The problem at that job was that we were sys admins in the ISP department. The company had a separate internal IT department to manage employee desktops, except for ours. We were free to install what we wanted, as long as it was properly licensed. The two sys admins who infected the network were Windows guys; most of the rest of us (including me) used Linux desktops. Interestingly enough, the laptop that caused the problem was issued by the internal IT department, a fact that I found greatly amusing.
I think the only way to really teach people what you call basic common sense is to make them work the IT help desk for a month before they start their real jobs, and I don't see that happening any time soon.
Once you've had to clean up the mess that someone else made of their computer because they didn't understand nearly as much as they thought they did, you start to realize why the rules are the way they are. But until you've been there, it's very, very easy to just assume that IT is on a power trip, they are just trying to get in your way, they are just playing office politics, etc., etc., etc.
Data loss can be managed by the fact that everything's on version control, which is backed up. Traditional spyware and viruses will at worst take a machine down, at which point, it's the responsibility of whoever owns that machine to fix it -- or maybe they try to spread over the local network, at which point, staying patched and/or running a personal firewall will pretty much stop it.
That's a great theory, but more often than not, that *isn't* the way things really work. I've seen sys admins really bork config files that were using RCS. I've seen a virus take a network down for two days despite updated and running A/V and firewalls. Anyone who has worked in IT for very long is forced to admit that you can make it really, really difficult for your users to shoot themselves in the foot, but nothing you can do can guarantee security. The best firewall, the best anti-virus and the best revision/version control will give you some measure of protection, but it won't be 100% effective. Ever.
Exactly. That was my first thought when reading this article. It's fairly safe to assume that the employees at google are tech-savvy and motivated. It is *not* safe to assume that the customer service representatives, accountants and other non-IT workers at most other companies are equally knowledgeable about what is and what is not a good idea on company computers.
For that matter, even IT workers can be pretty adept at shooting themselves in the foot. At a place I used to work, one IT staff member was having problems with his computer in our sandbox network. Another IT staff member who was helping him troubleshoot the computer suggested they bypass the router and switch for our sandbox, and plugged the problem computer directly into a core network switch. Unfortunately, the problem with the computer was it had been infected with a virus...which then spread to (and hosed) most of the corporate network, rather than being restricted to our sandbox. Oops...
Personally, I greatly prefer a well-thought litany of insults to a vulgarity, and not solely (or even primarily) due to puritanical beliefs. Your example of "a bumbling ignorant uncultured swine of a simpleton" is, in my opinion, far more satisfying than "stupid f*-ing moron", especially if the person so named does not understand what you just said. It's one of the things I greatly enjoy about British humor -- the insults tend to be quite creative, and therefore much more enjoyable, than the crude and simplistic insults often found in American humor. And if you can leave the recipient of your tirade at a loss for what you said -- much less how to respond -- then so much the better.
In theory, you are exactly right -- tunneling VoIP through SSH is not a great idea for all the reasons you mention above. In practice, however, it works, and according to a network world (IIRC) article I read, it sometimes works even better than straight UDP. I'll have to see if I can find the article and post a citation; no promises, though. For a more concrete example, the company I work for provides network services to a client that has a number of remote sites served through a terrestrial microwave network. Their traffic travels through an OpenVPN tunnel, which, as I recall uses SSH to tunnel between endpoints. This customer is using VoIP phones at each of the remote sites, and it seems to work pretty well. I have run VoIP from my office to my home network (while testing Asterisk) through a similar OpenVPN tunnel, and again, it worked just fine. So while conventional wisdom says tunneling VoIP through a TCP-based protocol is not a good idea, it generally seems to work pretty well (at least in my experience).
However, I didn't think about how practical my quote of "ssh -f -N -L..." is, and you're right. Tunneling UDP through SSH isn't quite that easy, so I'll rescind my comment on that basis:)
You are talking about a quantitative rather than qualitative difference. Navigation was difficult in the 15th and 16th centuries. Weather was unpredictable. Power was by virtue of the wind -- too much or too little and the ships go nowhere. While you can fill your belly with fish, it is not a nutritionally complete food (can you say "scurvy"?). And if the early sea travelers got in over their heads (no pun intended), they were on their own. They had to be every bit as self-sufficient as current and future space travelers will have to be.
My point was not that space travel will be easy -- it won't. My point was that the early explorers of the New World faced very serious problems that pushed the limit of their science and technology, and space travelers in our age will also have to face problems that challenge the limits of our science and technology. But mankind has always risen to the challenge; we will do so again.
When given three choices, and two of them are obviously bad, but the third is unknown, which one do you choose? Do you pick one of the choices that you know is bad, or do you take the chance on the third option? Are you seriously suggesting that it is irrational to choose the option that at least has a possibility of being something different?
Points 1 and 2 are spot on for me. I like the power of using Linux. Linux doesn't assume I'm clueless and don't know what I'm doing. When I tell Linux to delete a file, it doesn't argue with me, it just deletes the file. Windows, on the other hand, tries to protect you from yourself...a characteristic that drives me absolutely insane. And yes, there is a bit of ego-stroking to use an operating system that many other people consider "too hard".
What I find ironic, though, is that despite the initial learning curve that you have to get past to use Linux (or any other *nix, for that matter), once you get past that initial hurdle, I think Linux really is *easier* to use than Windows. I was trying to help a coworker figure out how to convert MP3s to 8-bit 8kHz wav files to upload to a PBX the other day. After finally figuring out how to get WinAmp, Lame and Sox installed on his Windows machine, I had to figure out a way to let him convert a number of files in a batch. Eventually, I got it to work, but Windows is geared towards the GUI. Getting a command line script to work -- and getting a user who is only used to using the GUI -- was far more painful than it would have been in Linux.
Queen Isabella to Christopher Columbus:Carries a lot of implications for traveling to even near continents, with travel time measured in months instead of days...And you have to pack enough groceries to sustain the entire trip, grow your own or starve if there's a mishap. And those are our near neighbors, even the West Indies. Sailing across the ocean is going to involve a lot of research. Let's face it, we're adapted to life on land. Trying to carry these living conditions across the ocean is not only a technical challenge, it's a financial one as well...
But somehow, they figured it out, and we will, too.
I kinda suspect that Apache is losing market share (is that even an appropriate term for a free product? anyway...) because some other open-source products are starting to mature. For example, while I still run Apache on my personal projects, I've switched to using Lighttpd at work because I got fed up with continuous config file syntax changes on every new release of Apache 2, and I tend to update the work servers a lot more often than my home server. So, if IIS is holding steady, and some of the other open-source projects are maturing and taking some of Apache's share, then what do you expect will happen to the ratio of IIS vs. Apache servers on-line?
That's a terrible idea. What does it say about the constancy of Justice? That it can be perverted and sold to the highest bidder?
You mean as opposed to what we have now? Oh, wait...
Newer models can be produced but retrofitting is not looked upon kindly by the people who get to say whether or not a plane may leave the ground.
That's not exactly true. There are lots of examples where a company or companies have created products to retrofit general aviation airplanes, including refitting with new and improved engines. All it takes is a "supplemental type certificate" from the FAA. Getting an STC to put a mod on an airplane requires a little bit of work from the company that manufactures the modification, and just be cause the mod is approved on one make and model of airplane doesn't mean it can be used on some other make and model (it has to be approved by the FAA for specific makes and models), but it's a *whole* lot easier than certifying a brand new airplane.
For some specific examples of retrofit, look up a company called "LoPresti Speed Merchants". They make any number of modifications to a wide variety of GA airplanes, including 310s IIRC. Another example is the "Texas Taildragger", a Cessna 150 or 152 that has been upgraded to a Lycoming O-320 engine rather than the stock Lycoming O-235, has had the nose landing gear removed, the main gear repositioned slight forward and has had a tailwheel installed. Also, before Cessna re-introduced the 172 series in the mid-90's, there were also STC's to upgrade 172's with a 180 H.P. Lycoming O-360 engine rather than the stock Lycoming O-320. For that matter, I seem to recall seeing ads in various flying magazines to upgrade the engines in older Cessna 310 models from the original O-470 engines to O-520 (or maybe IO-520? I don't recall for sure) engines, so even the specific example you give isn't entirely true. It isn't cheap, but it can be done.
Not to play devil's advocate, but do we know it is the Chinese hacking the U.S.'s data networks?
One of the comments above mentioned that "just mentioning the words 'network security' in China can land you a lot of jail time." If this is correct, then it seems to me that there are probably a lot of unsecured networks and hosts in China. If that is the case, then how do we know that it is really the Chinese who are trying to hack DoD and business networks rather than some thirteen year old script kiddie in Hackensack who just happened to find a way into a computer in some backwater school in China?
Just because you are seeing hits from Chinese IP addresses doesn't mean the Chinese are behind it. The real question is "how deep does the rabbit hole go?" Unfortunately, there isn't really any way to know unless you hack the originating IP(s) yourself.
Signaturing a dynamic script is not effective. Signaturing the exploiting code itself is also not effective, since these exploits are changing continually to stay ahead of current zero-day threats and available patches.
Sounds like it would be rather difficult to get a checksum for you, sorry.
But most people have bad experiences with police, even if the police were doing the right thing. "Yah, I was doing 85 miles per hour in a 30, but American Idol was on. The cop laughed at that, but still gave me a ticket..."
And don't you think that if some luser actually posted such a review on ratemycop.com, anyone with half a brain would dismiss the poster as "-1 flamebait"?
OTOH, if I have a genuinely bad run-in with a cop (as I described in a previous post above) or the case where my wife was accused of doing 60+ in a 35 zone (she's very, very honest; I believe her...although I *do* tease her about it!), then if enough people post their conflicts with this same cop, then perhaps there can be a large enough body of evidence to encourage the local police department to review this cop's behaviour.
How was this moderated as insightful? It's not even consistent:
But what if you were the Police office who unfairly got poor reviews because you arested someone who deserved it...Being a policeman is not a good job if you want to be popular...Police also need a strong watchdog towards them because they fail to police themselfs (sic)...There are a lot of good cops but there are also a Lot of bad cops. and we do need find a way to get rid of the bad ones...
I agree; there are good cops and bad cops. My wife used to be a police dispatcher where I live, and by virtue of that, I met a lot of cops. Every one I met was a pretty good guy (or gal), but I have had run-ins with cops who seemed to have a severe case of "Barney Fife syndrome". For example:
* when I stopped behind the stop sign at an intersection, waited for a car to clear the intersection, then drove through the intersection (all as I was supposed to do), but was pulled over by a cop who couldn't see me stop at the stop sign because of a bush on the corner of the third street where he was stopped. He intended to give me a ticket for failure to stop until the passenger in the car with me verified that I had, in fact, stopped;
* when, as a teenager, I was asked for ID while standing in my own driveway in front of my own open front door at dusk. I was doing absolutely nothing suspicious (talking with my g/f), I was in a place where I absolutely had a right to be, and I most likely hadn't been anywhere else since I was barefoot at the time (in fact, I had been in the shower until my g/f came by).
IMHO, web sites like this one are *exactly* what the framers of the Constitution and the Bill of Rights had in mind when they drafted the First Amendment. While that doesn't preclude GoDaddy from terminating a domain (it's a private entity, not a public one), it does reflect poorly on GoDaddy.
Please excuse the stupid question, but how, exactly, is MediaSentry conducting their investigations? I always assumed (yes, I know that's dangerous...) that RIAA and their bloodhounds sat in some dark office somewhere surfing all the p2p networks looking for uploads. Anything they found, they attempted to download. Anything they successfully downloaded, they logged, then sent C&D notices to the ISP and/or obtained a subpoena or warrant and requested subscriber information from the ISP.
If this is, in fact, how MediaSentry et. al. works, then are they actually "conducting an investigation" in those states? If not, then this is (in my non-lawyer, non-expert opinion) a non-issue.
The more you fear,
The more you hide,
The more you lie. --Yes, "Let Go"
We need privacy because we are afraid. We are afraid of what people will think of us/do to us if they know our innermost secrets. We are afraid people will take what we have if they know how to access it. We are afraid that we will lose the respect and love of our friends and family if they know the things that we do/believe/have done that they don't approve of. And therefore, we have passwords on our accounts, we have secret combinations on the locks we use to secure our belongings, and we tell lies about who we are and what we believe.
If we could totally and completely trust the people around us, we would have no need of privacy. But we don't trust everyone, and therefore we hide things.
I actually prefer Craigslist to E-Bay. It's expensive to ship anything to Alaska, especially when 99% of the power sellers on E-Bay refuse to ship via anything but Fed Ex and UPS. Sure, there's UPS ground to AK, but it's only about $3-5 cheaper than 2nd Day Air (the next option we have), and takes two weeks instead of two days. So if I am looking at a small package on E-Bay, I know it's going to cost at least $25-30 to ship it. It's not unusual for me to look at 75-150% of the purchase price for shipping on E-Bay. So instead, I usually just try to find it on Craigslist and pay *no* shipping.
Craigslist rocks, IMHO.
Slashdot Mirror
Who is NOONE, and why should I trust him?
Don't I wish!
The problem at that job was that we were sys admins in the ISP department. The company had a separate internal IT department to manage employee desktops, except for ours. We were free to install what we wanted, as long as it was properly licensed. The two sys admins who infected the network were Windows guys; most of the rest of us (including me) used Linux desktops. Interestingly enough, the laptop that caused the problem was issued by the internal IT department, a fact that I found greatly amusing.
I think the only way to really teach people what you call basic common sense is to make them work the IT help desk for a month before they start their real jobs, and I don't see that happening any time soon.
Once you've had to clean up the mess that someone else made of their computer because they didn't understand nearly as much as they thought they did, you start to realize why the rules are the way they are. But until you've been there, it's very, very easy to just assume that IT is on a power trip, they are just trying to get in your way, they are just playing office politics, etc., etc., etc.
That's a great theory, but more often than not, that *isn't* the way things really work. I've seen sys admins really bork config files that were using RCS. I've seen a virus take a network down for two days despite updated and running A/V and firewalls. Anyone who has worked in IT for very long is forced to admit that you can make it really, really difficult for your users to shoot themselves in the foot, but nothing you can do can guarantee security. The best firewall, the best anti-virus and the best revision/version control will give you some measure of protection, but it won't be 100% effective. Ever.
Exactly. That was my first thought when reading this article. It's fairly safe to assume that the employees at google are tech-savvy and motivated. It is *not* safe to assume that the customer service representatives, accountants and other non-IT workers at most other companies are equally knowledgeable about what is and what is not a good idea on company computers.
For that matter, even IT workers can be pretty adept at shooting themselves in the foot. At a place I used to work, one IT staff member was having problems with his computer in our sandbox network. Another IT staff member who was helping him troubleshoot the computer suggested they bypass the router and switch for our sandbox, and plugged the problem computer directly into a core network switch. Unfortunately, the problem with the computer was it had been infected with a virus...which then spread to (and hosed) most of the corporate network, rather than being restricted to our sandbox. Oops...
Personally, I greatly prefer a well-thought litany of insults to a vulgarity, and not solely (or even primarily) due to puritanical beliefs. Your example of "a bumbling ignorant uncultured swine of a simpleton" is, in my opinion, far more satisfying than "stupid f*-ing moron", especially if the person so named does not understand what you just said. It's one of the things I greatly enjoy about British humor -- the insults tend to be quite creative, and therefore much more enjoyable, than the crude and simplistic insults often found in American humor. And if you can leave the recipient of your tirade at a loss for what you said -- much less how to respond -- then so much the better.
In theory, you are exactly right -- tunneling VoIP through SSH is not a great idea for all the reasons you mention above. In practice, however, it works, and according to a network world (IIRC) article I read, it sometimes works even better than straight UDP. I'll have to see if I can find the article and post a citation; no promises, though. For a more concrete example, the company I work for provides network services to a client that has a number of remote sites served through a terrestrial microwave network. Their traffic travels through an OpenVPN tunnel, which, as I recall uses SSH to tunnel between endpoints. This customer is using VoIP phones at each of the remote sites, and it seems to work pretty well. I have run VoIP from my office to my home network (while testing Asterisk) through a similar OpenVPN tunnel, and again, it worked just fine. So while conventional wisdom says tunneling VoIP through a TCP-based protocol is not a good idea, it generally seems to work pretty well (at least in my experience).
:)
However, I didn't think about how practical my quote of "ssh -f -N -L..." is, and you're right. Tunneling UDP through SSH isn't quite that easy, so I'll rescind my comment on that basis
You are talking about a quantitative rather than qualitative difference. Navigation was difficult in the 15th and 16th centuries. Weather was unpredictable. Power was by virtue of the wind -- too much or too little and the ships go nowhere. While you can fill your belly with fish, it is not a nutritionally complete food (can you say "scurvy"?). And if the early sea travelers got in over their heads (no pun intended), they were on their own. They had to be every bit as self-sufficient as current and future space travelers will have to be.
My point was not that space travel will be easy -- it won't. My point was that the early explorers of the New World faced very serious problems that pushed the limit of their science and technology, and space travelers in our age will also have to face problems that challenge the limits of our science and technology. But mankind has always risen to the challenge; we will do so again.
Sweet! I didn't know about that. I'll have to give it a try on my asterisk box.
How about "ssh -f -N -L...."? Tunneling IAX (or MGCP -- SIP is a bit problematic, since it chooses random ports) through SSH is pretty easy to do.
When given three choices, and two of them are obviously bad, but the third is unknown, which one do you choose? Do you pick one of the choices that you know is bad, or do you take the chance on the third option? Are you seriously suggesting that it is irrational to choose the option that at least has a possibility of being something different?
Points 1 and 2 are spot on for me. I like the power of using Linux. Linux doesn't assume I'm clueless and don't know what I'm doing. When I tell Linux to delete a file, it doesn't argue with me, it just deletes the file. Windows, on the other hand, tries to protect you from yourself...a characteristic that drives me absolutely insane. And yes, there is a bit of ego-stroking to use an operating system that many other people consider "too hard".
What I find ironic, though, is that despite the initial learning curve that you have to get past to use Linux (or any other *nix, for that matter), once you get past that initial hurdle, I think Linux really is *easier* to use than Windows. I was trying to help a coworker figure out how to convert MP3s to 8-bit 8kHz wav files to upload to a PBX the other day. After finally figuring out how to get WinAmp, Lame and Sox installed on his Windows machine, I had to figure out a way to let him convert a number of files in a batch. Eventually, I got it to work, but Windows is geared towards the GUI. Getting a command line script to work -- and getting a user who is only used to using the GUI -- was far more painful than it would have been in Linux.
Queen Isabella to Christopher Columbus: Carries a lot of implications for traveling to even near continents, with travel time measured in months instead of days...And you have to pack enough groceries to sustain the entire trip, grow your own or starve if there's a mishap. And those are our near neighbors, even the West Indies. Sailing across the ocean is going to involve a lot of research. Let's face it, we're adapted to life on land. Trying to carry these living conditions across the ocean is not only a technical challenge, it's a financial one as well...
But somehow, they figured it out, and we will, too.
I kinda suspect that Apache is losing market share (is that even an appropriate term for a free product? anyway...) because some other open-source products are starting to mature. For example, while I still run Apache on my personal projects, I've switched to using Lighttpd at work because I got fed up with continuous config file syntax changes on every new release of Apache 2, and I tend to update the work servers a lot more often than my home server. So, if IIS is holding steady, and some of the other open-source projects are maturing and taking some of Apache's share, then what do you expect will happen to the ratio of IIS vs. Apache servers on-line?
You mean as opposed to what we have now? Oh, wait...
That's not exactly true. There are lots of examples where a company or companies have created products to retrofit general aviation airplanes, including refitting with new and improved engines. All it takes is a "supplemental type certificate" from the FAA. Getting an STC to put a mod on an airplane requires a little bit of work from the company that manufactures the modification, and just be cause the mod is approved on one make and model of airplane doesn't mean it can be used on some other make and model (it has to be approved by the FAA for specific makes and models), but it's a *whole* lot easier than certifying a brand new airplane.
For some specific examples of retrofit, look up a company called "LoPresti Speed Merchants". They make any number of modifications to a wide variety of GA airplanes, including 310s IIRC. Another example is the "Texas Taildragger", a Cessna 150 or 152 that has been upgraded to a Lycoming O-320 engine rather than the stock Lycoming O-235, has had the nose landing gear removed, the main gear repositioned slight forward and has had a tailwheel installed. Also, before Cessna re-introduced the 172 series in the mid-90's, there were also STC's to upgrade 172's with a 180 H.P. Lycoming O-360 engine rather than the stock Lycoming O-320. For that matter, I seem to recall seeing ads in various flying magazines to upgrade the engines in older Cessna 310 models from the original O-470 engines to O-520 (or maybe IO-520? I don't recall for sure) engines, so even the specific example you give isn't entirely true. It isn't cheap, but it can be done.
Not to play devil's advocate, but do we know it is the Chinese hacking the U.S.'s data networks?
One of the comments above mentioned that "just mentioning the words 'network security' in China can land you a lot of jail time." If this is correct, then it seems to me that there are probably a lot of unsecured networks and hosts in China. If that is the case, then how do we know that it is really the Chinese who are trying to hack DoD and business networks rather than some thirteen year old script kiddie in Hackensack who just happened to find a way into a computer in some backwater school in China?
Just because you are seeing hits from Chinese IP addresses doesn't mean the Chinese are behind it. The real question is "how deep does the rabbit hole go?" Unfortunately, there isn't really any way to know unless you hack the originating IP(s) yourself.
Signaturing a dynamic script is not effective. Signaturing the exploiting code itself is also not effective, since these exploits are changing continually to stay ahead of current zero-day threats and available patches.
Sounds like it would be rather difficult to get a checksum for you, sorry.
chroot firefox? Hmmm...I wonder how that would work. I might have to give it a shot :)
And don't you think that if some luser actually posted such a review on ratemycop.com, anyone with half a brain would dismiss the poster as "-1 flamebait"?
OTOH, if I have a genuinely bad run-in with a cop (as I described in a previous post above) or the case where my wife was accused of doing 60+ in a 35 zone (she's very, very honest; I believe her...although I *do* tease her about it!), then if enough people post their conflicts with this same cop, then perhaps there can be a large enough body of evidence to encourage the local police department to review this cop's behaviour.
But what if you were the Police office who unfairly got poor reviews because you arested someone who deserved it...Being a policeman is not a good job if you want to be popular...Police also need a strong watchdog towards them because they fail to police themselfs (sic)...There are a lot of good cops but there are also a Lot of bad cops. and we do need find a way to get rid of the bad ones...
I agree; there are good cops and bad cops. My wife used to be a police dispatcher where I live, and by virtue of that, I met a lot of cops. Every one I met was a pretty good guy (or gal), but I have had run-ins with cops who seemed to have a severe case of "Barney Fife syndrome". For example:
* when I stopped behind the stop sign at an intersection, waited for a car to clear the intersection, then drove through the intersection (all as I was supposed to do), but was pulled over by a cop who couldn't see me stop at the stop sign because of a bush on the corner of the third street where he was stopped. He intended to give me a ticket for failure to stop until the passenger in the car with me verified that I had, in fact, stopped;
* when, as a teenager, I was asked for ID while standing in my own driveway in front of my own open front door at dusk. I was doing absolutely nothing suspicious (talking with my g/f), I was in a place where I absolutely had a right to be, and I most likely hadn't been anywhere else since I was barefoot at the time (in fact, I had been in the shower until my g/f came by).
IMHO, web sites like this one are *exactly* what the framers of the Constitution and the Bill of Rights had in mind when they drafted the First Amendment. While that doesn't preclude GoDaddy from terminating a domain (it's a private entity, not a public one), it does reflect poorly on GoDaddy.
Please excuse the stupid question, but how, exactly, is MediaSentry conducting their investigations? I always assumed (yes, I know that's dangerous...) that RIAA and their bloodhounds sat in some dark office somewhere surfing all the p2p networks looking for uploads. Anything they found, they attempted to download. Anything they successfully downloaded, they logged, then sent C&D notices to the ISP and/or obtained a subpoena or warrant and requested subscriber information from the ISP.
If this is, in fact, how MediaSentry et. al. works, then are they actually "conducting an investigation" in those states? If not, then this is (in my non-lawyer, non-expert opinion) a non-issue.
Not only that, but when you pass unenforceable laws, you tend to devalue laws in general.
The more you fear,
The more you hide,
The more you lie. --Yes, "Let Go"
We need privacy because we are afraid. We are afraid of what people will think of us/do to us if they know our innermost secrets. We are afraid people will take what we have if they know how to access it. We are afraid that we will lose the respect and love of our friends and family if they know the things that we do/believe/have done that they don't approve of. And therefore, we have passwords on our accounts, we have secret combinations on the locks we use to secure our belongings, and we tell lies about who we are and what we believe.
If we could totally and completely trust the people around us, we would have no need of privacy. But we don't trust everyone, and therefore we hide things.
I actually prefer Craigslist to E-Bay. It's expensive to ship anything to Alaska, especially when 99% of the power sellers on E-Bay refuse to ship via anything but Fed Ex and UPS. Sure, there's UPS ground to AK, but it's only about $3-5 cheaper than 2nd Day Air (the next option we have), and takes two weeks instead of two days. So if I am looking at a small package on E-Bay, I know it's going to cost at least $25-30 to ship it. It's not unusual for me to look at 75-150% of the purchase price for shipping on E-Bay. So instead, I usually just try to find it on Craigslist and pay *no* shipping. Craigslist rocks, IMHO.