yikes. having written aax plugins for a while, i have to say, i’m kind of surprised this came from AVID. from what it sounds like (having scraped the surface), it’s not their editing software (Pro Tools, et al.) but their copy protection management tool/device driver - iLok.
i’m sure there are some very anxious engineers in the AVID offices today.
I'm kinda hoping iLok is the culprit, because I've been refusing to buy any plugins that require iLok, even though that means avoiding some effects I'd really love to have & developers that I'd love to support. Thankfully iLok is optional for the iZotope stuff...
The iLok is just a repository of keys and can’t hurt anything by itself. It’s communicated with by code either built into a license protected application or in a “wrapper” added to an otherwise unprotected app. Pace AP (maker of the software and reseller of the iLok) is essentially in a never ending arms race with the warez crowd, and in the past has resorted to some gray-hat, rootkit-like techniques to prevent cracking. It wouldn’t surprise me if this was either some old Pace code going rotten or some sort of crack gone viral/rogue. I used to develop an iLok protected app and am still on their developer mailing list, but note that I haven’t seen any recent alerts from them so it’s entirety possible it’s something else.
Yep, after I posted I realized that if this is really widespread & iLok related, surely someone would have posted on Gearslutz complaining about it by now. So far I can't find any threads about it there.
In my iLok case years ago, it was a problem with the iLok KEXT kernel extension drivers causing my Mac to kernel panic at startup that put me off. That would've been around the Mac OS X 10.5 / 10.6 era.
Ironically film tools have some of the most stringent copy protection systems, and big studios break the licenses agreements without hesitation when they need to get something done.
I wonder if Hollywood is so obsessed with DRM because they themselves are such f'ing pirates. The entire culture of Hollywood is around stealing (e.g. the endless so-and-so stole my script idea lawsuits) and defending oneself from having one's stuff stolen. Maybe they're projecting and imagining that everyone is constantly trying to steal everything.
As a normal movie and TV viewer I will always look for an option to rent, buy, or stream stuff because I like to support the production of stuff I like and because the time it takes to jank around with pirated crap is generally worth more than the cost of just paying. The only time I've turned to piracy in recent (post-broke-college-kid) memory is when something is literally unavailable by any other means. I suspect I'm typical.
DRM has zero effect on my behavior. If anything DRM encourages me to consider pirating because it adds pain and hassle. In the case of actual purchases (vs streaming and virtual renting) I really despise DRM since I purchased a copy and should be able to play it on any device I have and store it for posterity. I generally will not outright purchase DRMed content.
Since we're talking Hollywood, what's your success rate in being able to buy movies that don't have DRM? I can't think of any way to do that, really. Or are you saying that you basically can't, and therefore don't buy movies and instead stream or rent?
Physical media has DRM but it's pretty much completely cracked. I can rip Blurays and even UHD Blurays now and end up with a non-drm-ed movie. It's not nearly as convenient as streaming (initially) but I can "own" the movie in a non-drm-ed form for as long as I can keep the bits alive.
MakeMKV does support them, but you need a UHD drive with specific firmware. On the forums you can figure out which drive will work the best and which is the easiest to flash old firmware on. Either way requires a hacked firmware updater because the drive makers have to give it their best shot to avoid downgrades (to satisfy DRM licenses).
Also you can decide between old stock firmware or new firmware that has been modified by the MakeMKV team. I opted for the old stock firmware, I'm not really sure what the modified firmware buys you.
It seemed overwhelming at first, but after an hour of reading and searching on Amazon I figured out what the easiest route was. Once the drive arrived, the flashing was simple—I plugged the drive into my Windows box and ran the flashing code, then plugged it into my Linux Plex server and it worked right away.
A huge color company out in the valley is notorious for calling up 120 days past the invoice date on NET30 terms and only offering to pay on a credit card. I swear some of these companies would spend a dollar to screw you out of 50 cents.
I hope you don't think that the people dealing with issues like this are anywhere near the discussions on DRM of digital video. It isn't as if MPAA board members are also in a basement somewhere editing films.
iLok has been extremely effective at stopping cracks or at least slowing them down enough to where the software is obsolete by the time a crack appears. The pirates don't have access to this software in the first place.
We can debate the merits of DRM all we want, but PACE's stuff actually works (at stopping pirates, and sometimes paying users)
Catalina major change is ANY dll should know pass through security. That's why notirisation also for software plug-ins is needed meaning also runtime hardening in future and proper entitlements by host and plug in
Oh, it's not just Avid. Some audio production software such as ReFX Nexus still uses a USB dongle. There is no way to use the software without it plugged in.
It also has a policy where if you damage the dongle, you have to buy again and get a 10% discount off the FULL price of the VST.
In the age of people gigging on laptops, I'm not entirely sure how they think they are gonna sell any more of them. I fancy it myself as it has quite a few 'familiar' sounds on it, but not with all the downsides.
The problem is, there are some industries where the piracy rate would be 100% if it weren't for dongles. Music production software, for one. And another surprising one is church software! (They feel they shouldn't have to pay because they're a "church" and serve a higher purpose.)
I go to the NAMM (musical instrument manufacturers) trade show every year and work with music, sound, and church software vendors.
In the medical field, almost all software for performing and analyzing EKGs, X-rays, MRIs etc. comes by default with some sort of dongle-based protection. Apparently, it's not enough that you need the biggest dongle in the world (i.e. the machine itself!) to use the software. Some vendors do offer alternatives if you fight them hard enough but the default still is a trip to dongle town.
Ah, but they need to control that CD recording device on the workstation, just in case you're handing out CDs to your patients WITHOUT A CD RECORDING LICENSE. They have the weirdest licenses.
They sell every functionality as an aditional "license" or "plugin".
So, for example, it's not unusual that, by default, your half a million USD scanner, that includes a powerful workstation to control it (the one the technician uses behind the window) will only let you write CDs (for example, to give your patient a copy of his/her scan) if you pay an additional "CD Writing license"
Now, with PACS and centralization that have changed a bit, but still...
> In the medical field, almost all software for performing and analyzing EKGs, X-rays, MRIs etc. comes by default with some sort of dongle-based protection. Apparently, it's not enough that you need the biggest dongle in the world (i.e. the machine itself!) to use the software.
Actually, it's not.
Some idiot will get the idea that they can just "transfer the hard drive immediately" because they didn't pay enough money on their support contract to get 4 hour response rather than 48 hour response. The dongle prevents that.
Medical devices are certified for the entire device--that includes the specific PC and the specific version of operating system running on it.
Apparently, it's not enough that you need the biggest dongle in the world (i.e. the machine itself!) to use the software.
Same for a lot of other industrial equipment. In my (admittedly limited) experience, they get cracked pretty quickly by the owner, either before the factory ever gets any downtime, or right after the first time.
This is fascinating, thank you for sharing it. Medical technology fascinates me, but I am nowhere near the industry. Same with things like CarPlay et al.
Thing is, the majority of iLok protected software has never been cracked, or if it has been cracked, only very old versions that aren't exactly relevant anymore.
iLok doesn't require the hardware dongle anymore, licenses can be installed onto the hard drive now. Some people prefer the dongle because they can carry their licenses from machine to machine, studio to studio etc.
But as a user, I still much prefer the old-school serial number unlock without internet activation, though.
Cubase uses eLicenser, not iLok, and it hasn't been cracked since a version about 10+ years ago so it does a pretty good job - even if that does mean cubase has fallen in popularity.
This is what Avid sends you after creating an account:
Your iLok account allows you to:
- Use the free iLok License Manager application to manage your licenses
- Take advantage of Zero Downtime and Theft & Loss Coverage premium services to help protect your investment
Take advantage of Zero Downtime I never understand what they mean with this, but now it definitely lost all its meaning.
Zero Downtime is a paying option provided by PACE (makers of the iLok and the copy protection software) for extended support if one loses their licenses. It covers a broken/lost/stolen iLok, not sure how it would fit in this case.
A few years back I was working for a company that used iLok protection and had a major outage like this, we nicknamed it the iLokalypse.
From what I recall zero downtime simply meant if a ilok went missing then PACE would assist you in replacing license(s) to a replacement ilok from their end. Trouble is often times you couldn’t quickly find a replacement ilok without a guitar center nearby and would still have to order it through avid store and wait for it to arrive if you didn’t plan for this.
ZDT also covers RMA situations where you iLok broke. Instead of them sending you a new iLok after a couple of weeks that has whatever licenses they were able to recover off the old one, they send you a new one with all of the licenses from the old one the same day you send them the old one, so you end up with like a 24-48 hour turnaround instead of losing a week or two.
Always take what the editor says with a massive pinch of salt.
I spent ten years in the movie industry, and the people that were the most forthright, and almost universally wrong about technical things were editors.
"The monitor is out of grade" No, you've set the background lights to red.
"The sound is out of sync" No, you've turned off the amp and somehow managed to get the crappy test tv to play sound
"the hardrive is corrupt" no, its clearly asking you to update OSX
my personal favorite:
"my station is slow" No, what you appear to be doing is copying 135 TBs of data from one share to another.
I used to support a large range of artists and technical staff. Every class of worker would have their own proclivities.
Compositors, at the slightest hint of any technical issue would immediately start thinking up workarounds. By the time we'd get there to see whats gone wrong, they'd be telling us there's a problem with the workaround, and not tell us the original problem.
Modellers, normally maya has crashed because they are really pushing it, they would have forgotten to publish for a while.
producers, love busting out to spreadsheets, sometimes it doesn't marry up to shotgun/ftrack, or the macro is broken because someone has changed the naming convention.
pipeline, Always trying to sneak the next new thing into production by the back door.
With the exception of the OSX update, most of these sound like technical issues they're just not bothered to fix themselves. My understanding is that editors don't usually set up their own workstations so why would they troubleshoot them?
editors _fiddle_ but then don't take responsibility for what they've done.
The monitor issue its a two-for-one. The editor was doing a technical edit, that is matching some shots up to someone else's spec. They were proxies(as in small previews to make the machine run faster) and were not graded.
What they had done is fiddle with the room lights, because they wanted to make the room feel better. Obviously this made the monitor look more blue.
My college (who is a junior, in a junior department) gets an angry phone call because the workstation isn't up to par.
Its a lot of dick waving for no real gain.
Another fun one was in about 2009 an editor decided for a quick preview edit that it would be quicker and easier to laser out a digital shot to film, cut and splice by hand on a stienbeck, and then re-scan it in.
We had all the shots loaded on the workstation.
Not all editors are like this. but there are enough to give them a bad name.
ha, I'm in the same boat. Spent 8+ years doing engineering for live/post-production television. And the younger they got, the less technical they were.
Yeah but when they are all having the same problem that means it's a problem. I've been on both sides of that situation, generic dismissals like this are not useful or helpful.
Kinda hard to be moving the goalposts when there was no prior comment of mine to move them from. I'm just disagreeing. When everyone is suddenly having the same problem the probability that they are all coincidentally falling victim to the same misjudgement asymptotically approaches zero.
What was claimed in your parent comment was that people do all sorts of idiosyncratic things with their machines but were convinced the problem was elsewhere. No?
I'd revise that to the far more irritating segment of users who think they're more technical than they really are. Actual non technical users are fine, because they generally know when they don't understand a thing. The thinks-their-technical users will bravely throw in whatever phrases they've heard mentioned in relation to a completely unrelated problem.
That's the super-user syndrome. They know enough to get themselves into a bind but not enough to get themselves out. It's difficult just trying to get an accurate description of the problem because they lace the description with theories about what the cause is.
"Please just describe the problem and, if possible, how you reproduce it. No, just describe the problem. What's happening when you press the button? No, just the problem! Not what you think is causing it."
It's a conundrum because good super-users can help less technical people in their groups. But, their issues tend to take more time to unravel.
I imagine this is especially prevalent for editors because they are expected to be the technical ones in a room of high-ego professionals. Every second of their day is them being judged on how super-user they are.
It's definitely not unique to Hollywood... Before I switched to infrastructure development I ran a Linux engineering group and among other things handled production support escalations. The job was often finding the actual problem while gently dissuading my customer the issue wasn't a pet theory and/or something they just Googled. In fact sometimes the escalations came specifically so I could weigh in on root cause after joining the bridge because the various parties couldn't agree.
A favorite was someone to run free and declare the system was "out of memory and must be swapping". It recurred so often I think that theory passed from group to group like a treasured heirloom until we wrote a FAQ on the subject. Fortunately in my opinion getting ops and development to work together built mutual respect for respective skill sets.
What, will you refuse to help me if I call you in deep distress and said that "xcode command line tools is failing to update because of the nginx 503 errors clearly visible in Safari"
I wouldn't absolutely refuse to help, but if you are like some users I've dealt with and you keep repeating that instead of answering specific questions I've actually asked† then I'll drop the call and mark the support ticket as paused‡ until the information requested is provided.
[†] Q: can you check A, User: why if the problem is Z? Q: could you do B and tell me what the response is?, User: but I'm sure the problem is Z, Q: what version of C do you have?, User: that shouldn't' matter because the problem is Z, ..."
[‡] meaning it is not running against any SLA clocks
The two matters could be separate symptoms of the same underlying problem for which more information is needed. Admittedly in this case you would probably be right and the tool is likely failing to update because it is getting the same 503:Overloaded responses from the http server, but that is not necessarily the case (perhaps the server is agent sniffing and provides a different, more human interpretable, response to requests from browsers, the response for humans is proxied by this server from another and that is currently overloaded, so the update tool isn't getting the same 503 responses that you are).
They meant "thinks-they're-technical", which might clear things up.
Putting dashes between a bunch of words isn't really a correct way to do this, but it's a way to smash a bunch of words together and pretend it's one word. In this case an adjective describing the users.
It's perfectly cromulent to hyphenate words this way. Doing so causes them to become adjectives. For instance, you would say "fast-paced agenda," not "fast paced agenda," or "fast, paced agenda." The latter two have a different—and in this example, weird—meaning.
In this case, I think it's a poor style choice, because there are two verbs and an adjective being combined, but there's nothing 'incorrect' about doing so. It might be clearer to say "users who think they are technical," but fixing the mixed pluralization and incorrect use of "their" would go a long way on their own.
That looks like a misspelling that should have been "thinks-they're-technical users" i.e. users who think they're technical but aren't as technical as they think they are.
They think they're technical users, but really they aren't. Generally these folks are people who have skills in other areas and have a partial or basic ability to use some complicated software. However, they don't have well-developed computer skills but are convinced that they do.
It means someone who believes they have a high technical ability but in reality has a low to mid ability and know some relevant words. Typically they apply them incorrectly when describing a problem or solution.
I think parent meant "Thinks-they're-technical users", as in the users in question believe themselves to have more knowledge about the domain than they actually do.
On two occasions I have been asked, — "Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?" In one case a member of the Upper, and in the other a member of the Lower, House put this question. I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.
- Charles Babbage - Passages from the Life of a Philosopher (1864), ch. 5 "Difference Engine No. 1"
"I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question" is my all-time favorite way to say "What is wrong with this clueless dipshit."
The 'light' variant of this question makes a lot of sence, though:
The askers were non-technical but very jaded in human nature, so they know the human-provided input might be slightly imperfect but not completely wrong.
Then the question is: Can a machine based on perfection cope? Will it output reasonable but slightly-wrong conclusions? Will it go off the rails and produce completely insane errors?
Answering this question requires a lot of interesting subtility, which has been completely rejected by babbage.
> If you want to use incorrect data to get correct answers, you need a human.
More often, that just gets answers that are incorrect in ways other than (sometimes, in addition to, othertimes, instead of) those explicable by the incorrect data.
On slashdot, someone proposed the theory that this is a good question to ask if you have rational worldview, and know this kind of thing should be possible, but aren't sure if you're dealing with a scam artist who will tell you what you want to hear.
Yes, I've used that principle before; ask a question you know should be "no" and see what happens. Can that car tow this (way too heavy) thing? Will my dishwasher clean my dishes even though my water is full of sulpher? Will this (integrated graphics) computer play $LATEST_GAME at full settings? Will this plastic thing last ten years of solid use outdoors?
In my personal experience, I actually don't get the full-throated lie "Yes!" all that often, if ever, but I get a lot of uncomfortable waffling.
Indeed. In buying a new car some years back, I found a reliable way to translate answers. When the dealer answered, "Yes" it was generally truthful. But when they answered, "I think so", the actual answer was definitively "No".
That's generally true, but there's a more specific affliction you sometimes run into that the parent comment is referring to.
There are some single software programs so big and complex that you can build entire careers out of them. People who do that become wizards within that software suite, and then incorrectly generalize that to believing they know everything about computers. When really, they are Photoshop jockeys, Avid editors, Maya artists, etc. and they are mostly lost outside of those applications.
If you haven't worked in creative fields like video you may not have run into them, but they are definitely a breed.
(Developers fall prey to this sometimes too, but our job tends to require us to use a variety of tools and the underlying operating system itself, so we do end up with a greater breadth of experience.)
Working with support issues for at lest 20 years...
My take on this is that there are two types of non-technical users:
- stupid ones
- intelligent one
The intelligent ones know what they don't know. Or at least they understand what is their area of expertise. They focus on explanation of the problem and they do not make random conclusions.
The stupid ones do not know what they do not know and, of course, they think they are smart and know everything. It is so hard to work with them.
It is interesting that education level, nationality, race, etc. does not give any reasonable indication whether a non-technical users is intelligent or not.
I can't wait for the post mortem, I wasn't expecting anything with Avid/PACE but if it's Google's problem then maybe we'll get info.
I work in this space (and am a casual user in the space) and I really want to know why /private/var was getting unlinked through a normal update and why Avid got pinged for it.
Someone else in thread mentions an kext for the iLok dongle AVID uses, so are kexts covered by SIP? Or are they counted as part of the kernel, and thus all powerful?
Yeah, that’s exactly what the behaviour sounded like to me too, having inadvertently done this to myself a few times over the years, and given that many autoupdaters run with root permission, it’s perfectly plausible.
Yeah, I think we had that twice: 1. "I can't work if all the NFS mounts empty" 2. "You're aware that closing the GUI empties /home/$(whoami)? Related: Did you see our sysadmin?". Backups are awesome.
Ah bless, I recall that (played at the time), I was fortunate to of had separate drives for programs and temp/swap to the OS and didn't have eve installed upon th C: drive, but knew many who didn't. That said, it was somebody who did the same kind of thing that tested the update and equally had no issue and it rolled out. Though fair play, they put their hands up fast and if needed, paid for peoples to get a tech to fix the issue for users who just gamed and unable to handle the minutiae of fixing themselves.
Oh man I’d hate to be on the receiving end of this shit storm. There’s a film called swimming with sharks [1] that perfectly illustrates the wrath of producers
I have no idea. It was a 0 byte afp.php file. You only really get those when a webserver isn't setup to process the PHP files and ends up sending it out like a download.
Is this really an issue localised to LA? I've worked for companies equipped with Avid suites that were (at least in geographic terms) as far away as you can get from LA.
Because it's the industry standard when you need to work with more than one person. Most other offerings don't scale with team size/production pipeline like Pro Tools/Media Composer.
And there's a certain class of professional who resists change/upgrades at every turn, specifically because of stuff like this where updates would typically break everything.
Beautiful? There's a reason why it got the name, it looks like a trashcan. And the old mac pro is filled with garbage(how fitting, right?). If it was any good then apple would have stuck to it, but it was garbage, so they didn't.
Now we have the new mac pro, and it's a big step up from the trashcan.
Eh, it was designed for a different system configuration. Apple was betting on multi-GPU architectures when they designed that thing in 2012/2013, but then tech didn't really follow that path.
The CPUs and multiple GPUs put out (relatively) equal heat, so they could make the single, big cooler work. But when the world went back to a single, big, hot GPU, it pushed things _just_ out of whack enough that it wasn't worthwhile to continue down that path.
It was a poor design because it didn't take into account the thermals of the hardware it was sold containing. It throttled its graphics cards from the start but also got worse as dust/age set in. It couldn't be upgraded or fixed because they chose appearance over practicality.
It was, is, and will always be the "garbage can." It has nothing to do with the industry's direction, it was poor as-sold.
I don't think Apple has said so publicly, but it seems pretty obvious that they knew about that nickname and decided to lean into it with the new model. The new one really looks like a cheese grater, even more than the towers before the trash can.
The old SGI joke I liked was any system that required less than 4 people to carry was considered a desktop. The future must have very large desks for their users.
Well I can remember when fitting a new dual floppy drive (8 inch) to a pdp11 require two people to install it and a third to help run the cables through the chassis.
SGI workstations had hardly any lights. Their essential distinguishing feature where that they sometimes had slightly rounded corners and came in 'fun' colors. Kind of like this
> The apple trashcan certainly looks vastly better than other commercially available workstations.
Not really, when given the tendency of them to roll around when being transported in production environments, they tend to end up bolted within wooden boxes with little wheels on the bottom.
There's a reason Apple listened and put wheels on the new one.
We also call them "trashcans" in conversation. It's an identifiable and memorable term, rather than "mac pro (original/2006)", "mac pro (cylinder/2013)" or "mac pro (cheese grater/2019)"
It had a mesh in the pre trash can version but the new one looks far more like a grater with spaced holes and an indented piece of metal that looks like the blade.
Surely the implication is that what's inside is garbage. :P
Not at all. Even people that love them refer to them as trashcans. It's just a cute nickname, since Apple doesn't give their machines any other distinguishable names.
The rebellion has got to start from somewhere. Humans are still consuming mindless reboots, but the machines have decided it's too much and have given up.
I reboot once every week or two - there's always something that fucks up when you leave it running for a month or more. Or if I ever go through and quit everything (for whatever reason), I usually reboot then. It won't hurt, and it doesn't take long.
It's worth doing fairly regularly to at least check the process still works as you expect. At some point you'll actually have to restart your PC, and the last thing you want is to be surprised by some problem or other. (OK, so I've never had any serious rebooting problem with OS X, but I have had a reboot show up stuff missing from launchctl and the login items, the sort of thing that's an outsize pain to fix when you were in the middle of something.)
I remember back in the day when every "creative type" doing anything on a Mac would reboot before starting a new big Photoshop or Illustrator project.
This was before Macs had memory protection and one process could stomp on another processes' memory if there was a wild pointer. After running any large application for a while, before starting a different one, it was standard practice to reboot.
I had an issue recently with Virtualbox which caused my iMac Pro to crash and power cycle. That, as well as certain Xcode updates (required by other software), meant I lost my 200+ days of workstation uptime.
It used to be you almost always had to reboot to update the Safari web browser, but interestingly this week's version 13, at least on macOS Mojave, did not require a restart.
I do after I notice it starting to get really slow, but I always check uptime in terminal before I do. Just happened last night, after 62 days of running!
i, as an app developer, have to reboot my mac atleast two times the week to get xcode back into a working state. not to sound like a jerk, but if you dont have to powercycle you prob not pushing your machine far enough
any sufficiently complicated software can reach a state where problems arise. you just need to push it far enough.
e.g. i have the swift compiler giving up every few weeks because i feed it code that crashes its internal constrain-solver. good thing is, submitting such code samples i can contribute to its improvement. i believe everyone has a tale of some software exhibiting strange behaviour, ive seen it all: adobe products crashing when you exit them, broken text rendering in firefox until a restart, hell, i even had the windows' LogonUI.exe hang on me.
the point is: consider a software to be a state machine. since we stopped formally verifying correctness of our programs, it is in the realm of possible for each program to reach a state where its behaviour is undesired and there is no easy path to move it to a more stable state.
i’m sure there are some very anxious engineers in the AVID offices today.