US government tells Windows users to uninstall QuickTime

AramM
AramM Website User Posts: 155 Enthusiast
edited April 2016 in General

http://www.theverge.com/2016/4/14/11436932/uninstall-quicktime-windows-apple-stops-support

 I am pretty sure that Hitfilm (and other programs out there) depends on QT for a lot of decoding (maybe encoding too?). 

Pretty stressing times!

«1

Comments

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador

    Apple not updating the Windows Quicktime has always been a huge mistake--throwing away 93% of the global market. Considering how many digital cameras use Quicktime as a wrapper, removing Quicktime isn't a viable solution for millions. 

  • [Deleted User]
    [Deleted User] Posts: 2,005 Enthusiast
    edited April 2016

    Is it not safe for my computer if I have QuickTime on my computer? I need QuickTime for Hitfilm, don't you? I'd love to hear from the Staff about this, I know next to nothing about computer security...

    Staff, do we have any other reliable alternatives to QuickTime?

  • Marcin
    Marcin Website User Posts: 132 Just Starting Out

    You only need Quicktime if your devices record in Quicktime wrapper (mov file extension). If not, Quicktime can be uninstalled.

  • SimonKJones
    SimonKJones Moderator Website User, HitFilm Beta Tester Posts: 4,450 Enthusiast

    In terms of the specifics of the Quicktime problems we don't have any additional information other than what's in the public domain. As I understand it, the Quicktime vulnerabilities still require you to visit a malicious web page or open a malicious file - so if you're not visiting dodgy websites and installing/opening files from unknown sources you should be OK for now. (note: I am not a security expert!)

    This does look like a major pain for Windows video editors. We'll be looking into it to see what can be done and will keep you all posted.

    Meanwhile, if you have a camera that records to H264 MOV files (like most DSLRs) there's already a fairly simple solution. All you need to do is rename the filetype suffix from .MOV to .MP4 and you'll then be able to work with them in HitFilm without needing Quicktime installed. Changing them to .MP4 filetype enables HitFilm to use a non-Quicktime method to import them.

  • [Deleted User]
    [Deleted User] Posts: 2,005 Enthusiast

    My workflow:

    Canon 600D, convert files to DNxHD 36, export H264 .mp4.

    Is my workflow affected or not? I'm afraid uninstalling QuickTime, because 1), HitFilm tells you to install it everytime I open it, and 2). I may break it again, last time I had to reinstall Windows to fix my QuickTime error. :(

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador

    As Simon said, there's no immediate threat, nothing known to effect anyone. Just that a vulnerability exists and Apple won't patch the **** things. @KevintheFilmaker uninstalling Quicktime might present an issue with your transcoder reading the Canon Mov. Renaming to Mp4 should work, but that's tedious. 

  • SimonKJones
    SimonKJones Moderator Website User, HitFilm Beta Tester Posts: 4,450 Enthusiast
    edited April 2016

    DNxHD tends to work via Quicktime on Windows, so that will be a sticking point.

    The Quicktime message on launch was removed in an update - are you running an old version of HitFilm 3 Express, Kevin?

    I can't help but think that Apple will be under quite some pressure from hardware and software manufacturers to do something about this. It then comes down to how much of a priority this really is for them - I'm suspecting not much.

    Personally I'll carry on with my usual workflow for now. I don't visit dodgy websites or run/open random files, which these exploits require you to do. Of course, this is likely to be an evolving situation so we'll have to keep an eye on it and see what happens.

    Also, here's a link to some of the more technical info: http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/

  • [Deleted User]
    [Deleted User] Posts: 2,005 Enthusiast

    Thank you guys. Looks like I'll be keeping my QuickTime. :)

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador
    edited April 2016

    As we just learned, Apple bows to no one. 

  • Majahr
    Majahr Website User, HitFilm Beta Tester Posts: 559 Enthusiast
    edited April 2016

    ...just an article about QuickTime and why you should uninstall it as soon as possible (german):

    http://winfuture.de/news,91884.html

     

    Regards,
    Marc

    Mod: I've merged this thread in to the existing, which has a little more information.

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador

    Link to exant thread with English article. 

  • Marcin
    Marcin Website User Posts: 132 Just Starting Out

    @Triem23

    Unfortunately, renaming not always works in HF. I have MOV files from Pentax camera, that plays in Media Player and opens in Movie Studio (without Quicktime installed), but cannot be open in HF after renaming.

    @SimonKJones I can suply a sample if you like.

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast

    @Marcin Can you provide a MediaInfo report of your Pentax file. The MOV to MP4 rename will only work with AVC video and certain audio codecs.

  • Marcin
    Marcin Website User Posts: 132 Just Starting Out

    @NormanPCN Of course. This is not a high priority fore me, as I use the DSLR for stills, but it might help others.

    Here you are:

    General
    Complete name                            : IMGP3251.MOV
    Format                                   : MPEG-4
    Format profile                           : QuickTime
    Codec ID                                 : qt  
    File size                                : 59.2 MiB
    Duration                                 : 25s 440ms
    Overall bit rate                         : 19.5 Mbps
    Encoded date                             : UTC 2015-08-10 19:37:19
    Tagged date                              : UTC 2015-08-10 19:37:19

    Video
    ID                                       : 1
    Format                                   : AVC
    Format/Info                              : Advanced Video Codec
    Format profile                           : [email protected]
    Format settings, CABAC                   : Yes
    Format settings, ReFrames                : 2 frames
    Format settings, GOP                     : M=1, N=12
    Codec ID                                 : avc1
    Codec ID/Info                            : Advanced Video Coding
    Duration                                 : 25s 440ms
    Bit rate                                 : 19.0 Mbps
    Width                                    : 1 920 pixels
    Height                                   : 1 080 pixels
    Display aspect ratio                     : 16:9
    Frame rate mode                          : Constant
    Frame rate                               : 25.000 fps
    Color space                              : YUV
    Chroma subsampling                       : 4:2:0
    Bit depth                                : 8 bits
    Scan type                                : Progressive
    Bits/(Pixel*Frame)                       : 0.366
    Stream size                              : 57.6 MiB (97%)
    Language                                 : English
    Encoded date                             : UTC 2015-08-10 19:37:19
    Tagged date                              : UTC 2015-08-10 19:37:19

    Audio
    ID                                       : 2
    Format                                   : PCM
    Format settings, Endianness              : Big
    Format settings, Sign                    : Signed
    Codec ID                                 : twos
    Duration                                 : 25s 440ms
    Bit rate mode                            : Constant
    Bit rate                                 : 512 Kbps
    Channel(s)                               : 1 channel
    Sampling rate                            : 32.0 KHz
    Bit depth                                : 16 bits
    Stream size                              : 1.55 MiB (3%)
    Language                                 : English
    Encoded date                             : UTC 2015-08-10 19:37:19
    Tagged date                              : UTC 2015-08-10 19:37:19

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast

    @Marcin Hmm, everything looks like the rename thing should work. The AVC video seems marked as expected. The audio seems fine also.  I have files with both big and little endian PCM audio and they all work with the rename. I don't have anything with a 1 channel 32K audio. I cannot believe that could be a trigger.

    If you can Dropbox/similar a test clip I could play around with it some.

  • Aladdin4d
    Aladdin4d Moderator Website User, Imerge Beta Tester Posts: 2,509 Enthusiast
    edited April 2016

    I'm putting this here for @Marcin but it should probably be added to your thread @NormanPCN. I would suggest trying  Avidemux  to eventually get to an MP4 container for problem files. When you have an audio stream that isn't compatible it can either extract the audio to an uncompressed WAV or convert it to AAC  along with being able to copy the video stream to the new container without transcoding it.

  • Marcin
    Marcin Website User Posts: 132 Just Starting Out

    @Aladdin4d thanks, I will follow this path if I need to transcode DSLR file

    @NormanPCN I'm uploading a sample file and will PM you the link to it later

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast
    edited April 2016

    @Marcin @SimonKJones I DL'd your file. I believe this is probably a bug in Hitfilm. It's internal decoders are rejecting the renamed file for whatever reason. VLC and Vegas accept and play the file fine. They are both self contained and not using Quicktime.

    It is probably something in the file headers. If I remux the original MOV video and audio into a new MOV file with ffmpeg, and then rename that file to MP4, then Hitfilm accepts that just fine. The only thing changing here are the file/stream headers since the video/audio data streams are not touched with the remux.

    Hitfilm is intolerant of whatever the unique condition Pentax has in their original file.

  • Aladdin4d
    Aladdin4d Moderator Website User, Imerge Beta Tester Posts: 2,509 Enthusiast

    @NormanPCN If I had to guess the original file is probably using a very old index format for the audio that not every demultiplexer can handle. This page has a little info on it:

    http://www.gdcl.co.uk/2013/02/15/PCM-in-MP4.html

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast

    @Aladdin4d Could be. I have a mov/mp4 dumper but I don't know enough about the atoms to compare differences.

    One thing I noticed is that the Pentax MOV file has an interesting value for the ftyp minor version. 0x30303030. ffmpeg output 0x00000200. Both have "qt  " as the major version. The compatible brands field is also different.

    One final thing. Vegas uses the Mainconcept decoders like Hitfilm. I guess the reason thing is, who does not use MC. Vegas does not seem to use the generic MC file importer (mf import). They go directly to specific codec(s) by their own organization. All that is very specific but the point is that the Mainconcept code can, and does, work with the Pentax files. At least how Vegas is using MC.

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast
    edited April 2016

    @Marcin @Aladdin4d @SimonKJones

    I looked up the Quicktime format spec. I now believe the Pentax MOV file has a stupid bad error in the minor_version field. Quicktime says...

    "Minor_Version A 32-bit field that indicates the file format specification version. For QuickTime movie files, this takes the form of four binary-coded decimal values, indicating the century, year, and month of the QuickTime File Format Specification, followed by a binary coded decimal zero."

    So the Pentax file with 0x30303030 is stating it conforms to the Quicktime spec from the year 3030. The last byte should be zero and it is not. The year 3030 has not happened yet. That might be why something in the Hitfilm demuxer is complaining. The file conforms to a "future" spec.

    I checked files from Canon, Panasonic and BMCC as well as files rendered from Vegas via DNxHD. They had various values of 0x2005, 0x2012 and such. Interesting the ffmpeg minor version is also "bogus" 0x0000. The year 0. That is wrong since Qt did not exist then but that date is older than anything that might be compared against.

    edit: could not reproduce with a fresh DL of the original file.

    Okay, Pentax are idiots. The file is still valid in all other aspects. I hacked the 0x30303030 to a good value like 0x20050300. Hitfilm had no problem importing the file. Quicktime itself has no problem reading the original Pentax file. Same for all other software I tested. Maybe Hitfilm should be as forgiving.

     

  • Marcin
    Marcin Website User Posts: 132 Just Starting Out

    @NormanPCN Hmm, I opened the file in a HEX editor, replaced 30 30 30 30 with 20 05 03 00 (in HEX, of course) an still cannot open the file after renaming to mp4. Could you please upload the altered file so I can download it and compare with original?

    Thanks a lot so far :)

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast

     @Marcin I did a fresh DL or your file and I cannot reproduce my simple patch mentioned in a previous post.

  • NormanPCN
    NormanPCN Website User Posts: 4,062 Enthusiast
    edited April 2016

    Restarting from scratch. My original tweaks were with the audio channel and apparently I ended up with a tweaked version of the original file that I thought was still the original. Oops. My bad.

    The renamed Pentax MOV to MP4. VLC, Windows and Quicktime media players all play the file fine. Sony Vegas NLE imports and plays the MP4 file fine sans Quicktime. I said that before and nothing has changed.

    It seems Hitfilm may have an issue with the audio channel in the MP4. A remux of the video stream and converting the audio to stereo leaving the sample rate unchanged has Hitfilm not complain on import of the file.

    ffmpeg.exe -i %1 -c:v copy -c:a pcm_s16be -ac 2 "%~dpn1_mov.mov"

    ren "%~dpn1_mov.mov" "%~n1_mov.mp4"

  • Sarasota
    Sarasota Website User Posts: 272
    edited August 2016
  • FlyingBanana78
    FlyingBanana78 Website User Posts: 446 Enthusiast

    Go figure, another Apple issue...,.. I find it hard to believe that they are more concerned with the hackability of an iPhone that the government needed help getting into yet they could care less about an issue such as this with their companies name attached to it. They always stress security yet this is an issue. But I couldn't agree more with what Simon mentioned, stay away from dodgy websites and downloads. Or just wrap your modem and keyboard with a condom and protect yourself from ITD's (Internet Transmitted Diseases)

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador

    As a user on the SoCalVegas Usee Forum stated: disable the Quicktime plug-in for your web browser. That prevents code running while leaving the libraries available for local use. 

  • BobDiMarzio
    BobDiMarzio Website User Posts: 632 Just Starting Out

    I will take the same route as Triem23.  Also, could it be possible that the reason that  US government is taking such a major interest is Apple vulnerabilities is based on Apple refusing to help in the I-phone hacking issue? 

  • Triem23
    Triem23 Moderator Moderator, Website User, Ambassador, Imerge Beta Tester, HitFilm Beta Tester Posts: 19,417 Ambassador

    Gasp! Shock! Never, EVER! @BobDiMarzio ! The cynical, plausible horror of it all! 

    Maybe. 

  • Aladdin4d
    Aladdin4d Moderator Website User, Imerge Beta Tester Posts: 2,509 Enthusiast
    edited April 2016

    You don't think the US government would stoop so low as to try and embarrass a major multi-national tech company just because the government didn't what it wanted do you? That would be petty and childish........

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!