Most closed source products I have seen have some form of back-door built into them for the manufacturers own use, but this mechanism does often fall into the wrong hands, and I have seen dissasterous results as a consequence.
Please. You can't name 5 such products. The only such instances I've ever seen this is in the case of 3Com hubs/switches. Did you realize that Check Point was recently certified for use by the NSA? If the NSA is willing to use the product (which involves a source code inspection), your claims are a bit overboard.
I do, however agree that Borderware is an utter nightmare. (I'm a former Borderware victim^H^H^H^H^H^Huser).
Let's see if I've got this straight.. You didn't buy software maintenance (a common practice in the commercial world), and you're mad that you couldn't get a free upgrade?
15% annually to get every stinking upgrade that comes down the pike is cheap, IMHO.
``Antivirus'' at the firewall level is ridiculous to me.
Why is that? Like it or not, there are Windoze users out there. They will email eachother stupid files laden with virii. You can't dispute that. Why not build protection for that into the firewall (by transparently redirecting the SMTP data streams)?
PPTP? You must be kidding. You've read the papers by Mudge and Bruce Schneier about the gaping holes in PPTP, haven't you?
Yes, FreeSWAN exists and even works (I've made it work, so have others). How on earth are you going to sell a system to corporations that's based on ipchains, FreeSWAN and other stuff. There must be about a dozen people alive that can make the configuration work, let alone understand how it all works. For those 12 people, great, use the free tools. Many companies take the point of view that it's cheaper to pay for someone to have done the research for you.
With respect to the "advanced routing" of 2.2 and higher, the sum of policy routing, equal cost multipath routing, large routing tables, etc doesn't equal the stuff Check Point provides.. They're getting there, but they're not there yet...
The purpose of this is NOT to cause Linux devotees to abandon ipchains in favor of Check Point. The purpose of this is to provide an alternative to running FW-1/VPN-1 on x86 using an OS other than NT. Why not Solaris x86? They've been supporting Solaris x86 for some time now. I believe they are going to drop Solaris x86 as a platform, however.
I think it provides a great alternative to NT. Cheaper, more reliable. I've instructed my sales people to pursue Check Point implementations (in order) on the Nokia appliance platform, VPN-1 Appliance, then Linux, followed by Solaris Sparc and finally NT... If our focus was "software only first", Linux would be the first in the list. But fear not, there are lots of people who don't want an appliance and want to go the software route.
SecuRemote for Linux? It's plausible, but going to be a very different implementation, due to the multiuser nature of Linux. I'd love to see it, but I'm not going to hold my breath.
Besides, most of the SR users of the world are sales critters that can only grok Windoze anyhow..
when ipchains in the kernel can do it all and more ?
ipchains provides basic packet filtering and masquerading. It does NOT provide features like:
VPN (IPsec compliant, site to site, AND client to firewall) Multimode NAT (hide, static, hide-pool) Integration with 3rd party stuff like antivirus, URL filtering, intrusion detection Integration with bandwidth management software
..and a bunch more.
The bottom line? In the low-end firewall market, Check Point on NT is extremely popular. If we could provide users with the same functionality only costs less, and is more reliable, it won't lose.
I personally knew about this port about 2 months ago, but was sworn to silence.:-)
> I guess all those people with annual incomes > substantially below $200k and a liquid net > worth way under $1M must be lying about buying > IPOs at E-Trade.. > > Where did you get these figures?!?!?
Indeed, it is possible that people who are getting in are lying about their assets. The point of accreditation is to assist the fund-raising entity, in this case Red Hat in covering their asses, obviating the possibility of lawsuits in the case that the stock tanks and investors lose lots of money.
Those figures come from SEC regs. My company is doing a private placement right now. We had to include in the deal a clause that the investor agrees to acknowledging their accreditation as a speculative investor.
The whiners need to quit blaming Red Hat for something that's NOT their fault. The SEC rules this type of investing as speculative, thus requiring the participating investors to be "accredited". "Accredited" means that you either have an annual income in excess of $200k, or a liquid net worth of over $1M.
I got the note too. I don't qualify either. I'm not thrilled, but I'm not totally pissed off either. You guys want the big payoff? Go out and either start a company that goes somewhere and either goes IPO or gets bought, or go pay your dues at some startup that's early on in its development. I'm doing the latter. I'm putting in crazy hours at the office making things work (I'm the CTO, I've got a serious interest in making it work). I've got many friends that think I'm nuts for doing it, but the difference? They'll still be slaving away for "the man" when they're 40. I won't.
Quit living life looking for a handout. Go and make it happen for yourself.
...is very easy to avoid. Cut the TX wire on your NIC. (check the history about 'Beferd' for more).
The biggest threat with respect to sniffing is in an ISP environment, where many folks are transmitting passwords in the clear (POP/IMAP). Suppose one machine out of the 10 in the racks get compromised. First, the intruder has no physical access to the hardware, so cutting that wire will be impossible.
Besides, consider that many r00tings are commited by script kiddies. These are kids who can barely manage to compile scripts and rootkits. Even if they physical access, it's not very likely that they'd know what to cut.
In a corporate LAN type of environment, bringing in your own NIC, chopping the TX wire, installing and sniffing isn't likely to go unnoticed. After all, you DO need to get some work done, right?
The various articles have been pretty well done, but have left out some interesting things that were going on at Defcon.
First was the announcement by the Hack-Sec Klahn of their joint venture with IEC to put together an incedent response database based on profiling attackers. This is some pretty cool stuff..
Also at Defcon was a group of cognitive psychologists that were interviewing DC attendees. They were looking for insight into hacker and cracker mentalities. I was a test subject (I hung up my black hat years ago..), and I saw several of my fellow hackers, as well as some crackers being interviewed. We talked about when I got started hacking (20 years ago on a VIC-20!), when I was the cool kid in town because I had the 1200 baud modem, motivations behind my work with clients (in general, not specifics, of course) in helping to lock down networks.
I think that profiling efforts like this will be a great service to the infosec community for determining proper incident response techniques.
The cDc guys were their typical loud, light-show assisted selves, and bo2k may or may not be the hacking tool of choice for owning Windoze boxes, but it is at the very least useful in the context of remote administration of Windoze boxen. As for the ISS commentary about it being "child's play", I'm reserving judgement until I have a look at the source and play with it in my lab. The ISS guys are typically straight shooters, but recall that they are also a publicly held company, thus have a serious PR group to consider. The ISS announcement is definitely PR driven, we just need to know if it's accurate.
The l0pht guys announced "AntiSniffer", software to detect the presence of a sniffer (ie someone with a NIC in promiscuous mode, thus collecting every frame that passes over the wire) on a LAN. Cool stuff.
Putting that statement at the top of a whois query without prior knowledge is akin to putting a software license agreement that states "by opening this package, you agree..." INSIDE the package, making it impossible to read before opening the package.
Speaking as someone in the VC process (recently successful too!), it's very difficult to find VC folks that are willing to give you funding without eating your company.
I've recently read tales of people giving up 40% of their companies for $500k. Crazy. I give the VA guys credit for making through the VCs, and presumably heading for the Mezz without having their company eaten.
See the little numbers at the end of the bars? They give the actual percentage. Do you really expect a CPU manufacturer to create graphs that are flattering to the competition?
Grow up, and realize that the job of marketing is to SELL products. It's up to the consumer be able to critically think.
The big question is whether or not it's still the same old US-Worst guys running the show, or if Qwest would bring in folks to run the day-to-day. Qwest doesn't (AFAIK) have any experience as a (I|C)LEC, so it will be interesting. So, it could wind up as business as usual, with the profits going to Qwest instead of the US-Worst guys.
Interesting to note that by gobbling up US-Worst, this could make Qwest the ILEC in the Denver area, aka the stomping grounds of Level3. Makes me glad I didn't take that job with L3...:-)
Where I work, we've declared May 19, 1999 a holiday. We're all going to the first show we can get tickets to that day.
How did we get management to agree? Well, I'm part of the management team, and the other managers are big Star Wars geeks, so it was instantly a done deal.
Don't send me resumes yet.:-) Let us get some of our VC money first..:-)
Consider the context from which he speaks. How many times have we all seen questions like "How do I set up Linux 5.0 for ppp to connect to MSN?" Too many times. It's obvious that the poster didn't read any howto's or documentation. It's also painfully apparent that he/she/it doesn't know that just because it's RH 5.0 doesn't make it "Linux 5.0".
I, for one, am tired, not just in this aspect of life, but in most of such people. People refuse to read. They even abandon the "quickstart" guide, assuming that it couldn't possibly hold anything helpful. Soon, trouble pops up, and that person is immediately asking questions, rather than doing what any reasonable person would. Read something. I didn't have a guru standing over my shoulder, teaching me the ways of SunOS, and later Linux. I had someone say, "If you don't know what a command does, or what parameters to give a command, type 'man program'." I read the man pages. If that didn't help, I looked in/usr/doc. If that didn't help, I searched the web. If that didn't help, I'd hit Usenet. If that didn't help, I'd seek someone out to ask, be it in a public forum or in private. Almost never did I reach the final stage. I still have questions periodically, even today. I still read. Using Linux since 0.99pl13 hasn't given me a magic membership card entitling me to ask whatever I feel like.
If you've got a genuine problem that you can't resolve without help, nobody will begrudge you that, unless it's something addressed by the standard documentation.
AOL is one of the largest installations of HP-UX servers. They have row upon row of enormous HP9000's. Now AOL's climbing into bed with Sun to collaborate on new media and new platforms.
I wonder what the future holds for HP-UX within AOL. HP losing AOL certainly wouldn't kill the company in and of itself, but it certainly would sting a great deal.
Should be interesting to see what comes of this alliance.
GNU cc is a very good compiler. That does not mean, as you imply that it is the only compiler that "works".
That being said, I know a number of folks who would find huge amounts of fault with your statement with respect to g++. egcs has a nice c++ compiler, but that's not g++....
Were it not for the hard work of Linus Torvalds, Alan Cox, David Miller and scores of others, the GNU utilities would still be thought of as, "that bunch of stuff I load on my Solaris box so I can have a compiler for free," or some approximation of that.
What's good for the goose is good for the gander. I'm using the Linux/GNU C Compiler to build stuff. How's that? The guy in the next office is using Linux/GNU Emacs to edit some code. Since the FSF can demand that Linux be renamed, why can't the Linux community demand that the GNU tools be renamed? The Linux community has adopted many of the GNU utilities.
It's certainly good to see this come to pass. Good for Theo! Recently, several valid domain names have come under pressure, due to similarities to companies. I'm thinking of Tony Sanders recent dispute with a shoe company called Mondial. Tony is a nice guy who works at BSDI, and for a long time hosted the high-volume inet-access mailing list on his domain, earth.com. Mondial somehow was awared a trademark for selling shoes with the name "Earth". They decided to try to steal Tony's domain.
Also, consider Chris Van Allen's site. Chris is the young son of Dave Van Allen, who runs a Philadelphia area ISP. The kid's been called "pokey" since birth. The Prema Toy company, of "Gumby and Pokey" fame tried to swipe his comain name as well.
Now add Theo to the pile of stories. I'm glad to say that in all three cases, the bastards didn't win, and good prevailed. Perhaps this is part of a new trend that will serve to better teach companies how to get along on the 'net.
Richard Stallman has without a doubt made a significant impact on the computing world as we know it. Unfortunately, he has also made quite a name for himself as an incorrigible kook. Check out this tidbit from Jamie Zawinski's site...
I just did a quick inventory of my Linux workstation, and an rpm -qa|sort|less revealed that around 15% of the packages installed on my system are of FSF origin. Surely originating 15% of the code does not give RMS the right to rename a project that's not even his! GNU/Linux indeed. RMS has HURD. Let him have his GNU/HURD. Without the work done by Linus, Alan Cox, David Miller, and scores of others, Stallman would have only ever been known (thus far) as the guy who heads up that project to write some free third party Unix utilities, and a compiler. Conversely so, Linus, et al, benefited greatly from Stallman's efforts. Does this mean that the Linux developers and distribution creators have any obligation to RMS to rename their materials/software/whatever? Nope. Take for example, WindowMaker, a window manager for the X Window System. WindowMaker is distributed under the GPL. Do we see RMS attempting to force the maintainers of that project to rename it to GNUWindowMaker, or somesuch? No.
Take for example, Richard's recent rant about why library developers should use the GPL rather than the LGPL. The gist of his argument was that linking against a GPL'd library caused the whole application to become a "derivative work" of the library, thus causing the application to be GPL'd as well. Rather, the LGPL, permits linking without necessarily GPL'ing the resulting program.
I'm very pro-Open Source, but RMS is hurting the cause by constantly acting out, causing the media to portray him as the "angry lone nut".
Would we be better off without RMS? Probably not. Could we do without RMS behaving like the "angry lone nut"? Yep.
Perhaps if you would bother to take a moment and read the services NSI is offering, you would see that they are in *direct* competition with ISPs, as well as Internet Presence Providers.
It makes no sense to compete witht those who bring you money, but that is *exactly* what NSI is doing.
After browsing the new NSI site, and following the inet-access (list-request@inet-access.net) mailing list, it surely seems that NSI is out to steal from the ISP community. Don't believe that? See: http://www.networksolutions.com/services/
Also, read the site. There is no such thing as a "domain name". There are "web addresses". Since when is the web == whole bloody Internet???
It's funny, Donnie Barnes, myself and some others on the RedHat list were talking about being net/linux-geezers. I'm all of 26, but I remember using the Internet when there was NO web. Mark Andreesen and his pals were just a bunch of grad students who saw what some physicists in Switzerland were doing, then wrote a nifty X app to parse the stuff. That was the web. Funny, I remember domain names existing before that...:-)
Besides, AT&T owns the rights to the word "Internic". I wonder what gives NSI the right to redirect http://www.internic.net/ to http://www.networksolutions.com/. I don't see AT&T giving them the right to do that.
Also, these clowns are claiming 3.4 million domain names. Let's see.. 3.4M * $35 = $119M. These clowns have revenues of at *least* $119M, and can't even manage to keep the registry database running properly (anyone notice a week or so ago, when about half of the.(com|net|org|edu) domains dropped out of the registry (yet remained in the root servers)? $119M, and they can't even design a decent database system to warehouse the data. I dare say that I could build something fault tolerant that would handle the capacity that NSI's whois servers (oh, and try to telnet to rs.internic.net now!) currently handle, and then some for $10M - 20M. Sheesh.
Slashdot Mirror
You might want to look into how this stuff works a bit more before you spout off like that...
--
How do we get on the friends and family list? There are people I know that I'd classify as "slime", they're close enough, I think...
Please. You can't name 5 such products. The only such instances I've ever seen this is in the case of 3Com hubs/switches. Did you realize that Check Point was recently certified for use by the NSA? If the NSA is willing to use the product (which involves a source code inspection), your claims are a bit overboard.
I do, however agree that Borderware is an utter nightmare. (I'm a former Borderware victim^H^H^H^H^H^Huser).
15% annually to get every stinking upgrade that comes down the pike is cheap, IMHO.
Why is that? Like it or not, there are Windoze users out there. They will email eachother stupid files laden with virii. You can't dispute that. Why not build protection for that into the firewall (by transparently redirecting the SMTP data streams)?
PPTP? You must be kidding. You've read the papers by Mudge and Bruce Schneier about the gaping holes in PPTP, haven't you?
Yes, FreeSWAN exists and even works (I've made it work, so have others). How on earth are you going to sell a system to corporations that's based on ipchains, FreeSWAN and other stuff. There must be about a dozen people alive that can make the configuration work, let alone understand how it all works. For those 12 people, great, use the free tools. Many companies take the point of view that it's cheaper to pay for someone to have done the research for you.
With respect to the "advanced routing" of 2.2 and higher, the sum of policy routing, equal cost multipath routing, large routing tables, etc doesn't equal the stuff Check Point provides.. They're getting there, but they're not there yet...
The purpose of this is NOT to cause Linux devotees to abandon ipchains in favor of Check Point. The purpose of this is to provide an alternative to running FW-1/VPN-1 on x86 using an OS other than NT. Why not Solaris x86? They've been supporting Solaris x86 for some time now. I believe they are going to drop Solaris x86 as a platform, however.
I think it provides a great alternative to NT. Cheaper, more reliable. I've instructed my sales people to pursue Check Point implementations (in order) on the Nokia appliance platform, VPN-1 Appliance, then Linux, followed by Solaris Sparc and finally NT... If our focus was "software only first", Linux would be the first in the list. But fear not, there are lots of people who don't want an appliance and want to go the software route.
--j
Besides, most of the SR users of the world are sales critters that can only grok Windoze anyhow..
ipchains provides basic packet filtering and masquerading. It does NOT provide features like:
VPN (IPsec compliant, site to site, AND client to firewall)
Multimode NAT (hide, static, hide-pool)
Integration with 3rd party stuff like antivirus, URL filtering, intrusion detection
Integration with bandwidth management software
The bottom line? In the low-end firewall market, Check Point on NT is extremely popular. If we could provide users with the same functionality only costs less, and is more reliable, it won't lose.
I personally knew about this port about 2 months ago, but was sworn to silence. :-)
> I guess all those people with annual incomes
> substantially below $200k and a liquid net
> worth way under $1M must be lying about buying
> IPOs at E-Trade..
>
> Where did you get these figures?!?!?
Indeed, it is possible that people who are getting in are lying about their assets. The point of accreditation is to assist the fund-raising entity, in this case Red Hat in covering their asses, obviating the possibility of lawsuits in the case that the stock tanks and investors lose lots of money.
Those figures come from SEC regs. My company is doing a private placement right now. We had to include in the deal a clause that the investor agrees to acknowledging their accreditation as a speculative investor.
I got the note too. I don't qualify either. I'm not thrilled, but I'm not totally pissed off either. You guys want the big payoff? Go out and either start a company that goes somewhere and either goes IPO or gets bought, or go pay your dues at some startup that's early on in its development. I'm doing the latter. I'm putting in crazy hours at the office making things work (I'm the CTO, I've got a serious interest in making it work). I've got many friends that think I'm nuts for doing it, but the difference? They'll still be slaving away for "the man" when they're 40. I won't.
Quit living life looking for a handout. Go and make it happen for yourself.
The biggest threat with respect to sniffing is in an ISP environment, where many folks are transmitting passwords in the clear (POP/IMAP). Suppose one machine out of the 10 in the racks get compromised. First, the intruder has no physical access to the hardware, so cutting that wire will be impossible.
Besides, consider that many r00tings are commited by script kiddies. These are kids who can barely manage to compile scripts and rootkits. Even if they physical access, it's not very likely that they'd know what to cut.
In a corporate LAN type of environment, bringing in your own NIC, chopping the TX wire, installing and sniffing isn't likely to go unnoticed. After all, you DO need to get some work done, right?
First was the announcement by the Hack-Sec Klahn of their joint venture with IEC to put together an incedent response database based on profiling attackers. This is some pretty cool stuff..
Also at Defcon was a group of cognitive psychologists that were interviewing DC attendees. They were looking for insight into hacker and cracker mentalities. I was a test subject (I hung up my black hat years ago..), and I saw several of my fellow hackers, as well as some crackers being interviewed. We talked about when I got started hacking (20 years ago on a VIC-20!), when I was the cool kid in town because I had the 1200 baud modem, motivations behind my work with clients (in general, not specifics, of course) in helping to lock down networks.
I think that profiling efforts like this will be a great service to the infosec community for determining proper incident response techniques.
The cDc guys were their typical loud, light-show assisted selves, and bo2k may or may not be the hacking tool of choice for owning Windoze boxes, but it is at the very least useful in the context of remote administration of Windoze boxen. As for the ISS commentary about it being "child's play", I'm reserving judgement until I have a look at the source and play with it in my lab. The ISS guys are typically straight shooters, but recall that they are also a publicly held company, thus have a serious PR group to consider. The ISS announcement is definitely PR driven, we just need to know if it's accurate.
The l0pht guys announced "AntiSniffer", software to detect the presence of a sniffer (ie someone with a NIC in promiscuous mode, thus collecting every frame that passes over the wire) on a LAN. Cool stuff.
Their statement is completely unenforceable.
--j
I've recently read tales of people giving up 40% of their companies for $500k. Crazy. I give the VA guys credit for making through the VCs, and presumably heading for the Mezz without having their company eaten.
--j
See the little numbers at the end of the bars? They give the actual percentage. Do you really expect a CPU manufacturer to create graphs that are flattering to the competition?
Grow up, and realize that the job of marketing is to SELL products. It's up to the consumer be able to critically think.
Interesting to note that by gobbling up US-Worst, this could make Qwest the ILEC in the Denver area, aka the stomping grounds of Level3. Makes me glad I didn't take that job with L3... :-)
--j
How did we get management to agree? Well, I'm part of the management team, and the other managers are big Star Wars geeks, so it was instantly a done deal.
Don't send me resumes yet. :-) Let us get some of our VC money first.. :-)
--j
CTO, ClearLogic, Inc.
I, for one, am tired, not just in this aspect of life, but in most of such people. People refuse to read. They even abandon the "quickstart" guide, assuming that it couldn't possibly hold anything helpful. Soon, trouble pops up, and that person is immediately asking questions, rather than doing what any reasonable person would. Read something. I didn't have a guru standing over my shoulder, teaching me the ways of SunOS, and later Linux. I had someone say, "If you don't know what a command does, or what parameters to give a command, type 'man program'." I read the man pages. If that didn't help, I looked in /usr/doc. If that didn't help, I searched the web. If that didn't help, I'd hit Usenet. If that didn't help, I'd seek someone out to ask, be it in a public forum or in private. Almost never did I reach the final stage. I still have questions periodically, even today. I still read. Using Linux since 0.99pl13 hasn't given me a magic membership card entitling me to ask whatever I feel like.
If you've got a genuine problem that you can't resolve without help, nobody will begrudge you that, unless it's something addressed by the standard documentation.
--j
I wonder what the future holds for HP-UX within AOL. HP losing AOL certainly wouldn't kill the company in and of itself, but it certainly would sting a great deal.
Should be interesting to see what comes of this alliance.
--j
That being said, I know a number of folks who would find huge amounts of fault with your statement with respect to g++. egcs has a nice c++ compiler, but that's not g++....
Sun's development system, while expensive, works.
What's good for the goose is good for the gander. I'm using the Linux/GNU C Compiler to build stuff. How's that? The guy in the next office is using Linux/GNU Emacs to edit some code. Since the FSF can demand that Linux be renamed, why can't the Linux community demand that the GNU tools be renamed? The Linux community has adopted many of the GNU utilities.
Also, consider Chris Van Allen's site. Chris is the young son of Dave Van Allen, who runs a Philadelphia area ISP. The kid's been called "pokey" since birth. The Prema Toy company, of "Gumby and Pokey" fame tried to swipe his comain name as well.
Now add Theo to the pile of stories. I'm glad to say that in all three cases, the bastards didn't win, and good prevailed. Perhaps this is part of a new trend that will serve to better teach companies how to get along on the 'net.
I just did a quick inventory of my Linux workstation, and an rpm -qa|sort|less revealed that around 15% of the packages installed on my system are of FSF origin. Surely originating 15% of the code does not give RMS the right to rename a project that's not even his! GNU/Linux indeed. RMS has HURD. Let him have his GNU/HURD. Without the work done by Linus, Alan Cox, David Miller, and scores of others, Stallman would have only ever been known (thus far) as the guy who heads up that project to write some free third party Unix utilities, and a compiler. Conversely so, Linus, et al, benefited greatly from Stallman's efforts. Does this mean that the Linux developers and distribution creators have any obligation to RMS to rename their materials/software/whatever? Nope. Take for example, WindowMaker, a window manager for the X Window System. WindowMaker is distributed under the GPL. Do we see RMS attempting to force the maintainers of that project to rename it to GNUWindowMaker, or somesuch? No.
Take for example, Richard's recent rant about why library developers should use the GPL rather than the LGPL. The gist of his argument was that linking against a GPL'd library caused the whole application to become a "derivative work" of the library, thus causing the application to be GPL'd as well. Rather, the LGPL, permits linking without necessarily GPL'ing the resulting program.
I'm very pro-Open Source, but RMS is hurting the cause by constantly acting out, causing the media to portray him as the "angry lone nut".
Would we be better off without RMS? Probably not. Could we do without RMS behaving like the "angry lone nut"? Yep.
Perhaps if you would bother to take a moment and read the services NSI is offering, you would see that they are in *direct* competition with ISPs, as well as Internet Presence Providers.
It makes no sense to compete witht those who bring you money, but that is *exactly* what NSI is doing.
Also, read the site. There is no such thing as a "domain name". There are "web addresses". Since when is the web == whole bloody Internet???
It's funny, Donnie Barnes, myself and some others on the RedHat list were talking about being net/linux-geezers. I'm all of 26, but I remember using the Internet when there was NO web. Mark Andreesen and his pals were just a bunch of grad students who saw what some physicists in Switzerland were doing, then wrote a nifty X app to parse the stuff. That was the web. Funny, I remember domain names existing before that... :-)
Besides, AT&T owns the rights to the word "Internic". I wonder what gives NSI the right to redirect http://www.internic.net/ to http://www.networksolutions.com/. I don't see AT&T giving them the right to do that.
Also, these clowns are claiming 3.4 million domain names. Let's see.. 3.4M * $35 = $119M. These clowns have revenues of at *least* $119M, and can't even manage to keep the registry database running properly (anyone notice a week or so ago, when about half of the .(com|net|org|edu) domains dropped out of the registry (yet remained in the root servers)? $119M, and they can't even design a decent database system to warehouse the data. I dare say that I could build something fault tolerant that would handle the capacity that NSI's whois servers (oh, and try to telnet to rs.internic.net now!) currently handle, and then some for $10M - 20M. Sheesh.
--j