Slashdot Mirror

← Back to Stories (view on slashdot.org)

Meet the Lawyer Suing Anyone Who Uses SSL

Posted by samzenpus on from the mine-all-mine dept.

Sparrowvsrevolution writes "Since 2008, Dallas, Texas attorney Erich Spangenberg and his company TQP have been launching suits against hundreds of firms, claiming that merely by using SSL, they've violated a patent TQP acquired in 2006. Nevermind that the patent was actually filed in 1989, long before the World Wide Web was even invented. So far Spangenberg's targets have included Apple, Google, Intel, Dell, Hewlett-Packard, every major bank and credit card company, and scores of web startups and online retailers, practically anyone who encrypts pages of a web sites to protect users' privacy. And while most of those lawsuits are ongoing, many companies have already settled with TQP rather than take the case to trial, including Apple, Amazon, Dell, and Exxon Mobil. The patent has expired now, but Spangenberg can continue to sue users of SSL for six more years and seems determined to do so as much as possible. 'When the government grants you the right to a patent, they grant you the right to exclude others from using it,' says Spangenberg. 'I don't understand why just because [SSL is] prevalent, it should be free.'"

40 of 347 comments (clear)

  1. So by Ultra64 · · Score: 5, Interesting

    Who's up for forming a lynch mob?

    1. Re:So by pla · · Score: 5, Funny

      Who's up for forming a lynch mob?

      I'll bring the torches if you bring the pitchforks...

    2. Re:So by mSparks43 · · Score: 4, Insightful

      What's the point?

      Its a patent for a symmetric key algorithm done in hardware.

      Just tell them you'll see them in court.

    3. Re:So by camperdave · · Score: 5, Insightful

      Who's up for forming a lynch mob?

      Depends. Who are you going to lynch? The scumbag lawyer? The patent official(s) who granted this patent? The politicians who have been dragging their feet on patent reform? I mean, are we out to change the system, or just to vent on a shrewd individual who is exploiting it?

      --
      When our name is on the back of your car, we're behind you all the way!
    4. Re:So by Anonymous Coward · · Score: 5, Funny

      Yes.

    5. Re:So by gman003 · · Score: 5, Funny

      How about "all of the above"?

    6. Re:So by jd2112 · · Score: 3, Interesting

      Who's up for forming a lynch mob?

      Depends. Who are you going to lynch? The scumbag lawyer? The patent official(s) who granted this patent? The politicians who have been dragging their feet on patent reform? I mean, are we out to change the system, or just to vent on a shrewd individual who is exploiting it?

      Note to self: Invest in companies that make rope.

      --
      Any insufficiently advanced magic is indistinguishable from technology.
    7. Re:So by Pieroxy · · Score: 4, Insightful

      What's the point?

      Its a patent for a symmetric key algorithm done in hardware.

      Just tell them you'll see them in court.

      That's if you can afford to go to court. They may be asking very reasonable fees to make the ROI of such a case overly in favor of settling. By going to court you would have to advance large amounts of money where settling might be cheaper. So even if you win the lawsuit, you might end up losing money in the end.

      Of course, you'd have done "the right thing" (patent pending) but who cares in the 21st century?

      --
      Write boring code, not shiny code!
    8. Re:So by Anonymous Coward · · Score: 5, Funny

      Note to self: Patent rope.

    9. Re:So by gman003 · · Score: 4, Funny

      Actually, wait a second. Lynching all "the politicians who have been dragging their feet on patent reform" is a revolution, not a lynch mob.

      The motion has been made to transition this lynch mob to a revolution. Does anyone second the motion?

    10. Re:So by swalve · · Score: 4, Insightful

      And acorns are oak trees. Imprison all women who have had miscarriages!

    11. Re:So by X0563511 · · Score: 3, Insightful

      Aye!

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    12. Re:So by CuteSteveJobs · · Score: 5, Interesting

      > So even if you win the lawsuit, you might end up losing money in the end.

      Try definitely. In the US your legal fees usually aren't reimbursed, so you will be out of pocket $3-5M *EVEN IF YOU WIN*. Kiss that money goodbye. Under UK rules the winner does get their legal fees reimbursed, but lawyers charge a lot more than that amount so you will still be out of pocket for say half that amount.

      As soon as someone sues you for patent violation - even if their suit is a sham - you're a few million out of pocket. In theory the judge should throw out sham suits, but judges in patent troll counties are a different breed.

    13. Re:So by Hoi+Polloi · · Score: 3, Insightful

      Plus they still let them request the venue which always ends up in a region in east Texas that seems to populated solely by patent lawyers.

      --
      It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
    14. Re:So by Sulphur · · Score: 4, Informative

      That's if you can afford to go to court.

      That's like trying to shove melted butter up a wildcat's ass with a hot poker, but you are welcome to try.

    15. Re:So by Anonymous Coward · · Score: 5, Funny

      Method and Device for Passing Extrajudicial Punishment

      1) .. entailing
      a) identifying and selecting a plurality of subjects
      b) selecting a plurality of suitable vertical objects
      c) fixating subjects (a) on objects (b) by means of rope until full termination of respiration

      2) Method described in (1), where objects are lamp posts
      3) Method described in (1), where objects are trees
      4) Method described in (1), where subjects are politicians
      5) Method described in (1), where subjects are lawyers
      6) Method described in (5), where lawyers deal predominantly with patent issues ...

    16. Re:So by Anonymous Coward · · Score: 5, Funny

      I've got the tar.

      I've got the .gz!

    17. Re:So by gman003 · · Score: 4, Funny

      We're not inciting a revolution, we're organizing one. Big difference.

      Mainly, we have someone taking minutes.

  2. So... by MozeeToby · · Score: 5, Interesting

    Nevermind that the patent was actually filed in 1989, long before the World Wide Web was even invented.

    Now, don't get me wrong, this is patent trolling at it's absolute worst, but what exactly is this quote supposed to mean? We (rightly) complain all the freakin time how people shouldn't be granted patents just by adding "on the internet" or "on a computer", we can't have it both ways. If there is a valid patent to provide secure communications through USPS and the key steps of that patent are being performed as part of secure communications online, why shouldn't that be considered to be violating the patent?

    1. Re:So... by Xest · · Score: 5, Insightful

      Personally I think the point there is that if someone files a patent, and doesn't enforce anything about it, then someone else buys it 17 years later by which time due to lack of enforcement around it such that everyone has used it it's become part of essential every day tools, then some dick shouldn't then be able to start suing over it.

      In this respect patents should act like trademarks - if you don't defend against illegal use of it at or near the time of infringement and as a result everyone starts using tools built upon it, then it should be invalidated.

      This idea that you can file a patent, sit quietly on it, and wait until something related to it has become massively widely used and THEN you sue everyone left, right and centre, is fucking absurd.

      The other point is that patent terms are supposed to expire after 20 years. As such can anyone tell me why this guy has another 6 years to sue? Is this about legal limits and he is effectively suing for past infringement even though the patent should've expired 3 years ago? If so then that's another change that needs making to the law - you either sue when the patent is valid, or you don't sue at all.

    2. Re:So... by cultiv8 · · Score: 3, Funny

      He and his wife Audrey, also an IP lawyer, live in a six-bedroom, seven-fireplace mansion worth $9.3 million, according to public records, and bought two half-million dollar condominiums in Las Vegas in 2010.

      It would be if baby needs a new pair of shoes.

      --
      sysadmins and parents of newborns get the same amount of sleep.
    3. Re:So... by CastrTroy · · Score: 4, Insightful

      THIS

      You should have some minimum time to file a suit against someone for using your patent or it should be invalidated. I see this all the time. Sony used a game controller for 3 years on their playstation and then somebody comes along saying they have a patent that Sony is infringing on. Why wasn't it brought up a couple months after the release? It's not like the playstation was some unknown product in some very small market that the patent holder couldn't have been expected to know about. If you have too many patents that you can't keep track of them, and don't even realize that somebody is infringing on them until years later, then it should be invalidated.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    4. Re:So... by History's+Coming+To · · Score: 5, Interesting

      We need some reductio ad absurdem on the part of the courts here. Side with the lawyer, outlaw all uses of SSL without a license from him, and have all companies using SSL remove the facility for one day. He's after a little bit of money but he's claiming to want to protect the patent. OK, call his bluff, no money and a protected patent, then let's see how the rest of the world responds when they see what's happening. No more internet banking? No more online trading? No more secure internet sessions? Go on, call his bluff, let's open Pandora's Box Of Patents, it's the only way to bring this nonsense down once and for all.

      --
      Please consider this account deleted, I just can't be bothered with the spam anymore.
    5. Re:So... by CastrTroy · · Score: 3, Insightful

      You're right. Instead of letting the small inventors who maybe own 1 to 5 patents take a little responsibility and keep track of how their patents are being used, we should make the people/organizations producing products (big and small) be responsible for wading through millions of patents to ensure they don't infringe on these patents before they release a product. Even if said patent is just sitting in a filing cabinet, and no product has ever been realized.

      I'm not saying that all patents should be invalidated after some set period after some product has been released and no complaint has been filed. But there should be some expectation so thousands of companies can't go about using your "patented techology" for over a decade before you decide you are going to start complaining that they are violating your patent.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    6. Re:So... by swillden · · Score: 4, Insightful

      Let's not forget, patent laws aren't made to allow big incumbents to rape small inventors. They're made to allow small inventors to get money from their inventions.

      Both views are wrong, at least in the United States. The purpose of patents isn't to favor big or small or to enable collection of money by anyone. Money is the mechanism, not the goal. The purpose of patents is to advance science and the useful arts by providing inventors with a motive to publish the details of their inventions, so that other inventors can learn from them, and either license them or explore new possibilities.

      Like copyright, the intended beneficiary of our IP laws (at least in their original intent and form) isn't the owner of the temporary monopoly, it's society as a whole. The benefit to the owner is just the tool we use to encourage them to act in society's best interest, by spreading their ideas/expressions.

      There are a lot of implications of this viewpoint, and if everyone (especially Congress) could keep it straight, our IP laws would be a lot more sane -- and would tend to achieve rather than undermine the underlying goal. In the case of patent law, one implication of the real goal is that we can measure the effectiveness of the system by how often inventors search the patent database looking for solutions to problems, or for ideas to spark new inventions.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    7. Re:So... by Xest · · Score: 3, Insightful

      "Because most inventors have other things to do with their time then comb through every new technological application"

      As I see it it's quite simple. If you don't feel you have time to protect your patent then you obviously don't put enough value in it to believe it's worth protecting.

      Look, either your patent is such a unique and cutting edge innovation that you want to protect it and want to make money from it, or it's not. You can't just patent some trivial little turd of an idea that others have/will come up with independently and expect the money come flowing through to you for it.

      The "I don't have time" argument is bollocks, the time you invest in protecting your patent should be relative to the value you place in that patent. If you think it's a super patent then spend your life protecting it and milking money from it, if you think it's marginally useful then go after uses as soon as they're obviously there - i.e. PS3 controllers. If you don't value it at all then don't enforce it and let people use it how they want by letting it expire as trademarks do. That's how it should work. The patenting of turds and just sitting around waiting for them to mature and then attacking has to stop. Patents shouldn't be a license to cash in left and right 17 years after a patent was filed for some arbitrary idea no matter how little effort went into it, they should be worth bothering to protect and if they're not, they shouldn't be patentable ideas in the first place.

      Besides, the test for trademark genericisation is if your trademark has entered common usage, if your patent has come close to entering common usage across a wide range of users like SSL has and you haven't noticed and bothered to defend it then laziness has nothing to do with it. That's apathy towards enforcement, and apathy shouldn't be an excuse to be able to turn around many years later and suddenly decide to cash in either.

  3. Damned patent troll by Stachybotris · · Score: 3, Insightful

    All it would take is Google or one other company with adequately deep pockets to actually take this guy to court and that would be the last we'd hear of Mr. Spangenberg or his trollish little company.

    1. Re:Damned patent troll by Stachybotris · · Score: 4, Informative

      Also, to clarify, this seems to not be over SSL itself, but rather over "using a shared seed value to generate pseudo-random key values at a transmitter and a receiver." RTFA on CipherLaw Blog.

  4. The real problem by dachshund · · Score: 4, Interesting

    Nevermind that the patent was actually filed in 1989, long before the World Wide Web was even invented.

    The problem here is not that the patent was filed before SSL was invented (about 1995) -- that could be fine, if SSL was using a patented technology that pre-dated its own invention.

    The problem here is that the attorneys are accusing the practice of 'sending network records over a wire and encrypting them with a stream cipher', where in this case the cipher is (I believe RC4). However RC4 was invented in the 1980s and should pre-date this patent. I'm certain that somebody used it to encrypt network traffic in an almost identical manner, so there should be prior art.

    Moreover, stream ciphers in general have been around for much longer than that. Someone somewhere has published/deployed this idea before. It should not be a live patent. Note that the case has never been tested by a court.

  5. A good few... by aManofFewWords · · Score: 4, Funny

    You must see the good in this man. He has set up well over 200 companies to make the point that software patents is a bad thing. He even tells this to all the companies and judges he can find. He will finally succeed and software patents will be abolished.

  6. 'New' SSL users 'safe' by beaverdownunder · · Score: 5, Interesting

    According to TFA, the patent apparently infringed upon has expired, however this mob can still sue people who used it in the past for the next six years.

    So, if you start a new company now that uses SSL you should be in the clear.

  7. Maybe sometimes "prevalent" should mean "free" by nine-times · · Score: 3, Insightful

    He may be on the correct side of the law as far as current patent law goes, but I'm of the opinion that, at least sometimes, the fact that it's prevalent means that it should be free. Particularly when it comes to computer software, and particularly when it comes to communications and the exchange of information. File formats should be able to be written and read without a license. You should be able to make your software communicate with others using network protocols that are unencumbered.

    I don't know that I have an objection to software patents per se, but when it comes to file format standards and network communications standards, you should not have to pay in order to participate.

  8. See also Marconi being sued by telegraph companies by dbIII · · Score: 5, Interesting

    Marconi was sued by telegraph companies that thought they had a fifty year monopoly on morse code. The communications IP legal situation has been a sick joke since at least then.

  9. Re:Really? by tgd · · Score: 5, Informative

    "Your sure about that are you?"

    Yes? The web was invented in '92.

    Or are you saying the patent wasn't granted in '89?

    And, more relevantly, HTTPS didn't appear until 1994. (Netscape originated it, as an extension to the HTTP standard -- you needed their browser, and their webserver to be able to use it.)

    So, clearly this is all Netscape's fault.

  10. Err what? by kiriath · · Score: 3, Interesting

    'I don't understand why just because [SSL is] prevalent, it should be free.'

    This statement is one of those really douchebaggy things that douchebags douche out.

    All of that being said, SSL needs to be replaced with something better anyway.

  11. Prior art by Chrisq · · Score: 5, Informative

    Also, to clarify, this seems to not be over SSL itself, but rather over "using a shared seed value to generate pseudo-random key values at a transmitter and a receiver." RTFA on CipherLaw Blog.

    Isn't CTR-mode use of a cipher block prior art? This was invented in 1979 by Dife and Hellman and in effect turns a key into a series of pseudo random values which are xored with the plain text.

  12. His mom must be so proud by Genevish · · Score: 4, Funny

    When the democrats say, "you didn't build that", maybe they mean this guy?

  13. Re:Thanks Apple, Amazon, Dell, and Exxon Mobil! by tibit · · Score: 3, Insightful

    You're treating those businesses like sentient beings. Stop with that. A business does no more and no less than what the people in charge of the business want done. If you're a money-at-all costs scumbag, sure, that's how your business will operate. It's not a law of any sort that a business has to be run that way. And stop spreading the fiduciary-duty-to-shareholders bullshit, because it's tired and old and not true at all. Shareholders who invest in a business decide for themselves if their investment goals are aligned with those of the business. Nobody forces them to invest in a business that is not all about maximizing shareholder ROI.

    --
    A successful API design takes a mixture of software design and pedagogy.
  14. Re:World Wide Web by AK+Marc · · Score: 4, Funny

    At least Hitler used encryption, you Nazi.

    --
    Learn to love Alaska
  15. Fixing the patent system by samwhite_y · · Score: 4, Insightful

    This is just another in a long series of slashdot articles that have pointed out the broken nature of our patent system. What I have not seen is any serious proposals for fixing the issues beyond "throw it all out". I have to agree that making software (even software running in specific hardwire specifications) something that you cannot patent is superior to the current patenting solution. Something similar could be said about some of the pharmaceutical patenting that is going on as well (make it last "seven days" instead of "one", get to extend my patent).

    What if we made patents peer reviewed by a group of high profile experts in the field in which the patent is filed. So notable software professionals would be consulted for software patents. This group would use a high bar on the "obviousness" and "prior art" test so that rewriting prior art into a different language and giving a slightly different spin would not make it past this group. The group would be paid based by on the (likely to be substantial) fees charged to the person filing the patent. This is how research articles are handled for the best scientific journals. If a patent is laughably far from being publish worthy for a reputable scientific journal, why are we letting it control millions (or billions) of dollars of commerce? Currently, we are forcing our higher courts to learn all types of arcana before they are able to kill a patent based on prior art and obviousness. Using a group of true experts (not the underpaid and overworked staff at the patent office) would do a lot to improve the situation. Patent lawyers are not a sufficient substitute.