[notphilatall]

Right, and I could again disable your timer, which would just lead to a JS arms race. Why send the content to the non-authenticated client in the first place? Wait to get the confirmation that the person paid or is within quota, and then get the content via a POST request...

Edit: I'm not condoning stealing content, just wondering why you're depending on the client to self-censor.

[msy]

Because the point is not to lock the NYT's content inside an impenetrable DRM fortress, it's to get those that consume its content the most to contribute to its production costs. I don't think the paywall has been structured very well but I do think anyone who choses to circumvent it to keep accessing the content for free is going to feel more than a little rueful if it stops being produced at all.