I feel like this article was written by someone who hasn't been paying attention to the email landscape for the past twenty years. The checking services that the author lists don't make sure your DNS PTR records are correctly set up. They don't make sure that your server isn't an open relay. And they don't insure that your server is RFC compliant. They run your content through SpamAssassin and invert the score to rate your chances of successfully delivering a marketing message. I also run my own mail server. I'm not doing it to provide you with a medium for your marketing messages. I'm doing it to provide a noise free communications path for my users. I'm probably better than most because if my users complain about losing _any_ messages, I consider that my problem and use appropriate tools to fix it. But email has been under assault for the past twenty years by people who want to sell us things without regard for our interest in buying them. Anyone who expects that landscape to be a green pasture of ease rather than a battleground is sadly out of touch.
I would bet that they use hardly any. Distillation of crude oil into component fuels like gasoline or diesel mainly requires controlled heat. In the best case a refinery would use natural gas or propane heaters to drive crude oil to the liquid-vapor transition temperature of whatever product they want and then use a tall column and a condenser and a condenser to capture their desired output. In the worst case the heater would be powered by the crude oil itself. It's quite likely that they just siphon off some of the diesel, which burns pretty clean, as a fuel for their heat source.
That 93% efficiency is the ratio of watts arriving at the socket over watts generated at the plant. The watts "lost" between those two places are lost heating up the transmission lines. The 59 ~ 62% figure is the ratio of watts of electricity generated at the plant over BTUs of heat generated by burning fuel to heat water and create steam. Systematically, the 59 ~ 62% is more important.
Key to the discussion is the fact that energy comes in two forms: "heat" and "work". Heat is thermal energy. Work is the energy of motion or electricity. In layman's terms we usually don't differentiate between a "motor" and an "engine" but that difference is also very important here. Technically, a "motor" converts work into motion and an "engine" converts heat into work.
In the system that is an electric car powered by a remote power plant:
The heat comes from burning fuel at a power plant to create steam;
Passing the steam through an engine, a turbine causes the turbine to spin; this creates work;
The spinning turbine drives a generator converting work of motion to work of electricity;
The electricity travels over power lines to batteries in a car;
Later, we throttle the stored electricity from the battery through an electric motor to create motion.
Thus the overall fuel-to-motion efficiency of an electric motored car is: (59 ~ 62%) * 93% * battery_efficiency. Battery efficiency of Li-Ion batteries is well above 90% if I recall correctly. But assuming the worst, electric cars are at least 49% fuel-to-motion efficient.
In contrast, the fuel-to-motion efficiency of a car powered by an internal combustion engine hovers in the 35% range today due to market constraints on cars.
Note well that this analysis is generous to internal combustion engine automobiles because it does not account for the difference in energy cost for refining crude oil into typical automotive fuels like gasoline or diesel.
Another vote for pfSense on Soekris here. I'll admit that I prefer straight up OpenBSD but for quick and dirty, pfSense is the way to go. Which Soekris is the real question. If you don't mind the spend, the Net6501 is best. It's got well supported gigabit nics so it will handle full speed traffic from Verizon FIOS, Google Fiber, or the top speed of a Docsis 3 modem. Net5501's show up on eBay irregularly in the $150.00 range. It doesn't make sense to buy them new as they are not much cheaper than the big brother Net6501. You can put a multi-port intel Gigabit card in a Net5501 but it will run hot so you probably want to spring for the larger rack mount case or just get the Net6501. Both the 6501 and the 5501 have more grunt than you need for a firewall/VPN box provided that you don't need to run 5 or more concurrent VPN connections terminating on the soekris' CPU. The last advantage of the net5501 is the presence of a USB 2.0 connection on the front panel. The net4801 is actually a workable solution for pfSense as a firewall/VPN termination box. They commonly show up on eBay in the $60 ~ $100 range. I wouldn't bid more than $80.00. If you find that the lack of CPU horsepower is getting in your way, search for a soekris VPN1411 card, again on eBay. These are typically very cheap, $25.00 and do hardware crypto offload, allowing a Net4801 to handle multiple VPN streams if that's your fancy.
Anyone using ssh to it's maximum security potential isn't sending a password across the channel more than once. On new systems I use some variation of the following to push my key onto the remote system.
All network admins operate in the political domain. Several people here have mentioned that SSH forwarding works in China as I'm sure it does in Iran and Pakistan. Standard SSH on port 22 may just be too useful a tool socially and economically to block. As a consultant I find it rare to visit a shop that blocks SSH anymore even though most of the security admins that I know are well aware that with Putty you can forward any port inside to any port outside as you wish. Of the admins that I meet, most shrug this off as a non-problem saying:I know that users can circumvent any block on my firewall using SSH and port forwarding but the vast majority of my users don't have the arcane knowledge to do that.
We might not be the right people to ask since anyone on Slashdot could find Putty and the right configurations to do this in 15 minutes of searching on Google. And that assumes that the person asking is stuck on MS Windows. In Linux or OS X it's built into the OS.
I'd disagree that SSH is the best way to do this. A VPN is better because using a VPN allows you to hide in a class of users that the attacker wants to court and curry the favor of. The Chinese government wants our business so they must consent to our business people using strong encryption on our communications back home. SSH forwarding is one way to do this but a VPN is a much more common part of corporate IT security policy. If SSH is socio/economically difficult to block, a VPN is even more so.
The Net 55xx boxes are a good choice here so I'll second the recommendation. I've replaced my firewall routers with net 5501 and a net 4801. The 5501 has a $10.00 kit for attaching a SATA drive. My 5501 with Sata consumes 15W continuous.
Furthermore, since most of the methods that people use to discover brute forcing attempts rely on a high rate of attack, these slow attacks are immune. I'm not sure how the oft mentioned denyhosts works but the author of the original article is using FreeBSD and OpenBSD with the pf filewall which can blackhole brute forcers based on rate of attack. Using the pf method with settings aggressive enough to catch the latest round of attacks runs a high risk of blocking valid users. I'm seeing the same issue as the original article's author and I've noticed as he has that my OpenBSD boxes have not been targeted. FreeBSD, NetBSD, Ubuntu and Debian on the other hand.
My suggestion: Use Public Keys as much as possible. Systems allowing only Public Keys are immune to these attacks and you don't get the nasty log messages as well. If you must allow passwords disallow them for root. You can get root access by configuring sudo for users and via Public Keys for scripts.
# PasswordAuthentication no ## Best -- Public keys required for login
# PasswordAuthentication yes ## Only if you must.
# PermitRootLogin no ## Best -- root cannot login remotely.
# PermitRootLogin without-password ## Better -- root can login via key but not with a password.
Not sure I agree on the predatory ink pricing but I solidly see your point if you are looking at their cheapest inkjet printer. For color output I have an HP 2250 that I've been happy with. Ink is $130 for all four cartridges but lasts about 2000 pages. The 2250 was marketed as a SOHO printer when I bought it in the late 1990s (perhaps 1999) I bought the postscript cartridge and maxed the memory later. It's okay but the cost to print is considerably higher than the laser but I expected that when I bought it. My experience with the 2250 led me to convince my father-in-law to buy an HP 7210 all-in-one. This was a solidly bad decision. The ink is expensive, and the networking is completely non-standard. I spent a week chasing network bugs with it before kicking it to static IP. Even after that the driver software basically hung up windows at shutdown or reboot.This was for lack of a routine to handle the UserDrivenShutdown() event.
Here here, I replaced a NEC Silentwriter II model 290 with an HP laserjet 4000. As far as Postscript goes your experience is the same as mine: getting postscript future proofed a printer that I purchased in 1994 and retired in 2003. I got my HP on eBay from a guy 10 miles from my house to save on shipping. I added some memory from an old laptop that I had to max it out, and bought a duplexer on eBay for about $50.00. All told it cost me $200.00. It's 2009 and this printer has given me no hassles in 6 years. Even better than the NEC, I can leave this one turned on 24/7 without worrying about my electric bill because it does power save. Any HP 4xxx printer should do the same.
Same here except I run FreeBSD so my USB stick has FFS on it. To solve the UID problem I use NIS/NFS on the machines in my network and syncronize the UID's on my network with the ones on my laptop. So effectively I'm always uid 501/ gid 501. I also keep an 8G stick with FAT32 on it for transfering with other people.
In today's world NIS is obsolete and NFSv3 or earlier has security issues that you can only solve partially and then only with hardware. If I had to do it all over again I'd use NIS/LDAP for UID management and NFSv4 for Unix - Unix file sharing.
I agree with eBay that sellers have too much power in the feedback system but censoring the sellers isn't the right solution. Censoring only the sellers puts too much power in the hands of buyers. Buyers have the upper hand already. I like the idea of blind feedback but I'm not sure it's enough. The system should be able to identify bad transactions. Either player in a bad transaction should be able to request neutral mediation from eBay. A result of last resort in this mediation should be negating the transaction.
The most chilling thing about this solution is that it only provides recourse for sellers when the buyer doesn't pay. From what I see the only time you can prove that a buyer didn't pay is if your sole method of payment is PayPal. So this looks like a way for eBay to lock sellers into using PayPal as their sole method of payment. For buyers this is great but for sellers it sucks.
On malice/stupidity: So say we all. Nowhere on the thread did I see anyone try any standard diagnostic tools (ping, traceroute, etc) on the problem. This could have been anything from a router misconfiguration to a broken peer connection. Nonetheless Time Warner should be careful if they plan on implementing traffic shaping that could actually limit connectivity to something like the iTunes store. From this reaction I would expect quite a few angry customers if they do.
Maintaining the old protocol costs them users. I want to be on the chat server/protocol with all my friends. If AOL is the biggest then that's where I want to be. I imagine that Google talk/xmpp is growing faster than AOL now so it's a logical move.
Hail to AOL for this move. Hopefully I can turn off my xmpp aol transport in a year or so.
It appears that they haven't implemented server-to-server connections yet so that's not the case now. However all they have to do is throw the switch so to speak. It would be a wonderful thing if AIM migrated fully to xmpp.
Actually the machine that this is closest to is the uprated white Macbook which comes with: Core 2 Duo 2.16GHz, 1G of ram a 13.3" 1280x800 screen, 120G drive, an iSight webcam (dunno the megapixels), Bluetooh, 802.11g, and a DVD burner. From Apple new that machine is $1299. For your extra $649.00 you get the privilege of buying and installing more RAM for about $75.00. Giving Apple the benefit of the doubt on the Video means that the MacBook is a little more than Double the price of the Dell. I just bought the Macbook in October. So far it's been good but I completely understand the question of whether the Mac experience is worth a premium of $725.00.
I'm glad I went from Sansa to iPod. For me the big issue was sound quality. You could play the Sansa through a car stereo but the output was always too low forcing me to crank the head unit past it's best quality point. The iPod on the other hand has a line level output which is perfect. And although it's subjective the iPod and iPod+iTunes user interface is great. Adding music is easy. Making playlists is a breeze. Fixing up broken ID3 tags could use some work but is okay. Once you have correct tags Smart Playlists are key. Subscribing to podcasts is drop dead simple. My two downsides to iTunes are: backup and DRM. I solved both by ripping all my music onto a private NAS.
OS X may do less than a Linux Distro, say Ubuntu. But in the set of things that they both do OS X does it so much better that it's worth $129.00. The biggest difference is in configuration. My clients aren't interested the time I spend configuring gstreamer under Ubuntu so I can listen to music while I work. So if I want to listen to music, the fact that just plugging an iPod into the USB port on my Mac Mini causes iTunes to run is worth quite a bit.
What Apple is doing is not price fixing. It's price setting. Price fixing when when two or more suppliers of a commodity agree to the price at which they offer the commodity. Usually the purpose of price fixing is to offer that commodity at a higher price than would occur in a free market. Apple is only one company and it's arguable that the iPhone is not a commodity. Apple can set whatever price they feel the market will bear. If customers don't like the price, they won't buy the phones.
Carping about Apple won't make them change their pricing policies. They have established themselves as innovators through their failures: the Lisa, and the Newton, and their successes: The iPod, the iMac, and probably the iPhone. Their formula is simple: concentrate on quality and ease of use. That innovator status gives them the ability to dictate price to downstream suppliers. I'll grant you that I may have paid Apple more money for my iPod than say Creative Labs or Microsoft. I can assure you that I've paid more money for my Mac Mini and iMac than I would have for an "equivalent" PC. But the measure of "value" is subjective and I consider the extra value from Apple's quality and ease of use to be worth the extra money.
In this case I would guess that the problem is not the price of the phone but instead is the price of providing service to the phone. AT&T wants the phones locked, not Apple. For AT&T, and in fact all cell phone providers, the issue is that they are being undercut by VOIP. VOIP offers similar levels of quality of service for a completely fixed price. The specific problem with the iPhone is Wifi and the ability to add either a SIP client or a Skype client. Using VOIP over Wifi denies a cell phone provider of their second greatest source of revenue: Minutes not covered by plan.
-- Ecks
Slashdot Mirror
I feel like this article was written by someone who hasn't been paying attention to the email landscape for the past twenty years. The checking services that the author lists don't make sure your DNS PTR records are correctly set up. They don't make sure that your server isn't an open relay. And they don't insure that your server is RFC compliant. They run your content through SpamAssassin and invert the score to rate your chances of successfully delivering a marketing message. I also run my own mail server. I'm not doing it to provide you with a medium for your marketing messages. I'm doing it to provide a noise free communications path for my users. I'm probably better than most because if my users complain about losing _any_ messages, I consider that my problem and use appropriate tools to fix it. But email has been under assault for the past twenty years by people who want to sell us things without regard for our interest in buying them. Anyone who expects that landscape to be a green pasture of ease rather than a battleground is sadly out of touch.
I would bet that they use hardly any. Distillation of crude oil into component fuels like gasoline or diesel mainly requires controlled heat. In the best case a refinery would use natural gas or propane heaters to drive crude oil to the liquid-vapor transition temperature of whatever product they want and then use a tall column and a condenser and a condenser to capture their desired output. In the worst case the heater would be powered by the crude oil itself. It's quite likely that they just siphon off some of the diesel, which burns pretty clean, as a fuel for their heat source.
Key to the discussion is the fact that energy comes in two forms: "heat" and "work". Heat is thermal energy. Work is the energy of motion or electricity. In layman's terms we usually don't differentiate between a "motor" and an "engine" but that difference is also very important here. Technically, a "motor" converts work into motion and an "engine" converts heat into work.
In the system that is an electric car powered by a remote power plant:
Thus the overall fuel-to-motion efficiency of an electric motored car is: (59 ~ 62%) * 93% * battery_efficiency. Battery efficiency of Li-Ion batteries is well above 90% if I recall correctly. But assuming the worst, electric cars are at least 49% fuel-to-motion efficient.
In contrast, the fuel-to-motion efficiency of a car powered by an internal combustion engine hovers in the 35% range today due to market constraints on cars.
Note well that this analysis is generous to internal combustion engine automobiles because it does not account for the difference in energy cost for refining crude oil into typical automotive fuels like gasoline or diesel.
Another vote for pfSense on Soekris here. I'll admit that I prefer straight up OpenBSD but for quick and dirty, pfSense is the way to go. Which Soekris is the real question. If you don't mind the spend, the Net6501 is best. It's got well supported gigabit nics so it will handle full speed traffic from Verizon FIOS, Google Fiber, or the top speed of a Docsis 3 modem. Net5501's show up on eBay irregularly in the $150.00 range. It doesn't make sense to buy them new as they are not much cheaper than the big brother Net6501. You can put a multi-port intel Gigabit card in a Net5501 but it will run hot so you probably want to spring for the larger rack mount case or just get the Net6501. Both the 6501 and the 5501 have more grunt than you need for a firewall/VPN box provided that you don't need to run 5 or more concurrent VPN connections terminating on the soekris' CPU. The last advantage of the net5501 is the presence of a USB 2.0 connection on the front panel. The net4801 is actually a workable solution for pfSense as a firewall/VPN termination box. They commonly show up on eBay in the $60 ~ $100 range. I wouldn't bid more than $80.00. If you find that the lack of CPU horsepower is getting in your way, search for a soekris VPN1411 card, again on eBay. These are typically very cheap, $25.00 and do hardware crypto offload, allowing a Net4801 to handle multiple VPN streams if that's your fancy.
Japan needs a Dagen H for electricity. http://en.wikipedia.org/wiki/Dagen_H
Anyone using ssh to it's maximum security potential isn't sending a password across the channel more than once. On new systems I use some variation of the following to push my key onto the remote system.
$ ssh-add
$ ssh -A myUser@remoteSystem "ssh-add -L >> ~/.ssh/authorized_keys; chmod 644 ~/.ssh/authorized_keys"
Anyone using ssh with passwords would do well to read up on public key authentication in ssh.
-- Ecks
All network admins operate in the political domain. Several people here have mentioned that SSH forwarding works in China as I'm sure it does in Iran and Pakistan. Standard SSH on port 22 may just be too useful a tool socially and economically to block. As a consultant I find it rare to visit a shop that blocks SSH anymore even though most of the security admins that I know are well aware that with Putty you can forward any port inside to any port outside as you wish. Of the admins that I meet, most shrug this off as a non-problem saying:I know that users can circumvent any block on my firewall using SSH and port forwarding but the vast majority of my users don't have the arcane knowledge to do that.
We might not be the right people to ask since anyone on Slashdot could find Putty and the right configurations to do this in 15 minutes of searching on Google. And that assumes that the person asking is stuck on MS Windows. In Linux or OS X it's built into the OS.
I'd disagree that SSH is the best way to do this. A VPN is better because using a VPN allows you to hide in a class of users that the attacker wants to court and curry the favor of. The Chinese government wants our business so they must consent to our business people using strong encryption on our communications back home. SSH forwarding is one way to do this but a VPN is a much more common part of corporate IT security policy. If SSH is socio/economically difficult to block, a VPN is even more so.
http://xkcd.com/521/ -- It's in the mouseover.
The Net 55xx boxes are a good choice here so I'll second the recommendation. I've replaced my firewall routers with net 5501 and a net 4801. The 5501 has a $10.00 kit for attaching a SATA drive. My 5501 with Sata consumes 15W continuous.
Furthermore, since most of the methods that people use to discover brute forcing attempts rely on a high rate of attack, these slow attacks are immune. I'm not sure how the oft mentioned denyhosts works but the author of the original article is using FreeBSD and OpenBSD with the pf filewall which can blackhole brute forcers based on rate of attack. Using the pf method with settings aggressive enough to catch the latest round of attacks runs a high risk of blocking valid users. I'm seeing the same issue as the original article's author and I've noticed as he has that my OpenBSD boxes have not been targeted. FreeBSD, NetBSD, Ubuntu and Debian on the other hand.
My suggestion: Use Public Keys as much as possible. Systems allowing only Public Keys are immune to these attacks and you don't get the nasty log messages as well. If you must allow passwords disallow them for root. You can get root access by configuring sudo for users and via Public Keys for scripts.
Not sure I agree on the predatory ink pricing but I solidly see your point if you are looking at their cheapest inkjet printer. For color output I have an HP 2250 that I've been happy with. Ink is $130 for all four cartridges but lasts about 2000 pages. The 2250 was marketed as a SOHO printer when I bought it in the late 1990s (perhaps 1999) I bought the postscript cartridge and maxed the memory later. It's okay but the cost to print is considerably higher than the laser but I expected that when I bought it. My experience with the 2250 led me to convince my father-in-law to buy an HP 7210 all-in-one. This was a solidly bad decision. The ink is expensive, and the networking is completely non-standard. I spent a week chasing network bugs with it before kicking it to static IP. Even after that the driver software basically hung up windows at shutdown or reboot.This was for lack of a routine to handle the UserDrivenShutdown() event.
-- Ecks
Here here, I replaced a NEC Silentwriter II model 290 with an HP laserjet 4000. As far as Postscript goes your experience is the same as mine: getting postscript future proofed a printer that I purchased in 1994 and retired in 2003. I got my HP on eBay from a guy 10 miles from my house to save on shipping. I added some memory from an old laptop that I had to max it out, and bought a duplexer on eBay for about $50.00. All told it cost me $200.00. It's 2009 and this printer has given me no hassles in 6 years. Even better than the NEC, I can leave this one turned on 24/7 without worrying about my electric bill because it does power save. Any HP 4xxx printer should do the same.
-- Ecks
The OP is trying to replace a laser printer. There shouldn't be a reciprocating head, just a rotating mirror and some electronic timers.
-- Ecks
Oh, also, anything that security sensitive on my USB stick is in a separate encrypted file system.
-- Ecks
Same here except I run FreeBSD so my USB stick has FFS on it. To solve the UID problem I use NIS/NFS on the machines in my network and syncronize the UID's on my network with the ones on my laptop. So effectively I'm always uid 501/ gid 501. I also keep an 8G stick with FAT32 on it for transfering with other people.
In today's world NIS is obsolete and NFSv3 or earlier has security issues that you can only solve partially and then only with hardware. If I had to do it all over again I'd use NIS/LDAP for UID management and NFSv4 for Unix - Unix file sharing.
-- Ecks
Does anyone have details on the backhaul? What you are saying certainly explains my "more bars in more places" and still dropped calls experience.
I agree with eBay that sellers have too much power in the feedback system but censoring the sellers isn't the right solution. Censoring only the sellers puts too much power in the hands of buyers. Buyers have the upper hand already. I like the idea of blind feedback but I'm not sure it's enough. The system should be able to identify bad transactions. Either player in a bad transaction should be able to request neutral mediation from eBay. A result of last resort in this mediation should be negating the transaction.
The most chilling thing about this solution is that it only provides recourse for sellers when the buyer doesn't pay. From what I see the only time you can prove that a buyer didn't pay is if your sole method of payment is PayPal. So this looks like a way for eBay to lock sellers into using PayPal as their sole method of payment. For buyers this is great but for sellers it sucks.
-- Ecks
On malice/stupidity: So say we all. Nowhere on the thread did I see anyone try any standard diagnostic tools (ping, traceroute, etc) on the problem. This could have been anything from a router misconfiguration to a broken peer connection. Nonetheless Time Warner should be careful if they plan on implementing traffic shaping that could actually limit connectivity to something like the iTunes store. From this reaction I would expect quite a few angry customers if they do.
-- Ecks
Maintaining the old protocol costs them users. I want to be on the chat server/protocol with all my friends. If AOL is the biggest then that's where I want to be. I imagine that Google talk/xmpp is growing faster than AOL now so it's a logical move.
Hail to AOL for this move. Hopefully I can turn off my xmpp aol transport in a year or so.
-- Ecks
It appears that they haven't implemented server-to-server connections yet so that's not the case now. However all they have to do is throw the switch so to speak. It would be a wonderful thing if AIM migrated fully to xmpp.
-- Ecks
Actually the machine that this is closest to is the uprated white Macbook which comes with: Core 2 Duo 2.16GHz, 1G of ram a 13.3" 1280x800 screen, 120G drive, an iSight webcam (dunno the megapixels), Bluetooh, 802.11g, and a DVD burner. From Apple new that machine is $1299. For your extra $649.00 you get the privilege of buying and installing more RAM for about $75.00. Giving Apple the benefit of the doubt on the Video means that the MacBook is a little more than Double the price of the Dell. I just bought the Macbook in October. So far it's been good but I completely understand the question of whether the Mac experience is worth a premium of $725.00.
I'm glad I went from Sansa to iPod. For me the big issue was sound quality. You could play the Sansa through a car stereo but the output was always too low forcing me to crank the head unit past it's best quality point. The iPod on the other hand has a line level output which is perfect. And although it's subjective the iPod and iPod+iTunes user interface is great. Adding music is easy. Making playlists is a breeze. Fixing up broken ID3 tags could use some work but is okay. Once you have correct tags Smart Playlists are key. Subscribing to podcasts is drop dead simple. My two downsides to iTunes are: backup and DRM. I solved both by ripping all my music onto a private NAS.
-- Ecks
OS X may do less than a Linux Distro, say Ubuntu. But in the set of things that they both do OS X does it so much better that it's worth $129.00. The biggest difference is in configuration. My clients aren't interested the time I spend configuring gstreamer under Ubuntu so I can listen to music while I work. So if I want to listen to music, the fact that just plugging an iPod into the USB port on my Mac Mini causes iTunes to run is worth quite a bit.
-- Ecks
What Apple is doing is not price fixing. It's price setting. Price fixing when when two or more suppliers of a commodity agree to the price at which they offer the commodity. Usually the purpose of price fixing is to offer that commodity at a higher price than would occur in a free market. Apple is only one company and it's arguable that the iPhone is not a commodity. Apple can set whatever price they feel the market will bear. If customers don't like the price, they won't buy the phones.
Carping about Apple won't make them change their pricing policies. They have established themselves as innovators through their failures: the Lisa, and the Newton, and their successes: The iPod, the iMac, and probably the iPhone. Their formula is simple: concentrate on quality and ease of use. That innovator status gives them the ability to dictate price to downstream suppliers. I'll grant you that I may have paid Apple more money for my iPod than say Creative Labs or Microsoft. I can assure you that I've paid more money for my Mac Mini and iMac than I would have for an "equivalent" PC. But the measure of "value" is subjective and I consider the extra value from Apple's quality and ease of use to be worth the extra money.
-- Ecks
In this case I would guess that the problem is not the price of the phone but instead is the price of providing service to the phone. AT&T wants the phones locked, not Apple. For AT&T, and in fact all cell phone providers, the issue is that they are being undercut by VOIP. VOIP offers similar levels of quality of service for a completely fixed price. The specific problem with the iPhone is Wifi and the ability to add either a SIP client or a Skype client. Using VOIP over Wifi denies a cell phone provider of their second greatest source of revenue: Minutes not covered by plan. -- Ecks