Do you realize that every one of the students at a university is a taxpayer, too?
Any usage that does not fit under #1 will be billed at $1.00 per bit. Payable immediately.
I fail to see how this is appropriate, given that most large universities don't pay by the bit. In fact, most after-hours usage imposes almost no cost on the university, as they typically pay according to the 95th-percentile rule and daytime usage is much higher than after-hours usage.
In the end, this comes down to the fact that the university administration wants to control what the students do after class; it really has nothing to do with cost.
I can't understand why your comment is highly rated; every single thing about it is wrong:
the RIAA is completely behind this
No, the RIAA made a proposal to the federal government, which was then mostly adopted. The RIAA has no power on its own to set the royalty rates for the blanket license.
The fee that this new hike collects goes directly to the RIAA and not the performers
No, the fee goes directly to SoundExchange, which then directly pays the copyright owners. The RIAA itself never sees a dime, although the recording labels themselves do.
and not the performers which is what the fee's for terrestrial radio go to
No, the fees that terrestrial radio pays go to the songwriters, not to the performers. There are two kinds of royalties that you can pay: for the musical composition and for the sound recording. AM/FM radio has always paid for the musical compositions, but has always had an exemption from having to pay for the sound recordings. Internet radio, though, has not been granted the same exemption, so they end up paying both royalties.
It's not like they are profiting from playing the songs.
The CRB specifically noted that they don't care what your revenues are -- all they cared about was making sure that the recording artists got "fairly" compensated for the use of their songs. That's why they shifted away from the revenue-based payment model to the performance-based one.
Congress should just exempt them from royalty payments altogether via legislation
I disagree; there is no reason to exempt a certain class of stations from paying for their music. Either you make everyone pay, or (even better) you give everyone an exemption.
You're right: KSL, the NBC affiliate in question, does not carry SNL. I fail to see why it is so shocking, though, given the fact that the local WB affiliate on channel 30 carries it instead. Are your "TV rights" being violated by having to push '30' instead of '5' on the remote?
BYU is a private Mormon university. 99% of the students that attend there are Mormons, all of whom voluntarily choose to go there. Who cares what they block?
You're wrong. The parent poster perhaps used the wrong term -- he should have said "FM stations pay no sound recording royalties" -- but you are incorrect in saying that FM stations pay them.
Over-the-air stations do pay royalties, but only one set of them. They pay for the right to use the musical compositions that they use, but they have been given a free pass on paying for the right to use the actual sound recordings. This isn't a new thing, either -- it's been this way for years and years.
Internet radio, on the other hand, is being forced to pay both sets of royalties. This is a result of legislation from the 90's -- partly the DMCA -- that treats digitally transmitted stations differently from traditional analog stations. The thought was that people could rip perfect copies of songs from an on-line stream, which would impact CD sales, so the on-line stations should be forced to make up the difference to the recording artists.
Of course, this argument is totally bogus, but the point still remains that over-the-air stations do not pay this particular royalty.
Welcome to capitalism, the free-market economy, etc., etc. Capitalism? Perhaps you missed the part about these rates being set by the government, not the "free-market economy".
Today's broadcasters are living on borrowed time. The networks will realize that they can make more money by selling their content to the consumer directly, without the involvement of the local broadcaster middle-man. This will happen over the next 5 years. At some point, they will make the critical decision to start cutting out the broadcasters entirely; you'll know when this happens because that's when they'll start offering new high-quality Internet-only shows that never touch the local affiliates' antennas.
After that, it's all downhill for the broadcasters. They'll get the cheap, low-quality leftovers from the networks, which will drive down their ratings and their revenues. To compensate, the broadcasters will have to make cuts (like the newspapers are now), which will primarily be made in the news and engineering departments. That will compromise the quality of their local news programming, which will drive down ratings even more. Given the large expenses involved in running a TV station, it shouldn't take too long before the majority of the local broadcasters just peter out and die.
Is that the end of the world? Hardly. Internet-based delivery will allow for a huge variety of content suppliers. Sure, NBC/CBS/ABC/Fox will provide their shows, but so will anyone else that can get their hands on a camera. We will move away from the old media mindset where nobody can see your content unless its "carried" by someone -- instead, anyone and everyone can get your content. Localism won't be compromised; rather, it will blossom as everyone that attends a city council meeting will be able to report on it.
when you're seeing traffic increase 10% per day, you need fast solutions now
That's the strange part -- a caching layer is the fast solution. Almost every other thing they did before caching would have taken longer to implement and debug.
What were they thinking?
on
Inside MySpace.com
·
· Score: 4, Informative
I'm a bit surprised that at the sequence of stages that their architecture went through. They bought expensive servers, mega-expensive SAN's, completely changed their platform from ColdFusion to ASP.NET, tried data segmentation...
And then finally implemented a caching layer in front of the databases!
That should have been the very first thing that they tried, as any experienced developer would have known. Instead of buying that SAN for a billion dollars, maybe they should have just invested in some competent employees.
Sure, every web site has to scale to the size of its customer base. However, there are several factors working against the web sites:
Unless the web site is truly and completely multi-national, they will be at a huge disadvantage against a botnet that knows no boundaries. Fox News or CNN, for example, have a user base that is primarily proportional to the U.S. user base, and thus probably won't be prepared for a botnet that is proportional to the entire internet user base (U.S., China, India, Europe, etc...). The BBC, on the other hand, would probably stand a better chance. Unfortunately, most companies on the Internet have traffic that is proportional to their regional user base. Even if a company has a user base that is proportional to the entire internet, they are still at a huge disadvantage when it comes to thenly, and thus are at a natural disadvantage against naturally multi-national botnets.
The incremental cost of a botnet attack is much lower than the incremental cost of defending against the botnet attack. A DDOS SYN attack consumes very few resources on the part of the attacker, while the cost to 'outscale' it is several times larger.
As for not attacking a major corporation, I disagree -- there are groups that are willing to risk FBI involvement if the payoff is large enough. A classic example is organized crime; the mafia has gone up against the Feds for ages. Sometimes they win, sometimes they lose, but they are willing to risk it for a large sum of money. I personally believe that most botnets aren't currently big and professional crime outfits, but that will be the trend for the future.
The incident described in CSO magazine is the exception that proves the rule. How did the online casino "defeat" the botnet attack? By spending a million dollars on bandwidth and equipment; they outscaled the attack. That sort of approach may (or may not) work for companies with millions of dollars in web revenue, but it is simply not a feasible way for most online entities to deal with an attack. There are hundreds of thousands of online businesses that, if faced by even a small botnet attack, would have to either pay the exortion money or go out of business.
The outscaling approach is doomed to failure, too. Botnets will increase in size faster than server hardware will improve. It's like throwing an O(n) algorithm against an O(log n) algorithm -- the O(n) may win a few battles early on, but past a certain point the O(log n) algorithm will win every time. Given a large enough botnet, even Google or Yahoo or Microsoft could be taken down.
The only thing I don't see is talking about knowing where the machines are in the real world, which would be very helpful, and that may be coming later.
I would be curious to see if they could automatically tell you where you are, using only the vibration data from your hard drive. Given a month or so of data, they might be able to correlate major events in your data set with major events in other data sets from known locations, thus allowing them to derive your geographic location.
Linux has had TCP window scaling for a long time. The recent "bugginess" with it came from a change to its default settings that caused issues with a non-compliant device on the Internet. Read about it at KernelTrap.
Posting facts about a movie is also considered fair use.
I don't believe that is exactly true. Facts cannot be covered by copyright, only expression can. Thus, you can post facts about a movie because of a lack of copyright on the facts, not because it is a "fair use" of the copyright on the facts.
he would never have promised you that MD5, or any hash function, is secure ten years from now... So what's your point, and why is this modded interesting?
You're missing the point. MD5 is an example of the larger issue, which is liability of a security consultant for recommending potentially insecure algorithms. Most security consultants simply recommend things that are considered "best practice", regardless of whether or not those things are provably secure or not. Should they be held responsible if flaws are later found in those "best practices"?
calling Schneier self-proclaimed makes you look a little uninformed
If you read my original phrasing, I said "self-proclaimed experts, like Bruce Schneider". It was not meant to cast aspersions on Mr. Schneier, but rather to include every person out there that claims to be a security expert without making a judgement call on their actual qualifications. It was thus meant to be inclusive of all people that claim to know security issues well, not insulting.
Actually, it would dramatically reduce both the supply of programming jobs as well as the demand for those jobs. Thousands of small software development companies would go out of business, due to the extreme costs associated with the new testing requirements, thus eliminating those jobs. The large firms would stay in business, but they couldn't afford to hire tons of new programmers because the cost of software development would increase by ten-fold. Plus, because of the liability issues, companies would begin to require that all of their programmers go through an extensive licensing process, similar to engineers, which would create an immense barrier-to-entry for new computer programmers, thus reducing the supply of programmers.
In the end, the entire software industry would contract to a hundredth of the size it is now.
Should self-proclaimed security experts, like Bruce Schneider, be liable for bad security advice?
That is, if Mr. Schneider tells people that a certain thing is secure, and then it turns out to not be secure, should he be liable for it? For example, if he had told me to use MD5 ten years ago, could I sue him now that MD5 has been discovered to be "insecure"?
This story is really kind of dumb. Here are some reasons why:
1) The line speed (3 Mbps, 1.5 Mbps, etc...) is your speed to your ISP's router. The line ALWAYS runs at that speed, so the cable/phone company really is giving you what you paid for.
2) Your download speed partially depend on how many errors you are seeing on the line. If your wiring is just a bit faulty then you will see lots of errors on the line and your speeds on downloads via FTP or HTTP will suffer greatly (due to TCP's slow start procedure). The cable/phone company obviously only has limited control over this.
3) Your download speed partially depends on the latency of your connection. Cable's latency can fluctuate, depending on how congested the local network is, and DSL's latency can be rather high due to error-correcting methods that some providers use. The higher your latency, the longer it takes for TCP to ramp up to full speed. It is especially relevant when you combine high latency with lots of dropped/error-laden packets.
4) Your download speed partially depends on the quality of your ISP's backbone and their internet connections. This is probably a bigger worry for DSL customers that use a smaller ISP. High-speed interfaces are pretty cheap, though, and you can get decent non-Cisco gear for relatively cheap, so the backbone issue probably isn't a huge concern. More important is your ISP's internet connectivity; if their upstream providers are small tier-2 or tier-3 providers, then you'll probably see more latencies/losses than you would if they have a few tier-1 providers.
5) Finally, your speeds are very dependant on the server from which you're downloading. If they have a lossy-connection, a high-latency connection, or poor internet connectivity, then you'll be limited by their infrastructure and not your own.
The reality is that it can be very difficult to point the finger at someone for causing your slow download speeds. Don't assume that your ISP sucks because you can't download movies at 3 Mbps; there are a ton of complicated factors involved.
What makes everyone think that the NSA is stupid enough to limit their search to that specific pattern... Logically, it seems you can assume they've thought of all these issues, right?
No, you cannot assume that. I've stoped assuming anything about the intelligence community after the massive intelligence failures surrounding 9/11 and the supposed Iraqi WMD program.
if they're doing such a lousy job, don't you find it curious that there has NOT been another successful attack in four and a half years, despite repeated hate-filled threats from Bin Laden and others like him?
I hate to burst your bubble, but the apparent lack of response from Bin Laden is not proof that the government is doing a wonderful job. It can take several years to set up and execute a terrorist attack, especially one on the same scale as 9/11, so I wouldn't be so hasty as to assume that the government has been very successful. It simply is too early to know.
Either we're just lucky, or DHS has something going right.
I would venture a guess that it is both -- we've been lucky AND the DHS has been doing some things right. The real question at hand is whether one specific thing, the NSA's massive data mining operation, is one of those "right" things. Data mining is notorious for having tons of false positives, and this program is no exception. Thus the argument that this program, other than being ripe for abuses, is very inefficient and may be diverting precious resources towards wild goose chases. You mentioned how "Aunt Zelda's goiter surgery phone calls" haven't been pegged by the NSA; the NY Times article I referenced flatly contradicts that.
In any event, the way it's happening in your traceroute isn't the optimal way, and it's not how all networks are run.
It is the optimal way when the two endpoints are an AT&T transit customer and a Level3 transit customer.
Now, the question is this: Why did AT&T hand it off to L3? That's a mystery.
No, it really isn't a mystery. Level3 obviously has some sort of connection to AT&T (probably a peering arrangement), and Level3 is advertising to AT&T that they have a route to Google. AT&T customers see this advertisement and simply follow the breadcrumbs home to Google. Level3 isn't some sort of unwitting accomplice here; they are actively telling other networks that Google is reachable through Level3.
Just why L3 and AT&T are doing things that way is unknown to me, but that's not how cluefull networks typically operate.
I just about coughed up milk through my nose when I read this...
If two of the major tier-1 backbone providers aren't "cluefull", then just who is? I would guess that Level3 has one of the top ten highest-quality backbones in the world, with AT&T perhaps being in the top 5. Accusing them of not understanding how to correctly operate a network is really quite laughable.
Perhaps you should just accept the simplest (and most common) explanation: Google pays Level3 for transit. It makes sense if you think about it, too. Most of the major carriers (AT&T, Sprint, Level3, Qwest, etc...) have a list of very stringent requirements for peers, including a certain ratio of sent to received bits. I doubt that Google has a nice balance of inbound and outbound traffic, as they are primarily a content-provider network. This would make them ineligible for most major peering situations, thus requiring them to buy a lot of transit.
Just because Google receives the packet doesn't mean that they've paid, I can't imagine that they don't have a peering arrangement with L3.
You apparently either don't understand my example or don't understand the difference between peering and transit.
And yes, L3 will happily hand any packets destined for Google off to Google for free.
No, they will not. Under a normal settlement-free peering (SFP) arrangement, Level3 would happily hand of packets destined for Google if those packets originated from a Level3 customer. That is the whole point of SFP; you can reach your peer's network, but not other networks via the peer. In my case, the packets originated from an AT&T customer. Because Google doesn't appear to connect to AT&T directly, they must pay another provider that is connected to AT&T to provide transit for those packets, which would be Level3 in this case.
In addition, it seems that the larger carriers don't like people trying to get free peering and paid transit at the same time; they figure that you are either a customer or a peer, but not both. Thus, I kind of doubt that Level3 peers with Google, as Level3 obviously provides transit services to Google.
A lot of DSL ISPs already do this. My ISP, for example, provides DSL accounts with a cap of 100 GB per month. Cable companies, on the other hand, seem to love the concept of not being entirely open about what their caps are. If you want transfer caps, feel free to sign up for DSL.
If we get up to 10mbps as the standard rate, and they keep 40mbps for themselves, is that 10mbps any slower?
Perhaps you don't understand the QoS concepts that have been bandied about. That 10 Mbps connection that you might have is guaranteed only to your first hop; once your traffic gets onto the provider's network, it has to compete with everyone else's traffic. Thus, you don't have a 10 Mbps connection from you to Google; you only have a 10 Mbps connection to your provider's router. Once your traffic hits Verizon's backbone, it will be delayed or dropped depending on who the destination is (Google, Microsoft, Vonage, etc..), which will result in large and unpredictable packet delay and loss. This will wreak havoc on your connection to those companies that don't pay for "premium" service, making them fluctuate between fast and slow in a seemingly random fashion and even cause the occasional complete inability to reach those companies.
If you still aren't convinced, then just ask yourself this question: would it make any business sense for Verizon to introduce QoS and then have it not really affect users of non-premium services? The whole point is to put pressure on Internet companies to buy premium connections, which will only happen if they get complaints from users about slow connections to their web sites. If Verizon/SBC/etc... put in QoS, you WILL feel it because that's how the telecoms will make money.
Slashdot Mirror
Do you realize that every one of the students at a university is a taxpayer, too?
I fail to see how this is appropriate, given that most large universities don't pay by the bit. In fact, most after-hours usage imposes almost no cost on the university, as they typically pay according to the 95th-percentile rule and daytime usage is much higher than after-hours usage.
In the end, this comes down to the fact that the university administration wants to control what the students do after class; it really has nothing to do with cost.
Should the IRS assess your taxes based on actual or potential income?
Perhaps you should read the actual ruling from the CRB; ClearChannel and other major broadcasters fiercely argued against the RIAA on this one.
I can't understand why your comment is highly rated; every single thing about it is wrong:
No, the RIAA made a proposal to the federal government, which was then mostly adopted. The RIAA has no power on its own to set the royalty rates for the blanket license.
No, the fee goes directly to SoundExchange, which then directly pays the copyright owners. The RIAA itself never sees a dime, although the recording labels themselves do.
No, the fees that terrestrial radio pays go to the songwriters, not to the performers. There are two kinds of royalties that you can pay: for the musical composition and for the sound recording. AM/FM radio has always paid for the musical compositions, but has always had an exemption from having to pay for the sound recordings. Internet radio, though, has not been granted the same exemption, so they end up paying both royalties.
The CRB specifically noted that they don't care what your revenues are -- all they cared about was making sure that the recording artists got "fairly" compensated for the use of their songs. That's why they shifted away from the revenue-based payment model to the performance-based one.
I disagree; there is no reason to exempt a certain class of stations from paying for their music. Either you make everyone pay, or (even better) you give everyone an exemption.
You're right: KSL, the NBC affiliate in question, does not carry SNL. I fail to see why it is so shocking, though, given the fact that the local WB affiliate on channel 30 carries it instead. Are your "TV rights" being violated by having to push '30' instead of '5' on the remote?
BYU is a private Mormon university. 99% of the students that attend there are Mormons, all of whom voluntarily choose to go there. Who cares what they block?
You're wrong. The parent poster perhaps used the wrong term -- he should have said "FM stations pay no sound recording royalties" -- but you are incorrect in saying that FM stations pay them.
Over-the-air stations do pay royalties, but only one set of them. They pay for the right to use the musical compositions that they use, but they have been given a free pass on paying for the right to use the actual sound recordings. This isn't a new thing, either -- it's been this way for years and years.
Internet radio, on the other hand, is being forced to pay both sets of royalties. This is a result of legislation from the 90's -- partly the DMCA -- that treats digitally transmitted stations differently from traditional analog stations. The thought was that people could rip perfect copies of songs from an on-line stream, which would impact CD sales, so the on-line stations should be forced to make up the difference to the recording artists.
Of course, this argument is totally bogus, but the point still remains that over-the-air stations do not pay this particular royalty.
After that, it's all downhill for the broadcasters. They'll get the cheap, low-quality leftovers from the networks, which will drive down their ratings and their revenues. To compensate, the broadcasters will have to make cuts (like the newspapers are now), which will primarily be made in the news and engineering departments. That will compromise the quality of their local news programming, which will drive down ratings even more. Given the large expenses involved in running a TV station, it shouldn't take too long before the majority of the local broadcasters just peter out and die.
Is that the end of the world? Hardly. Internet-based delivery will allow for a huge variety of content suppliers. Sure, NBC/CBS/ABC/Fox will provide their shows, but so will anyone else that can get their hands on a camera. We will move away from the old media mindset where nobody can see your content unless its "carried" by someone -- instead, anyone and everyone can get your content. Localism won't be compromised; rather, it will blossom as everyone that attends a city council meeting will be able to report on it.
That's the strange part -- a caching layer is the fast solution. Almost every other thing they did before caching would have taken longer to implement and debug.
I'm a bit surprised that at the sequence of stages that their architecture went through. They bought expensive servers, mega-expensive SAN's, completely changed their platform from ColdFusion to ASP.NET, tried data segmentation...
And then finally implemented a caching layer in front of the databases!
That should have been the very first thing that they tried, as any experienced developer would have known. Instead of buying that SAN for a billion dollars, maybe they should have just invested in some competent employees.
Sure, every web site has to scale to the size of its customer base. However, there are several factors working against the web sites:
As for not attacking a major corporation, I disagree -- there are groups that are willing to risk FBI involvement if the payoff is large enough. A classic example is organized crime; the mafia has gone up against the Feds for ages. Sometimes they win, sometimes they lose, but they are willing to risk it for a large sum of money. I personally believe that most botnets aren't currently big and professional crime outfits, but that will be the trend for the future.
The incident described in CSO magazine is the exception that proves the rule. How did the online casino "defeat" the botnet attack? By spending a million dollars on bandwidth and equipment; they outscaled the attack. That sort of approach may (or may not) work for companies with millions of dollars in web revenue, but it is simply not a feasible way for most online entities to deal with an attack. There are hundreds of thousands of online businesses that, if faced by even a small botnet attack, would have to either pay the exortion money or go out of business.
The outscaling approach is doomed to failure, too. Botnets will increase in size faster than server hardware will improve. It's like throwing an O(n) algorithm against an O(log n) algorithm -- the O(n) may win a few battles early on, but past a certain point the O(log n) algorithm will win every time. Given a large enough botnet, even Google or Yahoo or Microsoft could be taken down.
I would be curious to see if they could automatically tell you where you are, using only the vibration data from your hard drive. Given a month or so of data, they might be able to correlate major events in your data set with major events in other data sets from known locations, thus allowing them to derive your geographic location.
Linux has had TCP window scaling for a long time. The recent "bugginess" with it came from a change to its default settings that caused issues with a non-compliant device on the Internet. Read about it at KernelTrap.
You're missing the point. MD5 is an example of the larger issue, which is liability of a security consultant for recommending potentially insecure algorithms. Most security consultants simply recommend things that are considered "best practice", regardless of whether or not those things are provably secure or not. Should they be held responsible if flaws are later found in those "best practices"?
If you read my original phrasing, I said "self-proclaimed experts, like Bruce Schneider". It was not meant to cast aspersions on Mr. Schneier, but rather to include every person out there that claims to be a security expert without making a judgement call on their actual qualifications. It was thus meant to be inclusive of all people that claim to know security issues well, not insulting.
As for the name misspelling, culpa mea.
Wow... that's some serious vitriol. Sean Hannity, is that you?
Actually, it would dramatically reduce both the supply of programming jobs as well as the demand for those jobs. Thousands of small software development companies would go out of business, due to the extreme costs associated with the new testing requirements, thus eliminating those jobs. The large firms would stay in business, but they couldn't afford to hire tons of new programmers because the cost of software development would increase by ten-fold. Plus, because of the liability issues, companies would begin to require that all of their programmers go through an extensive licensing process, similar to engineers, which would create an immense barrier-to-entry for new computer programmers, thus reducing the supply of programmers.
In the end, the entire software industry would contract to a hundredth of the size it is now.
Should self-proclaimed security experts, like Bruce Schneider, be liable for bad security advice?
That is, if Mr. Schneider tells people that a certain thing is secure, and then it turns out to not be secure, should he be liable for it? For example, if he had told me to use MD5 ten years ago, could I sue him now that MD5 has been discovered to be "insecure"?
1) The line speed (3 Mbps, 1.5 Mbps, etc...) is your speed to your ISP's router. The line ALWAYS runs at that speed, so the cable/phone company really is giving you what you paid for.
2) Your download speed partially depend on how many errors you are seeing on the line. If your wiring is just a bit faulty then you will see lots of errors on the line and your speeds on downloads via FTP or HTTP will suffer greatly (due to TCP's slow start procedure). The cable/phone company obviously only has limited control over this.
3) Your download speed partially depends on the latency of your connection. Cable's latency can fluctuate, depending on how congested the local network is, and DSL's latency can be rather high due to error-correcting methods that some providers use. The higher your latency, the longer it takes for TCP to ramp up to full speed. It is especially relevant when you combine high latency with lots of dropped/error-laden packets.
4) Your download speed partially depends on the quality of your ISP's backbone and their internet connections. This is probably a bigger worry for DSL customers that use a smaller ISP. High-speed interfaces are pretty cheap, though, and you can get decent non-Cisco gear for relatively cheap, so the backbone issue probably isn't a huge concern. More important is your ISP's internet connectivity; if their upstream providers are small tier-2 or tier-3 providers, then you'll probably see more latencies/losses than you would if they have a few tier-1 providers.
5) Finally, your speeds are very dependant on the server from which you're downloading. If they have a lossy-connection, a high-latency connection, or poor internet connectivity, then you'll be limited by their infrastructure and not your own.
The reality is that it can be very difficult to point the finger at someone for causing your slow download speeds. Don't assume that your ISP sucks because you can't download movies at 3 Mbps; there are a ton of complicated factors involved.
No, you cannot assume that. I've stoped assuming anything about the intelligence community after the massive intelligence failures surrounding 9/11 and the supposed Iraqi WMD program.
I hate to burst your bubble, but the apparent lack of response from Bin Laden is not proof that the government is doing a wonderful job. It can take several years to set up and execute a terrorist attack, especially one on the same scale as 9/11, so I wouldn't be so hasty as to assume that the government has been very successful. It simply is too early to know.
I would venture a guess that it is both -- we've been lucky AND the DHS has been doing some things right. The real question at hand is whether one specific thing, the NSA's massive data mining operation, is one of those "right" things. Data mining is notorious for having tons of false positives, and this program is no exception. Thus the argument that this program, other than being ripe for abuses, is very inefficient and may be diverting precious resources towards wild goose chases. You mentioned how "Aunt Zelda's goiter surgery phone calls" haven't been pegged by the NSA; the NY Times article I referenced flatly contradicts that.
It is the optimal way when the two endpoints are an AT&T transit customer and a Level3 transit customer.
No, it really isn't a mystery. Level3 obviously has some sort of connection to AT&T (probably a peering arrangement), and Level3 is advertising to AT&T that they have a route to Google. AT&T customers see this advertisement and simply follow the breadcrumbs home to Google. Level3 isn't some sort of unwitting accomplice here; they are actively telling other networks that Google is reachable through Level3.
I just about coughed up milk through my nose when I read this...
If two of the major tier-1 backbone providers aren't "cluefull", then just who is? I would guess that Level3 has one of the top ten highest-quality backbones in the world, with AT&T perhaps being in the top 5. Accusing them of not understanding how to correctly operate a network is really quite laughable.
Perhaps you should just accept the simplest (and most common) explanation: Google pays Level3 for transit. It makes sense if you think about it, too. Most of the major carriers (AT&T, Sprint, Level3, Qwest, etc...) have a list of very stringent requirements for peers, including a certain ratio of sent to received bits. I doubt that Google has a nice balance of inbound and outbound traffic, as they are primarily a content-provider network. This would make them ineligible for most major peering situations, thus requiring them to buy a lot of transit.
You apparently either don't understand my example or don't understand the difference between peering and transit.
And yes, L3 will happily hand any packets destined for Google off to Google for free.
No, they will not. Under a normal settlement-free peering (SFP) arrangement, Level3 would happily hand of packets destined for Google if those packets originated from a Level3 customer. That is the whole point of SFP; you can reach your peer's network, but not other networks via the peer. In my case, the packets originated from an AT&T customer. Because Google doesn't appear to connect to AT&T directly, they must pay another provider that is connected to AT&T to provide transit for those packets, which would be Level3 in this case.
In addition, it seems that the larger carriers don't like people trying to get free peering and paid transit at the same time; they figure that you are either a customer or a peer, but not both. Thus, I kind of doubt that Level3 peers with Google, as Level3 obviously provides transit services to Google.
What we need is metered bandwidth.
A lot of DSL ISPs already do this. My ISP, for example, provides DSL accounts with a cap of 100 GB per month. Cable companies, on the other hand, seem to love the concept of not being entirely open about what their caps are. If you want transfer caps, feel free to sign up for DSL.
If we get up to 10mbps as the standard rate, and they keep 40mbps for themselves, is that 10mbps any slower?
Perhaps you don't understand the QoS concepts that have been bandied about. That 10 Mbps connection that you might have is guaranteed only to your first hop; once your traffic gets onto the provider's network, it has to compete with everyone else's traffic. Thus, you don't have a 10 Mbps connection from you to Google; you only have a 10 Mbps connection to your provider's router. Once your traffic hits Verizon's backbone, it will be delayed or dropped depending on who the destination is (Google, Microsoft, Vonage, etc..), which will result in large and unpredictable packet delay and loss. This will wreak havoc on your connection to those companies that don't pay for "premium" service, making them fluctuate between fast and slow in a seemingly random fashion and even cause the occasional complete inability to reach those companies.
If you still aren't convinced, then just ask yourself this question: would it make any business sense for Verizon to introduce QoS and then have it not really affect users of non-premium services? The whole point is to put pressure on Internet companies to buy premium connections, which will only happen if they get complaints from users about slow connections to their web sites. If Verizon/SBC/etc... put in QoS, you WILL feel it because that's how the telecoms will make money.