Slashdot Mirror
Patent Claimed on System-Level Encryption
nattt writes "The Register is reporting that a Californian firm, Maz Technologies has been granted a patent for application independant file encryption, and is now going after other companies with its lawyers to press its claims. It seems that the US patent office doesn't check very well for prior art, and their laxity is causing small firms that get attacked on infringing these bad patents a lot of money to defend themselves."
Just a thought ... would it be possible for these small companies to sue the US Patent Office for costs relating to bad patents?
Now we don't have to worry about CBDTPA. Because even if the FCC tells the tech industry to adopt encryption to protect content, we can say "Sorry Disney, er, FCC...but that technology has been patented!"
Why didn't we think of this. Let's get patents on watermarking and other intrusive technologies being rammed down our throats by content providers. Then just sit on them and thumb our noses.
- JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
Wouldn't it be funny if some organization in the US government has prior art on this patent? Say the NSA or FBI, perhaps the Army, Air Force or CIA? Somewhere in there somebody developed a computer system which encrypted every single communications which took place at the system level.
I see this as proof that the USPTO doesn't bother checking for prior art at all. How the hell could they possibly have missed the many examples if they had? Shit, even ntfs has been doing that for years.
Here's my DeCSS mirror, where's yours?
It's painfully obvious the patent office is not going to change their ways after seeing patent after patent issued without checking for prior art. Perhaps a way around that would be to push for a law that would require a "quiet period" for filing lawsuits related to the patent following the issuance of a patent. How long did this company wait after receiving the patent before filing the lawsuit, a couple of weeks?
When a company (or person) receives a patent, they have to wait at least 1 year before dragging anyone into court related to that patent. That will give the court of public opinion (slashdot) time to find and point out the mistake to the patent office and hopefully they will make amends.
Believe in things of which no person has ever learned
Forget SFS.
If it was filed in 19_98_, then the Unix "crypt(1)" program predates it by a generation. A human generation, not a "software generation." crypt(1) only offered trivial protection, but it *was* an application-independent system resource that could be used to encrypt and decrypt messages with a classic algorithm.
It sounds like the attorneys who filed that patent application need to be face penalties for filing a fradulent legal document. Don't just invalidate the patent, disbar the assholes who try to patent stuff that's been common practice for decades.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
BFD.
Go read it here
1.) A giant big smoking hole where the office used to be would be a good start.
2.) Realistically, after firing all current employees for sheer incompetence, hire new ones at much higher salaries. Make their performance conditional on *not approving* patents. The more rejections for prior art or being obvious, the more pay the examiner is given. Companies should also be liable for bad patents. A company could forfeit over 10% of its assets for a patent granted that was either obvious or prior art.
This should stop parasites like Rambus in their tracks.
3.) Remove patent protection entirely for "business methods" and software patents, and sharply reduce all patent terms to 5 yr terms, which can be renewed only 4 times maximum. The companies now have to show their R&D cost for developing the patent, and once their is a profit made the patent cannot be renewed again.
The price for increasing the length of the patents
increases, doubling every time it is renewed.
4.) In general, prevent indefinite extension of copyright and patents. This means that anyone will be able to market Mickey Mouse etc.
Since there's most probably prior-art for this patent, I wonder if the companies being pursued could file suit against the PTO to recover defense costs if it is indeed found that the patent is invalid.
Maybe then the PTO would actually start doing its work instead of pretending to....
AC comments get piped to
The claims of this patent seem to be limited to the situation where there is an application client
Take GNU Emacs for example.
and a backend "Document Management System" (DMS)
Any file system.
in which there is a crypto module
File system encryption module.
intervenes when a file-save command or the like is issued from the client
fopen() in glibc.
which then encrypts the data with an appropriate key
Encrypted block driver.
hands off control to the DMS.
return from the block driver to the filesystem to libc to the app.
Will I retire or break 10K?
Claim 1 of Patent 6,185,681 seems very similar to:
A Cryptographic File System for Unix by Matt Blaze (1993)
http://www.crypto.com/papers/cfs.pdf
Design and Implementation of a Transparent Cryptographic File System for
Unix (1996)
http://www.tcfs.it/docs/tcfs.ps
Linux Journal Issue 40: TCFS: Transparent Cryptographic File System
(August 1997)
http://www.linuxjournal.com/article.php?sid=2174
I think there should be a 2,6 or even a year long wait on patents...once they're approved by the patent office, put up a web site for each patent. When someone goes to the site who knows of prior art or some other problem with the patent, that person simply types in what's wrong, hits submit. The patent office reads that person's claim, does research for what had been claimed wrong, and can reject the patent upon that.
Then the patent office can afford to get rid of some people....the industry is responsible for keeping care of its own patents...copm sci people scan through the comp sci patents, engineers scan through the engineering patents in their field every now and then...etc. etc.
though, then again, maybe there're just too many patents being filed for this to help much...
I did system level encryption in 1978 on the mainframe VM/CMS system. Under the CMS component, which ran in a virtual machine, all I/O was done through an interface known as SVC 202 . This interface was used for modular execution of both external (a file) and internal functions. I wrote a program in assembly language which first ran in what was known as the "transient area". This program then allocated memory on a permanent basis, and copied part of itself there. That part was written in relocateable assembly code (was not hard to do in S/370 assembler). It then substituted the SVC interrupt vector with its own, and intercepted all SVC instruction traps. The intercept handler was now in control and the program did a graceful exit, but without deallocating the memory. This was similar to the DOS TSR (Terminate and Stay Resident) feature. The intercept handler checked for SVC traps being code 202. If not, it passed them on to the original SVC handler in CMS. If it was 202, then it checked for the request name for reading and writing. If that matched, it then checked to see if it was a file to be encrypted (writing) or decrypted (reading). CMS had disk letter/number combinations added to each file, and I allowed the program to be told to use either a letter (specific disk) or number (file mode) to be matched to indicate that the file was encrypted. It them modified the buffer appropriately before (writing) or after (reading) the system function completed. The net effect was the ability to have selected files, or a whole disk, encrypted. All native CMS programs, and some OS/VS/MVS emulated programs, would successfully do I/O through this encryption system. I was able to edit a Fortran program, save it, and compile it with the Fortran G compiler, and subsequently run it. I placed a call to my encryption facility in a script called "PROFILE EXEC A1" which made it run every time I logged in. It prompted me for the key, which was a string that was hashed to construct the encryption vector for the algorithm I used (which is probably terribly insecure today).
I was a student at Ohio University at the time. A group of us were "hackers" (and at times did a little cracking, too). All the disk space was partition-like slices on big (in the physical sense, about the size of a small washing machine) hard drives shared with a lot of other people. The computer center administrators could easily spy on any user's disk space. So this was used as a means to keep nosey people out. About 3 months after I started regularly using this, I was summoned to the office of the Director of Academic Affairs at the computer center. I was told by Dr. Craig Farrar that he was aware that I was encrypting my files, and that this was against computer center and university policy. He gave me a copy of the policy. He was at least an honest man, and also told me it was a brand new policy adopted specifically because I was encrypting my files. He then told me I had 2 days to unencrypt all files before the disk space would be entirely erased. I simply backed up most of them to a private tape, removed it, and unencrypted a few remaining files and deleted the rest. I never used the program again.
When the PC came out with DOS, and I learned of TSR, I thought about that program, and thought I'd like to do the same thing again. I didn't at that time because I didn't make the committment to learn x86 assembly, and didn't have a suitable C compiler at the time. So a DOS version, unfortunately, never actually happened. However, I did see among some shareware on a BBS, around 1989, a description of a program that did exactly that. Unfortunately for that program, at that time I was doing the Amiga thing. Hopefully someone can track down that program.
When I moved to Texas in 1993, I left all my old mainframe tapes (about 120 of them by then) behind. I had gotten hooked on Linux and swore to never use a mainframe again, so I had them discarded. Now I wish I had them back, because I could now run them on Linux using emulators ... after I figured out how to get stuff off those old tapes.
now we need to go OSS in diesel cars
It seems to me that everyone wants a knowledgable patent office that can understand (most) technologies that come into it's office.
I think that what will happen is that companies and individuals will get fed up with the system and change it. Eventually, patents will be almost non-existant because the system will require PROOF of non-prior art, other than the current model, which only hints at the notion.
I'll agree that this is getting out of hand and anyone who claims a patent and files a suit against any company, should have to PAY for ALL legal fees of BOTH parties, if they want to pursue the patent.
This would keep folks like the idiot here from filing, getting and then pursuing a lawsuit for the patent he was given.
my 0.02 cents
IBM had a nice system tht encrypted all of it's traffic between the terminal and mainframe using lucifer. Rekeying was done periodically by encrypting the rekeying message and new key with a special key unique to that terminal. IBM wanted help improving lucifer, so they asked the NSA for help. The NSA said "sure, as long as as the end result's intellectual property is released to the public domain" The NSA took lucifer,,, shortened the keyspace to 56 bits but appearenty maximally strengthened it against all of the shortcut attacks they knew of at the time (differential cryptanalysis). The result was called DES. So there's prior art older than DES. The newer version of the iBM system employing DES (and newer versions allow for 3DES) in most, if not all, bank automatic teller machines.
Off topic:
The end result of the NSA involvement is that it was much harder for mathemeticians to discover shortcut attacks to allow random blackhats to crack DES, while still allowing big budgeted governments to build specialized crackers or run cracking on several massive vector machines, like CRAYs.
Speaking of DES, has anyone seen optimal boolean functions for the DES s-boxes? I'd like to implement DES "sideways", putting each bit of the message in a different register. You can then run 32 (or 64, if you're lucky enough to have a 64-bit CPU) encryptions in parallel. This is much faster since DES does things like uplicating and swapping individual bits, which takes zero time in hardware, but kills the standard way of implementing DES in software gets killed by these little bit duplications and swaps. If you run DES sideways (and 32- or 64-way parallel), duplicating bits simply means usng the same register variable twice, and swapping bits means chaging the positions of varaiables in your equations. You lose some latencey for an individual encryption, but your throughput is potentially multiplied several times. (This depends alot on how compactly you can represent the s-boxes as boolean functions.) This isn't applicable to CBC-mode encryption, but it is usefull for ECB, counter, OCB, and other parallelizable encryption modes. It's also applicable to cracking any of the encryption modes, even OFB, CFB, and CBC.
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
No -- remember a patent is valid from the date the application was sent to the PTO, not the date it was granted. If two or more companies/individuals send patent applications near each other on the same item, three things can happen : one gets it the others don't (and all get used), as with the telephone; both get it and lawsuits abound (LZW); none get it as it must be "obvious" if so many apply for it (never happens -- obviousness is no longer a PTO criteria as we all know). But even if others don't apply for a patent on the thing, they're still vulnerable if their product went to market after the patent was applied for, even if the patent itself never went to market. In the old days, with "real stuff", one would advertise if there were patent applications or patent pending on products. Now, with software and business methods, where the concept and not the invention is the patent, companies like to hide everything related to the patent and wait until they get it before they either 1) charge an arm and leg for it 'cause nobody else could possibly have known it was a pending patent (this instance), or 2) tell everybody else with the same thing to stuff it (amazon's one-click). There are about 3 years between patent application and patent grant. Everybody in software knows that 3 years is two whole generations by software/internet standards, and programmer and designer creativity is going to come up with the same thing in different times because as programmers we're educated to think in a certain way. I'd complain more, but at this point i think choir-preaching is all it'll come up with... But a reminder of one fact -- the head of the PTO in a recent interview posted as a slashdot story a few years back explicity stated using these words that the PTO was in the "business of selling patents". Now if the PTO were to suddenly get smart and reasonable, and ditch applications for prior art and obviousness (like their congressional grant and law tells them to), they wouldn't be "selling" as many patents as they could, and patent application would be a higher risk, so fewer applications would be made, so the PTO would get less money. So the only other solution to the PTO problem is to make applications and grants 100% free, so the PTO does not have a monetary incentive to grant patents to everything in site, obvious/prior-art or not.
"But remember, most lynch mobs aren't this nice." (H.Simpson)
-- Joe