Showing headlines posted by BernardSwiss

The impact of the Supreme Court's ruling in Alice v. CLS Bank continues to reverberate around the industry. We've already noted that courts have been rapidly invalidating a bunch of patents, and that related lawsuits appear to be dropping rapidly as well. And, now, a new analysis from a (pro-patent) law firm suggests that the US Patent Office is rejecting a lot more software patents as well.

It's been nearly one year since Rockstar Consortium, a patent holding company owned in part by Microsoft and Apple, launched a major patent assault against Google. Now, the issue of where the case will be heard has finally been resolved—in Google's favor.

Google took the case to the nation's top patent court to get it out of East Texas and back to its home state, California. The matter of venue isn't a mere sideline skirmish.

A class of coding vulnerabilities could allow attackers to fool Windows system administrators into running malicious code because of a simple omission: quotation marks.

The attack relies on scripts or batch files that use the command-line interface, or "shell," on a Windows system but contain a simple coding error—allowing untrusted input to be run as a command. In the current incarnation of the exploit, an attacker appends a valid command onto the end of the name of a directory using the ampersand character. A script with the coding error then reads the input and executes the command with administrator rights.

Adobe’s Digital Editions e-book and PDF reader—an application used by thousands of libraries to give patrons access to electronic lending libraries—actively logs and reports every document readers add to their local “library” along with what users do with those files. Even worse, the logs are transmitted over the Internet in the clear, allowing anyone who can monitor network traffic (such as the National Security Agency, Internet service providers and cable companies, or others sharing a public Wi-Fi network) to follow along over readers’ shoulders.

The drop comes shortly after new patent rules came down from the Supreme Court. Most notably, the Alice v. CLS Bank decision made it clear that courts shouldn't accept "do it on a computer"-type patents as valid. That's resulted in nearly a dozen patents being tossed out in a short period of time, and some patent trolls with dubious patents aren't bothering to fight it out anymore.

Google is asking the US Supreme Court to reverse an appeals court ruling that said Oracle's Java API's were protected by copyright.

Google told the justices in a petition this week that assigning copyright to the code—the Application Programming Interfaces that enable programs to talk to one another—sets a dangerous precedent.

Hey! You there! You've got it pretty good, you know that? While you're sitting there using your Internet-enabled device to read about some other Internet-enabled device, it's easy to forget that the majority of people doesn't have any access to the Internet at all. The "World Wide" Web is actually not that worldwide—only about one-third of the population is online. That's 4.8 billion people out there with no way to get to the Internet...

Fair warning: we're going to talk frankly and honestly about the Cloud FX, and it's not going to be pretty. As we journey into the world of sub-$50 smartphones, leave all worries about performance, user experience, and any kind of pleasantness behind you. While $35 doesn't buy you a lot, perhaps we're past the stage of "does it work well?" The question for a device like Cloud FX may simply be "does it work at all?"

Via Sarah Burstein and the Design Law Blog, we discovered that just this week the US Patent Office granted a design patent... on a toothpick:

Microsoft sued Samsung in August, alleging that the Korean firm had failed to make payments that were contractually owed. At the time, the documents were sealed, obscuring the value of the payments. Today, those documents were unsealed, revealing the full scale of the suit.

Apple will soon have to face a trial over accusations it used digital rights management, or DRM, to unlawfully maintain a lead in the iPod market, a federal judge has ruled. The plaintiffs' lawyers, representing a class of consumers who bought iPods between 2006 and 2009, are asking for $350 million.

A report from The Information (subscription required) claims that Google tried to buy Cyanogen, Inc, the maker of the custom Android ROM CyanogenMod. According to the report, Cyanogen's chief executive told shareholders that Sundar Pichai, the head of Chrome and Android at Google, met with the company and "expressed interest in acquiring the firm." The report says Cyanogen Inc. declined the offer, saying that it was still growing.

This summer, the Supreme Court made it easier for defendants to collect fees when they win patent cases. The decision is starting to have an effect—the nation's largest patent troll just got slapped with an order to pay $1.4 million in attorneys' fees to NetApp, which it sued in 2010.

The basic idea behind Blue Spike's patents is creating a digital fingerprint (which the patents refer to as an "abstract") of a file that allows it to be compared to other files (e.g. comparing audio files to see if they are the same song). In very general terms, the patents describe creating a "reference generator," an "object locator," a "feature selector," a "comparing device," and a "recorder." You will be amazed to learn that these five elements "may be implemented with software." That task, however, is left for the reader.

Even worse, Blue Spike has refused to define the key term in its patents...

https://www.techdirt.com/articles/20140930/15464228683/seria...

Amazon has started warning customers of its EC2 cloud computing platform that it's going to start rebooting their instances en masse over the next few days.

After the discovery that a patch designed to repair the “Shellshock” vulnerability in the GNU Bourne Again Shell (bash) still allowed for an attacker to execute commands on a remote system, Red Hat, Ubuntu, and other Linux distribution providers have pushed out a second fix to the vulnerability. At the same time, security researchers and service providers have detected a surge in scans for systems with the vulnerability, as would-be attackers seek to take advantage of the bug.

Over the last few years it's been great to see companies like Newegg and Rackspace decide that they're not going to give in to bogus patent troll lawsuits. As we've discussed, it's almost always easier, faster and cheaper to just settle and pay up whatever the troll is asking for. That's part of why trolling works. Fighting a patent lawsuit -- even a totally bogus one (i.e., not infrigning) -- on a clearly invalid patent will still cost many hundreds of thousands, if not millions, of dollars. If the troll is offering to settle for tens of thousands of dollars, many, many companies will do the obvious short-term cost-benefit analysis and settle.

https://www.techdirt.com/articles/20140924/17150628629/racks...

The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed "Shellshock," may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet "worm" to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system.

We just wrote about an audio equipment manufacturer trying to argue that it was criminal for someone to resell their products. While this was obviously crazy, never underestimate the lengths that some companies will go through these days to try to block people from selling products they (thought they had) legally bought. And guess what tool they're using to block you from actually owning the products you bought? Why copyright, of course. It's yet another example of how copyright is often used to block property rights rather than to create them.

The creator of the World Wide Web, Tim Berners-Lee, has now spoken out strongly in favor of net neutrality in an interview with the Washington Post. The headline and much of the attention are going to his quip that what the big broadband providers are doing is a form of "bribery" in trying to set up toll booths to reach their users. And that is, indeed, the money quote, but it's not the most interesting part of what he's really saying.

A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks.