Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Of course it bombed (Score 2) 205

From the summary Tron:Legacy grossed $400 million from $170 million - that's a success even by Hollywood "hide the profits to avoid royalty payments" maths.

Eh, it's closer than that. Studios see 50-55% of the domestic box office and anywhere between 15-50% of the foreign box office (depending on how much of a cut the distributor in a particular country takes.)

Tron 2 did $172 mil domestically (so figure the studio got $86-$95 mil) and $228 mil internationally (so that take isn't going to be any higher than $114 mil MAX, and probably a lot lower.) So that's $209 million at the very top end, against a production budget of $170 mil. If that $170 mil includes marketing costs (everyone reports that differently) then you're looking at anything from a mild profit to a mild loss overall. If you figure an additional $10-20 million was spent on marketing, we're a lot closer to "losing money no matter what" territory. Yes DVD sales will help them profit in the long run, but a success or failure is generally measured at the box office.

I can see them doing this - there's no indication that Tron 3 would make _more_ money than Tron 2 did at the box office, and it could very well make less. They've weathered the nuclear bombs of John Carter, The Lone Ranger, and now Tomorrowland all in the past couple of years - it makes sense that they're going to stick with franchises where they can print money.

Comment Or people could, you know, do their damn jobs... (Score 2) 57

As the article points out, the only reason this was able to work was because one of the upstreams didn't filter announcements correctly. So instead of one provider doing something simple, the "fix" is for the rest of the world to do something complex?

Back in the day if a provider dicked around with BGP enough (either through incompetence or malice) they would find that eventually no one would accept any prefixes originating from their network. Kind of hard to have customers when the rest of the internet won't accept your traffic, isn't it?

BGP4 was new and exciting in 1994, and people are still doing it incorrectly. Film at 11.

Comment Re:There's a clue shortage (Score 4, Insightful) 574

My personal favorite - and one I was dinged on several times before I learned to basically just lie my ass off about it - was how many servers I've been responsible for at one time. At some ISP jobs I've had, I've had to touch hundreds of unique servers while helping clients, but only had maybe 20-30 to worry about day to day. But companies hiring based on this metric want to hear that you were administering 200+, 500+, whatever number of servers on a daily basis. This is bullshit for two main reasons:

1. No single person is personally touching dozens or hundreds of servers on a daily or even weekly basis. A _team_ of people might, but a person isn't.
2. Once you get into a mid double digit number of servers (or sometimes even sooner) you're using automation stuff like Chef or CFEngine or BladeLogic or whatever. At that point 50, 100, 500, 5000 servers become rapidly irrelevant, because you're thinking in terms of a single task affecting an arbitrary number of servers, not a one-to-one situation. You're not logging into each individual server and firing off Windows Update every Patch Tuesday. In fact if you're wasting your time doing crap like that I would argue you're not a very good system administrator, because you're not learning and growing, you're simply caring and feeding.

Comment Re:Great idea at the concept stage. (Score 1) 254

NAT is NOT a firewall. Meaning that you haven't hid anything and you are not secure. Also NAT is a huge reason why IPSec doesn't work. It breaks the internet.

Oh look, it's one of those purist types.

If an arbitrary host can't reach through my router and connect to an arbitrary device in my home network, guess what? That's effectively a firewall. Yes it's not a _packet filtering_ firewall, but who cares? The end effect is the same. NAT takes multiple devices that only need to connect to other internet hosts (not be connected to themselves) and lets it work.

In a NAT situation, the return packets from the host my PC is surfing to are translated so it all functions. If that same PC were on a public IP, a stateful firewall would open the return ports so the packets could get back to the PC from the web server. Care to tell me what's insecure about one vs. secure about the other? Unless there's actual inspection going on, those return packets could have the same bad data in them regardless. I'm not "more secure" simply because a slightly smarter device managed to let me make the same de facto connection to a web server that a basic NAT device would. I'm only _truly_ secure if my intermediate device, be it a NAT router or a stateful firewall, can actually inspect the return traffic and stop it from reaching my PC if it's bogus or bad.

And IPSec didn't take off because it was WAY too complex, and stupid parts of it like AH mode and transport mode should have never made it in. There are multiple overlapping ways to do the same thing and there didn't need to be.

Comment Re:Final Update to XP (Score 2) 417

For SNI, you can enable it, but you can't rely on it since IE on XP will show SSL errors. However, there are many, many other devices out there aside from IE on XP that don't support SNI.

Most of which are pretty deprecated at this point. Android Honeycomb came out in late 2011, Windows Mobile 6.5 in late 2009, iPhone 4 in mid 2010. All of those (and anything later) are SNI capable. It's pretty much been the "IE on XP" crowd that's holding back adoption, everyone else would be in the 1% "other" category of most web sites.

Comment Re:Irrelevant for the normal consumer (Score 1) 206

What if they decide to charge you some insane sum of money for something you did not agree to?

Then I flag it as a fraudulent transaction and let my credit card company handle it? There is nothing a company like Netflix can do to me (and actually manage to pull off) that would be worth my time and money dragging them into court for. This is pretty much true of any company that one has month-to-month dealings with at dollars or tens of dollars per month. Once again, we're not talking about a situation where I sign a contract and the company I'm dealing with can move the goal posts after the fact and tell me to suck it - that's a situation where lawsuits are pretty much the only option.

Comment Re:Irrelevant for the normal consumer (Score 1) 206

Yeah, I don't get this at all. If Netflix starts pulling shenanigans I cancel my account and I'm out the $20 for the month, that's it. Why would I even think about bothering to sue them? This isn't like a cell phone situation where you're locked into a contract for two years and if they don't provide the service you think they promised you can't just cancel, so you have to sue them for redress.

Comment Re:You know why they call it Xbox 720 (Score 2) 543

Pre-iTunes: CDs for $20-$30 for a dozen songs. That you would still need to rip

Where the hell did you buy your CDs? Most of the music on iTunes is the kind that tends to be sold at discounts at places like Wal Mart or Best Buy, so it's more like $12-15 for a CD. Even when somewhere like Barnes & Noble sells it at full price it's $18 or so.

Comment Re:Proof you are 100% wrong per your request (Score 1) 176

Do you have a problem reading and understanding the English language? While I appreciate your attempts to credit the definition as my own, it has been an accepted term in security circles for a long time, and I am not the one who came up with it. Nobody worth their salt ever said that 100% security can be achieved, and you are not saying anything that isn't obvious to even a security neophyte like yourself. What is known is that security through obscurity is not an effective method of achieving security, even in deference to the fact that nobody will ever achieve 100% security.

It's a very accepted term, but you're not using the accepted definition. You're equating "obscure" with "secret". If I look at a security algorithm and by doing so enables me to break into whatever it's protecting, that's security through obscurity. If I look at one but still something like keys or passwords, that is NOT security through obscurity. Yes the keys or passwords are "obscure" but they _have_ to be, and that's not what people mean when they use that word.

Comment Re:So what? (Score 1) 360

Ever worked a trade show in a place like Chicago or Las Vegas? No? You have absolutely no idea what the hell you're talking about.

Part of the reason CES left Chicago is the smaller vendors wouldn't/couldn't afford to pay a union electrician the exorbitant minimum fee to do something as simple as plug a device into a power outlet. I kid you not - if you were (for example) a boutique loudspeaker vendor with one product and all you had to do was plug in the power amp/preamp/CD player running the speakers you're demoing and you did it yourself, you better have someone sleeping in your booth or room overnight because the next morning there was a chance something would be damaged, and all anyone could do is shrug. The damage would never happen to the vendors that paid hundreds or thousands of dollars for what amounted to an hour or less of actual electrical work.

Comment It's been the case for years... (Score 3, Informative) 78

Was able to get into the Winter CES in Chicago back in the early 90s just because I was a register drone at Babbage's (computer software and video game store for you youngn's.) I think they had me down as "buyer" even though I had nothing to do with what the company stocked. Hell a buddy of mine who built PCs in his basement got in with a "technician" badge. As long as you didn't show up with children in tow and could ask reasonably coherent questions they were mostly happy to deal with people that were a half step above "Joe Q. Public."

Comment Re:I'm sorry, is there an echo? (Score 1) 348

I didn't mean to suggest anything specific to Apple or Android devices. The point I was trying to make was control of information - in regulated environments we're not going to allow something to connect to the corporate network that is then going to get taken home and synced with a personal computer, I don't care how secure the device itself can be made to be - the instant it touches anything that doesn't have a corporate identity it can no longer be vouched for.

Slashdot Top Deals

No amount of careful planning will ever replace dumb luck.