You can generally do this in the U.S. as well (at least at T-Mobile stores, not sure about the others, they're all too evil for me to give my money to in good conscience). You can buy the phone outright and then get it unlocked. They should unlock it for you, right there in the store, but sometimes the employees are morons and you need to call up Customer Service to get the code.
But at any rate, it's possible, and it lets you use the phone on whatever plan you'd like, with whatever GSM carrier you'd like. Of course, if you want an unlocked phone there are better places to go than a T-Mobile store, but I just thought I'd point it out -- subsidized phones aren't the only way to buy them, even through the carriers.
It's just that most Americans have the same reaction to the word "free" that a group of 13-year-old boys do to naked breasts; it doesn't matter what it's attached to, they want some. Combine that with an inability to do basic mathematics and I don't see "free" phones going anywhere, any time soon.
I think the term the GP is looking for is cost center. These are activities done by a company that do not directly generate profit themselves, but in some way (hopefully) enable the company to be more profitable, or to conduct its primary business activity.
To a company that sells software, support is very definitely a cost center. You need to have it, else people might not buy your software, but each additional dollar invested in it doesn't necessarily get you much of a return. On the balance sheet, it is always going to be in the red. This tends to encourage companies to spend the minimum on it that they possibly can.
Is it any wonder that the rest of the world wants an international body overseeing the internet.
The rest of the world might think they want that, but I'm not sure they've really thought it through. It seems to me there's a fairly good chance that whatever scheme everyone could agree on to replace ICANN would be just as bad as the current setup, and it might be a lot worse. Besides which, the U.S. Government will never give it up voluntarily.
The problem is that anything resembling ICANN is going to be subject to threats. I don't think it's possible to have some sort of Internet governing body that's immune to various national laws. So it would be better all around if we just didn't try.
Instead, just have national governing bodies for each country that operate that country's ccTLD domain registrations, and the DNS servers for that country. Including -- and this is the important difference from right now -- a top-level (root) DNS server for residents of that country.
So there wouldn't be a single root server, or group of root servers, anywhere. There would be a US root server, and a German root server, and a Swedish root server, etc. You would have, by design, a split root. In fact you would have lots of roots.
Countries would synchronize their DNS root servers with the root servers of other countries that they basically agreed with and had good relations with. If some country wanted to do something stupid (like redirecting YouTube to the home page of the Morality Police, or whatever), it would only affect people in that country. Other countries could just not sync with them anymore.
It would break the idea of the Internet as some single global entity that's the same for everyone, but that's increasingly not true anyway. And it was never really feasible. It was a dream, a neat idea, but never practical. The Internet as experienced by Americans is not going to be the same Internet experienced by Iranians, or by Swedes. It was a mistake to ever think that a computer network could exist above the reach of politicians and lawyers.
They are still in the United States; orders and judgments from one state's courts are typically enforceable in other states, with certain exceptions. The WP article on the Full Faith and Credit Clause is fairly good.
ICANN is being ordered to turn over the domain names much in the same way that a bank might be ordered to freeze or turn over assets as part of a judgment against a customer, even though the bank might not be in the same state as the customer that's actually a party to the litigation. ICANN could have opened themselves up to all sorts of problems if they had just ignored the order or refused to comply (getting fined for contempt seems reasonably likely).
Given that ICANN is a U.S. corporation and probably has assets in the U.S. that could have been seized, they probably didn't have a lot of choice in the matter; the mistake was in the Kentucky court asserting jurisdiction over the domain names and sending out the order in the first place. It's not ICANN's place to refuse at that point; when a court oversteps its jurisdiction, it's the job of higher courts to correct the problem.
I'm no expert on this, but based on my reading of the WP article linked above, I wonder if all this couldn't be put to bed by a CA state law that protected ICANN, or prohibited these sort of extraterritorial domain-name grabs. Since Full Faith and Credit doesn't compel a state to violate its own laws, that would seemingly remove the gun to ICANN's head, although it might have to go to a Federal court if someone wanted to push the issue. I'd be interested if any Constitutional law scholars wanted to weigh in on that point.
What do we do when an Islamic state with access to Domain Registry, decides they want to take control of all domain names that they feel are unacceptable to their beliefs and laws?
We, along with ICANN, laugh in their general direction, since they have no way of compelling a U.S. corporation (which is what ICANN is) into doing anything. Except as allowed via treaties, foreign court orders and judgments aren't enforceable in the U.S., but judgments and orders from one U.S. state are enforceable in another, due to Full Faith and Credit. (Well, depending on who you ask it's either due to FF&C or due to Federal laws combined with USSC rulings, but the effect is the same either way.)
Is the US just the big bully on the block when it comes to controlling Domain Names in this respect?
To put it bluntly: yes. The U.S. has a sort of...unique position in this respect because ICANN is incorporated here, and ICANN still has some quasi-government baggage that prevents it from just relocating when being in the U.S. proves inconvenient. The U.S. Government could, theoretically, annul the contract that gives ICANN its authority and roll the functions it currently performs back into the Department of Commerce at any time. I don't think they'll actually ever do this -- I don't think it's really possible for them to do it, in fact, because they're not competent enough -- but ICANN doesn't really stand by itself. They exist and perform certain functions basically at the pleasure of the United States government. At least, that's how it is on paper.
What if Nevada wants to assume control over those Domain Names and deploy them under 'Eminent Domain' laws in order to give to a 'responsible party' in order to create more public revenues?
This seems like a risk, if the whole Kentucky thing doesn't get quashed soon. It's pretty obvious that the motives driving the Kentucky seizure are exactly this sort of protectionism, so it doesn't seem like a great stretch. I'm not sure if eminent domain would be the best vehicle to accomplish the task with (passing a few laws so that the sites would be in violation and then seizing the domains as punishment would be easier, I think), but the outcome would be the same.
I don't think the problem is that ICANN exists in the United States, frankly I think the problem is more fundamental: the existence of ICANN is a single point of failure; it's a place where you can, essentially, attack the Internet. Maybe not in the physical sense -- you're not destroying infrastructure -- but you can at least disrupt services to people you don't like, which amounts to much the same thing. I think it's about time to think about alternative methods that would avoid having a central authority altogether.
I would suspect so, or at least that seems logical; I would bet that lots of people are watching the Kentucky thing closely. If no higher court steps in and slaps them upside the head, then I don't see why there wouldn't be a rash of gTLD domain confiscations due to sites violating U.S. laws. I'm sure there are lots of state attorneys general that would love to brag about confiscating the domain name of some dirty foreign terrorist/pirate/smut-peddler/etc. I could see it becoming the method of choice for busybody public servants looking to score points -- get the web page of some unsympathetic foreign (and therefore basically defenseless) organization confiscated and redirected to the BSA/MPAA/DEA's homepage instead.
The Pirate Bay definitely seems like a high-profile, high-value target; I would be more than a little concerned if I were them (and I'd be looking into getting a domain under a Swedish ccTLD, if they don't have one already).
Basically, companies or organizations that already maintain their servers outside of the U.S. in order to avoid legal problems, probably ought to consider getting their domain name moved out of the U.S.-controlled namespace as well. It might also be time to start considering situations where it would be appropriate to de-synchronize DNS root servers from those located in the U.S., although that's a bit of a "nuclear option."
I'm hopeful that the Kentucky stupidity will get slapped down by a Federal court (or the SCOTUS), but I certainly wouldn't bet my business or organization on it, if I was at risk.
That's basically the case. Although I don't know about the Internet at large, you could at least shut down ICANN with a few well-placed court orders from any U.S. state you wanted to.
This is because -- as I understand it, anyway -- ICANN is incorporated in the United States, specifically in California. Court orders from other U.S. states are enforceable in California because of the Full Faith and Credit clause of the Constitution. So if a judge in some state (say Kentucky) orders ICANN to do something, despite ICANN being in California, there's a good chance ICANN is required to do it. At the very least they can't just blithely shrug it off, as they might do with an order from a court from another country.
There are a lot of checks and balances that are supposed to come into play -- state courts aren't supposed to rule on things that are outside of their jurisdiction, for one -- but those questions get into gray areas pretty quickly. If a site is accessible in a particular state, does that automatically make it subject to that state's laws? You and I (and most people who understand how the Internet works) would probably say no, but I'm not sure there's legal precedent on that. Many Internet users erroneously assume that a web site is subject only to the laws of wherever the server actually hosting it physically resides, and this is a pretty logical stance, but a lot of judges seem to lack this understanding. Increasingly there seems to be an attitude that if a user can access a site from a particular location, then it falls into that court of that location's jurisdiction, despite the servers being located thousands of miles away: that's the stance that the court in Kentucky seems to be taking.
(Indeed, seems to me - though IANAL - that if this nutcase theory of jurisdiction holds, any country hostile to free speech can seize domain names left and right. Germany can seize "HolocaustDeniers.org", Russian can seize "PutinSucks.com".)
Well, they can try, but I don't know how they actually would... the reason Kentucky was able to do this is because (as I understand the mechanics of it) ICANN is incorporated in the U.S., and they served them with a court order.
ICANN probably should have just told them to get stuffed, but they didn't (probably because they didn't want to get dragged into it, or get fined for being in contempt). But it's because they're located in, and incorporated in, the U.S. that gives a penny-ante court in Kentucky any sort of leverage.
A court in Germany could try serving ICANN with papers ordering them to turn over HolocaustDeniers.com or whatever, but I don't see why ICANN would comply -- and, more importantly, I don't see what sort of leverage a court in Germany would have to force them to. They could probably do the same thing to the registrar that controls the ".de" TLD, which I assume is incorporated in Germany, but not if it was a gTLD (.com,.net,.org, &c.).
I'm also not sure that the court in Kentucky would have had as much success at grabbing the domains if they'd been registered under the country code of some other country. E.g., if the site had been "GreatGambling.co.de", and they had ordered ICANN to transfer it, ICANN might have been able to say to them with a straight face that it was impossible, and they'd have to talk to the registrar for.de, which would be some company in Germany. But they can't pass the buck and claim it's beyond their control when it's a gTLD, since they oversee them.
The bottom line to all of this is that people need to realize that all the gTLDs are not some sort of international zone. At the end of the day they are basically.us domains without the explicit ".us" at the end. If you're doing something that's considered shady, or might possibly be considered shady, by virtually any court in the U.S., you would be better off getting a domain in a ccTLD from a country that's more tolerant, rather than a gTLD domain. Anyone with a gTLD domain has it basically at the whim and mercy of any state court judge in the United States; depending on the subject matter or the purpose of the site, that might be an improvement over some other country (Chinese democracy, lambasting various monarchies), or it might be a huge liability (gambling, DRM breaking, certain types of porn).
So even under the best circumstances where we recovered all the old IPv4 allocations, we wouldn't necessarily be buying ourselves as much time it might appear (by dividing the burn rate by the total available pool)...
What I meant was:
So even under the best circumstances where we recovered all the old IPv4 allocations, we wouldn't necessarily be buying ourselves as much time it might appear (by dividing the burn rate into the total available pool)...
Apple removed the FW port because FW isn't a consumer technology and doesn't belong on a consumer product. It was nothing about differentiation.
Huh? Creating an artificial separation between "consumer product" and "professional product" is differentiation. That's what everybody's talking about.
FireWire got deemed a 'professional' feature, meaning that if you want it, you now have to shell out boku bucks for a 'pro' laptop, despite the fact that in prior generations, you didn't. It's because in prior generations it wasn't being used to help separate the two product lines -- now it is.
I'm writing this on an iBook right now, and all told I have thousands invested in Apple gear, so it's not like I'm anti-Apple, but they've never exactly been timid about segmenting the market in order to extract the 'pro tax' from anyone who wanted expandability.
You have a point if you were talking about old filament Edison bulbs, but CFLs already contain a fairly sophisticated miniature power supply, in order to produce the voltage needed by the light. You're already throwing all that out when you replace it. (Unless you have 'real', non-compact, fluorescents, where the transformer and ballast is replaceable.) Although this is admittedly a waste, it's worthwhile overall because the CFL bulb in its lifetime saves so much electricity that it pays for its components many times over.
Compared to a whole disposable transformer and ballast, justifying a disposable microcontroller and the components to run it isn't much of a task. It wouldn't have to cut back your energy consumption by much to easily pay for itself.
Plus, I'm not sure it would really take that much to drive it; you're probably talking about a single-chip device like the brains of RFID tags or smart cards. You could probably run it by stealing some flux from the light bulb's transformer using a little patch antenna (how RFID tags generally work).
I think it would probably be implemented using RFID chips; what the OP was suggesting (I think) is that the RFID tokens (or barcodes, or whatever) use the IPV6 namespace to ensure uniqueness.
Rather than having a separate coordinating authority to hand out blocks of "RFID Numbers", companies would just get a large IPV6 block, and then give a block to each product line, and then to each plant or assembly line, and then give one name to each item as it's produced. They would be guaranteed to be unique IDs and they would have meaning (someone could perform a reverse lookup and get the manufacturer, at least). It avoids having to have a separate, essentially duplicate apparatus, just to manage the separate namespace.
MAC addresses are used this way on some networking gear right now. They have the address printed right on the outside of the box, in bar-code form, next to the model number (and sometimes next to an arbitrary serial number, which is redundant).
In general I think URNs ("urn:bigco.com/model/factorycode/year/dayofyear/serialno") make better unique identifiers than IPv6 addresses would, and remove a layer of abstraction that doesn't need to exist, but the idea is still plausible, I suppose.
Well, it starts out with a maximum that's equal to 2^32, which is 4.2B, but you'd never be able to actually get there.
Even if you set aside the old legacy allocations that are probably pretty impractical to get back, you lose quite a few addresses in routing overhead. This was really bad back before CIDR, but it's still a problem now. Addresses need to be handed out in blocks and then the blocks get cut down, smaller and smaller, as you go down the chain. But because it's such a PITA to request new blocks, everybody grabs a few more than they need at every level. The net effect is significant waste.
I'm sure now, even with CIDR, there's probably a relationship between address-space utilization and routing table size, where as you start to approach full utilization (and have to start handing out addresses in smaller and smaller blocks, and networks end up with noncontiguous blocks acquired at different times, etc.) the routing tables start to get more and more complex.
It's been a while since I've heard anyone particularly concerned about routing table size -- I assume because routers have been getting so much more powerful that they've kept ahead of the curve -- but it could turn into an issue again if we started to really saturate the address space. Particularly if gains in processing power and memory density started to taper off, you might get squeezed there instead of the raw lack-of-numbers issue.
So even under the best circumstances where we recovered all the old IPv4 allocations, we wouldn't necessarily be buying ourselves as much time it might appear (by dividing the burn rate by the total available pool). There are a lot of factors that make it impractical to get to, or even near, 100% utilization. At some point it would just become painful to deal with, and in the process a lot of development probably would get stymied and a lot of money wasted on buying increasingly expensive addresses that could have been used more productively.
Because then you can have firewalls that are actually just firewalls, and don't perform NAT. There isn't necessarily anything that you can't do with NAT, but IMO it's much more elegant to not have it in there, if you don't need it.
And if you have a Class A block, you don't need it.
Actually this is exactly why nobody wants to change.
Or rather, everyone knows they'll have to change eventually, but nobody wants to be first. Optimally, everyone wants to be last. There's no benefit to being an early adopter -- you spend a lot of money figuring out how to do everything right, upgrading stuff, maybe rewriting software; the Johnny-come-latelies just ride in on the coattails of everyone else. They hire a couple of consultants to do the worst of the work, who've gotten their experience on the early adopters, buy COTS software, cheap hardware, etc.
Right now we're in a sort of 'Mexican standoff' where nobody wants to move first, because there's a risk by using up all that capital being first, your competitors will sit, and watch, and learn, and then leapfrog you when they get around to doing it later.
(Similarly, both the U.S. and China need to move away from oil, but neither want to go first; both would prefer to let the other guy go first, and take the big economic hit from switching over to something else, and burn out the rest of the fossil fuels themselves, and then buy the alternative technology once it's cheap and being mass-produced, with all the R&D subsidized by the other guy.)
If people are looking for quality-filtered articles, they should restrict their search to something other than just "everything in arXiv". If they don't, and take everything in there as gospel, then they're fools and deserve what they get.
ArXiv doesn't put itself out there as a peer-reviewed source; it's pretty up-front about not doing that, in fact. There's a place for peer-reviewed, high-quality sources, but there's also a demand for something else: access to information. Sometimes you don't care whether everything in a database has been peer-reviewed, and if the cost is paying $15 per item (which is what it costs to get something from a lot of peer-reviewed journals), then it's not worth it. With traditional journals you don't have a choice; you're stuck paying regardless, even if you know the paper you want and don't care about their "value added." With papers in a repository like arXiv, there's still a place for journals and various kinds of peer review, but all the papers -- even the un-reviewed ones -- are also accessible if you want to just browse the repository.
I agree that they ought to be more clear (although I don't think they're that worse than the norm; they just advertise more), since there are really three key factors that a prospective customer needs to know while comparing two ISPs:
1. The burst speed, important when you're doing web browsing, email, and other intermittent tasks. (3, 6, 8 Mbps or whatever.) 2. The criteria that will result in de-prioritization or bandwidth throttling, if any. (With the new policy, 70% of max rated, measured over 15 minutes, but only when the node is congested.) 3. The total amount of transfer included in the plan's base rate, or the data rate at which you're allowed to push packets continuously without getting capped, throttled, or having your service disconnected. (250GB/mo, or a continuous stream of around 101kB/s.)
Although it's not applicable for Comcast, the fourth thing you'd want to look at when comparing connections is what the marginal cost is for additional transfer, once you go over the limit of what's included in your plan. Unfortunately Comcast doesn't do this; they just cut you off and tell you to upgrade to a higher plan. There's no way to just buy some additional bandwidth without going to a higher grade of service.
With the exception of #2, these are pretty much the same factors you'd look for in a "real" (SLAed) internet connection. Most good connections have a peak bandwidth capability that's well above what most people pay for in transfer. Good connections don't throttle you if you use too much bandwidth, any more than the power company throttles you if you use too much power -- you throttle yourself in order to keep costs under control. If consumer plans were billed like this, there probably wouldn't be any need for throttling either, but I'm not sure whether most consumers would like it much. (Personally I think metered data is fine, as long as there's competition and the rate isn't extortionate when compared to the marginal cost of commodity transfer that the ISP pays, but I think it'll be a while before the internet-using public is really ready for it.)
I think that they were only able to grab the names that they did, because they were gTLDs, and hence fell under ICANN's direct authority. Since ICANN is a U.S. corporation, they bullied them and got the registration information changed.
It's interesting to speculate about what might have happened, if they had tried to go after a foreign domain name that was registered via an RIR. I don't think they would have been as successful. The RIR could have just told them to piss off, and then they would have had to try and get ICANN to step on the RIR, which might or might not have been effective.
ICANN only has so much sway over the RIRs. Their only bargaining chip is a sort of nuclear option -- threaten to stop directing DNS queries for their ccTLD to them, by removing them from the DNS root. This could easily precipitate a situation where the RIRs decided to split the root and just cut ICANN out completely. (I think in Europe somebody's actually maintaining an alternate root, sort of on standby all the time, for exactly this sort of eventuality.) I doubt this is a road they want to go down, because it could lead to a lot of nastiness and perhaps even breakage of the Internet generally. So while they may reluctantly cooperate with U.S. courts when it comes to gTLDs -- they have little choice, since with those addresses, the buck stops with them -- they're unlikely to do anything more than point in the direction of the RIR if an order comes in concerning a ccTLD.
So really, what this whole debacle indicates is twofold:
1. All gTLDs should be assumed to be vulnerable to assault under U.S. law, and companies or individuals 'owning' gTLD addresses should realize that they do so only at the whim of legislators or judges in the United States. 2. Anyone doing anything that's not welcomed in the U.S. (which could be anything from gambling to anonymous financial services to drug discussion, these days) would do well to move away from using gTLDs and instead use an address under a ccTLD, where the country in question has a friendly attitude to their business and is likely to resist U.S.-led pressure.
Yep. The throttling plan is fine, and a big step forward given the crap they were pulling with RST-injection not that long ago, but the 250GB cap is significantly more onerous. That's where people should really be directing their flames. The throttling seems to be pretty clearly dictated by hardware limits and at ensuring the best experience for the largest number of people.
And with the throttling, Comcast has shown that they're capable of changing their tune (admittedly, only under threat of massive lawsuits, but that's par for the course with large corporations). If people make enough noise, they might come up with a more reasonable overall bandwidth cap scheme.
For starters, it'd be nice if they quit pretending that all transfer actually costs them the same amount (traffic within the Comcast network, such as would be generated between my house and my neighbor's, costs Comcast nothing for each additional packet), and came up with a billing scheme that actually had some relation between the costs passed on to the user and the actual cost of wholesale transit (basically the only marginal cost to them generated by a non-contentious heavy user).
So they should be able to slow my traffic down because I'm trying to actually use their advertised bandwidth? How is me wanting what I was sold unreasonable?
This is a little unreasonable, yeah, because they don't advertise anything that ought to make an intelligent person instantly assume that they can run their 6 or 8Mb connection all-out, 24/7. It's been a very long time since I've seen them advertise "unlimited" anything. There might have been a point, a few years back, when you could make an argument that they'd advertised unlimited service and ought to deliver on that, but it hasn't been the case for a while.
They are very careful, at least in every ad I've seen, about only advertising peak speeds as being "up to" or "burst." The connection is capable of it, in other words, but it's not meant to be used that way continuously. If this offends you, that's fine, but it shouldn't be any more offensive than a car manufacturer printing up the power generated by an engine while at redline, or a CD/DVD drive manufacturer highlighting their burst speed while burying their sustained speed in the small print. If your problem is with advertising as it is carried out in the U.S. today generally, than I'm all with you. But Comcast isn't that much worse than the norm.
While I wouldn't mind if some states' Departments of Consumer Protection mandated that ISPs display their continuous, sustainable transfer rates alongside and in the same size/typeface as their burst speeds, there's no requirement for them to do anything like that right now. (It'd be amusing to see them advertising "101kB/s" internet, since that's what the 250GB cap works out to be.) It's up to consumer to read the small print and know what they're buying.
The system (based on everything I've read) does not care, or try to detect, the contents of your packets.* It doesn't care whether what you're downloading is legal or not.
This is exactly as it should be, since it doesn't matter to other people on the local node what you're doing, only that you're hogging bandwidth. Legal movies, illegal movies, videoconferencing, a totally opaque VPN connection... it doesn't matter. They all have the same effect on other users of the network, and should all be treated exactly the same way.
* Or so they claim. Some people have noted that the hardware they're using comes from a company most noted for its sophisticated and purpose-built DPI products, which seems like a bit of an odd choice of vendor for something that's really quite simple. I don't have a dog in that fight, but I'm taking them at face value for now.
One user running Skype isn't that much of a problem -- as you point out, it's not that bandwidth-intensive -- but keep in mind that it's up to ~30kbps per user. (And the usage can go up by 40kbps beyond that if one of the users is a supernode, although admittedly only one user per IP address should do that.) It can pile up to a significant amount if you have a bunch of people using it at the same time.
But really I was just using Skype as an example of an application that's particularly aggressive about using bandwidth, and doesn't give the user much of a say -- it grabs whatever it can, whenever it can. I'm not sure that's a great design, just fundamentally. But in reality, most of the problems with Skype and Comcast will be related to the overall amount of transfer it creates versus the 250GB limit; I don't think it'll really create that much of an issue with the bandwidth-based throttling. Video services are of a much greater concern. (Also, doesn't Skype do video? I bet that requires a lot more bandwidth.)
Well, the interesting thing to consider is that there are situations where a node might get congested, but nobody would get throttled. I'd hope that if that situation occurs, Comcast will realize it's a sign that the node is oversubscribed and break it up.
The QoS deprioritization only kicks in if the whole node is "Near Congestion" (to use their term), and if an individual user is close to pegging the needle for 15+ minutes. It's entirely possible that a node might become congested without meeting the second criteria.
E.g.: Lets say a node has 300 users connected, and it has a 1Gb/s backhaul. (We'll imagine that all the traffic is either symmetric, or only deal with one direction, just for clarity.) Users only get throttled when they're at 70% of their allotted peak. If each of those 300 users has a 6Mb/s plan, they could all be holding steady just under 70% -- low enough to avoid throttling -- but still saturate the node. In fact, they only have to each be at around 56% utilization for full saturation of the upstream link.
If Comcast sticks to its word about the throttling cutoffs -- and I admit that coming from Comcast that may be a bit too much to expect -- they won't be able to use it to stave off equipment upgrades forever, in the face of new services that cause large numbers of users to start sucking down bits. If everyone in the neighborhood decides to watch IPTV or do video chat at once, there's going to be contention, and the throttling setup they've created won't do a thing about it.
The nice thing about the new Comcast policy -- and I say that unsarcastically, because I think it is a good thing -- is that it doesn't care about the kind of traffic you're pushing. It doesn't try to separate out intent; it doesn't care whether what you're doing is "illegal".
So yes, people watching a lot of YouTube will get throttled. It's even possible that people watching a lot of YouTube will even be throttled before people downloading warez, if the people downloading warez keep their bandwidth under control.
This is exactly as it should be. It's no good for the ISPs to start turning into content police. For them to determine what content is legal and what's illegal would require intrusive deep-packet inspection, and maybe even blocking encrypted traffic or performing MITMs to get around it. It's far better not to go there and to just count packets.
Plus, it doesn't matter to your neighbors what, exactly, you're doing with the bandwidth -- if you're hogging the upstream to the point where there's contention, it's irrelevant what happens to be inside your bits, just that there's too many of them.
Slashdot Mirror
You can generally do this in the U.S. as well (at least at T-Mobile stores, not sure about the others, they're all too evil for me to give my money to in good conscience). You can buy the phone outright and then get it unlocked. They should unlock it for you, right there in the store, but sometimes the employees are morons and you need to call up Customer Service to get the code.
But at any rate, it's possible, and it lets you use the phone on whatever plan you'd like, with whatever GSM carrier you'd like. Of course, if you want an unlocked phone there are better places to go than a T-Mobile store, but I just thought I'd point it out -- subsidized phones aren't the only way to buy them, even through the carriers.
It's just that most Americans have the same reaction to the word "free" that a group of 13-year-old boys do to naked breasts; it doesn't matter what it's attached to, they want some. Combine that with an inability to do basic mathematics and I don't see "free" phones going anywhere, any time soon.
I think the term the GP is looking for is cost center. These are activities done by a company that do not directly generate profit themselves, but in some way (hopefully) enable the company to be more profitable, or to conduct its primary business activity.
To a company that sells software, support is very definitely a cost center. You need to have it, else people might not buy your software, but each additional dollar invested in it doesn't necessarily get you much of a return. On the balance sheet, it is always going to be in the red. This tends to encourage companies to spend the minimum on it that they possibly can.
Is it any wonder that the rest of the world wants an international body overseeing the internet.
The rest of the world might think they want that, but I'm not sure they've really thought it through. It seems to me there's a fairly good chance that whatever scheme everyone could agree on to replace ICANN would be just as bad as the current setup, and it might be a lot worse. Besides which, the U.S. Government will never give it up voluntarily.
The problem is that anything resembling ICANN is going to be subject to threats. I don't think it's possible to have some sort of Internet governing body that's immune to various national laws. So it would be better all around if we just didn't try.
Instead, just have national governing bodies for each country that operate that country's ccTLD domain registrations, and the DNS servers for that country. Including -- and this is the important difference from right now -- a top-level (root) DNS server for residents of that country.
So there wouldn't be a single root server, or group of root servers, anywhere. There would be a US root server, and a German root server, and a Swedish root server, etc. You would have, by design, a split root. In fact you would have lots of roots.
Countries would synchronize their DNS root servers with the root servers of other countries that they basically agreed with and had good relations with. If some country wanted to do something stupid (like redirecting YouTube to the home page of the Morality Police, or whatever), it would only affect people in that country. Other countries could just not sync with them anymore.
It would break the idea of the Internet as some single global entity that's the same for everyone, but that's increasingly not true anyway. And it was never really feasible. It was a dream, a neat idea, but never practical. The Internet as experienced by Americans is not going to be the same Internet experienced by Iranians, or by Swedes. It was a mistake to ever think that a computer network could exist above the reach of politicians and lawyers.
They are still in the United States; orders and judgments from one state's courts are typically enforceable in other states, with certain exceptions. The WP article on the Full Faith and Credit Clause is fairly good.
ICANN is being ordered to turn over the domain names much in the same way that a bank might be ordered to freeze or turn over assets as part of a judgment against a customer, even though the bank might not be in the same state as the customer that's actually a party to the litigation. ICANN could have opened themselves up to all sorts of problems if they had just ignored the order or refused to comply (getting fined for contempt seems reasonably likely).
Given that ICANN is a U.S. corporation and probably has assets in the U.S. that could have been seized, they probably didn't have a lot of choice in the matter; the mistake was in the Kentucky court asserting jurisdiction over the domain names and sending out the order in the first place. It's not ICANN's place to refuse at that point; when a court oversteps its jurisdiction, it's the job of higher courts to correct the problem.
I'm no expert on this, but based on my reading of the WP article linked above, I wonder if all this couldn't be put to bed by a CA state law that protected ICANN, or prohibited these sort of extraterritorial domain-name grabs. Since Full Faith and Credit doesn't compel a state to violate its own laws, that would seemingly remove the gun to ICANN's head, although it might have to go to a Federal court if someone wanted to push the issue. I'd be interested if any Constitutional law scholars wanted to weigh in on that point.
What do we do when an Islamic state with access to Domain Registry, decides they want to take control of all domain names that they feel are unacceptable to their beliefs and laws?
We, along with ICANN, laugh in their general direction, since they have no way of compelling a U.S. corporation (which is what ICANN is) into doing anything. Except as allowed via treaties, foreign court orders and judgments aren't enforceable in the U.S., but judgments and orders from one U.S. state are enforceable in another, due to Full Faith and Credit. (Well, depending on who you ask it's either due to FF&C or due to Federal laws combined with USSC rulings, but the effect is the same either way.)
Is the US just the big bully on the block when it comes to controlling Domain Names in this respect?
To put it bluntly: yes. The U.S. has a sort of...unique position in this respect because ICANN is incorporated here, and ICANN still has some quasi-government baggage that prevents it from just relocating when being in the U.S. proves inconvenient. The U.S. Government could, theoretically, annul the contract that gives ICANN its authority and roll the functions it currently performs back into the Department of Commerce at any time. I don't think they'll actually ever do this -- I don't think it's really possible for them to do it, in fact, because they're not competent enough -- but ICANN doesn't really stand by itself. They exist and perform certain functions basically at the pleasure of the United States government. At least, that's how it is on paper.
What if Nevada wants to assume control over those Domain Names and deploy them under 'Eminent Domain' laws in order to give to a 'responsible party' in order to create more public revenues?
This seems like a risk, if the whole Kentucky thing doesn't get quashed soon. It's pretty obvious that the motives driving the Kentucky seizure are exactly this sort of protectionism, so it doesn't seem like a great stretch. I'm not sure if eminent domain would be the best vehicle to accomplish the task with (passing a few laws so that the sites would be in violation and then seizing the domains as punishment would be easier, I think), but the outcome would be the same.
I don't think the problem is that ICANN exists in the United States, frankly I think the problem is more fundamental: the existence of ICANN is a single point of failure; it's a place where you can, essentially, attack the Internet. Maybe not in the physical sense -- you're not destroying infrastructure -- but you can at least disrupt services to people you don't like, which amounts to much the same thing. I think it's about time to think about alternative methods that would avoid having a central authority altogether.
I would suspect so, or at least that seems logical; I would bet that lots of people are watching the Kentucky thing closely. If no higher court steps in and slaps them upside the head, then I don't see why there wouldn't be a rash of gTLD domain confiscations due to sites violating U.S. laws. I'm sure there are lots of state attorneys general that would love to brag about confiscating the domain name of some dirty foreign terrorist/pirate/smut-peddler/etc. I could see it becoming the method of choice for busybody public servants looking to score points -- get the web page of some unsympathetic foreign (and therefore basically defenseless) organization confiscated and redirected to the BSA/MPAA/DEA's homepage instead.
The Pirate Bay definitely seems like a high-profile, high-value target; I would be more than a little concerned if I were them (and I'd be looking into getting a domain under a Swedish ccTLD, if they don't have one already).
Basically, companies or organizations that already maintain their servers outside of the U.S. in order to avoid legal problems, probably ought to consider getting their domain name moved out of the U.S.-controlled namespace as well. It might also be time to start considering situations where it would be appropriate to de-synchronize DNS root servers from those located in the U.S., although that's a bit of a "nuclear option."
I'm hopeful that the Kentucky stupidity will get slapped down by a Federal court (or the SCOTUS), but I certainly wouldn't bet my business or organization on it, if I was at risk.
That's basically the case. Although I don't know about the Internet at large, you could at least shut down ICANN with a few well-placed court orders from any U.S. state you wanted to.
This is because -- as I understand it, anyway -- ICANN is incorporated in the United States, specifically in California. Court orders from other U.S. states are enforceable in California because of the Full Faith and Credit clause of the Constitution. So if a judge in some state (say Kentucky) orders ICANN to do something, despite ICANN being in California, there's a good chance ICANN is required to do it. At the very least they can't just blithely shrug it off, as they might do with an order from a court from another country.
There are a lot of checks and balances that are supposed to come into play -- state courts aren't supposed to rule on things that are outside of their jurisdiction, for one -- but those questions get into gray areas pretty quickly. If a site is accessible in a particular state, does that automatically make it subject to that state's laws? You and I (and most people who understand how the Internet works) would probably say no, but I'm not sure there's legal precedent on that. Many Internet users erroneously assume that a web site is subject only to the laws of wherever the server actually hosting it physically resides, and this is a pretty logical stance, but a lot of judges seem to lack this understanding. Increasingly there seems to be an attitude that if a user can access a site from a particular location, then it falls into that court of that location's jurisdiction, despite the servers being located thousands of miles away: that's the stance that the court in Kentucky seems to be taking.
(Indeed, seems to me - though IANAL - that if this nutcase theory of jurisdiction holds, any country hostile to free speech can seize domain names left and right. Germany can seize "HolocaustDeniers.org", Russian can seize "PutinSucks.com".)
Well, they can try, but I don't know how they actually would ... the reason Kentucky was able to do this is because (as I understand the mechanics of it) ICANN is incorporated in the U.S., and they served them with a court order.
ICANN probably should have just told them to get stuffed, but they didn't (probably because they didn't want to get dragged into it, or get fined for being in contempt). But it's because they're located in, and incorporated in, the U.S. that gives a penny-ante court in Kentucky any sort of leverage.
A court in Germany could try serving ICANN with papers ordering them to turn over HolocaustDeniers.com or whatever, but I don't see why ICANN would comply -- and, more importantly, I don't see what sort of leverage a court in Germany would have to force them to. They could probably do the same thing to the registrar that controls the ".de" TLD, which I assume is incorporated in Germany, but not if it was a gTLD (.com, .net, .org, &c.).
I'm also not sure that the court in Kentucky would have had as much success at grabbing the domains if they'd been registered under the country code of some other country. E.g., if the site had been "GreatGambling.co.de", and they had ordered ICANN to transfer it, ICANN might have been able to say to them with a straight face that it was impossible, and they'd have to talk to the registrar for .de, which would be some company in Germany. But they can't pass the buck and claim it's beyond their control when it's a gTLD, since they oversee them.
The bottom line to all of this is that people need to realize that all the gTLDs are not some sort of international zone. At the end of the day they are basically .us domains without the explicit ".us" at the end. If you're doing something that's considered shady, or might possibly be considered shady, by virtually any court in the U.S., you would be better off getting a domain in a ccTLD from a country that's more tolerant, rather than a gTLD domain. Anyone with a gTLD domain has it basically at the whim and mercy of any state court judge in the United States; depending on the subject matter or the purpose of the site, that might be an improvement over some other country (Chinese democracy, lambasting various monarchies), or it might be a huge liability (gambling, DRM breaking, certain types of porn).
Who says they're different people?
Everyone has a price.
I said:
What I meant was:
So even under the best circumstances where we recovered all the old IPv4 allocations, we wouldn't necessarily be buying ourselves as much time it might appear (by dividing the burn rate into the total available pool)...
Apple removed the FW port because FW isn't a consumer technology and doesn't belong on a consumer product. It was nothing about differentiation.
Huh? Creating an artificial separation between "consumer product" and "professional product" is differentiation. That's what everybody's talking about.
FireWire got deemed a 'professional' feature, meaning that if you want it, you now have to shell out boku bucks for a 'pro' laptop, despite the fact that in prior generations, you didn't. It's because in prior generations it wasn't being used to help separate the two product lines -- now it is.
I'm writing this on an iBook right now, and all told I have thousands invested in Apple gear, so it's not like I'm anti-Apple, but they've never exactly been timid about segmenting the market in order to extract the 'pro tax' from anyone who wanted expandability.
You have a point if you were talking about old filament Edison bulbs, but CFLs already contain a fairly sophisticated miniature power supply, in order to produce the voltage needed by the light. You're already throwing all that out when you replace it. (Unless you have 'real', non-compact, fluorescents, where the transformer and ballast is replaceable.) Although this is admittedly a waste, it's worthwhile overall because the CFL bulb in its lifetime saves so much electricity that it pays for its components many times over.
Compared to a whole disposable transformer and ballast, justifying a disposable microcontroller and the components to run it isn't much of a task. It wouldn't have to cut back your energy consumption by much to easily pay for itself.
Plus, I'm not sure it would really take that much to drive it; you're probably talking about a single-chip device like the brains of RFID tags or smart cards. You could probably run it by stealing some flux from the light bulb's transformer using a little patch antenna (how RFID tags generally work).
I think it would probably be implemented using RFID chips; what the OP was suggesting (I think) is that the RFID tokens (or barcodes, or whatever) use the IPV6 namespace to ensure uniqueness.
Rather than having a separate coordinating authority to hand out blocks of "RFID Numbers", companies would just get a large IPV6 block, and then give a block to each product line, and then to each plant or assembly line, and then give one name to each item as it's produced. They would be guaranteed to be unique IDs and they would have meaning (someone could perform a reverse lookup and get the manufacturer, at least). It avoids having to have a separate, essentially duplicate apparatus, just to manage the separate namespace.
MAC addresses are used this way on some networking gear right now. They have the address printed right on the outside of the box, in bar-code form, next to the model number (and sometimes next to an arbitrary serial number, which is redundant).
In general I think URNs ("urn:bigco.com/model/factorycode/year/dayofyear/serialno") make better unique identifiers than IPv6 addresses would, and remove a layer of abstraction that doesn't need to exist, but the idea is still plausible, I suppose.
Well, it starts out with a maximum that's equal to 2^32, which is 4.2B, but you'd never be able to actually get there.
Even if you set aside the old legacy allocations that are probably pretty impractical to get back, you lose quite a few addresses in routing overhead. This was really bad back before CIDR, but it's still a problem now. Addresses need to be handed out in blocks and then the blocks get cut down, smaller and smaller, as you go down the chain. But because it's such a PITA to request new blocks, everybody grabs a few more than they need at every level. The net effect is significant waste.
I'm sure now, even with CIDR, there's probably a relationship between address-space utilization and routing table size, where as you start to approach full utilization (and have to start handing out addresses in smaller and smaller blocks, and networks end up with noncontiguous blocks acquired at different times, etc.) the routing tables start to get more and more complex.
It's been a while since I've heard anyone particularly concerned about routing table size -- I assume because routers have been getting so much more powerful that they've kept ahead of the curve -- but it could turn into an issue again if we started to really saturate the address space. Particularly if gains in processing power and memory density started to taper off, you might get squeezed there instead of the raw lack-of-numbers issue.
So even under the best circumstances where we recovered all the old IPv4 allocations, we wouldn't necessarily be buying ourselves as much time it might appear (by dividing the burn rate by the total available pool). There are a lot of factors that make it impractical to get to, or even near, 100% utilization. At some point it would just become painful to deal with, and in the process a lot of development probably would get stymied and a lot of money wasted on buying increasingly expensive addresses that could have been used more productively.
Because then you can have firewalls that are actually just firewalls, and don't perform NAT. There isn't necessarily anything that you can't do with NAT, but IMO it's much more elegant to not have it in there, if you don't need it.
And if you have a Class A block, you don't need it.
Actually this is exactly why nobody wants to change.
Or rather, everyone knows they'll have to change eventually, but nobody wants to be first. Optimally, everyone wants to be last. There's no benefit to being an early adopter -- you spend a lot of money figuring out how to do everything right, upgrading stuff, maybe rewriting software; the Johnny-come-latelies just ride in on the coattails of everyone else. They hire a couple of consultants to do the worst of the work, who've gotten their experience on the early adopters, buy COTS software, cheap hardware, etc.
Right now we're in a sort of 'Mexican standoff' where nobody wants to move first, because there's a risk by using up all that capital being first, your competitors will sit, and watch, and learn, and then leapfrog you when they get around to doing it later.
(Similarly, both the U.S. and China need to move away from oil, but neither want to go first; both would prefer to let the other guy go first, and take the big economic hit from switching over to something else, and burn out the rest of the fossil fuels themselves, and then buy the alternative technology once it's cheap and being mass-produced, with all the R&D subsidized by the other guy.)
This isn't a bug, it's a feature.
If people are looking for quality-filtered articles, they should restrict their search to something other than just "everything in arXiv". If they don't, and take everything in there as gospel, then they're fools and deserve what they get.
ArXiv doesn't put itself out there as a peer-reviewed source; it's pretty up-front about not doing that, in fact. There's a place for peer-reviewed, high-quality sources, but there's also a demand for something else: access to information. Sometimes you don't care whether everything in a database has been peer-reviewed, and if the cost is paying $15 per item (which is what it costs to get something from a lot of peer-reviewed journals), then it's not worth it. With traditional journals you don't have a choice; you're stuck paying regardless, even if you know the paper you want and don't care about their "value added." With papers in a repository like arXiv, there's still a place for journals and various kinds of peer review, but all the papers -- even the un-reviewed ones -- are also accessible if you want to just browse the repository.
I agree that they ought to be more clear (although I don't think they're that worse than the norm; they just advertise more), since there are really three key factors that a prospective customer needs to know while comparing two ISPs:
1. The burst speed, important when you're doing web browsing, email, and other intermittent tasks. (3, 6, 8 Mbps or whatever.)
2. The criteria that will result in de-prioritization or bandwidth throttling, if any. (With the new policy, 70% of max rated, measured over 15 minutes, but only when the node is congested.)
3. The total amount of transfer included in the plan's base rate, or the data rate at which you're allowed to push packets continuously without getting capped, throttled, or having your service disconnected. (250GB/mo, or a continuous stream of around 101kB/s.)
Although it's not applicable for Comcast, the fourth thing you'd want to look at when comparing connections is what the marginal cost is for additional transfer, once you go over the limit of what's included in your plan. Unfortunately Comcast doesn't do this; they just cut you off and tell you to upgrade to a higher plan. There's no way to just buy some additional bandwidth without going to a higher grade of service.
With the exception of #2, these are pretty much the same factors you'd look for in a "real" (SLAed) internet connection. Most good connections have a peak bandwidth capability that's well above what most people pay for in transfer. Good connections don't throttle you if you use too much bandwidth, any more than the power company throttles you if you use too much power -- you throttle yourself in order to keep costs under control. If consumer plans were billed like this, there probably wouldn't be any need for throttling either, but I'm not sure whether most consumers would like it much. (Personally I think metered data is fine, as long as there's competition and the rate isn't extortionate when compared to the marginal cost of commodity transfer that the ISP pays, but I think it'll be a while before the internet-using public is really ready for it.)
I think that they were only able to grab the names that they did, because they were gTLDs, and hence fell under ICANN's direct authority. Since ICANN is a U.S. corporation, they bullied them and got the registration information changed.
It's interesting to speculate about what might have happened, if they had tried to go after a foreign domain name that was registered via an RIR. I don't think they would have been as successful. The RIR could have just told them to piss off, and then they would have had to try and get ICANN to step on the RIR, which might or might not have been effective.
ICANN only has so much sway over the RIRs. Their only bargaining chip is a sort of nuclear option -- threaten to stop directing DNS queries for their ccTLD to them, by removing them from the DNS root. This could easily precipitate a situation where the RIRs decided to split the root and just cut ICANN out completely. (I think in Europe somebody's actually maintaining an alternate root, sort of on standby all the time, for exactly this sort of eventuality.) I doubt this is a road they want to go down, because it could lead to a lot of nastiness and perhaps even breakage of the Internet generally. So while they may reluctantly cooperate with U.S. courts when it comes to gTLDs -- they have little choice, since with those addresses, the buck stops with them -- they're unlikely to do anything more than point in the direction of the RIR if an order comes in concerning a ccTLD.
So really, what this whole debacle indicates is twofold:
1. All gTLDs should be assumed to be vulnerable to assault under U.S. law, and companies or individuals 'owning' gTLD addresses should realize that they do so only at the whim of legislators or judges in the United States.
2. Anyone doing anything that's not welcomed in the U.S. (which could be anything from gambling to anonymous financial services to drug discussion, these days) would do well to move away from using gTLDs and instead use an address under a ccTLD, where the country in question has a friendly attitude to their business and is likely to resist U.S.-led pressure.
Yep. The throttling plan is fine, and a big step forward given the crap they were pulling with RST-injection not that long ago, but the 250GB cap is significantly more onerous. That's where people should really be directing their flames. The throttling seems to be pretty clearly dictated by hardware limits and at ensuring the best experience for the largest number of people.
And with the throttling, Comcast has shown that they're capable of changing their tune (admittedly, only under threat of massive lawsuits, but that's par for the course with large corporations). If people make enough noise, they might come up with a more reasonable overall bandwidth cap scheme.
For starters, it'd be nice if they quit pretending that all transfer actually costs them the same amount (traffic within the Comcast network, such as would be generated between my house and my neighbor's, costs Comcast nothing for each additional packet), and came up with a billing scheme that actually had some relation between the costs passed on to the user and the actual cost of wholesale transit (basically the only marginal cost to them generated by a non-contentious heavy user).
So they should be able to slow my traffic down because I'm trying to actually use their advertised bandwidth? How is me wanting what I was sold unreasonable?
This is a little unreasonable, yeah, because they don't advertise anything that ought to make an intelligent person instantly assume that they can run their 6 or 8Mb connection all-out, 24/7. It's been a very long time since I've seen them advertise "unlimited" anything. There might have been a point, a few years back, when you could make an argument that they'd advertised unlimited service and ought to deliver on that, but it hasn't been the case for a while.
They are very careful, at least in every ad I've seen, about only advertising peak speeds as being "up to" or "burst." The connection is capable of it, in other words, but it's not meant to be used that way continuously. If this offends you, that's fine, but it shouldn't be any more offensive than a car manufacturer printing up the power generated by an engine while at redline, or a CD/DVD drive manufacturer highlighting their burst speed while burying their sustained speed in the small print. If your problem is with advertising as it is carried out in the U.S. today generally, than I'm all with you. But Comcast isn't that much worse than the norm.
While I wouldn't mind if some states' Departments of Consumer Protection mandated that ISPs display their continuous, sustainable transfer rates alongside and in the same size/typeface as their burst speeds, there's no requirement for them to do anything like that right now. (It'd be amusing to see them advertising "101kB/s" internet, since that's what the 250GB cap works out to be.) It's up to consumer to read the small print and know what they're buying.
The system (based on everything I've read) does not care, or try to detect, the contents of your packets.* It doesn't care whether what you're downloading is legal or not.
This is exactly as it should be, since it doesn't matter to other people on the local node what you're doing, only that you're hogging bandwidth. Legal movies, illegal movies, videoconferencing, a totally opaque VPN connection ... it doesn't matter. They all have the same effect on other users of the network, and should all be treated exactly the same way.
* Or so they claim. Some people have noted that the hardware they're using comes from a company most noted for its sophisticated and purpose-built DPI products, which seems like a bit of an odd choice of vendor for something that's really quite simple. I don't have a dog in that fight, but I'm taking them at face value for now.
One user running Skype isn't that much of a problem -- as you point out, it's not that bandwidth-intensive -- but keep in mind that it's up to ~30kbps per user. (And the usage can go up by 40kbps beyond that if one of the users is a supernode, although admittedly only one user per IP address should do that.) It can pile up to a significant amount if you have a bunch of people using it at the same time.
But really I was just using Skype as an example of an application that's particularly aggressive about using bandwidth, and doesn't give the user much of a say -- it grabs whatever it can, whenever it can. I'm not sure that's a great design, just fundamentally. But in reality, most of the problems with Skype and Comcast will be related to the overall amount of transfer it creates versus the 250GB limit; I don't think it'll really create that much of an issue with the bandwidth-based throttling. Video services are of a much greater concern. (Also, doesn't Skype do video? I bet that requires a lot more bandwidth.)
Well, the interesting thing to consider is that there are situations where a node might get congested, but nobody would get throttled. I'd hope that if that situation occurs, Comcast will realize it's a sign that the node is oversubscribed and break it up.
The QoS deprioritization only kicks in if the whole node is "Near Congestion" (to use their term), and if an individual user is close to pegging the needle for 15+ minutes. It's entirely possible that a node might become congested without meeting the second criteria.
E.g.: Lets say a node has 300 users connected, and it has a 1Gb/s backhaul. (We'll imagine that all the traffic is either symmetric, or only deal with one direction, just for clarity.) Users only get throttled when they're at 70% of their allotted peak. If each of those 300 users has a 6Mb/s plan, they could all be holding steady just under 70% -- low enough to avoid throttling -- but still saturate the node. In fact, they only have to each be at around 56% utilization for full saturation of the upstream link.
If Comcast sticks to its word about the throttling cutoffs -- and I admit that coming from Comcast that may be a bit too much to expect -- they won't be able to use it to stave off equipment upgrades forever, in the face of new services that cause large numbers of users to start sucking down bits. If everyone in the neighborhood decides to watch IPTV or do video chat at once, there's going to be contention, and the throttling setup they've created won't do a thing about it.
In a word, yes.
The nice thing about the new Comcast policy -- and I say that unsarcastically, because I think it is a good thing -- is that it doesn't care about the kind of traffic you're pushing. It doesn't try to separate out intent; it doesn't care whether what you're doing is "illegal".
So yes, people watching a lot of YouTube will get throttled. It's even possible that people watching a lot of YouTube will even be throttled before people downloading warez, if the people downloading warez keep their bandwidth under control.
This is exactly as it should be. It's no good for the ISPs to start turning into content police. For them to determine what content is legal and what's illegal would require intrusive deep-packet inspection, and maybe even blocking encrypted traffic or performing MITMs to get around it. It's far better not to go there and to just count packets.
Plus, it doesn't matter to your neighbors what, exactly, you're doing with the bandwidth -- if you're hogging the upstream to the point where there's contention, it's irrelevant what happens to be inside your bits, just that there's too many of them.