Slashdot Mirror

← Back to Stories (view on slashdot.org)

Patent Claimed on System-Level Encryption

Posted by michael on from the never-would-have-thought-of-that dept.

nattt writes "The Register is reporting that a Californian firm, Maz Technologies has been granted a patent for application independant file encryption, and is now going after other companies with its lawyers to press its claims. It seems that the US patent office doesn't check very well for prior art, and their laxity is causing small firms that get attacked on infringing these bad patents a lot of money to defend themselves."

19 of 230 comments (clear)

  1. Here's a thought... by XoXus · · Score: 5, Interesting

    Just a thought ... would it be possible for these small companies to sue the US Patent Office for costs relating to bad patents?

    1. Re:Here's a thought... by stinkypantshomer · · Score: 4, Funny

      what about legitimate patents like this one? You can exercise your cat with a Method of exercising a cat People have cats... cats need exercise... I see problem solved!

    2. Re:Here's a thought... by rho · · Score: 4, Insightful

      And you've just struck on the problem of having the government do anything...

      Suing the governemt, while possible, is an extremely daunting prospect. It takes lots of time and lots of money--two assets the government has in plenty, whereas most private companies or individuals don't.

      Now, if the government wasn't doing so many other non-Constitutional things, perhaps some attention could be paid to the patent office and things like this could be prevented... nahh, I'm just a lunatic...

      --
      Potato chips are a by-yourself food.
    3. Re:Here's a thought... by Gorobei · · Score: 5, Insightful

      This is an idea that sounds good on the surface but is actually very bad.

      If you could sue the USPO, the majority of suits would be from companies suing to have their patents *granted*. Being able to sue would just give them a second whack at the pinata.

      Normal small companies and rational individuals would not sue to have bad patents denied: if you have the money to go to trial, it's better to wait until the patent is enforced in an unfair way.

      So, could you restricts suits to reimbursing the costs of unfair patents? "Unfair" would need to mean that a court had invalidated the patent or restricted its scope, so the defendant would already have gone to trial for patent infringment, and prevailed. In this case, he may well ask for court costs, and get them (especially in a David & Goliath situation) so the USPO incompetance has, in some sense, cost him nothing.

      If the defendant can't afford to defend himself in court, no one is going to judge the patent to be "bad."

      IANAL, etc.

    4. Re:Here's a thought... by Frank+T.+Lofaro+Jr. · · Score: 4, Informative

      Since when does the patent office deny a patent?

      They allow patents on things for which prior art exists, even things for which prior PATENTS exist. IBM got a patent on LZW and then Unisys was granted their patent on it - the patent office either didn't check for a prior patent or didn't realize the 2 patents described the same thing.
      And Unisys wants us to pay THEM? IBM should be more pissed than they are.

      Oh, yeah, they will deny a patent for a "perpetual motion device", unless you are clueful enough to call it something different, like an "overunity device". 1/2 ;)

      Here is a GNU page describing the GIF situation and mentioning the 2 LZW patents.

      Also, even if someone can afford to fight a lawsuit - the odds are stacked against them. A patent is presumed valid and the defendant must rebut that with a preponderance of the evidence, or lose. This is a reversal of the normal situation in civil law, which is where the plaintiff needs to have preponderance of the evidence. The plaintiff needs to have a preponderance of the evidence that the action alleged to be infrigement occurred - but the defendant has to prove the patent is invalid.

      So if the court can't tell who is right on the latter issue, they'll presume the patent valid and you guilty.

      Ask a lawyer for legal advice. (if you got tons of cash lying around to pay for one)

      --
      Just because it CAN be done, doesn't mean it should!
  2. Hey this is great! by JoeShmoe · · Score: 5, Interesting

    Now we don't have to worry about CBDTPA. Because even if the FCC tells the tech industry to adopt encryption to protect content, we can say "Sorry Disney, er, FCC...but that technology has been patented!"

    Why didn't we think of this. Let's get patents on watermarking and other intrusive technologies being rammed down our throats by content providers. Then just sit on them and thumb our noses.

    - JoeShmoe

    .

    --
    -- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
  3. jesus christ on a rubber stick by choke · · Score: 4, Insightful

    If they are suing already, doesn't that invalidate the patent by demonstrating prior art before the patent was applied for?

    --
    "No good deed goes unpunished"
  4. this is good by mmusn · · Score: 4, Insightful

    We need more bad patents like this. The more of a problem this becomes, the more likely Congress is going to do something about it. And as long as the patents are as ridiculous as this one, and as long as they go after companies with money before they go after open source, everything's fine as far as I'm concerned.

  5. Prior art in US govt? by cmoney · · Score: 5, Interesting

    Wouldn't it be funny if some organization in the US government has prior art on this patent? Say the NSA or FBI, perhaps the Army, Air Force or CIA? Somewhere in there somebody developed a computer system which encrypted every single communications which took place at the system level.

  6. Prior-art by eddy · · Score: 5, Informative

    The nice folks over at sci.crypt seems to have listed quite a few cases of possible prior art.

    Not that that makes it much better on the whole, but...

    --
    Belief is the currency of delusion.
  7. typical sleazy practice by Edmund+Blackadder · · Score: 5, Insightful

    Attack the small firms first so they cannot afford to invalidate the patent. Meanwhile when the small firms start paying royalties your patent will become more established. By the way the 25 000 in royalties is nothing compared to what the case may cost. So that company will probably pay the fee if hey cannot get an early win in court.

  8. probably wont happen by Edmund+Blackadder · · Score: 4, Informative

    secret use is not prior art.

    But if the above mentioned agency put their computer on sale, or used it publicly then it would be prior art.

  9. Why go for the small potatoes? by cmoney · · Score: 4, Insightful

    Why not directly sue Microsoft, Sun, HP, IBM? Somewhere along the line one of these companies offered system level encryption.

    Or maybe this dinky unknown company saw a way to squeeze money out of little companies who they thought couldn't afford to fight back?

  10. a fine example of patent problems.. by thesupraman · · Score: 5, Informative

    This would seem to be a good example of how the patent system is being mis-used at present. Apparently this patent is very widely defined and not backed up by much 'implementation'. this would generally not be considered a very 'defendable' patent, yet the owners are trying it on with a bunch of middle level software vendors, trying to strong arm some cash from them.

    The difficulty with this is that the patent gives the owner a degree of 'high-ground', and defending against this from the point of view of the apparent patent violator, can be VERY expensive, so often just coughing up is the cheapest option, which then lends weight to the defendability of the patent.

    Certainly, being filed in 1998 makes this particular patent laughable.

    for exmaple, have a look at:
    http://www.cs.auckland.ac.nz/~pgut001/sfs/
    w here sfs (Secure File System) exists, and this page was LAST updates in september 1996, and covers just about every possible level of eccryption in a general file system, it is also not unique.

    1. Re:a fine example of patent problems.. by coyote-san · · Score: 5, Interesting

      Forget SFS.

      If it was filed in 19_98_, then the Unix "crypt(1)" program predates it by a generation. A human generation, not a "software generation." crypt(1) only offered trivial protection, but it *was* an application-independent system resource that could be used to encrypt and decrypt messages with a classic algorithm.

      It sounds like the attorneys who filed that patent application need to be face penalties for filing a fradulent legal document. Don't just invalidate the patent, disbar the assholes who try to patent stuff that's been common practice for decades.

      --
      For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
    2. Re:a fine example of patent problems.. by sparcv9 · · Score: 4, Informative
      crypt(1) only offered trivial protection, but it *was* an application-independent system resource that could be used to encrypt and decrypt messages with a classic algorithm.
      Not quite. The UNIX crypt() function is a one-way algorithm. A character string is run through crypt() along with a 2-character salt, which is used to mutate the encryption algorithm. The result is a 13-character string, the first 2 characters being the salt. To check, for example, a password against a crypt()'ed password, you take the user-supplied password string and the first 2 characters of the encrypted password, run them through crypt() and compare the output with the previously encrypted string. If both encrypted strings match, then the user-supplied string matched the string that was previously crypt()'ed.

      By the way, since crypt() is a system library function , it is in Section 3 of the manual, and is denoted as crypt(3), not crypt(1).

      Note: I'm not sayng that this isn't a dumb patent, but your example of prior art is in error.
      --

      This is not a Fugazi .sig
  11. Clipper by wiredlogic · · Score: 4, Informative

    We need look no further than our good friend the Clipper chip for a good example of government created prior art that is covered by this patent.

    --
    I am becoming gerund, destroyer of verbs.
  12. I did this in 1978 by Skapare · · Score: 5, Interesting

    I did system level encryption in 1978 on the mainframe VM/CMS system. Under the CMS component, which ran in a virtual machine, all I/O was done through an interface known as SVC 202 . This interface was used for modular execution of both external (a file) and internal functions. I wrote a program in assembly language which first ran in what was known as the "transient area". This program then allocated memory on a permanent basis, and copied part of itself there. That part was written in relocateable assembly code (was not hard to do in S/370 assembler). It then substituted the SVC interrupt vector with its own, and intercepted all SVC instruction traps. The intercept handler was now in control and the program did a graceful exit, but without deallocating the memory. This was similar to the DOS TSR (Terminate and Stay Resident) feature. The intercept handler checked for SVC traps being code 202. If not, it passed them on to the original SVC handler in CMS. If it was 202, then it checked for the request name for reading and writing. If that matched, it then checked to see if it was a file to be encrypted (writing) or decrypted (reading). CMS had disk letter/number combinations added to each file, and I allowed the program to be told to use either a letter (specific disk) or number (file mode) to be matched to indicate that the file was encrypted. It them modified the buffer appropriately before (writing) or after (reading) the system function completed. The net effect was the ability to have selected files, or a whole disk, encrypted. All native CMS programs, and some OS/VS/MVS emulated programs, would successfully do I/O through this encryption system. I was able to edit a Fortran program, save it, and compile it with the Fortran G compiler, and subsequently run it. I placed a call to my encryption facility in a script called "PROFILE EXEC A1" which made it run every time I logged in. It prompted me for the key, which was a string that was hashed to construct the encryption vector for the algorithm I used (which is probably terribly insecure today).

    I was a student at Ohio University at the time. A group of us were "hackers" (and at times did a little cracking, too). All the disk space was partition-like slices on big (in the physical sense, about the size of a small washing machine) hard drives shared with a lot of other people. The computer center administrators could easily spy on any user's disk space. So this was used as a means to keep nosey people out. About 3 months after I started regularly using this, I was summoned to the office of the Director of Academic Affairs at the computer center. I was told by Dr. Craig Farrar that he was aware that I was encrypting my files, and that this was against computer center and university policy. He gave me a copy of the policy. He was at least an honest man, and also told me it was a brand new policy adopted specifically because I was encrypting my files. He then told me I had 2 days to unencrypt all files before the disk space would be entirely erased. I simply backed up most of them to a private tape, removed it, and unencrypted a few remaining files and deleted the rest. I never used the program again.

    When the PC came out with DOS, and I learned of TSR, I thought about that program, and thought I'd like to do the same thing again. I didn't at that time because I didn't make the committment to learn x86 assembly, and didn't have a suitable C compiler at the time. So a DOS version, unfortunately, never actually happened. However, I did see among some shareware on a BBS, around 1989, a description of a program that did exactly that. Unfortunately for that program, at that time I was doing the Amiga thing. Hopefully someone can track down that program.

    When I moved to Texas in 1993, I left all my old mainframe tapes (about 120 of them by then) behind. I had gotten hooked on Linux and swore to never use a mainframe again, so I had them discarded. Now I wish I had them back, because I could now run them on Linux using emulators ... after I figured out how to get stuff off those old tapes.

    --
    now we need to go OSS in diesel cars
  13. References ahoy by isaac · · Score: 4, Informative
    Check out The Economist's excellent article, "Patent Nonsense" for a good primer. Sorry, you'll have to pay to view it, but here's a germane excerpt:

    Todd Dickinson, the PTO's director, admits that there is a problem here. "In software, in particular, we need to develop our sources of prior art. We've been talking about reaching out to the software industry to get access to more databases," he says. Still, he argues, the problem should self-correct as more software is patented.

    What will not correct itself, though, is the bias in favour of issuing patents. This arises partly because America does not have the "opposition" system that Europe has, where the competition can put its case against a proposed patent.

    What is more, the way patent examiners are paid encourages the issue of patents. They are paid partly through bonuses for "disposals" of patent cases. But as Robert Merges, professor of law at the University of California at Berkeley, points out in a paper called "Six Impossible Patents Before Breakfast", while a patent issued is always a case disposed of, a rejection may not be, because the inventor can amend his application and try again. Quality, sticking-power and morale among patent examiners is also a problem. The PTO's intake is largely made up of law graduates. Starting salaries are around Dollars 40,000. In east-coast law firms, they are commonly Dollars 140,000.

    Here is an anonymous patent examiner on Mr Aharonian's site:

    You know what? I'm sick of finding ridiculous patents every time I look [in my files]. Part of the blame goes to the patent corps. We don't fight hard enough against the bull - being shovelled by upper management. And of course, that is where the rest of the blame goes. It's a system that's burning up, and management just keeps adding fuel to the fire. And why should you care? Hey, management pays you for good patents or bad, right? In fact, why should you fight with management? Why reject?

    Also check out this article on patent strategies of japanese companies. I do not claim to be a scholar here and freely concede that mmy posts are not scholarly works. That said, they do derive from the cumulative impact of articles I have read in a variety of sources over the years. I invite you to do some more research yourself to dispute my view - indeed, a quick google search reveals plenty of B-school theses fawning over the Japanese tendency towards cross-licensing to the extent that it permits more than one company to extract monopoly rents from a market, though I would dispute (again, admittedly without my own body of scholarly work) the assumption that this is a good thing from a macroeconomic perspective. If anything, I think this would reinforce my point, but since nobody (that I've found) has directly studied the impact of cross-licensing on companies excluded from the "club," as it were, I cannot provide you with an online reference directly supporting my proposition wrt stifling of innovation.

    -Isaac

    --
    I am not a lawyer, and this is not legal advice. For Entertainment Purposes Only.