Seeing Red: Thoughts on selling movies without making money

I recently read the latest accounting statement for Dare Not Walk Alone, the documentary for which I was both a producer and executive producer. You could say I saw red. Let's put it like this: The project remains in debt and there are no indications  that it will ever get out of debt.

DNWA in the redI'm not complaining. There never was a plan to get mega-rich off this movie, but we did hope it would pay for itself and then earn some money that we could put back into the community from which it arose. That did not happen. The people who put money into the movie lost their money, me included.

Ironically, one group of people who "made money" from this project were the TV networks to whom we had to pay thousands of dollars to license news footage, some of which was never shown on TV when it was shot back in 1964. With licensing prices as high as $100 per second for old news, making a documentary about the sixties can get expensive pretty fast.

Having seen the latest spreadsheet from the accountant I feel that I owe aspiring directors and producers some "Lessons Learned" about making indie movies, a sort of payback for one of the non-financial rewards of the project: the openness with which both aspiring and accomplished indie film makers shared their knowledge as we took our fledgling film around the festival circuit.

One lesson you don't learn until you've made the movie and set up retail distribution is that people think offering a movie for sale on DVD or for digital download is the same as selling DVDs. For example, I've had people say to me: "Wow, I see is selling your movie." To which I reply: "No you don't."

What you see is the world's largest online retailer offering Dare Not Walk Alone for sale. That's way different from actually selling any copies. Sure, the movie is out there, for sale or rent, but that does not mean sales or rentals are happening. In fact, 2011 DVD sales for Dare Not Walk Alone, nominated as one of the top documentaries of 2009 by the NAACP, added up to roughly $400. Rentals earned about $40. Add those princely sums together and you get $440 in annual revenue, less than $40 per month, none of which is money in the bank because the initial costs of production and distribution have not yet been paid back. With tens of thousands of dollars in unpaid obligations still on the books you can see the path to profitability is long indeed.

Another lesson is that critical praise is not bankable. People may love your movie. You may get a lot of compliments, some of them in person, some published in the press. All are a pleasure to receive and they are part of what makes a project like this worth doing on a personal level. That does not mean a lot of people will buy your movie, particularly during a recession.

When people ask me where this particular movie project went wrong I tend to skip the hypotheticals--like the famous documentary distributor that signed us up then went bankrupt with our full earnings unpaid, or the pirated copies that may have cut into sales--and go right to the one thing we know for sure: The movie was launched into the teeth of the great recession. I'm convinced that tough economic times crushed the market for a film like ours, a film that stirs troubling emotions and memories, a film in which the feel-good moments are out-numbered by harsh realities, past and present.

The election of President Obama probably didn't help. All of a sudden a lot of people wanted to think that issues of race were settled, but we had a movie about race that is unsettling to watch, whatever race you happen to be. Not a good fit. In all likelihood, most of the people who want a copy of a movie like this have got one already, legally or through some stretching of the concept of copyright.

What advice do I have for people who want to make a documentary? Here are some points that come to mind:

  1. Shoot your own footage. Licensing of archive footage can be hugely expensive (did I mention $100 per second).

  2. Make your own soundtrack. It can cost thousands of dollars to license music for your soundtrack, even if you use lesser known artists (those artists may want to give you a deal but their label may not).

  3. Think long and hard about the market for your film. Avoid napkin-math such as: "We are bound to sell at least 100 DVDs in each of the 50 largest cities and at $10 profit per DVD that = $50,000." Reality does not work like that.

  4. Find a famous person to associate with your project. Giving a named star a producer or narrator credit can make all the difference when you are looking for press coverage.

I'm still glad that I got involved in this project. I'm proud that the film got made and seen at festivals. I'm proud that I helped make it available in the mass market, even though it did not achieve massive sales. And I'm very grateful to everyone who donated time and effort to get the film made and shown.

The film caused a lot of people who saw it question what they had been told about the history of civil rights; it brought the struggles of the sixties into sharp focus for many people to whom they were previously just a chapter in a history book or a few clips of people marching, shown every Martin Luther King Day. I wish people tens of thousands of people had bought DVDs or digital copies. They did not, but I'm still glad the movie was made.

Hotel Travel Tip: More humidity, less luggage, and clean clothes

Here's my tip for alleviating a problem frequently encountered by folks on the road: notoriously dry hotel air. At the same time, this tip offers a way to travel lighter, packing fewer clothes:
Wash your shirts and such in the hotel sink and use the hotel towels to dry the clothes, adding moisture to the air as both towels and clothes dry out.
I used to think it was just me, but lately I have learned that many of my fellow travelers also suffer from the incredibly dry air you find in many in hotel rooms, particularly during the winter. This air often seems intent on totally desiccating hotel occupants.

One way to add moisture to the air is hang damp fabric around the room. So I figured, why not hang damp towels, my washed shirts and, yes, my washed boxers?

[WARNING: Never hang anything from a sprinkler or other fire response/alarm device!]

The damp towels are a by-product of a clothes-drying technique I learned from my wife. So here is my strategy for adding moisture to your room while traveling lighter:
  • Pack a smaller number of shirts than there are days in my trip; 
  • at the end of each day, rinse the shirt your wore that day in the bathroom sink; 
  • wring out the excess water from the shirt;
  • lay a bath towel on the bed;
  • lay the shirt on the bath towel; 
  • roll the shirt up in the towel;
  • then roll it tighter by holding one end of the towel/shirt bundle on the floor with your foot as you continue to twist; 
  • hold that for about 20 seconds and then unroll;
  • straighten out the shirt on a hanger and hang it to dry;
  • Hang the towel, unfolded, on the shower rail. 
Both towel and shirt put moisture into the air during the night as they dry. I rarely get up the next day to find either towels or shirts still damp. (On the other hand, I still feel dry in some hotels, so this is not a cure-all.)

Sometimes there are no convenient places to hang clothes to dry. One spot that can work is the swing out door on the TV cabinet. I found this works better if you put a dry washcloth between the shirt and the wood finish on the door.

Also, I normally travel with an S-shaped piece of coat hanger wire in my bag that works will to adapt hotel hangers when they have the small hooks on them.

But please, do not hang stuff on sprinklers, it is not worth the risk. Last year I stayed at a hotel where some kids had hung wet clothes on a sprinkler head and caused it to, well, sprinkle. Thousands of dollars of damage resulted in their room and on each of the floors below their room, all the way to the lobby where contractors were still peeling back wall paper and inspecting walls to find damage several days after the event.

2,500 Blog Posts and Counting

Stephen CobbThat's 2,500+ blog posts if you count all my posts across all my blogs and those of my employer (ESET). My blogging is now very infosec-oriented, but I'm still spreading the word about the silent genetic killer, hereditary hemochromatosis, on the Celtic Curse blog and the largely-self-sustaining Facebook hemochromatosis page, which now has over 1,750 followers. Of course, all views expressed on are mine and not those of my employer.

Happy New Tech Year

Just a quick post to say that most of my technology-oriented blogging in 2012 will be happening over on the ESET Threat Blog.

I am enjoying being part of the ESET research team which extends from Singapore to Slovakia, through the Netherlands to the UK, on to Montreal and Buenos Aires, then San Diego, which is where I am located these days.

This international distribution of research resources provides exceptional ability to gain insight into emerging threats to data and systems, notably but not only in the computer virus arena. And the depth of talent in the group is outstanding, producing in-depth technical analysis of malware (malicious software) and the things that purveyors of this stuff get up to, always with an eye to defeating the bad guys and protecting as many honest Internet users as possible. Here is a page of recent and relevant resources.

iTunes - Podcasts - DEFCON 3 - Feat. Me

If you are into hardware and software experimentation you might have noticed, with some amazement, that 2012 is the year of DEFCON 20. That's two decades of hacker convention fun and games. I missed the first two but was invited to speak at DEFCON 3 which was held August 4-6th 1995 at the Tropicana in Las Vegas. So I was delighted to encounter this link recently: Past speeches and talks from DEF CON hacking conferences in an iTunes friendly m4b format. I took a listen to my session (on Why Hacking Sucks) and was pleased to find it still sounded pretty sane. A helpful interaction is how I would characterize it, at least for me.

Will Christmas Kindles Torch the Internet and Evaporate the Amazon Cloud?

I got an Amazon Kindle Fire from my wife for Christmas and I'm a bit worried about the effect on the Internet. I should explain that I got my Fire a few weeks ago because my wife and I like to give each other digital gifts before Christmas Day so that by the time Christmas Day arrives we have said devices fully configured and can actually play with them (I got her an iPhone 4S).

The problem I see is that Amazon has been selling about one million of these Fire things a week and many of them may not be fired up, so to speak, until Christmas Day. Here's what happened after I fired up my Kindle Fire: It gave me instructions on how to put my music in the cloud, and store it there for free, and those instructions were very easy to follow, so my laptop was soon engaged in uploading 6,471 files. Engaged as in "I need to spend several days trying to do this."

When it was done, those files added up to over 30 gigabytes of data, sitting in the cloud somewhere, ready for me to listen to them at the tap of a screen. Now imagine 2 million people getting a Fire for Christmas and accepting that invitation to put their music in the cloud. Suppose they each have, on average, 20 gigabytes of music. That's 40 million gigabytes or 40 petabytes added to the cloud and Internet traffic on Christmas Day. I hope Capacity Planning at has been doing some planning. And those folks who manage the tubes, they better be ready to put out some fires.

Mac OS X Help: Specifying criteria in Spotlight

I just updated this post with a Mavericks screenshot, but the basic point holds true for the past few versions of OS X: the Spotlight search tool on Macs can be very powerful, but a surprising number of people don't seem to know how to tap that power (and for a long time that included me).

Apple has a good basic article on Spotlight. Remember that you can always press Command+Spacebar to pop up Spotlight. And you can use the Spotlight pane in System Preferences to change these categories around, their order, and even which categories appear.

You can type calculations into Spotlight and find that 256*2-680 is 168.

You can get the definition of a word by typing it into Spotlight and then checking the Look Up section of the results.


The Google-SOPA-PIPA-DNS-Copyright-Oil-and-Gas Link

What does copyright infringement have to do with scraping oil from the bottom of a barrel and an acronym soup like SOPA, PIPA, DNS and DNSSEC? The answer lies with Google, not the search engine but the company.

More specifically, the answer lies with Google's Executive Chairman, Eric Schmidt, who said the following at the University of Minnesota last week when asked about legislation (SOPA/PIPA) which would--in the name of protection against copyright infirngement--give the U.S. government the power to mess with the Domain Name System (DNS) that forms the backbone of the Internet:
“There are a whole bunch of issues involved with [SOPA] breaking the Internet and the way it works. The correct solution, which we’ve repeatedly said, is to follow the money...Making it more explicitly illegal to make money from that type of content [pirated movies, software, or other counterfeit goods] is what we recommend.”

Mr. Schmidt is entirely correct, and I love the expression "making it more explicitly illegal to make money from..." because it covers a range of actions that governments and law enforcement agencies can take without interfering with the way the Internet works.

For example, the act of distributing pirated movies would be more explicitly illegal if the pirates were identified, arrested, extradited or extracted, imprisoned, tried, convicted, and given 20-year sentences in maximum security facilities without the possibility of parole. The same goes for the makers of malicious software. Let's put a bunch of them in jail with long sentences and see if that reduces the malware problem.

I just don't see a downside to this hardline approach to making something like software piracy or handbag counterfeiting "more explicitly illegal" except that some people will say it costs too much money. Au contraire, if you do this right it will actually make a lot more money than it costs. Consider the numbers put out by supporters* of the Stop Online Piracy Act: "IP theft costs the U.S. economy more than $100 billion annually and results in the loss of thousands of American jobs" (The Austin Statesman).

If you gave me a budget of one percent of that amount ($1 billion), I would most assuredly, and within a period of 12 months, reduce the cost of that theft by at least 15 percent ($15 billion). In other words, backing the effort to crack down on piracy to the tune of $1 billion in fresh money would pay huge dividends, save thousands of U.S. jobs, and actually create jobs (without messing with DNS).

Why am I so sure of this? My answer is not a lot of hot air, but it is a bit oily, as in petroleum production taxes. Thirty years ago I was criss-crossing America auditing the state oil and gas taxes paid by petroleum companies, firms with names like Koch, Hess, Ashland, Texaco, and Hunt. During that time I learned a lot about the ways in which we humans try to cheat each other.

Consider the sludge that forms at the bottom of a crude oil holding tank such as you see next to wells in oil fields where the wells are not connected to a pipeline. Some of that sludge is recoverable oil and, from time to time, someone goes into the tank to suck it out. How much of the sludge is oil? How much gets pumped out? Where is it taken? How much of it gets there? These are all points in the oil production process where numbers and readings and measurements can be fudged, to the advantage of one party and the disadvantage of another.

Not that every case of missing petroleum tax dollars was a case of cheating. Oil companies were sometimes being cheated by employees and contractors. And every time the production output of a well is understated that also cheats the royalty owner, the person who owns the mineral rights to the land from under which the oil and gas is being extracted.

Operating on a shoe string budget my auditing team raked in millions of previously unpaid taxes within the first 12 months of operation. We used no new laws or fancy gimmicks. We just followed the money, which is what Eric Schmidt is saying when it comes to cracking down on copyright infringement. In oil production areas you don't close down the roads in and out of every county where production is apparently going missing. You go to the top of the organization, the people getting the money, and you figure out how they came by it. You examine the paperwork. You audit the heck out of the operation. If the organization is shady, you shed light. If it is in another country then you remind that country of our mutual interests.

We have already seen positive results when private dollars are used to help enforce public laws, as in the Microsoft and Pfizer funded action against the Rustock botnet. (If you're wondering why a drug company got involved, read the story, it really is a big deal.) So why not an anti-infringement posse formed and funded by the likes of Google, eBay Facebook, and Yahoo! The backers of Protect Innovation could really make a lot of friends in high places, and on the High Street, if they were seen to spearhead a new effort to put cyber-criminals behind bars.

* Note: Here are some of the fine companies and trade groups that back SOPA (I respect and admire many of them, I just think they are wrong about SOPA): National Cable and Telecommunications Association, National Association of Manufacturers, Pharmaceutical Research and Manufacturers of America (PhRMA), Business Software Alliance, Screen Actors Guild (SAG), the U.S Chamber of Commerce, Independent Film & Television Alliance (IFTA), National Association of Theatre Owners (NATO), Motion Picture Association of America, Inc. (MPAA), American Federation of Musicians (AFM), American Federation of Television and Radio Artists (AFTRA), Directors Guild of America (DGA), International Alliance of Theatrical Stage Employees, (IATSE), International Brotherhood of Teamsters (IBT), Comcast/NBCUniversal, National Songwriters Association, the United States Conference of Mayors, National Sheriffs' Association, International Brotherhood of Electrical Workers, International Trademark Association.

Security and Privacy Links: Marketing cybersecurity

As some of you know, I hit the ground running when I landed in San Diego at the beginning of September, happy to be back in California, wrestling with my first love, information security.

Okay, so that prose was a trifle purple--not to be confused with a delicious purple trifle--and information security is not, strictly speaking, my first love.

But hopefully you get the point: I was ready to up my game in the fight against digital malfeasance after three fun years focused on the marketing of marketing software to marketers (three highly successful years, I might add, because the marketing software, Monetate, was clearly headed for best of breed from day one and can now be found on major websites from PETCO to QVC).

There were a number of happy congruencies in this latest development. My marketing skills had been honed, my marketing experience broadened, just in time to sell a fresh message of cybersecurity awareness to a deeply digital world. That message goes like this: "The bad guys are badder than ever, better funded, more organized, but there are simple steps we can all take to make cyberspace a lot safer tomorrow than it is today."

For me, this was just the right time to run into ESET, a Slovakian company with a growing presence in North America and a strong commitment to the public good, as evidenced by a pioneering community initiative called Securing Our eCity. I spend part of my time working on this initiative and the rest on research and publication, in all its forms, including blogging, tweeting, and speaking. Here are just a few of my efforts so far:

On TV:




Bonus Security Video: Malware Delivery Scam:

CyberMonday SmartPhone Shopping Tip: Avoid CA, MA, RI, and maybe others

This is a quick tip for anyone looking to buy a new iPhone or other smartphone this holiday season:

Don't buy in California, Massachusetts, or Rhode Island. 

If you are in one of those states and can cheaply get to another state, or happen to be passing through another state on business or to visit family, you can save $40 or more if you purchase your phone out of state.

Why? The answer is in small print at the Apple store and--possibly in different words--on some mobile provider sites:

In CA, MA, and RI, sales tax is collected on the unbundled price of iPhone. 

In other words, you might be getting a great deal on the phone but these states charge you sales tax as though you did not get a great deal, and that's a bum deal.

Consider that the Apple iPhone 4S series has unbundled prices of $649, $749, and $849 for the 16MB, 32MB, and 64MB models respectively. That means a sales tax of 7.75% on the 16MB 4S you buy from AT&T or Apple for $199 comes in at $50 versus the $15.42 you were probably expecting. That's sticker shock if you have not been through this process before.