Looking at SiteKey, it seems to miss the problem. It tries to address authenticating the user to the site in a more secure, less prone to theft, way. The problem is, that's not usually the problem. The more common problem is how to authenticate the site itself to the user before the user presents any information (username, password, account number and such). SiteKey seems to treat this almost as an afterthought, and certainly not the main problem to be solved.
One solution I thought of involves SSL certificates. When I sign up for a web site, why can't I simply create an entity in my browser for the site and say "The current SSL certificate belongs to entity X.". Then later, if I want to visit entity X's site and be sure I'm really talking to them, I select "Entity X" from a pull-down menu or something. When I do that, from then on that window is limited to only SSL connections using certificates I've said belong to entity X. Non-SSL connections, or SSL connections that present any other certificates, are either rejected outright or show me an error with details. Now anyone wanting to spoof a site doesn't just have to spoof the site, they've got to crack the SSL handshake sequence as well or my browser's just going to go "That isn't who you think it is.". The nice thing is that the SSL protocol already has bi-directional authentication built in, it simply needs to be used.
This doesn't even require any sort of absolute identity, either. I'm not so much interested in knowing that it's really any particular entity, just knowing that it's the same entity as when I signed up would be sufficient for most purposes. A self-signed certificate from a site would suffice as long as I was sure I was really talking to them when I signed up and associated the certificate with my idea of who they were. You could do absolute identities, though, just by using the same process but get the certificates directly from the CA, ie. instead of signing up on Bank X's site and associating there, I go to Bank X's CA's site, get the certificates from there and associate them even before I sign up. This isn't neccesary to stop most phishing schemes, but it'd be a nice addition that lets you be sure when you sign up that you're signing up with who you think you are.
Actually it is. Stable means your stations stay where you put them. The fact that they're at the top of the gravity well means you can just roll the equivalent of rocks downhill to hit your target. Take a look at Meteor Crater in Arizona, and consider that a big rock was all it took to make that. Now put that crater on top of Washington DC. Meanwhile, since your enemy's at the bottom of the gravity well, to shoot back at you he needs to use very expensive rockets that are really really visible during boost phase and'll take hours at a minimum to get any useful payload up to you. Most of that time the payload'll be on a nice predictable ballistic trajectory on which you've got a good plot, giving you hours of target practice on it before it gets anywhere near being dangerous to your station. In this situation, the only viable option for your enemy is to try and cut the supply lines to your station and hope your station runs out of food, air and such before it's pounded them back into the Stone Age and interfering with your supply lines isn't an option anymore (this is, of course, unlikely if your station's designers had half a brain).
It's the compiler that's got two paths in it. If you compile on an Intel CPU, it goes down the path that generates fully-optimized code. If you compile on an AMD CPU, it goes down a path that generates less-than-optimal code. Result: programs compiled with the Intel compiler on an AMD CPU contain slower code than those compiled on Intel CPUs. Presumably this would contribute to benchmarks and performance measurements that showed AMD CPUs to be slower than Intel, since the people measuring the performance wouldn't have any reason to suspect that the same source code compiled with the same compiler and the same set of compiler options might in fact differ based on which CPU the compiler had run on.
Be aware that the drop-dead letter doesn't stop the collection agency from contacting you. It just prevents them from doing so outside the legal process for collecting the debt, ie. suing you. For a bogus debt or a small debt the CA will probably just drop it, but if the debt's significant and legitimate the next communication is likely going to be a summons to appear in court.
I'd note, though, that the collections agency and the creditor may be in hot water via the Fair Debt Collection Practices Act, given that they're trying to collect on a "debt" you never incurred. If they report the "debt" to a credit bureau they may also be in hot water under the Fair Credit Reporting Act (but I doubt they're that stupid). If you have to go to court, it's easier to go as the plaintiff rather than as the defendant.
The study ignores a basic item: the municipalities that're looking at this are doing so because they can't get broadband service to residents any other way. Whether it'd be more expensive than private service isn't relevant if the private companies won't provide service in those areas. When one of the lobbyists for the cable and telephone companies gets up and blasts the cities for wanting to waste taxpayer's money, I'd love a legislator from the affected area to get up and ask "So then, will your company agree right here and now to provide broadband service at a price no greater than what we're proposing (that you say is too expensive)? What's that, you won't? Then if you won't provide service why are you complaining that it's unfair that we go ahead without you?".
The BSD license offers more advantages to companies looking to sell software derived from existing software. They can take BSD-licensed code, do what they wish with it and treat the results as their own proprietary code.
The GPL license offers advantages to end-users long-term. Anyone wanting to take advantage of the starting point GPL'd software offers has to return the favor in the form of their code. Essentially it makes developers let other people take advantage of their work in the same way they took advantage of others' work. It also guarantees that, as an end-user, you're never in a position where you can't get fixes and modifications to the software.
Which one is better for you as the author of the software who has to decide on the license to release it under depends on your goals for the software.
An easier way would be to avoid the Web entirely. There's a large number of FTP servers out there, many of which support FTP-over-SSL. Both Windows and Mac support accessing folders via FTP just as if they were local or network-shared folders. Configure the FTP server to authenticate against an LDAP directory (this should be trivial if the server OS is set up to authenticate using PAM) and you're ready to go.
You don't get it, do you? The deal with the GPL isn't merely that you don't take away. The deal is that you add. If you want to play in the sandbox it's not enough that you not take away from the other kids, it's that you bring another toy to the sandbox for everyone to play with. You want to come and play with everyone else's toys, but you don't want to bring your toy to let everyone else play with in return.
In short, if you don't want to pay for the benefits don't complain when people won't let you have them. The GPL just asks payment in kind rather than cash.
Your math is weak, grasshopper. Suppose there's 5 kids in the sandbox, each with one toy. 5 kids, 5 toys. Now a 6th kid comes along and contributes his toy. 6 kids, 6 toys.
Contrast this with what you want. 5 kids, 5 toys. Then you come along. You want to play in the sandbox with everyone else's toys, but you don't want to let them play with yours. 6 kids, 5 toys. The discrepancy should be clear.
If you wish to do whatever you want with your code without having to worry about anyone else's licenses, you need to do just that: use your code without using anyone else's. But that's not what you're asking for.
You seen to think "open" == "unrestricted". This isn't the case.
And there may not be fewer toys than there were, but there also aren't more. The point of sharing in the sandbox is that every person who joins in adds more toys for everyone. You want to join in and play but not add more toys. That's not the deal.
You aren't in violation of the GPL when you add that one line of code. You're in violation when you start shipping code licensed to you under the GPL to other people without complying with the terms of the GPL.
Now, what you've done when you've taken someone else's code, made modifications to it and started to distribute it as your product, is to take someone else's code for your benefit. You've gained the ability to market that product without bearing the costs of writing all of the original code yourself. That's a considerable benefit you've derived. All that the person who gave you all that code you're benefitting from is asking is fair play: you've gained benefit from using their code, you let others gain the same benefit from using your code in the same way. As I said, that sounds eminently fair to me. And of course there's the flip side: if you want to keep your code closed and not let anyone else benefit from basing their products on it, then the author of the GPL code is going to do the same and not allow you to benefit from their code. Again, this sounds eminently fair: the GPL code's author is simply making you play by the same rules regarding his code as you want everyone else to play by regarding your code.
The best analogy for your position I've come up with is a spoiled 2-year-old in a sandbox wanting to play with everybody else's toys but not wanting to let anybody else play with theirs. They don't see what's wrong with that logic either.
No, they're dictating what you can do with their code, that is that you aren't allowed to redistribute their code unless you give other people access to your code on the same terms you got access to their code. You're free to do whatever you want with your code, so long as it's 100% your code with no traces of their code involved. What you want is to distribute products containing both your code and their code, but conveniently ignore the license terms that go along with code that doesn't belong to you and isn't yours to set license terms on.
First off, your code belongs to you even under the GPL. What you're running into is exactly that, but not involving you: the other person's code belongs to them, not you. When you use someone else's code, you're taking their work for your benefit. As long as you just use it yourself (or for your company/employer), they don't ask anything of you. All they ask is that, when you start distributing it to others, you allow others to use your work the same way you used theirs. To me that sounds eminently reasonable. What you're asking is to be able to take someone else's work, use it for your benefit and profit and not have to pay them anything. That doesn't sound reasonable.
You always, of course, have the option of contacting the owner of the code you want to use and negotiating another license. I'm pretty sure they'll be amenable to letting you use their code any way you want if you're willing to pay them in cash for the privilege. Of course, I'm minded that if you were willing to pay for the use of code like that you'd be doing it and not complaining here.
I have to disagree with Eric. Certainly open-source would be more widely adopted if it didn't use the GPL, but it wouldn't be more successful. A lot of it's success is because of features that've gotten added over time as people needed them. The GPL is what enforces that add-back. Without it individuals would probably contribute back but corporate-sponsered development would've probably been locked up on the grounds of "protecting our precious IP". We would've lost a lot of features, and we would've seen a splintering like we did with Unix itself as companies fought to make their own subtly-incompatible versions of software to insure their customers stayed locked in and buying from them. We saw Microsoft try this with the non-GPL'd Kerberos software, and the only thing that prevented it was MIT getting nasty about trademarks. Without the GPL this would be the norm, not an exceptional example.
It is subcontractors that're the problem. Multiple layers of subcontractors are standard in the construction industry, and always it's the general contractor that's responsible. He's responsible for making sure his subcontractors do the work right within the rules, and if they subcontract out he's responsible for their subcontractors. If there's a problem the general contractor's the one on the hook, and if he didn't write contracts to keep the subcontractor chain on the hook with him that's too bad for him. The law's already been settled there: the general contractor (the one the person having the building built signed a contract with) is the one responsible for the building, period, and mere ignorance of what his subcontractors and sub-subcontractors were doing doesn't absolve him of that responsibility (he may be shielded if someone down the chain actively mislead, but even then he's responsible for checking the work).
Note that the above doesn't prevent the subcontractor or sub-subcontractor from being nailed too. It just holds the general contractor liable. I'm pretty sure that "seller's market" won't be for long if Elliot Spitzer starts sending people to jail. Few companies wanting advertising done are going to want to take the risk alone.
And why don't you know what the subcontractors you're using are doing? I know that, in every other industry that subcontracts work, the general contractor is ultimately responsible for the work. If they don't know what the subcontractor's doing, they get dinged for that on top of the actual faults in the work. Perhaps, if you don't have the expertise to ride herd on your subcontractors yourself, you should begin doing what construction and other general contractors do and write clauses into your advertising contracts that provide for big, nasty penalties for subcontractors who use adware/spyware and make those subcontractors liable to you for any problems they cause that cause you any liability, plus requires the people you hire to include indentical clauses in their contracts with anyone they subcontract out to as well (with likewise nasty penalties for failing to do so). Then enforce those clauses strictly. If the agency balks, take your business elsewhere because that's a sure sign they are doing something underhanded and don't want to be nailed down on it.
When you file for unemployment, your last known employer is notified and gets a chance to protest (eg. by claiming you were fired for cause or quit, rendering you ineligible for UI benefits). The state tax people know who your last employer was because the employer is remitting your tax withholding and the UI people can and do cross-check to verify employment and salary to calculate your benefit amount, so verifying that the last employer you claimed on your paperwork is really the last one who sent in a tax payment for you should be easy. When your employer gets a notice about your UI claim when you're still working for them, they should be raising a flag either with you or the unemployment office. At this point the scam should come undone and the case turned over for investigation. If that doesn't happen, someone's really fallen down on the job.
You're confusing GMail with the Google search engine. I use the Google search engine all the time, but I don't use GMail and I assure you Google has no access to my e-mail just because I run a search on them.
However the reality is that a large part of the content of the internet survives because people are willing to look into ads.
If this were true the DoubleClick wouldn't be complaining. They're complaining because the majority of people aren't willing to look into ads and are taking steps to insure they don't have to. And frankly I consider refusing to look at obnoxious ads "freeloading". I'm not obliged to read the advertising flyers in the newspaper (as opposed to dropping them in the recycle bin unread), I'm not obliged to sit there and watch the ads on television (as opposed to going to get a drink while they're on), and I'm bloody well not obliged to look at the annoying bit of flash some suit's decided to slap up on a Web page.
Smith is obviously oblivious. He's talking as if the kind of intrusive, evasive ads his company does are the only kinds out there. To counter that, I'd point to Google. Google runs plenty of ads. They make lots of money off their ads. And nobody's up in arms about their ads, nor do you see anything being added to browsers to block them. That's because Google's ads are, as in a newspaper, clearly distinct from the content and don't interfere with the user getting at the actual content they're there for. And the ads are, gods help me, actually useful. More often than not, if I'm looking to buy what I'm searching for I find myself clicking through Google's ad links because I've found I'm likely to be able to buy what I was looking for. Smith simply isn't getting the hint, and if he doesn't he and the marketers like him will naturally go the way of the dinosaurs.
As for free content disappearing, I doubt it. Content supported soley by intrusive ads will disappear, but there's a lot of content out there that won't be affected:
Search-engine results where the advertising on the pages follows the Google model.
Content that's actually worth paying for access to. Yes, it actually exists.
Content where profit isn't the principal motivation of the person putting it up. I hate to tell Smith this, but most of the good content isn't put up by his precious corporate patrons, it's put up by hobbyists and amateurs simply because they want it up.
That shouldn't shield them. Sure I don't pay for the fraud, but there's a lot of damages I can claim against them anyway: purchases I couldn't make because the fraud had maxed out my card, time spent clearing up the fraud (we're talking a fair number of hours and my company charges anyone else $90/hour for my time, why should the mishandler get a discount?), the hassle and fees when automatic payments that normally go on the card and that would've been handled fine absent the fraud get rejected because of the amount the fraud's put on the card, etc. etc.. Just because the companies claim zero liability doesn't mean they have zero liability, and the processors like CardSystems don't even have that because I (as cardholder) have no agreement with them at all (in fact I don't even know they handled the transaction). Now, I'd think primary responsibility would lie with the entity that directly mishandled the data (in this particular case the processor), but if the card issuer was the one who mishandled the data or if they don't take steps to prevent further misuse by processors and such they need to be held liable or we're just going to see more of this. Look what the California law holding them responsible for disclosure has done for the issue.
That's what I want to know: when will companies that mishandle data like this be held 100% responsible to the people whose data they mishandled for the losses, fraud, etc.? I'm of the opinion that only when mishandling data results in actual financial consequences to the mishandler will things change.
Bear in mind that the photographer doesn't own all rights to the photos. The models and others appearing in the photos retain the rights over their own images. That's why photographers demand model releases before shooting. One thing I tend to do is make sure (by modifying it if neccesary) that the release specifies that my likeness can only be used for specific purposes. I figure fair's fair, if the photographer demands that I pay him for reproductions of his shots beyond what I originally paid for, I'm entitled to demand that he pay me for reproductions of my likeness outside what I originally contracted for. This bothers a suprising number of them, but if they don't want a fair deal I'll cheerfully take my business elsewhere.
The article may have a point. Of course, that point is it's own counterpoint. How often have people used things like Google's cached copy of data or the Wayback Machine to prove that a company really did say or claim something after they'd removed or altered the claim and denied ever saying/claiming the original? Google's long memory cuts both ways, and I think it's too useful for keeping track of things to give it up just because it might track my things. And of course it can also be used to counter people who might claim I changed my tune or concealed something when I didn't.
States have never had the right to control strictly interstate commerce. The Constitution says that outright, granting that power to the Federal government, not the states. That's what the Court recognized here. This isn't to say the states can't regulate commerce in wine or alcoholic beverages in general. They can apply any rules they want to the sale of wines, it's just that only the Federal government can create rules that apply specifically to wines shipped between states. If the state wants to make a law that all wines have to be sold through a licensed wholesaler, they still can under the Court's decision. It's only when they say that out-of-state wines have to be sold that way but in-state wines don't that they run afoul of the rules.
Slashdot Mirror
Looking at SiteKey, it seems to miss the problem. It tries to address authenticating the user to the site in a more secure, less prone to theft, way. The problem is, that's not usually the problem. The more common problem is how to authenticate the site itself to the user before the user presents any information (username, password, account number and such). SiteKey seems to treat this almost as an afterthought, and certainly not the main problem to be solved.
One solution I thought of involves SSL certificates. When I sign up for a web site, why can't I simply create an entity in my browser for the site and say "The current SSL certificate belongs to entity X.". Then later, if I want to visit entity X's site and be sure I'm really talking to them, I select "Entity X" from a pull-down menu or something. When I do that, from then on that window is limited to only SSL connections using certificates I've said belong to entity X. Non-SSL connections, or SSL connections that present any other certificates, are either rejected outright or show me an error with details. Now anyone wanting to spoof a site doesn't just have to spoof the site, they've got to crack the SSL handshake sequence as well or my browser's just going to go "That isn't who you think it is.". The nice thing is that the SSL protocol already has bi-directional authentication built in, it simply needs to be used.
This doesn't even require any sort of absolute identity, either. I'm not so much interested in knowing that it's really any particular entity, just knowing that it's the same entity as when I signed up would be sufficient for most purposes. A self-signed certificate from a site would suffice as long as I was sure I was really talking to them when I signed up and associated the certificate with my idea of who they were. You could do absolute identities, though, just by using the same process but get the certificates directly from the CA, ie. instead of signing up on Bank X's site and associating there, I go to Bank X's CA's site, get the certificates from there and associate them even before I sign up. This isn't neccesary to stop most phishing schemes, but it'd be a nice addition that lets you be sure when you sign up that you're signing up with who you think you are.
Actually it is. Stable means your stations stay where you put them. The fact that they're at the top of the gravity well means you can just roll the equivalent of rocks downhill to hit your target. Take a look at Meteor Crater in Arizona, and consider that a big rock was all it took to make that. Now put that crater on top of Washington DC. Meanwhile, since your enemy's at the bottom of the gravity well, to shoot back at you he needs to use very expensive rockets that are really really visible during boost phase and'll take hours at a minimum to get any useful payload up to you. Most of that time the payload'll be on a nice predictable ballistic trajectory on which you've got a good plot, giving you hours of target practice on it before it gets anywhere near being dangerous to your station. In this situation, the only viable option for your enemy is to try and cut the supply lines to your station and hope your station runs out of food, air and such before it's pounded them back into the Stone Age and interfering with your supply lines isn't an option anymore (this is, of course, unlikely if your station's designers had half a brain).
It's the compiler that's got two paths in it. If you compile on an Intel CPU, it goes down the path that generates fully-optimized code. If you compile on an AMD CPU, it goes down a path that generates less-than-optimal code. Result: programs compiled with the Intel compiler on an AMD CPU contain slower code than those compiled on Intel CPUs. Presumably this would contribute to benchmarks and performance measurements that showed AMD CPUs to be slower than Intel, since the people measuring the performance wouldn't have any reason to suspect that the same source code compiled with the same compiler and the same set of compiler options might in fact differ based on which CPU the compiler had run on.
Be aware that the drop-dead letter doesn't stop the collection agency from contacting you. It just prevents them from doing so outside the legal process for collecting the debt, ie. suing you. For a bogus debt or a small debt the CA will probably just drop it, but if the debt's significant and legitimate the next communication is likely going to be a summons to appear in court.
I'd note, though, that the collections agency and the creditor may be in hot water via the Fair Debt Collection Practices Act, given that they're trying to collect on a "debt" you never incurred. If they report the "debt" to a credit bureau they may also be in hot water under the Fair Credit Reporting Act (but I doubt they're that stupid). If you have to go to court, it's easier to go as the plaintiff rather than as the defendant.
The study ignores a basic item: the municipalities that're looking at this are doing so because they can't get broadband service to residents any other way. Whether it'd be more expensive than private service isn't relevant if the private companies won't provide service in those areas. When one of the lobbyists for the cable and telephone companies gets up and blasts the cities for wanting to waste taxpayer's money, I'd love a legislator from the affected area to get up and ask "So then, will your company agree right here and now to provide broadband service at a price no greater than what we're proposing (that you say is too expensive)? What's that, you won't? Then if you won't provide service why are you complaining that it's unfair that we go ahead without you?".
The BSD license offers more advantages to companies looking to sell software derived from existing software. They can take BSD-licensed code, do what they wish with it and treat the results as their own proprietary code.
The GPL license offers advantages to end-users long-term. Anyone wanting to take advantage of the starting point GPL'd software offers has to return the favor in the form of their code. Essentially it makes developers let other people take advantage of their work in the same way they took advantage of others' work. It also guarantees that, as an end-user, you're never in a position where you can't get fixes and modifications to the software.
Which one is better for you as the author of the software who has to decide on the license to release it under depends on your goals for the software.
An easier way would be to avoid the Web entirely. There's a large number of FTP servers out there, many of which support FTP-over-SSL. Both Windows and Mac support accessing folders via FTP just as if they were local or network-shared folders. Configure the FTP server to authenticate against an LDAP directory (this should be trivial if the server OS is set up to authenticate using PAM) and you're ready to go.
You don't get it, do you? The deal with the GPL isn't merely that you don't take away. The deal is that you add. If you want to play in the sandbox it's not enough that you not take away from the other kids, it's that you bring another toy to the sandbox for everyone to play with. You want to come and play with everyone else's toys, but you don't want to bring your toy to let everyone else play with in return.
In short, if you don't want to pay for the benefits don't complain when people won't let you have them. The GPL just asks payment in kind rather than cash.
Your math is weak, grasshopper. Suppose there's 5 kids in the sandbox, each with one toy. 5 kids, 5 toys. Now a 6th kid comes along and contributes his toy. 6 kids, 6 toys.
Contrast this with what you want. 5 kids, 5 toys. Then you come along. You want to play in the sandbox with everyone else's toys, but you don't want to let them play with yours. 6 kids, 5 toys. The discrepancy should be clear.
If you wish to do whatever you want with your code without having to worry about anyone else's licenses, you need to do just that: use your code without using anyone else's. But that's not what you're asking for.
You seen to think "open" == "unrestricted". This isn't the case.
And there may not be fewer toys than there were, but there also aren't more. The point of sharing in the sandbox is that every person who joins in adds more toys for everyone. You want to join in and play but not add more toys. That's not the deal.
You aren't in violation of the GPL when you add that one line of code. You're in violation when you start shipping code licensed to you under the GPL to other people without complying with the terms of the GPL.
Now, what you've done when you've taken someone else's code, made modifications to it and started to distribute it as your product, is to take someone else's code for your benefit. You've gained the ability to market that product without bearing the costs of writing all of the original code yourself. That's a considerable benefit you've derived. All that the person who gave you all that code you're benefitting from is asking is fair play: you've gained benefit from using their code, you let others gain the same benefit from using your code in the same way. As I said, that sounds eminently fair to me. And of course there's the flip side: if you want to keep your code closed and not let anyone else benefit from basing their products on it, then the author of the GPL code is going to do the same and not allow you to benefit from their code. Again, this sounds eminently fair: the GPL code's author is simply making you play by the same rules regarding his code as you want everyone else to play by regarding your code.
The best analogy for your position I've come up with is a spoiled 2-year-old in a sandbox wanting to play with everybody else's toys but not wanting to let anybody else play with theirs. They don't see what's wrong with that logic either.
No, they're dictating what you can do with their code, that is that you aren't allowed to redistribute their code unless you give other people access to your code on the same terms you got access to their code. You're free to do whatever you want with your code, so long as it's 100% your code with no traces of their code involved. What you want is to distribute products containing both your code and their code, but conveniently ignore the license terms that go along with code that doesn't belong to you and isn't yours to set license terms on.
First off, your code belongs to you even under the GPL. What you're running into is exactly that, but not involving you: the other person's code belongs to them, not you. When you use someone else's code, you're taking their work for your benefit. As long as you just use it yourself (or for your company/employer), they don't ask anything of you. All they ask is that, when you start distributing it to others, you allow others to use your work the same way you used theirs. To me that sounds eminently reasonable. What you're asking is to be able to take someone else's work, use it for your benefit and profit and not have to pay them anything. That doesn't sound reasonable.
You always, of course, have the option of contacting the owner of the code you want to use and negotiating another license. I'm pretty sure they'll be amenable to letting you use their code any way you want if you're willing to pay them in cash for the privilege. Of course, I'm minded that if you were willing to pay for the use of code like that you'd be doing it and not complaining here.
I have to disagree with Eric. Certainly open-source would be more widely adopted if it didn't use the GPL, but it wouldn't be more successful. A lot of it's success is because of features that've gotten added over time as people needed them. The GPL is what enforces that add-back. Without it individuals would probably contribute back but corporate-sponsered development would've probably been locked up on the grounds of "protecting our precious IP". We would've lost a lot of features, and we would've seen a splintering like we did with Unix itself as companies fought to make their own subtly-incompatible versions of software to insure their customers stayed locked in and buying from them. We saw Microsoft try this with the non-GPL'd Kerberos software, and the only thing that prevented it was MIT getting nasty about trademarks. Without the GPL this would be the norm, not an exceptional example.
It is subcontractors that're the problem. Multiple layers of subcontractors are standard in the construction industry, and always it's the general contractor that's responsible. He's responsible for making sure his subcontractors do the work right within the rules, and if they subcontract out he's responsible for their subcontractors. If there's a problem the general contractor's the one on the hook, and if he didn't write contracts to keep the subcontractor chain on the hook with him that's too bad for him. The law's already been settled there: the general contractor (the one the person having the building built signed a contract with) is the one responsible for the building, period, and mere ignorance of what his subcontractors and sub-subcontractors were doing doesn't absolve him of that responsibility (he may be shielded if someone down the chain actively mislead, but even then he's responsible for checking the work).
Note that the above doesn't prevent the subcontractor or sub-subcontractor from being nailed too. It just holds the general contractor liable. I'm pretty sure that "seller's market" won't be for long if Elliot Spitzer starts sending people to jail. Few companies wanting advertising done are going to want to take the risk alone.
And why don't you know what the subcontractors you're using are doing? I know that, in every other industry that subcontracts work, the general contractor is ultimately responsible for the work. If they don't know what the subcontractor's doing, they get dinged for that on top of the actual faults in the work. Perhaps, if you don't have the expertise to ride herd on your subcontractors yourself, you should begin doing what construction and other general contractors do and write clauses into your advertising contracts that provide for big, nasty penalties for subcontractors who use adware/spyware and make those subcontractors liable to you for any problems they cause that cause you any liability, plus requires the people you hire to include indentical clauses in their contracts with anyone they subcontract out to as well (with likewise nasty penalties for failing to do so). Then enforce those clauses strictly. If the agency balks, take your business elsewhere because that's a sure sign they are doing something underhanded and don't want to be nailed down on it.
When you file for unemployment, your last known employer is notified and gets a chance to protest (eg. by claiming you were fired for cause or quit, rendering you ineligible for UI benefits). The state tax people know who your last employer was because the employer is remitting your tax withholding and the UI people can and do cross-check to verify employment and salary to calculate your benefit amount, so verifying that the last employer you claimed on your paperwork is really the last one who sent in a tax payment for you should be easy. When your employer gets a notice about your UI claim when you're still working for them, they should be raising a flag either with you or the unemployment office. At this point the scam should come undone and the case turned over for investigation. If that doesn't happen, someone's really fallen down on the job.
You're confusing GMail with the Google search engine. I use the Google search engine all the time, but I don't use GMail and I assure you Google has no access to my e-mail just because I run a search on them.
However the reality is that a large part of the content of the internet survives because people are willing to look into ads.
If this were true the DoubleClick wouldn't be complaining. They're complaining because the majority of people aren't willing to look into ads and are taking steps to insure they don't have to. And frankly I consider refusing to look at obnoxious ads "freeloading". I'm not obliged to read the advertising flyers in the newspaper (as opposed to dropping them in the recycle bin unread), I'm not obliged to sit there and watch the ads on television (as opposed to going to get a drink while they're on), and I'm bloody well not obliged to look at the annoying bit of flash some suit's decided to slap up on a Web page.
Smith is obviously oblivious. He's talking as if the kind of intrusive, evasive ads his company does are the only kinds out there. To counter that, I'd point to Google. Google runs plenty of ads. They make lots of money off their ads. And nobody's up in arms about their ads, nor do you see anything being added to browsers to block them. That's because Google's ads are, as in a newspaper, clearly distinct from the content and don't interfere with the user getting at the actual content they're there for. And the ads are, gods help me, actually useful. More often than not, if I'm looking to buy what I'm searching for I find myself clicking through Google's ad links because I've found I'm likely to be able to buy what I was looking for. Smith simply isn't getting the hint, and if he doesn't he and the marketers like him will naturally go the way of the dinosaurs.
As for free content disappearing, I doubt it. Content supported soley by intrusive ads will disappear, but there's a lot of content out there that won't be affected:
That shouldn't shield them. Sure I don't pay for the fraud, but there's a lot of damages I can claim against them anyway: purchases I couldn't make because the fraud had maxed out my card, time spent clearing up the fraud (we're talking a fair number of hours and my company charges anyone else $90/hour for my time, why should the mishandler get a discount?), the hassle and fees when automatic payments that normally go on the card and that would've been handled fine absent the fraud get rejected because of the amount the fraud's put on the card, etc. etc.. Just because the companies claim zero liability doesn't mean they have zero liability, and the processors like CardSystems don't even have that because I (as cardholder) have no agreement with them at all (in fact I don't even know they handled the transaction). Now, I'd think primary responsibility would lie with the entity that directly mishandled the data (in this particular case the processor), but if the card issuer was the one who mishandled the data or if they don't take steps to prevent further misuse by processors and such they need to be held liable or we're just going to see more of this. Look what the California law holding them responsible for disclosure has done for the issue.
That's what I want to know: when will companies that mishandle data like this be held 100% responsible to the people whose data they mishandled for the losses, fraud, etc.? I'm of the opinion that only when mishandling data results in actual financial consequences to the mishandler will things change.
Bear in mind that the photographer doesn't own all rights to the photos. The models and others appearing in the photos retain the rights over their own images. That's why photographers demand model releases before shooting. One thing I tend to do is make sure (by modifying it if neccesary) that the release specifies that my likeness can only be used for specific purposes. I figure fair's fair, if the photographer demands that I pay him for reproductions of his shots beyond what I originally paid for, I'm entitled to demand that he pay me for reproductions of my likeness outside what I originally contracted for. This bothers a suprising number of them, but if they don't want a fair deal I'll cheerfully take my business elsewhere.
The article may have a point. Of course, that point is it's own counterpoint. How often have people used things like Google's cached copy of data or the Wayback Machine to prove that a company really did say or claim something after they'd removed or altered the claim and denied ever saying/claiming the original? Google's long memory cuts both ways, and I think it's too useful for keeping track of things to give it up just because it might track my things. And of course it can also be used to counter people who might claim I changed my tune or concealed something when I didn't.
States have never had the right to control strictly interstate commerce. The Constitution says that outright, granting that power to the Federal government, not the states. That's what the Court recognized here. This isn't to say the states can't regulate commerce in wine or alcoholic beverages in general. They can apply any rules they want to the sale of wines, it's just that only the Federal government can create rules that apply specifically to wines shipped between states. If the state wants to make a law that all wines have to be sold through a licensed wholesaler, they still can under the Court's decision. It's only when they say that out-of-state wines have to be sold that way but in-state wines don't that they run afoul of the rules.