top of page

Discussions

Public·99 members
Choice Drakh
Choice Drakh

Subtitle 2017


A proof of concept attack using malicious video subtitle files reveals how adversaries can execute remote code on PCs, Smart TVs and mobile devices using popular video players and services such as VLC Media Player, Kodi, Stremio and Popcorn Time.




subtitle 2017



VLC developers were contacted in April and made aware of four separate vulnerabilities, Herscovici said. Each one of the vulnerabilities (CVE-2017-8310, CVE-2017-8311, CVE-2017-8312 and CVE-2017-8313) has been patched.


In its proof of concept attack, Check Point says victims are persuaded to visit a malicious website that uses one of the streaming video players, or they are tricked into running a malicious subtitle file on their system that they intentionally downloaded for use with a video.


Back in March we talked about the challenges of designing subtitle behaviours for 360 video content. We explained some of the challenges that arise and described four behaviours that we had implemented for testing. We have now completed the testing and analysed the results, and it's fair to say that we have been slightly surprised. So, what did we find?


This behaviour wasn't well received - only one participant chose it as their favourite. The problem was that people found it hard to follow both the subtitles and the video; having to continuously switch from one to the other was difficult. Despite the fixed position (in the scene) of the subtitles, people wasted time and effort locating them and felt that they missed out on content.


(The subtitles are presented as a 'head-up display' always in front of you, and slightly below straight ahead. As you turn your head, the subtitle moves with you, always at the same location in the headset display.)


This was, contrary to our expectations, the most popular behaviour. It is a very simple behaviour to understand, and the subtitles were always available, no matter how much you explored the scene, and very easy to locate and read. Our concerns about the subtitles obstructing the video content were justified, and this was the biggest drawback of this behaviour. Feedback from our participants suggests that we need to lower the subtitles within the field of view. Our other concern with this behaviour was that it might induce 'VR sickness'; this was barely a problem (only one or two of our participants commented on it feeling slightly odd), although we need to test longer pieces of content to be sure.


(The subtitles follow your gaze around, but only for larger head movements: if you look slightly left or right it stays in place, but looking further will cause the subtitle to catch up with your head orientation.)


We thought that this would be the most popular behaviour, as the subtitles would allow exploration and be easy to locate, but it wouldn't feel as if they were 'stuck to your face'! In practice, although it was the second most popular behaviour, this one proved a bit too complex - the action of the subtitle 'catching-up' with the larger head movements was unpredictable, and this distracted participants and reduced their feeling of immersion.


Although this worked in some scenes, in others it left people confused and unable to follow the subtitles. The essential problem was that when people are having a quick look around a scene, the subtitles get placed part way through a head movement, and these positions are unpredictable to the viewer and not easy to relocate. The end result was that people either missed out on the subtitles and looked around the scene, or read the subtitles and missed out on looking around.


Hi Tom. Once it happened to me that some captions had disappeared while others were still visible. The reason was merely that we had inadvertently changed the motion attributes (position) in the effects tab of the source panel, so the missing subtitles were now below the image's bottom line. Have you tried simply resetting the captions' position?


ISO/IEC TS 20071-25:2017 provides recommendations on the audio presentation of captions/subtitles and other on-screen text for use in all type of videos regardless of the language and technology being used to transmit and present the recorded or live video.


ISO/IEC TS 20071-25:2017 applies to making captions/subtitles and other on-screen text accessible to users with various needs, including but not limited to people with learning and reading disabilities, people with cognitive disabilities, people who are blind or have low vision, older people, and non-native language speakers. It does not apply to captions/subtitles or other on-screen text whose content is already provided in the soundtrack in a language and a way users can access.


ISO/IEC TS 20071-25:2017 provides guidance on spoken captions/subtitles as a stand-alone access service but it also provides guidance on how to integrate spoken captions/subtitles, other spoken on-screen text and audio description, if needed, in different types of videos.


ISO/IEC TS 20071-25:2017 does not consider the devices or transmission mechanisms used to deliver and play the content or the audio presentation of text in videos. These devices include, but are not limited to televisions, computers, wireless devices, projection equipment, DVD and home cinema equipment, cinema equipment and other forms of user interfaces technology. Therefore, this document does not consider transcoding files for the various video and audio outputs.


Sometimes gamers want things spelled out for them. That's one takeaway from a handful of stats released yesterday by Ubisoft accessibility project manager David Tisserand in a Twitter thread about player behavior as it relates to subtitle features.


He then gives subtitle usage stats for a pair of games released after Origins -- Assassin's Creed: Odyssey and Far Cry New Dawn -- both of which shipped with subtitles on by default. In the most direct comparison, Odyssey, only about 5% of players entered the options to turn subtitles off. For Far Cry New Dawn it was even less common, with about 3% going out of their way to turn them off.


However, Ubisoft hasn't switched to opt-out subtitles across the board. Earlier this year, The Division 2 shipped with subtitles off by default, and Tisserand said 75% of players turned them on at least once. About half of all Division 2 players continue to play with subtitles on.


The attack vector relies heavily on the poor state of security in the way various media players process subtitle files and the large number of subtitle formats. To begin with, there are over 25 subtitle formats in use, each with unique features and capabilities. Media players often need to parse together multiple subtitle formats to ensure coverage and provide a better user experience, with each media player using a different method. Like other, similar situations which involve fragmented software, this results in numerous distinct vulnerabilities.


PLEASE NOTE: The integrated codes are provided as a public reference tool, but they do not show amendments to the 2017 Construction Codes Supplement that were adopted after May 29, 2020. Title 12 DCMR should be used to confirm the official text of the 2017 District of Columbia Construction Codes.


The 2017 DC Construction Codes consist of the 2015 International Code Council (ICC) family of model codes, the 2014 National Electrical Code, and 2013 ASHRAE 90.1, as amended by the District of Columbia Municipal Regulations (DCMR) Title 12, Sections A through M. The 2017 DC Construction Code takes effect on May 29, 2020. Applicability and provisions for the prior editions of the code, (for Permits issued, Applications Filed, Tenant Layouts and Permit Revisions) will be governed by the Transitory Provision stipulated in section 123. For your convenience, below you will find a link to the DC amendments followed by a links to the associated ICC model codes or other adopted model code.


Complimentary access to electronic copies of 7 of the 2013 District of Columbia Construction Codes, which integrate the 2012 ICC Codes and the corresponding subtitle of the 2013 DC Construction Codes Supplement, is provided below. PLEASE NOTE: The integrated codes are provided as a public reference tool, but they do not show amendments to the 2013 Construction Codes Supplement or revisions to the 2012 ICC Codes that were adopted after March 28, 2014. Title 12 DCMR and the ICC website should be used to confirm the official text of the 2013 District of Columbia Construction Codes. 041b061a72


About

Welcome to the group! You can connect with other members, ge...

Members

bottom of page