Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Where's the news? (Score 4, Informative) 241

Seriously though, how can a golf ball have 11 patents on it?

Read Costco's reply to the court, in which each patent is listed along with Acushnet's claims and Costco's rebuttal. You can look the patents up online at the USPTO web site. Let's look at a few, shall we?

Patent# 6,994,638 - Golf balls comprising highly-neutralized acid polymers.
Abstract
A golf ball comprising a core comprised of a polymer containing an acid group fully-neutralized by an organic acid or a salt, a cation source, or a suitable base thereof, the core having a first Shore D hardness, a compression of no greater than about 90, and a diameter of between about 1.00 inches and about 1.64 inches; and a cover layer comprising ionomeric copolymers and terpolymers, ionomer precursors, thermoplastics, thermoplastic elastomers, polybutadiene rubber, balata, grafted metallocene-catalyzed polymers, non-grafted metallocene-catalyzed polymers, single-site polymers, high-crystalline acid polymers and their ionomers, or cationic ionomers.

What is claimed is:

1. A golf ball comprising: a core comprising a center and an outer core layer, the center comprising a thermoset polybutadiene rubber composition having a first hardness; and the outer core layer comprising a polymer comprised of an acid group fully-neutralized by an organic acid or a salt of the organic acid, and a cation source or a suitable base of the cation source; and having a second hardness; and an inner cover layer and an outer cover layer comprising ionomeric copolymers and terpolymers, ionomer precursors, thermoplastics, thermoplastic elastomers, polybutadiene rubber, balata, grafted metallocene-catalyzed polymers, non-grafted metallocene-catalyzed polymers, single-site polymers, high-crystalline acid polymers and their ionomers, polyurethnnes, polyureas, polyurethane-ureas; polyurea-urethanes; or cationic ionomers; wherein the first hardness is from about 50 Shore A to about 55 Shore D and first hardness is less than the second Shore D hardness by at least about 10 points.

Here's Costco's rebuttal:

11. Costco is not infringing any valid claims of U.S. Patent No. 6,994,638 (“the ’638patent”). Acushnet has accused Costco of infringing claim 1 of the 638 patent. Costco’s sales of the KS golf ball do not constitute infringement of claim 1 of the 638 patent, however, because, among other things, the Shore D hardness of the center core of the KS ball is not “at least about 10 points” less than the Shore D hardness of the outer core.
12. The 638 patent is invalid under 35 U.S.C. 102, 103 and/or 112. The claims are invalid under 35 U.S.C. 102 and/or 103, for example, in light of U.S. Patent No. 6,468,169 and other prior art publications and activities

Clearly, a lot of chemistry work went into this patent to make the balls have a certain elasticity. Costco says that their balls do not have the same properties, therefore they did not infringe upon this claim.

Here's another:

Patent# 8,123,632 - Multi-layer golf ball
Abstract
Golf balls consisting of a dual core and a dual cover are disclosed. The dual core consists of an inner core layer formed from a rubber composition and an outer core layer formed from a highly neutralized polymer composition.

Here's the claim in question:

"17. A golf ball consisting essentially of: an inner core layer formed from a rubber composition and having a diameter of from 1.100 inches to 1.400 inches, a center hardness (H.sub.center) of 50 Shore C or greater, and an outer surface hardness of 65 Shore C or greater; an outer core layer formed from a highly neutralized polymer composition and having an outer surface hardness (H.sub.outer core) of 75 Shore C or greater; an inner cover layer formed from a thermoplastic composition and having a material hardness (H.sub.inner cover) of from 80 Shore C to 95 Shore C; and an outer cover layer formed from a composition selected from the group consisting of polyurethanes, polyureas, and copolymers and blends thereof. "

While a multi-layer golf ball is nothing new, this patent builds on an older patent for a multi-layer ball. Acushnet claims this is a new innovation that Costco violated. Costco claims otherwise:

15. Costco is not infringing any valid claims of U.S. Patent No. 8,123,632 (“the ’632 patent”). Acushnet has accused Costco of infringing claim 17 of the ’632 patent. Costco’s sales of the KS ball do not constitute infringement of claim 17, however, because, at the least, the surface hardness of the outer core of the KS ball is not 75 Shore C or greater.
16. The 632 patent is invalid under 35 U.S.C. 102, 103 and/or 112. The claims are invalid under 35 U.S.C. 102 and/or 103, for example, in light of U.S. Publication No. 2007/0281802 and other prior art publications and activities.

So Costco again says that because their balls don't have the same properties, they aren't violating this patent. This is all pretty standard legal wrangling.

Comment Re:Where's the news? (Score 1) 241

Just another reason to SHORTEN the length of patents for none drug inventions. There is NO reason on earth that a patent on a golf ball needs to be 20 years

Why not? Is the research into the aerodynamic characteristics of a golf ball more or less worthy than the research into the hydrodynamic characteristics of a blood vessel stent? For that matter, someone who keeps active as a golfer is likely to be healthier longer than someone who is sedentary and requires drugs and other medical interventions to live. Certainly you'd agree that the sporting goods companies have done more good for public health than Martin Shkreli ever did as CEO of a drug company.

Research is research, and the law says that inventors can profit from their inventions. I'm sorry you don't like that.

Comment Re:Second rule of business (Score 1) 113

Your business has absolutely nothing to do with what you want to sell... it has absolutely everything to do with what your customers want to buy.

"But we can shift that paradigm! This time, we'll plan better, we just need to educate our consumers."

Well, at least they taught their consumers a valuable lesson: Sony, famously guilty for shitting on the rights of virtually everyone through their crappy DRM-enabled hardware, still sold way more consoles than Microsoft.

Microsoft just has never excelled at building what customers want.

Nokia and everyone else had phones with Java, so Microsoft shipped WinCE phones - that didn't sell.
Apple came out with their DRM-encumbered iPod, so Microsoft followed it up with the DRM encumbered Zune - that didn't sell.
Apple came out with the iPhone with the walled app garden; so Microsoft shipped Windows Phones with a walled garden - that didn't sell.
Steam and Sony and Nintendo came out with DRM encumbered games; so Microsoft shipped the XBox One - that sold quite a few, but sucked.

Their two biggest problems are that they want to use services as license enforcement gateways, and that their stiffest competition to their Software V3.0 is their own Software V2.0. Nothing new in Office has been worth buying upgrades since about 2007, yet they have managed to convince some people to upgrade to Office 2010, 2013, and now Office365.

And people are getting more and more fed up with the constant greed. LibreOffice has caught up to about Office 2007 in terms of maturity, which is good enough for a lot of people and companies. Linux has caught fire in the corporate world, overthrowing WIndows Servers by the millions. Cloud computing is moving companies to outsource their hardware data centers. Azure is competent in this arena, but cloud computing is already close to a commodity - there's not a lot of value Microsoft can add over the other big players.

It's weird, but at the core it's an existential crisis for one of the world's largest companies. They are desperately trying to figure out something to sell that will still be in demand 10 years from now.

Comment Re:Rotten Tomatoes is getting self-important (Score 1) 395

I do the same when looking for a restaurant - find a negative review and they'll tell you everything good about the place that they don't understand.

This. I use this same strategy when evaluating any product. Read a few good reviews, sure, but I need to read a few of the top negative reviews to figure out if the product actually has weaknesses that matter to me, or if it's just been purchased by a few users with unrealistic expectations.

The good thing about negative reviews is they usually aren't placed there by the business or by a sock puppet/SEO, so the dishonest reviews are at least more transparent. If some jerk with a grudge posts a 1 star review, they'll often include a whole sob story about how this company was unfair to them because they didn't immediately replace the broken thing the user dropped on a concrete floor.

Comment Re:But which kind of stroke? Too thin or too thick (Score 1) 41

To throw another wrench into the decision matrix, an ischemic stroke is caused by a clot that has been jammed into a narrow blood vessel. If the patient is not particularly healthy he may have fragile arterial walls, in which case the clot can damage the artery. Ironically, this may lead to the clot doing its intended task, becoming the thing preventing the damaged artery from hemorrhaging. In these rare and undiagnosable cases, responsibly using tPA (or spider venom) to dissolve the clot can actually lead to a hemorrhagic stroke.

Comment Re:What do you expect? (Score 3, Insightful) 151

Just think about how many movies have come out in the last 20 years, and even RECENT TV shows/Movies whose plots break down immediately if a true Panopticon/Big Brother society exists.

CallerID would have wrecked 25% of Columbo episodes if it had existed back then. "Won't somebody please think of the screenwriters" is an unusual take on technology changes!

I recently rewatched the original Day of the Jackal from 1973. The entire movie was the suspense of the police chasing him via a paper trail of hotel registrations and phone calls, and I couldn't help but think that the whole movie would have been over in about three minutes if SQL existed.

Comment Re: pointless (Score 4, Funny) 179

Just because you have a "smart" TV doesn't mean you're stuck using the "smart" bits. Plug in an HDMI cable or three to the video source of your choosing, and you never have to touch the smart OS stuff unless you want to.

Just because it has a network connection doesn't mean you have to connect it to a network.

Comment Re:Obsolete (Score 1) 98

Bots creating GoFundMe pages have replaced bums, no need to stand on the street holding a tin cup when you can create a bot to create an online story of distress and have it beg money for you.

That's what this article is about. There are two bots standing on the street corner holding their tin cups, jostling each other for position, and spilling half their money in the process. The AI is converging on a solution using cooperation, where each bot assesses the traffic, and parcels out the begging duty to the robot more likely to succeed with that particular potential donor.

In other words, "two bots one cup".

Submission + - Google has demonstrated a successful practical attack against SHA-1 (googleblog.com)

Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Comment Re:These two may have been least at risk (Score 1) 54

There are plenty of people I know who would fall for this, because they simply don't know. They were issued a laptop for work and were told it was secured through a VPN, but don't understand how networks or routing actually works. They think they're secure only because an expert told them that VPNs are secure.

And not all VPNs are secure. Corporate VPN solutions are increasingly looking to split tunnelling to cut costs: internal corporate IP addresses are correctly routed to the VPN tunnel interface, so things like internal email and corporate web sites are all secured, but the external IP addresses (Google, Microsoft, Slashdot, etc.,) are left to route through the local gateway, reducing bandwidth through the corporate network. So if your wireless adapter connects to a WiFi Pineapple using one of those corporate laptops (thinking it's connecting to a conference AP or something), the rogue AP will faithfully route the still-secure VPN traffic to the proper corporate headquarters servers, but it will just as happily MiTM the rest of the regular unsecured traffic, scanning for credentials, cookies, API keys, or whatever other external sites the computer may happen to access. They could expose personal email account credentials, various web apps, DNS requests, discovery packets, or other loud network traffic. And this allows scenarios where the browser gets cache poisoned while browsing the unsecured web, then used to connect to an internal corporate web site where the malicious cached javascript echoes all the booty back to the attacker.

Of course, you expect the tech folks at the RSA conference would know how it all works, but a significant fraction of the attendees are not tech employees. There are no doubt many finance people; executives with expense accounts and instructions to "come back with a security contract"; salespeople; politicians; and the press in attendance.

I just hope the guys with the rogue access points are no worse than gray hats who are posting them on a Wall of Sheep somewhere at the conference, and not actually hacking the attendees.

Comment Re:How the hell is this still a problem? (Score 2) 49

No, the whole point of Chip and PIN is the use of symetric key cryptography to generate a one time transaction with no need to share account details to the terminal. Basically the same thing as Apply Pay/etc. do, but embedded in a passive chip instead of requiring an active device.

This is not correct. Chip cards use cryptography only to produce a "cryptogram" called the ARQC. This is a Message Authentication Code, a checksum-like number that authenticates the card containing the secret key produced the message. By adding a PIN, the card can also fold the PIN into the cryptogram, authenticating the user, too. However, the card data, including the PAN is still sent in the clear for authorizing. The chip does not encrypt the card data.

Also, the chip is not passive. The chip contains a CPU and performs lots of cryptography, including validating the certificate presented by the terminal, the selection of various applications, protocol negotiations, etc. (And because that chip runs Java, every card issued gets to tithe Oracle for the privilege.)

But because of stupid, we use a crippled system that still allows that system to be bypassed with simple swipes and no crypto between the card and the terminal.

For the most part the data does not need to be encrypted. The payment terminal is responsible for rejecting a swipe that has a Service Code indicating that a chip is present, so you can't just bypass the chip. The skimmer only sees the data flow past, but has no way of computing valid ARQC because the secret key remains embedded securely in the chip. As long as the user doesn't have to also enter the CVV2 from the back of the card, there's not enough information to abuse the card. (Any web page that accepts an account number without requiring the CVV2 is out of compliance with PCI requirements, and is liable for any fraud committed with that card number.)

However, if the payment terminal doesn't encrypt the data before sending it to the store's payment gateway (let alone from the terminal to the cash register), that's still plenty of stupid.

Comment Re:ARBY'S (Score 1) 49

A breach that impacted 355,000 member cards is huge, indicating it was deployed to a large percentage of their chain, if not the whole chain. Since their breach "ended" on January 19 and it still took them 3 weeks to produce the list of affected cards, that tells me that Arby's response time is pretty damn poor, and that they may not be very good at tracking what's going on. Some senior VP said that "not all [of their 1000] corporate restaurants [out of 4000] were affected", but with news this bad combined with such a poor response time, it's hard to trust that they have a complete handle on the problem.

So, IF YOU ATE THE MEATS, it's a pretty good bet that your card got eaten too. Watch your statements.

Now that Arby's has submitted their list of impacted cards to the card associations, Visa or Mastercard will soon contact your bank. Your bank will then send you a letter saying "haxx0rs! Too bad, here's a new card, and if you want to sign up for a year of free credit monitoring, contact ohshitwewerebreached.com and tell them R.B sent you."

Slashdot Top Deals

Stinginess with privileges is kindness in disguise. -- Guide to VAX/VMS Security, Sep. 1984

Working...