The 5th Amendment applies if you're being charged by the government (criminal charges). It does not apply if you are being charged by a private entity (civil charges).
If the company sues you, they will depose you or put you on the stand, and you will be (under oath, and under penalty of perjury) obliged to tell the whole and unvarnished truth.
If you had even bothered to read the ruling, you would have noticed that the judge considered that. The ruling specifically says that uesrs of clients that DEFAULT to logging things are safe, but if you have to enable logging, you could be in trouble. No, it doesn't make much sense. Hopefully somebody will fix the legislation.
As for jurisdiction, that's a good question, and one that nobody has a good handle on. As we have seen, you might be arrested if you violate a country's laws while outside its borders but later enter it. I doubt any country would want to extradite someone for logging casual chats.
You see, all you tin-foil-hatters out there, the technology already exists to track you, if they really wanted to. But they're not. Not to that degree.
They are not interested -- probably because doing what you suggest would require that the bank disclose what they are doing. Regulation E (12 CFR Part 205) requires initial disclosure of when they give customer data to third parties. You can probably imagine how long a bank would stay in business if they admitted they whored your customer data out. Thanks for playing, though.
For a retailer to use rfid on its products for anything other than loss prevention, it needs to be on every product. That means small and cheap, which in turn will drive the manufactures to make them with as low of a signal and as little storage capacity as possible to meet the retailer's needs.
The incremental cost of adding 96 bits of storage (say, going from 32 bits to 128 bits) is much lower than the benefits reaped from having the extra data. I mention 128 bits because most/.'ers have heard how much we can address uniquely in IPv6. I would be very surprised if many RFID tags were deployed with as little capacity as you suggest: it is ROM, not RAM. Burning a few bits of ROM is very very easy.
Why limit your concern to the government monitoring you? I would bet most doorways you go through are within five feet of your shoes, pants, shirt, wallet, etc. Wouldn't you like to know whether an RFID reader has been installed in space you traverse, and if so, what the operator does with the information?
The government can (and should) set strict limits on what it does with RFID data it gathers. The traditional course, which I think is appropriate, is that the government puts minimal limits on behavior of private entities -- but may require disclosure in advance of that behavior.
If a company has to put up a sign out front saying "RFID READER IN USE" with prominent notice that they share the data, customers will be much more informed about who they are doing business with.
I make most of my small ($100) purchases with cash. How do bar codes and scanners make me traceable for those? I do not have a bar code tattooed on my forehead, and most bar codes are on packaging, tags, or other things I do not keep with the item I buy. Once I remove the bar code, it becomes useless for tracking the item or me.
RFID, on the other hand, works at range and without a direct line of sight. That is a major selling point for RFID over bar codes (the other would be that you don't need a particular orientation to receive the signal). When an RFID tag is embedded in clothes, I become much more traceable. If I am already wearing or carrying an active RFID tag, somebody can trace it back to find my identity without my permission or knowledge.
Sure, you can argue that facial and gait recognition will make that inevitable anyway, but that technology is not ready yet and will not be practical until after RFID is deployed. RFID privacy regulations would set a precedent on how you can or cannot use other high tech means to interrogate someone's identity.
The biggest problem with using x86 segments is that they add an extra 16 bits to each address -- and compilers cannot safely infer when they can be omitted. Especially when you are (or were) limited to 4 GB addressible memory for the entire CPU, it's a little bit overkill to double the pointer size (remember alignment issues) to fix a problem that should be handled by page permissions.
It sort-of supports it. The problem is that all of them are visible at once. The recommended way to do this is something like: In your SVN FS, have/branches/${branchname},/tags/${tagname} and optionally/head or/mainline or whatever you wish to call it. Do development under/head or a subdirectory of/branches. When you need to tag a version, "symlink" a copy under/tags.
Did they mention that the only revision number is for the whole filesystem, though? In my mind, that is one of the most obnoxious things about the svn approach. Say mainline development is at revision 1234. Somebody commits a fix on a branch. Mainline development is now at 1235.
For that and other reasons, I'll take arch any day of the week.
Just how do you plan to bill that.01 cents an email? I rather suspect your plan will end up with virus-infected users bearing the brunt of the cost. This could be waived or these victims could press criminal charges, but it will still cost them time and money. Perhaps it will provide an economic incentive to fix security-related bugs. However, it will be very painful for the victims.
Bruce Schneier likes to talk about practical security as a tradeoff between protection and ease; this is an example of his model. Perhaps the protection is worth the discomfort. Perhaps not. It needs consideration and debate; but simply saying "charge the sender" does not directly impact the economics of current spam.
They used markup (rather annoying markup) to indicate sections of text that were quoted from the December 19 letter -- one that was widely publicized previously.
The ABI is the interface resulting when the API is processed by a compiler. It is roughly a superset of the API. Some parts of the API, such as macros, are not expressed directly in the ABI, but things such as function names and argument types are. It also includes other aspects that are necessary to talk to the compiled code, such as function calling convention: for example, what order arguments are pushed onto the stack, or whether some are kept in registers.
I was slightly worried that this would be what Bruce Schneier calls "doghouse crypto" -- if you use it, you belong in the doghouse. The kind of companies that sell doghouse crypto usually don't say what algorithm they use, they usually use a "proprietary" (non-critically-reviewed) algorithm, and they usually don't have nearly enough knowledge to do a good review themselves. Fortunately, it's ECC, which is well known and well reviewed.
Elliptic Curve Cryptography is, like RSA and Unix crypt, believed to be hard because it looks like a one-way door: It is easy to go in one direction, but unless you have exactly the right data (or an obscene amount of time), impossible to go in the other direction.
Classic Unix crypt is limited by its key size to 56 bits, which makes it practical for a dedicated attack to break. RSA is limited by its structure to use keys that are related to large prime numbers; prime numbers are relatively rare. ECC shares neither of those limitations, so you get a lot more bang from your bits.
Microsoft buying SCO would be a hideously bad choice for Microsoft. They would assume liability for the lawsuit, and IBM would stand a good chance of collecting damages plus costs from Microsoft (with its $30+ billion cash pile). I think Microsoft will prefer to pay "Unix licensing fees" with an unspoken agreement that the fees will underwrite more Linux bashing -- the trade libel that RedHat filed over.
I am not sure why people bother reading Joel Sporsky's weblog -- half of what he writes is tripe, and half is heavily biased by his ego. Someone else quoted Joel's jab at how "the Unix world is so full of self-righteous cultural superiority;" apparently he does not realize that he is an exemplar of the Windows version of the same.
If I wanted to follow his lead and oversimplify the differences between Windows and Unix programmers, I would say that Unix programmers care about code (period) and Windows programmers care about the quick buck. Mr. Sporsky's crass and half-informed self-promotion is an excellent example. (Ever notice how often he plugs his company and software while griping about software development practices?) I have seen the insides and outsides of commercial applications for both Windows and Unix, and the quality under Unix is generally higher than under Windows.
Nobody has heard anything lately about his two sons, who were reportedly killed months ago. Specifically, there is no plausible suggestion that the real Uday and Qusay escaped but left impostors behind.
I assume the US military had the two brain cells necessary to take DNA (and probably lots of other) samples from those bodies. By comparing that DNA, you can be reasonably sure whether or not the three men were related in the necessary ways. If they are, you know you either have the Hussein family or an entire family of impostors.
One could do further DNA testing on the Hussein clan in Tikrit and its environs; that would further restrict it to being a family of impostors related to the real Husseins. It all depends on how paranoid you want to be about the moon landing^W^Widentities.
This person's captors also have the advantage of having a person who can speak: they can compare his speech patterns with recordings of Saddam Hussein. I imagine that the US is already doing this, but may withold an announcement until there is some serious question about his identity.
Each of the world's five continents would have one elected representative on the committee, elected by the countries from the continent they represent.
Okay, I can understand leaving out Antarctica, but who gets to break the news to Australia that their continent has been demoted and made subservient to Asia?
It basically means what IBM defined it to mean in their requests for production -- if I remember correctly, to identify the version of the OS or kernel the code is in, the file name, and line number(s). SCO's famous list of SMP (etc) files did not identify the version or line numbers, and the file names were from Linux rather than SysV as IBM requested. In other words, SCO produced an absolutely worthless list and gave it to IBM, then argued they had satisfied their obligations as plaintiff/counter-defendant.
I would like to see a more detailed analysis of his cost estimates -- $15 billion seems rather low for "developing a new, more flexible launch vehicle," designing a sophisticated (and large) long-life station, shipping the thing up to L1 point, and assembling it.
He also doesn't address things like radiation concerns: Where are the Van Allen belts in relation to L1? L1 is outside the inner (high intensity) Van Allen belt, which means it is likely to get more solar radiation than we do on Earth. You need a lot of shielding to make long-term habitability practical.
Why pick L1 over L4 or L5? L1 is an unstable point -- items there tend to fall to one of the two major bodies; L4 and L5 are stable points.
He doesn't address the fuel cost to go the extra distance; ISS is 250 miles up, while L1 is about 190,000 miles up. Even though neither location is far down the gravity well, astronauts can't afford the slow boat, so you have to spend more fuel to get up to speed and brake at the far end.
There's a legal premise that would cover that kind of behavior: estoppel. Certain behavior on your part can bar you from later claiming damage in a civil suit. For example, if I told you it was okay to eat my lunch, I could not later sue you for improper consumption of my sandwich.
To the extent that an agent of The SCO Group helped develop and promote these technologies, The SCO Group is barred from making claims against others on that basis. There are lots of other defenses available, and other forms of estoppel than simple promissory estoppel (when you say something is acceptable, either explicitly or implicitly), but the above would apply to many defendants at once.
That kind of attitude is not exactly productive. Sure, you can decide you want to hate the sinner rather than the sin. However, if you accept exploitable holes in locally accessible software, you will inevitably see exploitable holes in remotely accessible software because the coding practices will be the same. When you have that, you have the ingredients of a Warhol Worm. No matter how many people decide to not exploit the hole, someone somewhere *will* exploit it. The Internet's structure makes almost everyone your neighbor.
In general, criticism about security holes is not much directed at people or groups who are serious about improving their security. Severe criticism is reserved for those who do not try to improve security and those who are hypocritical about it. Other aggravating factors are installed base and rubbing people the wrong way for whatever reason.
To pick an example, Microsoft has mixed to poor results for the first two and very adverse scores for the third and fourth, so they get a lot of criticism for any security hole. On the other hand, Debian is fairly serious about improving security, generally honest, low to moderate installed base (for Linux) and is inoffensive, so they get much less criticism.
By a similar argument, end systems are not affected by routers delivering IP packets. It would be safe to not deliver IP packets at all, and not require any special software on the router or end system.
TCP and IP header bits are not particularly safe to redefine; compare with the problems when MRTU discovery or ECN notification began to be adopted. You can be sure that not all devices will do the right thing.
It is also considerably obnoxious (and fragile!) to split the detection and handling policies between two management entities like you suggest. Whoever decides what content is "bad" should also take the responsibility for dealing with it. As a modern case in point, how many times have you received a spam/virus email where the virus attachment was blocked by an intermediate mailer (maybe with a note attached)?
That actually annoys me personally: My mail server rejects mail with.exe (or.pif, etc) attachments. When a "helpful" mail server removes that attachment from a virus email, it means I get the email and my time is wasted by having to deal with it manually.
I doubt very much that applies to Linux directly. I suspect it applies to the IBM claims for tortious interference and what-not. They are saying that since they were discussing an ongoing case, their claims are legally protected speech. Which is balls, really, and a simple search in case law supports it: extrajudicial comments are not protected by judicial immunity, even if they are made in the context of an ongoing lawsuit.
First amendment speech protection is limited, especially in a commercial context, and since SCO is using this case as blackmail to increase their SCOsource revenues, their comments were definitely commercial.
As has been pointed out in other comments, though, the list of defenses is a "throw in the kitchen sink" kind of thing: if there's any conceivable way to use it as a defense, it must be included in the response.
Case law (at least in the USA) has recognized that applying local community standards to actions over the Internet -- especially ones initiated by users in the restrictive communities -- is dangerous or foolish. This has been especially true when cases are filed in (for example) extremely religious and conservative areas of the southern United States to complain about the content of companies' web sites; they cite things like pornography laws that say vulgarity is defined by the community's standards.
Comparative advertising may be illegal in certain countries; their economies will be the ones to suffer. However, Google was not accused of infringing its competitors' trademarks. Its sin was the (apparently horrible) omission of not performing a trademark search to see if the entity buying an AdWord advertisement (or maybe the target of the link) was in competition with the owner of the trademark in any possible field.
Hopefully this will inspire France to update its trademark law. Other countries have been pressured (especially by the USA) into signing the Berne Convention and recognizing copyrights of other nations -- or simply enforcing their own copyright laws against violators in these developing nations. However, given France's obstinacy in other matters, I would not expect much sanity in this.
Did you apply your brain before whining about the insult?
Suppose Company A owns and registers a trademark on their product named MegaSuperItem. If company B runs an advertisement saying "ImprovedNiftyItem -- twice as good as MegaSuperItem," who is traditionally at fault? I believe that Company B should be held liable, not the media that published the advertisement.
There is also, as many other people have commented, the fact that trademarks pertain to a specific market or field. The Internet encompasses all those fields recognized by trademark offices and many more. Owning a trademark does not give you exclusive rights to the word -- except as it relates to marketing or selling products or services.
Why should Google be responsible for doing trademark research and forming a legal opinion on whether every AdWord they run may infringe someone's copyright? That burden goes far beyond what is reasonable for any company to bear.
Slashdot Mirror
The 5th Amendment applies if you're being charged by the government (criminal charges). It does not apply if you are being charged by a private entity (civil charges).
If the company sues you, they will depose you or put you on the stand, and you will be (under oath, and under penalty of perjury) obliged to tell the whole and unvarnished truth.
If you had even bothered to read the ruling, you would have noticed that the judge considered that. The ruling specifically says that uesrs of clients that DEFAULT to logging things are safe, but if you have to enable logging, you could be in trouble. No, it doesn't make much sense. Hopefully somebody will fix the legislation.
As for jurisdiction, that's a good question, and one that nobody has a good handle on. As we have seen, you might be arrested if you violate a country's laws while outside its borders but later enter it. I doubt any country would want to extradite someone for logging casual chats.
The incremental cost of adding 96 bits of storage (say, going from 32 bits to 128 bits) is much lower than the benefits reaped from having the extra data. I mention 128 bits because most /.'ers have heard how much we can address uniquely in IPv6. I would be very surprised if many RFID tags were deployed with as little capacity as you suggest: it is ROM, not RAM. Burning a few bits of ROM is very very easy.
Why limit your concern to the government monitoring you? I would bet most doorways you go through are within five feet of your shoes, pants, shirt, wallet, etc. Wouldn't you like to know whether an RFID reader has been installed in space you traverse, and if so, what the operator does with the information?
The government can (and should) set strict limits on what it does with RFID data it gathers. The traditional course, which I think is appropriate, is that the government puts minimal limits on behavior of private entities -- but may require disclosure in advance of that behavior.
If a company has to put up a sign out front saying "RFID READER IN USE" with prominent notice that they share the data, customers will be much more informed about who they are doing business with.
I make most of my small ($100) purchases with cash. How do bar codes and scanners make me traceable for those? I do not have a bar code tattooed on my forehead, and most bar codes are on packaging, tags, or other things I do not keep with the item I buy. Once I remove the bar code, it becomes useless for tracking the item or me.
RFID, on the other hand, works at range and without a direct line of sight. That is a major selling point for RFID over bar codes (the other would be that you don't need a particular orientation to receive the signal). When an RFID tag is embedded in clothes, I become much more traceable. If I am already wearing or carrying an active RFID tag, somebody can trace it back to find my identity without my permission or knowledge.
Sure, you can argue that facial and gait recognition will make that inevitable anyway, but that technology is not ready yet and will not be practical until after RFID is deployed. RFID privacy regulations would set a precedent on how you can or cannot use other high tech means to interrogate someone's identity.
The biggest problem with using x86 segments is that they add an extra 16 bits to each address -- and compilers cannot safely infer when they can be omitted. Especially when you are (or were) limited to 4 GB addressible memory for the entire CPU, it's a little bit overkill to double the pointer size (remember alignment issues) to fix a problem that should be handled by page permissions.
It sort-of supports it. The problem is that all of them are visible at once. The recommended way to do this is something like: /branches/${branchname}, /tags/${tagname} and optionally /head or /mainline or whatever you wish to call it. Do development under /head or a subdirectory of /branches. When you need to tag a version, "symlink" a copy under /tags.
In your SVN FS, have
Did they mention that the only revision number is for the whole filesystem, though? In my mind, that is one of the most obnoxious things about the svn approach. Say mainline development is at revision 1234. Somebody commits a fix on a branch. Mainline development is now at 1235.
For that and other reasons, I'll take arch any day of the week.
Just how do you plan to bill that .01 cents an email? I rather suspect your plan will end up with virus-infected users bearing the brunt of the cost. This could be waived or these victims could press criminal charges, but it will still cost them time and money. Perhaps it will provide an economic incentive to fix security-related bugs. However, it will be very painful for the victims.
Bruce Schneier likes to talk about practical security as a tradeoff between protection and ease; this is an example of his model. Perhaps the protection is worth the discomfort. Perhaps not. It needs consideration and debate; but simply saying "charge the sender" does not directly impact the economics of current spam.
They used markup (rather annoying markup) to indicate sections of text that were quoted from the December 19 letter -- one that was widely publicized previously.
The ABI is the interface resulting when the API is processed by a compiler. It is roughly a superset of the API. Some parts of the API, such as macros, are not expressed directly in the ABI, but things such as function names and argument types are. It also includes other aspects that are necessary to talk to the compiled code, such as function calling convention: for example, what order arguments are pushed onto the stack, or whether some are kept in registers.
I was slightly worried that this would be what Bruce Schneier calls "doghouse crypto" -- if you use it, you belong in the doghouse. The kind of companies that sell doghouse crypto usually don't say what algorithm they use, they usually use a "proprietary" (non-critically-reviewed) algorithm, and they usually don't have nearly enough knowledge to do a good review themselves. Fortunately, it's ECC, which is well known and well reviewed.
Elliptic Curve Cryptography is, like RSA and Unix crypt, believed to be hard because it looks like a one-way door: It is easy to go in one direction, but unless you have exactly the right data (or an obscene amount of time), impossible to go in the other direction.
Classic Unix crypt is limited by its key size to 56 bits, which makes it practical for a dedicated attack to break. RSA is limited by its structure to use keys that are related to large prime numbers; prime numbers are relatively rare. ECC shares neither of those limitations, so you get a lot more bang from your bits.
Microsoft buying SCO would be a hideously bad choice for Microsoft. They would assume liability for the lawsuit, and IBM would stand a good chance of collecting damages plus costs from Microsoft (with its $30+ billion cash pile). I think Microsoft will prefer to pay "Unix licensing fees" with an unspoken agreement that the fees will underwrite more Linux bashing -- the trade libel that RedHat filed over.
I am not sure why people bother reading Joel Sporsky's weblog -- half of what he writes is tripe, and half is heavily biased by his ego. Someone else quoted Joel's jab at how "the Unix world is so full of self-righteous cultural superiority;" apparently he does not realize that he is an exemplar of the Windows version of the same.
If I wanted to follow his lead and oversimplify the differences between Windows and Unix programmers, I would say that Unix programmers care about code (period) and Windows programmers care about the quick buck. Mr. Sporsky's crass and half-informed self-promotion is an excellent example. (Ever notice how often he plugs his company and software while griping about software development practices?) I have seen the insides and outsides of commercial applications for both Windows and Unix, and the quality under Unix is generally higher than under Windows.
Got your tin foil hat on, I see.
Nobody has heard anything lately about his two sons, who were reportedly killed months ago. Specifically, there is no plausible suggestion that the real Uday and Qusay escaped but left impostors behind.
I assume the US military had the two brain cells necessary to take DNA (and probably lots of other) samples from those bodies. By comparing that DNA, you can be reasonably sure whether or not the three men were related in the necessary ways. If they are, you know you either have the Hussein family or an entire family of impostors.
One could do further DNA testing on the Hussein clan in Tikrit and its environs; that would further restrict it to being a family of impostors related to the real Husseins. It all depends on how paranoid you want to be about the moon landing^W^Widentities.
This person's captors also have the advantage of having a person who can speak: they can compare his speech patterns with recordings of Saddam Hussein. I imagine that the US is already doing this, but may withold an announcement until there is some serious question about his identity.
It basically means what IBM defined it to mean in their requests for production -- if I remember correctly, to identify the version of the OS or kernel the code is in, the file name, and line number(s). SCO's famous list of SMP (etc) files did not identify the version or line numbers, and the file names were from Linux rather than SysV as IBM requested. In other words, SCO produced an absolutely worthless list and gave it to IBM, then argued they had satisfied their obligations as plaintiff/counter-defendant.
I would like to see a more detailed analysis of his cost estimates -- $15 billion seems rather low for "developing a new, more flexible launch vehicle," designing a sophisticated (and large) long-life station, shipping the thing up to L1 point, and assembling it.
He also doesn't address things like radiation concerns: Where are the Van Allen belts in relation to L1? L1 is outside the inner (high intensity) Van Allen belt, which means it is likely to get more solar radiation than we do on Earth. You need a lot of shielding to make long-term habitability practical.
Why pick L1 over L4 or L5? L1 is an unstable point -- items there tend to fall to one of the two major bodies; L4 and L5 are stable points.
He doesn't address the fuel cost to go the extra distance; ISS is 250 miles up, while L1 is about 190,000 miles up. Even though neither location is far down the gravity well, astronauts can't afford the slow boat, so you have to spend more fuel to get up to speed and brake at the far end.
The irony is overwhelming. The full name of our highest court here in the USA is the Supreme Court of the United States (often abbreviated SCOTUS).
There's a legal premise that would cover that kind of behavior: estoppel. Certain behavior on your part can bar you from later claiming damage in a civil suit. For example, if I told you it was okay to eat my lunch, I could not later sue you for improper consumption of my sandwich.
To the extent that an agent of The SCO Group helped develop and promote these technologies, The SCO Group is barred from making claims against others on that basis. There are lots of other defenses available, and other forms of estoppel than simple promissory estoppel (when you say something is acceptable, either explicitly or implicitly), but the above would apply to many defendants at once.
That kind of attitude is not exactly productive. Sure, you can decide you want to hate the sinner rather than the sin. However, if you accept exploitable holes in locally accessible software, you will inevitably see exploitable holes in remotely accessible software because the coding practices will be the same. When you have that, you have the ingredients of a Warhol Worm. No matter how many people decide to not exploit the hole, someone somewhere *will* exploit it. The Internet's structure makes almost everyone your neighbor.
In general, criticism about security holes is not much directed at people or groups who are serious about improving their security. Severe criticism is reserved for those who do not try to improve security and those who are hypocritical about it. Other aggravating factors are installed base and rubbing people the wrong way for whatever reason.
To pick an example, Microsoft has mixed to poor results for the first two and very adverse scores for the third and fourth, so they get a lot of criticism for any security hole. On the other hand, Debian is fairly serious about improving security, generally honest, low to moderate installed base (for Linux) and is inoffensive, so they get much less criticism.
By a similar argument, end systems are not affected by routers delivering IP packets. It would be safe to not deliver IP packets at all, and not require any special software on the router or end system.
.exe (or .pif, etc) attachments. When a "helpful" mail server removes that attachment from a virus email, it means I get the email and my time is wasted by having to deal with it manually.
TCP and IP header bits are not particularly safe to redefine; compare with the problems when MRTU discovery or ECN notification began to be adopted. You can be sure that not all devices will do the right thing.
It is also considerably obnoxious (and fragile!) to split the detection and handling policies between two management entities like you suggest. Whoever decides what content is "bad" should also take the responsibility for dealing with it. As a modern case in point, how many times have you received a spam/virus email where the virus attachment was blocked by an intermediate mailer (maybe with a note attached)?
That actually annoys me personally: My mail server rejects mail with
I doubt very much that applies to Linux directly. I suspect it applies to the IBM claims for tortious interference and what-not. They are saying that since they were discussing an ongoing case, their claims are legally protected speech. Which is balls, really, and a simple search in case law supports it: extrajudicial comments are not protected by judicial immunity, even if they are made in the context of an ongoing lawsuit.
First amendment speech protection is limited, especially in a commercial context, and since SCO is using this case as blackmail to increase their SCOsource revenues, their comments were definitely commercial.
As has been pointed out in other comments, though, the list of defenses is a "throw in the kitchen sink" kind of thing: if there's any conceivable way to use it as a defense, it must be included in the response.
Case law (at least in the USA) has recognized that applying local community standards to actions over the Internet -- especially ones initiated by users in the restrictive communities -- is dangerous or foolish. This has been especially true when cases are filed in (for example) extremely religious and conservative areas of the southern United States to complain about the content of companies' web sites; they cite things like pornography laws that say vulgarity is defined by the community's standards.
Comparative advertising may be illegal in certain countries; their economies will be the ones to suffer. However, Google was not accused of infringing its competitors' trademarks. Its sin was the (apparently horrible) omission of not performing a trademark search to see if the entity buying an AdWord advertisement (or maybe the target of the link) was in competition with the owner of the trademark in any possible field.
Hopefully this will inspire France to update its trademark law. Other countries have been pressured (especially by the USA) into signing the Berne Convention and recognizing copyrights of other nations -- or simply enforcing their own copyright laws against violators in these developing nations. However, given France's obstinacy in other matters, I would not expect much sanity in this.
Did you apply your brain before whining about the insult?
Suppose Company A owns and registers a trademark on their product named MegaSuperItem. If company B runs an advertisement saying "ImprovedNiftyItem -- twice as good as MegaSuperItem," who is traditionally at fault? I believe that Company B should be held liable, not the media that published the advertisement.
There is also, as many other people have commented, the fact that trademarks pertain to a specific market or field. The Internet encompasses all those fields recognized by trademark offices and many more. Owning a trademark does not give you exclusive rights to the word -- except as it relates to marketing or selling products or services.
Why should Google be responsible for doing trademark research and forming a legal opinion on whether every AdWord they run may infringe someone's copyright? That burden goes far beyond what is reasonable for any company to bear.