Slashdot Mirror
Microsoft Confirms IE Changes in Wake of Lawsuit
theodp writes "On Monday, Microsoft verified that it will be making what it calls "modest" changes to Windows and IE to meet the requirements of the jury verdict against it in the Eolas patent infringement case. Microsoft says it will finish making the changes to IE and Windows by early next year and will provide developers that use IE technology with documentation to help them modify their applications, Web pages, and browser plug-ins to work with the new plug-in scheme, which affects all Web pages that use plug-in technologies such as Adobe Reader, Apple QuickTime, Macromedia Flash, RealNetworks RealOne, all versions of Java, and Windows Media Player. A preview of the new user experience shows the user being prompted to confirm loading of each ActiveX control."
While $520 million might be a drop in Microsoft's $40 billion bucket, it's still a big enough factor to warrent a change in practices. Too bad the anti-trust efforts didn't enjoy this level of success...
Stop by my site where I write about ERP systems & more
I, for one, particularly like the idea of being notified before my browser loads an ActiveX control. Sounds to me like a feature that should already be in the browser for security purposes anyway. Yes, I know it's a user changeable option, but honestly, how many "Joe Sixpack" users know the option's there anyway, much less what it means?
The probability that someone is watching you is directly proportional to the stupidity of your actions.
Huh, who'da thunk it. I expected MS to buy the Eolas patent, or Eolas itself if necessary, and turn the patent against AOL/Netscape, Opera, and the rest of their competition. They're actually not being vicious bastards in this one...
-3Suns
~~~~
The Revolution will be Slashdotted
I love how Microsoft, after a $500 million lawsuit, finally plans on putting a dialog box in that the user must click through to load an ActiveX control... ...when designing this dialog box, you'd you'd think someone would have mentioned how easy it would be to put a "Yes"/"No" choice in it. Right? Because sometimes users might want to not load controls, for various nefarious reasons we are all aware of. Right? Right???
wrong
by updating your code. I updated http://media.accettura.com last night to use a JS method recommended. Seems to work in all browsers I tested at the the moment. No dialog from IE's new release... only difference is JS is now required to see the object. But I don't think many people have JS still disabled.
Not at all. USA has a bad patent system made for big corporations and lawyers. Letting Microsoft win this case would show furthermore that law isn't really a problem when you have more lawyers.
The problem is the law. It's stupid. Change it.
Not much more...
Apparently, this patent apparently doesn't apply to plugins that run as an extension of the browser, rather than as separate applications.
However, from the way the patent is described, X11 itself might count as prior art, as the X11 protocol constitutes a "bidirectional protocol between the web browser and the application."
Is UNIX cool or what?!
tasks(723) drafts(105) languages(484) examples(29106)
And if this shuts down all those flash ads for even a few weeks, how is that a bad thing?
Kierthos
Mr. Hu is not a ninja.
RTFA and it did not mention it's just a one button dialogue box. Inquirer article I read after writing comment did. MS finally has a chance to do the right thing, enhance security, and they blow it. All this is going to result in is training people to click "OK" every time they see it on a page. After being conditioned to do this constantly, they'll do it to anything.
Ugh, I retract what I said, and must continue cursing MS as before. What I'd really like to see though is for it to remember which "enhancements" I have declined so that I don't have to bother with them again. Flash, gator, bonzai buddy and on and on.
This guy seems to be doing it for a vendetta, not for money. If it was purely a money thing, the free browsers would have little worry since they aren't good targets. I mean, no point taking someone to court who has no assets, it'll just be a waste of your time and money. Well he's not out for that reason, despite asking lots of money, he's out to cripple Microsoft. Ok, many people here would say that's a good thing (I'd say it's anti-capatalistic, but never mind). However, what happens if he gets a burr up his ass about another browser? Say he decides that Opera is unfair, since it charges money and he thinks all browsers should be no cost. Or maybe he gets in a abr fight with a Mozilla dev and gets mad at Mozilla. Then what? He can again use his patent as a weapon.
However, what he does is really not relivant. The point is that patents should NOT be allowed to be used as weapons by anyone, small or large. The point of a patent, and this is explicitly(*) spelled out, is to provide an inventor some protection so they can make money off an idea in the intrestes of promoting PROGRESS. In other words, you get a time limited right to your idea that people can't infringe on, so you are encouraged to share it with the world to use, and recieve compensation as a result. It isn't so some random guy or corperation that didn't invent shit can play bully with people.
Patent bullying needs to be stopped period.
(*): It's article 1, section 8, clause 8 of the constitution: "To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries"
I quite agree, Eolas are a much worse evil in this instance (though I'm sure they do not seem themselves that way, they no doubt belive they are heros of some kind), I was so disgusted I sent them the following email...
To: info@eolas.com
Date: Tue Oct 07, 2003 03:09:36 PM BST
Subject: Congratulations on your lawsuit
I would like to congratulate you on managing to successfully sue Microsoft and still manage to be seen as a despicable bunch of malevolent malcontents by the public at large (including industry professionals).
By exploiting the US legal and patent system and it's weaknesses (in particular it's notorious inability to deal with technical software cases) and infecting the rest of the world with your insipid patent claim (which is an insult to everybody with any knowledge of browsers, plugins, going as far back as the original inspiration for Tim Berners-Lee, Bill Atkinson's HyperCard) you have made the web a less pleasant experience, and you haven't actually contributed anything new to the concept of software plugins (those of us who remember HyperCards XCMD's are more than aware of that, even if the US patent office and the courts were not).
I'm sure your all convincing yourselves you've 'slain a giant' and that you are trying to re-enforce that opinion among yourselves for your own benefit, even though the rest of the world is largely telling you otherwise, most vocally. I'm sure you will casually disregard the voices you do not wish to hear.
Many people (those working for free in the open source world, as well as plugin developers and commercial software developers and web content maintainers) will now have to spend many man years working on an alternative non-patent-infringing format so they can be sure to remain free from your legal shenanigans. This is time that they could have spent working on other free an open software for the benefit of everyone (or who knows, even at the park, or at home with their families!). Not to mention all the end users that will be effected by this and who will have to now spend time downloading, installing and working around 'fixes' that will be necessary in the wake of your decision to sue.
In your own special way, you have truly made the world a worse place to live in.
Congratulations.
--
The problem isn't the law, per se. It's the problems that come up when this sort of law is applied in the same way to software as it is to more physical inventions. If I went in and tried to patent "A method for converting harvested grains to a flour substance", I'd be told that my patent wasn't specific enough. But I could patent "Using text and images for business on the Internet". Actually, I couldn't. PanIP already did that. Many years after the Internet, Amazon and all, were live and kicking. Prior art existed; why in the hell did they get that patent? There need to be technology specialists working in the PTO -- geeks like us who read Slashdot, who are paranoid about infringing on the rights of others and think through before just granting patents on anything to anyone.
In this case, the patent was put into place well before it was being used in actual browsers, so there isn't as much a prior art issue as a specificity issue. Generally, I think that because software can have such a broad application (imagine the hell we would live in if someone had patented the general concept of a database - "a data storage system with efficient retrieval systems" and so on) it is important to make sure that the language of the patent forces a company to work out its own solution to the problem, but doesn't prevent it from an entire branch of technological innovation.
Also, editors -- why isn't "Patents" one of the topics for this story? This is clearly taking place only because patents are being exercised; everybody here is talking about the patents. Listing this story under "Patents" will make sure that if someone is trying to look up or research examples of egregious patents being used as IP weapons (even against such a hated enemy/Slashdot sponsor as Microsoft).
Karma: Chevy Kavalierma.
They finally got the point after I e-mailled them a base64 decoder (after first shocking them by demonstrating how I could instantaneously "decrypt" the ids), and a separate script that would brute force all their user identifiers with wget in minutes... (I think presenting them with the user IDs that would have allowed me to download the CEO's address book and charge conference calls to his account was the most enjoyable part)
Let's just say that it wasn't the last security vulnerability...
From the article:
"We believe the evidence will ultimately show that there was no infringement of any kind, and that the accused feature in our browser technology was developed by our own engineers based on pre-existing Microsoft technology," a Microsoft spokesperson said in early August when a federal court jury delivered its verdict.
Welcome to what happens when you open Pandora's Box. What the lawyer/spokesperson/talking head missed here is that it *doesn't matter* if you built the system inside of a dark room sealed in a nuke-proof underground bunker - if someone else already has a patent on it, they own the idea. There is no "but *we* built this version!" cry that works, when someone 'patents software' they are essentially forbidding you to think or create without their permission.
Copyright prevents you from lifting their code and claiming it as your own.
Patents prevent you from building your own ideas if they happen to overlap someone else's.
What a mess.
Certainly there must be prior art for such an obvious software implementation. Thank you USPTO for your complete ineptitude. And thank you legal system for your ineptitude as well.
Eolas probabally just wants to cash-in on the $250 million patent settlement. I don't think MS intentionally lost the case in order to squeeze the competition. MS provides a trivial javascript work-around at the bottom of the new IE documentation. Any browser which runs javascript can presumably do the same. MS' documentation seems to state that the patent covers external program and data referenced within a web page, but it does not cover a second layer of indirection, such as an externally included javascript file that itself includes external activex object data.
So that is the new work around.
But it does create a whole new upgrade-cycle of
browser exploits. Previously, javascript could be filtered, which made it much more simple to filter out the remaining active content.
But now all the active content must be put into javascript, so filters will have to be able to process javascript to indirectly filter out the active content. Since the majority of the IE exploits target activex and embedded objects, there will be a long road of successful IE exploits until this new filter technology is stable.
This disproves the conspiracy theory that says MS lost the patent case intentionally.
Why would MS lose this patent case and accept the consequences of a whole new round of IE exploits and Virii/worms?
That would be just plain dumb, especially when your company is being sued in California for creating insecure software, and your reputation for providing secure products is at an all time low!
This security enhancement took a half billion dollar patent lawsuit to be brought about.
This is not a "security enhancement". IE already come shipped to prompt before installing any ActiveX controls (the famous "Always trust content by Microsoft Corporation" window is the one I'm talking about here).
What this is doing is forcing the browser to prompt in every instance that an ActiveX control is used, which, by the way, you can currently set IE to do as well, but it doesn't come defaulted to do so -- the "trust" there was placed when you permitted the control to be downloaded in the first place, which is a perfectly reasonable security model; so this isn't a security enhancement. There's also no way for a user to turn off this annoying "prompt all the time" behavior.
Fortunately, there is a way for webmasters and people hosting the IE browser control (such as MyIE2) to turn off this behavior, as Microsoft has posted workarounds (along with a wink-wink-nudge-nudge disclaimer that you shouldn't use them to circumvent the patent).
Unfortunately, this is having the opposite effect that Eolas intended. We've decided not to roll out a Mozilla solution because Gecko is in violation of this very same patent, which has now been validated by a federal judge.
NO CARRIER
Because the software world hasn't had big, market changing innovations lately. Really, I mean that. And I see no reason why a new software idea couldn't be on the market within a year.
Think I'm wrong? Name one real software idea that fits these criteria:
1. Patented in the last 3 years
2. Could not be exploited for a reasonable "head start" profit in 3 years
Show me that, and I'll show you a useless, obvious or redundant patent - a patent that will only be used to harm innovation down the road.
It's only been luck that we haven't seen more damage from bad software patents. Law should be changed now, or we'll see real problems in 2015. 3 years (or thereabouts) is a compromise that could protect most legitimate interests, I think.
Let's not stir that bag of worms...