Video: A Forensic Approach to Video

Unplayable media is everyone’s nightmare, made all the worse if it could be key evidence in a crimnial case. This is daily fight that Gareth Harbord from the Metropolitan Police has as he tries to render old CCTV footage and files from crashed dash cams playable, files from damaged SD cards and hard drives readable and recover video from old tape formats which have been obselete for years.

In terms of data recovery, there are two main elments: Getting the data off the device and then fixing the data to make it playable. Getting the data off a device tends to be difficult because either the device is damaged and/or connecting to the device requires some proprietary hardware/software which simply isn’t available any more. Pioneers in a field often have to come up with their own way of interfacing which, when the market becomes bigger, is often then improved by a standard way of doing things. Take, as an example, mobile phone cables. They used to be all sorts of shapes and sizes but are now much more uniform with 3 main types. The same was initially true with hard drives, however the first hard drives were so long ago that osolecence is much more of an issue.

Once you have the data on your own system, it’s then time to start analysing it to see why it won’t play. It may play because the data itself is of an old or proprietary format, which Gareth says is very common with CCTV manufacturers. While there are some poular formats, there are many variations from different companies including putting all, say, 4 cameras onto one image or into one file, running the data for the four cameras in parallel. After a while, you start to be able to get a feel for the formats but not without many hours of previous trial and error.

Gareth starts his talk explaining that he works in the download and data receovery function which is different from the people who make the evidence ready for presentation in a trial. Their job is to find the best way to show the relevant parts both in terms of presentation but also technically making sure it is easy to play for the technically uninitiated in court and that it is robust and reliable. Presentation covers the effort behind combining multiple sources of video evidence into one timeline and ensuring the correct chronology. Other teams also deal with enhancing the video and Gareth shows examples of deblurring an image and also using frame averaging to enhance the intelligability of the picture.

Gareth spends some time discussing CCTV where he calls the result of the lack of standardisation “a myriad of madness.” He says it’s not uncommon to have 15-year-old systems which are brought in but, since the hard drives have been spinning for one and half decades, don’t start again when they are repowered. On the otherhand the newer IP cameras are more complicated whereby each camera is generating its own time-stampped video going into a networked video recorder which also has a timestamp. What happens when all of the timestamps disagree?

Mobile devices cause problems due to variable frame rates which are used to deal with dim scenes, non-conformance with standards and who can forget the fun of CMOS videos where the CMOS sensors lead to wobbling of the image when the phone is panned left or right. Gareth highlights a few of the tools he and his colleagues use such as the ever-informative MediaInfo and FFProbe before discussing the formats that they transode to in order to share the videos internally.

Gareth walks us through an example file looking at the how data can be lined up to start understanding the structure and start to decode it. This can lead to the need to write some simple code in C#, or similar, to rework the data. When it’s not possible to get hold of the data in a partiular format to be playable in VLC, or similar, a proprietary player may be the only way forward. When this is the case, often a capture of the computer screen is the only way to excerpt the clip. Gareth looks at the pros and cons of this method.

Watch now!

Gareth Harbord Gareth Harbord
Senior Digital Forensic Specialist (Video)
Metropolitan Police Service

Video: Reasons to cry –  living room device app development

HbbTV is a transmission standard seeking to unify over-the-air transmissions and broadband-delivered services into a seamless service. This aim is the same as ATSC 3.0 though the means of achieving it are not the same. HbbTV has seen growing use since its debut in 2006 and is now on its 2nd iteration.

James Williams has spent a lot of time getting services working on HbbTV-compliant hardware. STB manufacturers always have to balance very carefully the cost of the box against the components and hence performance. This leads to some unfortunate compromises when it comes to ‘secondary features’ such as rendering HTML, CSS or Javascript even if they are required in order to validate a box against a standard. This talk is a synthesis of what’s he’s learnt, fought against and endured making, sometimes very simple, things work.

James starts by looking at the boxes available and, importantly, the SDKs behind them which are many and varied. We’re then taken through some of the XML necessary to get an HbbTV app up and running including some key “dos and don’ts”. Now that we’ve seen how to invoke a program, James takes us on an amusing journey into getting a loading spinner to work and the many attempts, all highly reasonable, to convince this to be rendered.

For a video service, playing videos is probably the most important function so next we look at the surprising number of ways one can fail to get video to play using quite rational parameters in MPEG DASH seeing the ways to make it work and the ones to avoid. Finally we see the variety of responses that boxes report back their failure to render video.

A cautionary tale, or a guide to survive? You decide.
Watch now!


James Williams James Williams
Solutions Engineer,