Advice on safe internet use is "horrible", he added. Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online.
The alternative is horribly locked down appliances that can't do what the user asks it to do. It means distrusting the owner of the device. There are scenarios where that can make sense where the role of the device is very well defined (ATMs, Point of Sale equipment, etc), but personal computers are by their very nature empower their users to do things the vendor would not have necessarily conceived of.
I agree that anti virus measures are not that good, but it just means that user education is all the *more* important, unless you don't want to let the users do anything or you don't have any users doing creative technical work.
Dominant players in the market tend to recognize ability to rest on their laurels, while smaller players tend to be more aggressively trying to win business. If they fail to do that, they'd go out of business.
Basically a company with prospects for growth will, on average, do better by their customers than a company without any prospect to grow.
I think the issue for a lot of sysadmins is that trends have ultimately resulted in them losing the practical ability to manage what the software is doing security wise, but are still left accountable for mistakes. There is a great deal of pressure in the industry to be fast, and to be fast, just let the developers own deployment of their own software, enabling various technologies to let the 'user' be 'root' in some special domain to give them freedom.. However, somehow the admins continue to stay on the hook for problems that arise from how that software is deployed, despite having no control over deployment. So an admin in such a position is justified to quiz the developers to make sure *they* understand what they are doing to themselves, and perhaps lead them to more deeply understand the lego block modules they are haphazardly slapping together. Those modules are of widely varying levels of quality and commitment, and no good way to know at a glance if it's a wise decision to use them or not. Even when they are done well, any tool used incorrectly can lead to trouble. Of course, in these cases, the admin staff would take the heat, so they are actually making the correct call on their end, since they are shielded from those sorts of consequences.
I have seen a lot of this 'cobble stuff together' mentality. In my experience, nodejs is the worst (applications that on deployment just npm whatever the latest version of every little bit, and there are a *lot* of little bits people pull in because javascript core is missing so many builtins), though every language with a package repository suffers to some extent. There's no longer any time for test. People don't even mirror a known working copy of their libraries, instead just assuming latest is always greatest and never causes a problem, no matter how many times new problems smack them in the face.
That's not to say that there aren't a lot of good things in these trends, but there hasn't been enough interest in keeping the good bits of the way things used to work and *way* too much confidence in random anonymous peoples' development, support, and test skills and methodologies. If the developers are empowered, they should also be the ones to face consequences. The admin staff can be held accountable for the infrastructure bits they own, but generally speaking they have no real control over any facet of an internet facing service (in select environments, I do know a lot of places where the admins still manage things very thoroughly, much to the chagrin of the application owners).
It could be a boatload of MIRV warheads, which would be destroying that much geographic area for all practical definitions of the concept. It doesn't say it is a single warhead.
The point that MS was *trying* to make was that they could give a phone that when docked becomes a viable PC (shame they made it based on ARM, which nullifies that promise of value, even in theory).
MS has a challenge that on the one hand they need to move beyond leveraging their near monopoly on desktop to get success. The problem is they haven't produced something that is new and compelling on its own merits in over a decade. They keep breaking and fixing Windows, keep milking the cash cow that is Office. Continue selling SQL server to shops that say 'hey, ' SQL server from our OS vendor, good enough'. They continue to enjoy their position with Exchange of having unbelievably terrible competition in the space. On the flip side they struggle to get people to enthusiastically adopt their messaging platform (repeatedly rebranding it and redressing and still having fundamental problems) or sharepoint (which makes users and admins alike cringe in much the same way people cringe at the phrase 'Lotus Notes').
I suppose Azure is a sign of their success, buried in the bowels far away from consumer end users at least..
Well, in principle it's not so far fetched. In terms of compute power, most people have needs that can be met. The PC difference is human factors around input/output. So their 'continuum' concept is not too terrible in *theory*.
In practice, 'modern' applications are nearly non-existant, making the phone-friendly applications exteremely limited. Where they do exist, they tend to have a worse interface than their Android/iOS equivalents (e.g. netflix's modern app is terrible). 99% of my Windows 10 PC usage is 'traditional' win32 applications (occasionally I open up calculator). With the windows 10 improvements, at *least* it's possible to create a viable UI for desktop and full screen usage, though still being responsive UI to span anywhere from a window on a desktop to a tablet to a phone is an art that escapes most UI designers.
The key infrastructure as such is not suited for meaningfully secure communication. Opportunistic encryption is trivially overcome by a man in the middle.
I think the point is despite *trying* to design it 'secure it in the first place', there were failures. It's easy to criticize in hindsight, and claim that if they had just secured it *right* in the first place, this wouldn't be a problem, but it is disingenuous to say they didn't even try.
This is the crux of the problem for security. Even if you *try* to do it right, there is every likelihood that you will mess up. Even if you pull in a 'trusted security company' to audit your design, they'll frequently do an inadequate job because they lack expertise in what you are doing to credibly know if it is secure. They'll look for things that vaguely resemble other generic things and sometimes yell loudly about some non-issue that makes no sense in context, and at the same time completely miss glaring security issues.
You cannot *prove* security. Security is not a set of absolute laws, it is a subjective call. There are of course some *limited* facets that are more concrete (buffer overruns are never good, for example), but security is a big thing that encompasses a lot and in fact two different approaches can both rationally call each other insecure and themselves secure, depending on perspective.
You forgot installing weird things like asset management software and anti-virus, on top of being based on an enterprise distro with poor desktop support to start with, and *then* holding back updates on top of that.
Funny thing was, the anti-virus software at the time *only* supported detection of signatures of Windows viruses. They supported linux with the use case of a Samba file server to protect Windows clients, but they put it on all the linux desktops and sucked down tons of resources and brought things to a crawl.
It was the moment that I got a 'blessed' configuration of Linux to run on my laptop that I finally had some sympathy for Microsoft and how their platform is treated by vendors and IT departments and how much of MS 'badness' is due to preloads and IT department loads being very stupid. Of course Microsoft hasn't done any favors with poor QA on updates causing that mindset in the first place, but the avoidance is worse than taking the updates.
The problem is this philosophy tends to create targets of great value by putting so much infrastructure into so few places.
It's been a curious development in the internet. In the 90s, there was a trend from walled gardens and centralized resources to more federated approaches. In the last decade, the trend has reversed.
We have increasingly powerful endpoint devices, even as their form factors have shrunk. This *should* have led to the reduction of the importance of 'datacenters', but now they are more important than ever *and* so much function has been consolidated into 3 or so companies, and a handful of physical locations.
Now it's not as bad if everyone at least had their infrastructure to bank on a couple of providers as you do (so long as they all don't bank on the *same* two, but generally there's only a couple of companies people go to.for services)..
In a decentralized case, a random entity is doubtlessly unlikely to withstand such an attack, but also they are far less likely to be the target of such an attack (being a bonus effect of taking down a target versus *being* the target).
One, the Linux and Mac users are probably ones explicitly asking for it, meaning they care enough to request it specifically. Compared against the general population, the subset is going to be more experienced enthusiasts.
Two, one of the biggest enemies of Windows usability is corporate preloads. Botched updates, sometimes 5 or six anti-virus applications and multiple firewall and update managers installed haphazardly.
All that said, I'd still take Linux in a heartbeat, but still Windows to some extent suffers the downsides of its own success.
So it's going to be mostly mac enthusiasts. Similarly, the Linux users are self-selecting. If a random person is there and is given a random laptop, they are probably given Windows.
If the universe is a simulation, it is a pretty complex one
Ok, first off I'll say right up front this is all fanciful, more faith based rather than scientific. It's like debating which 'religion' is right.
But for the sake of entertainment, I'll discuss. How do we know the simulation is a pretty complex one? Comlpexity is a relative term.
So for one, there could be facets of a 'truer' reality we can't even conceive. Imagine Super Mario Brothers was a 'reality'. A third dimension would be an unthinkable exotic thing. In a very modern game, the concept of something having any smell or taste or touch are things that would not even occur to a hypothetical entity in one of those simulations. Similarly, we have quantized time and matter, meaning we effectively have a 'resolution' that may be coarse by a higher order existence standards.
For another, we don't know how much is *really* being simulated in this hypothetical. In a game, they don't simulate the other side of an object you are looking at. Similarly, there's nothing to prove that something that is not actively being observed truly exists at all times, rather than 'popping in' when observed.
Lastly, we don't know the depth to which things are really being simulated that we observe. For example, let's consider Half Life. To simulate that game, they didn't *really* have to model some weird physics thing that tears a hole between dimensions. However one could posit a being in such a world *believing* that a simulation would necessarily have to successfully model their *belief* in how things work. Many complex phenomenon and mechanisms could be in fact be glorified props, and the world written so that we believe/see in detail when it matters.
It's not a falsifiable claim, so it's not the realm of science, so we can debate this all day long with no real objective 'winner', but still it's fun...
In the automotive world, there are proving grounds to work out the kinks, not shared with the general populace or pedestrians and what not. If over a ton of equipment makes potentially unsafe maneuvers, it's hard to ever consider it 'minor'. It's only minor because another car wasn't going down that street or a pedestrian didn't step out at the wrong time because they failed to expect a car coming from where it shouldn't (yes a pedestrian should always be vigilant, but in practice particularly in well walked areas, folks get used to not paying attention).
It's worrisome to see these companies be overly aggressive (Tesla exaggerating the autonomy of their adaptive cruise control, Uber jumping straight to testing on real streets accepting pretty much whatever Uber driver to test it). There's unmanned autonous testing, but it's on proving grounds closed off to public. Google's been doing autonomous vehicle testing on real roads, but with specifically hired and specifically trained drivers.
Basically, this really *has* to be perfect and there's a long history of how to evaluate big changes in this field that is too boring for some of these newer companies to concern themselves with, and that is the crux of the problem.
In order to believe that those not filed would have been mostly frivolous, it would mean that the would-be complainers would be very aware of the body cameras. I'd wager that the only party that is very aware of the body camera most of the time is the officer.
Still, I doubt in one's own home that fear of putting on a headset due to obscuring vision is not high on the list.
High on the list would be expensive and lots of folks making it sound like a big involved mess as they make well-meaning statements that make people think they need a dedicated room just for VR and/or an exotic treadmill to enjoy.. 'Room scale' is cool and all, but right now people are making it sound like it is a non negotiable part of the experience, which is a big ask. Things that need that much real estate have never lasted.
I enjoy VR, but it's really only going to be a high end gaming accessory for now.
There's a lot of possibilites, but many of those possibilities have had room for improvement for a long time even without VR, and those improvements have never materialized. VR increases the potential of what is possible, but if it were that compelling we'd have 3D environments of hotel rooms and cars to play with already, rather than generally photographs. Photographs seem to be 'good enough'. You may say photosphere type stuff could be nice, but those don't feel cool, they feel like sitting in a big room with what you want wallpapered on the walls.
Hololens can impose a relatively tiny field of view on the surroundings, mitigating challenges that exist with headaches in a low quality VR context (enough of the real world is always visible to anchor you). When there are interactions with real life structures, there is noticable stutter as it tries to keep up.
Higher resolution isn't going to overcome the uncanny valley.
Also, the uncanny valley is not a requirement to be overcome with VR. Most games are not photorealistic. No one is going to mistake it. The key in VR is things seem to have *substance*. They may look more like toy figurines on a playset (e.g. Lucky's Tale) or life sized mannequins coming at you (Half Life VR felt like mannequins walking around to me), and that is compelling enough. Compare this to a monitor. No one mistakes a computer game graphics for real life, but it's still compelling.
I disagree that a 10k display is required. It'd be nice and the GPU to drive it would be nice too. However even with a 1080 panel, things are really nice and substantial.
Getting costs down is key. Also, Samsung may very well be right to give up on mobile. The GPU is so weak and the loss of situational awareness makes it not a very viable thing to enjoy on a bus ride or similar. This is going to be a desktop gaming accessory by and large.
I'd agree that it is expensive for a desktop accessory. For a phone, it really isn't an obscene cost adder. I'll say that VR titles are a chicken and egg challenge. I'll say the technology is not really flaky anymore, and VR sickness is an overblown concern. In my experience, exactly one person felt unwell after a VR demo, and that person would get sick just *watching* a 3d game on a monitor. In her case, she only got sick in a demo where her avatar moved. She was not sick in the face of an environment that only moved with her.
One could say the same thing about headphones, and yet people don't mind that.
I think people more mind the cost, than the prospect of wearing headset. Of course in public is another issue, loss of situational awareness in situations like riding a bus is far greater with a headset than headphones.
Slashdot Mirror
Advice on safe internet use is "horrible", he added. Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online.
The alternative is horribly locked down appliances that can't do what the user asks it to do. It means distrusting the owner of the device. There are scenarios where that can make sense where the role of the device is very well defined (ATMs, Point of Sale equipment, etc), but personal computers are by their very nature empower their users to do things the vendor would not have necessarily conceived of.
I agree that anti virus measures are not that good, but it just means that user education is all the *more* important, unless you don't want to let the users do anything or you don't have any users doing creative technical work.
Dominant players in the market tend to recognize ability to rest on their laurels, while smaller players tend to be more aggressively trying to win business. If they fail to do that, they'd go out of business.
Basically a company with prospects for growth will, on average, do better by their customers than a company without any prospect to grow.
I think the issue for a lot of sysadmins is that trends have ultimately resulted in them losing the practical ability to manage what the software is doing security wise, but are still left accountable for mistakes. There is a great deal of pressure in the industry to be fast, and to be fast, just let the developers own deployment of their own software, enabling various technologies to let the 'user' be 'root' in some special domain to give them freedom.. However, somehow the admins continue to stay on the hook for problems that arise from how that software is deployed, despite having no control over deployment. So an admin in such a position is justified to quiz the developers to make sure *they* understand what they are doing to themselves, and perhaps lead them to more deeply understand the lego block modules they are haphazardly slapping together. Those modules are of widely varying levels of quality and commitment, and no good way to know at a glance if it's a wise decision to use them or not. Even when they are done well, any tool used incorrectly can lead to trouble. Of course, in these cases, the admin staff would take the heat, so they are actually making the correct call on their end, since they are shielded from those sorts of consequences.
I have seen a lot of this 'cobble stuff together' mentality. In my experience, nodejs is the worst (applications that on deployment just npm whatever the latest version of every little bit, and there are a *lot* of little bits people pull in because javascript core is missing so many builtins), though every language with a package repository suffers to some extent. There's no longer any time for test. People don't even mirror a known working copy of their libraries, instead just assuming latest is always greatest and never causes a problem, no matter how many times new problems smack them in the face.
That's not to say that there aren't a lot of good things in these trends, but there hasn't been enough interest in keeping the good bits of the way things used to work and *way* too much confidence in random anonymous peoples' development, support, and test skills and methodologies. If the developers are empowered, they should also be the ones to face consequences. The admin staff can be held accountable for the infrastructure bits they own, but generally speaking they have no real control over any facet of an internet facing service (in select environments, I do know a lot of places where the admins still manage things very thoroughly, much to the chagrin of the application owners).
lets encrypt will issue certificates, without even so much as a registered account.
I guess you'd have to define 'destroy'.
It could be a boatload of MIRV warheads, which would be destroying that much geographic area for all practical definitions of the concept. It doesn't say it is a single warhead.
The point that MS was *trying* to make was that they could give a phone that when docked becomes a viable PC (shame they made it based on ARM, which nullifies that promise of value, even in theory).
MS has a challenge that on the one hand they need to move beyond leveraging their near monopoly on desktop to get success. The problem is they haven't produced something that is new and compelling on its own merits in over a decade. They keep breaking and fixing Windows, keep milking the cash cow that is Office. Continue selling SQL server to shops that say 'hey, ' SQL server from our OS vendor, good enough'. They continue to enjoy their position with Exchange of having unbelievably terrible competition in the space. On the flip side they struggle to get people to enthusiastically adopt their messaging platform (repeatedly rebranding it and redressing and still having fundamental problems) or sharepoint (which makes users and admins alike cringe in much the same way people cringe at the phrase 'Lotus Notes').
I suppose Azure is a sign of their success, buried in the bowels far away from consumer end users at least..
Well, in principle it's not so far fetched. In terms of compute power, most people have needs that can be met. The PC difference is human factors around input/output. So their 'continuum' concept is not too terrible in *theory*.
In practice, 'modern' applications are nearly non-existant, making the phone-friendly applications exteremely limited. Where they do exist, they tend to have a worse interface than their Android/iOS equivalents (e.g. netflix's modern app is terrible). 99% of my Windows 10 PC usage is 'traditional' win32 applications (occasionally I open up calculator). With the windows 10 improvements, at *least* it's possible to create a viable UI for desktop and full screen usage, though still being responsive UI to span anywhere from a window on a desktop to a tablet to a phone is an art that escapes most UI designers.
The key infrastructure as such is not suited for meaningfully secure communication. Opportunistic encryption is trivially overcome by a man in the middle.
One, doing IPSec and DNSSEC does not unambiguously mean 'ok, things are secure now'. In principle, they can be helpful.
IPSec is a big mess that in practice is redundant with using TLS.
I think the point is despite *trying* to design it 'secure it in the first place', there were failures. It's easy to criticize in hindsight, and claim that if they had just secured it *right* in the first place, this wouldn't be a problem, but it is disingenuous to say they didn't even try.
This is the crux of the problem for security. Even if you *try* to do it right, there is every likelihood that you will mess up. Even if you pull in a 'trusted security company' to audit your design, they'll frequently do an inadequate job because they lack expertise in what you are doing to credibly know if it is secure. They'll look for things that vaguely resemble other generic things and sometimes yell loudly about some non-issue that makes no sense in context, and at the same time completely miss glaring security issues.
You cannot *prove* security. Security is not a set of absolute laws, it is a subjective call. There are of course some *limited* facets that are more concrete (buffer overruns are never good, for example), but security is a big thing that encompasses a lot and in fact two different approaches can both rationally call each other insecure and themselves secure, depending on perspective.
You forgot installing weird things like asset management software and anti-virus, on top of being based on an enterprise distro with poor desktop support to start with, and *then* holding back updates on top of that.
Funny thing was, the anti-virus software at the time *only* supported detection of signatures of Windows viruses. They supported linux with the use case of a Samba file server to protect Windows clients, but they put it on all the linux desktops and sucked down tons of resources and brought things to a crawl.
It was the moment that I got a 'blessed' configuration of Linux to run on my laptop that I finally had some sympathy for Microsoft and how their platform is treated by vendors and IT departments and how much of MS 'badness' is due to preloads and IT department loads being very stupid. Of course Microsoft hasn't done any favors with poor QA on updates causing that mindset in the first place, but the avoidance is worse than taking the updates.
The problem is this philosophy tends to create targets of great value by putting so much infrastructure into so few places.
It's been a curious development in the internet. In the 90s, there was a trend from walled gardens and centralized resources to more federated approaches. In the last decade, the trend has reversed.
We have increasingly powerful endpoint devices, even as their form factors have shrunk. This *should* have led to the reduction of the importance of 'datacenters', but now they are more important than ever *and* so much function has been consolidated into 3 or so companies, and a handful of physical locations.
Now it's not as bad if everyone at least had their infrastructure to bank on a couple of providers as you do (so long as they all don't bank on the *same* two, but generally there's only a couple of companies people go to.for services)..
In a decentralized case, a random entity is doubtlessly unlikely to withstand such an attack, but also they are far less likely to be the target of such an attack (being a bonus effect of taking down a target versus *being* the target).
One, the Linux and Mac users are probably ones explicitly asking for it, meaning they care enough to request it specifically. Compared against the general population, the subset is going to be more experienced enthusiasts.
Two, one of the biggest enemies of Windows usability is corporate preloads. Botched updates, sometimes 5 or six anti-virus applications and multiple firewall and update managers installed haphazardly.
All that said, I'd still take Linux in a heartbeat, but still Windows to some extent suffers the downsides of its own success.
But likely to be self-selected sample.
So it's going to be mostly mac enthusiasts. Similarly, the Linux users are self-selecting. If a random person is there and is given a random laptop, they are probably given Windows.
If the universe is a simulation, it is a pretty complex one
Ok, first off I'll say right up front this is all fanciful, more faith based rather than scientific. It's like debating which 'religion' is right.
But for the sake of entertainment, I'll discuss. How do we know the simulation is a pretty complex one? Comlpexity is a relative term.
So for one, there could be facets of a 'truer' reality we can't even conceive. Imagine Super Mario Brothers was a 'reality'. A third dimension would be an unthinkable exotic thing. In a very modern game, the concept of something having any smell or taste or touch are things that would not even occur to a hypothetical entity in one of those simulations. Similarly, we have quantized time and matter, meaning we effectively have a 'resolution' that may be coarse by a higher order existence standards.
For another, we don't know how much is *really* being simulated in this hypothetical. In a game, they don't simulate the other side of an object you are looking at. Similarly, there's nothing to prove that something that is not actively being observed truly exists at all times, rather than 'popping in' when observed.
Lastly, we don't know the depth to which things are really being simulated that we observe. For example, let's consider Half Life. To simulate that game, they didn't *really* have to model some weird physics thing that tears a hole between dimensions. However one could posit a being in such a world *believing* that a simulation would necessarily have to successfully model their *belief* in how things work. Many complex phenomenon and mechanisms could be in fact be glorified props, and the world written so that we believe/see in detail when it matters.
It's not a falsifiable claim, so it's not the realm of science, so we can debate this all day long with no real objective 'winner', but still it's fun...
In the automotive world, there are proving grounds to work out the kinks, not shared with the general populace or pedestrians and what not. If over a ton of equipment makes potentially unsafe maneuvers, it's hard to ever consider it 'minor'. It's only minor because another car wasn't going down that street or a pedestrian didn't step out at the wrong time because they failed to expect a car coming from where it shouldn't (yes a pedestrian should always be vigilant, but in practice particularly in well walked areas, folks get used to not paying attention).
It's worrisome to see these companies be overly aggressive (Tesla exaggerating the autonomy of their adaptive cruise control, Uber jumping straight to testing on real streets accepting pretty much whatever Uber driver to test it). There's unmanned autonous testing, but it's on proving grounds closed off to public. Google's been doing autonomous vehicle testing on real roads, but with specifically hired and specifically trained drivers.
Basically, this really *has* to be perfect and there's a long history of how to evaluate big changes in this field that is too boring for some of these newer companies to concern themselves with, and that is the crux of the problem.
In fact, that would be the simplest way.
In order to believe that those not filed would have been mostly frivolous, it would mean that the would-be complainers would be very aware of the body cameras. I'd wager that the only party that is very aware of the body camera most of the time is the officer.
Still, I doubt in one's own home that fear of putting on a headset due to obscuring vision is not high on the list.
High on the list would be expensive and lots of folks making it sound like a big involved mess as they make well-meaning statements that make people think they need a dedicated room just for VR and/or an exotic treadmill to enjoy.. 'Room scale' is cool and all, but right now people are making it sound like it is a non negotiable part of the experience, which is a big ask. Things that need that much real estate have never lasted.
I enjoy VR, but it's really only going to be a high end gaming accessory for now.
There's a lot of possibilites, but many of those possibilities have had room for improvement for a long time even without VR, and those improvements have never materialized. VR increases the potential of what is possible, but if it were that compelling we'd have 3D environments of hotel rooms and cars to play with already, rather than generally photographs. Photographs seem to be 'good enough'. You may say photosphere type stuff could be nice, but those don't feel cool, they feel like sitting in a big room with what you want wallpapered on the walls.
Hololens can impose a relatively tiny field of view on the surroundings, mitigating challenges that exist with headaches in a low quality VR context (enough of the real world is always visible to anchor you). When there are interactions with real life structures, there is noticable stutter as it tries to keep up.
Higher resolution isn't going to overcome the uncanny valley.
Also, the uncanny valley is not a requirement to be overcome with VR. Most games are not photorealistic. No one is going to mistake it. The key in VR is things seem to have *substance*. They may look more like toy figurines on a playset (e.g. Lucky's Tale) or life sized mannequins coming at you (Half Life VR felt like mannequins walking around to me), and that is compelling enough. Compare this to a monitor. No one mistakes a computer game graphics for real life, but it's still compelling.
I disagree that a 10k display is required. It'd be nice and the GPU to drive it would be nice too. However even with a 1080 panel, things are really nice and substantial.
Getting costs down is key. Also, Samsung may very well be right to give up on mobile. The GPU is so weak and the loss of situational awareness makes it not a very viable thing to enjoy on a bus ride or similar. This is going to be a desktop gaming accessory by and large.
I'd agree that it is expensive for a desktop accessory. For a phone, it really isn't an obscene cost adder. I'll say that VR titles are a chicken and egg challenge. I'll say the technology is not really flaky anymore, and VR sickness is an overblown concern. In my experience, exactly one person felt unwell after a VR demo, and that person would get sick just *watching* a 3d game on a monitor. In her case, she only got sick in a demo where her avatar moved. She was not sick in the face of an environment that only moved with her.
One could say the same thing about headphones, and yet people don't mind that.
I think people more mind the cost, than the prospect of wearing headset. Of course in public is another issue, loss of situational awareness in situations like riding a bus is far greater with a headset than headphones.