Open Source Solutions for Live Video Distribution?

mikvo asks: "I work for my state Department of Transportation, and we have a reasonably advanced traffic monitoring system, currently with almost 300 cameras (and expanding). However, our matrix (300x200) video switch is running out of life, and we have to replace it. The primary consultant on the project is recommending we move entirely to digital video, using VBrick encoders and decoders. It's a private network, though we know there are still security issues around that. However, the primary question is, are there viable open source alternatives for both encoding and decoding the live video streams, rather than relying on proprietary (read expensive) decoding hardware?"

"The video encoders would have to be deployed in the field (protected cabinets, but still subject to tempreature extremes), while the decoders would all be indoors. The decoders would also have to support rapid (sub-second) switching between video streams. We would require full remote management of both encoders and decoders. I know I can use something like vlc (VideoLAN client) just to read the video streams coming from a VBrick encoder (I have that working on our demo units). However, I'm not sure I'm totally comfortable with the cost of the propsed solutions, especially when it's my tax dollars (in part at least) that are paying for it.

Video distribution would have to be on-demand viewing of any encoded video stream, by any authorized party. The control center has a large (14 screen) video wall that, ideally, should be able to display any video in any of the 14 quadrants, or to show video spread over multiple quadrants.

I'm perfectly happy to do the research (and I've started doing some), but I'm looking for tips or ideas. I'm not an expert when it comes to video solutions on open source operating systems."

Most Unsecure OS? Yep, It's Linux

November 26, 2002 | Paul Thurrott

According to a new Aberdeen Group report, open-source solution Linux has surpassed Windows as the most vulnerable OS, contrary to the high-profile press Microsoft's security woes receive. Furthermore, the Aberdeen Group reports that more than 50 percent of all security advisories that CERT issued in the first 10 months of 2002 were for Linux and other open-source software solutions. The report muddles the argument that proprietary software such as Windows is inherently less secure than open solutions. And here's another blow to the status quo: Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period. Could Windows be the most secure mainstream OS available today?

"Open-source software, commonly used in many versions of Linux, UNIX, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers," the report reads. "Security advisories for open-source and Linux software accounted for 16 out of the 29 security advisories--about one of every two advisories--published for the first 10 months of 2002. During this same time, vulnerabilities affecting Microsoft products numbered seven, or about one in four of all advisories."

The stunning report makes several claims that seem to fly in the face of widely accepted beliefs. First, the Aberdeen Group says that Windows-based Trojan horse attacks peaked in 2001, when CERT released six such advisories, then bottomed out this year, when CERT didn't issue any alerts. However, Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002. The Aberdeen Group says this information proves that Linux and UNIX are just as prone to Trojan horse attacks as any other OS, despite press reports to the contrary, and that Mac OS X, which is based on UNIX, is also vulnerable to such attacks. Even more troubling, perhaps, is the use of open-source software in routers, Web servers, firewalls, and other Internet-connected solutions. The Aberdeen Group says that this situation sets up these devices and software products to be "infectious carriers" that intruders can easily usurp.

According to the Aberdeen Group, the open-source community's claim that it can fix security vulnerabilities more quickly than proprietary developers can means little. The group says that the open-source software and hardware solutions need more rigorous security testing before they're released to customers. This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain.

We can rail against Microsoft and its security policies, but far more people and systems use Microsoft's software than the competition's software. I believe that we'll never know how secure Linux is, compared with Windows, until a comparable number of people and systems use Linux. But despite the fact that Linux isn't as prevalent as Windows, we're still seeing a dramatic increase in Linux security advisories today. I think the conclusion is obvious.