Nick Freeman, a penetration tester from New Zealand discovered that the software utilized by most major Hollywood studios for video editing is full of vulnerabilities that could allow hackers to alter or steal motion pictures.
According to
iTnews, the security consultant looked to find weaknesses in all the programs he tested and as it turns out, all the software, from the one used for script writing to the one used for post-production, they're all flawed.
Freeman claims that even though no single software vendor controls the entire development process, which would make it harder to assure a completely bulletproof system, the fact that each component comes from a different company doesn't make things better either.
The vulnerabilities weren't that difficult to find. It seems as in maximum six hours, each and every application started presenting its holes.
Of course, he didn't settle with just finding the flaws, he also wanted to make sure they're patched up, so he contacted each company and informed them on his findings.
Avid, the company that provided its Media Composer suite for movies such as Avatar or Iron Man 2, presented the most difficulties in addressing the issues they were presented with.
Within an hour after installation, Freeman managed to find a remote listening service that allowed him to crash the application by overflowing network requests. The problem in this situation is that even though Avid has a team that only handles the security of their products, two variants later and the issue is still present.
However, these findings are not new, or at least not new to hackers, since it's believed that these kinds of flaws made it possible for cyber masterminds to gain access to unreleased movies.
“The vendor's main goal I guess is to have products with extensive functionality and with strict deadlines, and security falls off the road map in the process,” Freeman said.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
