More Patent Battles Making Your Computer Less Secure

from the ain't-patents-great? dept

Last year, we pointed to some patent battles among security software companies, noting how the end result would undoubtedly be less secure computers. As these security firms argued over who thought up an idea "first" and who owed who what amounts of money, you can rest assured that those exploiting the security holes couldn't care any less about who came up with what exploit first. In the constant battle between security firms and malicious hackers, distracting the security firms and having resources devoted to arguing over patents (and paying each other royalties) seems designed to just make it that much easier for malicious hackers to stay that much further ahead, while making it more and more difficult for any security firm to actually provide anything close to comprehensive security. And, it's only going to get worse. Slashdot points us to an article about Microsoft's rather broad patent on proactive virus protection, despite the fact that others had proactive virus protection products on the market well before Microsoft filed for the patent. While Microsoft isn't yet doing anything with the patent, the fact that it got it now means that others have to be extra careful in tiptoeing around proactive virus protection -- and that's only going to make virus makers happy.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    LBD, May 21st, 2008 @ 8:42pm

    Angry dude...

    Wonder when Angry Dude is going to come up to defend the 'proactive virus defense' patent?

    He must be pretty torn, he hate Microsoft but he loves patents.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    LBD, May 21st, 2008 @ 8:42pm

    Angry dude...

    Wonder when Angry Dude is going to come up to defend the 'proactive virus defense' patent?

    He must be pretty torn, he hate Microsoft but he loves patents.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, May 21st, 2008 @ 8:43pm

    Re: Angry dude...

    Doubled? That's bizare... hey mod, delete this second one please.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, May 21st, 2008 @ 11:43pm

    Re: Angry dude...

    Doubled? That's bizare... hey mod, delete this second one please.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    EveningStarNM, May 21st, 2008 @ 11:55pm

    I'm not worried.

    One day the idiot at the Patent Office who thought that heuristic virus detection wasn't "proactive" (geez, I hate Gen. Haig just for that word) will be fired and intelligence will again be valued.

    But I could be wrong. This is America, after all.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Whoops, May 22nd, 2008 @ 12:13am

    Something seriously wrong

    There's something seriously wrong with either the posting system, or with my browser, because that's two (possibly three) doubled posts! Please moddy people! Try to track down the problems!

    I'm using the most recent firefox, if that makes a difference

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    David Ruschinek, May 22nd, 2008 @ 3:36am

    The patent isn't all that bad

    Part of the patent is the execution point where the protection originates - at the core Kernel Level. In Vista for Security enhancements that part of the Kernel is locked by Microsoft, even for Anti Virus/Security vendors. A change in the Kernel at the core level prevents Vista from loading. by Registering this patent MS have created a right to licence access to the core kernel without compromising it.
    Proactive and hueristics are words that are open to debate. Using hueristics does not make an anti-Virus Product Proactive. I believe this is based on a sandboxing technique patented by Finjan: http://www.freepatentsonline.com/7058822.html

    One question that must be asked is how it affects other Operating Systems? If a Linux Kernel developer creates a proactive sandboxing system for potentially malicious code using hueristics are they in violation of the patent?

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Twinrova, May 22nd, 2008 @ 3:54am

    No subject

    This is what happens when patents are stupidly given to software.

    I guess the "1000 monkeys" example was never brought forth by the patent office.

    Such a shame. Anyway, if you'll excuse me, I'll have to find additional software to download that's not exactly what I want because someone owns a patent on the feature I want but put it in an application I'll never use.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 5:58am

    Echo, echo, echo...

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Little Punk, May 22nd, 2008 @ 6:25am

    limited to software only

    Does this mean that I can no longer "proactively" not click a link to malware ?

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    John Wilson, May 22nd, 2008 @ 6:51am

    Re: The patent isn't all that bad

    The Linux kernel already has that capability in it in, among other places, iptables.

    I doubt that it's the same as Microsoft's simply because it requires linking in a module to perform the anti-malware function.

    Mostly sandboxing takes place elsewhere, though.

    At the end of the day there's always the chroot jail to lock down vulnerable processes like web servers.

    ttfn

    John

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 10:32am

    "means that others have to be extra careful in tiptoeing around proactive virus protection -- and that's only going to make virus makers happy."

    You could just as easily say that now there is an incentive for other security firms to innovate a different way to detect malmare that is NOT covered by the MS patent - and that new way may actually end up being better then MS's method to boot!

    Anti-malware firms are always trying to be the company that can claim they detect 100% of malware. So, if it turns out that MS's patent is truly the best known way to accomplish that, then great, consumers will either buy the MS anti-malware product or buy another company's product that licenses the MS technology.

    But, most companies would rather not have to split their profits with another company, so then there will exists an incentive to think up a different way to detect the malware exists so they won't have to pay microsoft any more royalties - thus the MS patent created an incentive to innovate.

    If there was no MS patent, then anti-malware companies would just sit-back and use the MS technology royalty-free because it's the best known technology to do the job and its also FREE - so what incentive is there to spend new resources on creating a new detection method when the current method is detecting 100% of the malware that comes out? none.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 11:48am

    Re:

    Yeah, maybe... but the tech doesn't belong to microsoft. And compitition would drive inovation

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    JustMe, May 22nd, 2008 @ 12:36pm

    Re: The A/C at May 22nd, 2008 @ 10:32am

    You work at Microsoft, I presume. Man up and admit it, then we might listen to your points. Otherwise, we assume you are Ballmer's sock puppet.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 4:10pm

    "And compitition would drive inovation"

    Competition is all about making money! And if you had the choice of either having to give up some of your money to MS for a license, or create a new way to do the same thing so you won't have to give up any money to MS, wouldn't you?

    By just the fact that MS has a patent on one method to detect malware, doesn't that just beg others to find another way so they wont have to pay M$ for it's method?

    Thus, a patent can promote innovation. Simple.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 4:58pm

    Re:

    Compition's also about quality, you dumb fuck

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 4:59pm

    Re:

    Even if it's 10% cheeper, I'm not buying something that's 50% worse

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, May 22nd, 2008 @ 5:00pm

    Re:

    Dude: They'll look for other ways ANYWAY as part of the quest to be better.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Nasch, May 23rd, 2008 @ 8:01am

    Re:

    You're contradicting yourself. Either the MS technique has room for improvement or it does not. It's ridiculous to claim it's perfect, but just for the sake of argument we'll pretend that's possible. If it's not perfect, there is an incentive for someone to develop a better product. If it is perfect, nothing anybody could do would be better, so there is no reason to try to develop anything better. The above conditions are true whether there is any patent or not, thus you have not demonstrated any benefit to the patent (other than to MS).

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Craig, Dec 28th, 2009 @ 7:39am

    For whatever reason, the usually very intense process for securing and proving the validity and singularity of a patent seem to be simplified when it comes to security software. I mean, this almost sounds like they have patented a concept, rather than a procedure, and that is just very atypical.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This