Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment bad patents are a problem, trolls made bigger prob (Score 1) 92

Certainly you're right that the source of the problem is bad patents.
Also, there have always been bad patents. It's become such a big problem recently because of big trolls. If 16 trolls file 62% of the patent suits, dealing with the trolls would eliminate at least 62% of the problem. Actually more, because some of the non-troll cases aren't a problem. So those 16 trolls are maybe 80% of the problem.

Any citation for "the vast majority of patents aren't true innovation"? It appears to me that of the hundreds of thousands of patents in force, a few dozen are being horribly abused.

Comment replied to the wrong post? (Score 2) 92

Did you click Reply to the wrong post?
I didn't say anything about large versus small defendants. I just thought it was interesting that 16 patent trolls file most of the suits - that the patent troll problem is a problem of a very few major assholes causing a lot of problems.

To your point, while researching how many trolls there are, I learned that they are targeting smaller companies than before. Most defendants had sales of under $10 million (meaning profit less than $1 million, probably). I also found that fully 90% of the cost to defend is discovery.

Putting those numbers together:
16 nasty trolls are causing major problems by bullying small companies with abusive discovery tactics.

One part of a solution, therefore, would be to limit discovery appropriately so companies can reasonably defend themselves. Maybe have plaintiffs put up a bond for the discovery cost, which they have to pay if the suit is ruled meritless.

Comment 16 trolls brought 62% of suits (Score 1) 92

> there are a lot of patent trolls out there

When you said that, it got me wondering, how many patent trolls are there? A little research suggests there are about 16. They filed 62% of the patent suits last year. It shouldn't be too hard to take a look at how those 16 trolls operate "successfully" and find a few ways to ruin their business model.

That's encouraging to me because it means that a) it should be quite fixable and b) we don't have to take the risk of screwing over all the hard working people by adopting some new, untested system. We just need to throw a monkey wrench into what those sixteen companies are doing.

Comment Reagan appointee ordered breakup, Clinton dismisse (Score -1) 92

You've got things backwards yet again. Penfeld Jackson, a Reagan appointee, ordered the breakup of Microsoft. Clinton's appointee dismissed that verdict against Microsoft.

While we're at it:
Communications Decency Act - signed by Clinton
COPA - Clinton again
Voting rights act - filibustered by democrats
Longest serving democrat senator - Robert Byrd
Robert Byrd's first elected office - KKK leader

Comment hopefully some sense, great cases make bad law (Score 3, Interesting) 92

Hopefully they'll come up with some sensible changes that will address 96% of the problem.
All too often, a headline grabbing bad guy like Intellectual Ventures results in a demand for HUGE new laws, smashing to bits a system that needed a tune up. The Patriot Act is an example - a few words needed to be changed in the law regarding how the NSA, CIA, and FBI can and cannot share information. 9/11 was big though, so people demanded big change, and ended up with the constitution shredded.

Comment Bitlocker cracked since at least 2008 (Score 5, Informative) 125

There are three modes of operation possible with Bitlocker. The most secure has had an exploit publicly known for five years. In that most secure mode, reading the disk is inconvenient, but entirely possible even for independent security people like myself. For a nation-state, it's trivial.

Comment yeah, I've been R&Ding for years (Score 2) 125

> and make authentication someone else's problem with single-signon." Does anyone really know or have they merely amassed years of experience doing what they think is right?

I should know. I spent 17 years keeping ahead of the bad guys and ahead of the competition, developing a security system used by tens of thousands of sites. The thing is, there are a lot of ways to screw up authentication, and a lot of ways to screw up authorization. Professionals making security products screwed it up all the time, and we made two significant errors. We're arguably the best in the business, and still we made mistakes.

Therefore, "make it someone else's problem" isn't a bad answer, if someone else knows what they are doing. I'm not very careful with many things, but I'm darn careful with two - online authentication and explosives. I can answer any specific questions, but to try to cover the topic in a Slashdot post would be a lot like a post on how to make fireworks. There's not time or space to cover the topic properly. Feel free to post or email specific questions, though.

Comment any NSA backdoor in FOSS yet? I've studied Firefox (Score 5, Interesting) 125

Has anyone studied the Firefox code, you ask. Yep, I have. I happen to be a security professional too. Have all those people who used Firefox as the basis for their browser studied the hell out of it? Yep.

We know Microsoft is full of NSA backdoors. Has any government backdoor EVER been found in any FOSS, at any time. Nope.

The insistence on continuing to believe the ridiculous out of fandom is rather curious. Certainly on some level you understand your "beliefs" are laughable, but you're just completely incapable of changing your thoughts, of learning.

Comment non-rude sheepdog here (Score 1) 814

As a trained firearm owner, I agree there is no need to be rude to people who don't know in this kind of exchange. I think it is wise to educate people as Broken scope did, you do not shoot if you don't have to, and if you have to shoot, you shoot at the center of the threat. No need to be rude about it, though.

Comment most shot don't die, most defenders don't shoot (Score 1) 814

"Broken scope" correctly pointed out that you wouldn't attempt a trick shot in a life-or-death situation, but your overall point is true. Most criminals who are shot in self-defense don't die, which was your point. Also, 80% of the time a gun is presented in self-defense, it's not fired. So st least 90% of the time, noone dies.

    I once had an intruder intending violence climb through a window into my home. As they did,they found themselves looking down the twin barrels of my shotgun. They left very quickly. I've never fired at anyone, but I have defended my family. That's statistically the most common scenario.

Comment Github makes the problem far more likely (Score 1) 120

We're speaking in the context of Github. Github, specifically, makes the improbable "exploit" of this loophole much more probable. Maybe not particularly
likely, but likely enough to be a risk that should be considered.

As part of my job, I contribute to an open source project, using Github. I sync my Github to upstream so it's up to date, and commit our changes to it.
That way, our contributions are publicly accessible. In fact, they are publicly accessible in the context of a complete copy which includes our contributions.
That last sentence is key. What Github users publish on Github is a copy of the devel branch with their contributions added (but also including all contributions
from anyone else, including contributions not yet approved for the release version.)

Suppose I work for SpaceX, maintaining the SpaceX blog via Wordpress.
Using Github, I make our contributions to Wordpress public (as part of a complete Wordpress devel tree.)

Someone else at SpaceX invented a widget which is patented.

Orbital Science, a SpaceX competitor, could commit a Wordpress plugin which somehow relates to the patent.
My Github would automatically fetch their commit.
Now my company, SpaceX, is distributing code related to the patent, without ever having heard of Orbital Science's plugin.
Our patent is therefore nullified by the terms of GPLv3, if Wordpress were GPLv3.
That's WHY Wordpress is not GPLv3, but GPLv2, because v3 says:

Each contributor (SpaceX) grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version (including the Orbital Science plugin they've never heard of, but which was automatically mirrored).

Note that the license includes the right to modify it, such as by deleting 99% of it, leaving only the Orbital Science code, without any other part of Wordpress.
Therefore, Orbital Science can force SpaceX to license their code just by doing a Github commit to any project that SpaceX has a Github for.

Is it likely that Orbital Science would do that? Would some judges follow the actual text of the license and allow OR to pull that trick?
Maybe, maybe not. If you've committed $20 million in R&D to _anything_ you have a patent on, would you want to risk a competitor doing a sneaky trick like that?

One defensive solution, if you HAVE to contribute to a GPLv3 project, is to explicitly leave copyright with the individual author, who publishes it on his personal Github rather than having the company post it on Github. Assuming the author doesn't have any patents and never will, that works okay.

Slashdot Top Deals

Life is difficult because it is non-linear.