Cisco Applies For Patents To Secured TCP

An anonymous reader writes "Following the recent excitement over a potential vulnerability in TCP, Cisco's "Worldwide Patent Counsel", Robert Barr, has let it be known that they have pending patent applications for one or more of the IETF recommendations for improving TCP's security. KernelTrap has the full details."

not more patents

[ncurses]

don't we have enough patents as it is?

Re:not more patents

[Darby]

don't we have enough patents as it is?

Well, maybe.

What if we were to limit the total number of patents?

The obvious result would be a new market in selling patent slots. You would have to *know* that you could make your investment back before applying because the patent itself would cost so much.

It would decrease the number of frivilous patents filed, but the small inventor would be at a disadvantage.

What do you think, would it be a positive, negative, or a push?

if tcp is copyrighted

and you use it illegally, you're in trouble.

only the criminals will have network connections

Re:if tcp is copyrighted

[DaHat]

So in the future a criminal could use a pirated wireless connection, using a pirated connection protocol to download pirated music and movies? Neat!

On the plus side, the (MP|RI)AA would be just as illegal in hunting you down... maybe I should take up P2P trading.

Re:if tcp is copyrighted

[andalay]

Err with all the money the RIAA get from your grandma and your kid, they have more than enough money to license any such patented technology.

Re:if tcp is copyrighted

[packeteer]

Whenever something new gets patented it makes a good joke to say that normal everyday things will soon be ILLEGAL but thats not quite how it will work. Nobody is going to be shut off form the internet becuae of their patent, thats the last thing Cisco wants to do. What they are trying to do is get some leverage to squeeze money out of hardware and software developers in the future.

Re:if tcp is copyrighted

[scotch]

You missed "to download the pirated move Pirates of the Carribean".

HTH

Re:if tcp is copyrighted

[wine]

OK, I'm sorry for correcting an otherwise funny comment, but there seems to be much confusion about copyright lay and patent law that I think could some correction.

Patent law is about the implementation of ideas. Cisco filed a patent for their implementation of secured TCP. Anyone who wants to use the same implementation for the duration of the patent has to license the right to do so from Cisco.

Copyright on the other hand is about the contents of artistic word like books. There is no need to file for copyright since it's an automatic right obtained by creating those works. If people develop similar works totally independent from each other, that's fine.

A Google search should give you more information.

Re:if tcp is copyrighted

[BiggerIsBetter]

Right - the implementation of ideas. Except it's not, because the USPTO allows processes - ideas themselves - to be patented.

If it was as simple as implementation (binary or even source code), "we" could write a new implementation that was compatible with their one (did the same thing in a different way), and multi-vendor secure TCP comms could happen. Unfortunately it's not that simple because they've likely patented the processes, although we'd have to wait for the patents to be available to see, I think.

This is actually rather risky for Cisco, because they may cut themselves off from everyone else. If OpenBSD indeed has a better and free solution, organisations should be using them. The result then is no secure communications if your non-Cisco equipment talks to Cisco equipment (unless Cisco implements the OpenBSD stuff too...).

Presumably the USPTO is smart enough to shoot down a process patent that's based on published recommendations by a third party, but maybe there's something clever in Cisco's particular implementation that's worthy. Either way, I suspect Cisco has just killed an otherwise reasonable way of doing secure TCP on the public Internet.

And props to people like the OpenBSD guys for being there and continuing to grind out alternative and often better solutions.

Re:if tcp is copyrighted

[olderchurch]

Presumably the USPTO is smart enough to shoot down a process patent that's based on published recommendations by a third party, but maybe there's something clever in Cisco's particular implementation that's worthy.

Dream on:
- USPTO Grants CA Lawyer Domain-Naming Patent
- Patent Granted on Sideways Swinging
- Patent On Software Downloads Upheld

and to sum it all up:
- Enter The 'Stupid Patent Tricks' Contest

Re:if tcp is copyrighted

[kunudo]

On the plus side, the (MP|RI)AA would be just as illegal in hunting you down...

You forget: They're rich. They'd probably just license the protocol :)

Re:if tcp is copyrighted

[kunudo]

Oh, and they and Cisco could then join forces to fight piracy, since you were violating both their patents....

Re:if tcp is copyrighted

[tiger99]

The sideways swinging definitely has prior art. It should not have been allowed.

Of course in many parts of the UK we don't have swings now, because they are considered to be dangerous, by the fascists at the Health and Safety Executive, or maybe because the owner simply has not the time to do a risk assessment, as required by law.

It gets realy stupid sometimes.....

Re:if tcp is copyrighted

[makomk]

It sometimes seems like the main effect of software patents to create different, mutually incompatible standards (e.g. compress and gzip, MP3 and Ogg Vorbis, etcera). It's just so *stupid*...

Re:if tcp is copyrighted

[isn't+my+name]

If it was as simple as implementation (binary or even source code), "we" could write a new implementation that was compatible with their one (did the same thing in a different way), and multi-vendor secure TCP comms could happen. Unfortunately it's not that simple because they've likely patented the processes, although we'd have to wait for the patents to be available to see, I think.

And the nice side effect of all of that would be that with diverse implementations of the specs, the chance of a single vulnerability affecting all of the systems is greatly reduced.

But, I suspect you are correct. The patent's granted them are likely so broad that competing implementations will still infringe. I'm so glad that we have this patent system to encourage innovation.

Re:if tcp is copyrighted

[hman]

Here in Italy this week a child had an accident on a swing.
Somehow it got it's head tangled in the rope while swinging, afaik currently it is in hospital with a "brain dead" diagnose.
Does this mean prohibiting all swings is a a possible idea ? Yes.
Does this mean prohibiting all swings is a a good idea ? I don't know.

Re:if tcp is copyrighted

[tiger99]

The problem is that they will simply kill themselves some other way. It is tragic when a child dies needlessly but if you protect them too much, they never gain any sense of danger, then when they are old enough they have some major disaster. No extreme approach really works, best that they are trained and supervised until they can see for themselves how to avoid danger, and of course the equipment should be made as safe as possible (soft materials, no sharp edges and so on). Children should perhaps be made aware of this accident and how it happened. When I was young, we all knew who had fallen off which roof and broken his leg, so we did not go there, we also knew how to abuse one particular multi-person swing in the local park (a sideways one, prior art!), so it would eject its occupants, because we knew what would happen, we did not do it. Children can be taught to avoid danger, it may take some time, and it helps if they only see adults behaving responsibly, such as crossing the road carefully.

It is really up to the parents to train their children well, sadly many parents nowadays are simply not up to the task, or more commonly, really don't have the time if both need to work, which is common.

Swings should not be banned, although it may happen. A consequence of doing that is that older children will hang an old car tyre from the branch of a tree using any old bit of rope they can find, and use that as an improvised swing. That is somewaht more dangerous, they often swing over an uneven surface so the drop at one extreme, if the rope breaks, can be large, there is no provision for a soft landing, etc.

Re:if tcp is copyrighted

[tricorn]

They're not even trying to do that. Didn't anyone RTFA? They say that if what their patent covers becomes a part of an IETF standard, that anyone can use it as long as they aren't suing Cisco for a patent violation.

If this standard is adopted, Cisco will not assert any patents owned or controlled by Cisco against any party for making, using, selling, importing or offering for sale a product that implements the standard, provided, however that Cisco retains the right to assert its patents (including the right to claim past royalties) against any party that asserts a patent it owns or controls (either directly or indirectly) against Cisco or any of Cisco's affiliates or successors in title for an implementation of any IETF standard; and Cisco retains the right to assert its patents against any product or portion thereof that is not necessary for compliance with the standard.

Well...

[Short+Circuit]

They better hope their applications are dated before the recommendations.

Re:Well...

[EmbeddedJanitor]

Not necessarily. I believe you have a year to make the application after it becomes public. However, they better have some strong records to back up the claims that they made the invention at an earlier date.

Re:Well...

[hak1du]

Well, assuming they did write the application, and no one else tries patenting said invention(s), they don't really need to prove much.

They still need to prove they invented it; the "inventors" listed on a patent really are supposed to be the inventors.

Re:Well...

[saden1]

You're assuming you need strong claims to get a patent application approved by the USPTO.

Re:Well...

[arivanov]

Depends from what perspective. They have already pulled out the stunt of suing Aclcatel and OpenBSD for VRRP without doing the proper patent disclosure in IETF. So one more case one less is not going to change a lot.

Methinks that it is much more interesting that there were people from outside Cisco working on that vulnerability. If I recall correctly the list there was Juniper and someone else there as well. So unless Cisco did the correct paperwork with these guys they are fully entitled to sue Cisco's arse flat.

In btw, it is quite time someone questions the exact origin of SSL, SSH, NTP and a few other items in IOS which are known to be bug for bug compatible with OSS code and do not have stated copyrights in the IOS release notes.

Oh goody.

[SatanicPuppy]

Do you think they'll patent the backdoor they're planning on putting in it? I'd hate to have to reverse engineer that.

I used to be very pro-cisco, but with the recent "Self protecting networks" ads that are misleading at best, and the backdoor snafu, I don't see how I could reccomend to anyone that they're worth the cost.

Re:Oh goody.

[ncurses]

I can't stand those ads either. It is not possible to defend against humans from the inside. That's liek trying to build a car that is intentionally-driving-over-a-cliff proof.

Re:Oh goody.

[jonfelder]

Yeah those ads are annoying...not as annoying as the Oracle unbreakable ones though.

Re:Oh goody.

[cuban321]

If you look at their Host based IDS solution it's pretty impressive. It prevents users from doing incredibly stupid things on their workstations and reports back to a central server.

Re:Oh goody.

[drinkypoo]

In order to build a car that is intentionally-driving-over-a-cliff-proof you would have to take control away from the driver in many situations, at least to some degree. It would in some ways make the car more dangerous but I think using a combination of GPS, GIS (for terrain with height values), ABS, drive-by-wire throttle, and electric power steering, you could probably pull it off.

Similarly, it is possible to protect entirely against some types of attacks and reduce the damage of others, even when the attacks are being launched from the inside, by treating all networks as foreign to one another, and not making any exceptions. This may make the network less useful in many ways, but many organizations are doing just this.

Re:Oh goody.

[Prince+Vegeta+SSJ4]

but with the recent "Self protecting networks" ads

I know my Cisco router is self protecting, everytime it gets more than a few requests at a time it shuts down all network traffic, requiring a reboot. At first I thought it was those damn bastards at /., but then i realized it was a feature!

Re:Oh goody.

[Throtex]

You could do all that... or you could just replace the car with something that has survival instincts. Like a horse.

Re:Oh goody.

[hawkeyeMI]

Or you could leave the car how it is and let Natural Selection do its thing. While you're at it take the warning labels off of obviously dangerous items.

Re:Oh goody.

[gstoddart]

No, you were right. It would make the car more dangerous.

A car suddenly deciding it isn't willing to listen to your inputs is just scary.

Because in any condition in which the computer takes control, the driver won't know what the hell happened, and the computer might not have all the information.

Now if it picks me up, drives me to my destination, and goes away to refuel itsself and hang out with other cars, it is perfectly allowed to retain control at all times. =)

(And I wouldn't trust *that* unless it was on a track with guaranteed physical distance between vehicles.)

Re:Oh goody.

[Clinoti]

You raise an excellent point about treating all networks as foreign to one another. It's a change that we've recently implemented officially at my place of work, but has actually been in place for many years before so.

The question raises is there really any sense for your global network to allow the janitorial staff the same role access as other contractors?

No, read the question again.

When lazy/lesser administrators role access across entire networks with the example of the janitor being a background process, how much protection on your network do you really have?

Blocks should already be in place for the needed access vs. fire and forget access. Cisco, made an outstanding business decision of using that angle for PR for a smart network that simply shuts down traffic when it notices unusual or a spike in traffic; which is the same thing that an administrator should have done in the first place. Not to take away from them but I've done the same with cheaper routers, a segmented network and careful roles.

If any Cisco reps read this: I still love you guys, honest!

Re:Oh goody.

[Maserati]

They're a pretty bad rip-off of the IBM campaign. Which has been brilliant. The IBM spots don't make specific promises, but they do have a keen insight to convey. Anybody else really, really, really need a "Business Reality Detector" ?

We do get the bosses' kids from time to time, but we use Macs :-)

Re:Oh goody.

[ncurses]

An intentionally-driving-over-a-cliff proof car...we must weigh the cost vs. the benefits. I believe that the car you described isn't worth the monetary value of a life. Just my opinion.

Re:Oh goody.

[bl1st3r]

That ACTUALLY wouldn't be all that hard. With a combination of GPS, good video recognition software, and physics calculation, the car would be able to tell if a massive drop off would be coming up and automatically shut off the car with enough time for it to stop by itself.

Antilock brakes is a good precurser for this idea in that sensors tell a computer when the exact moment to let off the brakes to not have the wheels lock up would be. Computing the exact time needed before a catastrophic cliff driving accident is just a logical progression thereafter.

The next big thing I think will be accident avoidance and collision detection. Automatically taking over control of a car to avoid a collision. A human reacts poorly to most situations given that we don't have time to actually think out the most plausible action. Example being that we see something in front of us, our first reaction is to slam on the brakes. This causes wheels to lock up suddenly and we slam into the obstruction. The better action would be to quickly and smoothely correct course while applying steady and slight pressure to brakes. A computer can do this without the sudden rush of emotions that a human experiences. I imagine technology to do this will be accessible within ten years.

Re:Oh goody.

[Darby]

You could do all that... or you could just replace the car with something that has survival instincts. Like a horse.

Too easy.

We'll just coat the world in nerf and drive off of anything at 100 miles an hour.

Re:Oh goody.

[Wolfrider]

--Haven't you read any good Westerns? Horses have been known to run themselves **to death** while being ridden by someone in a hurry.

--Horses can be considered as a loyal and noble animal, but I wouldn't say they have the greatest survival instincts.

Horses can be literally run to death

Re:Oh goody.

[drinkypoo]

I certainly wouldn't drive one, I want to be the only guy in control of the car. I WOULD use traction control if I had it in much of my day to day driving, but I think all such devices are crutches we use to avoid thinking about the road, which is the only thing one should be doing while driving. Nothing else is more important than driving while you're behind the wheel, and if you make it more important, very bad things tend to happen.

I wasn't proposing such a system, only pointing out that it is likely technically feasible with today's systems. I don't think VW's automatic clutch idea (as they implemented it) was too hot but it worked, right? Most of the time.

Re:Oh goody.

[monkeydo]

Have you actually looked at CSA, or are you just talking out of your ass?

Before anyone spouts off at the mouth

[tacobot]

Let's keep in mind that patents are in place to protect the innovators and keep them innovating. Yes, it sucks that maybe other vendors can't use this for a while, but that's the price of progress.

Re:Before anyone spouts off at the mouth

[BiggerIsBetter]

Bollocks. They are there to protect investors not innovators. They are there to maintain a monopoly for a limited time, and come from an age that moved far slower than ours does. They are regularly abused, and they hamper progress more often than they promote it. Go ask anyone with a technical or science perspective rather than a business perspective.

Re:Before anyone spouts off at the mouth

[iminplaya]

Because we all know that we would all be pulling ox carts screaming "Bring out your dead!" if we didn't have patents...right??? Sorry, man - It's because of patents that we are still traveling around in sub-sonic jalopies, running on KEROSENE no less.

Re:Before anyone spouts off at the mouth

come from an age that moved far slower than ours does

Exactly!!! It took so much time and money to come up with some of the major advances in yester-years that they needed the patent restriction timing to help get back some of the cost they stuck into R&D.

They are there to protect investors not innovators.

Well, no shit. But don't forget, if there were not investors, how would the innovators keep innovating with no money to back them. The fact is patents allow for investors to make back the money they invested. However, technology is currently moving so fast that the patent system definitely needs an overhaul.

Re:Before anyone spouts off at the mouth

[Breakfast+Cereal]

Wait, so are you actually saying that if it weren't for patents and they way they are awarded and enforced in the U.S., nobody would have an incentive to invent a fix for this TCP vulnerability?

Re:Before anyone spouts off at the mouth

[Lawrence_Bird]

> come from an age that moved far slower than ours does

>Exactly!!! It took so much time and money to come up with some of the major advances in yester-years that they needed the patent restriction timing to help get back some of the cost they stuck into R&D.

One can argue the inverse.. it takes so little time now for something to be reverse engineered and then commoditized that the patent affords the inventor(and investors) the opportunity to recoup r&d and costs to bring to market and then to make some money on the item before its margin goes to 0.

Re:Before anyone spouts off at the mouth

[BiggerIsBetter]

Problem is that people are generally not doing that. The way to profit now is not through developing your own product, or even licensing. The most effective way has become buy a patent, lay low, then sue.

What's worse, is that if you realise your idea has been previously patented, you can create a workaround and patent that - so the number of feasable and free solutions drops closer to zero... thus killing free software. Bottom line is that I shouldn't have to pay someone else so I can implement an idea I had at 3 am.

Re:Before anyone spouts off at the mouth

[cbreaker]

Sure they would, they just couldn't do it because they would be sued by cisco..

Re:Before anyone spouts off at the mouth

[Brandybuck]

That's their purpose. I don't disagree with that. But Cisco isn't innovating here. Traditionally you could only get a patent on something that was not obvious to a practitioner in the field.

It seems to me that once this vulnerability was discovered, the fix was obvious. There was no innovation in this case.

Re:Before anyone spouts off at the mouth

[Fulkkari]

They are to protect them both. Innovators are funded by investors, who try to earn money from the innovations. If the investors don't get any money, neither does the innovators.

I'm not saying that this Cisco patent is any good, but there are products that have costed much money to develop, but are easy to copy. The ones developing the product need the money from the limited time monopoly to compensate the money that was used in the development process. If someone immediately just goes ahead and copies all the work the innovators have done and starts selling it, the innovators would sooner or later be out of cash.

Re:Before anyone spouts off at the mouth

[Alsee]

Patents exist to protect inventions. And pretty much every country on Earth has - correction - *had* rules stating that math is not an invention. That you cannot patent math, calculations, or math algorithms.

Well, programming is a feild of math. All software is a mathematical function. The only thing a computer can do is calculations.

You can hook a computer up to a speaker that produces sound, you can invent and patent that speaker, but the computer itself can only do math calculations.

Math is not an invention. Software is not an invention. You can't patent addition, you can't patent calculus, and you can't patent the math that is software MP3 calculations.

The US screwed up a case where the court upheld a patent doing a calculus integral to decide how long to cook rubber during manufacturing. You simply integrate heat over time. Simple math, if you are familiar with calculus. It was the ordinary rubber manufacturing process, they just "invented" an equation to decide how long to run the heat. That one bad ruling opened the door to software patents. The US patent office took that lousy ruling and threw the door wide open for patents on math.

Of course they don't directly let you say you're patenting math. Word the application one way and it gets rejected, word the exact same claims a different way and it gets approved. Software patent attorneys admit it's all about using "the magic words". You're patenting the process of doing some calculationon on some hardware. Ordinary PC hardware.

-

Re:Before anyone spouts off at the mouth

[16K+Ram+Pack]

I'm sure that in fields such as chemistry, drugs and what I might call "proper inventing" like James Dyson's dual-cyclone cleaner. That is, where someone isn't just applying an existing mechanism to shortcut efficiency, or something obvious, but applying some new found knowledge or technique from another area to it.

But having a stupid "1-click" patent is stupid. It's as stupid as someone creating a recipe for say chocolate ice cream, and someone else putting nuts in it and patenting "choc 'n' nut ice cream".

When I first heard of the 1-click patent, I'd already thought of it myself and independently of Amazon (and some time later). I imagine thousands of others did too.

The thing with something like patents on say specialised polymers or say advanced compression methods is that they can improve society. The inventors research, invent and improve, and the result can be that whole new industries and benefit society.

I see no benefit from either business or software patents.

Re:Before anyone spouts off at the mouth

[fatgeekuk]

Lets not forget that from the information in this article, they are applying for patents for ideas generated within the IETF.

So unless the proposing member of the IETF is an employee of Cisco this is theft.

If they are, arent you meant to keep an innovation secret prior to being granted a patent?

Re:Before anyone spouts off at the mouth

[mwood]

"Nominal" for whom? What General Motors would call a nominal fee, I might call "more money than I will see in an entire lifetime."

(Of course GM would just rummage through the filing cabinets at Hughes, then reply, "we'll see your patent and raise you six" and pay nothing. Only those who can least afford it will pay.)-:

Re:Before anyone spouts off at the mouth

[Skjellifetti]

Problem is that people are generally not doing that. The way to profit now is not through developing your own product, or even licensing. The most effective way has become buy a patent, lay low, then sue.

Do you have anything other than a few anectodal /. stories to back that up? I'll give you a hint: start here and prove that most of these are submarine patent lawsuits. I'll bet most of them are just run-of-the-mill patent disputes.

i'm starting to agree

[HBI]

The US business model sucks.

Patenting a security feature in TCP? Cisco sucks. I won't use another one of their products again if I can possibly help it.

Unfortunately that's probably not going to happen. In fact, I have this CSS 11150 box that i'm going to have to configure. sigh.

When the choice is principles and employment, employment wins. I have child support to pay.

Re:i'm starting to agree

[Jahf]

Oh yeah, the U.S. is the world's only capitalist market where employees have children and little choice in jobs due to a supressed economy?

I don't disagree with the problems IP laws in the U.S. as mentioned by the parent of your post, but your post is implying something different.

Re:i'm starting to agree

[SpaceLifeForm]

It's called ethical bankruptcy. They learned it from SCO and MS, and recently SUN.

Re:i'm starting to agree

[mo]

well, if it makes you feel any better, we just made a purchasing decision against cisco in favor of two simple linux boxes running a combination of shorewall and heartbeat. The cost savings versus the cheapest cisco firewall that does failover was worth the effort of installing the open source software. I also highly recommend m0n0wall for a SOHO cisco replacement. I'd chose m0n0wall over a cheaper watchguard or sonicwall box any day.

Re:i'm starting to agree

[dspisak]

Dude, try OpenBSD 3.5. Automatic firewall rules syncing and HA with pfsync and carp! I think you will find it far nicer to work with then Linux+Shorewall. Not saying thats a bad choice, just the stuff in OpenBSD 3.5 is really seriously good stuff.

www.openbsd.org

Re:i'm starting to agree

[orthogonal]

When the choice is principles and employment, employment wins. I have child support to pay.

What a proud example you are for your children.

"Hey kids, when you have the choice between doing what's right and making a dollar, remember only the poor can afford a conscience! Pat Tillman chose to follow his principles, and look where he is now!"

Re:i'm starting to agree

[Brandybuck]

The US business model sucks.

The US business model is "open small store in neighborhood, buy inventory low, try to sell inventory high, work your butt off." As near as I can tell, that's the way every corner liquor store, pharmacy, flower shop, and bookstore in the US works. If you don't have inventory, or even a shop, you still have to work your butt off.

As I see it, it's those putting ideas under lock and key who aren't following the US business model.

Re:i'm starting to agree

[mindfucker]

"Hey kids, when you have the choice between doing what's right and making a dollar, remember only the poor can afford a conscience! Pat Tillman chose to follow his principles, and look where he is now!"

The funny part is that this example you use to attempt discredit the grandparent post actually seems to validate it...

Would you rather be alive, financially secure, supporting your children, and able to admit your fallibility? Or would you rather be a righteous dead patriotic reactionary? I know which one I'd choose..

Re:i'm starting to agree

[Triumph+The+Insult+C]

and with ifstated coming along in 3.6, everything can failover

Re:i'm starting to agree

[Lumpy]

I also strongly reccomend this in addition to your list.

it makes the creation of firewalls, really good fast firewalls with most of the features that Cisco claims in their "protected" networks possible within a few days.

I have a old P-II 450 here running one and we have NEVER came close to overloading it (100Bt in and out) it is hackerproof, espically if you write protect the config diskette and has the great ability to email me the logs every morning.

Re:i'm starting to agree

[DAldredge]

I was responding to this "When the choice is principles and employment, employment wins. I have child support to pay." in the original post.

That is what is wrong with America, ANYTHING for a buck.

I am from the USA so I think I know a little about the subject.

Re:i'm starting to agree

[Jahf]

I know what you were responding to, and if you think child support counts as "anything for a buck", it is obvious you don't have kids (with you or not).

I am from here as well, and while I might agree with you that money is too important here, you are attacking the wrong subject to prove your point.

Take a look back through history and I think you'll find the "do I feed my family or do I live with my ideology" is a -tantamount- question of the human experience.

Re:i'm starting to agree

[DAldredge]

I do have kids and I have been in the same sit. that you describe more than once and I still did the right thing.

Perhaps if you rephrased you statement to be less broad it would better convey what you are trying to say.

Some principles are worth keeping and you statement says that NONE are.

Re:i'm starting to agree

[HBI]

Nice to know the cocksucking sack of shit immature mods are on the job yet again.

Try to do the world a favor and get your balls injured in an industrial accident before you reproduce, willya?

Thanks!

Some IETF and patent background...

[bingbong]

It was never the object of patent laws to grant a monopoly for every trifling device, every shadow of a shade of an idea, which would naturally and spontaneously occur to any skilled mechanic or operator in the ordinary progress of manufactures. Such an indiscriminate creation of exclusive privileges tends rather to obstruct than to stimulate invention. It creates a class of speculative schemers who make it their business to watch the advancing wave of improvement, and gather its foam in the form of patented monopolies, which enable them to lay a heavy tax on the industry of the country, without contributing anything to the real advancement of the arts. It embarrasses the honest pursuit of business with fears and apprehensions of unknown liability lawsuits and vexatious accounting for profits made in good faith. -- U.S. Supreme Court, Atlantic Works vs. Brady, 1882

Historically, the IETF has been neutral about using patents in the Standards process, and its position is summed up best in the charter of the IPR Working Group (http://www.ietf.org/html.charters/ipr-charter.htm l):

The IETF and the Internet have greatly benefited from the free exchange of ideas and technology. For many years the IETF normal behavior was to standardize only unencumbered technology.

While the 'Tao' of the IETF is still strongly oriented toward unencumbered technology, we can and do make use of technology that has various encumbrances. One of the goals of RFC2026 'The Internet Standards Process -- Revision 3' was to make it easier for the IETF to make use of encumbered technology when it made sense to do so.

Last year, there was an attempt to make the IETF change their policy, but it failed miserably (http://news.com.com/2100-1013-996351.html?tag=fd_ top).

So you can have more secure communications, but only if you pay Cisco.

Bastards.

Re:Some IETF and patent background...

[muonzoo]

I'm not sure where it says that you'll have to pay Cisco. The IPR statement that I read clearly states:

...any party will be able to obtain a license from Cisco to use any such patent claims under reasonable, non-discriminatory terms, with reciprocity, to implement and fully comply with the standard.

Admittedly, they might charge, but it doesn't say that they will. This is not new, and it might not even be news. Corporations have been doing this for a while. Look through the IETF IPR archives and you'll see plenty of places where standards work has either bumped up against or incorporated a firm's claimed-IPR.

Re:Some IETF and patent background...

[ninjaz]

So you can have more secure communications, but only if you pay Cisco.

Actually, according to the "full details" link, you can have more secure communications, but only if you pay attention to OpenBSD's recommendations (and ignore Cisco's patent-encumbered implementation which isn't as good).

This is the second time in six months OpenBSD has seriously one-upped Cisco and its patents. :-) They even wrote a song about the first!

Re:Some IETF and patent background...

[MrIrwin]

The fact that CISCO owns a patent does not mean that you have to pay a license. CISCO may, for example, make a statement allowing free, unlimited and non revocable rights to use thier technology.

By owning the patent they prevent anyone else from doing so.

The fact that CISCO publicy announced thier patent issues before standards adoption allready bodes well, patent leeches generally keep quiet until there is a pool of people to sue available.

Re:Some IETF and patent background...

[arivanov]

Are you sure that the OpenBSD fix is not covered by the Cisco patents as filed? I would not be so sure until the patent is granted and we can compare it because it is quite likely that has been watered down and vagued to the maximum possible extent so that it covers other future fixes.

Re:Some IETF and patent background...

[ninjaz]

No, I'm not sure. Don't mistake me for an expert on this set of vulnerabilities. I was going by what was said in the link and on the OpenBSD misc@ mailing list.

According to some messages on the list, Cisco was one of the worst affected by the recently announced set of TCP vulnerabilities, and OpenBSD had only minimal exposure in the first place.

It strikes me that this may be PR ploy on Cisco's part to cover up for their past mistakes by appearing to rush to the rescue with a patent pending solution. They'll even graciously let others use them in exchange for cross-licensing. After all, if it's pending a patent, those Cisco guys must be really on the ball ...right? ;)

Personally, I trust the OpenBSD project a great deal more than Cisco when it comes to security. I mean, OpenBSD wasn't even vulnerable to the no-workaround backdoor password issue!

Luckily in that case, locking a user account had a considerable amount of prior art.

This could set a REALLY bad precedent...

[kcbrown]

...if it gets past the patent office (who here doubts that it will? I don't).

The reason is that this is basically a patch to a protocol. The TCP protocol itself was a novel invention. But most patches to protocols, or to code to fix a particular problem, are fairly obvious to someone skilled in the requisite arts. Generally, the nature of the bug is what determines the solution, and often the solution is obvious to someone who is familiar with the protocol (or code) and the problem in question.

If this gets through then you can expect a lot of patents to be filed on patches to many things, including open source projects. And that means that unless the code is protected by something like the GPL (which requires a patent license grant as a condition of redistribution), the projects (and those who maintain and use them) will be vulnerable to patent infringement suits.

This is going to get nasty. But I think most of us who have been keeping track of this nonsense already know that.

Re:This could set a REALLY bad precedent...

[mellon]

Er, people are _already_ filing patents on patches. In fact, that's the backbone of the patent system - most patents filed are on small tweaks to existing mechanisms.

Re:This could set a REALLY bad precedent...

[zenyu]

Er, people are _already_ filing patents on patches. In fact, that's the backbone of the patent system - most patents filed are on small tweaks to existing mechanisms.

While undoubtedly true, I think this may be the very reason the patent regime is so hostile to the progress of the arts and sciences. A system closer to the founders' where the president himself reviewed that year's patents needs to be reinstituted. Of course, I do find it hard to believe that patents make any sense in an economy where government funds almost all research and much of our product development. A simple rule might eliminate a lot of the patent problem, simply disallow corporations or individuals that sell to the government or make use government funded research from holding patents or using patented technology in their products. That simple rule would curb the patent plague.

I do like the concept of paying inventors like myself for our hard work, but where industry is having the greatest positive effect the patents are an obvious encumberance at 18 years when the product cycle is 9 days (fashion) to 9 months (hardware). Where industry is limp and facile with 2-3 year product cycles there is little need for a patent monopoly to bring a product to market either. Something like what has been proposed for music where artist try to make their music as popular as possible and get a proportional share of some related tax makes more sense. Institute a 2% value added tax on business and use the proceeds to pay inventors, but without the exclusivity. The patenting process also needs to be reformed, too many trivial patents are being granted: I propose a system where each patent examiner gets to pass one patent up to a higher level for approval per year, and additional patents for a dock on their pay, but then gets a bonus if that patent is approved by the higher level examiner who is under the same rules. The top level examiner would then pass on their patent to be approved by the president and if approved move to congress to be ratified. If only one or two patents were granted a year they might be useful, especially if licensed as part of a small flat tax instead of the current liability lottery system.

Re:This could set a REALLY bad precedent...

[Alsee]

The TCP protocol itself was a novel invention

No, the TCP protocol is a math algorithm. A big elborate math algorithm. A useful math algorithm. But it's still nothing but a math algorithm.

Math is not an invention. It is absurd that the US issues patents on math.

If you wanna say TCP protocol is a patentable invention, then you can't deny that the patch is also a patentable invention. It is new and (for patent purposes) non-obvious.

And you're right that things may to get nasty, but on an even bigger scale. The EU Parliment is refusing to approve software patents in the EU (the EU Council is fighting for them, but as I understand it the Parliment gets the final vote). If software patents start getting enforced in the US we'd simply see a massive movement of software development to the EU or elsewhere, especially opensorce projects. It would result in a huge base of software that was unusable in the US. The rest of the world could use and benefit from it and have an advantage over US companies. Of course the US would have a hissy-fit over it's own companies' losing position. The US would need to drop software patents itself or declare economic warfare against all non-software-patent countries. Of cource my idiot government will go with the second option. Things may get quite ugly indeed.

-

So don't adopt these as a standard

Official standards should not include anything that is proprietary, as that gives someone a monopoly and shuts out open source solutions. Standards should be designed so that everyone can use them without having to pay royalties.

Re:So don't adopt these as a standard

[EmbeddedJanitor]

Not necessarily. Many standards are based on patentented technology. eg. SmartMedia includes FAT (Microsoft), various SAE/ISO specs include CAN(Bosch). What is bad though is if the patent is then used to leverage power in a bad way.

Re:So don't adopt these as a standard

[AndroidCat]

If technology in this document is included in a standard adopted by IETF and any claims of any Cisco patents are necessary for practicing the standard, any party will be able to obtain a license from Cisco to use any such patent claims under reasonable, non-discriminatory terms, with reciprocity, to implement and fully comply with the standard.

I guess we'd have to trust them as to the meaning of reasonable or reciprocity eh? (Does reasonable mean "just don't fsck with us and we won't fsck with you" or is it "Give me the map and you might walk out of here on human limbs"?)

Re:So don't adopt these as a standard

[L0C0loco]

Just because they patent it, does not mean that they will keep it for themselves. Let's see what they do with it before we burn them at the stake. Maybe they did that to protect us all from soemone else patenting it and trying to milk it. I'll give them the benifit of the doubt before I make statements like "that'll be the last Cisco device I buy ...". What a bunch of manic depressives! WWLD (What would Linus Do?).

Re:So don't adopt these as a standard

[mr_jrt]

"Time Bandits" perchance? :)

Re:So don't adopt these as a standard

[KagatoLNX]

Tons of standards contain proprietary bits.

Indeed, proprietary standards abound in the manufacturing sector.

Look at ITU or Bellcore standards. Heck, most of those you need to pay just to get a copy of the standard!

That said, open is the way to go.

Proprietary standards allow interaction between big players, Open standards allow interaction with the little guy. I'm the little guy, so I like Open.

Re:So don't adopt these as a standard

[AndroidCat]

Evil was a reasonable man. :)

What is....

[wpiman]

exitement?

Is that a cross between excitement and excrement?

Re:What is....

[wpiman]

Capital N in Nazi please. We Nazis like to go by the book.

Seems they fixed the issues anyways.

It was an attempt at humor designed to make the anonymous cowards of the world come out of their shell. Either that or you can take some Procrit.

Limited use if proprietary

[sacremon]

Unless Cisco licenses the technology and other companies bite, I don't see this getting very far on the Internet. Too much of the backbone is comprised of equipment from multiple vendors. I work for a large Tier 1 ISP. Most of the edge routers are Cisco, but the core routers are Juniper. Things get even messier in a Co-location data center, where customers can be using who knows what brand of equipment to connect to the data center's network.

Re:Limited use if proprietary

[thedillybar]

I don't see this getting very far anytime in the near future anyway...

SSL, VPN, IPv6. They've all been around for a long time. Sure SSL is used quite a bit, but it's definitely not used the majority of the time. We've seen stats on the WiFi expos where you can pick off hundreds of POP passwords thanks to plaintext connections. It will be a long time (if ever) before this is even close to mainstream.

Re:Limited use if proprietary

[iabervon]

I think Cisco is in trouble here. Since this matter primarily for BGP, and is necessary to keep the internet infrastructure from being vulnerable to attack, and the internet is now considered vital infrastructure, I wouldn't be surprised if the FCC called up the PTO and told them to reject the application. Or, for that matter, if the NSA called up Cisco and told them to drop the application. Or the DHS could call up Cisco and ask about how they seem to be aiding cyberterrorism. I wouldn't be surprised if it wasn't Microsoft's idea to allow unlicensed copies of Windows to get security patches, either.

Re:Limited use if proprietary

[jerw134]

I wouldn't be surprised if it wasn't Microsoft's idea to allow unlicensed copies of Windows to get security patches, either.

Actually, it wasn't. It was just a dumb employee spouting off about something he knew nothing about. SP2 will not be allowed to install on pirated versions of XP. This includes versions that were installed using a keygen.

It's all about the phbs

[SatanicPuppy]

Phb: "Oh, SELF PROTECTING NETWORK! Oooo! We need one of those!"

Such crap. It's like those blatantly false microsoft ads where they show microsoft office as a wonderful beautiful thing. I've worked with office for years, and the only time I danced through my office with a newly printed office document involved a printer incompatibility, a long project, and way too much coffee.

Show me an ad that says, "Hey this works okay most of the time," or "this router can detect and contain unusual network activity, so viri spread slower" and that's a product that I can trust. Promising pie in the sky only works for idiots.

Re:It's all about the phbs

[Dimensio]

Show me an ad that says, "Hey this works okay most of the time," or "this router can detect and contain unusual network activity, so viri spread slower" and that's a product that I can trust. Promising pie in the sky only works for idiots.

It's been my experience that the idiots are the ones making the purchasing decisions, hence the nature of the advertising.

Re:It's all about the phbs

[ryanmfw]

The DARPA is actually working on something like this. It's supposed to automatically identify a virus or worm within seconds and with no human intervention. It's then supposed to disconnect the entire network from the segment that that virus was discovered on. Sorry I don't have the link.

Re:It's all about the phbs

[SatanicPuppy]

I agree completely, thus the "Pointy-Haired Boss" reference.

My mother is just like this. I can tell her something over and over and over again, and it means nothing to her. But if she hears the same thing from a random, poorly-informed stranger, it's a proven fact.

It's sad that they know enough to hire skilled people, and then choose to listen to simplistic (though slick) advertising instead.

Re:It's all about the phbs

[nuonguy]

The point is that it works! Not because people are idiots, but because they're muggles. They don't get it. To them, the act of sending email might as well be magic for all the understanding they might have, so promising them something that's technically infeasible is worthwhile and profitable. If it's presented well, if it uses cultural memes that are accepted and understood by the target audience, if it tells them something they want to hear, it'll work.

Re:It's all about the phbs

Promising pie in the sky only works for idiots.

And who do you think has final say on these kind of purchases.

Re:It's all about the phbs

[ikkonoishi]

It also detects when you try to use the CD-ROM tray as a drink holder and automatically logs you out and contacts your local BOfH.

Re:It's all about the phbs

[bstone]

I love the promises of advertising.

Back in the 70's, there was a company advertising a product that could "Stop Computer Downtime". The product turned out to be under floor water detectors.

Re:It's all about the phbs

[pyrrhonist]

It also detects when you try to use the CD-ROM tray as a drink holder and automatically logs you out and contacts your local BOfH.

...after first retracting the tray, thus spilling your drink.

Re:It's all about the phbs

[Triumph+The+Insult+C]

Show me an ad that says, "Hey this works okay most of the time," or "this router can detect and contain unusual network activity, so viri spread slower" and that's a product that I can trust.

That's not a product I would trust. Routers should do one thing, and that's routing. Firewalls should be the devices that implement policies, not routers.

It's the same premise as buggy, hole-ridden software. A good 30% of 'features' in software don't need to be there, but they are, and they introduce problems. Take Norton Systemworks (2002) ... while it's scanning the disk, you can have it animate the logo and/or play some music. Why does that need to be there? It doesn't ...

The same goes for Cisco ... the hardware isn't spectacular, but they make up for it in software. They add feature upon feature upon feature, which leads to the code getting overly complex, which leads to bugs. You then get vulnerabilities like the one for LEAP, or now this TCP reset business, when they (the bugs) likely wouldn't exist if the routers just did routing and the engineers focused on that.

Re:It's all about the phbs

[Geek+of+Tech]

>> My mother is just like this. I can tell her something over and over and over again, and it means nothing to her. But if she hears the same thing from a random, poorly-informed stranger, it's a proven fact.

Now you know how she felt when you were growing up.

:)

Re:It's all about the phbs

[Frobnicator]

It's been my experience that the idiots are the ones making the purchasing decisions, hence the nature of the advertising.

It's not just the idiots. If you didn't know anything else about the product, which would you buy?

• Product A -- Claims to be 73% good.
• Product B -- Claims to be 96% good.
• Product C -- Claims to be 99.999% good.
• Product D -- Claims to be 100% good.

Being skeptical, you would probably pick product A has having truthful ads. Product B, you might think, has really good real-world performance. Product C is just marketing hype, and product D is impossible in the real world.

But if you see a big brand name (Microsoft, Cisco, Intel, etc.) on product C, you might say "Well, it isn't 100%, and they are a good company. Maybe it's the truth. Of course, claiming to be Product C happens, and that's where the trap is.

It might be that you are looking at Microsoft statement claiming "5 nines" of 99.999% uptime (that's down for 5 minutes each year). Or Sun claiming the same 99.999%. Or Cingular Wireless claiming 99.999% reliable networks, excluding several days of downtime that they must not factor into their percentage. Maybe it's that 99.999% pure copper speaker cable you were looking for. (For the chemists, here's a site where you can buy over a dozen other '99.999% pure metal' wires.) Lots of people get caught into that.

In some cases it really is justified. If I were a chemist, maybe having iridium wire that is only 99.9% pure might cause problems, and those extra 9's might be significant. But that usually isn't the case for most marketing.

But I don't think it's just a PHB issue, it's a problem of 'I really want the best, and I only want to spend 5 minutes to find out which one that is'.

frob

Re:It's all about the phbs

[lonesome+phreak]

I like calling Wiccans gulible in front of other Wiccans, then saying "oh, I said blah blah blah" Then when they turn around we all laugh.

Re:It's all about the phbs

[psocccer]

I saw a great new MS ad in Information Week today, where it shows that Linux costs 400 times more per second than Windows Server 2003 for webserving and file sharing. But the comparasin is W2k3 on 2 900mhz XEON processors and Linux running on a z900 mainframe, so it boils down to the fact that a z900 costs a ton more than a couple low end XEON processors.... I laughed pretty hard at that one.

In fact, there appears to be an entertaining article about the whole ad.

Re:It's all about the phbs

[StandardDeviant]

IAAC. Most reagents are indeed rated rather precisely with respect to their purity. For example, "spectroscopic" grade toluene is different than "hplc" grade toluene, and they're both different from "reagant" grade toluene. (These are so-called "customary" names for different purity grades. It can be a little confusing even to practitioners, so typically something will be labeled like "Reagent Grade (95%) Foo.")

Those extra 9s frequently are important. For a plain synthesis reaction, 95% may be ok (you may just want to make some of product X to prove that it can be made, so if you have some miniscule fraction of an isomer of X due to that 5% similarly-reactive reagent impurity, it's not such a big deal). But if you're doing a really precise analysis (say ppt range), you don't want any peaks from chemically similar impurities crowding into the spectral range you're looking at.

But yeah, outside of the actual practice of science, most anything above 99% is speculative horseshit dreamed up by a marketer. _Proving_ that something is that pure is an expensive and time-consuming prospect.

Re:It's all about the phbs

[cerberusss]

Show me an ad that says, "Hey this works okay most of the time,"

This is exactly what CodeWeavers does, for example here.

To quote: "The office assistant sort of works, but when it's running, things get weird and break badly. It's fun to try, but remember to turn Clippy off when you're done."

Now that might be a bad example, since Clippy mostly never gets installed, but I've seen MANY customers on the mailinglist who state that they bought the product just because of this honesty.

Re:It's all about the phbs

[Trepalium]

The logo animation is a funny thing. It actually does serve a purpose. It tells you the program is not hung. It's the same thing as those silly spinners in text mode programs (-\|/). If you have a program that's just sitting there with nothing but static text, how long are you going to wait before deciding something might be wrong?

Re:It's all about the phbs

[wagemonkey]

On my drive home from work I pass a farm selling "96% fat free milk". The first time I saw it I cracked up, now it depresses me.
I think it should be against the trade descriptions act (UK), but it'd probably be ok.

For those who don't realise normal full fat milk is 4% fat - hence 96% non-fat. Skimmed is c.1% fat, semi-skimmed is 1%-2%, iirc.
I think 96% fat-free should have 4% of the fat of 'normal' full fat, not be full fat milk.

Deceptive advertising at it's most obnoxious?

Re:It's all about the phbs

[makomk]

I personally liked the *Microsoft-sponsored* report which found that ordinary Linux webservers had a lower TCO than Microsoft ones. Obviously, they didn't trumpet *that* finding...

Re:It's all about the phbs

[ynohoo]

ah... no. It tells you that the thread running the animation is not hung. What is happening in the other thread(s) could be a whole different story!

Re:It's all about the phbs

[jpvlsmv]

Such crap. It's like those blatantly false microsoft ads where they show microsoft office as a wonderful beautiful thing. I've worked with office for years, and the only time I danced through my office with a newly printed office document involved a printer incompatibility, a long project, and way too much coffee.

You're getting the wrong message from that ad. What it's actually saying is that if you use Microsoft Office, you'll look like an idiot, even when it does (sometimes) print your document correctly.

--Joe

Re:It's all about the phbs

[monkeydo]

The vulnerability in LEAP was that if your chose a trivial password it was easily guessed. It wasn't a software bug, it was a wetware bug.

Re:It's all about the phbs

[samhalliday]

Sun claiming the same 99.999%

hmm, well, i believe SUN on that, sorry.

we use SUN in our university network and i got to do my first ever SUN Blade powercycle 2 days ago. come to think of it, it did take a whoping 5 minutes to boot up though.

Re:It's all about the phbs

[Frobnicator]

On my drive home from work I pass a farm selling "96% fat free milk". ... I think 96% fat-free should have 4% of the fat of 'normal' full fat, not be full fat milk.

I can just see the following dialog:

customer:What is this solid block of lard doing in the dairy section?
clerk:That's not lard, it's non-fat milk fat.
customer:What is the solid block of not-really milk fat doing in the dairy section?
clerk:It's the new Atkin's Brand 100% Milk for Lactose Intolerant. It's popular among teenage girls and dieters.

Ci...SCO ?

[horatio]

Bastards, patenting a public working group's suggestion for fixing the broken widget. Anyone else wonder if there is a conspiracy here? If this works for the network appliance giant, SCO might just have a case if they patent a few of the publically submitted kernel patches.

Re:Ci...SCO ?

[gvibes]

"A person shall be entitled to a patent unless ... he did not himself invent the subject matter sought to be patented." 35 USC 102(f). If Cisco didn't invent it, they can't patent it.

OpenBSD

[LittleLebowskiUrbanA]

How fortunate of a timing right after OpenBSD just decided to combat software patents with Open Source.

Re:OpenBSD

[j0hnn135]

These Nuts are ... Nuts. (Not coconuts) They should make a rule about patent happy companies: If they try to patent a standard or the extention of a standard, then they are suspended from using any of the IETF standards as punishment (Wouldn't that be pretty). Of course the IETF would need an army of sharks (read lawyers) to enforce anything crazy like that. Thanks for the BSD link. -J0hnn135

Re:OpenBSD

You might also find this of interest:

http://marc.theaimsgroup.com/?l=openbsd-misc&m=1 08 432660625483&w=2

hmmmmm....

[j3ll0]

CARS (RFC793 [1]) are widely deployed and one of the most often used reliable end to end protocols for PEOPLE TRANSPORTATION. Yet when it was defined over 20 years ago the ROAD SYSTEM, as we know it, was a different place lacking many of the threats that are now common. Recently several rather serious threats have been detailed that can pose new methods for both denial of service and possibly data injection by blind attackers. This document details those threats and also proposes some small changes to the way CARS handle inbound segments that either eliminate the threats or at least minimize them to a more acceptable level.

I don't know if I'm for it or against it now...

Robert Barr?

[jonman_d]

You mean Robert Barr, the man from the Redundancy Van from the monopoly of Cizzzcoo-eeeee?

(If you don't get the joke, go check the openBSD website.)

Re:Robert Barr?

[Mind+Booster+Noori]

Worst than that... And curious too: this is the same Rober Barr then the one who claims being against software patents!

Check FFII...

Solution:

[Sebby]

Read my last post.

And in other news...

[TheMadPenguin]

NetBEUI becomes a routable protocol... :P

Re:And in other news...

[darkjedi521]

I'd rather use IPX - I think there is a version of it designed to be routable. I could be wrong - been a long time since I actually used it.

Re:And in other news...

[man_ls]

IPX is routable...IPX packets contain the same fields as IP packets (network ID and host ID, similar to ip address and subnet mask)

It just didn't get as popular as IP for some reason.

Re:And in other news...

[darkjedi521]

Thanks. Its been a long time since I actually used it as a transport - I spend more time now ripping it out of XP machines who refuse to use anything but IPX for talking to samba servers.
Overheard at work:
"But that will break all my games" - Customer
"Right now, access to the school file server and printers are broken. Do you want us to fix your problem so you can print your final or not?" - Helpdesk

Re:And in other news...

[man_ls]

Welcome to my world. :)

Sure.

[SatanicPuppy]

I'm sure it's pretty cool. Most of their stuff is.

But I bet users are still going to be doing stupid things. You can't beat stupidity, and by claiming that, in fact, they have, they lose my vote big time.

Cisco products may have a place in a comprehensive security solution, but they're trying to claim they ARE a comprehensive security solution, and they're not.

Great timing

[darkjedi521]

I was planning on migrating two legacy networks off of DECnet and NETBeui over to TCP/IP transports. Considering this, I might as well leave the older protocols in place. Besides being easier to contain at the firewall (drop all non-ip), they are so old as to not be patent encumbered. Plus the netbeui stack actually fits on a floppy, unlike the MS TCP stack, which only fits after massive pruning and compression.

Re:Great timing

[0racle]

I don't see how this in any way affects plans to move off of older protocols to plain TCP. I think you might be over-reacting

Re:Great timing

[darkjedi521]

I was planning on moving them to a modern, open protocol, but if Cisco wants to turn fixes into a proprietary mess, might as well stick with what works than go through the migration headaches. Plus it will give me an excuse to play with a VMS cluster, since I am pretty sure that only works on DECnet.

Re:Great timing

[0racle]

TCP is an open protocol, this doesn't change that. If you read the article closely, you'll see there's an 'S' before the TCP, this is Cisco attempting to patent Secure TCP, not TCP its self. Differences are comparable to the r commands and ssh with its family of stuff sftp, scp and the like, just because there's a new one, doesn't make the old ones magically stop working.

WRONG!

[Sebby]

Patents are now only for use as a tool for extortion for companies that have no business model, heading towards bankruptcy, or want a monopoly of their respective field of business.

New Protocol

[dicepackage]

It looks like it is time to switch to IPX or NetBEUI for the internet.

Re:New Protocol

[AvitarX]

No,
Must use apple talk.

That would be fun.

Re:New Protocol

[Alsee]

Nah, lets go with Xmodem.

-

Translation:

[CatGrep]

Let's keep in mind that patents are in place to protect the innovators and keep them innovating. Yes, it sucks that maybe other vendors can't use this for a while, but that's the price of progress.

Let's translate this:

Let's keep in mind that patents are in place to keep lawyers employed and keep them litigating. Yes, it sucks that maybe other vendors (or open source developers) can't use this obvious idea for a while. (period) Impediments to progress are the price we just have to pay.

Re:Translation:

[the+morgawr]

>other vendors (or open source developers) can't use this obvious idea for a while

The OpenBSD guys claim they have had something better for a long time and have asked the IETF to use it instead. I wouldn't hold your breath though.

Re:I don't understand

[andalay]

They were introduced to help innovation but changed to help the bottom line somewhere. Thats why you should ask the innovators, not the bottom liners -- if thats a word, which its not.

Prices

[hoagieslapper]

My suggestion is to limit the number of patents a company can hold and/or apply for in a year. This forces them to keep only the truly inovative patents and discard the trival patents.

Re:Prices

[Myen]

So the big companies would fork multiple wholly owned subsidiaries to hold patents with?

That would probably be able to harm only the smaller companies that can't spawn that way...

Re:That's simply not true

[BigBadBri]

"None of these innovations were perpetrated by a monopoly..."

Yes they were - the NRDC (later to become BTG) had a monopoly on the exploitation of publically funded research from its inception.

Patenting things (hovercraft, interferon, CVT, etc.) is entirely different from patenting processes/software - the first can be justified, the second is a can of worms best left unopened.

I think you're trolling, anyway.

Did ANYONE RTFA???

[chrome]

Especially the part where Robert Barr says "any party will be able to obtain a license from Cisco to use any such patent claims under reasonable, non-discriminatory terms, with reciprocity, to implement and fully comply with the standard."

That sounds like to me that Cisco will not be charging a whole lot for this license, it will probably be one of those $1 license deals where once you have it, you have it in perpetuity.

If Cisco don't apply for a patent, someone else WILL and those barstards might end up charging so much for the method that it never becomes a standard.

I don't think Cisco's intent is to make the standard too expensive for it to become an actual standard in use.

Re:Did ANYONE RTFA???

[Aneurysm9]

You forget, this is /. People see "patent" and panic. People rarely read the article or patent application. I'm not sure, but it looks like this might be the application they're referencing. United States Patent Application 20040081154: Internal BGP downloader. I tend to think like you do, Cisco sees this as something that is essential to the future of TCP as a viable standard and will not charge an arm and a leg for a license.

Re:Did ANYONE RTFA???

[ergo98]

That sounds like to me that Cisco will not be charging a whole lot for this license, it will probably be one of those $1 license deals where once you have it, you have it in perpetuity.

And what, exactly, do you base the "probably" on? I see it as distinctly more probable that Cisco, being a dominant player, will implement what would otherwise be a discarded solution, and smaller vendors will be basically forced to follow suit. They will, of course, have to line up to pay the Cisco tax, and that internet tax will fall on the shoulders of every person using the services or products, directly or indirectly, of any of those firms.

Of course we're both just pissing in the wind because ultimately we have no idea, however Cisco has provided a bad precedent by going for this patent (and the "defensive patent" angle doesn't really fit here).

Re:Did ANYONE RTFA???

[eggboard]

I'm with you, chrome. The whole point of RAND (reasonable and non-discriminatory) terms is that companies that have intellectual property that they are either required as part of company policy or believe is wise of them to protect, can participate in standards development -- but only if they agree to RAND. If you don't agree to RAND, you can't corrupt the IETF, IEEE, or other bodies by later claiming high fees.

In many ways, Cisco is being a good citizen by saying, you can reliably go ahead and implement this stuff that uses our patents because we agree to RAND. This means, as chrome says, that Cisco is making sure that the rights are locked up, are licensed cheaply and reasonably, and that they have spent the legal $ to ensure so.

Re:Did ANYONE RTFA???

[rusty0101]

As CISCO has not disclosed the terms of their licencing, RAND means nothing. Setting the cost at a billion dollars, can be asserted as being Reasonable and Non Discriminatory, as the only "customer" involved would be Microsoft.

In all likelyhood you very well may be right. I don't know what Cisco thinks the market for licences to their patch happens to be, so neither of us are likely to be "correct" in our valuation.

-Rusty

Re:Did ANYONE RTFA???

[chrome]

Rather than guess, I asked Robert Barr himself if I could get a license for the Linux Kernel Project, and this is what he said:

Hi Nathan There is no patent and there is no standard, so it's a bit premature.

But if a patent does issue and a standard is approved, this is our policy

Cisco will not assert any patents owned or controlled by Cisco against any party for making, using, selling, importing or offering for sale a product that implements IETF RFCXXXX, provided, however that: Cisco retains the right to assert its patents (including the right to claim past royalties) against any party that asserts a patent it owns or controls (either directly or indirectly) against Cisco or any of Cisco's affiliates or successors in title; and Cisco retains the right to assert its patents against any product or portion thereof that is not necessary for compliance with RFC XXXX.

Royalty bearing licenses will also be available as an option.

Please let me know if you have any questions.

Robert Barr

Re:Did ANYONE RTFA???

[chrome]

I sent an email back asking what could be done to ensure that Cisco won't try to SCO linux in the future if Linux uses the methods in the draft, we'll see what his reply is.

Re:Did ANYONE RTFA???

[shadowmas]

i think the issue here is not so much as the price of the patent but the patent itself. it doesnt matter if they give licenses for free. the main issue is a 'bug fix' like this should not be allowed to be patented in first place.

Re:Did ANYONE RTFA???

[retro128]

You do, of course, realize that if everyone who had an RFC that they charged a license fee for, the Internet would not exist at all?

The Internet was built off of the same philosophy as OSS. It's a bunch of people putting their heads together and throwing their ideas in the ring to make things better for all involved. What if all of these people clutched their ideas to their chest and said "This is MY piece and you have to pay me to use it"?

It doesn't matter whether or not Cisco would charge a small license fee for this new implementation. They are running against the philosophy that built the Internet in the first place. Standards must be open and free for the widest possible adaptation or you are looking at vendor lock-in ala Microsoft. In other words, to hell with Cisco.

I did RTFA and it looks like this is a proposed draft - It has not been ratified. Cisco is saying that if it is they've got the patents. What they're going to do with it I'd rather not find out. I'm willing to bet that most vendors won't follow the new recommendation to escape potential fees/lawsuits and instead go with another implemenation...Possibly their own. And that can't be a good thing.

Re:Did ANYONE RTFA???

[hackerjoe]

Cisco retains the right to assert its patents against any product or portion thereof that is not necessary for compliance with RFC XXXX

Nice. This means that nobody can implement this in GPL'd software (wherever software patents apply), because the GPL requires that anybody be able to modify and redistribute the software without encumbrance, regardless of what they're doing with it. So, not in Linux.

Re:Did ANYONE RTFA???

[chrome]

Right. I checked the GPL and it does say that.

I got a response back from Robert, my stuff is in bold, his is the reply below:

> If I read this correctly (IANAL, obviously) the Linux Kernel project
> could go right ahead and use the methods that Cisco has applied patents
> for, however at any time after a Patent has been issued (IF it is
> issued - and I think its a fair bet its going to happen, the USPO seems
> to rubber stamp anything out of tech companies these days) Cisco could
> demand that the Linux Kernel project pay them whatever.

Not at all. That's not what it says, or what I mean to say. It says that
nobody has to pay anything, or even ask for a license, unless they want to
assert patents against Cisco. You don't read it that way?

Well, I'm not quite mollified by this. So I sent the following:


Okay, I get that point now, but is there anything stopping Cisco from asserting its patents just for the hell of it?

You say that Cisco will only assert its patent against someone who tries to assert a patent against Cisco, but what is stopping Cisco from just doing it anyway?

ie, the methods are integrated into the Linux Kernel TCP/IP stack and gain wide acceptance, and Cisco then sees value in trying to claim that all users of Linux need to pay Cisco a licensing fee of $200 per CPU to use the proprietary, patented methods included in Linux.

I know its far-fetched, but 3 years ago, anyone saying that SCO would try to claim ownership of Linux would be laughed at.

What agreement can open source projects enter into with Cisco to ensure that the above is legally impossible?

Lastly, the GPL states:

"Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all."

So, for any GPL software use Cisco's methods, Cisco will need to provide a guarantee that under the GPL, any future patent for these methods will be free for use by that GPL software.

Just taking your word for it that Cisco won't assert it's patent in the future isn't good enough :)



Now, I'll happily grant that my analysis if probably flawed, but I think I'm on the right track here ;)

Re:Did ANYONE RTFA???

[man_ls]

Cliffs:

Anyone can use their patent for free, with the following conditions:

*If that someone owns a patent, they can't make Cisco pay for use of their patented technology, should that situation arise.
*If the someone does make Cisco pay royalties, Cisco will make them pay royalties.

Pretty fair mutual-assistance type thing.

Re:Did ANYONE RTFA???

[kcbrown]

I tend to think like you do, Cisco sees this as something that is essential to the future of TCP as a viable standard and will not charge an arm and a leg for a license.

You're right. They won't ... at first.

But then, once their standard is implemented basically everywhere, they'll suddenly change the terms, so that anyone who wants to create a new implementation of any kind (which includes upgrades to existing versions, etc.) will have to pay handsomely for the privilege.

You're an idiot if you don't think any major corporation will refrain from taking maximum advantage of power like that. Major corporations don't give a shit about the welfare of the community, or of their customers, or of anyone but their major shareholders. They care only about their bottom line and about milking everything they own for all it's worth, in the short term (and bust out the "we're just maximizing shareholder value!" excuse when it harms someone, even their own long-term prospects).

So excuse us for being skeptical of any "good will" claims on the part of any significant corporation or their supporters. We as a community and as a society have been burned too many times before to believe them anymore.

Re:Did ANYONE RTFA???

[swillden]

Pretty fair mutual-assistance type thing.

Almost. You forgot the bit that says:

* If the someone uses the Cisco patent in a product that does not comply with the IETF standard, Cisco may make them pay royalties.

As mentioned by some other posters, this proviso makes it impossible to use the patented technology in GPL'd code.

Actually, the "you can't sue Cisco for infringement of your patent if you're using our patent" probably also makes this "license" GPL-incompatible, even though it does seem like a fair trade.

Re:Did ANYONE RTFA???

[tlunde]

While I am a lawyer, this comment does _not_ contain legal advice for you to follow and it is not intended to form an attorney client relationship with you (chrome) or any one else who happens to read it. I am ethically required to urge you to consult with a lawyer who is admitted to the bar in your state (assuming that you live in the US) so that you may have comptent legal advice. Now, with that said:

As a general matter of law, you _are_ entitled to rely on a person's statement. And, when a person is a properly authorized representative (officer/director/etc.), you can also take their word as binding on their corporation. Google on "estoppel" for more infomation if you're curious.

Re:Did ANYONE RTFA???

[chrome]

Okay, I got this back:

On May 12, 2004, at 12:46 PM, Robert Barr wrote:

> Okay, I get that point now, but is there anything stopping Cisco from
> asserting its patents just for the hell of it?

Yes, my written statement above would stop us. I can turn it into a contract if that is necessary, but I don't think it is. Anybody who relies on that statement is protected, but I guess they should consult their own lawyer.

> You say that Cisco will only assert its patent against someone who
> tries to assert a patent against Cisco, but what is stopping
> Cisco from just doing it anyway?

see above.

> ie, the methods are integrated into the Linux Kernel TCP/IP stack and
> gain wide acceptance, and Cisco then sees value in trying to claim that
> all users of Linux need to pay Cisco a licensing fee of $200 per CPU to
> use the proprietary, patented methods included in Linux.
>
> I know its far-fetched, but 3 years ago, anyone saying that SCO would
> try to claim ownership of Linux would be laughed at.

SCO never made a statement like I did

> What agreement can open source projects enter into with Cisco to ensure
> that the above is legally impossible?

I'll execute an agreement with those terms if necessary

> Lastly, the GPL states:
>
> "Finally, any free program is threatened constantly by software
> patents. We wish to avoid the danger that redistributors of a free
> program will individually obtain patent licenses, in effect making the
> program proprietary. To prevent this, we have made it clear that any
> patent must be licensed for everyone's free use or not licensed at
> all."

Prof Eben Moglen says this about GPL, I think it applie

"Section 7 prohibits distribution under GPL if you cannot fulfill the requirements of the license because of other conditions *imposed* on you by, among other things, a judgment of patent infringement, interim measures short of judgment, such as a preliminary injunction, or contractual limitations such as non-disclosure agreements or patent licenses. But you are not unable to distribute under GPL unless those requirements have been *imposed*. Until a particular party distributing GPL'd code has either accepted a license whose requirements are incompatible with GPL or has been ordered by a court of competent jurisdiction to do or refrain from doing in a fashion incompatible with GPL, there is no direct conflict with the requirements of the license, and no requirement to refrain from distribution. With regard to patents, in particular, no one *ever* has an obligation to refrain from making, using or selling technology that *may* practice patent claims solely because someone somewhere has taken a patent, claims to have a patent, or even publishes a license. Only the demand that you in particular take a license or cease infringing triggers theoretical liability under US patent law. Whether there can be liability for damages for the period before such notification is another question, legitimately of importance to those who commercially distribute free software, but not ordinarily of significance to those who develop only, or who distribute non-commercially.

Moreover, patents are not global, only local. To say that we cannot *develop* under GPL because a patent exists in country X, and a license has been published there to which those making, using, or selling in country X *might* be asked to subscribe would go much too far. That situation certainly does not prevent development elsewhere, and distribution under GPL can certainly proceed."

***

> So, for any GPL software use Cisco's methods, Cisco will need to
> provide a guarantee that under the GPL, any future patent for these
> methods will be free for use by that GPL software.
>
> Just taking your word for it that Cisco won't assert it's patent in the
> future isn't goo

Re:Did ANYONE RTFA???

[Mind+Booster+Noori]

With regard to patents, in particular, no one *ever* has an obligation to refrain from making, using or selling technology that *may* practice patent claims solely because someone somewhere has taken a patent, claims to have a patent, or even publishes a license. Only the demand that you in particular take a license or cease infringing triggers theoretical liability under US patent law. Whether there can be liability for damages for the period before such notification is another question, legitimately of importance to those who commercially distribute free software, but not ordinarily of significance to those who develop only, or who distribute non-commercially.

In other words, you can code something using the patented "technology" (they aren't even patenting that, only their share part of some ideas they had to fix a protocol!) until Cisco wants to stop it.

Moreover, patents are not global, only local. To say that we cannot *develop* under GPL because a patent exists in country X, and a license has been published there to which those making, using, or selling in country X *might* be asked to subscribe would go much too far. That situation certainly does not prevent development elsewhere, and distribution under GPL can certainly proceed."

FreeS/WAN wasn't in 2.4 kernel because of the possibility of legal problems in some countries (just one example), so why would this be different?

Well, of course, USA has software patents and unfortunatly Europe is going the same way, but Africa hasn't yet!

It's the best I can do. Why? Why the hell is he going to patent it in the first place? Isn't he against software patents as he claimed to? Is he being pressed to do this? By who?

Re:Did ANYONE RTFA???

[Triumph+The+Insult+C]

define "reasonable". "reasonable" to whom? $1US is not reasonable to me. nor is $.01US. not even if they paid me $10000000US. it's the principle of the matter.

Re:Did ANYONE RTFA???

[Halo1]

The original owners of the patent that's now asserted against JPEG also promised they would not sue anyone over it. Then they sold all their assets, Forgent got hold of the patent and did start to assert it. I'm not sure if a promise (or even a written license) from Cisco would still be valid if they were to sell that patent to someone else.

Re:Did ANYONE RTFA???

[Geoff-with-a-G]

What if all of these people clutched their ideas to their chest and said "This is MY piece and you have to pay me to use it"?

They do. Specifically, Microsoft does all the time. The answer to your question is:
Some people would pay them, and other people would come up with a different idea.

Seems to be working okay so far. The 1% of the population that hangs out on slashdot complaining all the time doesn't make me think that the entire concept of patenting protocols is flawed. Nor do I think that Cisco is really "running against the philosophy that built the Internet in the first place." I assume we're not talking about ARPA, but rather the modern Internet. Huge portions of today's internet run on Cisco switches and routers, running CDP, STP, and EIGRP. Nor were the fiber backbones laid for free. Sometimes stuff costs money. Yes, even ideas. If you're not willing to pay, don't. If most people aren't willing to pay, then another way will be found

Re:Did ANYONE RTFA???

[retro128]

They do. Specifically, Microsoft does all the time.

I know. So does the Samba crew. So does the Mono crew. So does the Wine crew. Microsoft abhors inter-operation. That's why they're going on a patenting binge, undoubtedly to further lock up their protocols and make sure that if you don't use Microsoft software, you can't use services or protocols provided by it. Can you imagine if Cisco did something like this with TCP/IP?

And speaking of Cisco, let's take a look at one of their proprietary protocols you mentioned, EIGRP. EIGRP is a great protocol...Fast convergence, low bandwidth, very easy to set up. But if I wanted to drop, say, an IBM or HP router in that network I wouldn't be able to get routing updates from my Cisco stuff because it's using EIGRP. So there you have it, vendor lock-in. So now in order to get those routers talking, I would use OSPF...an open standard available to anyone who can read an RFC. Do you see where I am going here?

The point of my original post was that in order for an insanely large network like the Internet to work, with hundreds, if not thousands of different architectures all on it and able to talk to each other, the protocols for such communication MUST be OPEN and FREE. Money grubbing companies with patents on said protocls only guarantee that the owner of the patents and companies with enough money to pay them off are able to talk to each other. Everyone else will be left in the dust. Just ask the Samba guys about it when Longhorn comes out.

Re:That's simply not true

[Wolfbone]

Okay I've read them. Now tell me which one is the software patent? Which one of them is utterly trivial? Which one of them is a progress impeding claim to ownership of a mathematical algorithm or scientific idea?

I have a suspicion that many people who talk about patents here do not have a strong background in computing or history or science or mathematics or the arts, copyright law and patent law or philosophy or indeed any discipline whatsoever that might enable them to think rationally and logically long enough to see the evident folly of software patents.

They're a private company!

[tacobot]

They sued the Pentagon and won! If ever there was an example of the patent system fending off an agressor, that is it.

Actually...

[Xenographic]

I can and have thought up a number of ways to use our IP laws to discourage innovation.

For example, there's some stupid precident where something like 5 notes were supposedly "subconciously copied." I remember that, from the way they decided things, someone calculated that there were only 5,000 some odd different types of music that would be legally recognized under that precident.

Therefore, if you simply make a CD with each variation (and to comply with other wacky precidents and laws, make it a "dramatic" work--e.g. put some kind of story in there with your music, as well as mixing up the order so as to make your creation more creative than a mere listing of all the possible note combinations), and file a copyright on it.

Voila, you've copyrighted all the music. But you probably don't dare distribute any of it, lest you infringe on every pre-existing work, so you play SCO. Manage to get in the media with some wacky press release (Slashdot would be a good target), and spout off about how you intend to use this to stifle musical innovation "because it's clearly not profitable."

Ramble on a bit about how the industry knows what is best for us--"only unoriginal crap sells! so long as they're just rehashing their old works, we feel that they're not deriving anything from ours, and we simply want the music producers to make money, something you cannot do unless you force-feed the public unoriginal music." Thus you're never under obligation to actually sue anyone, though you can make a show of menacing anyone whose music might be original, telling them that it doesn't seem to derive enough from all their old records, so they must have stolen it from you...

Yes, I realize that this is incredibly contorted logic (I must have been reading too many SCO stories here...), but the upshot of it is that you would be using such a copyright registration to (at least attempt) to stifle innovation. ...

Now then, as for patents? It's harder to find an example of a bottleneck, as above, and these will cost you over $1,000 each in filing fees alone. Still, you seem to be able to patent the most rediculous things. You could always file some nonsense like "n-click shopping, for n greater than one" (note that you can make "shopping" into any other activity, though you might get hillarious results like "3-click bowling") or just "___ over the internet" ...

I can even imagine being bored enough to write an "absurd patent generator" in Perl, if I could just think of more such patterns to feed into it :] For irony's sake, one could then patent that nonsense generating algorithm (though proving it useful in commerce might be another hurdle... I wonder if they would buy the thought that putting it on a page with ads and making a grand total of $0.38 from the ads would be enough? :)

Of course, if you really did invent something wonderful, and you could patent up all the possible ways of using it (so that others couldn't just tweak it and get around your patent), you could always just publicize it and say that you have absolutely no intention of ever letting anyone use your invention until the patent expires. If it was software, you might then make it available via your website for *only* those people where your patent doesn't apply...

Re:Actually...

[Ckwop]

I've recently read an interesting idea here of starting a new P2P client then patenting every way of scanning that application for illegal downloaders.

e.g. Invention: "A general method by which to search [My new P2P application]"

Then think of every algorithm under the sun to do that and stick in the patent. If your feeling really adventurous you try patenting:

Invention: "A method of filling for copyright infringement against users of [My new P2P application]"

Where's the prior art? Sure people have sued before but they've not sued against people for the use of your app. If your very tight about your definitions you could probably get it patented.

Notice that the goal here is not to promote illegal filesharing. The goal is to raise awareness of the stupidity of the patent system.

Personally, I dont think you should be able to file for a patent when your turn-over is greater than say 10 million dollars.. That'd even up the playing field.

Simon.

Ambivalent about this

[Trogre]

Boo to Cisco for applying for dodgy software patents.

Yay to Cisco for being honest and telling people about it from the get-go.

Nothing to see here

[Luscious868]

There's really nothing to be upset about. From the article:

In response, OpenBSD creator Theo de Raadt said, "The Cisco/IETF recommendations contain numerous problems and issues. They should not be followed. We have better fixes in OpenBSD. Other vendors should be looking at these." For example, as mentioned in our earlier article about TCP reset attacks, with the IETF's/Cisco's recommendations in place it would be possible for an attacker to use one host to potentially flood another.

Basically, the implementation that Cisco is trying to patent is also flawed. OpenBSD's implementation contains better fixes. Who cares if Cisco tries to patent a flawed fix that no one will end up using? Let them waste their money. Let's face it, this move is upsetting on principal but there's really nothing to see here ... move along.

Re:Nothing to see here

[Triumph+The+Insult+C]

right. cisco will roll this 'fix' into future releases of IOS. oh wait, new exploit for IOS, no workaround, must upgrade.

or, spend the $$ to replace cisco equipment. i work at a .edu where we've got some 2000+ cisco devices. 1500+ of which are $3000 2950s

or, do the right thing and make a fuss with the ietf about them being cisco's bitch and get them to stop this insanity

Right, that's it!

[Trogre]

The Cisco is banished from Bejor, never to return.
The prophets have spoken.

since the act of patenting is itself a process...

[Jettamann]

... why can't someone identify the "bugs" in the US patent process, identify one or more "improvements" to the buggy US patent process, and then apply for US patent on bug-fix to the patent process itself?

Re:I don't understand

[Flower]

Patents were put in place for the good of society. I have just as much right to have an opinion on them as any CEO or lawyer.

After talking to the likes of Radia Perlman (who is extremely cool fwiw) I have extreme reservations that business model aka software patents do any good for society at all. I wonder where the state of networking would be now if spanning-tree had been patented and we had to wait 17 years before anybody was willing to implement it. I wonder where we could be if a mind like Ms. Perlman's could work on certain areas which really interest her (PKI for one iirc) except it isn't worth walking through a minefield of worthless patents. If HTTP had been patented do we you think we'd be using it or would we be using Gopher? Huh. Cisco has patents related to VRRP so the OpenBSD team develops an alternative and improves on the concept by adding in cryptography and increasing reliability.

And just remember this. For all the success stories you talk about - if it harms society, if it inhibits the arts and sciences - what the government gives it can taketh away. The Wright brothers didn't get to keep their patents.

Cisco turning into junk, as is linksys.

[Mustang+Matt]

For the record... I did some tests on linksys, dlink and netgear wireless access points and linksys was the worst. Netgear was actually the only one to function in all modes as advertised with perfect stability.

I'm not affiliated with any of the above companies. I just thought I'd mention that linksys is junk and owned by cisco. So maybe it's a family trait.

Re:I don't understand

[cheekyboy]

because the argument is, "patents are good for technological progess" which is not true, they are only good for business.

NOTE, some business plans/projects WONT go ahead if there is NO patent on the product, therefore, no patent = no business = no product = no progress.

I thought patents are meant to PROMOTE progress, but sometimes not all progress requires a patent so they get ignored.

So in this case, patents prevent progress.

OT, business perspectives arent so hard to learn as technical sciences. Basically its all supply/damand vs resources/profit. Thats it, if you can build it, and theres demand, and you can calculate a profit from it then thats all you need, Oh and good "contacts" business partnerships to make it happen.

Here is were opensource fills the gap, making things that dont need a profit, but benefit people.

No more early access for Cisco

[Burdell]

If they are going to attempt to patent fixes to security problems that they had early access to (i.e. they were notified about the problem prior to it being released to the public), that access should be stripped. The idea of early access is to cooperate and fix problems as fast as possible. Patenting a solution is not cooperation, so Cisco should lose their access.

BTW: one poster said "don't get excited, they'll do a reasonable and non-discriminitory license". That's nice, but it is useless for GPL software (unless they release an implementation under the GPL) and a trap for BSD licensed software (you can end up with code that says you can use it but you can't because of the patent).

Re:I don't understand

[Talinom]

What about if Henry Ford had patented the assembly line?

[sarcasm]That would have been a good thing.[/sarcasm]

My new pending patent...

[Uncle+Gropey]

I now have pending: a patent on "doing stuff".

This is fair warning, go ahead and purchase your licenses for any activities that you may "do" in the future, available seperately or in bulk now to avoid future infringement prosecution by the Doing Stuff Alliance (DSA).

Don't get so worked up

[LBalance]

Did any of you bother to read his email? He states "any claims of any Cisco patents are necessary for practicing the standard, any party will be able to obtain a license from Cisco to use any such patent claims."

Re:Don't get so worked up

[EdMcMan]

Of course they will... for a price.

NOT AN IETF RECOMMENDATION

[anti-NAT]

It is just an Internet-Draft (ID), that has been submitted for IETF approval. The IETF haven't reviewed it yet, nor taken a position on whether it should be a standard or not.

I could submit a ID for a protocol for standing on my head. That doesn't mean it is an IETF recommendation or that it will be.

With all the FUD being expressed by people who don't know much (anything?) about the IETF and its processes, maybe the next higher level after RTFA should be GAFC (Get A F**king Clue).

More from Theo and Company

[Ded+Mike]

...as Tony says, in the BSD thread, in partial reply to Theo:

QUOTE
What's very amusing is reading section 5 of the draft, wherein the author distributes credit to a number of parties. If Cisco were to file a patent at this point and not include those parties (including other companies), the patent validity would be at risk by reason of excluding a contributor. If Cisco does include all of those other companies in the patent, then all of them must also present the IETF with relevant IPR statements.
Frankly, this is yet another PR blunder by Cisco. If they had simply said nothing or formally put their contribution into the public domain, they wouldn't look so egregiously greedy.
ENDQUOTE

From the 10EAST archive, as quoted in kerneltrap...Theo has some choice comments about the US Patent System and the IETF, too.

IOW, yet again, Cisco trying to cash in on Open Source, in order to desperately prop up their miserable recent record of development, innovation and security, as well as theft from the Open Source Community, in order to keep their stock price up and keep from being listed on F'd Co., where they belong.

well, the IETF will have to pick new protocols

[swschrad]

you can't have a patent on a base RFC protocol on the internet, unless it's public domain, used to keep somebody from hijacking the technology. if cisco is filing, then the IETF has to open the process once again. just that simple.

Re:I don't understand

[cbreaker]

And not only that, but if you scale the length of the patent to the production to today's standards, they would have held the patent for 100 years.

Technology is too fast paced for this kind of crap. Patents on high tech should only last a couple years at the most.

Protecting the network from humans on the inside

[cgenman]

Actually, the router in question is very intelligent. All attempts to connect to MSN are re-routed to Google, and any software downloaded is first routed to the system admin for approval. When it recieves a query for windows update, it returns a package containing FireFox, ThunderBird, AVG antivirus, and SpyBot. I can't tell you what it installs when the user attempts to get SP2, but I can tell you that it isn't called "Lindows."

I have a solution. Seriously.

[TheHonestTruth]

The US needs to ditch its one year grace period. As it stands, any prior art found within a year before a patent application's filing date can be swore behind. Basically it's a way an inventor can say "I invented my invention up to a year before I filed the application." The problem is that a lot of developments, especially in software, happen within a short time frame. So if Cisco files an application on 12/31/2004, they basically can claim that any disclosures, such as newsgroup discussions, open source versions, etc that happened between 12/31/2003 and their filing date do not bar their application.

Europe on the other hand (well, the PCT) has no grace period. Once the invention is disclosed, your rights are out the window. Adopting a policy like this would make it much harder for companies to troll newsgroups/web/discussion boards, get ideas, and file an application based on an implementation. It's not a total solution, but it would be a good start.

As someone that was trying to invalidate an obvious patent filed on date X for a client, let me tell you that finding stuff on the web published over 1 year beforehand was a bitch. Plenty of stuff in the 6 month range, but the web wasn't full blown back in mid 90's like it is now...

-truth

Re:I have a solution. Seriously.

[TheHonestTruth]

Not so, and from what I've heard, it's not even done very often.

Apparently "yes, so".

A quick google comes up with:

A presentation by a law professor laying out general prior art requirements.

No offense, but "from what I've heard" is not very authoritative. Please provide information to the contrary.

Where I work, whenever we think a patent is invalid (all the time, if it's not our client), we search for prior art over a year before the filing date of the patent. Finding some is critical to our case because the inventor cannot claim that he was the first to invent. On the flip side, if you were the inventor, wouldn't you make every argument that there was no prior art for up to a year before your filing (since losing would mean you would lose the right to your invention?) You would do everything you could (produce dated lab notebooks, files, etc) to show that you invented your invention first. It happens in every patent invalidity litigation.

-truth

Re:That's simply not true

[Sebby]

I have a suspicion that many people who are angry at our established patent system do not have a strong background in either law or business.

And those that do are the ones abusing the system, and of course the patent office lets them.

Sorry, no cigar for you.

Patents are pretty much worthless...

[Svartalf]

Unless you've got deep pockets, the Patents themselves are only as good as your lawyers that you can afford to defend them (and the legal fees to do so...). Unless you're one of the big players, you don't have the resources to take on any infringers save players that are your own size. Unless the Patent is for something simplistic, the people that would bother to reverse engineer the technology are in the X lb gorilla size class (where "X" is a suitable multiple of 100...) and therefore have more legal and financial resources than you can normally bring to bear. Eolas is an exception where some deep pockets took a lame patent that probably should have never been granted and attacked even deeper pockets- all they did was pursue the alleged infringement by Microsoft at some point. They wouldn't have been able to afford the pursuit of the case had they needed to worry about, oh, say, products or even customers.

There may be method to this madness

[eclecticIO]

It appears that Mr. Barr at least feels he has a good reason for applying for the patent. If you read the statement he made before the FTC during their hearing on "Competition and Intellectual Property Law and Policy in the Knowledge-Based Economy" he argues against the current patent system. However, he also explains why Cisco, under his direction, applies for so many patents:

"It makes more business sense to assume that, despite the fact that we do not copy other company's products, and despite the fact that we do not derive solutions to problems from the patent literature, we will be accused of patent infringement. The only practical response to this problem of unintentional and sometimes unavoidable patent infringement is to file hundreds of patents each year ourselves, so that we can have something to bring to the table in cross-licensing negotiations. In other words, the only rational response to the large number of patents in our field is to contribute to it."

He goes on to make some very interesting arguments saying...

"The patent system does not exist to protect the rights of inventors, or any particular interest group. It doesn't exist to protect what we now call "intellectual property", as if it were protectable for its own sake. The patent system exists to protect the progress of science and the useful arts. If the patent system fails to do that in certain areas, then the costs and negative effects of the patent monopoly cannot be justified. Where the patent system enables true innovation, true progress, where it enables companies to bring new products to consumers in circumstances where they otherwise would not do it, or where it disseminates knowledge that others need and want, then it's working."

So, Cisco appears to be doing this as a matter to protect their own ability to use this fix, not to prevent other from using it. That would seem to fit with his explanation posted earlier...

"That's not what it says, or what I mean to say. It says that nobody has to pay anything, or even ask for a license, unless they want to assert patents against Cisco."

You can read Mr. Barr's full statement before the FTC online (ironically enough) at
Freedom for a Free Information Infrastucture

Re:There may be method to this madness

[Mind+Booster+Noori]

Or, in other words, Mr. Barr (and Cisco) are against Software Patents, but are chicken enough to do something they are against, that it, issuing for sotware patents.

I rest my case.

Re:There may be method to this madness

[Mind+Booster+Noori]

For all it takes, I have a simillar one, only in a far smaller company. Difference is that you're assuming that we'll (or Cisco for this matter) be assumed guilty until us/Cisco can prove inocence, when, in fact, the only thing it's needed to do is to proove that they didn't proove we're guilty.
Touché

Re:Why should I do that?

[andalay]

And its obvious to anyone who spends some time on /. that most companies use patents as weapons of mass monopolization.

Firewall Failover with CARP and pfsync

[Erik_]

The two main components provided by OpenBSD are CARP (the Common Address Redundancy Protocol), which allows a backup host to assume the identity of the primary, and pfsync, which ensures that firewall states are synchronised so that the backup can take over exactly where the master left off and no connections will be lost.

CARP
The Common Address Redundancy Protocol manages failover at the intersection of Layers 2 and 3 in the OSI Model (link layer and IP layer). Each CARP group has a virtual MAC (link layer) address, and one or more virtual host IP addresses (the common address). CARP hosts respond to ARP requests for the common address with the virtual MAC address, and the CARP advertisements themselves are sent out with this as the source address, which helps switches quickly determine which port the virtual MAC address is currently "at".

The master of the address sends out CARP advertisement messages via multicast using the CARP protocol (IP Protocol 112) on a regular basis, and the backup hosts listen for this advertisement. If the advertisements stop, the backup hosts will begin advertising. The advertisement frequency is configurable, and the host which advertises most frequently is the one most likely to become master in the event of a failure.

A reader who is familiar with VRRP will find this is somewhat familiar, however there are some significant differences:

* The CARP protocol is address family independent. The OpenBSD implementation supports both IPv4 and IPv6, as a transport for the CARP packets as well as common addresses to be shared.
* CARP has an "arpbalance" feature that allows multiple hosts to share a single IP address simultaneously; in this configuration, there is a virtual MAC address for each host, but only one IP address.
* CARP uses a cryptographically strong SHA-1 HMAC to protect each advertisement.

Besides these technical differences, there is another significant difference (perhaps the most important one, in fact): CARP is not patent encumbered. See this page for details on the history of CARP and our reasons for avoiding a VRRP implementation.

pfsync
pfsync transfers state insertion, update, and deletion messages between firewalls. Each firewall sends these messages out via multicast on a specified interface, using the PFSYNC protocol (IP Protocol 240). It also listens on that interface for similar messages from other firewalls, and imports them into the local state table.

In order to ensure that pfsync meets the packet volume and latency requirements, the initial implementation has no built-in authentication. An attacker who has local (link layer) access to the subnet used for pfsync traffic can trivially add, change, or remove states from the firewalls. It's possible to run the pfsync protocol on one of the "real" networks, but because of the security risks, it is strongly recommended that a dedicated, trusted network be used for pfsync. This can be as simple as a crossover cable between interfaces on two firewalls

Re:I don't understand

[Darby]

Why should I ask someone without a business perspective what's good for business? Wouldn't this be like asking someone without a technical perspective what's good for technology?

Because the basis of patents is in The Constitution of The United States of America.

The sole reason patents are even allowed to exist at all, let alone for a limited time, is to promote the useful arts and sciences.

What's "good for business" is only relevant so far as it promotes the general welfare of We The People.

If it's a patent, then it's an implementation

[dulles]

Well, the way I see it, they're essentially patenting an implementation of TCP. Surely the open-source community can implement a functionally equal TCP? As far as I know, this wouldn't violate the patent.

Is this correct?

Either way... yeah, that's a real friendly thing to do. Way to go.

The obvious thing to do...

[johannesg]

...then, would be to find a major Windows flaw, patch it, and _patent the patch_. I'll leave the obligatory steps two and three to you, but it involves Microsoft, money, and a court of law...

no widespread use

If it's patented by Cisco it will only be used by cisco, so what good is it? Remember that the BSD TCP stack made TCP popular, and Novell who had their own protocols IPX/SPX lost to TCP/IP.

What about SCTP? Isn't it a good replacement for TCP?

Re:no widespread use

[Viol8]

I've done some test programs with SCTP on linux and as far as I can see it is indeed a straight functional replacement for TCP at the sockets level. Whether its as robust or reliable is something I can't answer but it can do 1 -> many connections which TCP can't (and which is its whole point) and the usual 1 -> 1 and converting a TCP app written in C/C++ to SCTP is a simple case of changing a single argument to the socket() call. I suspect however that it'll be a case of better the devil you know since SCTP is new and untested (AFAIK) in anger and no doubt it will be found to have its own set of issues. Besides , TCP is so widespread I can't see it being replaced anytime soon.

Re:I don't understand

[Hast]

In a computer design course I took one exercise was to come up with patentable ideas in a normal CPU. Ie ideas that could have been patented but weren't.

It was pretty easy to come up with a long list of items and if they had been patented we'd still be on 486 level as far as CPUs go.

IPSec

[nilsjuergens]

As recent events have shown trying to secure TCP is not quite so easy, and using TLS/SSL inherits some of TCPs problems. It may also not be the best choice to do it on that layer because every application has to implement (via OpenSSL or else) the whole thing and there are a lot of things to be done wrong (have you tried to use OpenSSL? Its not that easy and there are pitfalls).

The best way to deal with the whole situation is to use IPSec. The operating system deals with this for you, and as user _or_ developer you dont't have to deal with it, at least not much.

Of course IPSec needs a working public key infrastructure (PKI), but there is no way around that anyway - at least not on the long run.

I'm also quite sure a working PKI involves Registrars and the DNS. The Registrars are the one instance that can identify an owner of a domain without doubt, because they registered it for them in the first place. And once the DNS has been fixed (this, too, involves a PKI) there is a good way of fetching the public key for a domain.

The fact alone that TLS is broken in respect to name-based virtual hosts is a good sign that it has to go away. IPv6 is still nowhere near our doorstep and wasting precious IPv4-space for virtual domains because of TLS is plain stupid.

Re:IPSec

[Mind+Booster+Noori]

Checkout GNUnet.

But just one second

[TwistedSpring]

The recent "vulnerability" in TCP was not a vulnerability at all -- it was a fault in most implementations of the TCP stack (including the one in Cisco's IOS).

TCP isn't broken. It's just the implementations that are. When a RST is received in the SYN-SENT state, both the sequence number and the acknowledgement number should be tested for validity (ACK field must acknowledge the SYN). Most TCP stacks totally ignore this, some re-use SEQ numbers frequently making it easy to guess the window's position. The hole can be closed with decent validation.

I'm much more for an elegant solution to this, rather than a brainless "hurl encryption at it!" plan which doesn't sound particularly future-proof. There are already reserved fields in TCP which could be adopted to provide better validation of packets to those systems that require more certainty of the legitimacy of a RST. Perhaps we should be using those instead, at least that way we don't have to re-jig the whole thing.

This is particularly ironic...

[cardpuncher]

... since back when cisco started building hardware, when SNA and DECnet were at the core of most commercial networks, the only way they got a foot in the door was because they had access to unencumbered technology.

It's also the case that the bright people who've come up with the real innovations - like Radia and Yakov - tend to do so regardless of who their current employer happens to be.

Yet another case of pulling up the rope once you've reached the top of the tree...

Dream on.

[expro]

If it were about an implementation only, then there would be no conflict between independent inventers who tackle the same problem in different implementations.

Cisco using open source code

[Glamdrlng]

...it is quite time someone questions the exact origin of SSL, SSH, NTP and a few other items in IOS which are known to be bug for bug compatible with OSS code and do not have stated copyrights in the IOS release notes.

Parent raises a very good point. While Cisco has acknowledged other use of open source code in the past, I've wondered if there was a use of the same source or maybe just shared libraries that caused vulnerabilities in openssh to affect the IOS, and the same with openssl. Cisco developers have also made open source contributions, so it's not like nobody there gets the GPL.

Sure, why not

[nurb432]

Lets give total control of the entire internet and all communications between devices to one company.

That makes sence to me.

Re:Sure, why not

[DrDebug]

Shhh!!! Don't tell Bill Gates about this!!! Or HE will buy/bury/sidestep CISCO and have it all to himself in a few years!!

Heh.

Stupid on top of it

[Lonewolf666]

Usually the skimmed milk is cheaper. So they could sell skimmed milk and claim "99% fat free". But we are getting off topic...

Got info on the VRRP suits ?

[anti-NAT]

I've seen the IPR section of the VRRP RFC, although I'd never heard of anybody being sued. Admittedly I wouldn't know if license fees had been paid though from, for example, Juniper, who implement VRRP.

One story I'd heard was Cisco offered HSRP to the IETF, and were willing to grant royalty free access to the patents, as long as HSRP was adopted as the standard.

For some reason (very likely technical), VRRP was developed, Cisco's patents cover some methods it uses, so Cisco are listed in the IPR section of the RFC.

As I'd never heard of anybody being sued (and there is an open source implementation of VRRP, I don't think they've had any issues), I'd figured that Cisco hadn't bothered demanding royalties, basically because they were willing to forgo them in the first place if HSRP was used.

This is simply wrong...

[tiger99]

.... and I don't mean the report, I mean that the IETF can publish something, and then Cisco can come along and patent something first published by the IETF. If I have understood correctly, this is the biggest abuse ever of the patent system. It would have to be thrown out under UK law, so I guess we will be free to use it here.

It would do everyone a big favour if an impartial body lkie the IETF were to automatically file patent applications for everything they publish, then issue a free licence to everyone. The cost of the patents could be funded by levying a small charge on each ISP, via their upstream provider, and/or from domain name registrars, per user it would be utterly negligible and impossible to collect.

Until, of course, Dubya is kicked out (I mean properly non-elected, not like last time) and the new incumbent reforms the USPTO, then this sort of thing should not happen again.

How long before it's reverse engineered?

[ALeader71]

If Comapq could reverse-engineer IBM's BIOS and AMD could do the same to Intel's CPU, how long will it be before someone does the same to this 'secure TCP' that Cisco is seeking to patent? Of course a closed-source TCP stack would mean that anyone with a mixed equipment and/or a mixed OS environment would have to decline Cisco's TCP implementation or go with another vendor. These Patents will only server to take companies down, not protect profits and stock prices. Once again, the buisness world has forgotten that only the strong survive, and the weak can mearly throw up roadblocks.

Doesn't that mean that CISCO is breaking copyright

[malachid69]

From the Working Draft:

Copyright (C) The Internet Society (2004). All Rights Reserved.

Seems to me that by patenting something someone else copyrighted, that CISCO is breaking the law?

If you want to take my karma

[drinkypoo]

Then you might as well take it from this comment, too. The prior one has been rated both offtopic and overrated, even though it was only a score 1 when rated 'overrated' and it is decidedly on topic. In fact, it's hard to get much further on topic.

Abuse of moderation, or just people who don't deserve them getting mod points? Inquiring minds want to know. Those of us with minds, that is.

Helpful guide: This comment is also Flamebait. Masturbate^WModerate away!

Re:Fixing a problem

[symbolic]

Presumably the USPTO is smart enough to shoot down a process patent that's based on published recommendations by a third party

I hope so. I think it's kind of ludicrous to claim ownership of the means to fix a problem inherent in an open standard.

OT: your sig

[Rupert]

You have violated the design principle that you should code for the common case first. So instead of

if (slashbot.uid=="678002")
{
slashbot.girlfriend = NULL;
}

we would have

slashbot.girlfriend = NULL;
switch (slashbot.uid)
{
case 1:
slashbot.girlfriend = new Slashbot(570);
break;
case 28001:
slashbot.girlfriend = NaG; // Not A Geek
break;
...
default:
break;
}

Note that we have allow wives to be associated with slashbots in the girlfriend member variable. This is because (a) wife derives from girlfriend in a depressingly predictable way, and (b) while very few slashbots have either, almost none have both.

Re:VRRP Patent .. Not So

[Flower]

Go over the story at OpenBSD. Quote:

On August 7 2002, after many communications, Robert Barr (Cisco's lawyer) firmly informed the OpenBSD community that Cisco would defend its patents for VRRP implementations....

You also need to reread that comment you linked to as it doesn't say what you are implying. Quote:

In Cisco's assessment, the VRRP proposal does not represent any significantly different functionality from that available with HSRP....

However, now that the draft-li-hsrp-01.txt' submission is approaching expiration and the Working Group is continuing with the VRRP proposal, Cisco Systems reserves the right to protect its intellectual property.

lol

[gd2shoe]

Your .sig makes this funny actually.