The question is whether or not we invented it. We did.
the case doesn't matter.
man do you have serious problems following a conversation or what. Magic Spam Elixer my ass, I wonder why everybodies stealing the idea. Including C-Net. The origin of this entire conversation.
The patent is solid, how it holds up against similar ideas is not. It may have a broad definition and be intended to protect something fairly specific accurately. Where that definition crosses over to include other inventions the uniqueness of each idea must be contested. My patent on our system (for example) might mention that we use a web site and graphical display of text for our challenge.
That relates directly to other systems in use before us, which worked for authenticating on web based systems. If we were granted a patent it doesn't mean they wouldn't be as well for their own system even though we have some broad definitions listed.
The fact of the matter is our [example] patent is meant to protect a very specific system, and contains a group of different factors that must all be in play to be called "our specific system".
There's some very egotistical posters in this forum going on and on about prior patents and claims (aside from yourself). Hey, I'm open to discussion and arguments but the fact of the matter is it isn't going to be patented. If it were to be patented, yes, I'm sure other people would want to contest it and claim we're infringing on parts of their patents - that is the process for *all* patents. I believe we have a good case, and I'm just outlining why that is.
Also, we had a patent lawyer and an unrelated copyright and patent agent that both specialized in this area and believed we had a good case, even after researching it extensively. I know that our competitors have based their system on the original white paper I wrote and published, or on our later release of the actual system.
I also know that while similar systems may have been in place prior to ours, ours is very specifically unique and for that uniqueness at least, we could easily argue a case for a patent. However, as I said - we don't have the money, and we don't believe in the patent process.
We don't like competition, especially not growing competition, or very competition with very large backing. But we are ok with competition. We just want fair and accurate media coverage.
If the patent is broad, it might have been approved but it can still be contested. I'm sure there's patents out there for the wheel (oh wait, there is). but they're not going to hold up against a very specific, isolated idea. Or if they do, it doesn't matter much anyways ; since we invented the system and aren't seeking a patent.
I might patent the numbers 1 and 0 though, that'll be broad enough for me to claim I own everything.
A patent is $8000USD, our total 1 year budget for marketing. Once the patent is filed and potentially accepted, court case costs to actually enforce it are astronomically higher - especially when going up against Microsoft, CNET or other companies which have a lot of backing.
When a patent is not enforced it is lost.
Also, patents stifle innovation in software development. As much as the online activist hates patents, they always recommend them when you're not doing so well.
I'm sorry our moral reasoning coincides with the morals of activist internetters ; but as I said, I'm not complaining about competition, I'm complaining about media coverage.
i also like being challenged to prove that we did in fact invent our authentication system - it gives me a chance to prove unequivically that we have. As I did.
Yes, if you're waiting for an important email with Spam Interceptor you can check your mail cache and manually add the person either before or after you receive the email. Since HR firms always send from the same email address, future correspondence isn't a problem.
Server-Client based systems ensure spammers don't know which email address is valid. The subject line is included in the email, but with minor changes so an automated strstr isn't going to find it.
Spammers do not forge legitimate email address as the sender, a very high percentage of spam emails use email addresses with no MX record attached or an MX record set to localhost (ie. doesn't exist).
The other ones use random addresses, so unless you're askdhjf@asdf.com I doubt you're going to get little micro spams. If you do, you'll receive a total of maybe.... 1.
"Every time you receive an e-mail, mapSoN will look-up the sender's e-mail address in a small database file and check whether that address is in there. If it is, the mail is delivered to your mailbox, but if it is not, the e-mail will be stored in a spool directory in your home, using a cryptographic cookie as the filename. Then mapSoN will send a so called request for confirmation to the sender's address, asking him to please confirm his addresses validity by replying and sending the cryptograpic cookie back. When mapSoN receives a mail with such a cookie in it, it will move the corresponding mail from the spool directory to your mailbox and add the sender's address in the mail to the database.
This approach is based on the fact that spammers usually fake the sender address of the spam mail. (In fact, they have to, because sending unsolicited advertisement via e-mail is illegal in most countries.) But because their sender address is invalid, they will never see the request for confirmation, they will never reply, and their spam will sit in that spool file until hell freezes over or an apropriate cron job deletes it. Using this heuristic, mapSoN catches way above 95% of all spam mail I receive."
This is not our system. Our system does not use cryptographic cookies, and our system does not stop more than 95% of spam. It stops 100% of spam.
I read the site fine, I just forgot to mention you're not even close.
Our white paper on the system was published in November of 2001. A challenge-response based system has existed for longer on web sites to prevent automated submissions.
To offer the system for email requires a more advanced server-client architecture, overcoming challenges such as "what if both systems require authentication" to ensure that Spam still can not get through a 'hole' for this scenario, and finally: The actual challenge-response is being done wrong by almost all of our competitors. A simple dictionary attack could authenticate a spammer for their entire user list.
We're the longest running email-authentication project (obviously, since we did invent it) and we have a very large list of improvements planned for the system. I suspect these other companies, which publicly lie about trade mark, patent and copyrights to the system (that have never been registered) will take our new ideas and claim to own them as well.
I've spent enough time distributing marketing material to every computing news source you could imagine.
Our web site talks about the advantages of our product. My point isn't why our software and service is better, CNET hasn't even begun to offer their service - so an argument over why ours is better wouldn't really make sense.
My problem is media coverage of the big name software companies. Maybe you haven't tried to make a software project fly on your own with a tiny budget, an incredible idea and rock solid code.
It really pains me to see the amount of competition *and* press coverage our competitors are getting.
We invented this system for authenticating email, and we've had a product on the market for 2 years now making use of it.
We have the most affordable service available still. It's one thing for competitors to realize our idea is the solution - it's another thing for the media to ignore the origins of the system completely.
This report is great, but it doesn't mention email authentication systems like spam interceptor. It's an absolute shame that the media overlooks this new technology consistantly. I know a lot of SI users have even tried getting stories posted on slashdot but it doesn't happen because it's not an open source project. Yet microsoft gets a lot of press attention everywhere and they suck. I guess you have to be extremely good or extremely bad to get noticed.
The pdf is also mirrored at si20, you can get it from the home page on bottom right.
Thank You implies we should be thanking the RIAA for something, doesn't it?
Oh yeah, thanks for suing us for not breaking the law and increasing your sales. Thanks for adding bad copy protection to CDs we purchase for way too much and own. Thanks for having no other recourse. Please use my computer to make more money.
That's horrible, I can only imagine what the Rayliens multi-coloured hair scientist with no credentials has managed to do to those poor, anonymous human clones.
I'm a bit of a self-proclaimed expert in this area ; my software company developed 'Spam Interceptor' and in the initial stages of development almost all of our time was spent doing research on how email addresses are collected. We looked at MonsterHut's collection practices (Having known the former CEO) and moved on from their.
For the most part, I believe Business addresses are easier and more 'enticing' to collect. Every individual has different browsing habits, but for the most part - businesses in particular sectors tend to list themselves in very specific databases, are more likely to have the receptionist or researcher that signs up for mailing lists, and business domains are easier to identify. Some spiders look specifically for "INC." in the whois database - just as google does.
With the companies I am personally involved with, we do not receive Nigerian Scam Emails until we are listed in a business directory - but how can you avoid the publicity business directories offer? It's not easy. Online businesses start receiving resumes around the same time. We received resumes before our home page was complete - people didn't even know what we did as a company, and that's the only way we knew they hadn't, "Been following the progress of our company for some time and [felt] very enthusiastic about working for us". I mean, these are just job-seekers with an automated resume distribution. Imagine if they made money simply by finding us.
I don't want to get into too many details on business address collection techniques - let the spammers brainstorm them all over again. But I am certain the very fact that a business is a business - makes them more enticing to a wider range of higher-priced products and services. The collection of addresses, no matter the problems will be overcome, and in my experience have been overcome.
I rely on Internet Marketing for my business, and the idea that formatting content to suit your own whim is wrong - is absolutely rediculous.
This is like the quote about a month ago saying that ignoring commercials is also theft and violates a consumers obligation to watch advertising.
If they don't want you to watch it, they can just put up a friendly message. "Watch our ads or don't read our content".
Of course nobody would do that, or they'd seem pretty stupid and lose customers left right and center.... If they won't be upfront about their expectations for viewers of thier web site, then I'll go ahead and keep blocking the crap I don't want to see.
I personally have gone through a Jornada and a Palm IIIe w/ a lot of reason to schedule tasks and use utilities. I found the palm was useful when working on a team where exchanging information such as server passwords, subnet addresses, cd keys etc. was necessary to do quickly. Other than that, both PDAs took so much time to configure, often crashed and were so incompatible with the software and formats I usually work with - I just stopped using them.
I've never posted this on slashdot in related articles, because so many tech. zealots go crazy when you say great new technology is actually inefficient - but it's the absolute truth.
I even know software developers that coded a lot of utilities to make their palm databases sync properly with authority databases and even wrote their own utilities for various markets. Even with thier abilities and the amount of time they spent developing for the Palm to save time -- the ultimately gave up on using it.
I remember pulling my IIIe out in my engineering class and my teacher said, "Oh, I see somebody has a lot of money". That pretty much sums up the reasoning for most peoples tech. purchases.
This sounds absolutely horrible! I can't count the number of times I've wanted a chicken & rice recipe recited to me while shopping, or wondered if one price was lower than another even though I was looking right at the prices.
Oh wait, yes I can - zero.
Hmm... strange it never caught on even though it's an old idea.
Wow, finally somebody whose not afraid to go and shoot government officials.
I'm pretty sure your gun only contributes to crime as the statistics prove. The only people that are afraid of gun-toting americans are the ones that want real change and go against the status quo. Kennedy, John Lennon, Larry Flynt.
Slashdot Mirror
The question is whether or not we invented it.
We did.
the case doesn't matter.
man do you have serious problems following a conversation or what. Magic Spam Elixer my ass, I wonder why everybodies stealing the idea. Including C-Net. The origin of this entire conversation.
Moron.
The patent is solid, how it holds up against similar ideas is not. It may have a broad definition and be intended to protect something fairly specific accurately. Where that definition crosses over to include other inventions the uniqueness of each idea must be contested. My patent on our system (for example) might mention that we use a web site and graphical display of text for our challenge.
That relates directly to other systems in use before us, which worked for authenticating on web based systems. If we were granted a patent it doesn't mean they wouldn't be as well for their own system even though we have some broad definitions listed.
The fact of the matter is our [example] patent is meant to protect a very specific system, and contains a group of different factors that must all be in play to be called "our specific system".
There's some very egotistical posters in this forum going on and on about prior patents and claims (aside from yourself). Hey, I'm open to discussion and arguments but the fact of the matter is it isn't going to be patented. If it were to be patented, yes, I'm sure other people would want to contest it and claim we're infringing on parts of their patents - that is the process for *all* patents. I believe we have a good case, and I'm just outlining why that is.
Also, we had a patent lawyer and an unrelated copyright and patent agent that both specialized in this area and believed we had a good case, even after researching it extensively. I know that our competitors have based their system on the original white paper I wrote and published, or on our later release of the actual system.
I also know that while similar systems may have been in place prior to ours, ours is very specifically unique and for that uniqueness at least, we could easily argue a case for a patent. However, as I said - we don't have the money, and we don't believe in the patent process.
We don't like competition, especially not growing competition, or very competition with very large backing. But we are ok with competition. We just want fair and accurate media coverage.
Regards,
--Doug Styles
If the patent is broad, it might have been approved but it can still be contested. I'm sure there's patents out there for the wheel (oh wait, there is). but they're not going to hold up against a very specific, isolated idea. Or if they do, it doesn't matter much anyways ; since we invented the system and aren't seeking a patent.
I might patent the numbers 1 and 0 though, that'll be broad enough for me to claim I own everything.
Regards,
--Doug Styles.
Do you mean P3P as specified by the W3C? P3P the web based, not email based, not related system?
The not server-client based, not related to email, not even mentioning graphical/text challenge-response based systems?
I hope you don't mean that one.
Translation:
A patent is $8000USD, our total 1 year budget for marketing. Once the patent is filed and potentially accepted, court case costs to actually enforce it are astronomically higher - especially when going up against Microsoft, CNET or other companies which have a lot of backing.
When a patent is not enforced it is lost.
Also, patents stifle innovation in software development. As much as the online activist hates patents, they always recommend them when you're not doing so well.
I'm sorry our moral reasoning coincides with the morals of activist internetters ; but as I said, I'm not complaining about competition, I'm complaining about media coverage.
i also like being challenged to prove that we did in fact invent our authentication system - it gives me a chance to prove unequivically that we have. As I did.
Regards,
-Doug.
We've decided not to patent the idea, for moral and financial reasons. We believe the system would do better on its own.
Also, as one of our users posted - there are 3 fairly good reasons why these systems are entirely different.
server-client architecture
graphical-text challenge / response vs. file attachment (latter being easy to circumvent)
accuracy rate. 100% vs. 95%
Plus:
Handling of lists through GUI
Windows Architecture
blah blah blah.
All points our original patent lawyer found relevant enought to take our case ; until we decided against a patent.
Regards,
-Doug
Yes, if you're waiting for an important email with Spam Interceptor you can check your mail cache and manually add the person either before or after you receive the email. Since HR firms always send from the same email address, future correspondence isn't a problem.
Server-Client based systems ensure spammers don't know which email address is valid. The subject line is included in the email, but with minor changes so an automated strstr isn't going to find it.
Spammers do not forge legitimate email address as the sender, a very high percentage of spam emails use email addresses with no MX record attached or an MX record set to localhost (ie. doesn't exist).
The other ones use random addresses, so unless you're askdhjf@asdf.com I doubt you're going to get little micro spams. If you do, you'll receive a total of maybe.... 1.
Regards,
-Doug Styles
From the Mapson web site.
"Every time you receive an e-mail, mapSoN will look-up the sender's e-mail address in a small database file and check whether that address is in there. If it is, the mail is delivered to your mailbox, but if it is not, the e-mail will be stored in a spool directory in your home, using a cryptographic cookie as the filename. Then mapSoN will send a so called request for confirmation to the sender's address, asking him to please confirm his addresses validity by replying and sending the cryptograpic cookie back. When mapSoN receives a mail with such a cookie in it, it will move the corresponding mail from the spool directory to your mailbox and add the sender's address in the mail to the database.
This approach is based on the fact that spammers usually fake the sender address of the spam mail. (In fact, they have to, because sending unsolicited advertisement via e-mail is illegal in most countries.) But because their sender address is invalid, they will never see the request for confirmation, they will never reply, and their spam will sit in that spool file until hell freezes over or an apropriate cron job deletes it. Using this heuristic, mapSoN catches way above 95% of all spam mail I receive."
This is not our system. Our system does not use cryptographic cookies, and our system does not stop more than 95% of spam. It stops 100% of spam.
I read the site fine, I just forgot to mention you're not even close.
Our white paper on the system was published in November of 2001. A challenge-response based system has existed for longer on web sites to prevent automated submissions.
To offer the system for email requires a more advanced server-client architecture, overcoming challenges such as "what if both systems require authentication" to ensure that Spam still can not get through a 'hole' for this scenario, and finally: The actual challenge-response is being done wrong by almost all of our competitors. A simple dictionary attack could authenticate a spammer for their entire user list.
We're the longest running email-authentication project (obviously, since we did invent it) and we have a very large list of improvements planned for the system. I suspect these other companies, which publicly lie about trade mark, patent and copyrights to the system (that have never been registered) will take our new ideas and claim to own them as well.
Only time will tell.
I've spent enough time distributing marketing material to every computing news source you could imagine.
Our web site talks about the advantages of our product. My point isn't why our software and service is better, CNET hasn't even begun to offer their service - so an argument over why ours is better wouldn't really make sense.
My problem is media coverage of the big name software companies. Maybe you haven't tried to make a software project fly on your own with a tiny budget, an incredible idea and rock solid code.
Let me tell you, it's hard.
It really pains me to see the amount of competition *and* press coverage our competitors are getting.
We invented this system for authenticating email, and we've had a product on the market for 2 years now making use of it.
We have the most affordable service available still. It's one thing for competitors to realize our idea is the solution - it's another thing for the media to ignore the origins of the system completely.
I do something similar to Spammers that have a contact form on their web site.
Proof of concept code contained within.
This report is great, but it doesn't mention email authentication systems like spam interceptor. It's an absolute shame that the media overlooks this new technology consistantly. I know a lot of SI users have even tried getting stories posted on slashdot but it doesn't happen because it's not an open source project. Yet microsoft gets a lot of press attention everywhere and they suck. I guess you have to be extremely good or extremely bad to get noticed.
The pdf is also mirrored at si20, you can get it from the home page on bottom right.
"Laptops aren't truly portable until you can stand to sit with one on your lap for more than 30 minutes."
I can't take a laptop anywhere because it gets a little warm? What about putting it on a table?
You can find a mirror of the paper here.
www.si20.com/nmap.php
Thank You implies we should be thanking the RIAA for something, doesn't it?
Oh yeah, thanks for suing us for not breaking the law and increasing your sales.
Thanks for adding bad copy protection to CDs we purchase for way too much and own.
Thanks for having no other recourse.
Please use my computer to make more money.
Please and Thank You.
That's horrible, I can only imagine what the Rayliens multi-coloured hair scientist with no credentials has managed to do to those poor, anonymous human clones.
--Doug
Or you could just have an authentication system implemented systematically as part of the protocol, such as with Spam Interceptor.
"I guess in the end we'll just ask one another, "Would you like fries with that?"
You don't think a robot can do that?
I'm a bit of a self-proclaimed expert in this area ; my software company developed 'Spam Interceptor' and in the initial stages of development almost all of our time was spent doing research on how email addresses are collected. We looked at MonsterHut's collection practices (Having known the former CEO) and moved on from their.
For the most part, I believe Business addresses are easier and more 'enticing' to collect. Every individual has different browsing habits, but for the most part - businesses in particular sectors tend to list themselves in very specific databases, are more likely to have the receptionist or researcher that signs up for mailing lists, and business domains are easier to identify. Some spiders look specifically for "INC." in the whois database - just as google does.
With the companies I am personally involved with, we do not receive Nigerian Scam Emails until we are listed in a business directory - but how can you avoid the publicity business directories offer? It's not easy. Online businesses start receiving resumes around the same time. We received resumes before our home page was complete - people didn't even know what we did as a company, and that's the only way we knew they hadn't, "Been following the progress of our company for some time and [felt] very enthusiastic about working for us". I mean, these are just job-seekers with an automated resume distribution. Imagine if they made money simply by finding us.
I don't want to get into too many details on business address collection techniques - let the spammers brainstorm them all over again. But I am certain the very fact that a business is a business - makes them more enticing to a wider range of higher-priced products and services. The collection of addresses, no matter the problems will be overcome, and in my experience have been overcome.
I think this response is a good example ; The only place an educated, experienced opinion could be called NarrowMinded is slashdot.
I rely on Internet Marketing for my business, and the idea that formatting content to suit your own whim is wrong - is absolutely rediculous.
This is like the quote about a month ago saying that ignoring commercials is also theft and violates a consumers obligation to watch advertising.
If they don't want you to watch it, they can just put up a friendly message. "Watch our ads or don't read our content".
Of course nobody would do that, or they'd seem pretty stupid and lose customers left right and center.... If they won't be upfront about their expectations for viewers of thier web site, then I'll go ahead and keep blocking the crap I don't want to see.
I personally have gone through a Jornada and a Palm IIIe w/ a lot of reason to schedule tasks and use utilities. I found the palm was useful when working on a team where exchanging information such as server passwords, subnet addresses, cd keys etc. was necessary to do quickly. Other than that, both PDAs took so much time to configure, often crashed and were so incompatible with the software and formats I usually work with - I just stopped using them.
I've never posted this on slashdot in related articles, because so many tech. zealots go crazy when you say great new technology is actually inefficient - but it's the absolute truth.
I even know software developers that coded a lot of utilities to make their palm databases sync properly with authority databases and even wrote their own utilities for various markets. Even with thier abilities and the amount of time they spent developing for the Palm to save time -- the ultimately gave up on using it.
I remember pulling my IIIe out in my engineering class and my teacher said, "Oh, I see somebody has a lot of money". That pretty much sums up the reasoning for most peoples tech. purchases.
Just my two cents,
This sounds absolutely horrible! I can't count the number of times I've wanted a chicken & rice recipe recited to me while shopping, or wondered if one price was lower than another even though I was looking right at the prices.
Oh wait, yes I can - zero.
Hmm... strange it never caught on even though it's an old idea.
Wow, finally somebody whose not afraid to go and shoot government officials.
I'm pretty sure your gun only contributes to crime as the statistics prove. The only people that are afraid of gun-toting americans are the ones that want real change and go against the status quo. Kennedy, John Lennon, Larry Flynt.
Go fight a tax hike with some guns, terrorist.