I'll talk about PayPal, not having had much experience with AP (some) and GCO (none).

Let's start with the fee structures. I can almost understand transaction fees for credit card payments given they are passed on to Visa/MC (though I am sure PP does not pay anywhere near as high transaction fees that they charge others). However, for payments from PayPal balance, the fees are atrociously high for not a lot of benefit. This is untenable if you want micropayments, and is really f'n annoying for stuff that is not "micro". When I give the recipient money, I'd like them to receive almost all of it -- possibly commensurate to the actual fees Visa/MC extract with a tiny percentage and no per-transaction fee for PayPal. Right now you're fleecing on balance-payments.

Dispute Resolution -- it takes quite a while. It may have to. Over the years PP has improved on this a bit by opting to freeze specific transactions and not entire accounts -- though this is at the whim of whoever decides something is "suspicious".
Moreover, looking at it from the perspective of a seller, if you want to keep your account, you are pretty much pressured into acquiescing on any and all disputes. PayPal, while charging a LOT of money for their services, shifts the responsibility for fraud towards the recipients of any transaction. Considering it is an eBay company, this is rather an interesting choice -- if I sell something on eBay and the buyer complains about not receiving his item or receiving a degraded version thereof, there is nothing the seller can really do to disprove this -- in the case of physical goods there may or may not be a shipping slip (but let's get real here for a minute, for private transactions the cheaper shipping options do not always provide those) which PayPal may or may not accept -- if you go "digital", there is nothing you can show. If a seller receives a dispute notice on a transaction, they can write it off right then and there. No chance in hell PayPal will eat it. Notice how this also does not give PayPal any incentive to increase account security, fraud protection, etc. You can claim that PayPal "cares" about this regardless, but why should it ?

PayPal acts like a bank, holding a balance, freezing transactions, etc -- at the same time it does everything in its power not to be regulated like a real bank in most jurisdictions. If I go to a bank in Germany to do a transaction, there is regulatory oversight with teeth in these cases. PayPal ? Fat chance.

There have been enough cases of PP freezing recipient accounts entirely; they may state a reason, but that's not worth the email it was sent in. This seems to happen when an account suddenly gets a bunch of payments from many sources. Maybe this has changed and ONLY the "suspicious" transaction are frozen now, but given history, I would not bet on it. Specifically, I would not want to use PayPal for any purpose where there is a possibility of a decent influx of transactions. I can go down to my bank's main offices and resolve issues in a matter of hours, if not minutes, should they really arise. I cannot do so at PayPal, and it can take weeks for them, dragging their feet.

Unfortunately some of the directions PP is going in are the same directions other payment/cc networks and regulatory bodies are going; as such your suggestion to use cash wherever possible is one I try to follow where possible. Businesses actually often prefer it -- the marketing blurb goes that handling real money costs more money than handling credit card or debit card payments -- this may be true if that is all you accept, ever, but if you accept cash (and who doesn't), you have those costs either way and save on the transaction fees (which are considerable especially for low volumes). In addition I actually get true anonymity. The amount of bullshit and crap spam even moderate use of eBay will yield to your inbox ... argh. I would love truly anonymous debit currencies, but realize it ain't gonna happen. Too bad, really.

Actually, I'll let your statement stand on its own as ample demonstration. Your choice of words, ad-hominem attacks, and general inability to converse intelligently make my point for me.

Option 3 : those complaining it's too complex are beyond help from a simple chart and need to get a better basic education. A chart that has 3 settings "Panic" "Tremble" and "Pie" would not exactly help educating -- it would just be a command-chart not even giving you the option to come to your own conclusions.

You love hyperbole, don't you ...

The facts remain, in any given field there are people more qualified than yourself to give advice and implement useful solutions. Good leaders (elected representatives) recognize this and get the best advice they can, instead of only what they want to hear, or "advice" from people patently unqualified to give any on the field in question.

And yes, when it comes to a nuclear meltdown scenario, I want the elite of nuclear power research to have much more of a say in what should happen next than an incompetent moron whose suggestions would just as soon cause supercriticality as being utterly worthless. While even a blind squirrel finds a nut sometimes, I don't want that chance to be taken. Likewise for other fields I am not an expert in.

There is moderation in this process since the decisions get made by elected officials. If they are any good, they will heed good advice.

First of all, you are not a citizen of Japan.

Second, you have a right to speak, but no right to be heard.

Third, if you decide to speak, and if you get the ear of somebody who can effect changes in policy, you damn well better present a coherent case. In order to do that, you need to have researched the topic at hand. A "gut feeling" based on some two-bit tabloid and a moron talking head on TV is not research. Anything else is irresponsible.

Given your statements thus far, I'm inclined to be disinterested in anything you have to say. You may be right on something, but I don't like the chances. I'd rather get my advice from somebody level-headed.

I'd be somewhat surprised if MS got /all/ the C&C hosts for this botnet. It would be surprising if they were all situated within the US, for one thing.

Maybe they did enough research to effectively cripple the botnet for now, anyway. But I would not be surprised if the botnet is doing just fine and new redundant C&Cs are being set up as we speak.

Greed. Sure they don't want to support paper checks anymore. But they want to offer "new" services for less money even less. Banks operate on the principle that nickle and diming their customers is the best foot forward, and any services offered for "free" are just to get them in the door or offer a competitive advantage they'd rather do away with were it not for the pesky morons a decade or two ago who thought free cheque processing should be something to compete on.

This is by design. The effective untraceability of cash has long been a "problem" for police states such as the US and most European countries. They will make sure no other form of monetary transfer developed from hereon our will ever have that same design flaw. All you need is a boogeyman (for most people, money laundering mafiosi type stories will be sufficient, for the rest use terrorists and child molesters) and suddenly you get access to a vast database of who exchanges money with whom for what when and how often. And it will most definitely not be used primarily to catch aforementioned boogeymen (which can still just deal in ... cash. Or bearer bonds. Or goods). Bonus points for slowly making people who use cash seem suspicious and giving cash an air of criminality (for 500€ notes, for instance, there are bunches of stories about how they are used by criminals).

Things like anonymity or even just simple privacy are not desired. Which is a shame -- I don't exactly want all my trading counterparts to know my physical address, or even my name. Not because of what I am doing being shady in any way, but I simply do not trust most people to use and discard, let alone protect, my data responsibly.

God forbid they don't extend credit to people unlikely to be able to repay it. That would be, like, like selling mortgages to people who can't afford them. That is what America is founded on !

Certainly there will be unforeseeable bankruptcies. The vast majority of them is foreseeable, however.

Vi Hart : http://www.youtube.com/watch?v=jG7vhMMXagQ

There's tau, pie, and pi in that video. In order of importance.

I am of the exact opposite opinion.

You left out Mexican politicians and drugs. Or Swiss bankers, really. The point is that the mere transfer of funds to a region is not indicative of illegal behavior. If you have intel on a specific person in that region and transfers going to/from him, excellent, now you might have a case. Even Japan has criminal elements -- hell, everybody and their mother even knows their name.

Yes, it is. Indicators, as you so eloquently call them, need to be captured. There are doubtlessly very valuable "indicators" in phone calls. We wouldn't be investigating anything other than the records that ping, and then dig into it. This is clearly for the good of the people.

You are making the case that infringing on people's civil liberties and rights is a good thing if it prevents terrorism. My point is that you are using very broad strokes fueled by xenophobia and prejudice if you do what you advocate; it's only reasonable to do the same for other groups (be they homegrown terrorists, non-islamic terrorists, etc.) Who knows whether Sweden is not facilitating the development of a new IRA !

You are not getting the point. These decisions are case-by-case and with oversight by a different branch of government. You can't just stop making the case because somebody else made some other case that resulted in the same outcome you are looking for.

You and I value these things differently then. In my eyes, it does.

The presentation from the 27th Chaos Communication Congress in Berlin last December (http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html) is available at http://www.youtube.com/watch?v=8bkg3AjY6fs or http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 .

Precisely my point, this should not be "extreme per-customer configuration". This should be default. And as I already said -- the configuration I am talking about on my end does not have to be supported by your tech support line. Having the option to do it yourself is what counts. Which I do. I don't expect you to troubleshoot my routing tables, tc, etc. -- in fact I'd be very surprised if anybody at all in your customer tech support line chain would have any idea how.

A decent sized IP can get decent firmwares with these options quite easily from their suppliers. Take FritzBoxes for example. Or have a look at the various OpenWRT-kind of things as a base. It is not as if you have to reinvent the wheelp.

Well yeah, as said, it costs money to provide services as advertised. Mostly in the laying/lighting fibre and non-core routers.

Uhuh. I have yet to see an ad that states the oversubscription percentage, the expected average availability of bandwidth, etc. -- or anything other than the "top speed" (with a small "up to" in front of it, which is not qualified further in any meaningful way).

A customer "attempting to overload any specific line" is a customer trying to use the speed allotted. You are basically not providing him the service he paid for. Again, this is fine if it happens once in a blue moon, it is not fine if it happens every day -- that tells the story of how your oversubscription us miscalculated and your lines underdimensioned.

I did not say you had to overprovision. It is understood that, given 1000 households, there will be a large percentage that do not use the advertised speed and traffic all the time. In fact, usage on average will be much, much lower. A marketing guy will now complain about the top 5% of these households as being bandwidth hogs and cut em off (or have techies cut em off). A few months later, there are still 5% that have unproportionately high bandwidth usage. That's the nature of the beast. The idea is not to cut those households off, the idea is to provide enough bandwidth for the usage pattern you are seeing. This will be drastically below 100% on average, but some customers can and will use the allotted bandwidth. And unless you plan to change your advertising, "unlimited" plans, and all that crap, you should provide these things. There is nothing at all wrong with not providing an unlimited data plan.

As opposed to administrating DPI and customer service calls / complaints caused by that ?

As I already said, I don't want you to support my network configuration. I want you to provide sane defaults, open standards, and a specific, well-defined product. If I shoot my routing tables with a shotgun, it's my mess to fix, not yours. You just better not drop packets delivered to you in accordance with the plan purchased.

We'll just have to disagree on both the numbers and the intent :) I don't fault you or your company at all for doing what they think is in their best interest. I take issue with false advertising and subverting the practice of "best effort delivery" by curtailing its potential.

$10/mbit is quite expensive when I am providing the servers, have no burstable, and you can likely fork off the traffic in peering. Hell, I can get 95th transit for a fraction of that, at the same commit. Looking over the big lake (and I am usually based in Europe, so I know the market a bit better here), it is quite easy to get 100mbit/s unmetered including a decent-powered server for that price; even burstable to 1gbps.

I count AT&T as one of the evil ISPs. Well technically AT&T surpasses them in evilness quite a bit. I realize it's a LOT cheaper to get bandwidth at MAE-E/W than it is to get in a rural city due to monopolistic/oligopolistic corps that basically got a whole lot of infrastructure for free. This, however, does not absolve ISPs of wrongdoing in marketing and spending R&D on shaping, DPI, etc. instead of on infrastructure investment. I hope you also see where I am coming from on that.

Seldomly is this advertised clearly. Hell, most marketing departments try to suggest exactly the opposite.

Again, marketing suggests otherwise. The fine print does not, you are correct.

Well, usually the rest of the provider's core network, or regional core if they are bigger.

Correct again. And this is where proper capacity planning comes in. If you do your job right, customers will never notice this oversubscription (but for in very exceptional cases like a world-wide news event that everybody and their mother tries to stream). The ISP does not need to provide 2gbit/s from this hypothetical node (and my gut says 0.5gbit/s should be within the realm of being ok for current usage, maybe even overdimensioned -- but this depends on data I don't have). As a provider you now have the choice -- either anticipate consumption on this, let's call it circuit, circuit, or defraud the customer by not fulfilling their advertising promises. If this connection to the core is at capacity for some reason, it's ok -- if that is the exception, and not what happens every single night. If you do your statistical analysis well, this will happen rarely (basically only if customer usage patterns change due to a new killer app you did not anticipate).

There is no reason to assume that 100% of your customers are going to use 100% of their allotted bandwidth 100% of the time.

Correct. And this is a dire failure in network and capacity planning. Does not take rocket science, at all.

Really, really good operators would try to anticipate these usage patterns and work on solutions -- we have had multicast technology for ages, but it has only very recently seen increased usage for TV delivery, and then only in the local network of the provider. No technical reasons this has to only be in-network. And if Akamai can build effective caches and delivery mechanisms for thousands of networks, so should a decent ISP. Of course that would require some foresight and balls. For instance, BitTorrent does support provider-run reflectors which could easily cut the external bandwidth usage by a ton -- but then the provider would have to have the balls to actually do their job and defend its right to run cache servers, not just bow to the MPAA/RIAA/etc. -- like they have in the past for Usenet. Off the top of my head, I could not name a US national provider I would recommend people trust enough to enable BitTorrent reflector support in in their clients .

It's an excellent expression of art. I'd go so far as to say that the intent of the author was for precisely this to happen. The key is meaningless, the flag is meaningless, the fact that it's being taken down is a very powerful message and comment on where free speech is at.

That is where it started. It has since gotten out of hand. Plenty (and I mean PLENTY) of good, useful, encyclopedic articles have been deleted. Most by people who have no idea what the fuck the articles were even about. Find something in the "community" rules (=cabal rules) to hang the article with and do it. It's a sport to them.

I have stopped contributing to Wikipedia for this and some other reasons (among which the senseless timewasting in "discussion" pages with sockpuppetry, cabal-mentality, and inane stuttering about bullshit left and right). And I wasn't working on the latest Pokemon monster traits, either. Wikipedia has a real problem in the system. It is not likely to get fixed either -- many people who could and would contribute excellently don't -- because they don't have the time to deal with nitwits starting senseless revert wars, inane discussions that lack understanding of the basic concept the article itself is about, etc.

You are right, there are other wikis out there, other ways to share your information, other ways to share your knowledge, other ways to make your field of expertise accessible to people. I still think it's a damn shame that Wikipedia can't be that place even for its stated purpose. At least it serves as an example of what to avoid in the future.

Also, symmetric, fibre "pipes", the ample provisioning of which is called network planning and infrastructure investment. Which the ISP does not want to do.

You are, of course, exaggerating. Maybe 80% of your callers are morons. And that's not 80% of your customers, by a long shot. I don't call my ISP. I know a lot of people who do not call their ISP. Well ok, that is not true. I called my ISP twice the past 10 years. Once their transatlantic routing was f'd up (sending packets to the US via Japan), and once they has unscheduled, unannounced downtime when I was working.

We all love anecdotes like that. I mean really, sharing PEBKAC stories is fun. Of course, one could now come up with something to set yourself apart from the competition like providing a well set-up shaping firmware on your CPE "router" -- which a user could disable if they wanted to. Just like I can, right now, use my Linux box to connect to the network instead of using the plastic piece of shit my provider provided. In that case, the user has the choice, and the default can be whatever generates fewest customer service calls.

You went off on a tangent there. We were not talking about port 25 filtering so far. Good ISPs allow their users to disable port 25 filtering if they so choose -- really good IPs just make sure that their DUP/DSL/etc. IP ranges are listed in the proper DNS lists, as well.

Only if your network is shoddy. Sorry, them's the breaks.

So you are in favour of 2-year lockins then ? I'm perfectly happy with month to month or even 3-month plans. That gives you an incentive to not have, you know, shoddy networks. If that means you are not gonna give me a plastic piece of shit for free, so be it. Thankfully some ISPs offer this, but most of the "industry" is going the way of mobile plans with 24 month lock-ins and 12 month renewals. I guess that's what you get in an oligopoly.

I don't need you to "fix" my "shit". I am perfectly capable of fixing it myself. So long as you give me what you advertised without any funny business. In that case I don't even need to call you. But you damn well better be prepared to have weekly calls about if you filter my traffic and won't let me out of the contract for 24 months (that is if the shaping actually affects me -- say my ssh sessions). I'm prepared to pay above market average, but not 25 times market price for this. And if you are not prepared to provide what you advertise, then yes, I do hope you go bankrupt and serve as a lesson of why defrauding your customers is bad. I'd be most grateful for that.