IBM Wants Patent For Regex SSN Validation

theodp writes "What do you get when you combine IBM contributors with the Dojo Foundation? A patent for Real-Time Validation of Text Input Fields Using Regular Expression Evaluation During Text Entry, assuming the newly-disclosed Big Blue patent application passes muster with the USPTO. IBM explains that the invention of four IBMers addresses a 'persistent problem that plagues Web form fields' — e.g., 'a social security number can be entered with or without dashes.' A non-legalese description of IBM's patent-pending invention can be found in The Official Dojo Documentation. While IBM has formed a Strategic Partnership With the Dojo Foundation which may protect one from a patent infringement lawsuit over validating phone numbers, concerns have been voiced over an exception clause in IBM's open source pledge."

Prior Art so Prior It Hurts

[eldavojohn]

Application Patent Date: November 20, 2007
Online Prior Art at the Regex Library from 2004:

^(?!000)([0-6]\d{2}|7([0-6]\d|7[012]))([ -]?)(?!00)\d\d\3(?!0000)\d{4}$

Put that into your favorite Javascript regular expression object and write a stupid onChange reference to it in your HTML and ... tada! Too complicated? Here's some more prior art. Or here. A little bit of Googling must be too much for the USPTO.

Are we suddenly shocked to discover one line of code can be patented when a whole mess of code can be patented?

Re:Prior Art so Prior It Hurts

Are we suddenly shocked to discover one line of code can be patented when a whole mess of code can be patented?

No, we're not!

Re:Prior Art so Prior It Hurts

[i_want_you_to_throw_]

I wish I could mod this up to "6". "Prior Art so Prior It Hurts". I love it.

Re:Prior Art so Prior It Hurts

Indeed, now go make one that also validates that it *could* be a valid SSN, meaning taking into account odd-even semantics and state prefixes/et cetera. This is non-trivial to accomplish actually.

Re:Prior Art so Prior It Hurts

[Rei]

The amazing part is that IBM is wasting this kind of money applying for a patent that has no chance of standing up in court, if they're even dumb enough to grant it in the first place. I'm in the process of applying for a software patent myself (I know, summon the chorus of boos; but having it could be the difference between being able to raise VC and not being able to raise VC for my starting business; loans, too, are often secured against your IP). These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so. Also, from discussions with my attorney, it's really hard to get away with the "bloody obvious" software patents anymore after all of the blowback from things like the Amazon 1-click patent.

I'm surprised they'd waste the money trying. Perhaps their legal department didn't have enough work to do but they didn't want to cut staff.

Re:Prior Art so Prior It Hurts

I've been doing this in my apps for years.

Re:Prior Art so Prior It Hurts

[Shakrai]

These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so.

What makes you think that's anything more than pocket change for IBM?

Re:Prior Art so Prior It Hurts

From reading the patent it seems that they are patenting the application of a regex to a data input field. The ssn is just an example
  "an input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters"

Not that this is any better but it is different to what everyone is saying

Re:Prior Art so Prior It Hurts

[Charles+Dodgeson]

In the 1990s at Cranfield University, Peter Lister developed a mod_perl Apache handler for creating web forms. (I wrote the documentation and trained people to use it). At one point we added the ability for form creators to list perl regular expressions for validating input. This was in the UK, so social security numbers were never an issue, but we did provided a general mechanism for this kind of input validation using REs.

Somewhere I probably have an old hard drive or tape with the code, but I really don't think I could find it.

Re:Prior Art so Prior It Hurts

[Zordak]

Also, from discussions with my attorney, it's really hard to get away with the "bloody obvious" software patents anymore after all of the blowback from things like the Amazon 1-click patent.

Somebody mod parent up. The days of the patent office just rubber stamping software patents (if there ever were such days) are over. Those guys have gone absolutely freakin' nuts with KSR. Seriously, you could send them an application for a working FTL drive, and they'd just shoot back an obviousness rejection combining one of Einstein's publications with an episode of Star Trek. I'm not saying it's bad to treat obviousness as a hard fact question where we have to actually use our heads rather than mechanically use the Teaching/Suggestion/Motivation test. But these guys have gone totally the other way. They don't use their heads. They just mechanically reject everything as obvious if they can find the pieces in any prior art, regardless of whether it was obvious to put them together (and for those who think this is a good thing, the result of this line is there's no such thing as an invention, because everybody builds on what's already there).

And now with Bilski, the examiners are all hot to reject any software claim as not patentable subject matter. Really, the landscape has changed. Anybody sitting around posting on Slashdot and grousing about the USPTO rubber stamping software patents really has no idea what they're talking about.

Re:Prior Art so Prior It Hurts

[Daniel+Dvorkin]

I'm in the process of applying for a software patent myself (I know, summon the chorus of boos; but having it could be the difference between being able to raise VC and not being able to raise VC for my starting business; loans, too, are often secured against your IP).

So if your VCs wanted you to torture puppies to death before they'd give you money, would the "chorus of boos" have any effect on your actions?

There are many ways to get money. Some of them are right, and some of them are wrong. People with consciences know there's a difference.

Re:Prior Art so Prior It Hurts

[ttyRazor]

More true than you know. A friend of mine started working for the the patent office not too long ago with the explicit instruction to reject everything that comes across his desk.

Re:Prior Art so Prior It Hurts

That is a patent application; it hasn't been accepted yet. The patent office is so far behind in processing patent applications that they probably won't get to it for another 2 years. The summary even says "assuming the newly-disclosed Big Blue patent application passes muster with the USPTO."

Re:Prior Art so Prior It Hurts

[MindStalker]

No this is akin to his VCs wanting him to draw out elaborate plans to torture puppies, as long as he doesn't sue anyone over the patent no puppies have been harmed.

Re:Prior Art so Prior It Hurts

Application Patent Date: November 20, 2007

Online Prior Art at the Regex Library from 2004:

^(?!000)([0-6]\d{2}|7([0-6]\d|7[012]))([ -]?)(?!00)\d\d\3(?!0000)\d{4}$

Put that into your favorite Javascript regular expression object and write a stupid onChange reference to it in your HTML and ... tada! Too complicated? Here's some more prior art. Or here. A little bit of Googling must be too much for the USPTO.

Are we suddenly shocked to discover one line of code can be patented when a whole mess of code can be patented?

You do realize that is just a patent application publication, and that nothing has actually been patented, right? Just because it's a silly application doesn't prohibit the USPTO from publishing it.

Depending on the backlog for that particular area, it probably hasn't even been picked up by an examiner yet.

Re:Prior Art so Prior It Hurts

Having a patent (or a patent application) does not necessarily mean using that patent to stifle innovation.

This is like the VCs wanting him to own a puppy-torturing machine. It's up to him if he wants to actually use the machine to torture puppies. He just has to have it to get funding.

Re:Prior Art so Prior It Hurts

[Zordak]

My post is flamebait and yours is "funny"? [Shakes head in disbelief]. This isn't a flame or a joke. It's absolutely true. I've seen a former examiner say, on the record in a deposition, that he had to get permission from his boss's boss to allow an application on the first action. The assumption is that you will reject all applications at least once (and preferably at least twice so you can draw an RCE with those yummy fees).

Re:Prior Art so Prior It Hurts

[radtea]

as long as he doesn't sue anyone over the patent no puppies have been harmed.

And when the company gets bought out and the puppy-torturing plans get put into action by the new owners, and he screams, "But I didn't mean this to happen!" he will not be forgiven.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

The amazing part is that IBM is wasting this kind of money applying for a patent...As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so.

You do realize that even the 100k cost is barely 1 millionth of a percent of their yearly revenue? It would also barely make a 1/100000th of a percent dent in their on hand cash.

Re:Prior Art so Prior It Hurts

[twidarkling]

Except this system doesn't actually do that. If you read the patent application, they're simply checking for invalid characters being entered before you click submit.

And I'm pretty sure I've had games check if the key I entered was valid as soon as I finished entering it, not needing to submit it, so this has already been done, by other people, in the wild. Seems like it should fail on that merit alone.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

Oh and to elaborate even more. They make $200,000 every minute of every day. The combined 5k retainer and 5-10k for a single patent fees you complain about they would earn the money to pay back in about 5 seconds of operating.

Re:Prior Art so Prior It Hurts

[EvanED]

I'm in the process of applying for a software patent myself (I know, summon the chorus of boos; but having it could be the difference between being able to raise VC and not being able to raise VC for my starting business; loans, too, are often secured against your IP). These things don't come cheap -- mostly in terms of legal costs. As in a $5k retainer, $5-10k total for a single patent, more if it takes multiple patents to ensure sufficient protection, and if you want international protection, it can go up to $100k or so.

IBM has staff lawyers; they aren't paying standard retainer fees like you are.

Re:Prior Art so Prior It Hurts

[Rei]

Irrelevant. Whether you're a big company or not, you can't afford to waste money on frivolous things. You have to balance your expenditures versus what else you could be doing with that money.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

Awww, do you want us to cry because you actually have to work hard to get a patent? Let me call the waaahmbulance for you.

Re:Prior Art so Prior It Hurts

[JWSmythe]

    It's not trivial, but not impossible.

    The first 3 digits are the area (state) code.

    The next 2 digits are the group.

    The last 4 digits are the serial number.

    There is no check digit, so no further math is required to validate it.

    State codes are listed here http://www.socialsecurity.gov/employer/stateweb.htm

    The highest issued group as of May 01 2009 is listed here: http://www.socialsecurity.gov/employer/ssns/highgroup.txt

    You can pull the high group file back to November 2003 from the SSA site here: http://www.socialsecurity.gov/employer/ssnvhighgroup.htm

    The group numbers are used out of order for "administrative" reasons.

    The groups are assigned as:

    ODD 01 -> 09
    EVEN 10 -> 98
    EVEN 02 -> 08
    ODD 11 -> 99

    Area 000 is never issued.
    Group 00 is never issued.
    Serial 0000 is never issued.

    The Area (state) code is based on where the card is issued, not where the person was born. If you were born in NYC, but your number was issued in California, you would have a California area (state) code.

    Now, the SSN is generally requested by the hospital, so if you have a baby born in the US, part of the stack of paperwork includes the SSN request form. In those cases, obviously the birth state and SSN state should match, unless for some odd reason the request is sent to another state.

    When I was born, there was no requirement to get a SSN issued immediately, and my family moved when I was 5, so my SSN was issued by the second state.

    The logic to test if a SSN has been issued is pretty easy with a couple tables in a DB, or a whole lot of hard coded crud that has to be updated monthly.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

Irrelevant.

Actually it's not irrelevant at all. The fact of the matter is that for someone like IBM it makes almost zero appreciable difference to their bottom line to send out a patent application even if it might get rejected.

Whether you're a big company or not, you can't afford to waste money on frivolous things.

Who says its going to be frivolous? The USPTO hasn't even ruled on it. Secondly, the fact that they are spending the money on it clearly means that they don't see it as frivolous.

You have to balance your expenditures versus what else you could be doing with that money.

Sure, but a company with $100 billion annual revenue isn't going to go in a panic attack over $10k in patent application fees.

Re:Prior Art so Prior It Hurts

[Rei]

It doesn't matter if they don't have to pay a retainer; they still have to pay them.

Re:Prior Art so Prior It Hurts

[Rei]

So if your VCs wanted you to torture puppies to death before they'd give you money, would the "chorus of boos" have any effect on your actions?

I assure you that my company, Puppy Waterboards, LLC, does care about your concerns about our patent, "Method and apparatus for puppy euthanasia utilizing superheated corkscrews", and will direct them to the appropriate staff.

There are many ways to get money. Some of them are right, and some of them are wrong. People with consciences know there's a difference.

On a more serious note, you don't even know what my patent is about, and yet you're positive it's "wrong". People with consciences try to find out the facts before they criticize.

Re:Prior Art so Prior It Hurts

[nigelo]

    There is no check digit, so no further math is required to validate it.

Whatever happened to check digits?
Seemed like a good idea to catch typos at source.
What did I miss? Why did they fall out of favour?

Re:Prior Art so Prior It Hurts

Excellent use of the 'Puppies' argument Sir !
Too many times have I seen the poor defenseless puppies being used to protect un-worthy causes.

Re:Prior Art so Prior It Hurts

[Rei]

Indeed, it's all about preventing *commercial* competitors. VCs and angels want to know, "Why should I give you, who have no track record, money to develop and market this product instead of your established competitors who would have a higher chance of success and don't need to build a business from scratch?" It's almost impossible to start a non brick-and-mortar company that requires significant capitalization these days without IP to back it up.

Re:Prior Art so Prior It Hurts

[DrJimbo]

I was using regex's to normalize phone numbers in HTML pages back in 1999.

Re:Prior Art so Prior It Hurts

[Lord+Ender]

Some junior lawyer was told to go try patenting whatever the software guys are doing. He picked this bit up because it did something he understood and could describe in a patent application.

Neither he nor the patent reviewer knew anything about software or had any idea what is obvious to someone skilled in the art. But at least the junior lawyer had something to turn into his boss showing that he is working on something-or-other and should stay on the payroll.

That's how I imagine it, anyway.

Aside: the comment-posting system seems way screwed up right now... I guess that's what I get for agreeing to try the beta version.

Re:Prior Art so Prior It Hurts

[Rei]

They could have 100 trillion in annual revenue, but if by spending that patent money on another quarter programmer's salary they could get more of a return on investment, then it'd still be a stupid decision to pursue the patent.

Re:Prior Art so Prior It Hurts

[Zordak]

Haha, how clever you are. Seriously, I'm stunned at your masterful retort. But here's the problem. The patent office rejecting an application is GREAT for my business. Every time the patent office sends me a rejection, whether it's legitimate and well-reasoned or flat-out crap, the client has to respond. That means I keep getting paid. So it's not like KSR put patent attorneys out of business.

My entire point, which you seemed to have missed, is that this notion that the USPTO rubber stamps patent applications (and especially software patent applications) is absolutely, demonstrably false. Now, that said, yes, it would be great for my clients if the USPTO only issued legitimate rejections. And I wouldn't really mind seeing it either, because maybe then I could help more people get patents. But in the end, even the most craptastic, infuriating rejections aren't harming my personal interests.

Re:Prior Art so Prior It Hurts

[frosty_tsm]

SSNs, first issued in 1936, are well before the current era of wide-spread computing. Back then, check digits were not part of normal data design as every bit counted.

Wikipedia Article

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

They could have 100 trillion in annual revenue, but if by spending that patent money on another quarter programmer's salary they could get more of a return on investment, then it'd still be a stupid decision to pursue the patent.

Says you. Call me crazy but I'm going to think that the management of IBM knows a lot more about what they are doing then some random person on Slashdot on how to run their business for the last 120 years. Secondly, paying $10k to get a patent that can one up your competition is hardly a frivolous expenditure.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

My entire point, which you seemed to have missed, is that this notion that the USPTO rubber stamps patent applications (and especially software patent applications) is absolutely, demonstrably false.

How could I have missed that point if I was asking you why I should care if the USPTO is making it difficult for people to get patents (a.k.a. the opposite of rubber stamping)?

Re:Prior Art so Prior It Hurts

[Zordak]

Aaah. I see my error now. I was responding to your inane publicly-visible post instead of your secret invisible post where you said something insightful. The publicly-visible post just said, "Awww, do you want us to cry because you actually have to work hard to get a patent? Let me call the waaahmbulance for you." Next time, I'll be sure to remotely hack your computer and locate and decrypt "SuperSecretInsightfulPost.html" so I can be sure to respond to all of your brilliant points.

Re:Prior Art so Prior It Hurts

[harryandthehenderson]

No your error seems to be a complete inability to read. How is my comment in any way saying that the patent office rubber stamps applications?

Re:Prior Art so Prior It Hurts

[Chandon+Seldon]

If it gets granted, how much lawyer time will it take to get overturned later?

This is a setup for a denial of service attack on the budgets / legal resources of smaller companies in future legal engagements.

Re:Prior Art so Prior It Hurts

Are we suddenly shocked to discover one line of code can be patented when a whole mess of code can be patented?

No. I'm suddenly shocked to discover anyone bothering to no force users to enter an SSN or credit number exactly THEIR way - as one long number without spaces or dashes - even though that's not how it appears on the card.

I also have a gripe with apps that expect you you enter expiration dates with a month NAME when the card has it displayed as a number.

It's not all that much effort to match the Real World. As far as I'm concerned, anyone who can't take the time to make it is just lazy/sloppy.

Re:Prior Art so Prior It Hurts

[nigelo]

Hm, I seem to recollect calculating and verifying fields with check digits in the 70s, regardless of the expense of the bits (bit expensive?), but I haven't seen it for years.

Your argument would seem to imply that we should be seeing it more often...

Ah! The power of the wiki:

http://en.wikipedia.org/wiki/Check_digit

Re:Prior Art so Prior It Hurts

[sunking2]

They pay them a salary. And this whole thing is probably busy work to keep them from surfing porn in their down time. Or they consider it a training exercise.

Re:Prior Art so Prior It Hurts

[Ninja+Programmer]

The initial rejections are just a smoke screen. The USPTO just does that to try to disincentivise appliers from doing "blanket patents". They are forced to come back and justify the patent a second time, which costs lawyer money, which the applying corporation (rarely is it a person) will have to consider before they try to push through their patent.

But in the end, as long as the applying company has the money (like IBM) and people willing to explain the spin on their patent, the USPTO is basically powerless to stop them. The USPTO does not hire talented people who can actually assess patents and understand what is obvious and what is not (such people would rather be working for a start-up or a big corporation or whatever). I know this because of the questions on the patent I applied for as principle (and got). They asked the wrong questions -- where I was being innovative they challenged me on prior art (clearly not the case) rather than obviousness.

Nothing changes the fact that the USPTO is in way over their heads. All because they allow software patents in the first place, and there are too many cynical software engineers trying to get their little bonus incentive to file the patent and throw it on their resume. (I should know, that's what I did.)

Re:Prior Art so Prior It Hurts

[Rene+S.+Hollan]

No kidding.

How is this not "obvious to one practiced in the art"?

Re:Prior Art so Prior It Hurts

I am an IBM middle manager you insensitive clod!

Re:Prior Art so Prior It Hurts

[_Swank]

really, i'm not trying to defend IBM here, but you realize that the prior art you list at regexlib.com fails *Claim 1* of the actual patent application don't you?

the patent claims that the specific character(s) that breaks the regex is flagged. which the method at regexlib.com (as well as your other examples) does not do.

you recognized that the patent also claims real-time checking, but passed that off as trivial. but if either or both of these differences are really trivial where are all the examples of this being done?

Re:Prior Art so Prior It Hurts

[burnin1965]

Those guys have gone absolutely freakin' nuts with KSR.

Or it could be they are one step closer to sanity. If you trace the history of software patents back to the 1960s you'll notice that there has been a continual battle by lawyers representing corporations to make it possible to patent the abstract idea that software implements rather than the software itself. They were not happy with the copyright protection that protects the software, they wanted to thwart the advancement of science and art to benefit their bottom line, the exact opposite of the intent and purpose of
Article I, Section 8, Clause 8 of the United States Constitution. To make patents sane again the idiocy of software patents needs to be outlawed completely.

They just mechanically reject everything as obvious if they can find the pieces in any prior art, regardless of whether it was obvious to put them together (and for those who think this is a good thing, the result of this line is there's no such thing as an invention, because everybody builds on what's already there).

How can you get it but not get it. LOL

Care to provide some evidence to backup your claim that the USPTO went through all the work to find the prior art and research your invention only to fall short on the analysis and do a knee jerk rejection?

And if somebody builds on what's already there its not an invention, thats called innovation. Patents can cover innovations, the abstract concept from which your software was derived is not an innovation.

And one last request, could you direct us to a single software patent that comes even close to the scientific advancement that would be necessary to develop an FTL drive? One click and regex expressions are hardly an advancement on the same level as pretty much any space propulsion system.

Re:Prior Art so Prior It Hurts

[ShinmaWa]

but if either or both of these differences are really trivial where are all the examples of this being done?

Exactly! I read the patent application pretty thoroughly. Not only have I never seen what was actually being described done (certainly not done in any generalized works-with-any-regexp kind of way), but the idea behind it would require an interesting variant of regexp that examines not the full pattern, but POTENTIAL patterns. That is, "this string doesn't match this regexp... YET. But it might in the future -or- it never will and here's why." That doesn't seem too trivial to me.

Re:Prior Art so Prior It Hurts

When I was born, there was no requirement to get a SSN issued immediately, and my family moved when I was 5, so my SSN was issued by the second state.

There still is no requirement.

Re:Prior Art so Prior It Hurts

[HiThere]

You WERE explicit that it was a software patent.

I, personally, don't believe that it should be legal to use both copyright and patent to protect the same code. I consider doing so unethical. And I believe that it should be illegal. After you've released your code under an MIT or BSD (no attribution required) license, THEN I will consider that it might be ethical for you to have a patent. Until then, there is a prima facia case against it on ethical grounds. (Not, unfortunately, legal.)

Re:Prior Art so Prior It Hurts

[Rei]

And this whole thing is probably busy work to keep them from surfing porn in their down time.

Which is exactly what I was suggesting when I wrote, "Perhaps their legal department didn't have enough work to do but they didn't want to cut staff."

Re:Prior Art so Prior It Hurts

[HiThere]

You are forgetting that IBM has the necessary lawyers on the payroll, so it doesn't need to pay those retainers. They're already on salary.

Re:Prior Art so Prior It Hurts

[JWSmythe]

    You'll find it amazingly difficult to do much these days without one though.

    When my daughter was born 2 years ago, I've been surprised how many times I've needed her SSN.

   

Re:Prior Art so Prior It Hurts

The problem here is that 'IBM' didn't decide to file a patent. 4 developers, who each get a cash bonus for each patent they file, another bonus if it's granted, and extra bonuses for each 'plateau' they reach decided to file for a patent. An IBM patent lawyer, who is not a programmer and who has a quarterly quota of patent applications to fill, decided to approve the filing, and straight to Slashdot it goes.

So 'IBM' doesn't file stupid patents, it just created a set of rules that encourage its employees to patent anything laying around that's not breathing, and backs its lawyers into a corner at the end of each quarter where they will search the recycling bins for any scrap of paper they can wrap a boilerplate patent application around.

As a side note, the costs come down when you are a big firm that files so many patents it has an in-house staff of patent lawyers.

Re:Prior Art so Prior It Hurts

[CodeBuster]

The amazing part is that IBM is wasting this kind of money applying for a patent that has no chance of standing up in court

That is not the point. It would cost a tremendous amount of time and money to go to court, even if you would eventually win, which creates additional barriers of entry against competitors of IBM and adds to their portfolio of defensive patents. Remember that almost all patents these days are taken out for defensive purposes to fend off attacks by patent trolls and their enterprising attorneys, not to actually protect a new idea or innovation. The patent system is broken and backwards, but IBM is just playing the game. If you don't like the rules (and they are indeed stupid when it comes to software patents) then blame the government and the lawyers.

Re:Prior Art so Prior It Hurts

[huckamania]

"but the idea behind it would require an interesting variant of regexp that examines not the full pattern, but POTENTIAL patterns"

Even if it was a single regexp, which the patent doesn't indicate, it would be trivial to put it into a tree structure. After that, evaluating the regexp for POTENTIAL patterns should be a piece of cake. You could even identify exactly which part or parts of the regexp fail or pass. You could then label those pieces and put little hints like "That area code only has 2 digits". This is beyond trivial, its the whole freaking point of using regexp.

What exactly is the innovation here? Using tools as their creators intended them to be used, like javascript and regex? Every day, all over the world, there are coders solving software problems JUST LIKE THIS ONE. I can live with copyright, to a point, but software patents are evil.

The only funny thing about this story is that it took a team of 4 at IBM to figure this out.

Re:Prior Art so Prior It Hurts

[jonbryce]

We have National Insurance numbers here which do pretty much the same thing. I guess you have to check that it is two letters which are not "TN" followed by 6 numbers, followed by the letter A, B, C or D.

Re:Prior Art so Prior It Hurts

[lannocc]

I was doing the same thing in 2001 for my job. And I wrote a document about doing it too! I'm sure there are plenty of others before me...

Re:Prior Art so Prior It Hurts

[Toonol]

Good?

Re:Prior Art so Prior It Hurts

[Zordak]

Your bias is showing.

Says the guy with the .sig "The patent system. The whole edifice is based on handwaving."

You're right about one thing. A patent != invention. A patent is an exclusive property right in an invention. But I'm not sure what that has to do with anything. I am not "assuming" that they are the same thing. I am well aware of how they are related. For example, the title of 35 U.S.C. s. 101 is "Inventions Patentable." The text is "Whosoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title." A patentable invention is one that is novel (see s. 102), non-obvious (see s. 103) and useful (from s. 101).

Now, as for your patent search, the fact that a patent has the word "software" somewhere does not make it a "software patent." Most patents will mention software somewhere if they have anything to do with technology. And since I doubt you have read and analyzed all those claims, your blanket statement that most of them are obvious looks a lot like "handwaving." If you were just going off of the titles, you need to learn how patents work. It's fine to think the system is broken, but understand it before you complain about it. Here's a pretty good primer one of our partners wrote. You ought to read it, even if you think you understand patents (he made me read it when I started, despite the fact that I was already a registered patent agent, and I learned some things). Remember, if you're going to go crusading, you should at least know what you're fighting against.

Re:Prior Art so Prior It Hurts

[Zordak]

If you trace the history of software patents

This is the trap lots of people fall into when discussing software patents. They see obvious software patents and use those as an argument against all software patents. I have seen reasonable and logical arguments both for and against software patents as a class. But obviousness is not one of them. KSR was not about software patents. It was about a brake pedal. The point of KSR was to strengthen the obviousness standard overall. I happen to agree with the conclusion (and that's certainly not herd mentality---most patent attorneys are very critical of KSR). But it has no bearing on whether software is patentable subject matter. If you think software patents should be categorically prohibited, you can have that opinion. Just find a different reason. On the other hand, if your problem with Amazon 1-click is that it was obvious, then your problem is with section 103, not section 101.

Care to provide some evidence to backup your claim that the USPTO went through all the work to find the prior art and research your invention only to fall short on the analysis and do a knee jerk rejection?

Ah, young grasshopper, if only you knew. I see lazy, sloppy rejections on an almost daily basis. But no, you're not going to see me specifically criticize a sitting examiner on a public message board. I'll complain about the way the place is run, but the examiner I criticize today may be the one I have to ask for a notice of allowance tomorrow (to any examiner who may be reading this: you, obviously, are one of those diamonds in the rough who issues only clear, well-reasoned office actions). And to be fair, if you ask an examiner, he'll probably tell you that he sees lazy, sloppy responses from attorneys on an almost daily basis.

The real problem is the fact that the examiners are evaluated on a stupid "count" system that encourages them to breeze through an office action without taking the time to understand the application or the prior art. So he reads the claims, pulls out a couple of key words, searches his patent database, finds a couple of references that look promising, and shoots off a quick 103 (obviousness) rejection. And then he ticks one off his list and breathes a sigh of relief, because the application is somebody else's problem now. Ironically, this system of over-burdened examiners is just as bad for those who aren't a fan of patents. With so little time, it's hard for the examiner to find and understand the best art. So he just tosses out whatever looks good and leaves it on the attorney to convince him. This means that often the examiner and the attorney are arguing about junk that doesn't even matter, while real, relevant art is sitting out there unexamined. Believe me, I would LOVE it if I could count on the examiners to understand what's going on with the application and find the very best art. That would mean that whatever claims got allowed would be very nearly bullet-proof in court.

Re:Prior Art so Prior It Hurts

[Zordak]

One last thing...

And if somebody builds on what's already there its not an invention, thats called innovation

Title 35 of the United States code disagrees with you. If it's new, non-obvious, and useful, it's a patentable invention.

Re:Prior Art so Prior It Hurts

[SL+Baur]

the idea behind it would require an interesting variant of regexp that examines not the full pattern, but POTENTIAL patterns. That is, "this string doesn't match this regexp... YET. But it might in the future -or- it never will and here's why." That doesn't seem too trivial to me.

And throw localization into the mix. No, it's not trivial, but ...

It sounds as if they are describing similar technology to the emacs command `isearch-forward-regexp' and related functions. That's where I would start looking for prior art.

Ob xkcd: http://xkcd.com/378/

Re:Prior Art so Prior It Hurts

[Hurricane78]

Wanna know what both states -- rejecting everything without really checking and accepting everything without really checking -- have in common?

Lazyness.

Re:Prior Art so Prior It Hurts

[Daniel+Dvorkin]

On a serious note, you stated that you were applying for a software patent. That information, in and of itself, is enough to tell me that what you are doing is wrong. My "torturing puppies" example may have been melodramatic, but there's a reason I chose it: certain things are always wrong, and there is no benefit which can possibly be gained from them sufficient to make them right. Torturing puppies is one of those things, and patenting software is another. Your flippant comment about the "chorus of boos" indicates that not only don't you understand this, you don't even understand that there are other people who do understand it. Maybe you should try.

Re:Prior Art so Prior It Hurts

I can assure you that the lawyer knows plenty about the software he was trying to patent. Patent attorneys are engineers or scientists. The more successful among them were also very successful as engineers or scientists, and probably know more about "what is obvious to someone skilled in the art" than most people here.

Unfortunately, it doesn't go both ways, as you clearly have no idea how the law operates. I would suggest you stop picking on the hybrid lawyer-engineers who not only know their own craft far better than you could possibly understand, but probably know your craft better than you do too.

Re:Prior Art so Prior It Hurts

[Charles+Dodgeson]

None of our forms solicited NI numbers, at least while I was there. We were mostly checking phone numbers and email addresses.

While living in the UK, the only NI numbers I saw were my own and my wife's, so never even bothered to speculate about what the pattern was. Is there a check digit in them? That would be interesting to write an RE for.

Re:Prior Art so Prior It Hurts

Nobody thinks that it did. Missing the point is different from getting it wrong. You didn't get it wrong; you missed it. You're still missing it. You will likely continue to miss it, so for the sake of your karma and my time (and here I speak for everyone), please just let it go.

Re:Prior Art so Prior It Hurts

[YenTheFirst]

What if the puppies know the location of the nukes? Jack Bauer says: "We don't have time for this!"

Re:Prior Art so Prior It Hurts

[jonbryce]

The last letter is the check digit, but I don't think there is any published details about how it works.

Re:Prior Art so Prior It Hurts

[_Swank]

software patents being evil is a general argument against this that i can buy.

but the argument that "Every day, all over the world, there are coders solving software problems JUST LIKE THIS ONE"? no. i can't buy that. i've never seen this done before and, as far as i can tell, no one posting can show that something JUST LIKE THIS ONE has already been done.

and since this would clearly be useful (nearly every html form on the web could benefit from real-time validation not to mention proper error identification) if it was actually "beyond trivial" why hasn't it been done. according to you there's little cost involved and, i'd argue, sizeable benefit to this feature.

and if everyone could realize that IBM's claims indicate that this is a *general* solution and is not specific to ridiculously simple regexps like SSNs or phone numbers then maybe it'll be easier to see that it is absolutely not as trivial as everybody here wants to claim.

Re:Prior Art so Prior It Hurts

[Lord+Ender]

Did you just claim that someone who spends most of his time dealing with law is likely to know more about software development than someone who spends most of his time developing software?

Troll somewhere else, fool.

Re:Prior Art so Prior It Hurts

ok, and what does this have to do with regular expressions?

Re:Prior Art so Prior It Hurts

[JWSmythe]

    It's all the information. You could write a regular expression based on it. It'll be kinda long though. :) I'd do it with a database and Perl or PHP myself, but that's just me.

Re:Prior Art so Prior It Hurts

[Gr8Apes]

Not to mention you cannot claim a child as a dependent without an SSN.

Re:Prior Art so Prior It Hurts

[cas2000]

You're right about one thing. A patent != invention. A patent is an exclusive property right in an invention.

correction: "A patent gives some short-term extremely limited monopoly rights over an invention".

a patent does not make an invention "property", it merely grants some exclusive rights over the invention to the inventor for a period of time.

Re:Prior Art so Prior It Hurts

[Zordak]

Sorry, I'm going to have to disagree with you. 35 U.S.C. s. 261, "[P]atents shall have the attributes of personal property." There are some differences. For example, you generally have the right to "possess" your property, whereas a patent does not give you the right to practice the claimed invention---just the right to exclude others from practicing it. But subject to a few exclusions, yes, a patent is in fact a property right.

Re:Prior Art so Prior It Hurts

[cas2000]

sorry, you have a property right in the patent grant (in that you can possess it, trade it, use it as collateral, etc). you do NOT have a property right in the invention itself. that is a subtle but crucial difference.

and, BTW, "35 U.S.C. s. 261" only applies in a small part of the world.

Re:Prior Art so Prior It Hurts

[Zordak]

sorry, you have a property right in the patent grant (in that you can possess it, trade it, use it as collateral, etc). you do NOT have a property right in the invention itself. that is a subtle but crucial difference.

Your patent rights do not begin and end with the little ribboned booklet the USPTO sends you. That by itself is worth a couple of bucks at best. You have a property right in the claimed invention. That is exactly what the patent grant you speak of is. In fact, patent claims are often analogized to the "meets and bounds" portion of a real property title. You are saying, "Here is where you may not trespass."

What the patent law doesn't do is grant you a property right in any embodiment of the claimed invention. For example, if I have a patent on a pencil, that does not give me a property right in all the pencils in the United States, or any of them at all. In fact, my patented pencil may be an improvement on a previously-patented part of the pencil, in which case I have no right to make pencils. The patent gives me a right to exclude others from making pencils, and to get damages if they do make them. Perhaps this is what you're talking about.

And yes, you're right, Title 35 only applies in the U.S. But two things. One, since this is a story about a U.S. Patent application, I'd say it's pretty relevant. Two, I'd like to see any patent law in the world that doesn't use the same basic theory that you have property rights in the claims. I've done a fair number of PCTs, and I haven't seen a country that doesn't operate on this basic premise.

Re:Prior Art so Prior It Hurts

[cas2000]

i don't know why you think there can be a property right in an invention when patents are quite explicitly NOT property rights.

they are short-term government granted limited monopolies over specific actions which can be done with or to or by an invention. actions such as "build" or "implement".

i'll try rephrasing my original point again: the patent grant itself can be property (in that you can possess it, sell it, transfer it to another, etc). the thing being patented, the invention or the idea, is not property and never can be because "property" is an impossible attribute for an idea or invention to have.

this just highlights the truth behind Stallman's point that the phrase "Intellectual Property" is a bogus propaganda term designed to make you think about patents, copyrights, and trademarks in terms of property, in the *same* ways that you think about things that actually are property. it also highlights that it is a very effective propaganda term, that is insidiously influential in manipulating how people think about such things. even people who should know better.

Re:Prior Art so Prior It Hurts

[huckamania]

I don't think you are a coder or at least not a very good one.

The people who designed and implemented javascript and regexp have provided the framework to solve an innumerable number of problems. The first person to do so should not get a patent for being first. They should not get anything except basic copyright that says the second person can't just copy their code.

If it turns out that IBM has created SUPER-javascript and STUPENDOUS-regexp, then they should get a patent for that because they invented SUPER-javascript and STUPENDOUS-regexp. I can still use javascript and regexp to do exactly the same thing, even though you've never seen a form validate the input on the client, and they can do whatever they want with their new libraries.

Re:Prior Art so Prior It Hurts

[Zordak]

this just highlights the truth behind Stallman's point that the phrase "Intellectual Property" is a bogus propaganda term designed to make you think about patents, copyrights, and trademarks in terms of property, in the *same* ways that you think about things that actually are property.

Ok, I see what's going on. You've been listening to Richard Stallman. That would be enough to throw Donald Chisum into fits of confusion about patents.

Here's the problem. Stallman understands IP law, and he knows what it means to "own" something, but he counts on others to not understand, so he spews rhetoric about how everything should be liberated and counts on you to believe him because he's smart and it sounds good. But think about it. What does it mean to "own" something? My wife and I own a home, and the property it sits on. What does that mean? What does it mean when I say I "own" my car, or a computer?

It means the government recognizes a "bundle of rights" that the law attaches to that thing and will help me enforce those rights. For example, if I "own" real property, I have the right to inhabit that property, and to exclude others from it. I have the right to modify it, and to exploit its resources for gain as I see fit. I have the right to transfer ownership, or encumber the property with a lien or security interest. "Ownership" is nothing more than a list of things that the government permits me to do and/or prohibit others from doing with the property, whatever it is.

Now, if I "own" an invention (or more precisely, a set of claims that define the meets and bounds of my invention), I have the right to transfer the invention, to prohibit others from making, using, selling, or importing it, to encumber it with a security interest, etc. etc. The patent law does not grant me the right to practice my invention, but everybody has the right to practice an invention absent an exception like a patent. So I may naturally have the right to practice my invention, and by virtue of my right to exclude others, may in fact have the exclusive right to practice. A patent is very strongly analogous to a big "No Trespassing" sign on a piece of land with a line drawn around the property line.

So whatever Richard Stallman wants you to believe, the law can and does treat intellectual property very much like any other property. The bundle of rights that attaches to IP is very similar to the bundle of rights that attaches to personal property and the bundle of rights that attaches to real property. The real issue is that Richard Stallman wishes it were not so. He wants a world where intellectual property cannot be owned, so his propoganda is to speak as though the concept itself is inaccurate, when in fact he just doesn't like it.

Re:Prior Art so Prior It Hurts

[cas2000]

Actually, i came to my own conclusions about so-called "intellectual property" long before I read Stallman's ideas about it, triggered by my concerns about corporations claiming to "own" certain words and phrases, the perpetual evergreening of pharma patents, corporate attempts to patent DNA and other factual discoveries about the world, and finally by the issue of software patents. He just expresses it quite clearly.

Stallman isn't trying to redefine what copyrights, patents, trademarks mean - he's one of the people at the forefront of the resistance to corporations trying to redefine what these things mean so that they can lock up all intellectual output - including words, ideas, expressions of ideas, inventions, even specific colours and the languages that we speak and write - as their perpetual exclusive property.

They've been pushing this agenda for decades. And one of their most successful projects was the creation of the meme of "intellectual property". it helps to keep the general public placid and quiet while they lobby governments around the world to steal the intellectual commons from under our noses.

Re:Prior Art so Prior It Hurts

[_Swank]

> I don't think you are a coder or at least not a very good one.

Fair enough, though I have no idea what you base that on.

However, I am either misunderstanding what you're saying or you're completely contradictory.

You argument appears to say:

1. Javascript and regexp are general purpose and anything you can do with them should not be patentable even if you're the first to do so.
2. If IBM created their own modified javascript and modified regexp, then they should be able to get a patent for that because they're 'new'.

There's a couple things about that that bother me, particularly the logical inconsistency of the 2 rules: Suppose IBM created their modified javascript and modified regexp using regular javascript and regexp? Well, it satisfies #2, and fails #1, so can they patent it or not?

What bullshit?

[Pig+Hogger]

What is this buillshit? "A persistent problem is dashes in SSNs"???

How fucking hard is it to strip non-numeric characters from a string?

I cannot believe there could be such programmer incompetence; no, it has to be some managerial cluelessness and hard-headness.

Re:What bullshit?

[mckinleyn]

Clearly, I don't understand this article, because there is no way in HELL they just said that. That would be retarded, to say the least.

Re:What bullshit?

[mckinleyn]

A persistent problem that plagues Web programmers is the proper formatting of data into text fields. Fixed that for you, IBM.

Re:What bullshit?

[fizzup]

Maybe if we put it in a format IBM can understand:

SOCIAL-SECURITY-NUMBER PIC 99-999-9999

Re:What bullshit?

[Tablizer]

How...hard is it to strip non-numeric characters from a string [SSN]? I cannot believe there could be such programmer incompetence;

I once worked on software for a campus e-store for a large university. The credit-card input didn't accept spaces. I find it difficult to visually check credit card numbers without spaces. Unfortunately, I had no control to fix that particular issue. A real head-slapper.

That being said, the idea of character "input templates" is quite old. These templates are kind of like regular expressions, but more domain-specific. COBOL had them for quite a long time (but not necessarily in UI's), and "xBase" (dBASE and clones) had templates since the early 80's. They not only validated the info, but also provided a visual template. For example, the dashes in SSN would automatically appear on screen and data input would just flow around them automatically, using something like "XXX-XX-XXXX". Same with slashes in dates and decimal points. The existence of the slashes or decimal point also clued the typist in on the type of data expected for a given field. (Special type indicators told the interpreter if something was a date, something like "@D mm/dd/yyy".)

They simplified a lot of UI code and validation. '''Very practical''' for biz forms. The only downsides I remember was that the character mapping was not customizable, and international adaptations had to be done by the app; but I'm sure such is technically possible to add. After all, we are not stuck with the 64k limit of 8-bit systems anymore. (I just hope that 640k is enough :-)

Thus, if one wants to get around IBM's patent, then just resurrect xBase's template technique, with a few modernization tweaks. xBase lost claim to being proprietary anyhow in a lawsuit that revealed that the language originated from a non-license-protected gov't project.
 

Re:What bullshit?

[Jurily]

How fucking hard is it to strip non-numeric characters from a string?

So you're suggesting we write one for loop with one switch statement in it, instead of a complete general-purpose parser library and a syntax that makes programmers a bad name? Now what's the fun in that?

Re:What bullshit?

[obarel]

How can you not believe programmer incompetence?

I still see the old "1 object(s) processed" (in multiple forms, of course). How hard can it be?

"%d object%s processed", num, num == 1 ? "" : "s"

I even see the odd "1 objects processed" every now and again. How hard can it be?!

I see these things on the PS3 and my blood boils - with the price of the hardware and the games, how can they justify this incompetence? How can a usability tester pass this "object(s)" non-word? Do they also talk like that? "I take two bus or buses to get to work".

Re:What bullshit?

[SQLGuru]

I'd say this was funny, but you got the format wrong.....999-99-9999

Re:What bullshit?

[TheRaven64]

Sorry, your post was in ASCII, so we couldn't understand it. Could you try resubmitting it in EBCDIC please?

Thanks,
IBM

Re:What bullshit?

[TheRaven64]

Your solution will break the code horribly when you try to localise it. Because plural nouns also require agreement from other words in the sentence, you really need to localise both "%d objects processed" and "One object processed", then select the correct one. You've now added work for your translation team, as well as complicating your code. Was it worth it?

Re:What bullshit?

[jefu]

How fucking hard is it to strip non-numeric characters from a string?

It must be incredibly difficult or you'd have web sites that could actually manage to take a credit card number with dashes in it, or a phone number with slightly different formats. But since the incredibly brilliant software types that wrote the system couldn't figure out how to manage it (see how hard a problem it is), users are required to type in long numeric strings and then verify them without the visual cues of spaces or dashes. Betcha they saved a couple of bucks in development costs though.

Re:What bullshit?

[jefu]

They not only validated the info, but also provided a visual template

My bank requires that account numbers for their pay-online system are entered in exactly the right format for the system they're talking to. So, they put the format (with no help text, of course, on the top of the page so you can refer to it handily). Why they can't prefill the text area with the format, or put the format immediately above the text area I don't understand. Even better would be a javascript engine that would prefix the text area and check the digits/letters as they get entered. Then the dashes and spaces some formats use could be automagically skipped over - not like there's much point in requiring the user to enter them is there?

I suppose I should just be grateful that I can do payments online and grateful too that they don't just make me guess at the right format.

Re:What bullshit?

[idontgno]

Exactly.

Being mostly a Perl hacker now, I'm as guilty as most in trying to find the perfect regex solution to a blindingly simple problem. It's seductive, it's cool, it's mystical, it's insider cant and sacred dweomer and secret handshake all rolled together.

I have, posted on my cube wall, a particularly good quote from Jamie Zawinski:

Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems.

Re:What bullshit?

[obarel]

Absolutely worth it.

Have you ever seen any of the following:
"You have two ox(en) and six child(ren)"?
"You have two ox(s) and six child(s)"?
"You have 2 ox and 6 child"?

Why should "2 object(s)" pass as English?

Maybe I'm wrong then, and it *is* "some managerial cluelessness and hard-headness".

Programming is a hassle, isn't it? So many things can go wrong... I still think that a proper output string is probably the easiest part of any program.

Re:What bullshit?

[HiThere]

You forgot PL/I. Remember, IBM's favorite language. (It wasn't that bad, but much to complex for the time. Simpler than C++ though.) It, also, had pic formats. It borrowed them from COBOL.

Re:What bullshit?

[Tired+and+Emotional]

That's an editing picture. My COBOL is very rusty but I don't think you can pull just the digits out of it:

        77 SOCIAL-SECURITY-NUMBER PIC 999-99-9999.
        77 NUMERIC-SOCIAL PIC 999999999 COMP-3. ....

          MOVE SOCIAL-SECURITY-NUMBER TO NUMERIC-SOCIAL.

IIRC, this does not work.

(the patent app is still crap though)

Re:What bullshit?

[Tablizer]

You forgot PL/I...It borrowed them from COBOL.

But PL/I is not a user-interface language as far as I'm aware. Interactivity is why I mentioned dBASE: it formats and checks completely interactively. If you specify digits only, you cannot type an alpha character, for example. (As I remember it, it beeped when you tried, at least by default.) And it can automatically insert (and pre-display) dashes into say a social-security number (and I think remove them internally if you specify such). It was pretty handy. There may be other screen-builder tools that also did that on or before the same time, but I only directly remember dBASE's version of it.

Web forms leave out lots of stuff that we took for granted in the 80's and 90's, such as (decent) data edit grids, input format templates (above), combo-boxes, right-click menus, etc. We took a big UI step backward for platform-neutral web-based biz forms.
     

Re:What bullshit?

[Joe+Mucchiello]

Ahhh, PL/1. Most but not quite all the power of COBOL and FORTRAN...... Combined!!

Re:What bullshit?

[LaskoVortex]

How fucking hard is it to strip non-numeric characters from a string?

Notice how you never got an answer to your question? It's that hard.

What. The. Fuck.

[Glendale2x]

Are you fucking kidding me? Did they just really patent the format "###-##-####"? I didn't RTFA because I didn't want my head to explode.

Re:What. The. Fuck.

[EricWright]

I think they're trying to patent the regex /\d{3}-?\d{2}-?\d{4}/. ...Waits for the patent infringement lawsuit...

Re:What. The. Fuck.

[Glendale2x]

That's what I thought. If that's true I'd better go file my patent for email address validation and sue the internet for infringement.

psst... hey buddy!

^\d{3}-\d{2}-\d{4}$

ahh thats right baby, patent infringement!
I live on the edge...

Re:psst... hey buddy!

[dzfoo]

You mean:

^\d{3}[ .-]?\d{2}[ .-]?\d{4}$

Re:psst... hey buddy!

You mean:

^\d{3}[ .-]?\d{2}[ .-]?\d{4}$

Actually, that's not even close, nor is it generic.

Cuff me...

[EkriirkE]

^\d{3}-\d{2}-\d{4}$

Re:Cuff me...

[ShadowRangerRIT]

Sorry, you forgot to put question marks after the hyphens. Obviously, you'll need to license IBM's patent, because that additional tweak makes it a non-obvious invention.

Re:Cuff me...

[EkriirkE]

Err, after RTFA, I suppose this is more on topic:

<input name=ssn id=ssn onblur="if (!this.value.match(/^\d{3}-\d{2}-\d{4}$/)) {alert('Invalid SSN, blah blah NNN-NN-NNNN.');this.focus();}" />

Re:Cuff me...

[PitaBred]

000-00-000

Success!

Re:Cuff me...

[ShinmaWa]

Seems like you need to read more. You completely missed the point of the patent. The idea is not to validate a field against a regexp. That's easy. This patent will check to see if a partial string will EVER be able to match a regexp and if not indicate what prevents it. (See line 0007 of the application).

Let's take email addresses:
These will validate DURING typing:
cmdr_ta
cmdr_taco
cmdr_taco@sla
cmdr_taco@slashdot

This will fail DURING typing:
cmdr_taco@slashdot,

In addition, the "," will be highlighted as preventing the regular expression from ever being able to match. (Line 0009)

I, personally, have never seen that on any web form with anything complex, like an email address. Sure, I've seen it on very simple things like "number only" fields and I see full-field checks all the time. Even your code is a full-field check, which has the added ugliness of failing while typing in something valid.

I don't know if this is patentable or if there is prior art (even if I've personally never seen it as described in this patent), but its not what you present it to be.

Re:Cuff me...

[Plunky]

This will fail DURING typing:
cmdr_taco@slashdot,

Well now, this kind of enterprisey javascript that loops through an extensive regex on EVERY KEYPRESS causing massive keylag is just what is irritating as hell about web 2.0 sites and I for one don't care if they patent it or not because I don't want to use their site if they want to do it that way.

and btw, get off my lawn!

Re:Cuff me...

[DamnStupidElf]

It's pretty simple to implement if you have access to the DFA for the regular expression by just adding a transition to an empty accepting state when the end-of-string symbol is encountered in any existing state, and returning the position in the string at which the match fails. This would be hard to do in general by re-using an existing regular expression engine, unless it allows manipulation of the DFA state machine and returns the character position that caused a potential string to fail to match, since it would basically involve building the DFA from the regular expression, modifying it, and then translating it back into a regular expression that could be passed to the engine. PCRE supports partial matches and can return the partially matched string in some circumstances, which would allow one to find the problem character by chopping characters off the end of the string until a partial match occurs.

See this post about the problem that at least predates the patent by a few years. Unfortunately, no one mentions how to solve the problem in the regexp library.

The IBM patent includes some other features such as ignoring invalid characters in an input string and continuing to match the remaining characters. This could be accomplished by further modifying the regular expression engine to not return failure when there is no transition from a state for a particular character in the trial string, but to merely flag the character as invalid and remain in the same state and trying the next character in the string. The return value for such a function could just be a array of boolean flags for each character in the trial string identifying it as valid or invalid.

Overall, it looks like a novel use of DFAs for user interface feedback. Still, not something I'd consider worthy of a patent.

Re:Cuff me...

[ShinmaWa]

Overall, it looks like a novel use of DFAs for user interface feedback. Still, not something I'd consider worthy of a patent.

Isn't novelty the primary indicator of something worthy of a patent?

As a programmer at a federal agency that uses Perl

[i_want_you_to_throw_]

this is bullshit.

We parse SSNs all day long. I think WE may have prior art.

Look, it's easy

[riceboy50]

/^\d{3}-?\d{2}-?\d{4}$/g
How is that a persistent problem?

Re:Look, it's easy

[Culture20]

/^\d{3}-?\d{2}-?\d{4}$/g
How is that a persistent problem?

They're using the meatspace definition, not the computer science definition. People are always getting confused, and web developers are almost always forgetting that people get confused. ergo, persistent problem.

What if we assume they *are* on our side?

I see lots of comments coming up about how ridiculous this is. Maybe that's the point. Maybe the best way to bring out patent reform to to patent every simple thing there is. You have to remember that IBM is paying to patent something as simple as:

s/(^[0-9])+//g

which most certainly has prior art all over the web. Why would it be worth IBMs money and time to do such a thing? The best reason I can come up with is that they want to prove a point. There's probably quite a bit an open-source firm can gain by causing a collapse of the software patent system, and this may be the best way to do it.

Re:What if we assume they *are* on our side?

[Darkness404]

Sure, but IBM has a lot of money to lobby congress with, that would allow for more rapid reform rather then applying for prior art patents.

Re:What if we assume they *are* on our side?

[Attila+Dimedici]

The problem is that software patents are the result of court rulings, not the result of intentional law changes (I'm not sure if there was a law change that led to the court ruling or not--but my impression is not).

Re:What if we assume they *are* on our side?

[Darkness404]

But congress has the power to invalidate software patents because the patent system was created by congress.

Re:What if we assume they *are* on our side?

[Rary]

Penn Jillette got a patent on masturbating in a hot tub in 1999. A patent lawyer's kid got a patent on swinging sideways on a swing in 2002. If neither of these made enough of a point to bring about any patent reform, how will this?

Re:What if we assume they *are* on our side?

I guess you mean:

s/[^0-9]//g; # remove all non digits

Re:What if we assume they *are* on our side?

[ConceptJunkie]

But congress has the power to invalidate software patents because the patent system was created by congress.

Yes, but for that to happen, Congress would have to do something other than posture, and that's "above their pay grade."

Everything Congress does is solely for appearance's sake. Any actual consequences of their actions are completely unpredictable.

Re:What if we assume they *are* on our side?

[Intron]

The US patent system was created by the Constitution.

Re:What if we assume they *are* on our side?

[Darkness404]

Incorrect, the constitution states "To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;" under section 8 which the first part is "The Congress shall have power To": so no, it wasn't created by the constitution it merely allowed congress to, if they felt it necessary to create copyright/patent systems.

How is that an issue?

[aardwolf64]

How is it an "issue" that SSNs can be entered with or without dashes? Just strip the dashes in post-processing, then add them back if you absolutely have to have them...

Even bigger problem

[ausekilis]

You say people put in an SSN without dashes when your website requests them?

put a damned example on your site, like this: nnn-nn-nnnn

Re:Even bigger problem

[Shakrai]

put a damned example on your site, like this: nnn-nn-nnnn

You can put as many examples on your site as you want but your users will still find a way to fuck it up. You need code that checks for this and either corrects their stupidity or kicks it back and makes them re-enter it.

Re:Even bigger problem

And this user-fuckup-correction/detection code is trivial to write, and should not be patentable, it's written hundreds/thousands of times each year by websites across the world, for similar situations.

For SSNs on the server side you would strip non-digits and check if the length is correct (is there a check digit that can also be used to verify the number?).

On the client side you can have some javascript doing the checking as well (just to save a trip to the server). If you have the javascript running every time a change is made to the field, then you can enforce some restrictions on data entry - e.g., removing alpha characters as they are typed and only allowing digits, spaces and dashes.

Re:Even bigger problem

...kicks it back and makes them re-enter it.

They'll STILL fuck it up. (voice of experience.)

Real time is the key claim

[wiredlogic]

The first claim mentions the real time nature of the validation. The example regexes are for validating a completed string. This is still silly and obvious but you may have a harder time finding specific prior art for this case.

Re:Real time is the key claim

[Fallen+Seraph]

It's called "Javascript validation" and can also be found everywhere

Re:Real time is the key claim

[zoips]

It seems to me the only thing unique about their patent is not the supposed real-time nature of it (people have been using onchange to ensure valid input in fields for years), but rather the uniquely Dojo (and only because everyone stopped doing it years ago) abomination of putting invalid attributes on XHTML elements to embed Dijit specific information. In this case, the patent seems to hinge on this embedding nature by its constant reference of "validation enhanced text-input element."

Re:Real time is the key claim

[ClosedSource]

I think that the patent concerns itself with character-by-character validation. In other words, as soon as you enter a character which would make the validation fail, it let's you know it is invalid. I assume that most Javascript validation waits until all of the text has been entered. I know some medical infusion pumps work this way, but I think it sucks.

Re:Real time is the key claim

[glebovitz]

Stick the RE ^\d{3}-?\d{2}-?\d{4}$ in a QRegExpValidator in Qt and you have real time validation. Nokia has an example of this in their Qt course materials.

Re:Real time is the key claim

[Bill,+Shooter+of+Bul]

No, that isn't the novel part. If you read further to the background 009.

[0009]What is needed is a solution that provides real-time validation feedback during entry into a text input field. That is, characters are validated as they are inputted with invalid characters being visually accentuated. For example, any numbers accidentally typed into the text field for a city name would be highlighted. Ideally, this solution would leverage regular expressions to define expected input formats.

So it seems they are really only saying that the highlighting of the individual invalid chars in real time is novel. That may or may not have prior art, but it seems rather obvious and not patent worthy.

Re:Real time is the key claim

[radtea]

I assume that most Javascript validation waits until all of the text has been entered.

Your assumption is false. It's called an OnChange event: http://www.w3schools.com/jsref/jsref_onchange.asp

I am not a "Web programmer" but anyone with even a passing familiarity with JavaScript has seen this.

The first claim in the patent is: "1. A system for providing real-time validation of text input fields in a Web page comprising:a validation-enhanced text input element configured to contain an attribute for a validation expression for a text field in a rendered Web page, wherein the validation-enhanced text input element is contained within a source code document corresponding to the rendered Web page; andan input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters."

So these losers have filed a patent application in which the first claim is exactly nothing but a completely standard bit of JavaScript code. People have been doing this kind of real-time validation and response for years and years and years. JavaScript is designed to do it.

This is by far the most egregiously stupid patent application we have seen on /. in a long time.

Why IBM is doing this is a complete mystery, although "never assume venality where stupidity will do" comes forcibly to mind.

Re:Real time is the key claim

[Dhalka226]

This sounds like nothing more than text field input masks, which have existed for years. The first result from a Google search for "masked input fields" turns up a listing of a bunch of different ones: http://www.webresourcesdepot.com/javascript-input-masks/

Re:Real time is the key claim

[ClosedSource]

My understanding is that the onChange event doesn't fire until the input field has lost focus. That means that it wouldn't support character-by-character validation.

Re:Real time is the key claim

[bluej100]

True, but onkeypress works.

Re:Real time is the key claim

[blinky]

Try "onkeyup" event, I used this method (~Nov 2007) with javascript routines for validation of user user entry (using regex) for entry of multicast address's etc. I was validating the entry and changing the background of the entry field to indicate valid/invalid data and enabling/disabling of the submit button.

This is not new, it might not be done in webapps often but we/I used to do this in client-server systems, stop users sumbitting crap/invalid data.

Re:Real time is the key claim

[dzfoo]

The patent application describes a system where a pattern representing a valid version of the input is specified by the developer, and this pattern is expanded and compared with the user input in real-time.

Typical regular-expression validation engines in JavaScript work on the completed input, not on a character-by-charcter basis. If you specify a regular-expression as /^\d{3}-?\d{2}-?\d{4}$/ and the user entered a single digit, the validation will fail as it is expecting more than one digit. And when it fails, typically, it will flag the whole field as invalid, but won't tell you which specific character caused the failure.

This is the nature of their claim: a real-time validation system that, pressumably, can interpret a pattern describing the valid format (such as a regular expression) and with visual cues to guide the user into entering the proper input.

As such it works more like a "masked input" field than a regular expression validator. The summary is disingenuous when it mentions that IBM claims a patent on a regular expression for social-security numbers.

            -dZ.

Re:Real time is the key claim

[ClosedSource]

Sure. I didn't claim that it was impossible (if it were, how could IBM do it?), just not used that often.

Re:Real time is the key claim

[Intron]

That site even has an SSN filter which prevents you from putting in illegal characters as you type, so it doesn't need to highlight illegal characters. Not only is it prior art, it is done better than IBM's solution.

Re:Real time is the key claim

Yah, that's why they invented onkeypress, onkeydown, and onkeyup events.

http://www.w3schools.com/jsref/jsref_onkeydown.asp [w3schools.com]

Re:Real time is the key claim

[gbutler69]

You are correct with respect to the "onChange" event. Though, it behaves somewhat differently in different browsers. However, that being said, one can tie into the "onKey", "onPaste", "onChange" and other events as well....

Re:Real time is the key claim

[Fallen+Seraph]

1. Make a 2-dimensional array.
   • Dimension one has the position of the character.
   • Dimension two has either a pattern to match to that character or the list of acceptable characters.
2. onkeyup, make the string into an array of characters and compare each one to the validation array. If bad, panic.
3. PROFIT???

It'd take about 5 - 10 minutes, if that, depending on your fluency with javascript.

Finally!!!

[steve_thatguy]

IBM deserves an Oscar and a Nobel Prize for this!!! This problem has persistently plagued me for ages! I'm glad someone finally came up with a solution to this. My only recourse up to this point has been to avoid SSN fields on any web form. If my boss wants something that requires a unique personal identifier I tell him it can't be done--not unless he wants to hire a team of interns to parse whatever voodoo people put into that SSN field!

Thank you so much for this new knowledge IBM! Now if we can do something about phone number fields I'll be in web developer heaven!

Re:Finally!!!

That's unpossible!

More to it than that.

[gurps_npc]

The numbers in your social security number mean things. By State originally. I am sure, IBM is at least including double-checking that information, to make sure that you can't type in 741-99-0000 and have the machine mistakenly think it is a valid social security number. How do I know this? Because the numbers mean things, you can tell that certain things are obviously bad social security numbers. For example, no field can have all 0. 111-00-1111 has never been assigned. Similarly, no number above 740-##-#### has ever been assigned.

You can read more about it here

Re:More to it than that.

[MyLongNickName]

I see nothing like that in the application. Granted it was long, and I did a quick scan, but nothing jumped out at me as being more complicated than checking for numerals and hyphens.

Re:More to it than that.

[zoips]

Claim 3 states that validation is done via regular expression. A regular expression doesn't really have that capability (except perhaps what Perl calls regular expressions).

Re:More to it than that.

[Amouth]

while that is true.. the SSN was only and example of a possiable aplication.

what they are trying to patant is the idea of validating input durring input..

aka you have a number only field and onKeyUp you check that the char is numeric (that is a most basic way of doing it)

either way the simple or more indept lookup is nothing more than input validation during input..

everyone here seems to get hooked on the SSN thing..

but really this is anything..

which is just fucking stupid..

while finding prior art for this is simplistic.. finding the first is god knows hard because i can't remember that far back.

Re:More to it than that.

[byner]

Is that really all the vital though? The problem that has most people concerned is not accepting erroneous SSNs that are made up, but perfectly valid SSNs being used fraudulently in identity theft, is it not?

Re:More to it than that.

[i.r.id10t]

700-xx-xxxx was for the railroad retirement society... but yes, otherwise for states and/or territories (puerto rico, guam, etc)

Re:More to it than that.

[PitaBred]

Still... the rules are known. Regex's are just a way to express rules... why in the hell is this patentable again? It's not like the regular expression is anything someone "skilled in the art" wouldn't come up with.

Re:More to it than that.

[QuoteMstr]

Strictly speaking, it does, but it might be large. As a quick and dirty test, here's the result of evaluating (regexp-opt (loop for x from 0 to 700 collect (format "%d" x )) nil) in Emacs:

"1\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|2\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|3\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|4\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|5\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|6\\(?:0[0-9]\\|1[0-9]\\|2[0-9]\\|3[0-9]\\|4[0-9]\\|5[0-9]\\|6[0-9]\\|7[0-9]\\|8[0-9]\\|9[0-9]\\|[0-9]\\)\\|7\\(?:00\\|[0-9]\\)\\|8[0-9]\\|9[0-9]\\|[0-9]"

What regular expressions can't do is match strings that aren't described by a regular language. Roughly speaking, if what you're trying to match has a maximum length, you can match it with a regular expression. (For a more formal description, see the Pumping Lemma.)

Re:More to it than that.

Just to elaborate, its not a maximum length that makes it a regular language. For example a*, where * is the kleene-star operator (0 or more occurrences) has a possibly infinite length but is still a regular language (because we can terminate it at null, or a, or aa, etc).

Re:More to it than that.

[dhTardis]

Well, of course — any finite language is a regular language. Also, regexp-opt is really letting us down here: how about [0-9]\|[1-9][0-9]\|[1-6][0-9][0-9]\|700 (without the doubled backslashes)?

Re:More to it than that.

[QuoteMstr]

Right. A finite length is a sufficient, but not necessary condition.

Re:More to it than that.

This is a truly awful misinterpretation of the Pumping Lemma. A rudimentary familiarity with regular expressions contradicts the idea that they are limited to matching things with a 'maximum length'. The pumping lemma is more about finite complexity of a pattern than finite length.

Re:More to it than that.

[QuoteMstr]

I never stated that regular expressions were limited to matching strings with limited length; instead, I said that strings of limited length could be matched by regular expressions. A rudimentary familiarity with logic may be useful to you.

Re:More to it than that.

[gurps_npc]

Actually you have it backwards.

The majority of so called 'identicy theft' involves Social Security Numbers cases are the US government prosecuting illegal aliens who had ZERO desire to copy someone else's socal security number. They just wanted a job. The ability to validate social security numbers is EXTREMELY vital to both the illegal aliens and the government.

On the positive side...

[minsk]

We need more overly-broad patents on embarrassingly horrible user interfaces. In fact, someone ought to patent *all* the common mistakes. That way their lawyers could run around suing everyone building crap.

What if We Assume They *Are* Idiots?

[eldavojohn]

Program Manager: What the hell is happening?! Why is the website down?!
Web Programmer: It's the users, sir, one of them put dashes in their SSN on the form!
Program Manager: I don't have time for this mumbo jumbo geek jargon ... what are you trying to tell me? This is an emergency, accounting said our money is leaving!
Web Programmer: Well, you see the dashes are inside the string.
Program Manager: Inside? How is this possible?
Web Programmer: Well, the user must have paused to push the dash key, sir.
Program Manager: So if the dashes are inside the string, we have to get them out. Is there someone we can pay for this service?
Web Programmer: I'm afraid it's too complicated for that. But maybe if we had it write to a file and one of us kept refreshing a text editor on that file ... we could remove it and then it could read back the file after waiting for a few seconds. We would have to hope that more users don't come while we are performing emergency dash extraction.
Program Manager: Goddamnit! Why didn't testing find this?!
Web Programmer: Well, they did but to fix this bug we just removed the dash keys on their keyboards.
Program Manager: Can we do that to each of the users?
*IBM employee enters with massive box labeled "Enterprise SSN Dash Extractor"*
IBM Sales Rep: Gentlemen, let IBM solve all your SSN problems for a mere $2,000 per site license!

Re:What if We Assume They *Are* Idiots?

[ConceptJunkie]

Only $2000?! That's like giving it away free! Surely it would be closer to $200,000 or even $2 million from IBM.

Re:What if We Assume They *Are* Idiots?

$2,000 site license. I call bullsh**. Try $50,000 per core + 18% support contract + professional services at $250 an hour 3 day minimum to come in and show you how to use the tool, not to mention the cost of new servers, SAN space, IBM Websphere to run the Websphere Enterprise SSN Dash Extractor, XD to manage the Websphere cluster, etc.,. BLEH!!! And let's also remember that you'll need to decide on which brand Extractor you will use the Websphere branded version, the Filenet version, or the Lotus version none of which can be used with the other system unless a separate license is purchased. :)

Revolutionary Patent Idea!!!1!

[serutan]

Patent Application 973255489

"Method of enhancing sarcasm through the intentional introduction of typographical errors within multiple exclamation marks."

Within a set of not fewer than four (4) and not more than eight (8) Exclamation Marks ("!"), an Erroneous Character from the set of characters [1, 2, @, #, ~, `] is inserted after the third or fourth Exclamation Mark. The Erroneous Character is perceived by the reader as a typographical error consistent with hurried, careless typing, reinforcing any sarcasm contained in the textual comment preceding the Exclamation Marks.

Re:Revolutionary Patent Idea!!!1!

[OttoM]

You mean a "plurality of exclamation marks"

Re:Revolutionary Patent Idea!!!1!

Hah! I'm safe, as I've never done that. I will however cite you as prior art when I apply for my patent:

1. A plurality of exclamation marks containing a sequence of alphabetic characters.
2. The method of claim 1, wherein the alphabetic characters spell out an ordinal number.
3. The method of claim 2, wherein the ordinal number is one that, when represented in decimal form, consists primarily of the digit 1.
4. The method of claim 1, wherein the alphabetic characters represent a jocular misspelling of an ordinal number.
5. The method of claim 1, wherein the alphabetic characters represent a non-standard number, such as (but not limited to) "eleventy-one".

Re:Revolutionary Patent Idea!!!1!

[stimpleton]

# ?

Haha, That typer must be *really* frustrated/sarcastic.

Re:Revolutionary Patent Idea!!!1!

[YenTheFirst]

Additional Claims:

6. A plurality of exclamation marks containing sequences of non-exclamation mark printable characters
7. The method of claim 6, wherein the sequence of characters represent a mathematical function
8. The method of claim 7, wherein the mathematical function evaluates to a number that, when expressed in decimal form, is "1"

Masked Input Plugin

[nick_davison]

The Masked Input Plugin already solves this pretty nicely.

$("#ssn").mask("999-99-9999");

is pretty easy to implement.

Yes, regular expressions are more powerful. They are also - sorry o mighty nerds of slashdot - completely confusing to the majority of more casual developers who want to be able to drop in a line of quick code and move on to making their drop shadowed corners even rounder.

Heck Why not....

[gabrieltss]

Heck a lawyer patented the method for swinging on a swing
  Why not IBM patenting something stupid like this! Maybe enough of these will bring the patenet system into reform or it's destruction...

Ref:
http://www.google.com/patents?vid=6368227
http://www.freepatentsonline.com/6368227.html
http://en.wikipedia.org/wiki/Reexamination

Awesome

[Trails]

I'd like to assert that I've personally written prior art.

Microsoft got elseif patented

[HannethCom]

As ridiculous as it is, Microsoft has a patent on the "elseif" statement, so every non-Microsoft programming language now has to suffer with just "else if". *slight sarcasm*

Re:Microsoft got elseif patented

[Mystra_x64]

If it actually exists I'd like to see that :}

Huh?

[harryandthehenderson]

concerns have been voiced over an exception clause in IBM's open source pledge."

Oh boohoo. Why would one expect IBM continue to give you protection against a lawsuit using these patents against you when you engage in a patent lawsuit against them? I don't see how this would worry anyone in the OSS community as they aren't known for launching patent claims against other OSS. I really feel no sympathy for any patent trolls who try to sue against OSS and then get caught in a shitstorm from IBM.

Actually

[Zordak]

Actually, they're trying to patent "A system for providing real-time validation of text input fields in a Web page comprising:a validation-enhanced text input element configured to contain an attribute for a validation expression for a text field in a rendered Web page, wherein the validation-enhanced text input element is contained within a source code document corresponding to the rendered Web page; andan input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters," and "A method for providing real-time validation of text input fields in a Web page comprising:receiving a user-entered character in a text field displayed in a Web page;immediately validating the user-entered character against a validation expression contained within a validation-enhanced text input element associated with the text field, wherein the validation expression defines a set of acceptable characters and character positions for the text field; andwhen the user-entered character is determined invalid, visually marking the user-entered character," and "An input text validator for validating a text field of a Web page in real-time comprising:a partial input expression generator configured to generate an expanded version of a validation expression, wherein the expanded version of the validation expression defines a set of acceptable characters and character positions for a text field of a Web page; andan invalid text highlighter configured to visually highlight a user-entered character in the text field when the user-entered character is determined as invalid for the expanded validation expression."

Remember, patents are all about the claims. You don't know what they're "trying to patent" until you have read and understand the claims.

Re:Actually

[Philip_the_physicist]

Actually, they're trying to patent "A system for providing real-time validation of text input fields in a Web page comprising:a validation-enhanced text input element configured to contain an attribute for a validation expression for a text field in a rendered Web page, wherein the validation-enhanced text input element is contained within a source code document corresponding to the rendered Web page; and an input text validator configured to validate a user-entered character of the text field against the validation expression in real-time and visually indicate invalid user-entered characters," and "A method for providing real-time validation of text input fields in a Web page comprising:receiving a user-entered character in a text field displayed in a Web page;immediately validating the user-entered character against a validation expression contained within a validation-enhanced text input element associated with the text field, wherein the validation expression defines a set of acceptable characters and character positions for the text field; and when the user-entered character is determined invalid, visually marking the user-entered character," and "An input text validator for validating a text field of a Web page in real-time comprising:a partial input expression generator configured to generate an expanded version of a validation expression, wherein the expanded version of the validation expression defines a set of acceptable characters and character positions for a text field of a Web page; and an invalid text highlighter configured to visually highlight a user-entered character in the text field when the user-entered character is determined as invalid for the expanded validation expression."

Remember, patents are all about the claims. You don't know what they're "trying to patent" until you have read and understand the claims.

This isn't quite as bad as the summary suggests, since what they are doing is checking the data as you type, and highlighting the first character on which it fails. This could be tricky to do on the desktop if you're using a poor choice of widgets, and doing it in javascript could be rather hackish if it is to be portable.

The most obvious way to do it in Javascript is to use a div made to look like a text field, which, echoes the text to the div and formats it appropriately. If the setup is done entirely in javascript, the real element could be shown if scripts are disabled, or the CSS support is faulty.

The idea is a lot better than TFS suggested, but it is still fairly obvious, both in concept and an implementation, and shouldn't be patentable.

Re:Actually

[Mindcontrolled]

You think that anyone on slashdot of all sites, where reading the summary is considered to be unnecessary, not to speak of TFA, would try to read actual claims and think about them? Nah, we rather spam "Lol, obivous!!!one!!"-posts round here.

Seriously, the level of discussion about anything patent related on slashdot is abysmal. Oh, and the mods are on crack again, too. "Funny"? Come on...

Well, Zordak, i am a patent engineer (although not in the US) myself, and I applaud your attempts to inject some reason into such discussions, but I fear you are fighting a hopeless fight there.

Re:Actually

But how does a regex tell *which* character is wrong so IBM can 'visually indicate' it?

Is this enough to disqualify IBM

[ClosedSource]

as an Open/Free software hero? This action seems quite consistent with the IBM of the 1970's.

Re:Is this enough to disqualify IBM

[pembo13]

I'd say no... since these kind of things are very helpful in showing how screwed up things are.

Re:Is this enough to disqualify IBM

[larry+bagina]

What if someone breaks into your house and steals your computer? Is he a hero for showing how insecure your back door is?

Re:Is this enough to disqualify IBM

How about you actually try reading the fucking article?

Re:Is this enough to disqualify IBM

[ClosedSource]

Thanks for the non-informative reply!

phone numbers too

[egburr]

I run into this problem with entering phone numbers into web forms. Some want them as xxxxxxxxxx, some as xxx-xxx-xxxx, some as (xxx)xxx-xxxx, and even other weirdness. Some sites take whatever I put in and mold it to their desired format; others tell me my input is invalid and make me enter it again (some even tell me the desired format). Some sites actually break it up into three input fields with appropriate limits on the number of characters.

I've seen similar cases with SSNs.

It's pretty obvious that some sites have no trouble parsing the input data and making it fit what's expected. How is this a novel concept to be patented?

Re:phone numbers too

[nedlohs]

I love those phone number validation forms.

Especially when they couldn't enter my number into the damn computer to call me when a table was ready because my phone number was foreign and hence required a country code that the form didn't like.

Not just regex, but real-time regex.

If you read the patent application, they aren't patenting just validation of a text field. They are patenting the idea of validating a string, one character at a time, as it is entered by the user. As the string is entered, when invalid characters are found using regex, a "visual change" is made to the input to let the user know they made a mistake.

An example they give is that in an email input field, as soon as the user enters a comma, the comma would change colors.

It's still not groundbreaking, but it's not quite as trivial as it sounds.

Re:Not just regex, but real-time regex.

[VGPowerlord]

It's still not groundbreaking, but it's not quite as trivial as it sounds.

You're right. The usual way to do this, in Windows applications, is to simply not allow the character and to beep. See: MaskedTextBox for the .NET version, which also triggers an event so programmers can add custom logic.

Yes, that is a Windows Forms thing and not a web form thing, but there's nothing stopping you from hooking a text input's onkeypress event.

Oh, but wait! Web forms don't allow you to set colors on specific characters in input or textarea! How exactly does IBM plan on doing this?

Re:Not just regex, but real-time regex.

[alexo]

So basically, they patented this?

I did something similar in C# in early 2006.
Validating with regexps on each key press, on the "text changed" event (to catch paste operations) and on leaving the field or accepting the form (for stuff that needed the whole text, like checksums, etc.)

SSN Validation

[al0ha]

While actual SSN validation is slightly more complicated than a simple regexp, awarding a patent for an obvious algorithm is lame.

Lucky for me I can prove the algorithm I wrote based on Social Security Administration guidance existed before IBM was awarded any patent.

At the time of this post I announce that it is officially released under free licensing.

Full Text

A persistent problem that plagues Web form fields is the proper formatting of data into text fields. A disconnect often exists between a developer and a user as to the proper or an acceptable format for a specific text field. For example, a social security number can be entered with or without dashes.

They aren't trying to fix some nefarious social security number formatting issue.
Completely biased summary.

Morons.

https://black.cirt.vt.edu/valid_ssn/index.php

https://black.cirt.vt.edu/valid_ssn/index.php

Have you read the patent application?

[dzfoo]

You didn't read the patent application, did you?

They are not patenting a regular expression to validate social-security numbers, they are patenting an entire validation system for web application, in which there is an API for a developer to specify a regular expression, and the framework will then validate the user input in real-time, while the front-end highlights the specific characters that caused the failure. The particular problem they are trying to solve is the user confusion when they submit a form which tells them that a field was rejected without telling them what's wrong with the input.

This is not to say that there isn't prior art for that, but as you can see it is much more than just a patent on a simple reg-exp pattern.

        -dZ.

Re:Have you read the patent application?

[maroberts]

As you've stated, there is much prior art for that also, many JavaScript routines exist which perform this task, simply using onChange to validate the next input character and refuse to accept it in the event that the current state of the string fails to match the regex.

Re:Have you read the patent application?

Even if nobody's done this precise thing before, the best case for IBM is that this is yet another case of "same old thing on the internet", as though taking something common and doing it in JavaScript in a web browser suddenly makes it worthy of being granted a legally-enforcible monopoly.

Re:Have you read the patent application?

so what you mean to say is that it is a simple regex inside of an if statement that if true executes an alert or msgbox back to the user with instruction of a properly formatted 'whatever'. Wow. sounds crazy complicated.

Re:Have you read the patent application?

[Bill,+Shooter+of+Bul]

But that's not what they are doing either, they want to allow the user to input invalid chars, but then highlight the incorrect chars. Entirely possible that there is prior art, but you'll have to find something exactly like that. I would rather argue on the basis of its triviality.

Re:Have you read the patent application?

[dzfoo]

No, that is not at all what I am saying. And, more to the point, I am not the one making the patent claims, though I did read the application.

A "simple regex" requires a complete input (otherwise how do you match against the "^" and "$" anchors?). Also, when the pattern fails, it typically flags the entire field as invalid. The claim is more along the lines of a "masked edit" field.

There certainly may be prior art, but it is not as common on web applications as you think it is.

            -dZ.

Re:Have you read the patent application?

[Waccoon]

I downloaded an app called "Regex Coach" which does this just fine. It's a Windows application, but you can call it a "web application", I suppose, since I did actually download it off the web.

Slashdot true to form

[thethibs]

Wow! All this steam and no one read the patent. It's been a while since the Slashdotter stereotype was so well validated.

The patent is for incremental validation as the characters come in. The text input widget is primed with the regex and validates each character as it is keyed, and reacts immediately if it gets an invalid-in-context character. The effect is that it's not possible to enter an invalid string.

Whether you think this is novel or not, it's not ordinary.

Re:Slashdot true to form

[CorporateSuit]

Whether you think this is novel or not, it's not ordinary.

One of the first forms I programmed for a commercial company would delete non-numeric characters and commas onKeyUp. It's extremely ordinary, and the practice is probably a day younger than javascript.

Re:Slashdot true to form

[weicco]

Well, in fact many applications I've wrote for several companies or agencies uses this kind of client-side as well as server-side validation and I'm not sure but I think that many of my colleague uses this method also. So it is not novel and it is probably quite ordinary.

But I don't live in USA and our applications aren't used in US market so I'm not sure if this counts as prior art. Probably not.

Re:Slashdot true to form

[itsdrewmiller]

Was this based on a regex? It seems non-trivial to me to be able to validate an incomplete string against a complete regex intelligently. It sounds like that's what IBM wants, which would not be easy and would be pretty cool.

Re:Slashdot true to form

good grief! I wrote code that validated input as each character was entered back in 1981 as part of my very first programming job.

Re:Slashdot true to form

[EkriirkE]

I do something similar for phone # validation: onchange="this.value=this.value.replace(/\D/,'');"

though its a bit more, only resetting the value if the stripped one is different (avoiding moving the carat when unnecessary) with length checks, etc

Re:Slashdot true to form

[lalena]

Still not a novel idea. We have 3 regex for each text box driven by a back-end config file:

• One for character input (typed, virtual keyboard, pasted-in, bar coded...). Ex: For an IP Address, only allow 0-9 and period to be typed.
• One for what the partially complete text can look like. Ex: For the IP example, numbers can't exceed 255 and you can't have two consecutive periods, but if you have typed a partially valid but incomplete IP Address, it is not shown as invalid. This is validated after every key press.
• One for validating the completed string. This is your standard IP Address regex that you can find anywhere on the web. This is validated after the user leaves the text box.

Re:Slashdot true to form

[radtea]

Whether you think this is novel or not, it's not ordinary.

Handling a JavaScript OnChange event is not ordinary? What about a button click event?

Can I patent "1. A system for providing real-time information in a Web page comprising:a retrieval-enhanced button input element configured to contain an attribute for a retrieval expression for a button in a rendered Web page, wherein the retrieval-enhanced button input element is contained within a source code document corresponding to the rendered Web page; and an document retriever configured to retrieve a document real-time and visually display it."?

Also known as "a help button".

My fanciful claim above is a minuscule edit to the first claim in this idiotic application. If you can patent OnChange event handling for realtime validation (that being one of the purposes for which the event was added to the standard!) you can certainly patent any specific use of button handling. Closing a window, opening a window, displaying a document, changing a background colour... any specific use that is "non-obvious" to someone completely ignorant of software development.

Re:Slashdot true to form

Google validates that usernames do not exist on real time as a user types it, and EEG ex validation is trivial. I've fine it for postcodes (uk) and it's the first thing I'd think of to validate a ssn. You just have to have the set of all valid regex expressions for every substring.

Re:Slashdot true to form

Yes it is ordinary, that's the damn point behind the outrage:

http://doc.qtsoftware.com/3.0/qlineedit.html#setValidator

Oh would you look at that, "...place any arbitrary constraints on the text which may be entered." And on a toolkit that came out eight years ago, no less.

Re:Slashdot true to form

So you created a shitty form that just ignored what the used typed, because after all, the developer knows best? Kind of completely the opposite of what they are doing, isn't it? They are allowing the user to type in the format they are comfortable with, while presenting to the programmer what they are expecting. Good UI design says if the user types 123-45-6789, they should see 123-45-6789, and not 123456789. If the user types 123x45-6789. let them know the 'x' is wrong, don't just assume you know what they meant and drop it. This patent seems to be aimed directly at trying to fix the horrible practices you and a thousand other developers foist on the public.

Re:Slashdot true to form

It's easy. Just construct the DFA and propagate the accept states backward. Voila, you now have a DFA for validating partial input. If that's all that IBM is doing then they definitely don't deserve a patent, although the idea itself is reasonable.

Re:Slashdot true to form

[thethibs]

Lots of protest that it is ordinary, yet not a single URL to a web form that does it. If it were ordinary, surely there would be dozens! I maintain that it isn't ordinary. I should have realized that adding "in context" would be needed with this bunch.

As to OnChange, it seems this was designed to replace the OnChange and the squirrely logic needed to validate partial strings from the beginning after each character, and handling backspace properly. The problem is maintaining state. You could work the code for the field syntax, but any change would require reworking the code. With this widget, you just supply a new regex string. They use ssn as an example, but more interesting would be a date-time string or email address. How many email addresses would your javascript be wrongly rejecting before you finally got the OnChange code right?

Re:Slashdot true to form

[CorporateSuit]

So you created a shitty form that just ignored what the used typed, because after all, the developer knows best? Kind of completely the opposite of what they are doing, isn't it? They are allowing the user to type in the format they are comfortable with, while presenting to the programmer what they are expecting. Good UI design says if the user types 123-45-6789, they should see 123-45-6789, and not 123456789. If the user types 123x45-6789. let them know the 'x' is wrong, don't just assume you know what they meant and drop it. This patent seems to be aimed directly at trying to fix the horrible practices you and a thousand other developers foist on the public.

Perhaps if you removed your nose from your small intestine far enough for your eyes to see the screen past your sphincter, you would see that this is exactly NOT what IBM is proposing. It is not some "Auto-complete my SSN" function. If some user types "I would like to donate $10k,000.0r4 to this charity", someone like you would automatically assume that he is brilliant in coming up with his own system of alphanumeric currency that may somehow translate into real-world dollars. In this case, whatever AJAX or javascript functions that may calculate door prizes or shipping or whatever he may also need to see, based on his input, would be broken, but it's because the stupidity of the developer not recognizing the brilliant man's new currency system (and possible numeric system that could possibly be dodecadecimal or greater, for all you know) and not because some guy with fat fingers couldn't realize the fact he was typing letters where the numbers should go.

Reaching out to stupidity is what good developers do. You seem to think that giving stupidity the reach around is a better way to go. I disagree, and my experience with millions of users and their fractured attempts at data input disagrees with you as well. Garbage-in probably means GARBAGE-in -- not "well-thought-out but ill-formatted"-in (though that exists as well)... it's better to be safe than sorry when it comes to peoples' information. In any case, please ATTEMPT to concern yourself with what the patent says before trying a vain attempt at verbally assaulting someone with it. At least you remembered to post anonymously when you post this sort of dreck.

Re:Slashdot true to form

[bit01]

If it were ordinary, surely there would be dozens!

One more example of the faulty logic of patent boosters. Confuses ordinary with obvious and completely ignores the fact there are a virtually infinite number of reasons why things are not done. Non-obvious is only one possibility among many. In this case it's likely that nobody's bothered - web forms often don't even bother filtering spaces let alone anything more complicated.

---

The patent system. The whole edifice is based on handwaving.

Re:Slashdot true to form

[CorporateSuit]

Was this based on a regex? It seems non-trivial to me to be able to validate an incomplete string against a complete regex intelligently. It sounds like that's what IBM wants, which would not be easy and would be pretty cool.

It didn't start out like that, but eventually, after people had brilliantly avoided the standard search/replace function of javascript by doing things like "Copy/Paste" or holding down the comma key (for some reason, JS would only replace one instance of comma for each time the function was called, so if they got several commas, it would only delete one for each OnKeyUp they fired) we resorted to using a regex. It was for a small calculator on the site, but the client had very specific ideas of how it should act when people inputed information into it, and regular expressions slowly became the most elegant solutions to the problem available to us.

Re:Slashdot true to form

[itsdrewmiller]

Still, just deleting inappropriate characters is a pretty trivial case of what they are proposing - having something that would say, let you type 999-99 but not 99-99 is trickier, and that is still a very simple digits plus one character situation, where their patent is for arbitrarily complex regexes.

Re:Slashdot true to form

[CorporateSuit]

Still, just deleting inappropriate characters is a pretty trivial case of what they are proposing

Yeah, and?

If they patent "Using untwisting Rubberbands as a means of propulsion" and use some hilariously complicated rubber-band engine to power a space-shuttle as an example, I don't care. I twisted a rubber band to make a paper airplane fly or make a toy car go. Many kids have. They shouldn't get the patent.

Re:Slashdot true to form

But it's not novel. I've been on sites that did exactly that. One of them was a government site! Even the US GOV has prior art!!

Re:Slashdot true to form

It's probably older than that. Masked edit controls for Windows have been floating around forever. I wouldn't be surprised if the same was done in earlier TUIs.

Re:Slashdot true to form

Bullshit, go look at hte jquery Validate & jquery Mask plugins, I make these kind of forms all the time.

You can only input integers, mask adds - 's or ()'s, and validate validates the whole thing, which of course is validated server-side before being passed into the DB.

Anyway, yes, the exact thing you're describing, can be done in a few lines of jquery.

Re:Slashdot true to form

[thethibs]

If that's all that IBM is doing

Why not read the bleeding patent and give the top of your head a break?

Re:Slashdot true to form

[thethibs]

delete non-numeric characters and commas onKeyUp

Nothing in the patent does this, or would, in any configuration. One hopes your software designs rely more on evidence than this nonsense.

Re:Slashdot true to form

[thethibs]

Chuckle. Waddya think, Corp? I think it's a losing battle. These guys are going to keep on spitting nonsense based on what they assume without evidence the patent is about. It hardly seems worth the trouble.

We need a filter for these dolts: Quote a relevant section of the patent itself or be consigned to oblivion.

Re:Slashdot true to form

[Nesman64]

I wonder how many users called IT to report a broken # on their keyboard after failing to enter it in your SSN field.

Re:Slashdot true to form

[itsdrewmiller]

So it is easier and more obvious to do a trivial case of something than implement it in its entirety.

Re:Slashdot true to form

[fractalus]

Funny, input forms in the GEM system used on Atari ST series computers allowed you to set up input masks to encourage data to be formatted properly. Not a regular expression, but similar in concept: data was validated as it was typed.

And that was considered ordinary, twenty years ago.

I feel old.

Re:Slashdot true to form

[thethibs]

If you invented a better mouse trap, your patent wouldn't be denied based on the judgement that trapping mice is old hat. It isn't the what that counts, it's the how.

Re:Slashdot true to form

[CorporateSuit]

Of course it's a losing battle -- just like honking a car horn at a bad driver who's swerving across 3 lanes while texting. Your efforts will not change their ways, and when they do manage to drive themselves off the road into a reservoir, they will be replaced by 10 more, just like them. There is, however, a sense of satisfaction at sitting down and pointing out to the person just how they are a ruiner of humanity. Honking a horn only gets the message so far. Flipping off a bad driver goes a bit further. When some AC posts this sort of thing on slashdot, it's like you just pulled into the same gas station as the guy who cut you off. He's not going anywhere, so you get to say just what you think about his poor performance at the wheel. Allow me to liken it to John Malkovich's Osbourne Cox in Burn After Reading:

Osbourne Cox: And you're my wife's lover?
Ted Treffon: No.
Osbourne Cox: Then what are you doing here?... I know you. You're the guy from the gym.
Ted Treffon: I'm not here representing HardBodies.
Osbourne Cox: Oh, yes. I know very well what you represent.... You represent the idiocy of today.
Ted Treffon: No, I don't represent that either.
Osbourne Cox: Yeah. You're the guy at the gym when I asked about that moronic woman.
Ted Treffon: She's not a moron.
Osbourne Cox: You're in league with that moronic woman. You are part of a league of morons.
Ted Treffon: No. No.
Osbourne Cox: Oh, yes. You see, you're one of the morons I've been fighting my whole life. My whole fucking life. But guess what... Today, I win.

There is nothing to win here, of course. In fact, more likely I'll end up taking a Karma hit for it (-1 Offtopic/Flamebait), but sometimes I simply feel honorbound to keep an idiot from walking away without hearing that he's an idiot, fully aware it is a war in which one cannot hope to make a difference.

Re:Slashdot true to form

[sjames]

I wrote input routines in Fortran as a kid that did that. It's not that I was being particularly ingenious, it's just that it's so blindingly obvious.

Not likely

[WindBourne]

I was writing Unix Medical billing systems in the mid 80's on Unix (and using regex), when you gov ppl were still on mainframes. So, I SERIOUSLY DOUBT IT. And I doubt that I wrote the first regex for an SSN. Back then, the ssn WAS a single ID for everybody.

Re:Not likely

...when you gov ppl were still on mainframes

We're still on mainframes, you insensitive clod!

Re:Not likely

lol

Re:What bullshit? (corrections and notes)

[Tablizer]

A couple of corrections and notes.

1. I accidentally typed a 3-digit year in the date template example. It should be four.

2. "Very practical" should have been bold, not quoted. I inadvertently used a wiki convention out of habit.

3. The template feature of the language was probably added after the "fork" from the gov't project. However, I believe extensions to the language are still not permitted to be copyrighted (IIRC).

The patent is fairly narrow

[Chysn]

The title--surprise!--sucks. They're not patenting the use of regular expressions to validate anything. They're patenting a field that validates itself as you type, and highlights invalid characters:

[0009]What is needed is a solution that provides real-time validation feedback during entry into a text input field. That is, characters are validated as they are inputted with invalid characters being visually accentuated. For example, any numbers accidentally typed into the text field for a city name would be highlighted.

You don't see this sort of thing implemented much because individual characters can't be "highlighted" within regular HTML input elements. And the overhead required for putting that sort of thing together just doesn't seem worth it, because you still need to perform traditional server-side validation.

This is also amusing:

[0008]Conventional validation scripts require that the developer include all possible valid and/or invalid character permutations in the actual code. The inclusion of these permutations increases script size and decreases performance. Additionally, future modifications to the range of valid permutations can result in having to rewrite the entire script.

Yeah, if you're an idiot.

Re:The patent is fairly narrow

[zuperduperman]

The [0008] clause is so wrong it's amazing.

There should be some kind of penalty - equivalent to fraud / perjury for knowingly making false claims in a patent application like that. Or - it should be grounds to invalidate the patent later on with punitive damages to other parties affected by the patent. The only reasonable explanation for such a sentence in the application is an attempt to mislead the examiner into thinking that the 'invention' is more novel than it is.

Re:The patent is fairly narrow

[Tablizer]

That is, characters are validated as they are inputted with invalid characters being visually accentuated.

That is rather fancy, but perhaps overkill for most situations. Back in my desktop GUI and DOS days, if they typed in an invalid character into a form, I would simply have it beep and display the format string at the bottom in red (or bright before color CRTs).

Thus, for the SSN example, if you tried to type say an "A", it would beep withOUT showing the "A" typed (not allowed), and at the bottom display the following hilighted:

        Invalid SSN entry. Format: 999-99-9999

If you wanted to get fancy, then:

        Invalid SSN entry. Format: 999-99-9999 (press F1 for help)

The software I used could also automatically insert dashes so that the keyer only had to type digits.

Validators aren't new - but the word Validator is

[lalena]

A Google search for "social security number" regex returned 11,300 results. I guess all of those people needed a regular expression to NOT validate data.
Also, the patent uses the term validator which is not a word according to most spell checkers that I use. I know this because I type this word frequently when documenting .NET code. Validator is the term Microsoft uses for ASP.NET controls that validate input.
Its one thing to patent an existing idea, but don't steal the made up words from an existing implementation and expect to get away with it.

spaces in credit card numbers?

[oneiros27]

How fucking hard is it to strip non-numeric characters from a string?

Damned hard, based on my testing over the last few years.

As an exercise in futility -- the next time you're buying something online, try entering your credit card number with spaces in it, so it's legible, and easier to compare to what's on your card.

It used to be that it'd occasionally work -- but I don't think I've had a single success in the last year or two. They either put in limits so I can't type enough characters, or it gets rejected with no useful message but works fine without them.

... on another note, I once had a member number for a company that on the membership card had a leading zero -- their site worked fine for years. They upgraded the site, and I couldn't log on anymore. After an hour with customer service, they finally told me to log in without the leading zero, and it worked.

Re:spaces in credit card numbers?

[sabernet]

onkeyup='this.value.replace(/[^0-9]/,"")'

Re:spaces in credit card numbers?

Does precisely nothing, since the replace method returns a new string without modifying the original.

See? It is harder than you think! ;)

Re:spaces in credit card numbers?

[sabernet]

well drat...I done forgot something, didn't I?

onkeyup='this.value = this.value.replace(/[^0-9]/,"")'

Re:spaces in credit card numbers?

[Timmmm]

Well that would be really annoying. Much better to do it on submission.

Obligatory regex.

[atomic-penguin]

(\d{9}|\d{3}-\d{2}-\d{4})

Aren't they repeating themselves?

[mengel]

Isn't this just making a library for web forms that act like an IBM 3270 terminal? I mean, they patented having a terminal that does field validation decades ago. This is just an alternate software implementation of the same thing, in a web browser.

Are you pondering what I'm pondering?

[dword]

Why don't we try to get USPTO's attention over to Slashdot? Then, if they think they don't understand what's going on with a patent, they can find other peoples' interpretation of it over here. They're bound to understand at least one of a hundred different wordings of that patent in Slashdot's comments.

Any ideas?

Two Things:

[Greyfox]

1) What?!
2) It takes 4 IBMers to figure this out?

I'm pretty sure this "problem" has already been solved. Perhaps it's still an issue with the Lotus application-to-web server. Since no one outside of IBM actually uses it, no one would have noticed that.

Highlighting invalid characters inside text field

[nkovacs]

I disagree philosophically with our current legal system allowing software patents. However it never ceases to amaze me how the internets take a patent, don't read it or understand it and then complain about things that don't even make sense in regards to the patent in question.

If you read the actual patent, it is talking about validating the text input as the characters are being typed in and highlighting the specific characters that don't match the regular expression. For example if you type in a SSN as: 1112-113-1111, then the 2 and 3 within the text field would be highlighted (e.g. highlighted red) as not matching the regular expression for a SSN. I think the key is that the error highlighting is done inside the text field. The highlighting of the text wouldn't occur until some timer expired (e.g. 200 ms without any new typing). This makes it so that the error highlights don't show up as you are typing but as soon as you stop. This is definitely more novel than the comments on this article make it out to be.

Should this or other software algorithms be patentable? No. However companies like IBM are forced to patent because if they don't then other patent troll companies sue them and win because they have trouble proving prior art. It is not illogical for companies like IBM to simultaneously pursue patent reform and continue to patent as much as possible under the current legislation. This is just taking advantage of the broken system while talking about how broken it is.

You're kidding me!

[jonaskoelker]

I have prior art!!!1!!1!!!

Next Up: Double-Click To Open Patent

[SneeKee]

Sounds an awful lot like ASP.NET RegEx Validation using AJAX .... but what do I know, I don't work for IBM or the Patent Office.

\d{3}(-|\s|\.)?\d{2}(-|\s|\.)?\d{4}

wow look that includes dashes, spaces, periods and no separator .... i better get to the patent office quick.

Nice One

I wonder if anybody has patented fire yet. I've got to get a piece of that action.

Read the Freaking patent

This is not for validating SSN but doing real time validation of text field input.
SSN was only an example in the patent. It could be city names, credit card number, or whatever.
It makes me laugh to see how many users do not read be before they write.
I still think it is bullshit but it does have a chance of going through unless someone can find prior art of doing real time javascript/ajax text field validation that display the error as you type.

Re:Read the Freaking patent

[pavera]

how about just about every single web 2.0 app I've ever used? You seriously haven't filled out a form that real time validated username availability? or that an email address actually looks like an email address? or that the zip code you entered is a valid zip code? I've seen at least those 3, and I've implemented 2 of them (zip code validator and email address validator) in javascript just like they talk about. 8 years ago.

Re:As a programmer at a federal agency that uses P

And do you parse them as they were being typed in and give feedback before the submit button is hit? Or were you too lazy to even read the title of the patent?

Another .NET example that IS web-based

[jwietelmann]

ASP.NET MaskedEditExtender

In ASP.NET's AJAX Control Toolkit, MaskedEditExtender masks a TextBox, while MaskedEditValidator uses regular expressions to validate it. That takes care of the web-based prior art pretty neatly.

FUD

[lbalbalba]

IBM has clearly stated that it wont assert these patents against the open source community, but will only assert them to anyone who tries to use them against the open source community. 'Nuff said.

Can they do this for credit card numbers too?

[erice]

Can someone explain to me why 99% of e-commerce sites are unable to handle spaces in credit card numbers? It's is a pain in the ass to enter and visually verify a 16 digit number when spaces (which are printed on the card!) are not allowed.

Re:Can they do this for credit card numbers too?

[Nesman64]

When I used to take cc numbers over the phone, I would type them in with the spaces to make it easier to read them back for verification. I'd remove the spaces as each section was verified.

pfffft - 1982

[Tablizer]

validates each character as it is keyed, and reacts immediately if it gets an invalid-in-context character. The effect is that it's not possible to enter an invalid string. Whether you think this is novel or not, it's not ordinary.

Hogwash: dBASE has been doing just that since the early 80's using "format templates", specifically the "Picture" clause.

True, it didn't do it over the web, but adding such to web browsers could use similar technology. Here are some examples from Microsoft Foxpro (a dBASE clone, more or less):

http://support.microsoft.com/kb/119691

Welcome to Theory of Computation 101 !

[jdb2]

A regular expression is just a Finite Automaton ie. State Machine. In a regex, state transitions occur when an input character is read. While regexs are usually applied to a complete input string, the basic theory behind them, as well as any other FA, does not stipulate how the next input character is "read" -- all that is required is a stream of input characters.

So, in the case of the FA representing a form field validation regex, a character is "fed" into the the regex FA whenever a new character is entered, upon which it is checked whether the FA has transitioned to the "not accepted" state and if so the character corresponding to that transition is flagged as invalid.

If the user presses delete or backspace during entry, one method of avoiding revalidation of the current input string would be to save the state of the FA each time a character is read and associate it with that position in the currently entered text. One would then use this information, for example, when a user moves the cursor and presses backspace or delete, to restore the state of the FA associated with the character position just before any deleted characters and then re-run the FA on the characters entered past the point of deletion. If the user is allowed to insert characters at any point in the text input, then a similar scheme would be used in which the state of the FA associated with the character position just before the newly inserted character is restored and then the FA is re-run on all characters past that point.

It seems IBM's programmers and/or lawyers either failed or did not take any basic Theory of Computation classes when they received their education. Sorry for them, because they've made complete idiots out of themselves now, as every Computer Science professor, researcher and grad student on the Earth is probably laughing their asses off -- "Hey! Did you hear that IBM is trying to patent eighty-plus years of mathematical theory! No, it's true!"

jdb2

Slashdot - misreading patents since 1997

[uarch]

As others have already pointed out, this patent is not what the /. story claims.

That's to be expected though - I can't remember the last time /. corrected read and understood the contents of a patent app.

This is more FUD about Open Source

[vivarin]

A more reasoned explanation about what's going on here, from one of the dojo toolkit founders:

http://alex.dojotoolkit.org/2009/05/a-quick-word-on-dojo-and-patents/

not worth inventing

[JeffAMcGee]

Did that say from the not worthy-inventions dept?

obvious

[shentino]

to anyone who does perl programming

input =~ m/([0-9]{3})-*([0-9]{3})-*([0-9]{4})/;
SSN = $1 . $2 . $3;

I've made better prior art in 2002!

[Hurricane78]

I developed a whole modular on-the-fly validation library, with cross-dependency support, easy use, and both a server and a client side. I still have it around here somewhere.

I wanna see them sue me on that. I'd kick the living crap out of them. ^^

Re:I've made better prior art in 2002!

[John+Hasler]

Where did you publish your library?

Huh, I implemented this extensively years ago....

[gbutler69]

...still have my implementation (I'm sure I'm not the only "Genius" to "Invent" this).

I have an entire XML/XSLT/JavaScript/AJAX (written before the term AJAX was coined) that I wrote called "ximple". In it, I had extensive use of RegEx validation of the following forms:

• Character Accept RegEx (each character entered/pasted into the field must match this RegEx)
• Character Reject RegEx (each character entered/pasted into the field must NOT match this RegEx -- unless superseded by Accept RegEx)
• Final Form RegEx (final form of the entire value must match this RegEx)

These three things alone provided an extensive amount of real-time, no round-trip validation and was EXTREMELY flexible and easy-to-use (if you new RegEx).

LOL!

LOL!

Really, I cant think of anything better to respond to this nonsense, other than... LOL!!!

can we resycle all dashes

dont throught the extracted dashes i might need i have few SSN without ones plzzzzzzzzzz

Prior Art

[MarbleMunkey]

Prior Art is ANY implementation of a patentable idea that predates the patent application, NOT just the first one. So chill, he's not claiming to have invented the thing, just that they may have code that did this before IBM claims to have invented it.

Re:Validators aren't new - but the word Validator

validator.w3.org

The W3C HTML validator.