Archive for the 'Tech' Category

Page 2 of 10

Do you use H.264 or MPEG? You need a license.

Recently it was confirmed by the MPEG LA that a license is needed for any use of H.264 and that everyone on the chain is liable. Free software projects are not exempt from this either and neither are end users.

Ben Swartz has an excellent summary about why H.264 should not be used.

A lot of commercial software comes with H.264 encoders and decoders, and some computers arrive with this software preinstalled. This leads a lot of people to believe that they can legally view and create H.264 videos for whatever purpose they like. Unfortunately for them, it ain’t so.

The license that comes with commercial software, such as Apple’s Final Cut Pro, does not cover commercial works. Even so, if you use a commercial software package to create something non-commercial and give it to a friend, they need to be properly licensed also.

You have a license to use their software, provided you don’t make any money, your friends are also all correctly licensed, and you only produce content that complies with the MPEG standard. Using video for a commercial purpose? Producing video that isn’t within MPEG’s parameters? Have friends who use unlicensed encoders like x264, ffmpeg, or xvid? Too bad.

This last thing is actually a particularly interesting point. If you encode a video using one of these (open-source) unlicensed encoders, you’re practising patents without a license, and you can be sued. But hey, maybe you’re just a scofflaw. After all, it’s not like you’re making trouble for anyone else, right? Wrong. If you send a video to a friend who uses a licensed decoder, and they watch it, you’ve caused them to violate their own software license, so they can be sued too.

That’s right folks. Use Handbrake to rip a DVD, or create, view, watch or distribute any H.264 video and you’re liable (royalty free streaming via the Internet has been extended until the end of 2016).

Won’t somebody please think of the children?

Windows 7 killing laptop batteries?

Ars Technica reports on issues with Windows 7 and battery life on some laptops.

These users claim their batteries were working just fine under Windows XP and/or Windows Vista, and others are saying it occurs on their new Windows 7 PCs… their PC’s battery life is noticeably lower, with some going as far as saying that it has become completely unusable after a few weeks of use. To make matters worse, others are reporting that downgrading back to an earlier version of Windows won’t fix the problem.

The issue was originally reported back in June 2009, long before Windows 7 was actually released.

Cheaper SSDs on the way thanks to new 25nm process

Intel and Micron will ship 25nm flash memory in the second quarter of this year, which in turn should finally mean cheaper SSDs for everyone. Yay.

Intel’s existing multi cell X25-M and X18-M models are 32nm. This new shrink enables much greater capacity (8GB NAND measuring just 167 x 167mm) and devices will follow version 2.2 of the Open NAND Flash Interface (ONFI) specification.

With most of the original issues sorted out (or worked around) and the introduction of TRIM, it sounds like SSD might finally start becoming common place in desktops (but I think laptops will see it first).

MPEG LA confirms H.264 license needed for free software and end users

Currently, there is no default video format for use with the HTML5 video tag. The patent and royalty free Theora format was planned to be the default, but this was opposed by corporations like Apple and Nokia. The most popular video format at the moment is the heavily patent encumbered H.264, which is often encapsulated in Flash. As the move to HTML5 gathers steam, the battle for a video format rages on.

The issue of which format becomes prevalent is very important for the future of open web (and especially Linux). Youtube is one of the biggest providers of H.264 encoded media (currently encapsulated in Flash, but there is an HTML5 beta program) and Google will pay hefty royalties for the privilege.

The question of royalties over use of H.264 has become a popular talking point of late, because while Safari and Chrome support it, Chromium (the free software version of Chrome browser) Opera and Firefox don’t.

Now, a discussion on the Linux Weekly News site has answered the question as to whether the MPEG LA will require and enforce free software projects (and developers) to cough up for a license.

The question asked of MPEG LA via email exchange:

I read through the FAQ and can’t find out if Free and Open Source developers and products need to license the MPEG LA patents for MPEG-4 Visual. It was alleged in a comment that royalties are only necessary for products sold, not for free products. Is this correct? Could you please comment on the licensing options for Free (e.g. GPL) and open source implementations of MPEG-4 Visual, specifically h.264? What about downstream users/developers/distributors of Free and open source software?

The answer is a resounding “Yes” and even end users are liable:

In response to your specific question, under the Licenses royalties are paid on all MPEG-4 Visual/AVC products of like functionality, and the Licenses do not make any distinction for products offered for free (whether open source or otherwise)…

I would also like to mention that while our Licenses are not concluded by End Users, anyone in the product chain has liability if an end product is unlicensed. Therefore, a royalty paid for an end product by the end product supplier would render the product licensed in the hands of the End User, but where a royalty has not been paid, such a product remains unlicensed and any downstream users/distributors would have liability.

As an article over at OSNews states, we must ensure that H.264 does NOT become the de-facto standard for video on the web:

“In other words, h264 is simply not an option for Free and open source software. It is not compatible with “Free”, and the licensing costs are prohibitive for most Free and open source software projects. This means that if the web were to standardise on this encumbered codec, we’d be falling into the same trap as we did with Flash, GIF, and Internet Explorer 6.”

I guess it’s up to web developers and corporations to make the smart choice. If Google can purchase On2 Technologies, they might release later generation versions of VP (on which Theora is based) to surpass the quality of H.264.

Another Internet Explorer vulnerability grants full access to hard drive

The Register has an article on another vulnerability in Internet Explorer and Windows which allows the attacker complete access to the hard drive.

If you use any version of Internet Explorer to surf Twitter or other Web 2.0 sites, Jorge Luis Alvarez Medina can probably read the entire contents of your primary hard drive.

The security consultant at Core Security said his attack works by clicking on a single link that exploits a chain of weaknesses in IE and Windows. Once an IE user visits the booby-trapped site, the webmaster has complete access to the machine’s C drive, including files, authentication cookies – even empty hashes of passwords.

This is not the first time these vulnerabilities have surfaced (and it won’t be the last), but Microsoft cannot completely fix the issues because they use core functions of Windows.

The hole is difficult to close because the attack exploits an array of features IE users have come to rely on to make web application work seamlessly. Simply removing the features could neuter functions such as online file sharing and active scripting, underscoring the age-old tradeoff between a system’s functionality and its security.

Yahoo! pays Canonical to switch Firefox away from Google

While I’m not convinced that Google is our friend, this latest move from Canonical is interesting.

Microsoft has been paying companies to move their sites from Google to Bing and the Mozilla’s director of community development, Aza Dotzler, recommends that users switch Firefox’s default search engine from Google to Bing.

Now, Canonical has struck a revenue deal with Yahoo! and will change the default search engine away from Google (for new installs).

Canonical has negotiated a revenue sharing deal with Yahoo! and this revenue will help Canonical to provide developers and resources to continue the open development of Ubuntu and the Ubuntu Platform.

Yes, Google currently has the largest share of web marketing, but if more and more companies start switching to alternatives like Yahoo! and Bing, then things could change dramatically.

Christopher Blizzard: HTML5 video and H.264 – what history tells us and why we’re standing with the web

Christopher Blizzard has a great article about H.264 and what it might mean if it becomes the de-facto standard for video on the web.

Remember, this is still very early in H.264’s history so the licensing is very friendly, just like it used to be for MP3. The companies who own the IP in these large patent pools aren’t in this for the fun of it – this is what they do. They patent and they enforce and then enjoy the royalties. If they are in a position to charge more, they will. We can expect that if we allow H.264 to become a fundamental web technology that we’ll see license requirements get more onerous and more expensive over time, with little recourse.

Are all browsers equally vulnerable?

With all these Internet Explorer insecurity issues coming to light, a common argument is:

“All browsers are insecure, just practice safer browsing by not clicking on links in unsolicited mail.”

Sure, that’s a important part of being safe on the net, but it’s only half of the picture. Of course all browsers will have security holes at particular points in time, no software is perfect.

However, what we should be looking at is a vendor’s response to security vulnerabilities. It’s how quickly a vendor can patch a hole and distribute the fix which is most important. (Of course, security by design and underlying operating system are also important factors.)

To which end, I came across an entry in Wikipedia which provides a comparison of unpatched publicly known vulnerabilities in the latest stable versions of major browsers. It is based on vulnerabilities reports by SecurityFocus and Secunia.

From the list, you can see that all version of Internet Explorer have dozens of unpatched security holes, while most other browsers have none (Safari and Chrome have only one unpatched vulnerability, which is classified as “less critical”).

According to the latest information, security research firm SecurityFocus reports that IE6 has 396 known unpatched vulnerabilities, IE7 has 15, and IE8 has 32. The oldest known unpatched vulnerabilities for IE6, IE7, and IE8 date from November 20, 2000, May 17, 2007, and April 11, 2009 respectively.

How many does Firefox have? Zero. That’s right. NONE.

So yes, you should practise safe surfing, but the browser you choose will have a MAJOR impact on overall security of your system (so does the operating system). Anyone who claims that Internet Explorer is just as secure as the other major browsers is either insane or stupid.

I think I found my new phone…

…the Android “GSmart” from Gigabyte. Haha..

YouTube HTML5 beta program launched, but without Theora support

Google has created an opt-in beta program for anyone wanting to test YouTube with the HTML5 tag rather than using Flash. There are a few caveats however, with the number one being that it’s still all H.264 video. No Theora to speak of, yet, but it’s possibly a step in the right direction!