything
is how you left it is amazing when you consider i used to be hooking
videos up to one another and cutting and sticking tape, or spending
hours getting my sound levels right.

For me that is innovation, changing the way you work.

As Alan said, I evolve but i don't... revolve. :D

Quote:

the USA is aggressive in its international relations, yet I doubt many
would take their hat off to them...

Pah! those that don't take their hats off a mainly jealous of their
success, i myself am not of that nature at all, for example i could
charge people a fortune for help fixing their computers but i hate to
see people get ripped off through computing so i only really charge
enough for petrol and enough to get me a takeaway at the weekend..
That keeps me happy and saves them a fortune. Trouble is they always
come back and sing my praises to everyone they know.

Quote:

But that's not modifying the norton code is it?! nuke.exe would be
eaten up by the virus checker upon coming down from the net.

I suggest you test your theory there. I bet you a script containing that
code would sail straight through.

A script? i thought you meant rename nuke.exe to norton_setup.exe or
whatever and then send it?

I don't know which programs get picked up by my virus checker and
which don't but i know for sure i tried to download a nuke script for
irc and it denied me access to it.

Actually, thinking about it, chances are the file had a virus, so
could have been for that reason.. duh.

Quote:

If you could gain access to the admin password could you log in as
admin via software?! or does it always require user authorisation,
i.e. no auto/remote loggins allowed?

Quote:

When you say a patch showing the differences, do you mean someone runs
a compare on the provided files, or it's up to the author of the
latest mod that submits this patch that shows the differences?

Quote:

And what if the app in question requires admin rights? Would you
question that?

I certainly would. but you can still test those by using a chroot
environment, the rest of the system remains safe. (to a point).

So if i'm using linux next week for example and install a piece of
software that asks me to log in as admin, should this ring alarm
bells?

Quote:

Is there ever a time when code is not approved for being too big or
deemed not to be useful, yet there is a demand for it so to obtain
this 'extra' version you would have to use non-official means?

Yes, however then you are really on your own and likely heading into
developer-only sort of territory. One cant defend a truely determined
idiot...

...One in the making here ;)

Quote:

It's hardly doing nothing.. it's serving all our users here, admit it,
in the right hands windows is pretty useful and does what it says on
the tin ;)

You mentioned its serving about 2-3000 emails a day. a 386 could do that
running linux...

Yeah i know that, so could a P2 Running Win NT hehehe :D

Quote:

It happens that linux is well though t out enough that despite
considerable incentive there are no current examples out there. there
was a work that targetted specific redhat machines once but that was a
long while back now.

Must admit it sounds pretty good and i've built up a brief
understanding of it from you, all the root and user business reminds
me of when we used to telnet to each others machines at home to get
news feeds and emails to each other.

Quote:

Which is exactly what I said - you bjuought it with windows more in mind
than linux, and you got what you payed for.

Well yeah, but i did deliberatly check if it was linux compatible, and
it turned out to be lies, so i did try guv'nor! :D

Quote:

LOL so i'm wrong and right at the same time.

All i was saying that the software i use is like that, chances of
commutative DSP's coming to linux are... ?

</

Quote:

Excellent cheers for those, very interested to see how cinelerra, main
actor and rosegarden compare to what i use currently.

Bear in mind I have never as much as downloaded rosegarden, cinelerra or
mainactor. YMMV.