This may be a stupid question, since it's the obvious one, but I didn't see it anywhere else...
Nothing in the post seemed to indicate that the money had to be used to replace anything that the university already has, nor that taking the money means that they must never use MS products again. Why not use that money to fund a project that works with and enhances what the university already has?
Presumably the university already has an IT budget and staff -- why isn't this $2.4MM + $800k/yr free money? Take the money and hire a few good people at first, in addition to the staff you've already got, and have those people work on an X-year plan for introducing OSS (or just non-MS) software in the places that it makes sense.
Don't get rid of all your Windows machines -- not immediately, and likely not ever -- but view that money as an incredible gift: the university has been given the opportunity to explore a large-scale transition to OSS, without having to take money away from what they're already doing.
At this time, MIT is not aware that the BSA has been granted authority to enforce the copyrights of its members.
According to a "fact sheet" on the BSA site (PDF, HTML-ified Google cache is here), they do actually have that authority:
What legal authority does BSA have to sue companies or conduct raids? On behalf of each of its worldwide members, BSA has the power of attorney to their rights under the copyright laws. BSA also works directly with law enforcement officials on criminal prosecutions.
On what authority can the BSA come into my place of business, audit, and fine me?
Easily answered:
On behalf of each of its worldwide members, BSA has the power of attorney to their rights under the copyright laws. BSA also works directly with law enforcement officials on criminal prosecutions.
Tim Powers More along the general lines of fantasy, but an excellent writer, with a real talent for integrating a fantasy world into the every day -- everything that you know about the world is true, but there are just a few things that you don't know...recommend:
The Anubis Gates
On Stranger Tides
The Stress of Her Regard
Connie Willis Difficult to categorize, but another good writer who comes up with some really engaging ideas...recommend:
The Domesday Book
To Say Nothing of the Dog
Passages
some collections of short stories...can't recall the names right now...
I just finished Carter Beats the Devil by Glen David Gold, not even close to scifi, but a fun novel about a stage magician at the beginning of this century.
I always recommend Low Life, by Luc Sante, to anyone who thinks that facts are cool: a history of crime, drugs, booze, violence, and real estate in early New York City. Chock full of fascinating characters.
Hmmmm...some of Michael Chabon's stuff is very good, The Amazing Adventures of Kavalier and Clay is too long but fun for the most part.
Ah, well...I could go on forever. Just make sure that you read Daniel Pinkwater'sThe Snarkout Boys and the Avocado of Death no matter what. It's hard to do any better than that.
...but far more interesting is the same question after being translated to Korean then back to English using babelfish
I have to admit, I just coudn't belive it: I had to run it through babelfish myself.
Twice.
Curiously enough, it alternates between two different translations...the second version is pretty good, too:
I for the possibility of year now used the computer. I program assuredly inside drawing up, not pulling an interest, but after seeing a connection in demo Dvd from, my matter of concern and interest is inside the flower which is sufficient. Inside when you create the demo, interest it was, you under it starts the man with underdeveloped genital organ it did to where? It spreads out book, it lives theyn the place? ci Height ten:00 bedspreads, me for a delivery only the computer, and comfort used a smallness until game inside mind.
Making systems boot up and login non-interactively is hardly "removing security". How do you see that doing so would materially change the practical security of your organization's data?
What you're doing is making it far easier for someone to access information that they shouldn't on the spur of the moment. I would hope that part of the reason they're getting all those calls about passwords is because users' workstations lock by default when they're idle. If not, every file on every machine is potentially available to the cleaning staff, visiting A/C or phone technicians, clients waiting in an empty office...if you have data on those machines (email? memos? unreleased product information?) that you don't want the outside world to have access to, you're incredibly foolish to make no effort to secure them.
"Security" is mostly a waste of time and money, and
only has value when it defends against an actual
breach. It is wise economic planning
to marshall your resources to address the cases
with favorable cost/benefit. Surely you don't mean
to argue that the decision is erroneous if it results in a net savings?
Here I really disagree. If you're "defending against an actual breach," which is to say dealing with a situation where you're already been compromised, that's not security. Yes, you do a cost/benefit analysis, but that analysis isn't "it costs us $x per year to reset people's passwords, and $0 to simply do away with the passwords."
Maybe some of those workstations don't need to be locked, and you can cut down on calls by leaving them open...but you have to consider the potential costs associated with lowering security: what if the data from that computer is made public? Could someone install malicious software on that machine, and what would the potential damage to the network be? What other machines could someone access from that workstation? The potential costs in system damage, lost business, etc. may end up making the costs of those password calls look like a good investment.
If you don't evaluate the potential costs of a security breach, you're in no position to decide whether or not there's a net savings.
I normally have 7 Cygwin windows open on my three-LCD desktop, and I use VI for my text editor...
Damn. Your comment is interesting, but I just got stuck when I read "three-LCD desktop." Man, I want to be you...
At any rate, I absolutely agree with the installation issue (though apt-get and synaptic have made me ever so happy as an only marginally informed user of linux on the desktop). For the most part, installing new software under linux is still an imposing chore for anyone who is used to "double-click the installer icon and you're done."
I'm not so sure about the interface, though. If we're talking about something like Redhat ca. 7.3 or 8.0, the differences in interface for day-to-day use of linux and windows 2000 (haven't really worked with XP) are relatively minor.
I tend to consider my wife a pretty good test case: she's intelligent and comfortable with computers, but has absolutely no interest in them other than as tools to get something done. At this point she'll sit down at my linux desktop as happily as she'll sit down at the windows machine, and (without ever having gotten any guidance from me) browse the Web, create a doc or spreadsheet, what-have-you. She's confident that she can figure out what she needs to do.
She'd still prefer to sit down in front of the powerbook, of course, but that's another issue entirely...:)
That would be Microsoft's list of all Hotmail addresses, then...
You think that you're joking...I've worked for an email marketing company (a legit one that only mails to double opt in lists that they collect and maintain themselves). This company has mailed for MS, and the Microsoft purge file (people who have said that they never want to hear from Microsoft again) was as of this spring almost exactly 16 million names.
Coincidence? Probably.:)
And no, by the way, I don't know how to get on to the MS do-not-mail list...
I was going to moderate, but found that the options that I have available just weren't sufficient. Consider yourself to have received a (+1 idealistic, but alas, the DOJ has tried that already and met with very limited success).
As of 5:03PM EST, I'm getting a "page not found" when using the link in the original posting. Is the original link bad, or was the page just pulled from the site?
My response to the last message that I received from Verisign; it was probably never really read by anyone, but I enjoyed writing it. I'm currently working on a letter that I'm going to send to Verisign's marketing department every time that I register a new domain through one of their competitors...:)
Subject: Re: Urgent: ALIENABDUCTIONS.com Is About to Expire
To: VeriSign Renewals
No, it's not. The registration for the referenced domain expires in
September of this year, about six months from now.
As the person who receives this email likely had absolutely no say in the
decision to spam me, nor in the decision to employ a crude and poorly
thought out marketing campaign that is clearly intended to deceive
consumers, I will simply ask that person to pass this message along to the
people who did make these decisions:
Congratulations. I have registered domains through Network Solutions
since 1996; though I have not always been happy with the service that I
received, inertia would have kept me working Network Solutions. This
marketing campaign, however, has irritated me to the point that I am going
to make a point of using another registrar. You've lost one more
customer. Nice work.
Can you be specific about what ISPs are doing this?
Yahoo, to pick one example of an email provider, if not an ISP, exactly. If a server sends more than a certain number of emails to yahoo addresses within a certain period of time (I don't know what the specific values are), yahoo will automatically stop accepting mail from that server.
Like some ISPs, yahoo maintains a "white list" of servers that will be excepted from this rule. For an email provider the size of yahoo, this actually makes a lot of sense: there are only a small number of people who will fail the "too much mail too quickly" test for legitimate reasons (other big email providers, for example), so it's easier to work with the small number of exceptions.
I have worked for an email list management company that sends out several million messages per day; yahoo took a look at the company's subscription processes and the messages being sent, decided that their mail was okay, and added them to the white list. No one at the company really minded having to make the effort to get on the yahoo white list, since it benefits everyone involved for yahoo to filter as much spam out as possible.
The discs will cost about $16 when they are released in stores in early June, with one album of music ready to play. But because the discs pack data densely and the music is compressed using methods similar to that of MP3 software, each can contain up to five albums of music.
Some music companies will release the discs with hidden extra albums, which can be activated by entering codes bought at their Web sites for $8 to $13.
The extra disc space can contain videos and lyrics, accessed by connecting a Dataplay player to a computer. When connected, a user can also store data on the discs -- 250 megabytes on each side, for a total slightly less than the 650 megabytes that fit on a CD.
Data can only be written to the discs, not erased.
That's Good: Hey! There's a "secret album" on this disc, and I only have to pay 50-80% of what it would cost to buy that album by itself.
That's Bad: Hey! All of the "secret albums" are third-rate crap that the record company didn't think they'd be able to sell as standalong albums.
That's Good: Wow! I can store my own data on the 80% of the storage capacity that's just going to waste.
That's Bad: Wow! The record company put three crap "secret albums" on this disc...but I still have 20% of the storage capacity for my own stuff.
That's Good: Cool! I'll put this album that I haven't listened to yet on the free 20% of this disc, so that I can check it out on my way to school.
That's Bad: Cool! There's one good song on this album, and the rest of it sucks. I guess I'll just listen to the good song a lot, since I can't delete this album from the disc.
I wish I had the link to a recent online news story I read which talked with the industry reps who discussed their decision to abandon Singles as they felt it was cutting into their album sales.
As it happens, our good friend George "Big Content" Scriban (source of the sales vs. price link in the original story) has also posted some information on the decline in availability of singles. George provides links to a variety of sources for the story.
According to the article, the 10% decrease in music sales in 2001 was caused mostly by Internet file swapping.
Interesting...just yesterday, my friend George Scriban posted a piece on his (for lack of a better phrase) obsessively Big Content focused blog that, among other things, charts CD unit sales against average per-unit price. His data indicates that CD sales slow during periods when per-unit price increases...periods such as the year 2001, when the average price of a CD increased by about 62 cents.
He doesn't indicate the specific source for his data (I don't think he does, anyway), and I haven't gotten around to asking him yet. If he sees his server load getting out of hand, he may check to see what's going on, find this reference, and post some more information on the topic... =)
For your daily dose of irony, note also that George correlates the most dramatic increase in volume of CD sales to "cut-throat price competition" involving discount retailers such as Best Buy.
If information megacorps want to help me, they'll help me make the most of all the content out there, and they'll help me stay secure even though there's no sensible way to keep bad people out of chat rooms. I don't want to live in a world where people steal my credit card, but even more I don't want to live in a world where significant powers feel free to characterize online chat as subversive.
Absolutely agreed (though I'm afraid that we already live in a world where significant powers feel free to characterize online chat as subversive).
My concern was regarding the characterization of Schneier's quotes as "alarming." His quotes were far more reasonable than those made by Chad Harrington (the IRC is eBay for hackers statement); it seems to me that the story would have been far more skewed and alarmist without the input from Schneier, and I'm honestly glad that his input made it into the piece.
There are some alarming quotes from Bruce Schneier, CTO of Counterpane Technologies, such as "people who are anti-big-corporation are going to be more likely to use something like IRC".
It actually seems to me that Schneier did a pretty good job of preventing some editor from slapping an alarmist breaker along the lines of "IRC is a tool designed for smelly hackers" into the piece; take a look at the full quote:
"It's older, it's not tied to Microsoft or AOL or a big company, it's one of the Internet protocols... so if you're running Windows or Linux or Macintosh or another flavor of Unix, you can use it," says Schneier. "So it's not that it's more suitable for hackers to use, it's just a more basic service and people who are anti-big-corporation are going to be more likely to use something like IRC." [Emphasis added.]
He goes out of his way to point out that there's nothing that makes IRC particularly "suited" to nefarious purposes, but rather that its non-corporate nature is likely to appeal to anti-corporate people. (That, of course, is an assertion that can be argued forever, but it doesn't strike me as too alarming.)
Third time's the charm, right?
While I have enjoyed this story every time that is was posted...
1 Another Go At Making Spam Cost Money by timothy with 81 comments on Tuesday April 09, @04:23PM
2 Class Action Lawsuit Against Spammer by CmdrTaco with 299 comments on Friday March 15, @04:24PM
3 MoFo Sues Spammer by timothy with 17 comments on Thursday March 14, @07:36PM
...there's a lot of other spam news out there that we could be reading. Check out http://spam.abuse.net for a variety of exciting, spam-related news and information, such as:
Could that be because Qwest thought they should be the ones rolling DSL in that area? After all, if people are starting a co-op, it probably means that Qwest missed a market and they should investigate the market instead of losing it.
Possibly, but as far as I could tell from the site, the co-op is currently three people -- not really critical mass for a business offering in the area.
Seems likely that Qwest is unhappy about dealing with this because they're obligated by law to "provide unbundled access" to subloops, but doesn't necessarily make money off of the deal when working on this scale.
Then as several people mentioned, there's always the one-time pad. If you want to encrypt just one or two very short messages (total a few dozen characters or less), one innocuous way to carry the pad is as a wad of cash (I mean just a normal quantity of $1 and $5 bills in your wallet, not a suspicious roll of $50's and $100's). Use the serial numbers as the pad and spend the bills when you're done with them.
Which is a nice, secure approach as long as you don't want to decrypt the messages afterwards... =)
It's important to remember that there have to be two copies of a one-time pad in order for it to work: one copy encrypts the message, the other copy decrypts it.
These guys set up a fun little system: incoming spam is stripped down to plain text, fed into a text-to-speech program, and then set to music. They broadcast 24 hours a day, and I've got to say that it becomes kind of hynotic...
I think it also has great business potential; spammers could use the stream as the hold music for their phone systems -- when people call up to complain about having been added to a "permission based" list without doing anything, they have to listen to spam while they wait.
P2P with key selection (eg. freenet): the scalability problem is solved. The more popular a key is, the more peers have it. Fight scalability with scalability. The age of big pipes is ending. In "their" model big pipes are necessary. "Their" model is not what the article is advocating.
It atcually wasn't the scalability of the technology that I was referring to, but the scalability of the business idea: there is a limited number of people who will see value in having something before everyone else has it. Most will continue to wait for the two days that it takes for the concert recording to become available for free.
Some of the other points, that you have not mentioned, in the article seem very insightful, in particular the analogy to evolutionary models, and the economic caste metaphor that provides demand: when the poor had candles, the rich had light bulbs, but now it is considered posh to have candles, given that everyone has light bulbs.
I'm not entirely convinced that there's a strong parallel there. From a sociological perspective burning candles just because you can, as a sign of being cultured, it interesting; this logic seems to explain why we continue to have people obsessed with vinyl records (you're part of an elite, self-defined group).
As far as providing a basis for thinking about how record companies might do business in the future, however, the electricity/candle example is actually really depressing for big content. Think about it this way: prior to the effective implementation of electric light, candlemakers were the electric company -- you wanted light, you talked to them. Now there are quite a few candle companies left around these days, but if you compare combined revenues of power companies against those of candle makers, I think it's clear that you want to be on the electricity side of that balance sheet.
It is all interesting, though. The writer starts from a pretty commonly accepted economic principle: for any commodity, value tends to decline as availability increases. From that basis, he's arguing that content in its current form (a recording of a song, for example) has become so easily available that it no longer holds significant value.
To counteract that decline in value, he (it seems to me) is saying that producers should simply come up with some sort of content that "can't be copied" and therefore holds its economic value. That's a perfectly reasonable position, but it's basically the same approach that record companies have taken by trying to create copy-protected CDs.
I guess what strikes me is that bulleted list of "things me might see" at the end of the piece.
Looking at them from the perspective of a record company, I don't see anything that hasn't already failed to make money. (Touring bands give away CDs as advertising? Exactly how much do they charge per ticket to balance that out? How long do they have to stay on the road?)
Just to repeat myself yet again, I do think that the article is interesting, but I'm just not struck by any exciting new ideas coming out of it.
An interesting article, but parts of it really don't seem well thought out. For example, the proposed business model of "charging for things that are difficult to copy:"
In the domain of the plentifully free, music will do the only thing it can do: charge for things that can't be copied easily. A friend of a friend may eventually pass on to you the concert recording of a band you like, but if you pay, the band itself will e-mail it to you seconds after the performance.
Ignoring the fact that current technology makes this specific example infeasible. (Send 90 minutes of audio data to thousands (or hundreds of thousands) of people by email seconds after the recording is completed? No.) That said, this business model is "people will pay to get something immediately rather than getting it for free by waiting a couple of days." On a very limited scale this holds true, but it's not a scalable idea. Hardcore fans who must have recordings as soon as they're available are only a relatively small percentage of record sales.
Sure, you can find a copy of that hit dance track, but if you want the mix approved by the legendary D.J., then you'll want to pay for it.
What does "approved" mean in this context? If that specific mix is made available to the public, then it is possible for the public to share that recording. Why would one be able to find one version of the track but not another?
Anyone can grab a free copy of Beethoven's Ninth, but if you want it customized for the audio parameters of your room or car, you'll pay for it.
This too, is likely a very limited market...customized audio for your car or living room? Are you going to tell me where to place my $20 audiovox speakers for the best sound, as well? The bigger problem with this idea is that it's an extremely cost-intensive service model. You'll have to hire a lot of people who know audio and audio technology very well to produce all of those custom mixes; each one of those expensive people had better produce a lot of $10 custom mixes every single day to keep the business afloat.
You may have downloaded that Cuban-Chinese rock band from the Morpheus site without paying, but the only way to get all that cool meta-information about each track, which lets you search for chords and lyrics, is to establish a relationship with the band by paying.
This example might be referred to as "the situation that we already have." If I download MP3s of an album I don't get the lyric sheet that is included with the CD, nor any non-audio content that they might choose to put on one of those "enhanced CD jobs." I can live with that. Apparently a lot of other people can as well, which is what started this whole discussion.
As I said, this is an interesting peice, but it hasn't really been thought out. Most of the "business models" that the poster referred to amount to something like "maybe people will buy stuff if it's easier to buy it than to find it for free." This is true. This is also, I suspect, why record companies still post significant profits...if you want an entire album, it is still (for the moment) easier to go buy the CD than to find all of the tracks (ripped with reasonable sound quality) online.
Basically, the author seems to be at the same place as everyone else right now: we know that business has to change to reflect changes in technology, but we have absolutely no idea what form that change should or will take.
In Cliff Stoll's book "The Cuckoo's Egg" (it's about his experience as an astronomer/sysadmin chasing a cracker in the mid 80s), you get an entertaining window back into a very different era in computer security...and yet perhaps it wasn't all that different. At one point Stoll mentions changing the root password on a machine to something like "basilisk", because no one would ever think of trying the name of a mythological creature as a system password. =)
My own favorite piece of password advice came from the "Unix Handbook" that my university passed out to incoming students...a line in big, bold text:
Do not choose a password that is even remotely related to Star Trek of Monty Python.
Slashdot Mirror
This may be a stupid question, since it's the obvious one, but I didn't see it anywhere else...
Nothing in the post seemed to indicate that the money had to be used to replace anything that the university already has, nor that taking the money means that they must never use MS products again. Why not use that money to fund a project that works with and enhances what the university already has?
Presumably the university already has an IT budget and staff -- why isn't this $2.4MM + $800k/yr free money? Take the money and hire a few good people at first, in addition to the staff you've already got, and have those people work on an X-year plan for introducing OSS (or just non-MS) software in the places that it makes sense.
Don't get rid of all your Windows machines -- not immediately, and likely not ever -- but view that money as an incredible gift: the university has been given the opportunity to explore a large-scale transition to OSS, without having to take money away from what they're already doing.
Damn, wish my projects worked that way... :)
At this time, MIT is not aware that the BSA has been granted authority to enforce the copyrights of its members.
According to a "fact sheet" on the BSA site (PDF, HTML-ified Google cache is here), they do actually have that authority:
What legal authority does BSA have to sue companies or conduct raids?
On behalf of each of its worldwide members, BSA has the power of attorney to their rights under the copyright laws. BSA also works directly with law enforcement officials on criminal prosecutions.
On what authority can the BSA come into my place of business, audit, and fine me?
Easily answered:
On behalf of each of its worldwide members, BSA has the power of attorney to their rights under the copyright laws. BSA also works directly with law enforcement officials on criminal prosecutions.
See Google's HTML-ified cache of a fact sheet from the BSA Web site.
Tim Powers More along the general lines of fantasy, but an excellent writer, with a real talent for integrating a fantasy world into the every day -- everything that you know about the world is true, but there are just a few things that you don't know...recommend:
Connie Willis Difficult to categorize, but another good writer who comes up with some really engaging ideas...recommend:
I just finished Carter Beats the Devil by Glen David Gold, not even close to scifi, but a fun novel about a stage magician at the beginning of this century.
I always recommend Low Life, by Luc Sante, to anyone who thinks that facts are cool: a history of crime, drugs, booze, violence, and real estate in early New York City. Chock full of fascinating characters.
Hmmmm...some of Michael Chabon's stuff is very good, The Amazing Adventures of Kavalier and Clay is too long but fun for the most part.
Ah, well...I could go on forever. Just make sure that you read Daniel Pinkwater's The Snarkout Boys and the Avocado of Death no matter what. It's hard to do any better than that.
I have to admit, I just coudn't belive it: I had to run it through babelfish myself.
Twice.
Curiously enough, it alternates between two different translations...the second version is pretty good, too:
I for the possibility of year now used the computer. I program assuredly inside drawing up, not pulling an interest, but after seeing a connection in demo Dvd from, my matter of concern and interest is inside the flower which is sufficient. Inside when you create the demo, interest it was, you under it starts the man with underdeveloped genital organ it did to where? It spreads out book, it lives theyn the place? ci Height ten:00 bedspreads, me for a delivery only the computer, and comfort used a smallness until game inside mind.
What you're doing is making it far easier for someone to access information that they shouldn't on the spur of the moment. I would hope that part of the reason they're getting all those calls about passwords is because users' workstations lock by default when they're idle. If not, every file on every machine is potentially available to the cleaning staff, visiting A/C or phone technicians, clients waiting in an empty office...if you have data on those machines (email? memos? unreleased product information?) that you don't want the outside world to have access to, you're incredibly foolish to make no effort to secure them.
"Security" is mostly a waste of time and money, and only has value when it defends against an actual breach. It is wise economic planning to marshall your resources to address the cases with favorable cost/benefit. Surely you don't mean to argue that the decision is erroneous if it results in a net savings?
Here I really disagree. If you're "defending against an actual breach," which is to say dealing with a situation where you're already been compromised, that's not security . Yes, you do a cost/benefit analysis, but that analysis isn't "it costs us $x per year to reset people's passwords, and $0 to simply do away with the passwords."
Maybe some of those workstations don't need to be locked, and you can cut down on calls by leaving them open...but you have to consider the potential costs associated with lowering security: what if the data from that computer is made public? Could someone install malicious software on that machine, and what would the potential damage to the network be? What other machines could someone access from that workstation? The potential costs in system damage, lost business, etc. may end up making the costs of those password calls look like a good investment.
If you don't evaluate the potential costs of a security breach, you're in no position to decide whether or not there's a net savings.
Damn. Your comment is interesting, but I just got stuck when I read "three-LCD desktop." Man, I want to be you...
At any rate, I absolutely agree with the installation issue (though apt-get and synaptic have made me ever so happy as an only marginally informed user of linux on the desktop). For the most part, installing new software under linux is still an imposing chore for anyone who is used to "double-click the installer icon and you're done."
I'm not so sure about the interface, though. If we're talking about something like Redhat ca. 7.3 or 8.0, the differences in interface for day-to-day use of linux and windows 2000 (haven't really worked with XP) are relatively minor.
I tend to consider my wife a pretty good test case: she's intelligent and comfortable with computers, but has absolutely no interest in them other than as tools to get something done. At this point she'll sit down at my linux desktop as happily as she'll sit down at the windows machine, and (without ever having gotten any guidance from me) browse the Web, create a doc or spreadsheet, what-have-you. She's confident that she can figure out what she needs to do.
She'd still prefer to sit down in front of the powerbook, of course, but that's another issue entirely... :)
You think that you're joking...I've worked for an email marketing company (a legit one that only mails to double opt in lists that they collect and maintain themselves). This company has mailed for MS, and the Microsoft purge file (people who have said that they never want to hear from Microsoft again) was as of this spring almost exactly 16 million names.
Coincidence? Probably. :)
And no, by the way, I don't know how to get on to the MS do-not-mail list...
As of 5:03PM EST, I'm getting a "page not found" when using the link in the original posting. Is the original link bad, or was the page just pulled from the site?
My response to the last message that I received from Verisign; it was probably never really read by anyone, but I enjoyed writing it. I'm currently working on a letter that I'm going to send to Verisign's marketing department every time that I register a new domain through one of their competitors... :)
Subject: Re: Urgent: ALIENABDUCTIONS.com Is About to Expire
To: VeriSign Renewals
No, it's not. The registration for the referenced domain expires in September of this year, about six months from now.
As the person who receives this email likely had absolutely no say in the decision to spam me, nor in the decision to employ a crude and poorly thought out marketing campaign that is clearly intended to deceive consumers, I will simply ask that person to pass this message along to the people who did make these decisions:
Congratulations. I have registered domains through Network Solutions since 1996; though I have not always been happy with the service that I received, inertia would have kept me working Network Solutions. This marketing campaign, however, has irritated me to the point that I am going to make a point of using another registrar. You've lost one more customer. Nice work.
Yahoo, to pick one example of an email provider, if not an ISP, exactly. If a server sends more than a certain number of emails to yahoo addresses within a certain period of time (I don't know what the specific values are), yahoo will automatically stop accepting mail from that server.
Like some ISPs, yahoo maintains a "white list" of servers that will be excepted from this rule. For an email provider the size of yahoo, this actually makes a lot of sense: there are only a small number of people who will fail the "too much mail too quickly" test for legitimate reasons (other big email providers, for example), so it's easier to work with the small number of exceptions.
I have worked for an email list management company that sends out several million messages per day; yahoo took a look at the company's subscription processes and the messages being sent, decided that their mail was okay, and added them to the white list. No one at the company really minded having to make the effort to get on the yahoo white list, since it benefits everyone involved for yahoo to filter as much spam out as possible.
The discs will cost about $16 when they are released in stores in early June, with one album of music ready to play. But because the discs pack data densely and the music is compressed using methods similar to that of MP3 software, each can contain up to five albums of music.
Some music companies will release the discs with hidden extra albums, which can be activated by entering codes bought at their Web sites for $8 to $13.
The extra disc space can contain videos and lyrics, accessed by connecting a Dataplay player to a computer. When connected, a user can also store data on the discs -- 250 megabytes on each side, for a total slightly less than the 650 megabytes that fit on a CD.
Data can only be written to the discs, not erased.
That's Good:
Hey! There's a "secret album" on this disc, and I only have to pay 50-80% of what it would cost to buy that album by itself.
That's Bad:
Hey! All of the "secret albums" are third-rate crap that the record company didn't think they'd be able to sell as standalong albums.
That's Good:
Wow! I can store my own data on the 80% of the storage capacity that's just going to waste.
That's Bad:
Wow! The record company put three crap "secret albums" on this disc...but I still have 20% of the storage capacity for my own stuff.
That's Good:
Cool! I'll put this album that I haven't listened to yet on the free 20% of this disc, so that I can check it out on my way to school.
That's Bad:
Cool! There's one good song on this album, and the rest of it sucks. I guess I'll just listen to the good song a lot, since I can't delete this album from the disc.
Ummm...the camel...I have this sneaking suspicion that O'Reilly is going to pick the camel as the animal for their perl books.
I wish I had the link to a recent online news story I read which talked with the industry reps who discussed their decision to abandon Singles as they felt it was cutting into their album sales.
As it happens, our good friend George "Big Content" Scriban (source of the sales vs. price link in the original story) has also posted some information on the decline in availability of singles. George provides links to a variety of sources for the story.
According to the article, the 10% decrease in music sales in 2001 was caused mostly by Internet file swapping.
Interesting...just yesterday, my friend George Scriban posted a piece on his (for lack of a better phrase) obsessively Big Content focused blog that, among other things, charts CD unit sales against average per-unit price. His data indicates that CD sales slow during periods when per-unit price increases...periods such as the year 2001, when the average price of a CD increased by about 62 cents.
He doesn't indicate the specific source for his data (I don't think he does, anyway), and I haven't gotten around to asking him yet. If he sees his server load getting out of hand, he may check to see what's going on, find this reference, and post some more information on the topic... =)
For your daily dose of irony, note also that George correlates the most dramatic increase in volume of CD sales to "cut-throat price competition" involving discount retailers such as Best Buy.
Absolutely agreed (though I'm afraid that we already live in a world where significant powers feel free to characterize online chat as subversive).
My concern was regarding the characterization of Schneier's quotes as "alarming." His quotes were far more reasonable than those made by Chad Harrington (the IRC is eBay for hackers statement); it seems to me that the story would have been far more skewed and alarmist without the input from Schneier, and I'm honestly glad that his input made it into the piece.
There are some alarming quotes from Bruce Schneier, CTO of Counterpane Technologies, such as "people who are anti-big-corporation are going to be more likely to use something like IRC".
It actually seems to me that Schneier did a pretty good job of preventing some editor from slapping an alarmist breaker along the lines of "IRC is a tool designed for smelly hackers" into the piece; take a look at the full quote:
"It's older, it's not tied to Microsoft or AOL or a big company, it's one of the Internet protocols ... so if you're running Windows or Linux or Macintosh or another flavor of Unix, you can use it," says Schneier. "So it's not that it's more suitable for hackers to use, it's just a more basic service and people who are anti-big-corporation are going to be more likely to use something like IRC." [Emphasis added.]
He goes out of his way to point out that there's nothing that makes IRC particularly "suited" to nefarious purposes, but rather that its non-corporate nature is likely to appeal to anti-corporate people. (That, of course, is an assertion that can be argued forever, but it doesn't strike me as too alarming.)
Third time's the charm, right?
While I have enjoyed this story every time that is was posted...
1 Another Go At Making Spam Cost Money by timothy with 81 comments on Tuesday April 09, @04:23PM
2 Class Action Lawsuit Against Spammer by CmdrTaco with 299 comments on Friday March 15, @04:24PM
3 MoFo Sues Spammer by timothy with 17 comments on Thursday March 14, @07:36PM
...there's a lot of other spam news out there that we could be reading. Check out http://spam.abuse.net for a variety of exciting, spam-related news and information, such as:
RULINGS IN INTEL V. HAMIDI BULK-EMAIL CASE (California Supreme Court agrees to hear Intel V. Hamidi).
Or you could read this story again...whatever... =)
Possibly, but as far as I could tell from the site, the co-op is currently three people -- not really critical mass for a business offering in the area.
Seems likely that Qwest is unhappy about dealing with this because they're obligated by law to "provide unbundled access" to subloops, but doesn't necessarily make money off of the deal when working on this scale.
Then as several people mentioned, there's always the one-time pad. If you want to encrypt just one or two very short messages (total a few dozen characters or less), one innocuous way to carry the pad is as a wad of cash (I mean just a normal quantity of $1 and $5 bills in your wallet, not a suspicious roll of $50's and $100's). Use the serial numbers as the pad and spend the bills when you're done with them.
Which is a nice, secure approach as long as you don't want to decrypt the messages afterwards... =)
It's important to remember that there have to be two copies of a one-time pad in order for it to work: one copy encrypts the message, the other copy decrypts it.
These guys set up a fun little system: incoming spam is stripped down to plain text, fed into a text-to-speech program, and then set to music. They broadcast 24 hours a day, and I've got to say that it becomes kind of hynotic...
I think it also has great business potential; spammers could use the stream as the hold music for their phone systems -- when people call up to complain about having been added to a "permission based" list without doing anything, they have to listen to spam while they wait.
Just a joke... =)
P2P with key selection (eg. freenet): the scalability problem is solved. The more popular a key is, the more peers have it. Fight scalability with scalability. The age of big pipes is ending. In "their" model big pipes are necessary. "Their" model is not what the article is advocating.
It atcually wasn't the scalability of the technology that I was referring to, but the scalability of the business idea: there is a limited number of people who will see value in having something before everyone else has it. Most will continue to wait for the two days that it takes for the concert recording to become available for free.
Some of the other points, that you have not mentioned, in the article seem very insightful, in particular the analogy to evolutionary models, and the economic caste metaphor that provides demand: when the poor had candles, the rich had light bulbs, but now it is considered posh to have candles, given that everyone has light bulbs.
I'm not entirely convinced that there's a strong parallel there. From a sociological perspective burning candles just because you can, as a sign of being cultured, it interesting; this logic seems to explain why we continue to have people obsessed with vinyl records (you're part of an elite, self-defined group).
As far as providing a basis for thinking about how record companies might do business in the future, however, the electricity/candle example is actually really depressing for big content. Think about it this way: prior to the effective implementation of electric light, candlemakers were the electric company -- you wanted light, you talked to them. Now there are quite a few candle companies left around these days, but if you compare combined revenues of power companies against those of candle makers, I think it's clear that you want to be on the electricity side of that balance sheet.
It is all interesting, though. The writer starts from a pretty commonly accepted economic principle: for any commodity, value tends to decline as availability increases. From that basis, he's arguing that content in its current form (a recording of a song, for example) has become so easily available that it no longer holds significant value.
To counteract that decline in value, he (it seems to me) is saying that producers should simply come up with some sort of content that "can't be copied" and therefore holds its economic value. That's a perfectly reasonable position, but it's basically the same approach that record companies have taken by trying to create copy-protected CDs.
I guess what strikes me is that bulleted list of "things me might see" at the end of the piece. Looking at them from the perspective of a record company, I don't see anything that hasn't already failed to make money. (Touring bands give away CDs as advertising? Exactly how much do they charge per ticket to balance that out? How long do they have to stay on the road?)
Just to repeat myself yet again, I do think that the article is interesting, but I'm just not struck by any exciting new ideas coming out of it.
An interesting article, but parts of it really don't seem well thought out. For example, the proposed business model of "charging for things that are difficult to copy:"
In the domain of the plentifully free, music will do the only thing it can do: charge for things that can't be copied easily. A friend of a friend may eventually pass on to you the concert recording of a band you like, but if you pay, the band itself will e-mail it to you seconds after the performance.
Ignoring the fact that current technology makes this specific example infeasible. (Send 90 minutes of audio data to thousands (or hundreds of thousands) of people by email seconds after the recording is completed? No.) That said, this business model is "people will pay to get something immediately rather than getting it for free by waiting a couple of days." On a very limited scale this holds true, but it's not a scalable idea. Hardcore fans who must have recordings as soon as they're available are only a relatively small percentage of record sales.
Sure, you can find a copy of that hit dance track, but if you want the mix approved by the legendary D.J., then you'll want to pay for it.
What does "approved" mean in this context? If that specific mix is made available to the public, then it is possible for the public to share that recording. Why would one be able to find one version of the track but not another?
Anyone can grab a free copy of Beethoven's Ninth, but if you want it customized for the audio parameters of your room or car, you'll pay for it.
This too, is likely a very limited market...customized audio for your car or living room? Are you going to tell me where to place my $20 audiovox speakers for the best sound, as well? The bigger problem with this idea is that it's an extremely cost-intensive service model. You'll have to hire a lot of people who know audio and audio technology very well to produce all of those custom mixes; each one of those expensive people had better produce a lot of $10 custom mixes every single day to keep the business afloat.
You may have downloaded that Cuban-Chinese rock band from the Morpheus site without paying, but the only way to get all that cool meta-information about each track, which lets you search for chords and lyrics, is to establish a relationship with the band by paying.
This example might be referred to as "the situation that we already have." If I download MP3s of an album I don't get the lyric sheet that is included with the CD, nor any non-audio content that they might choose to put on one of those "enhanced CD jobs." I can live with that. Apparently a lot of other people can as well, which is what started this whole discussion.
As I said, this is an interesting peice, but it hasn't really been thought out. Most of the "business models" that the poster referred to amount to something like "maybe people will buy stuff if it's easier to buy it than to find it for free." This is true. This is also, I suspect, why record companies still post significant profits...if you want an entire album, it is still (for the moment) easier to go buy the CD than to find all of the tracks (ripped with reasonable sound quality) online.
Basically, the author seems to be at the same place as everyone else right now: we know that business has to change to reflect changes in technology, but we have absolutely no idea what form that change should or will take.
In Cliff Stoll's book "The Cuckoo's Egg" (it's about his experience as an astronomer/sysadmin chasing a cracker in the mid 80s), you get an entertaining window back into a very different era in computer security...and yet perhaps it wasn't all that different. At one point Stoll mentions changing the root password on a machine to something like "basilisk", because no one would ever think of trying the name of a mythological creature as a system password. =)
My own favorite piece of password advice came from the "Unix Handbook" that my university passed out to incoming students...a line in big, bold text:
Do not choose a password that is even remotely related to Star Trek of Monty Python.