Hivecache is an outgrowth of the Mojo Nation P2P project. Mojo was mainly a file sharing environment; Hivecache is pointed towards business data backup environments (partly because Mojo didn't reach the...5 Profit!!! stage...)
Hivecache is a P2P distributed backup system that grew out of Mojo Nation. Files are encrypted and shredded into multiple RAID-like pieces, so no individual piece can be used to reconstruct the original data. You don't know what's on there, and you can't find out, because you don't have the information to do it, which provides you some protection as well as providing protection to the people whose data you're storing.
There are really two kinds of bounces that email can get. The more effective one is for the SMTP server that's receiving your mail to send back some kind of 500-series failure message to say "that address doesn't exist" or "that domain's not recognized here" or "we don't relay for spammers like you." The other kind of failure message is a response that your SMTP server sends back to the sender (or the sender's MTA) saying "Sorry, we accepted email for foobie@example.com, but we can't deliver it because [insert excuse]". It's easy enough to generate messages like the latter, but they're less effective, because many spamware users don't have a real email address to send them back to, or don't bother checking the mail if they do. Some more established spammers might support this, mainly the spamhaus type who want to sell 90 zillion validated precisely targeted email addresses, and maybe they'd even use this to stop sending it. But most spammers won't bother.
I was thinking more of the possibility for torpedo engines - if it's small, cheap, powerful, and fast (and sufficiently fuel-efficient, which the article didn't mention was good or bad about this) it may be more effective for making anti-ship weapons than faster ships.
The Slashdot article hints that there's a problem involving distribution of binaries, but doesn't point to anything that lets you find it. The Mplayer home page doesn't explain the problem - it points you at a flame-war on a mailing list, which has couple of postings about "You suck! No, YOU suck! No, YOU suck and your COMPILER is UGLY! Well, YOUR father smells of Elderberrries and your Hovercraft is full of EELS!", and while it's possible that there's some more enlightening content farther down, there's nothing to suggest that there actually will be, or that this flame war will be any more enjoyable than the last 20 years of Usenet flame wars.
The Mplayer info page says that "MPlayer is GPL now. In the past it contained non-GPL code from the OpenDivX project, which did not allow binary redistribution. This has been removed." It doesn't actually appear to have the license, except perhaps in some hunk of code I'm not going to bother downloading now. If they say it's GPL, then they're obviously referring to the GPL, so I can distribute binaries if I want. If they've got other documentation that's more restrictive than this, well, this one's on their web page, though they probably should have provided a link to the GPL themselves.
The checksums don't prevent you from being tricked into downloading the wrong stuff, but at least let you know to reject it once you've got it. BitTorrent does a fairly thorough job of this - each chunk of data is checksummed, so a given source can only hand you a megabyte or so before you detect that there's a problem. (I think both of these systems use cryptographic checksums like SHA1 or MD5, rather than CRCs which are forgeable.)
It sounds like they're playing in a similar space, but there are differences in who's driving what functions, and how the different sites interact with each other. I haven't looked at OCN enough to be sure, but it looks like OCN has a structure that's more like Napster, where a bunch of systems hang out for a long time and distribute a wide variety of files (using a BitTorrent-like mechanism), while BitTorrent is designed to distribute a specific file, using the resources of the ad-hoc group of machines are that are interested in obtaining that file right now (or have been interested in it recently). There may also be differences in the size of files they're designed for - BitTorrent mainly hands out files in megabyte chunks, so it's more useful for distributing larger files, such as 10MB or more, while OCN's documentation doesn't make it immediately obvious but looks like it can handle small files as well (and I can't tell whether it splits up big files automagically or just shares the load by downloading multiple smaller files from different places - sounds much more like the latter, but maybe there's something I'm missed when I read the OCN documentation.)
Also, of course, neither one really fixes the Slashdot problem, because you need to set them up _before_ you're slashdotted:-) On the other hand, once you know you're in trouble, you can update your site to use them all by yourself, as opposed to bullying Slashdot into making a cache or hoping Google has one.
Are you saying that "file trading" makes it not a legitimate or credible system, or am I misreading you? BitTorrent, unlike some systems, doesn't hide where the main file is located - that's somebody else's problem. One of the main uses has been distributing concert recordings of jam bands, which is legitimate and much easier than mailing tapes around. Bram's done a lot of good work making it scale and exploring the technical problems.
Codecon - www.codecon.info will be February 22-24 in San Francisco. It's a conference about writing code for applications like peer-to-peer and crypto (and crypto peer-to-peer, etc.), oriented towards authors presenting actual working demos. The program page has abstracts of the talks/demos. Many of these applications overlap some of the same space. One of the organizers is Bram Cohen, author of the BitTorrent P2P file distribution system (and one of the organizers of last year's conference), and the other is Len Sassaman, who does cryptographic remailers.
Distributed compiling for students
on
Adopt a KDE Geek
·
· Score: 1
It's true that my disk drive bus is a lot faster than my LAN, which is a lot faster than my DSL or especially my modem. But in a university student environment, either for students in dorms or campus computer centers, there's often a fast LAN and a lot of spare horsepower much of the day that might be harnessed effectively. There's a big security assumption there (:-), and also it's much more useful if the students are all running Unix of some sort rather than Windows, but it can be a good deal.
Also, there's the question of where the data lives - do the master copies live on your PC, or on a server, and how do you check it in or out? It may actually be just about as fast in a parallel environment, where people are getting the data from fast LANs.
Developer vs. compiler horsepower
on
Adopt a KDE Geek
·
· Score: 1
It's really nice to know that many of the developers are still using slow, wimpy computers instead of the latest supersonic barnburners, because that says they'll resist bloatware and their products might work on my old desktop PC (not the really old one running TWM, just the 233MHz one). As a longtime user of corporate-IT-department laptops, I appreciate this for work use as well as for home, since the laptops are typically far more limited, and they're expensive enough they're usually a couple years old even beyond the laptop limitations. It would be nice if we could give the folks at Microsoft a bunch of old computers for all their developers and make sure they use them too:-)
Having said that, though, that doesn't mean that the machine you run your compiler on needs to be the same machine you install and test the end product on (and in fact it's really nice if it's not, because that forces you to make cross-compiling for production systems work well.) Running the compiler on a newer, somewhat faster CPU and adding a big disk drive helps a lot, and motherboards at Fry's seem to be running about $99 for ~1.7MHz Athlons these days. Of course, it's awfully tempting if you've got a new motherboard to install it on your desktop (even if you're not a gamer...)
Depends a lot on change control
on
Adopt a KDE Geek
·
· Score: 1
How much of the system you have to build from scratch depends a *lot* on the quality of change control processes you're using and the amount of the code that's being actively worked on and modified at any given time. It's really critical for developers and testers to be able to work on something that looks very much like the environment the real user will have, and sometimes that means a lot of recompile-from-scratch-on-a-clean-box.
Disk space is a situation that's improved radically since the days when I was coding, and price/size has been on a deep faster-than-Moore's-law dive for a few years now. A 120-GB disk costs about US$120-200 these days, and the trip from 2GB->6GB->20GB->120GB only took about 3-4 years, but it rapidly crossed the boundaries of "how big is the biggest system I'm working on now with everything and the kitchen sink (except my MP3s) thrown in".
Also, one reason disk drive was always a critical resource was that corporate IT departments often forgot the difference between computers and systems - developers and testers often need large numbers of systems, but that doesn't have to cost a lot of money because one computer with a removable-disk-enclosure and a stack of 20 disks in $10 plastic drawers really costs a _lot_ less than a stack of 20 computers, and the IT department and/or the developer can keep a set of clean images available to duplicate more checkpointed-from-user's-perspective systems for testing on.
If you're only using your passphrase for one key, then an attacker who has your private key doesn't need your passphrase. If you're using your passphrase for more than one key, then it makes a lot more difference how they got your private key... A more likely threat is that somebody got your private keyring file, which is encrypted, and they're running pgpcrack to see if you've got a wimpy passphrase so they can get your private keys. If your passphrase is in/usr/dict/words it won't take them long to crack it; if you've picked a really high-entropy passphrase that people who know lots of information about you aren't likely to guess then you're fine (unless they've got continuing access to your machine and can watch you type in your passphrase, in which case you're toast anyway...)
There's so much material that's being lost, because of media deterioration or because nobody's bothering to maintain it or make it findable by others. Any material newer than Steamboat Billy (Buster Keaton's movie that Walt Disney borrowed) or whenever the first of the copyright-extension notch babies was written has the risk that if the publisher or author or other copyright owner can't be found, nobody can publish it.
Lots of answers were posted here:-) One of them sounded like he knew what he was doing, and said that the site had stopped working as of Friday, which suggests it may have been the correct one..
Gordon Cook has sent a couple of notes to NANOG on this, and apparently there's been some delay getting this stuff working, but it should be ready in a couple of months. (So you won't slashdot it quite yet.) That's about the right timing - typical Everest expeditions hit summit in early May, or else Novemberish. Winter's not good, and summer gets monsoon conditions, which are snow and wind up there. March is about the right time to be hauling stuff up the mountain, ordering supplies, and generally coordinating things. Hopefully they can avoid some of the problems with supplies and overcrowding that have caused some of the previous disasters, and let the Sherpas not only make enough money to finance its ongoing operations, but also keep continuing communications into their towns.
For some spam, the spammer sending the mail is the person who's selling the product, which is traceable to an address in the US where they could actually bust somebody if they were violating a law, as long as the Feds could figure out that they're the ones sending it through that Korean relay.
But often the spammer sending the mail isn't the person selling the product, they're an email-marketing contractor, and the person selling the product is shocked, shocked to find out that they're spammers when they claimed to be a legitimate permission-based quadruple-opt-in spam-free delivery service. (And that's if there's a product at all, as opposed to a M4k3 M0n3y F45t pyramid scam or a Nigerian corrupt politician's poor starving grandmother, and the product seller might not be based in the US, e.g. they really _are_ corrupt Nigerians, or they're selling made-in-China herbal Viagra substitute.)
Since there isn't a US-wide law against spamming, the emailer might be a US business or individual, once you've backtracked through broken Korean proxy servers forwarding mail from Chinese ISPs. But if there ever is a US law, you'll increasingly find out that the email-sending company or the product-shipping company is a Cayman or Panamanian or Lesotho corporation, and if spam isn't illegal _there_, then Panama etc. won't bother them.
If spamming _is_ illegal there, the most that happens is that the government seizes their petty-cash bank account, and if they've got an office, seizes their desk and typewriter, and if they're using their own PC instead of renting one, they seize that too.
But the money all got paid as dividends to the one stockholder, who if he's an American was certain to report it on his taxes, except that the stockholder is likely to be a corporation in another country, which is really just a bank account.
But that would be too obvious, so SendYourMail, Lrd. didn't pay dividends to its one stockholder, because it didn't make any money, because it had a lot of expenses buying internet technlogy consulting services from InternationalTeXn0C0nsult, Ltd., who hired some temps to produce this nice consulting report that analyzed their business plans and told them that Spamming would be Bad, Bad, Bad and they shouldn't do it.
Now, there's certainly no criminal case against ITX0C0,Ltd, because they didn't spam anybody, so there's no way to get whatever tax haven country it's based in to divulge the name of its one stockholder, who happens to be a real person in the US who (if there were a real product being shipped) might hypothetically look like the proprietor of the company shipping the useless product or running the tastefully legal pr0n site that any hypothetical customers were hypothetically convinced to pay money for as opposed to just browsing.
But if the delivery of the product were also illegal (not inherently but because it was promoted using spam that violated some new tough War-On-Spam laws), then that can also be delivered from outside the US - shipping from the Caribbean doesn't cost _that_ much, or if the product is a pr0n site, it can be hosted just fine in Amsterdam.
Now, it's unlikely that any US anti-spam law would be something that involves jail time or extradition treaties - at most it's a fine of some kind. Fines are only useful if you can collect them. Overseas corporations are good at preventing effective collection like that, and they're good at making the cost of collection exceed the amount of money collectable, and since for the spammer, it's all about the money, and for the Feds, it's mainly about creating some impression that they're attempting to enforce some law that some Congresscritter passed to look good, but it's really not a high priority unless the spammer's advertising pictures of the current FBI director modeling J.Edgar's black negligee. (Or unless there's child porn involved, or the "herbal viagra" is 50% Iraqi cocaine, or something inherently annoying to them.)
Part of Monsterhut's problem is self-inflicted. Back in 2001, they were using an ISP called Paetec, who cut them off when they started spamming, so they sued Paetec to prevent being cut off, and got a judge to issue a temporary restraining order preventing Paetec from cutting them off. Last May, it finally got to trial, and Monsterhut got thrown out on their ears, which is when the NY Attorney General started chasing Monsterhut. If they hadn't tried sueing, but had instead gone and used some other name to trick some other ISP into doing business with them, they might have at least avoided notice from the NY AG.
I haven't looked at the NY AG's case to know if he's actually got one; obviously the Monsterhuts are sleazy spammers, but I'm not convinced that being sleazy or a spammer is sufficiently illegal to do much with. Claiming that they have permission to spam you makes them lying scum, but isn't necessarily illegal. On the other hand, if they're the kind of spammer business that charges product-sellers to deliver their spam, as opposed to somebody who's spamming about stuff they're selling themselves, it may constitute fraud and misrepresentation in some way that's criminal, or at least that's a good civil suit by some of their customers who failed to M4k3 M0ney Fa5t or to sell lots of widgets or who got flamed out for hring a spammer.
Not with printers, of course, but some people have been working on vat-grown meat muscle tissue, with at least one goal being for long spaceflights where grazing space for cows is limited. Unfortunately for ethics-motivated vegetarians, the nutrients they've been most successful with have been meat-based (fish broth or something), so it's not all that helpful. For the religions that have specific requirements for methods of killing animals, it's probably ok, because there's no animal-killing involved, though some of the pickier variants on kosher are likely to find some reason to object.
For health-motivated vegetarians, or for people who don't eat meat because it's gross, well, it's still meat.
How much of the copying will be Australian music, which gets funded by the levy, as opposed to US and European record labels like Columbia and BMG? Will those companies get to collect their own levy, 10 times the amount of the AU one, or will the get 90% of the money from the levy?
I realize that these prices are in Australian dollars, which are about half a US dollar, but if the price of CD-Rs is AU$1 each, they're pricing the premium product, not the El Cheapo product. Here in the US, good CD-Rs are about US$0.50-60, but cheap CDs on sale are about US$0.15. They aren't local products - the stack on my desk are from Taiwan - so if they're more expensive in Australia because of import taxes or whatever, it's purely artificial. If the levy wants 10% of the price of the expensive product, that's 30% of the price of the cheap product, presuming they take it as a flat charge per CD.
The Campaign for Homegrown American Marijuana Production wants to remind you that "If you're not smoking homegrown American marijuana, you're helping to finance terrorism!" It's America's number one agricultural crop! If you aren't growing your own, you should be buying from your friendly neighborhood Hippie, who'll arrange to get if from the nice friendly Northwest farmers. Even better, you're helping Save The Planet, because hemp helps prevent erosion in areas where clearcut logging has disrupted America's Old-Growth Forests.
My work machine is now running Win2000 SP2 in "you're not the administrator" mode (sigh...) In the past, I've used Win98SE, Win98, WinNT3.51, Win95, and Win3.1 on work machines, and also WinME at home. This is much, much more reliable than any of the previous MS machines; I don't think it's ever given me the BSOD, though it does hang once in a while requiring reboots. Part of this may be hardware related - it's a Toshiba laptop, and gets sleep-moded, plugged into different LANs, etc. several times a day, and occasionally it doesn't figure out which network it's connected to, requiring a reboot (or at least another sleep/wakeup), but it's not like the previous versions which would choke every 5-10 sleep/wakes, requiring at least one reboot or sometimes 2-3 (the older Toshiba would often wake up in 640x480 mode having failed to find the video drivers for the built-in hardware.)
The last MS product I had which was this reliable was NT3.51 (and unfortunately, that was during the "NT is for servers, not desktops" days, so it didn't support laptop power management drivers, so a low-battery interrup would make it blue-screen instead of saving its state.)
Back when I had Sun machines, the "uptime" command would usually tell me the amount of time since the last power failure, except when I was messing with hardware. On Linux, it usually tells me the length of time sinc e the last interesting software distribution came out, or the last time I booted the machine in Windows to run tax software, or the last time I messed with the hardware, except on the honeypot machines I used to run unprotected on DSL, which told me how long it had been since the machine got r00ted:-)
Hivecache is an outgrowth of the Mojo Nation P2P project. Mojo was mainly a file sharing environment; Hivecache is pointed towards business data backup environments (partly because Mojo didn't reach the ...5 Profit!!! stage...)
Hivecache is a P2P distributed backup system that grew out of Mojo Nation. Files are encrypted and shredded into multiple RAID-like pieces, so no individual piece can be used to reconstruct the original data. You don't know what's on there, and you can't find out, because you don't have the information to do it, which provides you some protection as well as providing protection to the people whose data you're storing.
There are really two kinds of bounces that email can get. The more effective one is for the SMTP server that's receiving your mail to send back some kind of 500-series failure message to say "that address doesn't exist" or "that domain's not recognized here" or "we don't relay for spammers like you." The other kind of failure message is a response that your SMTP server sends back to the sender (or the sender's MTA) saying "Sorry, we accepted email for foobie@example.com, but we can't deliver it because [insert excuse]". It's easy enough to generate messages like the latter, but they're less effective, because many spamware users don't have a real email address to send them back to, or don't bother checking the mail if they do. Some more established spammers might support this, mainly the spamhaus type who want to sell 90 zillion validated precisely targeted email addresses, and maybe they'd even use this to stop sending it. But most spammers won't bother.
I was thinking more of the possibility for torpedo engines - if it's small, cheap, powerful, and fast (and sufficiently fuel-efficient, which the article didn't mention was good or bad about this) it may be more effective for making anti-ship weapons than faster ships.
The Mplayer home page doesn't explain the problem - it points you at a flame-war on a mailing list, which has couple of postings about "You suck! No, YOU suck! No, YOU suck and your COMPILER is UGLY! Well, YOUR father smells of Elderberrries and your Hovercraft is full of EELS!", and while it's possible that there's some more enlightening content farther down, there's nothing to suggest that there actually will be, or that this flame war will be any more enjoyable than the last 20 years of Usenet flame wars.
The Mplayer info page says that "MPlayer is GPL now. In the past it contained non-GPL code from the OpenDivX project, which did not allow binary redistribution. This has been removed." It doesn't actually appear to have the license, except perhaps in some hunk of code I'm not going to bother downloading now. If they say it's GPL, then they're obviously referring to the GPL, so I can distribute binaries if I want. If they've got other documentation that's more restrictive than this, well, this one's on their web page, though they probably should have provided a link to the GPL themselves.
By the way, your home page is ugly....
Also, of course, neither one really fixes the Slashdot problem, because you need to set them up _before_ you're slashdotted :-) On the other hand, once you know you're in trouble, you can update your site to use them all by yourself, as opposed to bullying Slashdot into making a cache or hoping Google has one.
Are you saying that "file trading" makes it not a legitimate or credible system, or am I misreading you? BitTorrent, unlike some systems, doesn't hide where the main file is located - that's somebody else's problem. One of the main uses has been distributing concert recordings of jam bands, which is legitimate and much easier than mailing tapes around. Bram's done a lot of good work making it scale and exploring the technical problems.
Codecon - www.codecon.info will be February 22-24 in San Francisco. It's a conference about writing code for applications like peer-to-peer and crypto (and crypto peer-to-peer, etc.), oriented towards authors presenting actual working demos. The program page has abstracts of the talks/demos. Many of these applications overlap some of the same space. One of the organizers is Bram Cohen, author of the BitTorrent P2P file distribution system (and one of the organizers of last year's conference), and the other is Len Sassaman, who does cryptographic remailers.
Also, there's the question of where the data lives - do the master copies live on your PC, or on a server, and how do you check it in or out? It may actually be just about as fast in a parallel environment, where people are getting the data from fast LANs.
Having said that, though, that doesn't mean that the machine you run your compiler on needs to be the same machine you install and test the end product on (and in fact it's really nice if it's not, because that forces you to make cross-compiling for production systems work well.) Running the compiler on a newer, somewhat faster CPU and adding a big disk drive helps a lot, and motherboards at Fry's seem to be running about $99 for ~1.7MHz Athlons these days. Of course, it's awfully tempting if you've got a new motherboard to install it on your desktop (even if you're not a gamer...)
Disk space is a situation that's improved radically since the days when I was coding, and price/size has been on a deep faster-than-Moore's-law dive for a few years now. A 120-GB disk costs about US$120-200 these days, and the trip from 2GB->6GB->20GB->120GB only took about 3-4 years, but it rapidly crossed the boundaries of "how big is the biggest system I'm working on now with everything and the kitchen sink (except my MP3s) thrown in".
Also, one reason disk drive was always a critical resource was that corporate IT departments often forgot the difference between computers and systems - developers and testers often need large numbers of systems, but that doesn't have to cost a lot of money because one computer with a removable-disk-enclosure and a stack of 20 disks in $10 plastic drawers really costs a _lot_ less than a stack of 20 computers, and the IT department and/or the developer can keep a set of clean images available to duplicate more checkpointed-from-user's-perspective systems for testing on.
If you're only using your passphrase for one key, then an attacker who has your private key doesn't need your passphrase. If you're using your passphrase for more than one key, then it makes a lot more difference how they got your private key... A more likely threat is that somebody got your private keyring file, which is encrypted, and they're running pgpcrack to see if you've got a wimpy passphrase so they can get your private keys. If your passphrase is in /usr/dict/words it won't take them long to crack it; if you've picked a really high-entropy passphrase that people who know lots of information about you aren't likely to guess then you're fine (unless they've got continuing access to your machine and can watch you type in your passphrase, in which case you're toast anyway...)
There's so much material that's being lost, because of media deterioration or because nobody's bothering to maintain it or make it findable by others. Any material newer than Steamboat Billy (Buster Keaton's movie that Walt Disney borrowed) or whenever the first of the copyright-extension notch babies was written has the risk that if the publisher or author or other copyright owner can't be found, nobody can publish it.
Lots of answers were posted here :-) One of them sounded like he knew what he was doing, and said that the site had stopped working as of Friday, which suggests it may have been the correct one..
My address for the subscription.
Gordon Cook has sent a couple of notes to NANOG on this, and apparently there's been some delay getting this stuff working, but it should be ready in a couple of months. (So you won't slashdot it quite yet.) That's about the right timing - typical Everest expeditions hit summit in early May, or else Novemberish. Winter's not good, and summer gets monsoon conditions, which are snow and wind up there. March is about the right time to be hauling stuff up the mountain, ordering supplies, and generally coordinating things. Hopefully they can avoid some of the problems with supplies and overcrowding that have caused some of the previous disasters, and let the Sherpas not only make enough money to finance its ongoing operations, but also keep continuing communications into their towns.
Now, it's unlikely that any US anti-spam law would be something that involves jail time or extradition treaties - at most it's a fine of some kind. Fines are only useful if you can collect them. Overseas corporations are good at preventing effective collection like that, and they're good at making the cost of collection exceed the amount of money collectable, and since for the spammer, it's all about the money, and for the Feds, it's mainly about creating some impression that they're attempting to enforce some law that some Congresscritter passed to look good, but it's really not a high priority unless the spammer's advertising pictures of the current FBI director modeling J.Edgar's black negligee. (Or unless there's child porn involved, or the "herbal viagra" is 50% Iraqi cocaine, or something inherently annoying to them.)
I haven't looked at the NY AG's case to know if he's actually got one; obviously the Monsterhuts are sleazy spammers, but I'm not convinced that being sleazy or a spammer is sufficiently illegal to do much with. Claiming that they have permission to spam you makes them lying scum, but isn't necessarily illegal. On the other hand, if they're the kind of spammer business that charges product-sellers to deliver their spam, as opposed to somebody who's spamming about stuff they're selling themselves, it may constitute fraud and misrepresentation in some way that's criminal, or at least that's a good civil suit by some of their customers who failed to M4k3 M0ney Fa5t or to sell lots of widgets or who got flamed out for hring a spammer.
For health-motivated vegetarians, or for people who don't eat meat because it's gross, well, it's still meat.
and some fava beans and chianti....
(ok, it was a cheap shot :-)
How much of the copying will be Australian music, which gets funded by the levy, as opposed to US and European record labels like Columbia and BMG? Will those companies get to collect their own levy, 10 times the amount of the AU one, or will the get 90% of the money from the levy?
I realize that these prices are in Australian dollars, which are about half a US dollar, but if the price of CD-Rs is AU$1 each, they're pricing the premium product, not the El Cheapo product. Here in the US, good CD-Rs are about US$0.50-60, but cheap CDs on sale are about US$0.15. They aren't local products - the stack on my desk are from Taiwan - so if they're more expensive in Australia because of import taxes or whatever, it's purely artificial. If the levy wants 10% of the price of the expensive product, that's 30% of the price of the cheap product, presuming they take it as a flat charge per CD.
The Campaign for Homegrown American Marijuana Production wants to remind you that "If you're not smoking homegrown American marijuana, you're helping to finance terrorism!" It's America's number one agricultural crop! If you aren't growing your own, you should be buying from your friendly neighborhood Hippie, who'll arrange to get if from the nice friendly Northwest farmers. Even better, you're helping Save The Planet, because hemp helps prevent erosion in areas where clearcut logging has disrupted America's Old-Growth Forests.
The last MS product I had which was this reliable was NT3.51 (and unfortunately, that was during the "NT is for servers, not desktops" days, so it didn't support laptop power management drivers, so a low-battery interrup would make it blue-screen instead of saving its state.)
Back when I had Sun machines, the "uptime" command would usually tell me the amount of time since the last power failure, except when I was messing with hardware. On Linux, it usually tells me the length of time sinc e the last interesting software distribution came out, or the last time I booted the machine in Windows to run tax software, or the last time I messed with the hardware, except on the honeypot machines I used to run unprotected on DSL, which told me how long it had been since the machine got r00ted :-)