> "Reguly's survey found that while 83 percent of users check they're using an SSL-secured session before entering their credit card information on a Website, only 41 percent do so when typing in their passwords."
I found this one of the silliest parts of the story. First, to what type of sites does that 41% figure apply? Are they the same sites where people are entering credit card information? There are a number of sites where I enter passwords without SSL encryption, this site for one. Those are sites where I don't really care if my password is sniffed or not. Does that place me in the 59% of supposedly inattentive users? For sites where I care about protecting my authentication information like my bank or Amazon, I make sure the password transaction is encrypted.
Next, the article presents a laundry list of apparent security flaws in SSL. How common are these? Do we have demonstrated evidence that they've been used to subvert transactions with well-known sites like major banks and online retailers, or are these just theoretical flaws? Like the article on piracy in today's news, the statistics in this piece seem intended to drive sales of security software and services by fear-mongering.
Finally there's the suggestion that browsers never permit people to accept certificates that have expired or are self-signed. I'm sorry, but that's just not going to fly. I find the current plethora of hoops I have to jump through with Firefox annoying enough. If I want to sign a cert so my employees can read their mail with a web browser, what's wrong with that?
I'm still waiting to see an example of collusion of the sort requested by rtfa-troll above. If there's evidence of collusion between AV software companies and malware authors, let's see it. Innuendo gets tiresome quickly, though it does attract mod points here.
You lower yourself by resorting to insults. You made your point, I offer a rebuttal. This is a civil discussion.
knowing about sensor sizes and lens quality would help dramatically improve the sale person's ability to up sell.
Of course, the opposite usually holds true for computer sales. Most people would be perfectly happy with the cheapest models in a product category. That's probably true for many other products as well.
I remember buying a washing machine and went to Sears in search of the sale item advertised in that Sunday's paper. The sales lady encouraged me to spend another $40 or so to get a machine with more cycles and features. For that price an upsell made a lot of sense. For someone buying an entry-level laptop to read mail, browse the web, and manipulate a few photos, there's really very little reason to buy a more powerful machine.
After reading the articles and this thread, I began to wonder whether banks should start distributing a read-only live-CD distribution that only contains the software needed to conduct online banking. In order to bank online, you'd have to reboot with the live CD. This eliminates the possibility of installed trojans and similar malware that might reside on the computer's hard drive.
Obviously this is going to be seen as a pain in the neck by consumers, but maybe it makes sense for commercial accounts? Given the radical differences in how such accounts are protected legally (read TFAs for details), and given that businesses presumably are less concerned about ease of use than consumers, commercial account holders might be willing to go this route. Of course some machines like netbooks and PDAs aren't well suited to this approach, but they're also not likely to be the types of client machines used in businesses. I presume it's possible to make read-only USB sticks for cases like this?
I maintain all my DNS servers and use DirectNIC as a registrar. I can't imagine using a registrar that won't allow you to maintain your own servers. I've been running DNS servers for fifteen years staring back when everything was registered at Network Solutions. It was actually a bit harder then to manage your own DNS since you had to register your servers with NetSol using a special e-mailed form. Making changes was cumbersome and slow. Now I can just change an entry on a web page at DirectNIC if I need to move a server.
Last June I submitted this story on joint endeavors between Intel and Nokia in the mobile space.
"The partnership will center around several open-source mobile Linux software projects, including the Moblin platform for Atom-based processors and the Maemo operating system developed by Nokia. Intel will also acquire a licence from Nokia that is used in modem chips to connect to third generation cellular networks."
The problem is that "malvertising" contains scripts. From the blog by Microsoft's attorney:
"Our filings in King County Superior Court in Seattle outline how we believe the defendants operated, but in general, malvertising works by camouflaging malicious code as harmless online advertisements. These ads then lead to harmful or deceptive content. For example, ads may redirect users to a website that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer. Malvertising may also directly infect a victim's computer with malicious software like Trojans - programs that can damage data, steal personal information or even bring the users' computer under the control of a remote operator."
Last weekend the New York Times distributed an ad like the one described which redirected browsers to a "scareware" site. The Times reported later that an apparently legitimate advertiser bought availabilities on its site, distributed legitimate advertising for a few days, then switched to distributing the ad containing malware over the weekend.
Advertising distributors should automatically scan all advertising for embedded scripts and refuse to distribute them. Suing fly-by-night operators isn't going to solve this problem. The advertising syndicators and their clients like the Times need to step up and start filtering the content they distribute.
Open source projects have been exempted by the US from crypto export restrictions for years.
Yes, but not to embargoed countries like Cuba, Iran, and North Korea. Mozilla consulted with the Federal Government after becoming aware of downloads to Iran.
From TFA, "During a recent Firefox download event, Mozilla posted a map on its Web site showing where downloads were occurring. Anderson said it became clear that a substantial number of downloads were coming from Iran. Mozilla then had knowledge that it was exporting to Iran, which could have put it in violation of the U.S export regulations, exposing the firm to criminal and financial penalties."
I just installed NoScript after getting redirected to the phony page. I reviewed all my browsing this morning and didn't see any particularly "dangerous" sites. One of them was, of course, nytimes.com. Little did I know....
As a user of Firefox on Linux, having my computer display a Windows-styled desktop folder and informing me that it was scanning my dll collection was both amusing and alarming.
For the curious, the browser is hijacked with Javascript and redirected to the phony scanning page which suggests using "Personal Viruscan." A bit of research this morning suggested it has been making the circuit this year but not on mainstream sites like the Times. However this site reports encountering the malware on a NY Times page as early as Septamber 7th. That person found it on a page about Jay-Z; I was reading the editorial columnists.
I grepped my Firefox _CACHE_ files for "virus," found the Javascript code there, but couldn't seem to attach it to a URL using "about:cache". Any hints?
Now I'm running noscript and pushing all requests through a Squid proxy on my firewall. At least I'll have a log to see what requests I've made. I'm guessing this came through the Times's ad syndication system, but I couldn't track down the source. I already run Adblock Plus and have a number of custom rules to block sites like brightcove.com and revsci.net.
The single consistent biggest complaint (apart from a certain office suite file compatibility) is the speed (and lack thereof) of its launch time.
Just curious since I don't use OpenOffice on Windows (I use Linux), but doesn't having OO preload its libraries speed up launch times?
From what I recall, what made Microsoft Office appear to launch so quickly was that most of the dll's it needs are started at boot time. (Helps when you control both the OS and the apps it runs.) I thought the prelauncher, or whatever it's called, was introduced with OpenOffice 2.0 or perhaps even one of the later releases in the 1.x series.
Not enough money? Give me a break. I can build a Linux box that runs MailScanner, stick it in front of whatever e-mail server they run, and have that box archive every single message. Throw in a few terabyte drives and the whole thing might come to $5-10K including my time. I consult to a Community Health Center and have built a fairly elaborate scripted system that archives emails for every single mailbox every night and rotates the archives in accordance with the health center's policies. I think I charged them something like a thousand dollars for that job.
It has nothing to do with not having enough money, and everything to do with incompetence. If they're not archiving email, what else aren't they archiving? How useful is it to have public disclosure laws when the systems are designed to avoid document archiving.
That's why I spent an extra $25 or so to add the well-supported Intel wireless card when I bought a 640m. It has a native Linux driver so I don't have to futz with ndiswrapper. It's worked flawlessly for a number of years now with both Fedora and Ubuntu distributions.
Did you spend even a moment checking to see whether all the hardware on that 640m worked well with Linux? Did you ask the Dell representative? Or did you just blindly assume it would work?
If you want someone to criticize, go complain to the wireless manufacturer (I suspect it's Broadcom).
Just curious, but how many of the people who "stepped up" actually paid for the proprietary software they switched to? I see lots of wannabe graphics designers on anime sites who use Photoshop; few of them actually paid for it.
Pirated proprietary software poses substantial competition to the open product space.
This idiocy seems to trace back to a woman who once worked for the Treasury Department and made this claim to a Reuters correspondent at a conference in Riyadh in 2005.
Well, I never expected that we'd be getting over 400 replies to this posting. I'll try to cover some of the most common responses.
First, some background. I've been using Linux on servers for fifteen years and on the desktop for perhaps six or seven. I have no qualms about editing config files or searching online for help with arcane problems. We don't use Windows here much any more for the obvious security issues it poses, and because I'm sick and tired of futzing with license keys and the like just to install a copy of XP on a machine licensed for Vista, or searching the web for drivers for a network card I pulled out of the closet.
Despite these experiences, I'm hardly a "Linux zealot." If my daughter chooses a school that makes using Linux difficult, we'll do what's required to cope. I do believe that institutions of higher education should make at least some efforts to support free and open computing platforms, especially ones like Linux with over fifteen years of development and millions of users worldwide. I understand why Linux adoption has been slow in homes and businesses, but colleges and universities should represent a much more fertile ground for open technologies to grow.
As for my daughter, she is looking to major in the biological sciences en route to veterinary school. She's not going to be spending much time in CS classes where I'd expect Linux to be much more common. She's also not going to be attending a school whose focus is on training people to use computers in a Windows environment. The computer she has now can dual-boot Windows and Linux; she just doesn't use the Windows side all that much. If she needs to run Windows-only applications, we'll deal with that through dual-boot or a VM.
My concerns are more targeted at the campus infrastructure. At some schools we've visited we heard that people needed to install a specialized Windows or OS X application to authenticate to the campus network or to print remotely. While we could certainly accommodate this requirement via a mixed Windows/Linux configuration, it would be a pain to have to switch to Windows just to print a paper. Some of the responses here suggest these are not unreasonable concerns. Qualifying a computer to run on a campus network isn't always a simple task either given the concerns about spreading malware across the campus. So I don't think it was out-of-line to ask whether other people who use Linux routinely have had problems interconnecting their machines with their campuses' IT infrastructure. I'm glad to see so many people reply that they don't really have this problem at all.
As for the "Linux support" is a misnomer response, of course I know the difference between the kernel and a distro. I don't really care if a school supports Ubuntu, Fedora, OpenSUSE, or none of the above. What I do care about is whether schools support open standards and open protocols, so that we won't need to worry about authenticating against an AD server, or installing a proprietary application that doesn't have a Linux build, just to use the network.
Nor did I expect that campus tour guides would be a useful source of information on Linux support. I've only asked this question a couple of times during our round of visits thinking that perhaps the guide may have had a friend who used Linux or heard about it from an acquaintance. In general the answer seems to be that half the campus likes Coke, half likes Pepsi, and no one has even heard of Royal Crown.
Finally, I thank my fellow Slashdotters who took the time to write reasoned and often detailed descriptions of their experiences. I appreciate your efforts very much.
Unless the contracts says music created during those recording sessions, not the songs that reached the final albums. As we haven't seen the contracts I wouldn't like to speculate.
Indeed, that question crossed my mind immediately as well. The contract required him to release seven albums with Sony, which he did, but we don't know what else the contract might have said about ownership to music produced during that period. These tracks appear to be outtakes from sessions that fell under the Sony contract. It's not all that hard to imagine that the contract assigned ownership of the rights to these performances to Sony.
No matter how educated I might want to be about the options available, I'm still limited to choosing among just those options. I'd like a cellular plan whose cost covers only the network portion and doesn't include a device subsidy. I've looked, and AFAICT, none of the major operators are willing to sell me just a connectivity plan.
I've been on the same plan for about seven years now because I'm a grandfathered Cingular user. Any plan I might switch to costs more for the same level of service as I have now. In comparison to the cost of wireline telephony or Internet connectivity, rising prices for cellular service make absolutely no sense. Since it seems likely that the cost of providing cellular service must have declined in the past decade as past investments in plant are paid off, I'm guessing the carriers are making some significant profits.
I'm all for educating consumers, but even an educated body of consumers can't do much when confronted with oligopoly pricing. There's no "free" market in cellphone service that I can see. If there were, I'd be able to go to AT&T or T-Mobile or some competing GSM carrier, buy a voice-only plan for $30/month, get a SIM chip, and stick it in my existing phone.
Is there room left nowadays for an ISP that seeks to provide the fastest and widest pipelines for people that are willing to pay that much extra?
Sure. This site suggests an OC3 (155 Mbit) connection will run you upward of $10K per month. Are you interested?
It's not like there aren't high-bandwidth solutions available; they're just not available at prices consumers can afford. I think my 20/5 FiOS business connection at $79/month is a pretty good deal in comparison.
As I mentioned in another posting, unlicensed distributors would need to obtain legitimate stock from somewhere. I presume wholesalers in these items know who is a legitimate retailer and who is not. If someone is dealing in legitimate licensed goods, they'd have to buy them at retail somewhere which significantly reduces the available profit margins from undercutting the manufacturer's preferred retail price. I suppose there could be arbitrage opportunities from buying at retail in one country and selling in another if prices or exchange rates are sufficiently out of whack, but I doubt that's a very common practice. Counterfeiting seems a much more profitable venture.
Regardless of first-sale laws, the DMCA is still not applicable to trademark infringement.
On the other hand, I can also see LV going after people selling legit LV products below the cost that LV thinks those products should be sold at.
I think that would be very difficult. LV products are licensed, so unlicensed competitors can't just ask a wholesaler to ship them a bunch of LV bags at cost, then resell them at less than published retail prices. It's pretty likely that anyone selling these items below retail either obtained a bunch that "fell off a truck" or is selling counterfeits.
The hosting company received emails CLAIMING to be from the manufacturer.
TFA states, "... Chen and his companies had been informed of the activity by Louis Vuitton." I don't see any reference to emails there. Perhaps you have another source for your assertion?
Would you feel any differently if they had received a registered letter from Louis Vuitton SA, or from Vuitton's attorneys in the US?
Slashdot Mirror
> "Reguly's survey found that while 83 percent of users check they're using an SSL-secured session before entering their credit card information on a Website, only 41 percent do so when typing in their passwords."
I found this one of the silliest parts of the story. First, to what type of sites does that 41% figure apply? Are they the same sites where people are entering credit card information? There are a number of sites where I enter passwords without SSL encryption, this site for one. Those are sites where I don't really care if my password is sniffed or not. Does that place me in the 59% of supposedly inattentive users? For sites where I care about protecting my authentication information like my bank or Amazon, I make sure the password transaction is encrypted.
Next, the article presents a laundry list of apparent security flaws in SSL. How common are these? Do we have demonstrated evidence that they've been used to subvert transactions with well-known sites like major banks and online retailers, or are these just theoretical flaws? Like the article on piracy in today's news, the statistics in this piece seem intended to drive sales of security software and services by fear-mongering.
Finally there's the suggestion that browsers never permit people to accept certificates that have expired or are self-signed. I'm sorry, but that's just not going to fly. I find the current plethora of hoops I have to jump through with Firefox annoying enough. If I want to sign a cert so my employees can read their mail with a web browser, what's wrong with that?
I'm still waiting to see an example of collusion of the sort requested by rtfa-troll above. If there's evidence of collusion between AV software companies and malware authors, let's see it. Innuendo gets tiresome quickly, though it does attract mod points here.
You lower yourself by resorting to insults. You made your point, I offer a rebuttal. This is a civil discussion.
Bravo!
Looks like the rest of the world gets the shaft, what with no balloons or streamers...
I wonder if the Japanese party packs include a full-sized huggable version of "Nanami Madobe"?
knowing about sensor sizes and lens quality would help dramatically improve the sale person's ability to up sell.
Of course, the opposite usually holds true for computer sales. Most people would be perfectly happy with the cheapest models in a product category. That's probably true for many other products as well.
I remember buying a washing machine and went to Sears in search of the sale item advertised in that Sunday's paper. The sales lady encouraged me to spend another $40 or so to get a machine with more cycles and features. For that price an upsell made a lot of sense. For someone buying an entry-level laptop to read mail, browse the web, and manipulate a few photos, there's really very little reason to buy a more powerful machine.
After reading the articles and this thread, I began to wonder whether banks should start distributing a read-only live-CD distribution that only contains the software needed to conduct online banking. In order to bank online, you'd have to reboot with the live CD. This eliminates the possibility of installed trojans and similar malware that might reside on the computer's hard drive.
Obviously this is going to be seen as a pain in the neck by consumers, but maybe it makes sense for commercial accounts? Given the radical differences in how such accounts are protected legally (read TFAs for details), and given that businesses presumably are less concerned about ease of use than consumers, commercial account holders might be willing to go this route. Of course some machines like netbooks and PDAs aren't well suited to this approach, but they're also not likely to be the types of client machines used in businesses. I presume it's possible to make read-only USB sticks for cases like this?
I maintain all my DNS servers and use DirectNIC as a registrar. I can't imagine using a registrar that won't allow you to maintain your own servers. I've been running DNS servers for fifteen years staring back when everything was registered at Network Solutions. It was actually a bit harder then to manage your own DNS since you had to register your servers with NetSol using a special e-mailed form. Making changes was cumbersome and slow. Now I can just change an entry on a web page at DirectNIC if I need to move a server.
Last June I submitted this story on joint endeavors between Intel and Nokia in the mobile space.
"The partnership will center around several open-source mobile Linux software projects, including the Moblin platform for Atom-based processors and the Maemo operating system developed by Nokia. Intel will also acquire a licence from Nokia that is used in modem chips to connect to third generation cellular networks."
The problem is that "malvertising" contains scripts. From the blog by Microsoft's attorney:
"Our filings in King County Superior Court in Seattle outline how we believe the defendants operated, but in general, malvertising works by camouflaging malicious code as harmless online advertisements. These ads then lead to harmful or deceptive content. For example, ads may redirect users to a website that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer. Malvertising may also directly infect a victim's computer with malicious software like Trojans - programs that can damage data, steal personal information or even bring the users' computer under the control of a remote operator."
Last weekend the New York Times distributed an ad like the one described which redirected browsers to a "scareware" site. The Times reported later that an apparently legitimate advertiser bought availabilities on its site, distributed legitimate advertising for a few days, then switched to distributing the ad containing malware over the weekend.
Advertising distributors should automatically scan all advertising for embedded scripts and refuse to distribute them. Suing fly-by-night operators isn't going to solve this problem. The advertising syndicators and their clients like the Times need to step up and start filtering the content they distribute.
Open source projects have been exempted by the US from crypto export restrictions for years.
Yes, but not to embargoed countries like Cuba, Iran, and North Korea. Mozilla consulted with the Federal Government after becoming aware of downloads to Iran.
From TFA, "During a recent Firefox download event, Mozilla posted a map on its Web site showing where downloads were occurring. Anderson said it became clear that a substantial number of downloads were coming from Iran. Mozilla then had knowledge that it was exporting to Iran, which could have put it in violation of the U.S export regulations, exposing the firm to criminal and financial penalties."
Last time I looked RHEL shipped with GNOME as the default. A quick search through redhat.com did nothing to disabuse me of that notion.
I just installed NoScript after getting redirected to the phony page. I reviewed all my browsing this morning and didn't see any particularly "dangerous" sites. One of them was, of course, nytimes.com. Little did I know....
As a user of Firefox on Linux, having my computer display a Windows-styled desktop folder and informing me that it was scanning my dll collection was both amusing and alarming.
For the curious, the browser is hijacked with Javascript and redirected to the phony scanning page which suggests using "Personal Viruscan." A bit of research this morning suggested it has been making the circuit this year but not on mainstream sites like the Times. However this site reports encountering the malware on a NY Times page as early as Septamber 7th. That person found it on a page about Jay-Z; I was reading the editorial columnists.
I grepped my Firefox _CACHE_ files for "virus," found the Javascript code there, but couldn't seem to attach it to a URL using "about:cache". Any hints?
Now I'm running noscript and pushing all requests through a Squid proxy on my firewall. At least I'll have a log to see what requests I've made. I'm guessing this came through the Times's ad syndication system, but I couldn't track down the source. I already run Adblock Plus and have a number of custom rules to block sites like brightcove.com and revsci.net.
The single consistent biggest complaint (apart from a certain office suite file compatibility) is the speed (and lack thereof) of its launch time.
Just curious since I don't use OpenOffice on Windows (I use Linux), but doesn't having OO preload its libraries speed up launch times?
From what I recall, what made Microsoft Office appear to launch so quickly was that most of the dll's it needs are started at boot time. (Helps when you control both the OS and the apps it runs.) I thought the prelauncher, or whatever it's called, was introduced with OpenOffice 2.0 or perhaps even one of the later releases in the 1.x series.
Want to give us some details rather than an offhand comment?
Presumably the City already have some backup and archiving systems in place; how expensive is adding email archiving to that infrastructure?
Regardless of how expensive it might be, it is mandated by Massachusetts law.
Not enough money? Give me a break. I can build a Linux box that runs MailScanner, stick it in front of whatever e-mail server they run, and have that box archive every single message. Throw in a few terabyte drives and the whole thing might come to $5-10K including my time. I consult to a Community Health Center and have built a fairly elaborate scripted system that archives emails for every single mailbox every night and rotates the archives in accordance with the health center's policies. I think I charged them something like a thousand dollars for that job.
It has nothing to do with not having enough money, and everything to do with incompetence. If they're not archiving email, what else aren't they archiving? How useful is it to have public disclosure laws when the systems are designed to avoid document archiving.
That's why I spent an extra $25 or so to add the well-supported Intel wireless card when I bought a 640m. It has a native Linux driver so I don't have to futz with ndiswrapper. It's worked flawlessly for a number of years now with both Fedora and Ubuntu distributions.
Did you spend even a moment checking to see whether all the hardware on that 640m worked well with Linux? Did you ask the Dell representative? Or did you just blindly assume it would work?
If you want someone to criticize, go complain to the wireless manufacturer (I suspect it's Broadcom).
Just curious, but how many of the people who "stepped up" actually paid for the proprietary software they switched to? I see lots of wannabe graphics designers on anime sites who use Photoshop; few of them actually paid for it.
Pirated proprietary software poses substantial competition to the open product space.
This idiocy seems to trace back to a woman who once worked for the Treasury Department and made this claim to a Reuters correspondent at a conference in Riyadh in 2005.
http://threatchaos.com/2009/03/evolution-of-the-cyber-crime-exceeds-drug-trade-meme/
http://blogs.zdnet.com/threatchaos/?p=480
In its PR release, Symantec justifies this claim with a footnote to "Source: US Department of Treasury."
Wow, I like this idea. Maybe we can call it Facebook for Phishers?
Well, I never expected that we'd be getting over 400 replies to this posting. I'll try to cover some of the most common responses.
First, some background. I've been using Linux on servers for fifteen years and on the desktop for perhaps six or seven. I have no qualms about editing config files or searching online for help with arcane problems. We don't use Windows here much any more for the obvious security issues it poses, and because I'm sick and tired of futzing with license keys and the like just to install a copy of XP on a machine licensed for Vista, or searching the web for drivers for a network card I pulled out of the closet.
Despite these experiences, I'm hardly a "Linux zealot." If my daughter chooses a school that makes using Linux difficult, we'll do what's required to cope. I do believe that institutions of higher education should make at least some efforts to support free and open computing platforms, especially ones like Linux with over fifteen years of development and millions of users worldwide. I understand why Linux adoption has been slow in homes and businesses, but colleges and universities should represent a much more fertile ground for open technologies to grow.
As for my daughter, she is looking to major in the biological sciences en route to veterinary school. She's not going to be spending much time in CS classes where I'd expect Linux to be much more common. She's also not going to be attending a school whose focus is on training people to use computers in a Windows environment. The computer she has now can dual-boot Windows and Linux; she just doesn't use the Windows side all that much. If she needs to run Windows-only applications, we'll deal with that through dual-boot or a VM.
My concerns are more targeted at the campus infrastructure. At some schools we've visited we heard that people needed to install a specialized Windows or OS X application to authenticate to the campus network or to print remotely. While we could certainly accommodate this requirement via a mixed Windows/Linux configuration, it would be a pain to have to switch to Windows just to print a paper. Some of the responses here suggest these are not unreasonable concerns. Qualifying a computer to run on a campus network isn't always a simple task either given the concerns about spreading malware across the campus. So I don't think it was out-of-line to ask whether other people who use Linux routinely have had problems interconnecting their machines with their campuses' IT infrastructure. I'm glad to see so many people reply that they don't really have this problem at all.
As for the "Linux support" is a misnomer response, of course I know the difference between the kernel and a distro. I don't really care if a school supports Ubuntu, Fedora, OpenSUSE, or none of the above. What I do care about is whether schools support open standards and open protocols, so that we won't need to worry about authenticating against an AD server, or installing a proprietary application that doesn't have a Linux build, just to use the network.
Nor did I expect that campus tour guides would be a useful source of information on Linux support. I've only asked this question a couple of times during our round of visits thinking that perhaps the guide may have had a friend who used Linux or heard about it from an acquaintance. In general the answer seems to be that half the campus likes Coke, half likes Pepsi, and no one has even heard of Royal Crown.
Finally, I thank my fellow Slashdotters who took the time to write reasoned and often detailed descriptions of their experiences. I appreciate your efforts very much.
Unless the contracts says music created during those recording sessions, not the songs that reached the final albums. As we haven't seen the contracts I wouldn't like to speculate.
Indeed, that question crossed my mind immediately as well. The contract required him to release seven albums with Sony, which he did, but we don't know what else the contract might have said about ownership to music produced during that period. These tracks appear to be outtakes from sessions that fell under the Sony contract. It's not all that hard to imagine that the contract assigned ownership of the rights to these performances to Sony.
No matter how educated I might want to be about the options available, I'm still limited to choosing among just those options. I'd like a cellular plan whose cost covers only the network portion and doesn't include a device subsidy. I've looked, and AFAICT, none of the major operators are willing to sell me just a connectivity plan.
I've been on the same plan for about seven years now because I'm a grandfathered Cingular user. Any plan I might switch to costs more for the same level of service as I have now. In comparison to the cost of wireline telephony or Internet connectivity, rising prices for cellular service make absolutely no sense. Since it seems likely that the cost of providing cellular service must have declined in the past decade as past investments in plant are paid off, I'm guessing the carriers are making some significant profits.
I'm all for educating consumers, but even an educated body of consumers can't do much when confronted with oligopoly pricing. There's no "free" market in cellphone service that I can see. If there were, I'd be able to go to AT&T or T-Mobile or some competing GSM carrier, buy a voice-only plan for $30/month, get a SIM chip, and stick it in my existing phone.
Is there room left nowadays for an ISP that seeks to provide the fastest and widest pipelines for people that are willing to pay that much extra?
Sure. This site suggests an OC3 (155 Mbit) connection will run you upward of $10K per month. Are you interested?
It's not like there aren't high-bandwidth solutions available; they're just not available at prices consumers can afford. I think my 20/5 FiOS business connection at $79/month is a pretty good deal in comparison.
As I mentioned in another posting, unlicensed distributors would need to obtain legitimate stock from somewhere. I presume wholesalers in these items know who is a legitimate retailer and who is not. If someone is dealing in legitimate licensed goods, they'd have to buy them at retail somewhere which significantly reduces the available profit margins from undercutting the manufacturer's preferred retail price. I suppose there could be arbitrage opportunities from buying at retail in one country and selling in another if prices or exchange rates are sufficiently out of whack, but I doubt that's a very common practice. Counterfeiting seems a much more profitable venture.
Regardless of first-sale laws, the DMCA is still not applicable to trademark infringement.
On the other hand, I can also see LV going after people selling legit LV products below the cost that LV thinks those products should be sold at.
I think that would be very difficult. LV products are licensed, so unlicensed competitors can't just ask a wholesaler to ship them a bunch of LV bags at cost, then resell them at less than published retail prices. It's pretty likely that anyone selling these items below retail either obtained a bunch that "fell off a truck" or is selling counterfeits.
The hosting company received emails CLAIMING to be from the manufacturer.
TFA states, "... Chen and his companies had been informed of the activity by Louis Vuitton." I don't see any reference to emails there. Perhaps you have another source for your assertion?
Would you feel any differently if they had received a registered letter from Louis Vuitton SA, or from Vuitton's attorneys in the US?