Source Code On Trial In DNA Matching Case (post-gazette.com)

← Back to Stories (view on slashdot.org)

Source Code On Trial In DNA Matching Case (post-gazette.com)

Posted by Soulskill on Saturday October 10, 2015 @02:32AM from the you-can't-handle-the-knuth dept.

An anonymous reader writes: While computer analysis by other programs was inconclusive in matching DNA evidence to a suspect, one program, TrueAllele, gave a match. As reported in the Pittsburgh Post-Gazette, an expert witness for the defense wants access to the 170,000 lines of source code to determine whether the match is scientifically valid. Not surprisingly, the software creator is resisting. From the article: "TrueAllele, created by Dr. Perlin and in its current version since 2009, is the only computer software system of its kind that interprets DNA evidence using a statistical model. It can single out individuals in a complex DNA mixture by determining how much more probable a match is versus mere coincidence. Complex mixtures can involve multiple people, as well as degraded or small DNA samples. ... Although the technology is patented, the source code itself is not disclosed by any patent and cannot be derived from any publicly disclosed source. The source code has never been revealed, he said, and it would cause irreparable harm to the company if it were. In his declaration, Dr. Perlin said that reading the source code is unnecessary to validate the program, and that a review could be done in his office or online."

117 comments

Min score:

Reason:

Sort:

Wrong industry? by Type44Q · 2015-10-10 02:39 · Score: 5, Insightful

Guess if he didn't want his code audited, this guy shouldn't have marketed his software to this particular industry. Dumbass.
1. Re:Wrong industry? by retroworks · 2015-10-10 02:49 · Score: 2, Interesting
  
  Huh. Interesting comment, and on point. The right to defend oneself legally seems to trump copyright law. One the other hand, if I wanted to see someone's copyrighted code, could I simply write bad code (producing a different result) and thereby get access to another programmer's code in any court case? Say for example I want to see automobile code, I find a vehicular homicide case, show a result on my program where the driver was not at fault because automobile code was badly written, and demand to see the code of the vehicle the defense client is accused of driving? EFF.org want to comment?
  
  --
  Gently reply
2. Re:Wrong industry? by Layzej · 2015-10-10 02:59 · Score: 2
  
  Best practice is to discard the minority report. No need to review the source code since there is probably no practical way to prove it correct anyway.
3. Re:Wrong industry? by Eunuchswear · 2015-10-10 03:01 · Score: 3, Informative
  
  Nothing to do with copyright law.
  
  --
  Watch this Heartland Institute video
4. Re:Wrong industry? by Layzej · 2015-10-10 03:07 · Score: 4, Interesting
  
  For instance, for any mission critical component NASA may have three different programs, each written in a different language and running on a unique platform. If at any time one of the programs gives an answer that is not consistent with the other two then the minority report is discarded and the other two are presumed to be correct. No need to halt the proceedings and debug at that point.
  In this case there is only one program that finds a match. It should be considered unreliable and discarded.
5. Re: Wrong industry? by SLi · 2015-10-10 03:18 · Score: 4, Insightful
  
  Well, not really. If the relevant facts are roughly as stated in the summary, it's indeed quite possible that the company will be forced to produce the source code or not rely on the evidence. However the only thing this means is that the defendant's paid experts get access to the source code under a strict protective order. They will then produce an expert report, which is the only thing anybody else will have access to, and even that may be sealed in whole or part if it would reveal, in the opinion of the judge (and often anyway unless the defendants object) significant trade secrets.
  I think the two most realistic reasons to oppose are the costs of production and the possible loss of reputation if the evidence due to the inevitable criticism by opposing experts.
6. Re:Wrong industry? by Anonymous Coward · 2015-10-10 03:19 · Score: 2, Insightful
  
  You don't get to use the code. It is opened for analysis only for few selected professionals and most certainly not shown to someone who has competing code. There is no problem with copyright here. The copyright is still with the one (company) who wrote the code.
7. Re: Wrong industry? by retroworks · 2015-10-10 03:27 · Score: 2
  
  You are right of course (and while a copyright may be issued prior to a license, it's a licensing and not copyright issue). But what if it is a class action suit, all accused parties in vehicular homicides demand access to auto computer codes for prosecution? I agree it's thin (would require cooperation of expensive defense lawyers with little direct benefit to the client), but as a supporter of RightToRepair I thought it was a question worth asking.
  
  --
  Gently reply
8. Re:Wrong industry? by Anonymous Coward · 2015-10-10 03:27 · Score: 0
  
  I assume it would be become part of the public record. Anyone could request a copy.
9. Re:Wrong industry? by Anonymous Coward · 2015-10-10 03:29 · Score: 0
  
  Could be issued under seal, though the effectiveness of that is debated by journalists who are asked to reveal sources. Code's more complex than an informant's name.
10. Re:Wrong industry? by hey! · 2015-10-10 03:30 · Score: 2
  
  The source code shouldn't matter; it's the method used by the source code. If that method cannot be reproduced without the source code, then the output of the program is worthless. If it can be reproduced without the source code, then the output of the program may have value, if the method used stands up to scientific scrutiny.
  As it stands all the prosecution has amounts to a black box with a red and green light on top and a slot in the side into which a couple of samples are dropped. If the light subsequently turns red, then the prosecutor wants the jury to believe the samples match. But they have no reason to believe that other than the prosecutor telling them to trust the box.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
11. Re:Wrong industry? by alzoron · 2015-10-10 03:37 · Score: 4, Insightful
  
  Exactly right.
  This is basically the same as asking an expert witness how they determined that the defendant was involved in a crime and the witness refusing to answer the question because "It's a secret."
12. Re:Wrong industry? by Anonymous Coward · 2015-10-10 03:53 · Score: 0
  
  Which introduces a "reasonable doubt" which is what our country is all about.
13. Re: Wrong industry? by drinkypoo · 2015-10-10 04:15 · Score: 1
  
  I think the two most realistic reasons to oppose are the costs of production and the possible loss of reputation if the evidence due to the inevitable criticism by opposing experts.
  The costs of producing the source code: So damned near $0 it doesn't bear mentioning. If you can build it, you can produce it.
  The costs of possible loss of reputation: can be solved by sealing part of the court records, if necessary. But nobody has a right to a certain reputation.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
14. Re:Wrong industry? by drinkypoo · 2015-10-10 04:17 · Score: 2
  
  The source code shouldn't matter; it's the method used by the source code.
  Okay, now go forth and prove that a stated method was used without referring to the code.
  
  As it stands all the prosecution has amounts to a black box with a red and green light on top and a slot in the side into which a couple of samples are dropped. If the light subsequently turns red, then the prosecutor wants the jury to believe the samples match. But they have no reason to believe that other than the prosecutor telling them to trust the box.
  Right, without a code analysis they have no way to know if the box contains anything of value.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
15. Re:Wrong industry? by gerddie · 2015-10-10 04:44 · Score: 4, Informative
  
  It has everything to do with copyright law. It's what the company is using in order to claim that they have a right to keep information from the court.
  No, even if they would show the code, it wouldn't become magically free software or public domain. What they claim here is that they want to keep a trade secret.
16. Re:Wrong industry? by Anonymous Coward · 2015-10-10 04:50 · Score: 1
  
  Copyright law is about the rights to copy and distribute intellectual property, it has absolutely NOTHING to do with secrecy. Btw, nobody has the right to keep information from a court of law; if a judge demands it, you must oblige.
17. Re: Wrong industry? by Anonymous Coward · 2015-10-10 05:29 · Score: 0
  
  But what if it is a class action suit, all accused parties in vehicular homicides demand access to auto computer codes for prosecution?
  You missed this part of the GP's post:
  
  However the only thing this means is that the defendant's paid experts get access to the source code under a strict protective order. They will then produce an expert report, which is the only thing anybody else will have access to, and even that may be sealed in whole or part
  Or in other words, even if you get access it's not necessarily free and clear access. The judge would likely limit who gets access to the code to those who *need* it - the defendants themselves likely wouldn't be allowed access. Also, any access would likely come with a pretty hefty penalty (contempt of court) for leaking or otherwise misappropriating the code you got access to. Use your access for anything other than the limited scope of producing evidence for the trial at hand, and the court comes down on you like a ton of bricks. Generally speaking, judges don't like people who attempt to "trick" or manipulate the court.
18. Re:Wrong industry? by ThatAblaze · 2015-10-10 06:24 · Score: 1
  
  I think the NSA has already proved you wrong about that on several occasions.
19. Re:Wrong industry? by Anonymous Coward · 2015-10-10 06:25 · Score: 0
  
  5th amendment.
20. Re:Wrong industry? by pepty · 2015-10-10 06:35 · Score: 1
  
  Not really. In this case the best practice for the defense is to consider any match, even from the majority, to be statistically flawed and ask that the full sequences be compared directly. When you are fishing in a database it makes sense to only look for a few datapoints. If you want to prove the match is a false positive there's no need to look at the software results again, these days you can send the trace evidence and the suspect's DNA to a company that does full sequencing of genomes and do the full comparison with (open source) software like Blast or Last for less than it would cost to argue about the original software results in court. Would be difficult in evidence that has a mixture of DNA from different sources, but basically just look for a difference that makes the DNA in the evidence unlike that of the suspect's DNA, instead of looking for similarities between the evidence and the suspect.
21. Re:Wrong industry? by climb_no_fear · 2015-10-10 06:57 · Score: 1
  
  That's not the limitation.
  
  Of course you can sequence every base pair of the suspect. The DNA evidence is limiting, the problem is the evidence.
  
  Just for example, pretend we know beyond a doubt that a killer and five other people used the same pen to sign in in a hotel. Let's pretend that the pen fell down a couple times and it was a rainy day (mud on the floor).
  
  There is a mixture of 5 people's DNA plus bacterial DNA of 100 species and the bacterial enzymes which are busy degrading the DNA.
  
  This mess is sequenced and the program has to identify small stretches of DNA and correct for multiple comparisons to the whole human genome and between similar genomes.
  
  There is nothing left of the evidence to sequence.
22. Re:Wrong industry? by sumdumass · 2015-10-10 07:30 · Score: 1
  
  Not really in this case. This is not a situation where multiple programs do the same thing. Others match DNA identifiers to find a match where the one in question matches the statistical probably of identifiers being a match. Its kind of like the difference between determination of a pipeline diameter by measuring the pipeline verses measuring the flow rate and working back. So while the objective is the same, the approach is different enough to be separated from each other.
23. Re:Wrong industry? by DerekLyons · 2015-10-10 07:31 · Score: 1
  
  For instance, for any mission critical component NASA may have three different programs, each written in a different language and running on a unique platform.
  Nope, the record (which was the Shuttle's control system) is two different programs running on identical hardware. They weren't even identical programs, the first had all mission features, the second had just enough to reach orbit and to return from orbit to earth. But even that was highly unusual - the norm is two identical computers running identical software.
  
  If at any time one of the programs gives an answer that is not consistent with the other two then the minority report is discarded and the other two are presumed to be correct. No need to halt the proceedings and debug at that point.
  Where the three comes in is the primary Shuttle flight control was three copies of the same software running on three identical computers. The minority report is in fact disregarded.
24. Re: Wrong industry? by mspohr · 2015-10-10 07:49 · Score: 1
  
  The problem is that I have my expert and they have their expert... sounds like a standoff.
  If I am going to jail, I need to know that it's based on real science (public, audited, peer reviewed, verified) not some guy's secret algorithm.
  
  --
  I don't read your sig. Why are you reading mine?
25. Re:Wrong industry? by hey! · 2015-10-10 07:59 · Score: 1
  
  It doesn't matter what the code produces. You use an independently developed and open system to confirm that the code in question conforms to the method. Then it's a matter of showing the method is valid, which of course is the important question. Patents don't mean something accomplishes what its inventor purports it does.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
26. Re: Wrong industry? by HiThere · 2015-10-10 08:24 · Score: 2
  
  Actually, that's not always true. I've heard of companies that used software they only had in binary. I suppose you could turn that into assembler easily enough, though you might end up with some of your data being rendered as code.
  (The case I heard of was back in the 1970's and the programmer who originally built the software fixed it with binary patches, so the code didn't mean anything...but it had been lost anyway by this point.
  They used this software as a part of how they figured their profits, which they then reported to the IRS. At some point the IRS decided to audit them.... WHOOPS! And the guy who wrote the code was no longer working there.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
27. Re: Wrong industry? by Anonymous Coward · 2015-10-10 10:24 · Score: 1
  
  Nope. 5th amendment covers testimony only, and only covers testimony where there is an actual possibility of self incrimination. If you have a document that proves your guilt, you still have to produce it legally.
28. Re:Wrong industry? by Impy+the+Impiuos+Imp · 2015-10-10 12:15 · Score: 2
  
  Well, a criminal case can demand whatever they want from the NSA. The NSA then has a choice (aside from arguing successfully the info is irrelevant):
  1. Give it up
  2. Declare it a secret, and possibly force the release of the suspect as a result.
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
29. Re:Wrong industry? by Anonymous Coward · 2015-10-10 14:35 · Score: 0
  
  File under: I thought we could get by on personality and posturing.
30. Re:Wrong industry? by msobkow · 2015-10-10 16:35 · Score: 1
  
  Anything submitted to the courts becomes a matter of public record.
  
  --
  I do not fail; I succeed at finding out what does not work.
31. Re: Wrong industry? by msobkow · 2015-10-10 16:41 · Score: 1
  
  You write your own software in binary?
  I haven't seen that since the age of panel switches and lights for bootstrapping old, old, old computers...
  
  --
  I do not fail; I succeed at finding out what does not work.
32. Re:Wrong industry? by sjames · 2015-10-10 18:11 · Score: 1
  
  Public record, yes. But in cases where the material is identified beforehand as proprietary, the judge can extend protection including sealing it.
  It still wouldn't get rid of the patents.
33. Re: Wrong industry? by HiThere · 2015-10-10 18:27 · Score: 1
  
  No. But the guy who was maintaining the software originally wrote it in assembler, and then fixed bugs by doing binary patches. Not me, I never worked for the company, or met the guy who wrote the software. I understand the company was a shoe seller, but I don't even know whether it was a manufacturer or a vendor.
  Yes, however, this was on an OLD computer. But the software was kept as a deck of punched cards, not panel switches. (It's not THAT old.)
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
34. Re: Wrong industry? by sjames · 2015-10-10 19:11 · Score: 2
  
  If they only have it in binary, that would mean that they are falsely testifying to the validity of code they haven't examined.
35. Re:Wrong industry? by sjames · 2015-10-10 19:16 · Score: 1
  
  That sounds to me like an inconclusive result, not something you should use to send someone to death.
36. Re:Wrong industry? by Anonymous Coward · 2015-10-10 19:52 · Score: 2, Informative
  
  What i find odd about this is that the code is supposed to be statistics. If the code is following the correct mathematical analysis then the code is technically already released to the public or at least academic records. The only thing protected here is the implementation, e.g. how it communicated with hardware, which algorithms are used, and the code got the UI. All this can be easily duplicated by any skilled CS student. So when he states that releasing the code even for court review will cause irreparable harm to his company it draws a serious issue to the credibility of his code. If he is using proprietary algorithms then the code cant be trusted anyway, as any algorithm that has not been scrutinized by peer review is assumed flawed and thus scientifically useless.
  The only evidence in this case is a DNA result that was deemed too complex for analysis using any other method. Yet this software gets a hit, but how do we verify the result to ensure that the hit is valid? Well Dr. Perlin us using copyright and a claim that releasing the code will detrimental to his company. Only his laboratory or online can analyze it. But wait the linked article stated that no known method could analyze it? So which is true will an online search revel an algorithm that can analyze it, if so the algorithm is known and he could simply point them in the right direction, which should be disclosed right? Or the software is using an untested and unreviewed algorithm that cant be trusted. An examination in his office is useless, it has to be an unbiased 3rd party review as he is a biased party in this issue.
37. Re:Wrong industry? by climb_no_fear · 2015-10-10 20:20 · Score: 1
  
  Well, I agree that for a conviction that this is probably insufficient alone, especially when you consider that, the other 5 people, even if you know who they are, may refuse to have their entire genome sequenced as a comparator (I would refuse and I studied genetics), so the comparisons are even weaker.
  
  That is why this computer program needs to be examined even more thoroughly than most people realize.
  
  Whether anyone should be put to death on the basis on any evidence, no matter how sound it is, is a question outside the realm of this discussion.
38. Re:Wrong industry? by sjames · 2015-10-10 20:36 · Score: 2
  
  I asked my magic 8ball^w^wScientific testimony device how accurate this thing is and it said "outlook not so good". Naturally, it uses proprietary algothingamajigs so I will not be submitting it to examination.
  But yes, an unproven methodology implemented by unproven software and they want to hang a man's life on it's results.
39. Re:Wrong industry? by sjames · 2015-10-10 20:38 · Score: 1
  
  It's even worse. The methodology that the software might or might not correctly implement is itself unproven.
40. Re:Wrong industry? by climb_no_fear · 2015-10-11 00:31 · Score: 1
  
  You're absolutely correct, for a non-programmer like myself, most of us confuse the algorithm and the code implementing the algorithm and just call them the program (I know that's wrong but it's how I think).
41. Re:Wrong industry? by lsatenstein · 2015-10-11 05:00 · Score: 1
  
  Guess if he didn't want his code audited, this guy shouldn't have marketed his software to this particular industry. Dumbass.
  Moreover, what if his source code was a sham, and in fact, it was a human, looking at the evidence via a microscope or other clairvoyant instrumentation that decides on the life/death of an individual.
  As a minimum, the source code should be shown, should be compiled and tested with the compiled version. Statistical sampling can be prone to definite errors, particularly if the sample sizes analyzed are too small. What were the sample sizes? Under 100, or under 2000? The former would be dangerous and probably in error, while the latter could give a result within tolerance of 1%.
  
  --
  Leslie Satenstein Montreal Quebec Canada
42. Re:Wrong industry? by beastofburdon · 2015-10-15 06:18 · Score: 1
  
  This isn't about copyright, it is a patent in question. Which makes me think a bit. In a patent you have to describe in detail how the device works so that after the patent expires others can easily emulate it. Shouldn't that mean the source code itself is required to be contained in the patent?
43. Re:Wrong industry? by Lord+Bitman · 2015-10-18 21:05 · Score: 1
  
  Exactly this. I'd argue that due to Copyright law's intent of promoting the eventual public domain, anything "secret" is clearly not covered by copyright law.
  
  --
  -- 'The' Lord and Master Bitman On High, Master Of All
Are these the same guys that run VW? by BitZtream · 2015-10-10 02:43 · Score: 1

Seriously at what point is the general public going to stop accepting that bullshit lie?
My cold fusion work only when I run the experiment in my shed with no one watch too ...

--
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
1. Re:Are these the same guys that run VW? by gerddie · 2015-10-10 04:48 · Score: 1
  
  My cold fusion work only when I run the experiment in my shed with no one watch too ...
  Obviously, it's quantum physics, by monitoring the experiment you change the outcome ;)
Reasonable Doubt by Anonymous Coward · 2015-10-10 02:46 · Score: 3, Insightful

From the perspective of the burden of proof placed on the Prosecution, they have to disclose how they arrived at this derived 'evidence' of a match via TrueAllele. Criminal justice can't be served using a "Black-Box" as an input.
Disclose the software and its methods to a legally-sworn-to-secrecy-expert-witness, or toss the evidence as inadmissible.
1. Re:Reasonable Doubt by godrik · 2015-10-10 03:13 · Score: 2
  
  I do not know the US legal system that much. But it seems that if you can not get a court-nominated expert witness to vouch for the result, the evidence should be discarded.
  Now, I would even prefer if an independent lab could reproduce that result.
2. Re:Reasonable Doubt by tomhath · 2015-10-10 03:38 · Score: 1
  
  They already have an expert witness - the author of the program. He is willing to testify how his program reached the conclusion it did. At some point you need to accept whether or not an expert is indeed an expert, otherwise you get into an infinite loop of "my expert needs to verify your expert's expertise"
  In this case the defense is on a fishing trip to find a bug or two in the code, which they will then use to discredit the entire program even if the bug has nothing to do with the conclusion.
  All that said, I agree that the source should be made available.
3. Re:Reasonable Doubt by Maxo-Texas · 2015-10-10 06:47 · Score: 1
  
  His testimony simply saying 'well it works" isn't usable because of his vested interest.
  Unless someone else can duplicate the results, it's not really scientific data and shouldn't be admissible.
  Consider VW diesel engines. You can't trust software unless you can validate it.
  
  --
  She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
4. Re:Reasonable Doubt by NoKaOi · 2015-10-10 09:18 · Score: 1
  
  They already have an expert witness - the author of the program. He is willing to testify how his program reached the conclusion it did. At some point you need to accept whether or not an expert is indeed an expert, otherwise you get into an infinite loop of "my expert needs to verify your expert's expertise"
  Said expert is not impartial, for 2 reasons: 1. It's his company, so he has a major financial stake in testifying that his software is perfect. 2. The prosecution is effectively his customer, and the any good business person know the customer is always right.
  As somebody above stated, if the author of the software wasn't willing to submit to a code review, then he picked the wrong damn market. If your life and freedom were at stake, would you want to take the word of the author of the software, or would you want your own expert reviewing it?
5. Re:Reasonable Doubt by Ungrounded+Lightning · 2015-10-10 12:51 · Score: 1
  
  From the perspective of the burden of proof placed on the Prosecution, they have to disclose how they arrived at this derived 'evidence' of a match via TrueAllele.
  IMHO: Unless there is an issue with whether the database TrueAllele searched was obtained illegally (making any results of searching it for suspects "fruit of the poisoned tree"), they DON'T have to show how the match was found.
  They just have to show that the match IS a match. This can be done with the data involved in the match standing on its own,
  
  --
  Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
6. Re:Reasonable Doubt by sjames · 2015-10-10 19:20 · Score: 1
  
  However, the defense DOES have a right to bring in their own expert witness. That witness has to be allowed to examine all of the evidence and methodology used by the prosecution's expert.
7. Re:Reasonable Doubt by Anonymous Coward · 2015-10-11 05:18 · Score: 0
  
  No I disagree, as the data involved in matching is the result of a highly filtered process. There are many many data point's that don't support a match, as evidenced by the inability to replicate a match via any other method.
  Simply using the matching data allows the filtering assumptions to go unchallenged. Defendant have the right to a thorough cross-examination. The database used, the filtering process are all relevant to the actual likelihood of a match. Defendants have the right to compel testimony and other evidence to be produced if they can show it is relevant. Trade secret, patent, or copyright has no power to override constitution guarantees to due process.
  Prosecutors should not be allowed pseudo-science or selective disclosure of data. In fact, knowing use of either constitute prosecutorial misconduct, and offensive that can result in financial sanctions and or disbarment.
8. Re:Reasonable Doubt by Ungrounded+Lightning · 2015-10-11 16:33 · Score: 1
  
  No I disagree, as the data involved in matching is the result of a highly filtered process. There are many many data point's that don't support a match, as evidenced by the inability to replicate a match via any other method.
  Simply using the matching data allows the filtering assumptions to go unchallenged.
  If what's at issue is whether the tool selected the matches and hid the mismatches, and this can't be determined by comparing the defendant's genome against the tracable raw data that went into building the database, then the defendant's team gets to examine the software or the evidence is out. Agreed.
  Defendant have the right to a thorough cross-examination. The database used, the filtering process are all relevant to the actrual likelihood of a match.
  Here's where we're differing. I am claiming that, once a match is found, the quality of the match can be checked by comparing the raw data of the defendant's sample against the raw data that went into the database that was searched. Even if the data was reduced and encoded in some proprietary way to assist rapid searching and probability estimation by the proprietary tool, the match can be proven - as can the assertion that no exculpatory evidence was withheld - by providing the base data and ANY algorithm that performs the equivalent probability computation in a transparent way. If it gets the same numbers, that part of the issue is proven.
  If there is some question of whether the tool used improperly obtained evidence in deciding to look at this guy's data, that would make its internals relevant. If there is some question that it may have identified other, equally good, matches and these were withheld from the defence, that might make the OPERATION of the tool relevant, without putting the workings of its innards into that category.
  But IANAL. If the court says you're right on this it won't surprise me. (But their reasoning would be interesting.) Also: I won't complain if they kill database-fishing for "a wrong reason". B-)
  Defendants have the right to compel testimony and other evidence to be produced if they can show it is relevant. Trade secret, patent, or copyright has no power to override constitution guarantees to due process.
  Total agreement there.
  Prosecutors should not be allowed pseudo-science or selective disclosure of data. In fact, knowing use of either constitute prosecutorial misconduct, [an offense] that can result in financial sanctions and or disbarment.
  Total agreement there, too. (Also, IMHO: Such sanctions and/or disbarment should be invoked far more often than they are. B-) )
  
  --
  Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Trust us by Anonymous Coward · 2015-10-10 02:47 · Score: 3, Informative

Perhaps it's time for a more open process and open source code backing these types devices before their results are accepted as forensic evidence.
CSI is a lie:
http://www.theatlantic.com/politics/archive/2015/04/csi-is-a-lie/390897/
Crime lab major errors:
http://www.mprnews.org/story/2013/02/14/news/saint-paul-crime-lab-major-errors-found
1. Re:Trust us by aix+tom · 2015-10-10 04:08 · Score: 1
  
  And another example on how "DNA evidence" sometimes isn't:
  https://en.wikipedia.org/wiki/...
2. Re:Trust us by NoKaOi · 2015-10-10 09:21 · Score: 1
  
  Perhaps it's time for a more open process and open source code backing these types devices before their results are accepted as forensic evidence.
  Agreed, and it doesn't even have to be free to be open source. When someone's freedom is at stake, the burden of proof is on the prosecution, which in these cases means the burden of proof is on the software to show that it works. How can they possibly show that it works, beyond a reasonable doubt, without code review?
Thrown it out by Anonymous Coward · 2015-10-10 02:52 · Score: 2, Insightful

Guess if we can't see the code that shows that the DNA sample is valid then thrown out the results, pretty simple.
People need to learn if they are creating software that needs to hold up in court that they can't hide it. Trowing out the evidence would be the first step to make sure no one wants to pay for software that can't be audited in a investigation. Then no one will buy his software anymore and he can be happy that it is still safe from prying eyes.
1. Re:Thrown it out by Anonymous Coward · 2015-10-10 03:07 · Score: 0
  
  My sentiments exactly.
Patented so no reason to keep secret by Eunuchswear · 2015-10-10 03:00 · Score: 5, Funny

If his method is patented he has no need to keep his code secret.
Unless it's shit, of course.

--
Watch this Heartland Institute video
1. Re:Patented so no reason to keep secret by Anonymous Coward · 2015-10-10 03:35 · Score: 0
  
  Or the software does work, except it doesn't work as described in the patent. someone could then patent the method that actually works.
2. Re:Patented so no reason to keep secret by Crowd+Computing · 2015-10-10 03:41 · Score: 1
  
  Forcing the source code to be revealed might set a precedent that could be used against companies like Google or other cloud service providers. While TrueAllelle appears to be a standalone system rather than a cloud service, the company behind it could claim a similar "trade secret" defense against the petition.
3. Re:Patented so no reason to keep secret by OrangeTide · 2015-10-10 04:03 · Score: 2
  
  I see two reasonable options here:
  1. reveal the source code. does this mean the court gets to force a business to reveal it? I don't think that's right.
  2. remove the evidence from the case.
  If TrueAllele sold their software to prosecution or a forensics department and are unwilling to provide source code, then that should be a civil case for misrepresenting their software as appropriate for working with evidence.
  (My statements assume the world is fair and that courts are interested in facts and truth. I realize that the real world doesn't work that way, but I free to press for how things ought to work)
  
  --
  “Common sense is not so common.” — Voltaire
4. Re:Patented so no reason to keep secret by Anonymous Coward · 2015-10-11 05:24 · Score: 0
  
  All software patents are shit, of course. It's all math and algorithms at it's heart and unless you are employing the top 0.5% of CS engineers and mathmaticians you probably haven't developed an application which is truly novel.
Computerized evidence, destructive sampling by silas_moeckel · 2015-10-10 03:00 · Score: 5, Insightful

If your going to use a computer to generate evidence then yes you must allow the defence to look at the technique that means source code. You must never be required to merely observe at somebody else's lab especially when there companys continued business relies on the test succeeding. Realy anything that another lab that is not associated to the first can not do should not be admissible.
This gets even more important when the tests are destructive so it can only be done once. Validating the means used etc etc elsewise it becomes a black box to provide evidence against whoever they want.

--
No sir I dont like it.
1. Re: Computerized evidence, destructive sampling by Anonymous Coward · 2015-10-10 03:51 · Score: 0
  
  Just the fact that independent tests had different outcomes if enough to declare not guilty beyond a reasonable doubt.
  This stinks of the prosecution cherry picking manufactured evidence to get a conviction.
  What a sham legal system.
Curious how it plays out by Anonymous Coward · 2015-10-10 03:00 · Score: 0

I'm interested how this plays out in the judicial system across the Atlantic.
Here we had, at the core, a similar case. We used electronic voting and a group wanted to know how secure the machines were. In the end the judge ordered them release the source code. It's free to download now. Once there is a verdict I'd like to compare the arguments of the judges to get a feel of the difference between Anglo Saxon law and European continental law.
Interim solution by Anonymous Coward · 2015-10-10 03:09 · Score: 1

Have a third party selected by the court audit the code. There are tons of firms which have the expertise to do this, be it any of the big four or even security consultants, and a court selecting one would make it independent from both parties in the case.
Re:Wrong industry? (not a copyright issue) by tkrotchko · 2015-10-10 03:17 · Score: 5, Insightful

As the other poster said, he's not saying it's a patent or copyright issue, he's effectively saying it's a trade secret.
So the issue is really pretty clear isn't it? If he refuses to show his code to an expert witness and explain it, then the evidence can't be used.
We'll see what the judge has to say.

--
You were mistaken. Which is odd, since memory shouldn't be a problem for you
That's a really good link by tkrotchko · 2015-10-10 03:20 · Score: 1

Pretty eye opening. Worth the 5 minutes to scan through it.

--
You were mistaken. Which is odd, since memory shouldn't be a problem for you
What? by HangingChad · 2015-10-10 03:29 · Score: 0

You mean RAND() is not a perfectly valid methodology for determining guilt? Come on, he looks guilty.

--
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Speaking as an IT expert witness of 16 years... by bfwebster · 2015-10-10 03:45 · Score: 5, Interesting

...I think the defense has the better argument. I have used software tools (both third party and ones I have developed personally) to do source code comparisons and analysis, but they only serve to point me to likely areas of investigation; I have never directly reported and relied upon the output from one of my custom tools in my expert reports.
A key aspect of expert testimony is that your analysis should, in theory, be repeatable by any other qualified expert using the same methodology (which needs to be spelled out in your report). If Perlin is relying directly upon his custom program for his conclusions, he needs to thoroughly expose his methodology -- which, in effect, means either allowing his source code to be reviewed or producing a detailed summary of his methodology that would allow someone else to reproduce it. Trying to claim trade secret status (which is what he's doing, in effect) for a expert methodology is an oxymoron.

--
Bruce F. Webster (brucefwebster.com)
If results cannot be reproduced... by OrangeTide · 2015-10-10 03:57 · Score: 3, Insightful

Then it is not science, and it should not be admissible as evidence. It doesn't really matter that it can't be reproduced because the software vendor won't share their techniques as they believe the software to be a trade secret. If it is not possible to confirm results, it's not science! Yes, TrueAllele is a toy and not only am I skeptical of anyone using it as the basis of their scientific research, use of TrueAllele om court ought to throw any conviction into question as well.

--
“Common sense is not so common.” — Voltaire
1. Re:If results cannot be reproduced... by reve_etrange · 2015-10-10 04:48 · Score: 1
  
  Not to mention the sheer audacity of the claim that "[TrueAllele] is the only computer software system of its kind that interprets DNA evidence using a statistical model."
  There's nothing unique or interesting about this guy's software except the specific application.
  
  --
  .: Semper Absurda :.
Sufficiency of Detail: Is the Patent Valid? by ZipK · 2015-10-10 04:50 · Score: 1

Although the technology is patented, the source code itself is not disclosed by any patent and cannot be derived from any publicly disclosed source.
If the patent doesn't disclose the invention in sufficient detail for it to be reproduced by someone skilled in the arts, is the patent valid?
1. Re:Sufficiency of Detail: Is the Patent Valid? by Anonymous Coward · 2015-10-10 05:09 · Score: 0
  
  Theoretically, no. But trivial inventions, mathematical formulas and algorithms aren't supposed to be valid patents either, nevertheless... In the end, the patent is valid if you can hold it an infringement trial, and the only thing necessary for that is a judge willing to do so.
Irrelevant by Anonymous Coward · 2015-10-10 05:09 · Score: 0

It is perfectly reasonable for an expert to suggest he uses proprietary techniques to arrive at an opinion, Courts unlike software types can rely on expert opinions not computer programs so the actual source code is irrelevant. Simple put whether the software is junk or not if an expert witness trestifies he believes its results it up to the judge and jury to access credibility. The prosecution is free to bring experts who can opine that the software has not been independently tested or validated and can not be relied upon without examining the source code. So this is just a typical defense strategy to delay or confuse the issues when you have an obviously guilty party. And I say thats fine.
1. Re:Irrelevant by Anonymous Coward · 2015-10-10 05:35 · Score: 0
  
  You are so very wrong... They aren't simply using the testimony of an expert witness, they are essentially saying: "this is so because I say so", the defense is asking "why do you say so" and the accusation replies: "it's a secret". No expert witness would ever be accepted on that premise, EVER.
  Also, don't rush to conclusion, if all but one software say the DNA doesn't match, chances are the DNA doesn't match. Even though TrueAllele says their software is the only one using a statistical approach that's simply a lie, I'm yet to see a DNA alignment software that doesn't have a statistical nature. And you know what happens with statistical models? Spurious results, that's what happen, and that's why they didn't use only TrueAllele's software, to avoid killing a man because of a statistical anomaly.
Testing by FrozenGeek · 2015-10-10 05:27 · Score: 2

So, if I understand this correctly, his product uses a very different methodology to match DNA samples than do his competitors. In this case, his product gave a completely different result from the results generated by his competitors. Has anyone done an independent, double-blind study comparing the results of his product and those of his competitors? And I'm not talking about a handful of tests. I'm talking about thousands, or tens of thousands, of tests.
I can understand why the manufacturers don't want to do that. It may well show that, oh dear, the best product is wrong 5% of the time (not good). Or that product X is head and shoulders above the rest.
But seriously, what industry-wide testing has been done? We're staking peoples' lives to the efficacy of this technology. How effective is it?

--
linquendum tondere
People's lives by Anonymous Coward · 2015-10-10 05:28 · Score: 0

When you're talking about sending people to prison for the rest of their lives, or establishing family history, etc, you had better be prepared for a software audit. If he wants to stay in the industry, he's going to have to get his code audited.
Melendez-Diaz v. Massachusetts by technosaurus · 2015-10-10 06:07 · Score: 2

This has already been ruled on for traffic cameras. I think that is a pretty good precedent.
Trade Secret, not Copyright by Geoffrey.landis · 2015-10-10 07:07 · Score: 1

Nothing to do with copyright law.
It has everything to do with copyright law. It's what the company is using in order to claim that they have a right to keep information from the court.
No, even if they would show the code, it wouldn't become magically free software or public domain. What they claim here is that they want to keep a trade secret.
Correct. It has nothing to do with copyright law. The intellectual property law here is trade secret law.

--
http://www.geoffreylandis.com
1. Re:Trade Secret, not Copyright by Anonymous Coward · 2015-10-10 07:32 · Score: 0
  
  Software the only industry that covers a single body of work by three IP laws: patent, copyright and trade secret.
  I believe the original intent of each of these laws was that they would mutually exclude each other.
2. Re: Trade Secret, not Copyright by amplesand · 2015-10-10 10:56 · Score: 1
  
  "Software the only industry that covers a single body of work by three IP laws: patent, copyright and trade secret. I believe the original intent of each of these laws was that they would mutually exclude each other."
  
  Why would you believe that?
3. Re: Trade Secret, not Copyright by Type44Q · 2015-10-10 11:22 · Score: 1
  
  Why wouldn't you?!
4. Re: Trade Secret, not Copyright by Strangely+Familiar · 2015-10-10 16:33 · Score: 1
  
  OK, I'll bite. Patent law requires sufficient disclosure for a person skilled in the art to make and use the invention. The general intent of patents was to avoid trade secrets, and having technologies lost when master practitioners died. Trade secrets are destroyed by such disclosure. Patent law is supposed to cover the substance of a disclosure, not the particular disclosure. In other words, you could describe a blue semiconductor laser in any way you want, as long as it was clear to a person skilled in the art, and your intellectual property would be blue semiconductor lasers, not the words describing them. Copyright covers the particular expression, not the underlying substance. Thus, many university professors could all write textbooks about the same blue semiconductor laser, without violating each others' copyright. They couldn't all patent the same blue semiconductor lasers. Also, copyright is at odds with trade secrets in the most basic way. Of course there are exceptions, and software seems to span all three. That's because a set of computer words could be 1) an indecipherable secret code 2) an artistic expression, or 3) a functional part of a machine, such as a read only memory in a CVD chamber which makes blue semiconductor lasers. In the third instance, the CVD chamber could turn out useful blue semiconductor lasers or completely useless silicon junk, simply by changing only the contents of the ROM. So, the software in the ROM might be covered by a patent which describes the steps the software makes the CVD chamber perform. You might not need to see the source code or the compiled code in order to understand the invention. The compiled code could be covered by copyright, and the source code could be covered by trade secret. Notice that these are all different things, yet all aspects of the same thing. 65 is not the same as 01000001 or the letter "A", is it? No, they are three different things, just like patents, copyrights, and trade secrets. Any similarity is all in your head. And BTW, it's not yours, so keep your filthy brain off it.
  
  --
  Join the IParty!
5. Re: Trade Secret, not Copyright by amplesand · 2015-10-10 19:33 · Score: 1
  
  Thanks, I'll just add that the concepts of patent and copyright are both quite old. Patents had been invented in Venice some decades before Columbus discovered the western hemisphere and copyrights in the 17th century. [All information according to The Big W.]
Re:Wrong industry? (not a copyright issue) by mspohr · 2015-10-10 07:46 · Score: 3, Insightful

Essentially this guy is going to jail based on a secret algorithm that can't be verified.
I can't imagine how this could be legal.

--
I don't read your sig. Why are you reading mine?
The main problem is finding a disposable expert. by tlambert · 2015-10-10 08:18 · Score: 3, Interesting

The main problem is finding a disposable expert.
The people who originally clean-roomed the IBM BIOS for Compaq were split into two teams, with a Chinese wall between them: the analysis team, and the implementation team. The analysis team analyzed the IBM BIOS, wrote a specification, and then the implementation team implemented a BIOS to that specification. At which point the analysis team were effectively "burned", as in being forever barred from ever working on an implementation team in the future. They were highly paid for this, but they were disposable.
As with clean-room engineering, this expert would not be permitted to work on any software covered by the trade secret in the future. In an expert witness situation, you might be able to get away with disposing of the expert, if all they did was witnessing, rather than actually coding in the field of expertise themselves. However, how likely is it that you can find someone like that who also qualifies as an expert?
Further complication: Having testified (presumably in favor of the prosecution, in this case), would the expert witness be permitted to testify on similar goal programs in the future, given what the [now] knows about the process and techniques of the one they testify about today? Would exposure to multiple, competing trade secrets, damage their ability to perform an unbiased analysis, given what they knew from earlier experience? In general, I think you [as the defense] could argue that it, in fact, did damage their impartiality in their analysis.
Why review the source? by Anonymous Coward · 2015-10-10 08:43 · Score: 0

One word (well brand): Volkswagen
If software is used to determine the culpability of a person (specially after two other analysis didn't), I think it should be totally scrutinized and reviewed for validity by MULTIPLE third parties. The binaries should then be built in front of an approval team (to avoid fraud by compiling with a different source base) before independently SQT and approved for release.
Not trying to defend criminals. I just think that fair is fair. Unless it is proven beyond reasonable doubt that the software is accurate (to an acceptable degree since nothing is ever perfect), no software or hardware product shouldn't be used in a legal process.
Re:Wrong industry? (not a copyright issue) by almechist · 2015-10-10 09:11 · Score: 4, Insightful

Essentially this guy is going to jail based on a secret algorithm that can't be verified. I can't imagine how this could be legal.
Actually, it's worse than that, he's facing a death sentence. It's inconceivable to me - but, sadly, unsurprising in this day and age - that someone might be legally executed based in part on the results of a proprietary algorithm that the defense is not allowed to examine. I can only hope the judge recognizes the seriousness of the situation. This case definitely bears watching
Usually code is kept secret because it is so bad.. by gweihir · 2015-10-10 09:34 · Score: 2

The typical reason to keep code secret from everybody is because it is of abysmally bad quality or there are other severe problems hidden in there. Reasonable-quality code gets inspected and audited by 3rd parties all the time under NDA. In this particular case, it may also well be that the code does not do what its creator claims and the patent is bogus. If the expert finds this, the code becomes worthless and the creator may even become a target for litigation.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
170,000 lines of code... by tomwrake · 2015-10-10 09:52 · Score: 2

Dr. Perlin created the method, the company and uses the software. There are no articles that independently validate the software. The software is a only one of its kind type item. In this case the artificial patent monopoly may work against Dr. Perlin and his company.
From the article
According to a court filing made by Dr. Perlin in the case, his company, Cybergenetics, “has invested millions of dollars over two decades to develop its TrueAllele system, the company’s flagship product. Although the technology is patented, the source code itself is not disclosed by any patent and cannot be derived from any publicly disclosed source.”
Other points 1) Dr Perlin's software does not have a cited "independent validation study" that is a study without the involvement of Dr Perlin. 2) "TrueAllele, created by Dr. Perlin, "is the only computer software system of its kind that interprets DNA evidence using a statistical model."
Here is the trouble I see, 1) Cybergenetics may have a problem defending it's patent, give that the software cannot be derived from "any publicly disclosed source" does the patent really disclose the real methods or it is likely this is another "software patent" with all the legal problems these currently have at the supreme court. 2) The sofware, Cybergenetics and software validates all seem to be tied to Dr Perlin, if this causes problems in courts Cybergenetics market with law enforcement will evaporate. 3) We know "software engineers" have been publicly accused in the VW matter, could they not do the same for Cybergenetics with out Dr Perlin's knowledge?
Companies vs human beings by Anonymous Coward · 2015-10-10 11:46 · Score: 0

"cause irreparable harm to the company". Yeah, I know corporations are people too, but how about the part were it might "cause irreparable harm" to the defendant?
Re:Wrong industry? (not a copyright issue) by Impy+the+Impiuos+Imp · 2015-10-10 12:08 · Score: 1

Really they should not be relying on him at all to prosecute.
If other analysis systems can't match him well, the defense should be partying and ready to call it a day, regardless of how one particular system responds. That is easily reasonable doubt.

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
That's not the reason. by tlambert · 2015-10-10 12:17 · Score: 1

The typical reason to keep code secret from everybody is because it is of abysmally bad quality or there are other severe problems hidden in there.
That's not the reason.
A lot of code violates copyright, patents, and license agreements like the GPL. You would *not* believe what some of the ATI and nVidia code looks like, and you would *not* believe the number of USB keyboards running firmware that one manufacturer pretty much copied wholesale from another, and you would not believe the number of companies that sell "sanitized" open source software as proprietary code to third parties.
1. Re:That's not the reason. by gweihir · 2015-10-10 12:34 · Score: 1
  
  And code violating copyrights is not a "severe problem hidden in there"? I would think it is.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
2. Re:That's not the reason. by tlambert · 2015-10-10 13:58 · Score: 1
  
  And code violating copyrights is not a "severe problem hidden in there"? I would think it is.
  It's not a "severe problem" for everyone, only for the copyright holder.
  I would only class something as a "severe problem" if it impacted the correct function of the software.
  Legal problems do not impact function.
3. Re:That's not the reason. by gweihir · 2015-10-10 15:32 · Score: 1
  
  You have a problem with language semantics. Obviously, the definition of "severe problem" you use here is something you dreamed up, and incompatible with general use.
  And, incidentally, if discovered, it becomes a severe problem for those that wrote and own the software and possible those that use it. Fro example, it could then become subject to criminal penalties (i.e. personal ones) to continue to use the software.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
4. Re:That's not the reason. by tlambert · 2015-10-10 16:40 · Score: 1
  
  You have a problem with language semantics. Obviously, the definition of "severe problem" you use here is something you dreamed up, and incompatible with general use.
  severe /svir/
  1. harsh; unnecessarily extreme: severe criticism; severe laws.
  2. serious or stern in manner or appearance: a severe face.
  3. grave; critical: a severe illness.
  Yes, copyright laws are indeed severe. However, violation of copyright does not lead to death, like the severe flaws in the Toyota ECM software, so in that sense, unlike a severe illness, a violation of copyright is not severe in the same way the Toyota ECM software or an illness can be considered severe.
  
  And, incidentally, if discovered, it becomes a severe problem for those that wrote and own the software and possible those that use it. Fro example, it could then become subject to criminal penalties (i.e. personal ones) to continue to use the software.
  China regularly ignores patent and copyright law, and if the only way to expose such violations would be to provide source code (it's not: companies are just lazy about reverse engineering to determine copyright violations -- which, since it would not be in the interests of interoperability, would be a DMCA violation -- just like the DMCA violation the CARB and the EPA committed to determine that VW was cheating on the smog tests, in fact), then a company would have to be stupid to ever expose their source code.
  BTW: The only penalties for a Chinese violation of a patent or copyright are ... nothing.
  As for those who use the software: ATI and nVidia have basically agreed to not look inside each other's sausage factories. If you are a user who goes looking and finds something, expect to be sentenced for violating the DMCA, and then expect hate mail from everyone who can no longer use the product, because you've exposed the internals of the sausage factory.
  See also: The recent FTDI serial dongle driver debacle.
5. Re:That's not the reason. by gweihir · 2015-10-13 15:52 · Score: 1
  
  Many words, no relevant content. Misdirection to cover up your display of ignorance would be my guess.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
6. Re:That's not the reason. by Anonymous Coward · 2015-10-14 02:08 · Score: 0
  
  "Yes, copyright laws are indeed severe. However, violation of copyright does not lead to death, like the severe flaws in the Toyota ECM software, so in that sense, unlike a severe illness, a violation of copyright is not severe in the same way the Toyota ECM software or an illness can be considered severe."
  Unless a corporation (which is a person) or an individual getting sued can survive without money, copyright violation may lead to death. The stress of being sued alone kills people.
  "China regularly ignores patent and copyright law"
  Yeah that’s the only place that happens.
  "then a company would have to be stupid to ever expose their source code"
  And a murderer would be stupid to ever expose the murder weapon. So?
  "As for those who use the software: ATI and nVidia have basically agreed to not look inside each other's sausage factories. If you are a user who goes looking and finds something, expect to be sentenced for violating the DMCA"
  Most of ATI:s code are now in the open source drivers. Why would you be sentenced for violating the DMCA by looking around in that code?
Not true. by Ungrounded+Lightning · 2015-10-10 12:42 · Score: 1

If he refuses to show his code to an expert witness and explain it, then the evidence can't be used.
Not true...
As I understand it, he should be able to get his program (or a modification of it) to produce as an output:
- The computation of the probabilities
- The data used to compute them, with annotation giving a trace back to its source.
- The assumptions behind the computation.
The issue of HOW IT IDENTIFIED this individual is separate from WHAT IT IDENTIFIED ABOUT HIM. The former is the "secret sauce" and would not be revealed. The latter is the evidence and can stand on its own. Further, it MUST be able to stand on its own - because if it can't, it's inadequate.
Now if part of his "expert testimony" is that his program did NOT find any other people who 'matched' and this is somehow relevant, THEN how it goes about doing the matching also becomes relevant and he's hosed.
Of course the defence is going to do their darndest to monkeywrench the prosecution, and threatening the tool builder with disclosure of his trade secrets is a good move tactically. It's up to the judge (and possibly the appeals judge) to call them on it if it's just an irrelevant thrash.
(I say this all as someone who personally believes that DNA evidence should only be used for defence, not prosecution, in criminal trials, because non-match is definitive while "match" is a difficult probability estimate based on assumptions about genetics, gene distribution, gene correlation, and on some very difficult to grasp probability computations. Hunting for matches in databases is, IMHO, subject to false positives and overestimation of the improbability of the match being false, based on underestimation of correlation and the genetic and familial mechanisms that might promote it.)

--
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
1. Re:Not true. by sjames · 2015-10-10 18:48 · Score: 3, Insightful
  
  Honestly, the 50,000 foot view of the methodology sounds a bit dodgy to me. I would like to know what peer reviewed experiments have demonstrated that the methodologies in use can identify a single person out of a mix of DNA that actually owned the item. Were they replicated? Then there is a need to show that the software actually performed that methodology without error. Perhaps the prosecution would care to have a third party run the methodology by hand in a blind test?
  If those 2 sticking points cannot be satisfied, then the "evidence" is bunk.
2. Re:Not true. by Agripa · 2015-10-14 08:23 · Score: 1
  
  Of course the defence is going to do their darndest to monkeywrench the prosecution, and threatening the tool builder with disclosure of his trade secrets is a good move tactically. It's up to the judge (and possibly the appeals judge) to call them on it if it's just an irrelevant thrash.
  As if the prosecution did not pick or encourage a testing method which would prevent cross examination.
Test Results by Anonymous Coward · 2015-10-10 14:04 · Score: 0

Surely the starting point would be the Unit Tests and System Test results of the code - not reading 170k lines of code. The test results for Acceptance Tests could then be compared to the programs current fucntion and cross checked with other similar programs and test data.
Re:Wrong industry? (not a copyright issue) by Strangely+Familiar · 2015-10-10 16:49 · Score: 1

It seems like the software is accusing the defendant, and the defendant should have the right to face and question his accuser, which would mean reading the source code.

--
Join the IParty!
Problems by Anonymous Coward · 2015-10-10 20:03 · Score: 0

... can single out individuals in a complex DNA mixture ...

Where's the test data that demonstrates this? Is it real-world data or a test suite?

... the technology is patented ...

Has the defense team implemented the algorithm themselves and received the same results?

... using a statistical model ...

Evidence samples with a match of 0.5% have been used in court as proof by not telling the jury about the large number of mismatches. What p-values were used to identify a match?

...can single out individuals ...

30 years ago, Reader's Digest, of all journals, wrote how easily DNA evidence can be planted or damaged. Knowing person X visited location Y in the last 30 days may not prove anything, when 10 other people had opportunity too.
Tests rather than source code by meteormarc · 2015-10-10 20:50 · Score: 1

Rather than providing source code, you would want this kind of software certified. So, construct some tests with a number of samples and a number of reference samples and check whether the software can find one or more "golden eggs", that is a priori known matches. Also, do it double blind, etc.
I smell fish by Anonymous Coward · 2015-10-11 01:24 · Score: 0

I think,
You should have the right to cross examine the witness against you in open court.
The witness should have to explain the tests that he used to reach his conclusion.
He should not have to provide the tools to reproduce those tests.
It seems to me the defense should want to use their own tools to cross check the prosecution's tests.
(Unless this costs too much to make it possible to mount a defense?)
The question is how well should he have to explain his tests and methods?
It seems to me the bar should be in sufficient clarity so the defense can understand and reproduce the results.
In this case, the prosecution witness says he did this, and the defense witness says he needs more.
If he defense expert can clearly explain what he plans to do and why he needs more, then he should be able to convince the judge of jury.
In a complicated statistical search for an answer, he should need at least the search algorithm, matching criteria, source data, and results (both matches and near misses).
I'm not sure if the expert should have to provide the code to do the search, or if the defense should have to do their own legwork.
Seems like asking for the source, may be more a fishing expedition.
What about source code for breathalysers? by Anonymous Coward · 2015-10-11 01:26 · Score: 0

BAC can only be measured by a blood sample, and even then, different people have different tolerance to alcohol.
A long time drinker will have a much stronger tolerance to alcohol than let's say a 16-year old.
I know that even at .21 I can still walk, talk and function properly, someone else at .15 will be kissing the sidewalk and be barely able to breathe.
And Breathalysers aren't measuring BAC. They make an assumption of BAC based on what's in the breath. What about ashtma? what about somoene who smokes?
Re:Usually code is kept secret because it is so ba by Anonymous Coward · 2015-10-11 03:24 · Score: 0

... or because it violates the GPL. :-D