Driving a Stake In A Blood Sucking Software Patent
The anti-thesis of open source, software patents stifle innovation. Here is one blood sucker that may be on its last legs
By Alan Shimel on Thu, 06/03/10 - 12:18am.
Few topics can illicit a more guttural response from an open source advocate than the topic of software patents. In many respects they are the very anti-thesis of open source. In security there has been one particularly irksome patent that has bedeviled the industry for years and probably held back innovation and progress in gateway anti-virus technology. Now after all these years, as many have claimed in the past, the patent is on the verge of being over turned as invalid. The best news is that it very well may have been the open source community that showed it as invalid!
I actually began following this story about 2 years ago on my ashimmy.com blog. You can read my original posts on this here and here. The patent in question was originally filed by Trend Micro back in 1995. Called the '600 patent, Trend has used it as a blunt instrument against anyone who tried to implement gateway anti-virus. That's right anyone who tried to implement an anti-virus solution at the gateway to your network or mail server was hauled in by Trend.
While many thought the patent invalid, it is a very expensive process to have a patent declared invalid. So companies like Symantec, McAfee, Fortinet, Panda among others have all paid Trend blood money over the years.
But the money Trend made on this questionable patent over the years is only part of the story. How many new innovations, new companies, new ways of protecting our computers from malware never saw the light of day because of this patent. That is the hidden, but real cost of software patents. They stifle innovation.
The tide turned against the 600 patent though in 2008. Trend thought they had found their next blood donor. They were all set to suck some money out of Barracuda Networks. Barracuda was using the open source Clam AV in their gateway security appliance. Trend claimed the open source Clam was in violation of the 600 patent when deployed at a network gateway. While Clam itself may not have had any money (in fact they had been bought by Sourcefire, so they probably did), but Barracuda did.
Trend even went one step further. Rather than just sue Barracuda in the US Courts, they also filed suit with the International Trade Commission. To Barracuda and my friend Dean Drako's (Barracuda CEO) credit, they did not cave in to Trend's claims. They tied a garland of garlic (keeps vampires away) around their neck in the form of reaching out to the open source community for help. And help the open source community did. No less than Richard Stallman and Eben Moglen joined in to help defend Barracuda.
The open source community responded by finding examples of prior use or prior art, pre-dating the filing of Trend's claim. This so undermined the Trend claim against Barracuda that the whole affair was quietly settled and made to go away. Unfortunately this is what often happens in these types of cases. Better to let Barracuda continue its use than to have a precedent setting decision be filed.
The whole thing may have ended right there. But the folks at Fortinet who had been the victims of what they always felt was an improper patent would not let this blood sucker rest quietly until it found its next victim. As detailed by Patrick Bedwell on the Fortinet Blog, Fortinet has filed a claim with the Patent and Trade Office to invalidate Trend's patent based on prior art as detailed by those in the open source community. According to Bedwell's post, they have also received several favorable decisions in multiple court cases on the patent. Good for Fortinet to finish off the job started by Barracuda and the open source community.
It looks like the sun is about to rise and this blood sucking software patent will not make it back to its coffin without a stake driven through its heart. I say it is about time. Now lets see if it will lead to some new innovations in the gateway malware sector that will help keep us all a little safer.
After following this story for 2 years, I am really happy to see justice being served.
- About Open Source Fact and Fiction
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.
Most Discussed Posts
- Blog Roll
-
Network World, Inc
The Connected Enterprise