Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:Sigh. (Score 1) 124

It's very unlikely that we will see AAA VR titles any time soon. Simply because the market is by no means big enough yet to be interesting for AAA developers.

AAA titles have to sell in the millions or at least close to it to recoup investment. That's by no means possible now. In November, Valve announced "more than" 140k Vive units sold. Let's say they sold 200k by now. And let's add as many Occulus, and throw in another 100k "others". That would mean that there is a world wide market of half a million units.

Even if every single owner of any VR device bought that title we're still not at a number that warrants the investment. With a cost in the ballpark of 10 to 40 million dollars, nobody is going to risk that on a game that may, at best, sell half a million units. Yes, yes, at 60 dollars a unit this may even break even. But with the same budget you can crank out the next incarnation of CoD, BF or slap a new year number onto some sports game and make a multiple thereof.

Risk free.

Comment Where 3d TV failed and why it doesn't translate (Score 3, Interesting) 124

3DTV has one fundamental flaw: It doesn't add to the experience. You're still watching a movie. Basically, to translate it to VR, that would mean that you're still playing Civilization or Tabletop Simulator, but watch the game float in front of you instead of looking at it on a screen. If that was all VR is, yes, it would be doomed to fail. Because for that experience, the overhead is WAY too high. Setting up the whole equipment, in a room that's more or less dedicated to playing, wearing a VR helmet, all that just to get an experience that may be fun the first 3 times but loses its gimmicky charm soon, that won't fly.

VR is much, much more, though. Yes, there are games that are essentially banking on being gimmicky versions of normal games, but there are also experiences you cannot sensibly duplicate on old school gaming hardware. There is that lightsaber game, or a game where you climb up houses, games where being able to experience 360 degrees is vital to the whole game and so on.

New technologies in gaming have often been used wrongly. Why? Because all that was tried was to cram the same games into the new technology. Often with subpar results. Whether it was different input devices or some gimmicky toys (powerglove, anyone?), what most of them did, and what still a lot of VR game developers do, was to try to cram the old formula into the new technology. That can only fail. Because the formula has already been optimized to fit the technology that exists. You will not create the better RTS game in VR. At least not if you offer the same interface that is optimized for keyboard/mouse/screen gaming. If you can add the VR component, then we're talking. How about a "god-game" where your believers actually react to where you stand, towering over them? Or a strategic game where you actually ARE the general and your troops actually react to you being "there" with them?

VR games will, at least in my expectation, be less defined about how you play something different but way more about immersion than games were so far. To expand on the "general" example from above, contemporary games already allow you to play Napoleon, sit on your hill and send dispatch riders to your troops. VR will allow you to really experience this, with full 3D audio and the fully immersive experience of "being there". The quality of the experience would be a vastly different one. And this can actually be true for any kind of game, from sports to RTS to jumpscares, whatever your preferred genre, the experience will be vastly more immersive.

What will make or break VR, though, is whether we find new genres that only make sense on VR. Like I said earlier, there are a few experiences you cannot sensibly duplicate without VR. That would be basically all experiences where a full body simulation enhances the experience or even makes it possible in the first place altogether. The lightsaber game from earlier would be a good example. There isn't really a sensible way you can implement something like this with mouse/keyboard input or controller input. It just won't get the same feel to it.

Comment Re:Oh please (Score 4, Interesting) 180

Any language where the default equality comparison operator is *true* given two string-type variables with values "0E54321" and "0E12345" is not a cryptographically secure language. In fact there is a nonzero chance of the default equality operator returning true between two different MD5 or SHA256 hashes if they happen to fall into a hexadecimal form that is all digits except for one E or F.

Technically, that (in itself) doesn't necessarily mean that the built-in cryptography nor the language itself are inherently insecure. In theory, that is, provided you understand the language and use it correctly.

And that's the problem. Because in practice, PHP's design philosophy of trying to be clever- often too clever by half- when it comes to comparisons, equality, automatic coercion, data types, etc. etc. too often gives unpredictable and unexpected results from people who weren't aware of that behaviour.

You absolutely do *not* want any risk of this happening when you're designing a system that has to be secure. You want boringly explicit and utterly predictable data and type handling.

My prediction is that far, *far* more security holes will be down to bugs caused by unforeseen subtle aspects- i.e. pitfalls- of PHP's type handling and equality behaviour (etc.) in the apps using it rather than bugs in the cryptographic module itself.

PHP being a language more favoured by inexperienced users, this is likely to be made far worse. Expect lots of newbies with misplaced confidence designing what they think are "secure" apps that are in fact full of holes- either because they've misused or misunderstood the cryptographic module, or because they've overlooked some basic aspect of computer security elsewhere (e.g. failure to parse input securely) that makes the use of cryptography irrelevant.

And those are the sorts of mistakes newbies would make when using any language- with PHP's language design issues on top of that, it has the potential to be far worse.

So, yeah. I trust that the module will be secure. The main problems- I guarantee- will be caused by caused by overlooked (or not known about) aspects of PHP's too-clever-by-half data handling (in client apps using it) leading to exploitable holes, and by the fact that too many of PHP's newbie-skewing userbase will overconfidently assume it makes their apps foolproof while using it incorrectly and ignoring security holes elsewhere that make it redundant.

Slashdot Top Deals

In a consumer society there are inevitably two kinds of slaves: the prisoners of addiction and the prisoners of envy.