Wholesale internet access costs less than $4/month at the quantities AOL uses. AOL still is able to get $23.90 a month from a whole lot of people who believe their brand and content add extra value. The average $ per subscriber is $18.81 ("Bring your own access" subscribers pay less and some % of new and people who tried to cancel are paying nothing)
From the latest Edgar 10Q filing: http://www.sec.gov/Archives/edgar/data/11 05705/000 095014404010346/g91243e10vq.htm
AOL reported total revenues of $6.509 billion (21% of the Company's overall revenues), $1.439 billion in Operating Income before Depreciation and Amortization and $814 million in Operating Income for the nine months ended September 30, 2004. AOL generates its revenues primarily from subscription fees charged to subscribers and advertising services rendered.
Other tidbits: - AOL made $188 million from selling Google Stock... it still holds about 5 million shares that it can't currently sell (worth $659 million) - AOL was awarded $760 million from the settlement with Microsoft over Netscape, which AOL acquired in an all-stock deal in 1999.
A visitor who hits the "Sorry, you need to register to read this item" and doesn't register would still be counted as a visitor.
Since Drudge fairly regularly posts links to the Washingont Post, it may have just reflected which day they counted.
Drudge shows 8 to 10 million views a day, but that needs to be tempered because auto-refresh forces a reload every few minutes to pick up the flashing red light when a big story breaks.
Having advertised there for a brief period, my logs make it clear that many people in govt and media locations leave their computer on Drudge 24x7, so CPM ads are being counted on computers where nobody is home or is across the news room. He has also gone to flash-only ads since it is so easy to block regular ads and popups in Firefox.
The Blogosphere and more outlets that will email you breaking news is replacing his importance for knowing about breaking news. Drudge is going to jump the shark in 2005.
Assuming this was a serious question, Pathfinder was a flashy news and entertainment portal back in the very early days of the ocmmerical internet (1996ish)... it was how Time Warner thought they would capture eyeballs in this new Internet thingy. It failed miserably and folded very quickly.
The residue is still there at pathfinder.com, but the page is nothing more than a menu to the other Time Warner web sites.
When I need to find something in the web logs, I just grep them remotely. When the search is conducted on the box having the data, it isn't necessary to duplicate the traffic by transferring the log file to find what you're looking for.
There are high capactiy passive logging devices out there for IP switches that can log everything passing through them. While intrusion detection might not pick up on stuff real time because the pattern is not known to be unusual, forensic analysis after the fact could still be quite useful.
A server that does a high percentage of its traffic on non-standard ports and using encryption would be more likely to become one that is monitored - if not for the content, then for the amount of traffic and the pattern of where the connections and traffic originate. At least that's what makes sense to me. One military doctrine says the best way to hide something is to put it right out in the open.
Since TCP/IP can dynamiclly route, not every packet necessarily goes over the same path, so the closer the passive tap is to the sender or receiver, the more likely it will capture everything relevant in the same log.
In the US, when the internet was opened up for commercial use, 5 NAPs (Network Access Points) were established as the major peering locations for all of the backbones... on the surface, that seems to contradict the object of the internet, which was to be decentralized so that no single attack, even if it was large in scale, would cause the internet to fail. Having 5 choke points seemed to contradict that objective - on the other hand, it makes monitoring a lot more simple.
Social engineering - people tend to use the same email ID for multiple email accounts... just as they ignore basic security procedures and use the same password on every account...
All the spammers do is to use the email ID from known valid targets and append major freemail domains... so if [mysupersekritid]@myispname.com gets on a spam list, they try [mysupersekritid]@aol.com, @hotmail.com, @msn.com, etc... and now @gmail.com
So they probably aren't random dictionary attacks at all - the article did pick up on the connection, but didn't see the obvious conclusion.
Understanding the humor, once someone starts reprogramming the embedded code and leaving instructions in public view - it would have been trivial to change the code to engage the spoke lock without user input at some arbitrary point in the future, which would surely cause injury to the rider.
Somehow I doubt the bikes will return after their Winter Servicing... or if they do, they will have new (and more expensive) security measures.
I'm glad you pointed this out - any idea how an ISP with 5000 customers wound up with 2.8 million email addresses on that spammer's CD? That's about 500 email accounts per customer... Dictionay attack? Planted by a competitor? Randomly generated by the spammer?
Surely the claim isn't that every -attempt- to deliver an email to a non-existent email address was a $10 issue, is it? Or were they all accepted with a default account for the domain?
I think it unlikely that any of these folks are going to show up and ask for a modification of the judgment based on the fact that there was no actual valid recipient for the spam email. If they do show up, you stand to have a big inheritance.
Now if they would just put cameras (or GPS) in the delivery vehicles and see their staff spending hours killing time waiting until it is late enough to go back and return the truck. (except of course for about 2 weeks a year)
That's the way it works on Overture, but not on Google. Top ranking on Google is not based on maximum bid - it is based on a formula that includes clickthrough rates.... my guess is it is just as simple as $ per 1000 views, with adjustements based on which position the ad is displayed in.
Overture's model is not particualarly clever, as it encourages people to write ad text that will not be clicked. That's a good way to build up brand recognition without incurring costs.
Google also will drop ads if they fall below a certain click rate regardless of the bid amount, indicating to Google that the ad isn't relevent to the search term.
This may seem unrelated, but the Illinois Thruway system annoucned that as of Jan 1st, people who don't have the I-Pass transponder in their car will have to pay twice the fee of those paying cash... (why stop at 2x?)... Just like the frequent shopper cards at grocery stores, look forward to being coerced into giving up your privacy. No reason the GPS transponder can't be combined with a wireless phone and provide remote access and control of your car... Oops, I think that may already exist - it is called Onstar.
Most "cheap" dialup ISPs (sub $10/month) use one of several wholesalers (GlobalPops, DialupUSA, cisp.cc, Ikano), all of which have very thorough nationwide coverage. AOL and Earthlink used to have a few pockets where they had close to exclusive access because Sprint was the local phone company, but Sprint recently announced they are bailing from the dialup wholesale internet business.
AOL, Earthlink, United Onlinie (Juno/Netzero/Bluelight) and MSN all make extensive use of Level(3) as their CLEC dialup partner, which is also used by the "cheap" ISPs - their phone calls all terminate on the same equipment, and at least on the access part, there is no functional difference among them.
In addition, the cheap ISPs also carry extra networks like Megapop, uu.net (worldcom), ICG (now owned by Level(3)), and Pacwest or O1 in California, Paetec in the NorthEast US and others.
If you want to see this in painful detail, go to http://www.findanisp.com/ - go to a city of your choosing, and select the "Complete POP list" - you'll see more information there about the dialup business in your city than you ever wanted to know.
AOL has "Bring your own access" customers that access AOL's "content" through another ISP (including broadband). They also have "AOL Broadband" customers that are basically joint marketing deals bundling AOL "content" with DSL. AOL calls those subscribers, even if they don't meet your narrow definition. (BTW, AOL just announced they are walking away from DSL customers in BellSouth states, and will soon do so in the rest of the country)
Gee, wouldn't that more effective if they redirected to Lycos itself, and perhaps loaded the query string with a really resource intensive query? Targeting makelovenotspam.com is attacking the red cape instead of the matador.
Re:There's a preventive vaccine already
on
HIV Vaccine
·
· Score: 1
HIV infection rates are quite low in most Islamic countries. Perhaps self control is possible and has long term evolutionary survival value. Who could have seen that coming?
Most AOL users interact with the Internet from behind AOL's proxy servers, and their IP address gives no indication of what State they are a resident of. In fact, AOL users in Europe appear to be located in the US, as the traffic is proxied through AOL's computer center in Virginia.
I guess in order to enforce this, now the government will need a big database matching email addresses to mailing addresses.
Hey, if a state can claim jurisdiction over email delivery, why not a city?
If a city can claim jurisdiction over email and its content, can a ordinance in Berkeley making it a criminal offense to engage in hate speech in email (between consenting adults) be far off?
In general, it is the computer -sending- the traffic that pays for the bandwidth.... on top of the other reasons why this is a bad idea, it will take about 3 seconds to circumvent.
Spamvertised web sites almost always contain a tracking ID that identifies the recipient or the "campaign" of the mailing...
So if the HTTP GET request doesn't contain a valid request string, you simply send no response...
if (!$IDSTRING)
exit;
Admittedly, it takes some bandwidth to do the SYN handshake - but if Lycos is telling the truth that they'll monitor the responses so they aren't found legally responsible for a DoS attack, if the server always returns a null response, they -must- stop the attack, since they have no way to measure its effectiveness.
Once Microsoft has identified a "Source" of pirated Windows, wouldn't you expect that Microsoft would demand a customer list? Or get banking records to see who paid for that PC by check or credit card? Or at a minimum obtain the CD Keys used by the source, and disable all of the copies?
If you come clean yourself, it's likely you'll get better treatment than if they catch up with you. At least that's what MS would like you to think.
There is a real risk that people could start thinking that the people advocating the FireFox browser are the same group of people creating MSIE exploits. That would not be a good thing. Cheer at your own peril.
Re:SBC is just "protecting" their outdated network
on
SBC's VoIP End Run
·
· Score: 1
Qwest has a very significant relationship with KMC telecom, a CLEC that provides local and long distance service outside of Qwest's own legacy RBOC territory, as well as owning its own fiber network run along railroad rights of way.
This is basically the second chapter in "reciprocal compensation", a major screwup by the ILECs following the telecom reform act of 1996. The ILECs (like SBC) set the call termination charges as high as state regulators would allow - but didn't see that ISPs would use CLECs for access points. Suddenly, the cash flow which the ILECs assumed would flow towards them and put the CLECs out of business in a year was causing the ILEC to have to write checks to the CLECs - because each minute that an SBC customer was online dialing into the ISP (which in some cases was actually owned by the CLEC), SBC had to pay the CLEC the inflated local termination charge they had demanded from the CLEC... payback is great thing...
The trend lately has been in order to make this issue go away for the states to order each company to pay the expenses of their own customers, and nobody pays anyone for terminating the calls. Apparently Qwest sees that as a good thing, and the FCC is generally on that side also. All of this is the legacy of AT&T in the Ma Bell days using long distance revenues to subsidize local service, since it was easier to make money on LD than to get 50 state regulators to raise local monthly rates on poor people and senior citizens.
1) When you cut down the trees, trap the carbon in a form that will keep the Carbon from becoming CO2 - make lumber, build houses, build wood flooring - don't burn the wood for heat.
2) Old trees absorb less CO2 than younger fast growing trees. Cut down old forests, make lots of lumber and picnic benches, and plant new trees. Kill the deer so they don't eat the young seedlings.
3) Keeping the forests younger and healthy and with managed harvesting will reduce forest fires, which release huge amounts of CO2.
I know that was meant in jest, but the reality is that the foundation is already being laid by the EU socialists to call the countries that do not adopt Kyoto (ie the US) "Environmental Terrorists" posing an "Imminent Threat" to civilization.
That of course could form the legal basis for a "preemptive invasion" to implement "Regime Change".
Slashdot Mirror
Wholesale internet access costs less than $4/month at the quantities AOL uses. AOL still is able to get $23.90 a month from a whole lot of people who believe their brand and content add extra value. The average $ per subscriber is $18.81 ("Bring your own access" subscribers pay less and some % of new and people who tried to cancel are paying nothing)
1 05705/000 095014404010346/g91243e10vq.htm
From the latest Edgar 10Q filing:
http://www.sec.gov/Archives/edgar/data/1
AOL reported total revenues of $6.509 billion (21% of the Company's overall revenues), $1.439 billion in Operating Income before Depreciation and Amortization and $814 million in Operating Income for the nine months ended September 30, 2004. AOL generates its revenues primarily from subscription fees charged to subscribers and advertising services rendered.
Other tidbits:
- AOL made $188 million from selling Google Stock... it still holds about 5 million shares that it can't currently sell (worth $659 million)
- AOL was awarded $760 million from the settlement with Microsoft over Netscape, which AOL acquired in an all-stock deal in 1999.
Plus advertising and Google Adwords revenue...
Loss Leader?
The face on mars stuck out its tongue and cleaned the solar panels.
Or maybe it rained in the Arizona desert unexpectedly.
A visitor who hits the "Sorry, you need to register to read this item" and doesn't register would still be counted as a visitor.
Since Drudge fairly regularly posts links to the Washingont Post, it may have just reflected which day they counted.
Drudge shows 8 to 10 million views a day, but that needs to be tempered because auto-refresh forces a reload every few minutes to pick up the flashing red light when a big story breaks.
Having advertised there for a brief period, my logs make it clear that many people in govt and media locations leave their computer on Drudge 24x7, so CPM ads are being counted on computers where nobody is home or is across the news room. He has also gone to flash-only ads since it is so easy to block regular ads and popups in Firefox.
The Blogosphere and more outlets that will email you breaking news is replacing his importance for knowing about breaking news. Drudge is going to jump the shark in 2005.
Assuming this was a serious question, Pathfinder was a flashy news and entertainment portal back in the very early days of the ocmmerical internet (1996ish)... it was how Time Warner thought they would capture eyeballs in this new Internet thingy. It failed miserably and folded very quickly.
The residue is still there at pathfinder.com, but the page is nothing more than a menu to the other Time Warner web sites.
When I need to find something in the web logs, I just grep them remotely. When the search is conducted on the box having the data, it isn't necessary to duplicate the traffic by transferring the log file to find what you're looking for.
There are high capactiy passive logging devices out there for IP switches that can log everything passing through them. While intrusion detection might not pick up on stuff real time because the pattern is not known to be unusual, forensic analysis after the fact could still be quite useful.
A server that does a high percentage of its traffic on non-standard ports and using encryption would be more likely to become one that is monitored - if not for the content, then for the amount of traffic and the pattern of where the connections and traffic originate. At least that's what makes sense to me. One military doctrine says the best way to hide something is to put it right out in the open.
Since TCP/IP can dynamiclly route, not every packet necessarily goes over the same path, so the closer the passive tap is to the sender or receiver, the more likely it will capture everything relevant in the same log.
In the US, when the internet was opened up for commercial use, 5 NAPs (Network Access Points) were established as the major peering locations for all of the backbones... on the surface, that seems to contradict the object of the internet, which was to be decentralized so that no single attack, even if it was large in scale, would cause the internet to fail. Having 5 choke points seemed to contradict that objective - on the other hand, it makes monitoring a lot more simple.
And I'm running out of tin foil - gotta go.
Social engineering - people tend to use the same email ID for multiple email accounts... just as they ignore basic security procedures and use the same password on every account...
All the spammers do is to use the email ID from known valid targets and append major freemail domains... so if [mysupersekritid]@myispname.com gets on a spam list, they try [mysupersekritid]@aol.com, @hotmail.com, @msn.com, etc... and now @gmail.com
So they probably aren't random dictionary attacks at all - the article did pick up on the connection, but didn't see the obvious conclusion.
Understanding the humor, once someone starts reprogramming the embedded code and leaving instructions in public view - it would have been trivial to change the code to engage the spoke lock without user input at some arbitrary point in the future, which would surely cause injury to the rider.
Somehow I doubt the bikes will return after their Winter Servicing... or if they do, they will have new (and more expensive) security measures.
I'm glad you pointed this out - any idea how an ISP with 5000 customers wound up with 2.8 million email addresses on that spammer's CD? That's about 500 email accounts per customer... Dictionay attack? Planted by a competitor? Randomly generated by the spammer?
Surely the claim isn't that every -attempt- to deliver an email to a non-existent email address was a $10 issue, is it? Or were they all accepted with a default account for the domain?
I think it unlikely that any of these folks are going to show up and ask for a modification of the judgment based on the fact that there was no actual valid recipient for the spam email. If they do show up, you stand to have a big inheritance.
Now if they would just put cameras (or GPS) in the delivery vehicles and see their staff spending hours killing time waiting until it is late enough to go back and return the truck. (except of course for about 2 weeks a year)
So therefore DEC was responsible for the slammer worm!
[ducking]
That's the way it works on Overture, but not on Google. Top ranking on Google is not based on maximum bid - it is based on a formula that includes clickthrough rates.... my guess is it is just as simple as $ per 1000 views, with adjustements based on which position the ad is displayed in.
Overture's model is not particualarly clever, as it encourages people to write ad text that will not be clicked. That's a good way to build up brand recognition without incurring costs.
Google also will drop ads if they fall below a certain click rate regardless of the bid amount, indicating to Google that the ad isn't relevent to the search term.
This may seem unrelated, but the Illinois Thruway system annoucned that as of Jan 1st, people who don't have the I-Pass transponder in their car will have to pay twice the fee of those paying cash... (why stop at 2x?)... Just like the frequent shopper cards at grocery stores, look forward to being coerced into giving up your privacy. No reason the GPS transponder can't be combined with a wireless phone and provide remote access and control of your car... Oops, I think that may already exist - it is called Onstar.
Untrue.
Most "cheap" dialup ISPs (sub $10/month) use one of several wholesalers (GlobalPops, DialupUSA, cisp.cc, Ikano), all of which have very thorough nationwide coverage. AOL and Earthlink used to have a few pockets where they had close to exclusive access because Sprint was the local phone company, but Sprint recently announced they are bailing from the dialup wholesale internet business.
AOL, Earthlink, United Onlinie (Juno/Netzero/Bluelight) and MSN all make extensive use of Level(3) as their CLEC dialup partner, which is also used by the "cheap" ISPs - their phone calls all terminate on the same equipment, and at least on the access part, there is no functional difference among them.
In addition, the cheap ISPs also carry extra networks like Megapop, uu.net (worldcom), ICG (now owned by Level(3)), and Pacwest or O1 in California, Paetec in the NorthEast US and others.
If you want to see this in painful detail, go to http://www.findanisp.com/ - go to a city of your choosing, and select the "Complete POP list" - you'll see more information there about the dialup business in your city than you ever wanted to know.
Only if he relocates to Bangalore.
Sorry, but that's wrong.
AOL has "Bring your own access" customers that access AOL's "content" through another ISP (including broadband). They also have "AOL Broadband" customers that are basically joint marketing deals bundling AOL "content" with DSL. AOL calls those subscribers, even if they don't meet your narrow definition. (BTW, AOL just announced they are walking away from DSL customers in BellSouth states, and will soon do so in the rest of the country)
Wal*Mart has announced their first location New York City today. Be very afraid.
y -- wal-mart-queens1207dec07,0,1642043.story?coll=ny-r egion-apnewyork
http://www.newsday.com/news/local/state/ny-bc-n
Gee, wouldn't that more effective if they redirected to Lycos itself, and perhaps loaded the query string with a really resource intensive query? Targeting makelovenotspam.com is attacking the red cape instead of the matador.
HIV infection rates are quite low in most Islamic countries. Perhaps self control is possible and has long term evolutionary survival value. Who could have seen that coming?
AOL is the company pushing hardest for this law.
Most AOL users interact with the Internet from behind AOL's proxy servers, and their IP address gives no indication of what State they are a resident of. In fact, AOL users in Europe appear to be located in the US, as the traffic is proxied through AOL's computer center in Virginia.
I guess in order to enforce this, now the government will need a big database matching email addresses to mailing addresses.
Hey, if a state can claim jurisdiction over email delivery, why not a city?
If a city can claim jurisdiction over email and its content, can a ordinance in Berkeley making it a criminal offense to engage in hate speech in email (between consenting adults) be far off?
In general, it is the computer -sending- the traffic that pays for the bandwidth.... on top of the other reasons why this is a bad idea, it will take about 3 seconds to circumvent.
Spamvertised web sites almost always contain a tracking ID that identifies the recipient or the "campaign" of the mailing...
So if the HTTP GET request doesn't contain a valid request string, you simply send no response...
if (!$IDSTRING)
exit;
Admittedly, it takes some bandwidth to do the SYN handshake - but if Lycos is telling the truth that they'll monitor the responses so they aren't found legally responsible for a DoS attack, if the server always returns a null response, they -must- stop the attack, since they have no way to measure its effectiveness.
Once Microsoft has identified a "Source" of pirated Windows, wouldn't you expect that Microsoft would demand a customer list? Or get banking records to see who paid for that PC by check or credit card? Or at a minimum obtain the CD Keys used by the source, and disable all of the copies?
If you come clean yourself, it's likely you'll get better treatment than if they catch up with you. At least that's what MS would like you to think.
There is a real risk that people could start thinking that the people advocating the FireFox browser are the same group of people creating MSIE exploits. That would not be a good thing. Cheer at your own peril.
Qwest has a very significant relationship with KMC telecom, a CLEC that provides local and long distance service outside of Qwest's own legacy RBOC territory, as well as owning its own fiber network run along railroad rights of way.
This is basically the second chapter in "reciprocal compensation", a major screwup by the ILECs following the telecom reform act of 1996. The ILECs (like SBC) set the call termination charges as high as state regulators would allow - but didn't see that ISPs would use CLECs for access points. Suddenly, the cash flow which the ILECs assumed would flow towards them and put the CLECs out of business in a year was causing the ILEC to have to write checks to the CLECs - because each minute that an SBC customer was online dialing into the ISP (which in some cases was actually owned by the CLEC), SBC had to pay the CLEC the inflated local termination charge they had demanded from the CLEC... payback is great thing...
The trend lately has been in order to make this issue go away for the states to order each company to pay the expenses of their own customers, and nobody pays anyone for terminating the calls. Apparently Qwest sees that as a good thing, and the FCC is generally on that side also. All of this is the legacy of AT&T in the Ma Bell days using long distance revenues to subsidize local service, since it was easier to make money on LD than to get 50 state regulators to raise local monthly rates on poor people and senior citizens.
The key to trees as a carbon sink is:
1) When you cut down the trees, trap the carbon in a form that will keep the Carbon from becoming CO2 - make lumber, build houses, build wood flooring - don't burn the wood for heat.
2) Old trees absorb less CO2 than younger fast growing trees. Cut down old forests, make lots of lumber and picnic benches, and plant new trees. Kill the deer so they don't eat the young seedlings.
3) Keeping the forests younger and healthy and with managed harvesting will reduce forest fires, which release huge amounts of CO2.
Now there is a real pro-enviroment policy.
I know that was meant in jest, but the reality is that the foundation is already being laid by the EU socialists to call the countries that do not adopt Kyoto (ie the US) "Environmental Terrorists" posing an "Imminent Threat" to civilization.
That of course could form the legal basis for a "preemptive invasion" to implement "Regime Change".
Stay tuned.