Trend Micro Sues Barracuda Over Open Source Anti-Virus

Anti-virus firm Trend Micro is suing Barracuda Networks over their use of the open source anti-virus product ClamAV. The issue is Trend Micro's patent on 'anti-virus detection on an SMTP or FTP gateway'. Companies like Symantec and McAfee are already paying licensing fees to Trend Micro. Groklaw carries the word from Barracuda that they intend to fight this case, and are seeking information on prior art to bring to trial. Commentary on the O'Reilly site notes (in strident terms) the strange reality of patents gone bad, while a post to the C|Net site explores the potential ramifications for open source security projects. "Barracuda has been able to leverage open source to bring down the cost of security. Early on Barracuda was blocking spam and viruses at roughly 1/10 the price of the nearest proprietary competitor (that was only selling an antivirus solution). Barracuda has helped to bring down prices across the board, and it has been able to do so because of open source. More open source equals less spam and more security. Trend Micro is effectively trying to raise the price of security." Slashdot and Linux.com are both owned by SourceForge.

Yes

[niceone]

Trend Micro is effectively trying to raise the price of security

Um, that's what the patent system is supposed to do - to make it worthwhile investing in inventing things! Whether this is a reasonable thing to patent is another question, but you can't really complain about the patent system doing what it is meant to do.

Re:Yes

[hey!]

Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

In theory it works like this. Your company is losing $10 million dollars a year because of lack of security. Fixing the problem would cost you $5 million. The inventor comes up with something that you would not have, that cuts the cost from $5 to $1, and he splits the savings with you. He walks of with $2M, you save $2M over doing it yourself of $8M over not doing anything.

It all breaks down when the patent system issues obvious patents of the form "apply well known technology X in common context Y." In that case, you (or somebody you hired) could solve the problem for $1M. The patent doesn't represent two million dollars of new savings, it represents a million dollars of new expenses.

Re:Yes

[smilindog2000]

In short, you can't violate a patent in your head. You should not be able to violate a patent by typing. This is the simple dividing line between the good and bad patents I see scrolling across slashdot. We let Microsoft and other big American companies con Congress into this, and the rest of the world isn't dumb enough to go along. Sooner or later, we need to fix this... every year it hurts our competitiveness.

Re:Yes

[troll+-1]

Respectfully disagree.

The patent system is *not* supposed to raise the price of security.

The patent system is supposed to:

To promote the Progress of Science and useful Arts [source: US Constitution, Article I, Sec. 8.

Making a profit from something as obvious as putting a filter in a firewall does little or nothing to achieve this goal. The largest patent holders (including IBM and Microsoft) all agree the system needs reform. But patent reform is a lot like campaign finance reform, everyone agrees there's a problem but no one really has anything they can realistically take to congress.

Re:Yes

[radarjd]

Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

That may be the economic theory, but I don't think it's necessarily the legal theory. Legally, the patent system is supposed to induce inventors to create new processes, materials, machines, etc. and to disclose their inventions so that they will eventually be owned by the public. Something often lost on the discussions on this site is that any patented invention will become public domain. In 20 years, potential patent holders will have to overcome this "land grab" of patents that we're currently experiencing. The broader the patents now granted, the more difficult they will be to overcome in the future.

I personally believe that the current problem with our system is that the patent office (due in large part to a decision by the Supreme Court) didn't grant software patents (in the form of business method or machine patents) earlier. Had the land grab happened thirty years ago, and the patent office learned to deal with it then, this all would have been worked out by now. The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers.

The case referred to above was Gottschalk v Benson 409 US 63. The Court held that mathematical expressions could not be patented, and essentially found that all computer programs were mathematical expressions. The patent in question was for a bit shifter (converting decimal numbers into binary). IMO, we would be better off today had they simply found the patented material to be obvious, which is what many amici suggested.

Re:Yes

[Flambergius]

Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

Sort of, yes, but mostly, no. (Or you are just be using "net cost" loosely.) Patent system isn't supposed drive down prices, it is supposed to drive up the benefits. Patent system also only works over time, sometimes quite a long time. One can't really make any claims or observations about the patent system at any single point of time. (Don't judge a function by its value, but by the value of its derivate. :-))

The mechanism by which patent systems drives up benefits is broadly that sharing innovations speeds innovation. There is a steep cost in giving monopolies to any one actor. In theory, innovation is a cumulative process and the cost is constant, so valid patents usually end up positive. Keys to validness of a patent are of course novelty and non-obviousness. The '600 patent seems to fail here.

Re:Yes

[Alinabi]

But patent reform is a lot like campaign finance reform, everyone agrees there's a problem but no one really has anything they can realistically take to congress. The congress is there to represent the People, not to rubberstamp bills crafted by corporations. As such, there is no need for them to wait for the private sector to take the initiative. They should just sit down, on their enlightened, elected asses, and come up with a law that really promotes the "Progress of Science and the useful Arts".

Re:Yes

the rest of the world isn't dumb enough to go along

Well... MOST of the rest of the world

Re:Yes

[Mystery00]

But is it wrong if another person makes something similar and sells it for 0.5 million?

Even if you do patent something, if someone else makes a similar thing from scratch, and sells it for less or makes it free, well tough, you shouldn't be able to sue them for it. If you find that you have competition, you improve your own product, things should be sold by their value, not by destroying competition.

Re:Yes

[rben]

>The hobbyist software creator didn't exist in large part thirty years ago

Damn, I just vanished in a puff of logic!

Re:Yes

[BadHaggis]

> Damn, I just vanished in a puff of logic!

Mod +1 Funny, Man I wish I had mod points. Of course I vanished also.

Re:Yes

[eurleif]

You should not be able to violate a patent by typing.

What if I type out code to program a robotic arm to construct a patented physical object?

Re:Yes

[radarjd]

The hobbyist software creator didn't exist in large part thirty years ago

Damn, I just vanished in a puff of logic!

Sorry about that, I try to make as few people as possible disappear. I'm not trying to lessen the contributions of 30 years ago, just to say that in terms of sheer numbers and access, it's not what it is today.

Re:Yes

[PopeRatzo]

Um, that's what the patent system is supposed to do - to make it worthwhile investing in inventing things!

No, the patent system is supposed to make it worthwhile inventing things, not investing in inventing things.. Can you see the distinction?

Did Trend Micro invent "anti-virus detection on an SMTP or FTP gateway"? No. They didn't even invent the idea of "anti-virus detection on an SMTP or FTP gateway" (not that makes any difference).

They had a lawyer fill out a form before some other lawyer filled out a form, and now the world is supposed to pay them for the idea of protecting data forever.

Bullshit.

Re:Yes

I think it actually breaks down when the holder of the patent doesn't produce a novel or competitive product with it.

What would really ice it would be if it was demonstrated that the market won't bear Trend's prices. If Trend's product was good enough to completely dominate the market, this wouldn't matter.

Re:Yes

[prelelat]

Mario was a great inventor coming up with all sorts of ideas. As time went on Mario couldn't keep up with all of his ideas, he didn't know what to do. So he wrote down the process that he used to come up with those ideas so that he could hire others to think things for him so that he wouldn't loose his ideas. Weeks after this started employees quit working and started their own inventions using Mario's method of creating.

Mario was furious and went to court he won, he had prior art. So after that he filed for a patent on all of his ways of making ideas. Mario now owned any intelligent thought. He renamed it Mario's idea machine, people had to pay him an annual fee of 200 dollars to have 2 good ideas a year, anymore and they would have to purchase extra licenses at a greater cost. Mario no longer had to have ideas of his own, he had a workshop of idea people, and the whole world had to pay him to have ideas. But there was a problem, no one wanted to have ideas because they couldn't afford to have them. People became stupid as having good ideas was no longer an excepted thing to do. The people in Mario's shop never came up with new and exciting ideas anymore because they were too busy fighting lawsuits against people who had ideas such as the pirate brain. The world stopped, hunger set in, the population decreased. Finally when the patent was about to expire Mario's great great grandchild had a great idea, extend the patent another 10 years. The law passed, only because by this time it was only accepted to have stupid ideas, seeing as how all the good ideas cost money.

Finally the patent expired, all that were left looked like mindless cavemen. They lived in shells of homes, with little to know food. All that was spoken were grunts, people had been afraid litigation for so long they were afraid to say something smart. Forest and animals have overgrown most of the cities, people had been living off of canned spam for years.

Moral of the story is stupid patents ruin society, stop it.

Re:Yes

[FredFredrickson]

Had the land grab happened thirty years ago, and the patent office learned to deal with it then, this all would have been worked out by now. The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers. True that. Seriously, folks, who's got the patent on operating systems? Software that interfaces with hardware for you? That would be great. Software patents work great until it's something obvious that shouldn't be patentable, but who draws the line? That's what we're arguing here. An antivirus on an smtp or ftp gateway? In what way is that any less obvious than an operating system?

I'm going to patent writing data to hard drives, and make millions off this system in the name of progress.

Re:Yes

[QuietLagoon]

Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

Where does it say that in the patent laws?

Re:Yes

[malkavian]

You can happily copyright the code, but shouldn't be able to patent it. The physical object would still be patented.
You don't violate the patent on the object just by typing the code, or even executing it. You violate the patent by actually having the robot arm create the final object. You could run the code to your heart's content if it were operating in 'test' without creating the final object without violating the patent.

Re:Yes

[sdeath]

Or, what potential patent holders will have to do in twenty years is find their Sonny Bono and get the term of patent rights extended to the life of the Universe plus 99 years.

I wish that people would fucking figure out how this shit works already. Any process that makes use of government to shake somebody down ratchets in the direction of "more shakedown/less freedom" only, until enough people get sick of this state of affairs and begin collecting heads. This is independent of how good an idea you personally think it would be to shake some given person A down to benefit person B. Solution: refrain from shaking people down, don't start in the first place. (And yes, patent and copyright *are* very much shakedowns.)

Hayek. Mises. Rothbard. Read 'em. Learn 'em. Live 'em.

Re:Yes

[the_B0fh]

Which reality are you from again?

What happens is that, unfortunately, there's too little promotion of *GOOD* law makers and too much of bad.

Like the guy who wrote the FDA laws, he started out as a pharmacist, and yet, no one knows his name today, despite his contributions to the health and safety of the nation.

There must be a way to publicize the good things a law maker did.

Re:Yes

[davidbrit2]

Some guy named Mario left a message for you at the front desk. He mentioned something about a license.

Re:Yes

[Sancho]

Remember that patents are supposed to be for specific implementations of the technology. Nowadays, the patent process seems to just be a quick rubber stamp, with any conflicts to be sorted out in the courts. Under this scenario, it's much harder and more expensive to get the patent invalidated, and companies can file for obvious patents, or for patents which are far too vague, and get protection that's hard to get around.

Re:Yes

[operagost]

Yikes. So all this time Bowser was the good guy?

Re:Yes

[deanlandolt]

We let Microsoft and other big American companies con Congress into this Mr. Gates, circa 1991:

If people had understood how patents would be granted when most of today's ideas were invented and had taken out patents, the industry would be at a complete standstill today. ... The solution is patenting as much as we can. A future startup with no patents of its own will be forced to pay whatever price the giants choose to impose. That price might be high. Established companies have an interest in excluding future competitors. I enjoy a good MS bashing just like the next slashbot, but lest we not forget our history. It's only recently that ol' Gatesie has changed his tune.

Re:Yes

[AnonChef]

>The hobbyist software creator didn't exist in large part thirty years ago

Damn, I just vanished in a puff of logic! Me to

Re:Yes

[BSDimwit]

Corporations are often afforded psuedo-personhood under the law. Until this is repealed, corporations enjoy much of the same rights as a real person does, including giving money to candidates who run for office(moveon.org), endorsing candidates who run for office(New York Times), etc. I for one would love to see the day where corporations are not considered to be persons in any way, including paying taxes(all the profits go to someone and would be taxed at the personal level anyway), or sheltering guilty executives from liability when their decisions cause harm to actual people. Don't get me wrong, I am not anti-business... but I don't think its wise to grant rights of any kind to a non-person.

Some might contend that this limits freedom of speech, but I don't feel the rights as outlined in the Bill of Rights should be extended to unreal entities.

Re:Yes

>>The hobbyist software creator didn't exist in large part thirty years ago

>Damn, I just vanished in a puff of logic!

Like there's not a large part of you now that didn't exist 30 years ago.

Re:Yes

[falconwolf]

You should not be able to violate a patent by typing.

What if I type out code to program a robotic arm to construct a patented physical object?

You would only be violating a patent, in this case the patent on the physical object, if you make the physical object without the approval of the patent owner.

Falcon

Oh, and I patented "You would" as well as "you would" and any other way to capitalize those words.

Re:Yes

[ScrewMaster]

Like there's not a large part of you now that didn't exist 30 years ago.

That is so true. I'm not as svelte as I once was.

Re:Yes

[Yfrwlf]

The bigger problem is that most all patents, at the very least, don't help progress. Companies by nature should be trying to compete with one another, but when patents come along they help companies turn themselves into monopolies, or the monopolies that exist snatch up the patents with their deep pockets, helping them to become bigger monopolies. Ideas should not be controlled by monopolies, whoever has the most money, and that's essentially the system it creates.

Let the companies figure out in their own ways how to get consumers the next best product that they want because a demand for it exists. It's called competition, there will always be a way to create things and as technology progresses this will become even more painfully apparent and the patent issue will become an even bigger blight as information is more freely shared.

The patent system only encourages an abuse of power, get rid of it.

Re:Yes

[Xabraxas]

I think the real reason that software patents are stifling compared to "real" patents is that software patents don't cover a specific implementation they cover an idea which is completley the opposite of what patents were meant for to begin with. Copyright in software is enough to cover implementation, patents are unneeded. Unfortunately with software patents we can bar other people from creating AVs for SMTP gateways in general without regard to implementation. This isn't how patents were meant to be used.

Re:Yes

[Yfrwlf]

Oh I completely agree with you on the reasons software patents are ludicrous, but I just wanted to add my reasons for patents in general being ludicrous too. I think there's a lot of evidence to support that.

Prior art?

[initialE]

Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.

Re:Prior art?

[Thanshin]

Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? A lot of processes can be simplified in such way and still are original. A decision has to be made even if a process seems obvious after being "discovered".

Re:Prior art?

Here's some folks discussing the idea in 1994 (the year prior to the application) - and even then talking about it as if it was already a common thing.

http://forums.fedoraforum.org/archive/index.php/t-29630.html

Re:Prior art?

[_KiTA_]

Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.


That's a good idea, you should patent it.

"Virus scanning of cache and temporary files before end user utilization."

Re:Prior art?

[MightyYar]

Ha, you got someone to mod you insightful!

To spare everyone else, this conversation is from 1994 + 10 years.

Re:Prior art?

[mongus]

You might want to check the dates again. Those messages are from 2004, not 1994.

Re:Prior art?

Agreed. My staff built such a system back around 2000. It was ridiculously simple. The spool directory was on a RAM disk. A script would decode every attachment into a scratch directory (also on the RAM disk), run the AV check, and trash the message if it was not clean. It worked incredibly well -- they still use it today!

Not only is a shock that someone would patent such a thing, I am equally surprised that someone sells a commercial product to do what a reasonably competent sysadmin can script in about 15 minutes.

Re:Prior art?

[insertwackynamehere]

I am equally surprised that someone sells a commercial product to do what a reasonably competent sysadmin can script in about 15 minutes. aka not a regular home user who would be buying an antivirus protection kit. I agree with you about the patents however.

Re:Prior art?

[MetalOne]

It is like patenting a specific function composition. f.g Why not just create a list of all known functions and then patent all function compositions of these. One could do all sequences from say 2 to 1000. This should effectively prevent any further software from every being written that doesn't violate a patent.

Re:Prior art?

[twistedcubic]

You make a good point. However, in this particular case, the process is a solution to the following problem: How do we stop getting all those spam/virus emails? I think in this case the solution is obvious: identify them, and filter them out. In fact, the problem itself states this obvious solution; i.e., the solution itself is a restatement of the problem. Moreover, the problem was invented and well-known long before this patent was filed. If a patent covers this general concept, then it should be invalidated. However, if a patent covers a specific process for identifying and filtering spam, which itself is not obvious, then it is probably a valid U.S. patent. A cursory look at the patent shows that it only covers the general concept (I admit I only skimmed the text of the patent) so it shouldn't be hard to invalidate, if you can afford the lawyers.

Bad news for a lot of us

[jimicus]

There's a lot of mail admins out there - and a lot who consider a quick & dirty mail relay running Linux and ClamAV to be a pretty good first line of defense against email-borne trojans and virii. Seeing as ClamAV doesn't have a daemon mode, and end users in any large organisation can seldom be trusted to run their own AV scans as required[1] that's pretty much the biggest use for it.

[1] Yes I know all you geeks might be OK. But you're not the sort to open every silly email you receive. The receptionist who forwards all the "Look Out for the Terrible Good Times Virus!!!111OMGWTFBBQ" emails she receives is, and if she could be relied upon to follow good computing practices, we wouldn't need AV software in the first place.

Re:Bad news for a lot of us

[j-turkey]

There's a lot of mail admins out there - and a lot who consider a quick & dirty mail relay running Linux and ClamAV to be a pretty good first line of defense against email-borne trojans and virii. Seeing as ClamAV doesn't have a daemon mode, and end users in any large organisation can seldom be trusted to run their own AV scans as required[1] that's pretty much the biggest use for it.

ClamAV does have a daemon mode. Are you thinking of a local Windows client? Realtime filesystem scanning?

Re:Bad news for a lot of us

[kc8tbe]

ClamAV does have a daemon, it just doesn't have on on-access scanner for Windows -- yet. The people over at Clamwin http://www.clamwin.com/content/view/35/27/ are working on one. Linux users interested in on-access scanning should look up Clamuko, but then if you run Linux you probably don't need an on-access virus scanner...

Re:Bad news for a lot of us

It's a good thing she's hot.

Re:Bad news for a lot of us

[bleh-of-the-huns]

While your statement is true, there is a huge difference between what everyday admins are doing within their organization and what Barracuda is doing. Barracuda are packaging clamav and selling it as a product (regardless of the merits or lack their of of this lawsuit).

Also, while I do believe the patent is overly broad, this is what the patents are for. It is not like Trend Micro is a patent hoarding firm, they do make products, in fact they actually make products that relate to the patents they hold, so I view them slightly better then I view Minerva Industries.... (the smartphone patent)

Re:Bad news for a lot of us

[Corporate+Troll]

She's hot and you're just angry she turned you down! ;-)

Re:Bad news for a lot of us

[VGPowerlord]

Seeing as ClamAV doesn't have a daemon mode

I suggest you do research before making such ridiculous claims.

me@mymachine:~$> man clamd
Clam Daemon(8) Clam AntiVirus Clam Daemon(8)

NAME
              clamd - an anti-virus daemon

DESCRIPTION
              The daemon listens for incoming connections on Unix and/or TCP socket
              and scans files or directories on demand. It reads the configuration
              from /etc/clamav/clamd.conf
etc...

(Slashdot's eating the set of spaces between (8) and Clam, and again between AntiVirus and Clam on the first line. Pretend they're there.)

Re:Bad news for a lot of us

[hairyfeet]

Around my area we have a name for her-Sally the secretary. She is sweet as pie, a great source on company gossip if you're friendly to her, but about as clueless as they come when it comes to anything to do with a pc.

True story-I had to set up a "foolproof" security scheme for a Sally Secretary who worked at a tv repair shop. She kept infecting her pc by surfing stupid joke sites and clicking on anything her friends sent her during her lunch break, and the boss couldn't fire her as she was his sister-in-law. After setting her up with auto updating Firewall and AV, and white-listing the apps she required for work, I gave her Firefox with adblock and noscript as her own "personal" browser(they had an intranet app that required IE) and I taught her that if anything should pop-up asking her permission for ANYTHING, she should "just say no" and showed her a pop-up and clicked no just so she would have the idea.

A couple of weeks later I'm called back to pick up the bosses kids pc as he was so impressed by what I had done for his secretary that he wanted his families done the same way. While I am sitting there talking to the boss I keep hearing "NO" come out of the front office. As I am sure some of you have guessed by now, when I looked out front to see what was going on little Sally was on her lunch break surfing and "just saying NO" every time a pop-up asked for her permission. And looking VERY pleased with herself, I might add. At least she was clicking the right button while she "just said NO" to the screen.

Re:Bad news for a lot of us

[jimicus]

ClamAV does have a daemon mode. Are you thinking of a local Windows client? Realtime filesystem scanning?

Yes, you're quite right. I was thinking of a local Windows client with realtime filesystem scanning.

I completely mis-worded that.

Prior art or obviousness?

Can we really be bothered to break out those archived procmail scripts? We're talking about a functional equivalent of a unix pipe; novel or inventive -- I think not!

Go barracuda!

Re:Prior art or obviousness?

[ElBeano]

AC is exactly right. This isn't worthy of a patent. Convincing the court of this will nonetheless require educating people who are likely to be clueless as to WHY this is obvious. To those who disagree, please tell my why this deserves a patent and why any sane admin wouldn't think of it without Trend Micro's help?

Re:Prior art or obviousness?

I'm the AC you replied to, the linked patent abstract refers to a proxy. Even so, there's nothing patentable in this.

The TM patent was filed in 95 and I think it's weak. Claim 1:

1. A system for detecting and selectively removing viruses in data transfers, the system comprising:
 
a memory for storing data and routines, the memory having inputs and outputs, the memory including a server for scanning data for a virus and specifying data handling actions dependent on an existence of the virus;
 
a communications unit for receiving and sending data in response to control signals, the communications unit having an input and an output;
 
a processing unit for receiving signals from the memory and the communications unit and for sending signals to the memory and communications unit; the processing unit having inputs and outputs; the inputs of the processing unit coupled to the outputs of memory and the output of the communications unit; the outputs of the processing unit coupled to the inputs of memory, the input of the communications unit, the processor controlling and processing data transmitted through the communications unit to detect viruses and selectively transfer data depending on the existence of viruses in the data being transmitted;
 
a proxy server for receiving data to be transferred, the proxy server scanning the data to be transferred for viruses and controlling transmission of the data to be transferred according to preset handing instructions and the presence of viruses, the proxy server having a data input a data output and a control output the data input coupled to receive the data to be transferred; and
 
a daemon for transferring data from the proxy server in response to control signals from the proxy server, the daemon having a control input, a data input and a data output the control input of the daemon coupled to the control output of the proxy server for receiving control signals, and the data input of the daemon coupled to the data output of the proxy server for receiving the data to be transferred.

They just described a network processing job, restricting it to specific types of data (email and viruses) isn't novel and there's no inventive step.

MIMEsweeper prior art

[RupW]

From TFA (the Groklaw article):

We also believe that a product called MIMESweeper 1.0 from a company called Clearswift, Authentium, or Integralis anticipates several claims of the '600 patent. We have yet to locate a copy of this product and would appreciate anyone who has a copy sending it our way. Yes, Clearswift currently own MIMEsweeper although Clearswift didn't exist back then - they're a merger of several firms who had similar products.

They're not hard to find. Why not just ask them?

Re:MIMEsweeper prior art

[MightyYar]

They would do well to find that product. According to this Google Groups thread, it was shown at a tradeshow called "Networks 95" in July, 2 months before the patent application was filed.

Either way, the mere fact that people were asking for such a product on usenet prior to the filing date should help their case.

Re:MIMEsweeper prior art

What's interesting is that Integralis and Trend settled this in 1998 with a cross-licensing deal that specifically mentions patent '600.

Details here: http://us.trendmicro.com/us/about/news/pr/article/20070124133901.html

Granting frivolous patents should be punishable

[Thanshin]

The people who grant patents should be liable to be fired for gross incompetence?

If I file a patent for the process of giving names to children so they can be distinguished and it's granted, is there someone responsible for that? When a judge overturns the patent, the granter should suffer the consequences somehow.

Re:Granting frivolous patents should be punishable

[eggstasy]

If you did that, nobody would want to work for the patent office.
Besides, the whole point of banding together to form a collective, whether it be a corporation, a non-profit, or a government institution, is that people can have a greater effect on society by pooling their work together into a coordinated effort while limiting their liability.
If you would like the USPTO as a whole to be penalized for the aggregate proportion of lame versus useful patents, that would be more acceptable, but still hard to implement. How exactly do you punish something like the USPTO?
They're not in it to make money, so fines are not exactly a punishment.
What would you achieve by fining them to death, closing the USPTO due to "bankruptcy"? :P
Firing whoever's in charge of it? Again, nobody would want to work there if they had to accept that liability.
A better solution would simply be to raise the prices of patents on a tiered scale, so that megacorps would have to pay for issuing an excessive number of patents, which would give the USPTO more resources to check them and serve as a small deterrent.
Scalable business model == good thing.

Re:Granting frivolous patents should be punishable

[Rob+T+Firefly]

Firing whoever's in charge of it? Again, nobody would want to work there if they had to accept that liability. Yeah, it'd really suck if those put in positions of power whose daily actions affect the entire future of innovation of an entire country were to be actually held accountable for the fallout from their bad decisions.

Re:Granting frivolous patents should be punishable

[Thanshin]

If you did that, nobody would want to work for the patent office. That only means it's underpaid.

Lot's of people work in positions that would instantly fire them at the first mistake, and with much subtler mistakes than those we are arguing about*. They still like those jobs because, as long as they can keep them, they pay well.

*: I do believe that in patent granting there must be really convoluted and complex cases that involve very uses of previous knowledge in subtle ways. However I don't believe those cases conform the majority.

Re:Granting frivolous patents should be punishable

Not only the patent troll should be punished, but also - and especially - the patent office.
Whenever patent is invalidated (for obviousness or prior art), the PO (the state institution which granted the patent) should cover all costs of the suits and pay large penalty for to the victim party for the hassle. After all, you can say that the patent office did nor made their research job and they STEALED the public knowledge and made it proprietary. With large enough penalty and the lawsuit costs involved they would think twice before granting a patent. Then you could bet they would fire the clumsy examiners.

Recent situation is ridiculous: The PO grants patent, cashes for the fees but is not directly involved in the lawsuit. This must change.

Re:Granting frivolous patents should be punishable

[maxume]

Or just require patent holders to pay an escalating fee to maintain the patent after some period.

Another change that could probably be introduced incrementally would be several classes of patents, with some having longer terms than others, based on just how innovative they are. It has the potential to loosen up the system without turning it on its head.

Re:Granting frivolous patents should be punishable

[Just+Some+Guy]

If you did that, nobody would want to work for the patent office.

Wait, I'm confused. Are you arguing that this is bad or good?

Re:Granting frivolous patents should be punishable

[falconwolf]

The people who grant patents should be liable to be fired for gross incompetence?

I don't think that will work. I bet patent examiners has to either accept or reject a number of applications in a given tyme period. The examiners don't have much tyme the check either old patents or the public domain.

Falcon

Comment removed

[account_deleted]

Comment removed based on user account deletion

Shows what antivirus business is about

I think this shows clearly what the anti-virus business is about. "Pay us and we will protect you"

Prior art from BBSes

Back in the old days, it was pretty common to run AV checks on files uploaded at a BBS. It's not quite FTP, but it's close.

Re:Prior art from BBSes

[ibbie]

Good point, there. Does anyone recall which BBS software did this?

Re:Prior art from BBSes

[symbolset]

RA and Wildcat both did this.

You are looking for an "upload door".

Re:Prior art from BBSes

[ciggieposeur]

As others have replied, there were once LOTS of programs for autmatically scanning uploads within BBSes. I would search for "BBS file processor" or "upload processor" or "upload door". Essentially every major BBS system (and there dozens or majors and hundreds of minors) had an upload processor for it that would scan all files uploaded. They would even unzip the archives up to N levels deep to scan it all.

The almost religious fervor which sysops applied to scanning uploads was a response to the popular press' typical characterization of BBSes as the absolute easiest way of getting computer viruses, the precursor to the current stereotype that the 'Net is basically one giant computer virus distribution system that incidentally has some porn and a couple dozen useful web sites. I think BBSes were deliberately given a bad rap because the media folks tended to use extremely expensive pay services like CompuServe, GEnie, and Prodigy, and so they heavily promoted those over the often-100%-free BBSes available. Add the fact that the virus creators often used BBSes to communicate amongst themselves and the meme that BBSes were the preferred vehicle for criminals to prey on folks just would not die.

The result is that the ability to automatically scan incoming files was old hat back in the late 80's.

Re:Prior art from BBSes

[MightyMartian]

Ah, but you see, that was ZModem, and not FTP. By this I assume that for every upload protocol one writes, Trend fundamentally claims that an AV checker written to work with it is patentable. Trend should be going after every AV company that writes software that scans network file shares like SMB or NFS.

My ISP...

[baadger]

My ISP does anti-viral scanning on outgoing mail via SMTP. Does this mean they, and every other similarly setup ISP, are paying royalties to Trend Micro?

If so, I think I quite fancy changing ISPs. I could be paying to support this ludicrous patent.

Re:My ISP...

[AndrewNeo]

The ISP probably didn't write their own virus-scanning software. They probably bought it, and the company they bought it from may or may not be paying royalties.

Comment removed

[account_deleted]

Comment removed based on user account deletion

More likely

[Shivetya]

Pay us and we will let you protect yourself.

Re:Yes thats whats wrong with it

[hesaigo999ca]

Just like the big music companies crying they lost 60 billion in POSSIBLE revenue. They say it was lost because of all the downloading, but who told them it was fair to sell the CD at
22.00$ at walmart when the artist only gets 1$ per cd after the first 500,000 copies or so.

Don't tell me they advertised for a 5000% spread, I won't belive you, same thing with the movie business as well, why decide this dvd is exacvtly 12.99 and the other is 16.95...come on please....

All I have to say is information is free, we would be a much better society if we all put our efforts in fighting disease and famine and these things then worrying about getting paid all the time.

"Did you forget to pay me for your opinion this morning??? I own the words you speak."

Bandwagon?

[Barny]

Trend Micro have been in the business a long time, how long? Long enough to OWN "antivirus.com". How many 386 and earlier motherboards had "trend chip away boot sector protection"?

They invented a few of the modern ways to scan for and stop virus, spyware and spam email from getting into a windows box, pretty much every one else in the industry will accede to that, why do these guys think, they can get a free lunch for something someone else invented a fair while back.

Symantec wouldn't be paying up unless they knew it was an un-winnable case.

Notice the reason they are chasing this company is because they are making money out of it? Seems they couldn't be fucked chasing an open source project.

As for some of the comments...

"They might establish a royalty basis for damage calculation," Lemley says. "But the fact that it's open source might mean that we treat [the Barracuda case] differently. It' s not clear that we should be paying the same damages, or even how one should calculate damages, because we normally calculate it as a percentage of the revenue" -- and, of course, FOSS projects have only limited funds at the best of times."

Wait? its very easy to establish damages, this company MAKES MONEY, they use an open source project, they are NOT an open source project themselves.

"That would tend to confirm my belief that what we have here is a software company prepared to do harm to the free [software] world solely for its own profit."

No it doesn't, they said they don't intend to attack clam AV at all, only this competitor who is using something they came up with and not paying dues for it.

Re:Bandwagon?

AV scanning SMTP isn't an invention, it's the very definition of freaking obvious. The patent is a joke.

Re:Bandwagon?

[nagora]

They invented a few of the modern ways to scan for and stop virus, spyware and spam email from getting into a windows box, pretty much every one else in the industry will accede to that, why do these guys think, they can get a free lunch for something someone else invented a fair while back.

If by "invented" you mean "applied established techniques in a way that's obvious to a five-year-old and thus is not eligable for patent protection except if the patent office is out of control and making up the law as it goes along with no oversight from a corrupt government that has no interest in law or justice", then you have a point.

On the other hand, if you mean to suggest that Trend Micro invented the idea of scanning email for viruses as it arrives, then you need to get out more.

TWW

Re:Bandwagon?

[keko_metal]

"That would tend to confirm my belief that what we have here is a software company prepared to do harm to the free [software] world solely for its own profit."
No it doesn't, they said they don't intend to attack clam AV at all, only this competitor who is using something they came up with and not paying dues for it It will harm ClamAV anyway. Remember the SCO case?
It's the same message: Use ClamAV, get sued.

They don't sue the open source project because there's no money to suck from there.

Re:Bandwagon?

[MBGMorden]

I don't think ClamAV itself would be the targetted product. It in and of itself is just a general purpose virus scanner. The projects that could come under fire would more likely be products that tie it into the email system, such as amavisd-new and such.

Re:Bandwagon?

[Alioth]

Symantec probably don't pay, they probably just have a cross-licensing agreement. Getting a cross-licensing agreement in place is probably a whole lot less effort than litigating - so the companies choose the path of least resistance.

Re:Bandwagon?

[cfulmer]

Symantec wouldn't be paying up unless they knew it was an un-winnable case.

Phooey. Here's a fairly common scenario:

(1) Company gets questionable patent
(2) Company offers a very inexpensive license to a big-name suspected infringer
(3) big-name suspected infringer buys the license because it's a lot cheaper than litigating
(4) Company goes around to others and says "big-name suspected infringer has a license, so it must be legit. Pay up." Only, this time, Company asks for a lot more money.

The US Patent Office is still poorly equipped to handle software patents, so it lets a lot more through than it should, turning a lot of the job of proving their validity to the courts. But, patent lawsuits are expensive, so most patents are never tested.

Re:Bandwagon?

[Culture20]

And it hurts open source in general too...
PHB: "OpenOffice is an MS Office clone... Microsoft could sue us for using OpenOffice to make money!"
You: "Well, it doesn't really..."
PHB: (mumbling to himself) "And Pidgin, and Firefox, and GNU..."

Re:Bandwagon?

[kscguru]

It's obvious today, in 2008. Looking back to 1997, I'm not entirely sure it was obvious. Windows 95 ruled, Linux was still in the 1.0 era. Netscape 4.0 came out in 1997. Sure, a 1997 UNIX sysadmin could have written a quick script that did what this patent describes - but I suspect very few did (non-obvious), and none (except Trend Micro) saw the business opportunity to do so.

Hate to say it, but this patent (1) seems non-obvious, (2) is by a company doing useful work in the area, and (3) seems cheap enough that Symantec / MacAfee pay the fees. Open-source is NOT a blanket license to break the law; giving away your code does not entitle you to steal somebody else's good ideas.

Re:Bandwagon?

Hate to say it, but this patent (1) seems non-obvious, (2) is by a company doing useful work in the area, and (3) seems cheap enough that Symantec / MacAfee pay the fees.

It's not about the "obviousness", though. Like this post, the point is "how is it implemented?"

"Anti-virus detection on an SMTP gateway" can take place in a number of ways that I can think of:

1. Accept the e-mail and store it in some file, fire off a scanner for that file, and perform final delivery if no virus.
2. Accept the e-mail and store it as a file in a particular directory and have a daemon automatically scan all files placed in that directory, then either (a) let the daemon finish delivery on non-infected files or (b) move non-infected files to another directory and have some other process finish delivery.
3. Use milter-like technology and temporary files to implement #1.
4. Use milter-like technology with no temporary files (all processing is in-memory on the incoming SMTP data).

The question is, which one of these ways does the patent cover, and is it the same way that Barracuda is using ClamAV? If the patent is so broad as to attempt to just say "...or other methods of anti-virus detection on a machine running an SMTP or FTP gateway", then you can bring in the "obviousness" test, since that would devolve into "all methods of anti-virus detection on any computer running any network server that might accept files that contain malware".

Re:Bandwagon?

[MightyMartian]

I think the example of BBS's scanning uploads pretty much stands as prior art, at least as far as FTP goes. Sure, X/Y/Z-Modem are different protocols, but they, like FTP, are file transfer protocols.

As to email, filtering systems like Procmail have been around a lot longer than this patent, and all an AV scanner on a mail server is is a specialized filter that links an AV scanner into the incoming mail queue.

ClamAV and on-access scanning

[omnirealm]

jimicus wrote:
> Seeing as ClamAV doesn't have a daemon mode

The stackable filesystem team (the ones who wrote Unionfs) put together a filesystem that uses ClamAV to perform on-access virus scanning in the kernel.

Simple effective solution

[nagora]

Scrap patents completely across the board. The days of government-backed monopoloies are dead and gone, aren't they? So let's ditch the corrupted patent system altogether.

TWW

Re:Simple effective solution

[SargentDU]

Well, in my state, MDU has a monopoly on providing power to the cities and towns while the REC's have the countryside. So, no, the time of Government-backed monopolies is not dead.

All Too Easy To Fix

[Chabil+Ha']

Excise said offending code from the codebase, then, make it available as a free plugin hosted outside of the United States.

Done.

Barracuda makes the problem worse

[Arrogant-Bastard]

Note that Barracuda's products are notorious for generating spam. Barracuda's engineers were informed of the problem years ago, provided with a fix -- and stubbornly refused to address the situation. It's no wonder that there are now thousands of Barracuda installations on various blacklists. (Two examples: Backscatterers and Backscatterer.org) Barracuda doesn't seem to care as long as they make money.

A secondary point is that Barracuda's products are NOT open-source. Oh, they're built almost entirely on open-source (an open-source operating system, an open-source mail server, an open-source anti-spam scanner, an open-source anti-virus scanner, etc.) but they're not open-source. Essentially what they've done is take all of that open-source code, slap a web front-end on it for the point-and-drool crowd, and then sell it. They're not in this to help out the Internet or stop spam or anything else admirable: they're in this to make money, and they're perfectly willing (see first point) to make the spam problem worse if it increases their profits.

They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

Re:Barracuda makes the problem worse

[SlamMan]

Interesting. Barracuda's recommended settings (I have one sitting next to me we no longer use) are to have the bounce-on-reject or whatever its called turned off. The default is to have it on, but the defaults are clearly defined as a least restrictive/change these to meet your environment before putting in production sort of thing.

Re:Barracuda makes the problem worse

I'm fully in agreement with you in that the Barracuda's suck as far as anti-spam/anti-virus email gateways go - they backscatter (despite the fact that the underlying FOSS products they use can be configured to NOT backscatter), they limit which capabilities of the underlying products you can use, and are all around junk (if you are qualified to run a mail server, you can build a better solution yourself using the same or similar FOSS software that Barracuda uses). I ran a shop with Barracudas (forced on me by an idiot boss), and we threw them out after 6 months - a lot of the HA stuff like quarantining, etc just didn't work. On top of all that, I find it questionable that, given that these things are mostly FOSS, they are such a closed "blackbox" appliance...

HOWEVER, that doesn't change the fact that what Trend Micro is trying to lay claim to is preposterous - a patent on something as obvious as scanning email at a central relay on it's way in is ridiculous. For practically as long as email has been around, people have had filters (via things like procmail, etc) to keep certain types of content out. Virii is just one more type of objectionable content to look for. Scanning for a virus is obvious and not even a fantastic new idea, so a patent on such a thing is just crazy.

Re:Barracuda makes the problem worse

No, it is (at least partially) opensource. I don't know what exactly barracuda is running on their boxes exactly since you didn't say, but at the very least ClamAV is GPL and we know they're running it; and that means if they sell you something with a ClamAV binary on it, you're entitled to the source.

Re:Barracuda makes the problem worse

[svallarian]

I couldn't give a spit that the front end isn't open source. All I know is that I was able to get gateway level spam protection for under $5k for 200 users. Which would have cost well over $20k+ for a commercial solution that only works half as well. And, yes, I could have set all of that up from scratch and save a few thousand, but my time is better spent elsewhere.

Re:Barracuda makes the problem worse

[quaero_notitia]

"What would happen if the problem they claim to address was actually solved?"
Or the cosmetics industry, or...you name it. Treating "symptoms" is what makes this business world go 'round.

Re:Barracuda makes the problem worse

[tyroneking]

>> "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

You know, I ask that of the War on Terror / Drugs / Communists / File Sharers on a daily basis ...

Re:Barracuda makes the problem worse

[jblakezachary]

Barracuda's products do not make the problem worse. With this logic, every RCF compliant mail server in the world makes the problem worse by simply offering NDR, as Barracuda does. NDR functionality is standard. Incompetent admins (and SMTP itself) are the culprit, enabling NDR during configuration and never turning it off. Barracuda actually recomends all of its clients break RFC and leave NDR disabled . From RFC2821 section 3.7: "If an SMTP server has accepted the task of relaying the mail and later finds that the destination is incorrect or that the mail cannot be delivered for some other reason, then it MUST construct an "undeliverable mail" notification message and send it to the originator of the undeliverable mail (as indicated by the reverse-path)."

Re:Barracuda makes the problem worse

[element-o.p.]

Not to mention that my six year old daughter could provide better tech support than Barracuda does :(

We use a pair of Barracudas where I work to filter incoming e-mail, and in all truth, they work really, really well. That is, until something breaks. One of our units had problems with its hard drive, so we called tech support. They dinked around with the box (on our network) for over a week without fixing it -- all the while it was spooling up mail, but not delivering it -- and then things got bad. The Tech Support genius working on the box finally figured out the drive was having problems writing to /var, so he *comments the line mounting /var from /etc/fstab* and reboots the box.

Question for all you *nix gurus out there -- can a unix-like OS reboot without /var being mounted?

Anyway, at this point we're livid. Our box has been out of commission for over a week, the Tech Support n00b has finally hosed the box beyond in-the-field repair, and now we've got to send the box to Barracuda for replacement. Unfortunately, we don't have instant replacement on our warranty service any more, so they want us to ship the box back to them, and then once they get it they will ship a replacement unit to us. Since that means something like another 5-10 days of downtime on a box that's already been down for over a week, we ask about buying the instant replacement policy on the unit, and they tell us that yes, we can do that, but we'll have to buy the policy from the date it expired, meaning we will have only another month or two left on the policy after we buy it, and that buying the instant replacement policy is something like 3/4 the cost of simply buying a new unit outright.

Re:Barracuda makes the problem worse

[Arrogant-Bastard]

Nonsense. It is perfectly RFC-compliant to issue an SMTP refusal during the conversation with the SMTP client. This leaves responsibility for the returning an NDR with that client, thus avoiding the generation of backscatter/outscatter. Moreover, this has been a very well-known best practice for the better part of a decade -- even casual and novice mail server operators are well aware of it. Surely anyone claiming even minimal expertise in the anti-spam area should not only be well aware of it, but have long since done the necessary coding/configuration work to eliminate the problem entirely.

I suggest using the search engine of your choice to search for "backscatter spam" and reading what you find. Among other things, you'll notice that since backscatter is spam, that sites emitting it are eligible for several blacklists in addition to the two I already cited. You'll also notice that there has been particular emphasis placed on eliminating it by numerous participants in the anti-spam community -- a community, I might add, that Barracuda is conspicuously absent from.

Re:Barracuda makes the problem worse

[jblakezachary]

I still don't see how a barracuda box causes backscatter if the admin has NDR disabled.

Re:Barracuda makes the problem worse

[Arrogant-Bastard]

Two-part answer: first, there are many, MANY of those boxes out there that have NDR enabled. They're all spamming. It's unlikely that anyone has a complete list, but the two blacklists I cited in the original article have quite a few of them. Latest one seen locally: barracuda.corning-cc.edu. Second, Barracudas have been observed sending backscatter even when that switch turned off. Not often, to be sure, but it's been noted -- and reported to Barracuda. I've yet to see any response and/or fix from them.

Re:Barracuda makes the problem worse

[JLester]

The option to turn off backscatter has been in their appliances for quite a while now. We use one to get all the extreme spam/AV e-mails before they get to any of our regular mail servers. It has worked great for us and we do not contribute to backscatter since all those options are turned off.

Jason

Re:Barracuda makes the problem worse

[krunk7]

If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

The rest of your post might be spot on, but this is a piss poor litmus test. I can't imagine any specialist profession that the answer to that question wouldn't be "they would go out of business". For example, "What would happen to all the oncologists if cancer were cured?" => "They would go out of business!". But this hardly means there are no oncologists that genuinely care about their patients.

Re:Barracuda makes the problem worse

[Arrogant-Bastard]

Clarification: I meant that remark to apply only to various anti-spam vendors, not to doctors or anyone else.

I'd like to add that there's nothing wrong with symptomatic treatment as an adjunct to root-cause treatment; it's generally a good idea unless it gets in the way (say by masking the problem, making it tougher to pinpoint). However, I think there is something wrong with only doing symptomatic treatment when root-cause treatment techniques are well-known and readily available. And that's what I think a number of those (anti-spam) vendors are doing: I think they're letting others (with far less resources) do the heavy lifting.

As an example of what I mean, check the docket of anti-spam cases over the past few years -- and see who the plaintiffs are. And aren't.

Re:Barracuda makes the problem worse

[gfogus]

I don't understand about the products not being open source. Can't you get the source for clamwin as advertised here: http://www.clamwin.com/content/view/178/27/ ?

Re:Barracuda makes the problem worse

[castleinthesky]

In addition to barracuda's 'products' being known for generating spam - they are also known for several remote root level vulnerabilities (all in the web frontend they wrote). I myself found a fairly well publicized vuln a year or so ago, taking advantage of command execution through ';' and '|' with the fact most daemons run with root level rights through sudoers. Last time I checked their open source contribution consisted of a copy of an sles iso (iirc) with no patches included, and I believe gplviolations were investigating them at some point... (yes, this sounds as self promotional and bitter as I generally am)

Re:Barracuda makes the problem worse

[qralston]

They're not in this to help out the Internet or stop spam or anything else admirable: they're in this to make money

Exactly.

While Trend Micro's patent shakedown is underhanded, Barracuda's defense tactics are just as underhanded.

Up until they issued their press release, you could search in vain for any mentioned of Clam AntiVirus or ClamAV on their web site or in their product manuals. (You could find hits on GPL, but only because they mentioned that the source for GPL-licensed software was available.)

In short, Barracuda slaps a bunch of open-source products together, resells them at a hefty mark-up, and then runs slick ads in airports and trade rags to convince PHBs how great their products are. (Ads which, surprisingly enough, have no mention of GPL software or open source in them.) Is it any wonder Trend Micro targeted them?

Barracuda isn't fighting the patent because it's the "right thing to do". They're fighting the patent because they don't want to share their nice fat margins with Trend Micro, and because their marketing droids are gambling that open-source advocates will reflexively take their side (thus casting Trend Micro as the moustache-twirling villain).

I mean, look at the current headlines (as of 2008-01-29) on their web site:

Barracuda Networks Defends Free and Open Source Software from Patent Threat by Trend Micro

Barracuda Networks asks for help finding prior art to defend ClamAV

Barracuda to fight Trend over open source patent

Barracuda defends open-source antivirus from patent attack

Trend Micro sues Barracuda, potentially raises the cost of security for all

About the only one that's missing is, Trend Micro threatens to personally visit open source developers' homes and kick their cute, helpless puppies.

Yes, we should be concerned that Trend Micro is shaking the sabre patent at Clam AntiVirus (even by proxy). But the enemy of our enemy is not necessarily our friend. Barracuda Networks has been using open source products to line their pockets for years, with nary even the slightest lip service in return. But now that someone wants a slice of their pie, Barracuda would have us believe that they've spent these past years singing kumbaya and holding hands with Richard Stallman.

There are many companies more worthy of our support than Barracuda Networks.

Re:Barracuda makes the problem worse

I used to work at Barracuda, and I actually saw on a whiteboard in tech support:

"On XFS systems, do not comment out /var".

I then proceeded to make fun of the guy who wrote it for another year until I quit.
Fun times.

Re:Barracuda makes the problem worse

[Neanderthal+Ninny]

This is the similar to Red Hat with Linux.
Barracuda Networks uses open source applications and then pay the people who created/own the application so they sell it as part of their device. The clamAV is not the issue but how Barracuda Networks used clamAV and other open source applications as an "gateway" device which somehow TrendMicro has the patent for. Other gateway device manufactures are looking at this carefully since most of them are in a similar situation.
Patents, like anything, can be misused and original intent of the patent system is lost which we all suffer for.

Re:Barracuda makes the problem worse

[fatcop]

OK what exactly is the problem with using open source or free software in a service or rebadged product ?
"You" may not like it, but if their license permits it, what the hell is the issue here ?
Is it some kind of moral assault ?

On top of that. Just because someone or a company wants to make money to feed their kids, pay their employees, stay afloat, suddenly they are just out to rip the world off ? There are plenty of large and legit organisations that rip us off daily (banks, insurance companies, road and traffic authority ... pleeeenty more). Fight the obvious and big ones first hmmmm.

It is complete conjecture to say you know all about their operations.
I see it as a good thing if companies take opensource under their wing, and get money for it.
The opensource project gets recognition. The developers get respect and maybe future employment. The project may stay afloat because of its commercial use.
The company (or its clients) may contribute back to the underlying opensource projects due to its demand.
Also the company often adds a lot of value that the original opensource project doesn't. Perhaps documentation, support, flashy front end, (win32) installers etc.

Bottom line: If you think they are lazy or immoral making money off opensource software, its the opensource project is the one that needs a reality check. Change the license if its not what you intended.

Punish the patent clerk...

...by making him pay all the lost "possible revenue" the patent requestor might have earned if the patent had actually been worthy.

NOT AT All Too Easy To Fix

[crimperman]

Excise said offending code from the codebase,

That won't work in this case. The patent is for "A system for detecting and eliminating viruses on a computer network includes a File Transfer Protocol (FTP) proxy server, for controlling the transfer of files and a Simple Mail Transfer Protocol (SMTP) proxy server for controlling the transfer of mail messages through the system." So for Barracuda to comply they must stop scanning e-mails for viruses in their products.

This also means that it is not the use of ClamAV per-se which is being challenged but the fact that Barracuda are providing a server which scans for e-mail viruses. No wonder they are going to fight this - it's yer basic "pay up or close down" threat.

Not that I would mind too much - Barracuda's kit has caused me no end of pain in the last year and I don't even use one!

Re:NOT AT All Too Easy To Fix

[Archangel+Michael]

I'm not using a SMTP Proxy Server, I'm using a SMTP Relay server. Its not the same. :p

Re:NOT AT All Too Easy To Fix

[crimperman]

me too!

Well I guess the patent[1] covers people like Barracuda distributing a single product with SMTP and anti-virus built in not people like us who install an MTA and a virus scanner onto a server and get them to work together.

[1] Just want to point out that I deplore software patents and I am not defending them here. I am just saying that the "remove the code" argument doesn't work in this case as it means Barracuda lose their product.

Google?

[bigattichouse]

I did a quick advanced search up until 1995 and found bits and pieces of stuff. I think y ou would have to search for all the available anti-virus at the time and THEN look for modules that handled proxy filtering.

Mod up please

They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

Exactly like the pharmaceutical industry.

Re:Mod up please

[MMC+Monster]

They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

Exactly like the pharmaceutical industry. Yes. Like the pharmaceutical industry. Also like Medicine in general. (Why should I promote a healthy lifestyle? If my patients eat more, I get to treat them for all sorts of problems!) Also most branches of software engineering. (Hey: MSOffice2K/IE4/Netscape 4.0x works great. Let's give up now while we're ahead!) Answer: This is why we can't have nice people. (http://xkcd.com/374/) At some point we have to trust others. I do it the President Reagan way: Trust but verify.

Re:Mod up please

They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

Exactly like the pharmaceutical industry. Yeah, all the big pharmaceutical companies would have to do in order to keep us all alive forever without using any more drugs is to repeal the second law of thermodynamics and stop aging. :-P

You're a drooling, mouth-breathing dumbass, aren't you?

Re:Mod up please

[jedidiah]

It would be nice if big pharma would start by simply stop making
drugs that cause so many side effects that you have to take 5
other drugs just to deal with the unwanted side effects of the
first one.

Big pharma is a big scam.

Re:Mod up please

[the_B0fh]

That's why the health insurance industry is the one promoting a healthy lifestyle. Before you tar all health insurances with a bad brush - note that people who have a NON-PROFIT health insurance company typically have way higher comfort/happiness with their health insurance than those with FOR-PROFIT health insurances.

Re:Mod up please

[ColdWetDog]

note that people who have a NON-PROFIT health insurance company typically have way higher comfort/happiness with their health insurance than those with FOR-PROFIT health insurances.

Citation please? I ask, because one of the dominant "non profit" health insurance companies, the various Blue Cross / Blue Shields, have been involved in several class action suits, attorney general suites and various Problems that look suspiciously like the ones that the "for profit" firms seem to have trail them around.

In the US the difference between "non profit" and "for profit" insurance firms is small, technical, and to the end user, rather irrelevant.

Re:Mod up please

It would be nice if big pharma would start by simply stop making
drugs that cause so many side effects that you have to take 5
other drugs just to deal with the unwanted side effects of the
first one.

Big pharma is a big scam. You be sure to remember that when you have a choice to take a product of that "big scam" or, umm, die.

Forget about 'prior art' How about "It's OBVIOUS!

[erroneus]

Putting content scanning on an email server is pretty damned obvious. The patent should be revoked on those grounds alone!

Re:Forget about 'prior art' How about "It's OBVIOU

[crimperman]

Putting content scanning on an email server is pretty damned obvious.

But the patent wouldn't cover you or I[1] getting a fresh server, installing an MTA, installing a virus scanner and then integrating the two. The patent covers you or I distributing a product which includes those two things as a single service.
Software patents are plain wrong but it's not because an individual claim happens to be obvious, it's because the concept of patents is flawed when applied to software.

[1]Actually it doesn't cover me - I live in the UK :o)

Er WTF?

[brunes69]

So does that mean I can file a patent for running Microsoft Word in a VM just because I happen to be doing it right now?

An idea has to be ORIGINAL and NOVEL to be patentable. Just saying "take A and B and do them together!" does not a patent make.

Re:Er WTF?

[Thanshin]

Just saying "take A and B and do them together!" does not a patent make. Still, that a process can be described as "the simultaneous use of A and B" doesn't mean it isn't patentable. Thus, my response to the thread starter.

Re:Er WTF?

[brunes69]

Yes, it does.

You can't patent an obvious idea. Period.

The problem with patents is it is up to the courts what is obvious.

Re:Er WTF?

[Thanshin]

Yes, it does.

You can't patent an obvious idea. Period.
  "patent an obvious idea" =/= "patent the use of A and B together".

If you want to say that "the use of A and B together" is always an obvious idea, don't imply it; just say it, so we can argue about that.

Err

[Vexorian]

I guess I'll wait for a new protocol to come and patent "Fighting virus on XX protocol" That should do it. Man, this patent is so retarded, Trend Micro should be ashamed for ever filing it...

Re:Err

[PinkyDead]

Hey! That violates my patent "#5699039: A system for creating patents based on newly released protocols".

Re:Err

[maxwell+demon]

Your patent violates my patent on patenting patent-based business methods.

Concepts vs. Implementations

I thought that patents were supposed to protect my particular "solution" to a problem, not the entire concept of solving the problem itself.

Let's say that I invent a machine to separate cotton from the seeds. I am granted a patent on MY PARTICULAR "method and apparatus for separating cotton from seeds". That does NOT give me a monopoly on ALL machines to accomplish the same task. Someone else comes up with a completely different mechanism to accomplish the same task, now we have a competition without any hint of patent infringement.

Seems to me that the onus would be on Trend Micro to prove that Barracuda and/or ClamAV copied their precise implementation (source code) and used it in their products. Simply placing a virus scanner on the same server as your email and ftp services is in NO WAY a 'patentable' idea.

patent idea reversal

Perhaps the best play is to use the bad patent system and patent an antivirus system with included smtp and ftp abilties... because in the eyes of the patent office, this is completely different from an smtp and ftp system with antivirus abilities.

Hang on a second...

[PinkyDead]

I must be missing something here...

I have configured for a number of my clients their own SMTP servers for which I charge. These servers are generally gateways with postfix as the server. The anti-virus is ClamAV which is called by postfix.

Or to put it another way they have 'anti-virus detection on an SMTP or FTP gateway'.

Does this this mean I have violated this patent? Or should the patent be rewritten as 'Patent 5,623,600: Installing software on a computer'?

Re:Hang on a second...

What you have done is morally equivalent to stealing a CD from a record store. You're a thief.

Re:Hang on a second...

[MikeBabcock]

I've been doing the same thing with qmail for at least 10 years with McAfee before ClamAV.

Re:Hang on a second...

Yes, you violated their patent. That's why this is is a cluster fuck for the world.

Re:Hang on a second...

[just_asgard]

We just don't know all possible patents that we can violate. May be when i'm typing this message, i'm violating someones patent. I just clearly understand one thing: patents are not constructed for *protecting* intellectual property, but they're constructed for *attacking* concurrents or playing FUD game. So, until you're not dangerous concurrent for patent holder, you can do anything you want.

"Proxy" server

[srealm]

The patent listed above covers the running of an FTP or SMTP PROXY server. AFAIK ClamAV is simply a virus scanner, one that runs as a daemon and you can send it a signal to scan files in X location and report back, but still just a virus scanner. The patent listed here *MIGHT* apply to Amavis, but not ClamAV. Amavis is actually creating a proxy SMTP server and then delivering it to the 'real' SMTP port once it is clean. And it USES ClamAV and other virus scanners. But ClamAV doesn't do this by itself.

Re:"Proxy" server

There'r a lot of admin out there using such so call "SMTP or Gateway Proxy" integration with ClamAV. A more popular example is probably any MTA + ASSP + ClamAV integration...

Does that mean a lot of these setup also infringe the patent?

A quick google for prior art...

[martyb]

Thanks to google and its archive of usenet posts: this query on google groups of: "FTP SMTP virus proxy server group:comp.*" for the time period of 01-Jan-95 through 26-Sep-95 (the patent was filed on 26-Sep-95) returned this link .

It appeared in the comp.security.misc newsgroup and the first few paragraphs (emphasis added) suggests to me this might be prior art:

FOSE '95, WASHINGTON, March 21 /PRNewswire/ -- Norman Data Defense Systems, Inc. today introduced the Norman Firewall, a firewall providing a single, highly secured route for data traveling between networks and the Internet.

"We are proud to deliver a new level of data defense for networks that are currently vulnerable to attack from a variety of global data security threats, including hackers and viruses," said Norman Data Defense Systems, Inc. President and CEO David J. Stang, Ph.D.

Like a sentry positioned to identify visitors and then authorize or deny entry, the Norman Firewall combines an integrated front-end server, proxy server, and virus detector to defend systems and information. The Norman Firewall essentially opens incoming and outgoing data packets, and inspects, virus-checks (against more than 6,500 known viruses), and repackages the data packets, before delivery to their destination. No packets ever need to directly enter or leave internal networks.

I don't have time right now to search further, but wanted to put this out there for others to follow up on. Any takers?

P.S. As a point of comparison, consider that the Morris Worm was released onto the internet on 02-Nov-88 (more details here: A Tour of the Worm) and THAT was nearly SEVEN YEARS before this patent was filed!

Re:A quick google for prior art...

[AliasMarlowe]

I used Norman firewall and Norman Antivirus about 4 years ago, when I still had one Windows PC machine connected to the net. It was a decent enough anti-virus and firewall setup, although it did not support stealth mode for ports at that time. Apparently this was fixed in a later version. Thanks to a fubar by my ISP, I got a perpetual license for it, with version updates and no expiry date (net security was part of the ISP's service deal, included in the monthly bill). All of our PCs are now on linux, so we don't use Norman any more.
http://www.norman.com/

Isn't their real argument against ClamAV?

[penguin_dance]

But they're not going after small potatoes ClamAV for violating their patent. They're going after bigger potatoes, someone using a free service. This would be like if your computer uses an operating system, you've got to pay a fee to Microsoft no matter which OS you use--oh wait!

Seriously, it seems to me that this patent is another one of those overreaching ones. It's coming upon obvious technology, not created by itself and rushing to get a patent so that everyone who uses this technology to fight viruses has to pay a fee.

Re:Isn't their real argument against ClamAV?

[Ilgaz]

But they're not going after small potatoes ClamAV for violating their patent. They're going after bigger potatoes, someone using a free service. This would be like if your computer uses an operating system, you've got to pay a fee to Microsoft no matter which OS you use--oh wait!

Seriously, it seems to me that this patent is another one of those overreaching ones. It's coming upon obvious technology, not created by itself and rushing to get a patent so that everyone who uses this technology to fight viruses has to pay a fee. I don't buy the "ClamAv will be sued" too. Last thing a security company needs is making near all server admins mad. Even OS X Server comes with Clamav installed, go figure.

I didn't see any notorious action from Trend Micro all these years, for example the offer OS X/Linux users free commercial quality antivirus running in Firefox via Java ( http://housecall.antivirus.com/ with Firefox/OSX ). Imagine what would happen if Symantec came with a similar solution. They never came up with the abuse of "Theoretical, click 20 things to get it installed" threats too.

If those multi million, billion companies really using their patented invention and making millions out of it, let them pay.

I hope Trend to go Real Networks path. They have awarded lots of streaming patents which if you are a closed source company, you cough money and if you are open source, it is free for you. For example, if you are Adobe and want auto sensing of network lag on Youtube and feed the client slower bandwidth until it is OK (which you also auto sense), you pay to them. That is what I understood from their own CTO's post on Slashdot years ago. Sadly, that story got flooded with stupid "spyware" "startup" etc. junk so the significance wasn't discussed.
http://yro.slashdot.org/article.pl?sid=06/04/24/2016226 (story)

Kevin Foreman's comment
http://yro.slashdot.org/comments.pl?sid=183962&cid=15193581

Trend Micro and open source...

[nologin]

Hmm, the last time I installed a Trend Micro product was about 18 months ago. I know that back in that time, Trend was using postfix on their SMTP gateway anti-virus products implemented on Linux systems.

If Trend Micro is really trying to prevent other companies from offering cheap solutions for anti-virus/anti-spam gateways, I would take a long hard look at how they themselves got to where they did at this point in time.

I want a patent for doing X on the Internet

[Tikkun]

I should patent modding down bad posts on the Internet.

Is it just me, or..

[Seth+Kriticos]

Is anyone else starting to get tired of this?

The patent system was invented quite some decades ago to protect inventors from other people, who just stole their inventions and made profit of it.

Back in that days, inventions were actually realy made and development was so slow, that 20 years were a reasonable time for the protection of the invention.

Then time moved on, the number of real inventions did not realy rase, but most stuff was just a mere reorganization of existing stuff, but the number of patents went up.

Nowdays, if someone realy invents something, that would make the world a better place, some big corporation ensures, that it never surfaces bigger public, because that would harm their bussiness. (Like some drafts of more effective engines, and the like).

Now we start putting patents on Software, which is like a book, and should get copyright, but why on earth sould it be patented? And where does that benefit the creation of new inventions? It clearly does the opposit in most perspectives.

So maybe I'm missing the point, but I don't realy see, why this kind of system can keep existence, even thow it slowly brings economy to ruin and helps humanity to get a step closer to selfdestruction. Hmm.. Maybe I'm a bit exagerating, please prove me wrong.

Re:Is it just me, or..

no, i'm not tired of it....and i'm going to sue the arse off you for violating my patent on the advanced technology of spelling "really" as "realy".

Not every Patent contains something novel.

[Forge]

Sometimes all a patent holder dose is read PC Magazine, then translate an article or product review into legalese and file the result at the Patent Office.

Under the American system there is no penalty for filing a patent today on something as obvious and commonplace as 120 Volt AC Electricity. The only possible penalties you could suffer are 1. to have the Application rejected (see *) or 2. To have the patent thrown out when you attempt to defend it in court. The former is no punishment since it just puts you back where you started. The Latter only hurts if you overspend on lawyers. Clever Patent sharks make the legal team part owners.

* -: Many decades ago Albert Einstein worked in the Patent Office. Since he left the average IQ in that office has been declining by around 50% per year compounded. Which means that the current average is so close to zero, that employing a few heads of Cabbage would improve matters.

To make matters worse, those Patent officers are grossly overworked as the number of staff members has not kept pace with the increase in Applications. Even the US Embassy here in Kingston had enough sense to get more interviewers when the number of applicants increased.

Re:Not every Patent contains something novel.

[rattlesoft]

Don't forget about TV, for those lazy patent lawyers, does anyone remember the guy who tried to patent the engine on the Star Trek's Enterprise?
The Patent Office actually did good and asked for a working example before approval.

Re:Not every Patent contains something novel.

[ColdWetDog]

The Patent Office actually did good and asked for a working example before approval.

Good thing that Microsoft copywrited Windows as opposed to patenting it....

Re:Not every Patent contains something novel.

[Randolpho]

Good thing that Microsoft copywrited Windows as opposed to patenting it....

It's admittedly been years and years, but my memory of the whole affair is that it was Apple that had copyrighted their OS and sued Microsoft for copyright infringement.

you don't hold the copyright

[Laebshade]

IANAL, blah blah blah (of course), but I would think since you don't own the copyright on the software (and therefore don't own full rights to it), you're not liable.

Re:you don't hold the copyright

[PinkyDead]

I wrote and hold the copyright on the main.cf - which is the bit that puts anti-virus software on the SMTP gateway.

(To be fair I'm sure you're right - I'm just being facetious in response to a spurious patent).

Re:you don't hold the copyright

[charlesnw]

IANAL, blah blah blah (of course), but I would think since you don't own the copyright on the software (and therefore don't own full rights to it), you're not liable. Baracuda doesn't hold the copyright to ClamAV either. However they are being sued. If TrendMicro is successful, then they could potentially sue anyone who "violates" that patent.

Sweden

[Weezul]

Maybe it's cheaper to just relocate all the developers with nice programming jobs in some nice European country like Sweden?

procmail

[s4ltyd0g]

Folks have been doing stuff like that for years now, with tools like procmail and others.

Re:Man, I hate that receptionist.

Man, I hate that receptionist.

But she's hot, dude, so she stays and you go.

"Symantec wouldn't be paying up unless..."

[Chas]

Unless they thought that the cost of licensing was less than fighting a nice, protracted court case. Because, as the SCO case has shown, court cases are exceptionally inexpensive right?

Insightful?

YOU PATENT THE ROBOT-CREATED THINGY.

You don't patent "typing stuff in" or "a program that makes a robot make a thingy". You patent the *thingy*.

Bum

[dosun88888]

ba da bum, ba da bum, ba da bum, ba da bum, ba da bum, ba da bum, ba da dum bummmmmm, waaaaaaaaaaaahhhhhhhh.

They're just pissed that they can't get the G GGG GGG GGG GGG pattern down.

NO- government no longer works

[bussdriver]

There are many reasonable solutions that CAN be taken to congress but there is no chance in hell of them making past the heavily corrupt process, just like campaign reform (many just ignore the laws they do have and only a few in recent years were caught and those that did are generally treated well even if the full extent of the crime is disclosed.)

Government by and for the corporations. The corps have hacked out most the democracy from the system. At least now more people are joining the minority who has been in real world all this time.

Can You Really Patent This?

Am I missing something? Does this patent involve more than searching an email for
a bit pattern and processing it one way if it matches and another if it doesn't?
Correct me if I'm wrong, but hasn't email has been doing that for at least 25 years!

Remote Access + F-prot used to be nice

[freaker_TuC]

I've even written a door for it, cmfdprot for the client side, cmraviri for the board.

Any file coming in through the modem/internet was automatically scanned upon drop after zmodem/ftp had finished it's transfer.
Any messages with attachments had the same treatment; I've never spread a virus through my BBS in the 7 years it was open.

Then you get an arm..

[msimm]

With a second patent for your physical object.

Sigh...

[PhotoGuy]

With the bloated McAfee and Norton products, that brought systems to more of a standstill than the viruses they let through anyway, I always saw Trend as a bit of a good guy in the market. Their relatively lightweight online scan, Housecalls, always worked well for me in fixing up other people's PC's. (Their last version with Active X and shit became a bit more flaky and a bit more of a dog, but still beat Norton and McAfee, IMHO.)

Now they've fallen into the "asshole" category in my mind (man, it's getting crowded in there). Thankfully since my switch to OS X, I can be a bit more dispassionate about the whole virus scanning tools market. Still pisses me off, though...

Yes - but with a correction

[janrinok]

"and now the world is supposed to pay them"

Not strictly true. Other US companies are supposed to pay them. Those of us who don't have software patents don't really care what Trend might think. Now, ask yourself, who is the US patent system helping? It doesn't matter a jot whether you argue the semantics of 'inventing' or 'investing', the vast majority or the people that are being penalised by this system live in N America

Re:Yes - but with a correction

[PopeRatzo]

It doesn't matter a jot whether you argue the semantics of 'inventing' or 'investing'

So you think the difference between "investing" and "inventing" is semantics?

Re:Yes - but with a correction

[turbidostato]

"So you think the difference between "investing" and "inventing" is semantics?"

For the most part, yes, as it is between "investing" and "discovering". Do you really think is per chance that USA has been granted more Nobel prizes than Zimbabwe?

Cool! An Anne Hathaway/Minnie Driver love scene!

[Impy+the+Impiuos+Imp]

Barracuda has been able to leverage open source to bring down the cost of security. Early on Barracuda was blocking spam and viruses at roughly 1/10 the price of the nearest proprietary competitor

Yes, we know you can lower prices by not paying for the patent. That's why there are patents! So people can't just rip off other people's ideas, after all their hard work, and start selling the desirable product of all that work.

Now, if you want to claim the patent is obvious or has prior art, good luck forging new ground where Symantec and McAfee couldn't.

Mail filter

From the patent -
"The FTP proxy server and SMTP proxy server scan all incoming and outgoing files and messages, respectively before transfer for viruses and then transfer the files and messages, only if they do not contain any viruses."

Isn't this just a glorified mail filter? Procmail has been around since 1990.

PLEASE, OUT OF BUSINESS NOW!!

[fzammett]

If this gets rid of those God-awful ads on XM that annoy the shit out of me all the time, then I'm all for it. Then again, I'd *MUCH* rather it be AppRiver they were going after... my commute to and from work each day would be SO much better without those abortions!

"AppRiver...apply directly to your eMail! AppRiver... apply DIRECTLY to your eMail! AppRiver... apply directly to YOUR eMail!"

I've got a baseball bat I want to apply to someone's fucking head!

(first person that points out the obvious, that I can just change the station, can line up behind that announcer to meet my Louisville Slugger!)

Specific SMTP Prior Art

[bill_mcgonigle]

Here's on for TFS, which:

Its pretty functional - gateways between any/all MS/MAIL, WP-OFFICE, CC:MAIL,
SMTP, UUCP, MCI-MAIL. It does uuencode and MIME attachments (configurable per
address or domain wildcard) and international characters. It can also virus
scan attachments on the way through the gateway, and access can be controlled
on a user by user basis!

It looks like it's still around in some form from foxT. So long as the SMTP part is invalidated, I think the Internet will live on, and maybe FTP can just go away...

Not SPAM, canned cheeseburgers

http://gizmodo.com/350091/cheeseburger-in-a-can-is-both-the-best-and-worst-thing-ive-ever-seen

Re:Forget about 'prior art' How about "It's OBVIOU

[Anonymous+Psychopath]

Obvious today, not so obvious 13 years ago. The concept of a firewall is itself very different today than it was back then. Today a firewall is an appliance. Back then it was an architecture.

News filtering

[DrYak]

Except that the concept of automatically filtering electronic messages is much older than the internet e-mail (the SMTP/IMAP/POP one - as opposed to the older e-mails that didn't travel around using TCP/IP).

Filtering has been the natural answer to SPAM as it started to arise in news-groups at the begining of the 90s. So we can assume that it's at least as old as NNTP, UUCP and the like.
All that Trend Micro did was to transfer the concept to the then current mail protocol. Given SPAM filtering on news groups and other pre-TCP/IP messages, filtering SPAM and Viruses on *internet* e-mail is a plain fucking obvious idea and doesn't involve as much originality as they involve just rewriting your scripts to use what is the current message transfer protocol.

For me it falls in the same category as "... but on the Internet" patents.

If that can be considered a valid patent, someone should go and patent "filters against spam, trojans & virues, but specially for blogs messages / facebook applets / and wireless data transfer protocols" and sue the hell out of free and open anti-spam networks. (That's obvious. Just port the same unoriginal idea to whatever is the message and file exchange protocol du jour).

numbers != proportion

[DrYak]

just to say that in terms of sheer numbers and access, it's not what it is today.

On the other hand, 30 years ago, in term of proportion, hobbyist has never been so high .
Back then, big corps didn't pay attention to anything that wasn't big iron, and homemade non-commercial* hobbyist micro-computer where pretty much the only available micro computers.
And thus, garage-developer would probably the only kind one could find around back then.

* : In the sense "Not backed up by some big corp and mass produced". Of course lots of hobbyist made profit by selling kit or helping solder the kits into computer for a profit.

great

[just_asgard]

The issue is Trend Micro's patent on 'anti-virus detection on an SMTP or FTP gateway'. great. may be someone should to patent breathing oxygen?

Deja-SCO

[r7]

Where have we seen this before, oh yea, SCO. Is there a difference? I don't see one and will predict exactly the same outcome. Trend will lose their suit and stockholders will foot the bill.

Sad that another board of directors would put their support behind litigation in place innovation, but then I guess someone must have been selling short to see any benefit in such a strategy.

The rest of us will need to be pro-active and not wait to replace Trend software, wherever it may be, with software from a more open and sustainable organization.

software patents

[falconwolf]

I personally believe that the current problem with our system is that the patent office (due in large part to a decision by the Supreme Court) didn't grant software patents (in the form of business method or machine patents) earlier.

I think this totally wrong. The problem, one of them that is, with the patent system in the US that the US Patent Office issues patents for software. Software should never be patented as it is only instructions on how a computer will perform a calculation. In other words software are algorithms. All that should be patentable is a unique solution to a given problem, if someone were to create a new solution they should be able to use it without worrying they'll infringe on someone else's patent.

The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers.

Sure they did, it was hobbyist hardware hackers who built up Homebrew computers, from which the Mac and PC came from. Prior to the hardware hackers were the software hackers from places like MIT's Model Railroad Club though they also hacked hardware, though Stanford had it's share of hackers. It was there that the imagine of the hacker sitting in a basement all night programming came from. It's also where open source really comes from, part of the hacker ethic was to share.

The case referred to above was Gottschalk v Benson 409 US 63. The Court held that mathematical expressions could not be patented, and essentially found that all computer programs were mathematical expressions. The patent in question was for a bit shifter (converting decimal numbers into binary). IMO, we would be better off today had they simply found the patented material to be obvious, which is what many amici suggested.

Now I'm confused. Here you're arguing similarly to what I said above whereas in your second paragraph you argue software patents should have been granted earlier.

Falcon

Re:software patents

[radarjd]

Now I'm confused. Here you're arguing similarly to what I said above whereas in your second paragraph you argue software patents should have been granted earlier.

I should clarify, I thought the particular patent at issue in Gottschalk should have been invalidated for obviousness. I do not think it's possible to be consistent with prior practice to forbid software patents. I do think they should have stricter requirements in terms of enablement.

If you forbid "software" patents, where do you draw the line? It seems like you would have to eliminate any process patent whatsoever. All process patents boil down to a series of instructions, which is one of the ways people file "software" patents. If you forbid software patents, you also have to restrict machine patents greatly. A machine patent claims a machine with certain specific properties. Many software patents claim a machine wherein the properties are essentially defined by software.

I personally would require source code to enable a software patent. "Enablement" is a term of art that requires the description of the patent to allow someone besides you who is skilled in the art to build your invention. Because strictly software patents have never been allowed and patent attorneys follow this fiction of either process or machine patents, the patent office has never required the code actually necessary to execute the software. I think that the actual code should be required, which would both make the patent more specific and would add the code to the public domain once the patent expires.

Re:software patents

[falconwolf]

If you forbid "software" patents, where do you draw the line?

You draw the line at software, that's where. No, that's wrong. You draw the line where you have a physical object. If it's not a physical object or one that does not work the way described then it shouldn't be patented.

It seems like you would have to eliminate any process patent whatsoever.

I don't know what you mean by "process patent", does it have anything to do with business methods, such as Amazon's "One Click" business method that was patented? If so then as I've said before business methods should not be patentable.

A machine patent claims a machine with certain specific properties.

More than just that a patent on a machine describes how someone can build or make their own machine following the patent. However the way to manufacture the item in detail may not be the only way the make one. Take some alternators from difference cars. An alternator from one car will be made by one company who may have more than one patent on the alternator, while one from another car will be made by a different company and has different patents. Each way may deserve a limited monopoly.

Falcon

Re:software patents

[radarjd]

I don't know what you mean by "process patent", does it have anything to do with business methods, such as Amazon's "One Click" business method that was patented? If so then as I've said before business methods should not be patentable.

I can see you're well versed in patent law, which is good to have an educated opinion. 35 USC 101 defines patentable subject matter as "any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof." A "process patent" is a patent which claims a new and useful process (or a new and useful improvement on a process). Process patents do include business method patents, but also other types of process improvements (often improvements in manufacturing processes).

You draw the line at software, that's where. No, that's wrong. You draw the line where you have a physical object. If it's not a physical object or one that does not work the way described then it shouldn't be patented.

Okay, so what if I have a physical object which implements an algorithm? Is that patentable? Would an abacus be patentable (disregarding for arguments' sake the fact that it's been around thousands of years)? I don't think the line is as clear as you make it sound. Under your logic, if I implemented an algorithm in clockwork it would be allowed, but if I instead used transistors, would it not?

Why does the public benefit so much more from granting a monopoly to the inventor of a physical thing than a process or method?

Re:software patents

[falconwolf]

Okay, so what if I have a physical object which implements an algorithm? Is that patentable? Would an abacus be patentable?

Only specific implementations of an algorithm wherein there are other ways of implementing it should patentable. So long as it is non-obvious that is. Way back when it was invented I would have allowed the abacus the be patented, though I'm not sure how one can be implemented differently. And Babbage's Difference Engine as well as Intel's x86s. What I would not allow would be the general idea of a difference engine or CPU being patentable.

if I implemented an algorithm in clockwork it would be allowed

If you made a clock with a specific number of gears with specific gear ratios, that hasn't been used before, yes it should be patentable. For instance a clock with 4 gears, the ratio between gears 1 and 2 being 60:1, gears 2 and 3 also being 60:1, gears 3 and 4 having a ratio of 24:1 shouldn't be patented. However a clock with a different number of gears having different ratios may be patentable.

Under your logic, if I implemented an algorithm in clockwork it would be allowed, but if I instead used transistors, would it not?

See the paragraph above. Just substitute transistors, as well as capacitors and counters, for gears. Actually I don't have a clock, not one to hand on a wall, so I've been thinking about building an electronic clock with LEDs mounted on a circular board.

Why does the public benefit so much more from granting a monopoly to the inventor of a physical thing than a process or method?

Actually whereas patents may of benefited society before I don't know if they still do. I used to support patents however I no longer do. Now I'm not totally against patents but I think some good scientific studies need to be done as to whether patents do provide benefits or not now. As for software, software is already protected by copyright. If someone had patented a program to output "Hello World" no one else would be able to implement it, without a license.

Falcon

Re:software patents

[turbidostato]

"Okay, so what if I have a physical object which implements an algorithm?"

What so?

"Would an abacus be patentable"

Of course yes. But this doesn't mean that the algorithm or the generic method would be patentable. You patented your abacus, not the "calculus machine", not even "calculating by means of positional representation of cardinality". You patented a *thingie*; yours has four bars; mine five, bad luck; yours counts base10; mine base16, bad luck again.

"if I implemented an algorithm in clockwork it would be allowed, but if I instead used transistors, would it not?"

You are patenting the f* clock, not the algorithm. Indeed your patent proposition would read "f* clock that executes algorithm X"; I'm free to patent "The Uberclock, that is 100% more efficient than f* clock when executing the very same algorithm X". Doesn't seem so difficult to understand.

"Why does the public benefit so much more from granting a monopoly to the inventor of a physical thing than a process or method?"

"Because" -and that's really the point, the public benefits no more from patenting *anything*. Patents were born in the early days of the Industrial Revolution as a proper means for the owners of the *ideas* to have a chance over the owners of the *capital*. Little Joe wouldn't waste his time working on machine X knowing that as soon as he went with a working prototype Mr Tycoon would copycat it and taking all the money with him. On the other hand, due to the state of affairs Mr Tycoon had no real incentive to invent by himself: the world was already good to him.

Nowadays, companies big and short are everywhere, technological advances blightning fast and simple competition is enough incentive for them to use R+D to gain competitive advantage; patents are needed no more (much less in technology: what will be good for some patent on the drive on and HDD in twenty years from now? not much. So that's the benefit society gains from it: not much).

Now, for the unavoidable car comparations.
1) Patents in the early days of the Industrial Revolution are alike to a car's start engine: you use it to start the car's engine, but surely you let off the key once the engine is running. Allowing the start engine going on after the main engine is on would surely break them both.
2) In the early days it was about having *one* advantage; quite alike the first ABS. Current patent system results in an (maybe Renault, maybe Citroen, I can't remember) adverstiment about how its new model was awarded as the most secure of the year due to patents A, B and C and how that really did save lifes. The advertisement went on saying that they just couldn't deny these really life saving technologies from reaching everybody ...thus the great pricetag for his model -where obviusly one would expect "well, if they are so great, shouldn't they be used on *all* cars not only yours? After all is about saving lives, isn't it?" Of course not: Mercedes will have the best braking system; BMW the strongest engines; Volvo the safest chasis... but you can be sure you won't be able to have simply the best possible car (that's the main idea of capitalism, isn't it?) just because all those brakes, engines, chasis... are patent covered by a lot of different companies. The patent system was great in order to invent *the* (first) car; it's become a terrible load nowadays.

Geez, this is a simple answer

You're providing a service, not selling a product. If you sold boxes which did that, or a software product that did that, then you MIGHT be violating that patent. See a lawyer to find out.

But as far as selling a service, no, you're not violating their patent.

patents

[falconwolf]

Even if you do patent something, if someone else makes a similar thing from scratch, and sells it for less or makes it free, well tough, you shouldn't be able to sue them for it. If you find that you have competition, you improve your own product, things should be sold by their value, not by destroying competition.

Adam Smith thought pretty much the same. He called patents a necessary evil.

Falcon

corporations

[falconwolf]

I for one would love to see the day where corporations are not considered to be persons in any way, including paying taxes(all the profits go to someone and would be taxed at the personal level anyway), or sheltering guilty executives from liability when their decisions cause harm to actual people.

Actually corporations but not people should be who pays income taxes. Someone who works to earn money shouldn't have government taking their money. However because corporations grant stockholders limited liability they should be made to pay taxes.

Falcon

TCP/IP

[falconwolf]

Given SPAM filtering on news groups and other pre-TCP/IP messages

News groups are pre-TCP/IP? That's funny, as TCP/IP dates from 1974 when RC 675 was specified and V4, RFC 793 specified in 1981. Usenet was established in 1980, before 1981 but after 1974.

Falcon

My ISP does anti-viral scanning on outgoing mail

[falconwolf]

My ISP scans incoming email for viruses. If the scan detects a possible virus the message is transfered into quarantine then puts a message that the message was quarantined into your inbox. My ISP also uses both whitelists and blacklists.

Falcon

Trend Micro

[falconwolf]

Trend Micro have been in the business a long time, how long?

Yea Trend Micro has been in business long enough to know putting a virus scanner on a server is an obvious move.

Falcon

Re:Trend Micro

[Barny]

Yeah, funny that, they have been doing it for a damn long time, putting AV on servers/network appliances.

Hate to say it, but this patent

[falconwolf]

(1) seems non-obvious

Non-obvious to a non-expert.

(3) seems cheap enough that Symantec / MacAfee pay the fees.

The SCO case has shown it's cheaper to pay a fee than it is to litigate.

Falcon

patents

[falconwolf]

Now, if you want to claim the patent is obvious or has prior art, good luck forging new ground where Symantec and McAfee couldn't.

This overlooks one thing, as the SCO case has shown defending yourself against charges of patent infringement can be very expensive. McAfee and Symantec may of decided to pay for a license than fight it in court.

Falcon

The patent system is obsolete

[nicodoggie]

If patents are meant to stimulate new inventors into sharing their ideas to the world by having them own the right to make money out of it, then this system is already obsolete. People in the open-source community are already jam-packed with radical new thinkers and inventors that do not subscribe to the need for commercially marketing their creations. They release it to the public, free of charge, complete with the source code.

But since the world's leaders (government and business) still think in terms of dollars, we wouldn't see this legacy system disappear anytime soon