Tag Archives: From: Comments

Rogue One (Star Wars) and Imperial IT (SPOILERS!)

I liked Rogue One: A Star Wars Story quite a bit. Despite having a very different tone from either the original trilogy or the prequels, it’s still recognizable as a Star Wars film, and successfully weaves in and out of the events leading up to A New Hope.

There’s a somewhat odd setup for where they actually find the Death Star plans, though. SPOILERS after the cut:

Continue reading

Anaheim GardenWalk: Reinvented?

The Beat’s offhand mention of Anaheim GardenWalk got me curious and I went looking around for more info on the mall’s current status. The last few times I’ve been there, it’s been practically a ghost town: behind the anchor restaurants out front, there were a handful of stores, then nothing, nothing, more nothing, and finally a movie theater way at the back and a Johnny Rockets that probably only stuck it out because it was so close to the theater. (The mall opened in 2008 — very bad timing — and never recovered.)

Apparently they’re trying to reinvent it as a restaurant/entertainment hub, with House of Blues moving over from Downtown Disney and more luxury hotels. (What is it with the luxury hotels?) Edit: I think I’ve been to the old location a half-dozen times, and it did suffer from sightline issues and crowding. They’re taking over part of the movie theater at Garden Walk to build the new venue, which will be bigger, add some seating areas in addition to the standing room, and have some of the side spaces as well. I think the HoB has a better shot than the rest of the mall, honestly.

So I’m not convinced, but if it works out, it could benefit WonderCon next year. It’s not a super-long walk (except in hot weather), and if they have a shuttle for parking like last year, it would make it even easier to get to.

From a comment at The Beat’s article on the Guardians of the Galaxy ride opening at Disney’s California Adventure.

HTTPS is a lot easier than it used to be.

The cost of implementing HTTPS on your own site is a lot lower now than it used to be. For instance:

  • Let’s Encrypt offers free certificates for any site, and some web hosts have software integration that make ordering, verifying and installing a certificate as simple as checking a box and clicking a button. (I’m impressed with DreamHost. I turned on secure hosting for some of my smaller sites a few months ago by just clicking a checkbox. It generated and installed the certs within minutes, and it’s been renewing them automatically ever since.)
  • Amazon now has a certificate manager you can use for CloudFront and other AWS services that’s free (as long as you don’t need static IP addresses, anyway) and only takes a few minutes to set up.
  • CloudFlare is offering universal HTTPS even on its free tier. You still need a cert to encrypt the connection between your site and CloudFlare to do it properly, but they offer their own free certs for that. They’ll also let you use a self-signed certificate on the back end if you want. (It’s still not perfect because it’s end-to-Cloudfront-to-End instead of end-to-end, but it’s better than plaintext.)

You may not need a unique IP address anymore. Server Name Indication (SNI) enables HTTPS to work with multiple sites on the same IP address, and support is finally widespread enough to use in most cases. (Unless you need to support IE6 on Windows XP, or really old Android devices.)

Now, if you want the certificate to validate your business/organization, or need compatibility with older systems, you may still want to buy a certificate from a commercial provider. (The free options above only validate whether you control the domain.) And depending on your host, or your chosen software stack if you’re running your own server, you may still have to go through the process of generating a request, buying the cert and going through the validation process, and installing the cert.

But if all you want to do is make sure that your data, and your users’ data, can’t be intercepted or altered in transit when connecting to reasonably modern (2010+) software and devices, it’s a lot less pain than it was even a year ago.

The hard part: Updating all your old links and embedded content. (This is why I’m still working on converting Speed Force and the rest of hyperborea.org in my spare time, though this blog is finally 100% HTTPS.)

And of course dealing with third-party sources. If you connect to someone else’s site, or to an appliance that you don’t control, you have to convince them to update. That can certainly be a challenge.

Expanded from a comment on Apple: iOS to Require HTTPS for Apps by January at Naked Security.

SDCC Lottery: The Least-Bad Option?

SDCC is moving to lottery-based pre-registration for 2014 to even out the crush of everyone hitting the site in the first 10 seconds after launch. Instead of first-come first-serve, you sign in anytime within a window and it randomly assigns your place in line.

I think we’re at the point where there just is no good way to handle the demand. A lottery — or rather, a pair of lotteries, one open to past attendees and one open to everyone — may very well be the least-bad option for now.

Originally published as a comment on SDCC Blog’s discussion of the change.

SDCC Ticket Meltdown

Comic-Con 2011 ticket sales crashed under heavy load shortly after going online.

I think we’re seeing another shift in the process of getting to Comic-Con.

It used to be that, as long as you were aware of the onsale dates and could both plan your trip and pay for your tickets far enough ahead of time, getting those tickets wasn’t a problem. Sure, the show might sell out months ahead of time, but it would take weeks or months to get to that point.

Now, people are looking at preview night already being sold out, and looking back at their last experience with hotel reservations, and freaking out: We can’t just buy our tickets this week – we have to buy them NOW, as soon as they go on sale, or we won’t be able to get in!

Get enough people reacting that way, and it becomes a self-fulfilling prophecy. Fear of a rush ends up creating a rush, just like fear of a run on a bank often triggers one. Add in the live progress bars as a feedback mechanism, and it snowballs even faster.

Until it crashes the server, anyway…

(Originally posted as a comment at The Beat.)