Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

[ Create a new account ]

Trend Micro Sues Barracuda Over Open Source Anti-Virus

Posted by Zonk on Tue Jan 29, 2008 09:42 AM
from the troubled-waters dept.
Businesses The Courts The Internet Linux
Anti-virus firm Trend Micro is suing Barracuda Networks over their use of the open source anti-virus product ClamAV. The issue is Trend Micro's patent on 'anti-virus detection on an SMTP or FTP gateway'. Companies like Symantec and McAfee are already paying licensing fees to Trend Micro. Groklaw carries the word from Barracuda that they intend to fight this case, and are seeking information on prior art to bring to trial. Commentary on the O'Reilly site notes (in strident terms) the strange reality of patents gone bad, while a post to the C|Net site explores the potential ramifications for open source security projects. "Barracuda has been able to leverage open source to bring down the cost of security. Early on Barracuda was blocking spam and viruses at roughly 1/10 the price of the nearest proprietary competitor (that was only selling an antivirus solution). Barracuda has helped to bring down prices across the board, and it has been able to do so because of open source. More open source equals less spam and more security. Trend Micro is effectively trying to raise the price of security." Slashdot and Linux.com are both owned by SourceForge.

Related Stories

[+] Trend Micro Draws Boycott Over AV Patent Case 151 comments
Linux.com is reporting that in addition to the bad press, Trend Micro's patent case against Barracuda Networks' use of ClamAV has drawn an apparent boycott of Trend Micro. "Dutch free knowledge and culture advocacy group ScriptumLibre called for 'a worldwide boycott on Trend Micro products.' In its news release, ScriptumLibre summarizes the case, with its chairman, Wiebe van der Worp, describing Trend Micro's actions as 'well beyond the borders of decency.' The ScriptumLibre site includes link to free graphics that supporters can add to their Web pages to show their support and a call for IT professionals that provides a links to help people to educate themselves about the case and suggests a series of actions that people can take in the boycott." Linux.com and Slashdot are both owned by SourceForge Inc.
[+] Prior Art In Barracuda-Trend Micro Lawsuit 85 comments
Joe Barr writes "Bruce Byfield reports at Linux.com that a Swedish developer, Goran Fransson, has 'given a deposition in the Barracuda-Trend Micro case that appears to seriously undermine Trend Micro's patent on gateway virus scanning.' Gransson has resurrected a product (still in its shrinkwrap) sold by Ten Four, the company he worked for at the time, to prove that it provided gateway virus scanning in January 1995. Trend Micro's patent application was filed in September of that year. If you were — or worked for — a Ten Four customer during 1995, you might be able to help Barracuda prove that Trend Micro's patent omits prior art." We discussed this important patent case when it was filed in January. (Slashdot and Linux.com share a corporate overlord.)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Trend Micro Sues Barracuda Over Open Source Anti-Virus 25 Comments More | Login /

 Full
 Abbreviated
 Hidden
More | Login
Loading... please wait.

  • Yes (Score:4, Insightful)

    by niceone (992278) * on Tuesday January 29, @09:45AM (#22220676) Journal
    Trend Micro is effectively trying to raise the price of security

    Um, that's what the patent system is supposed to do - to make it worthwhile investing in inventing things! Whether this is a reasonable thing to patent is another question, but you can't really complain about the patent system doing what it is meant to do.

    • Re:Yes (Score:5, Informative)

      by hey! (33014) on Tuesday January 29, @10:06AM (#22220870) Homepage Journal
      Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

      In theory it works like this. Your company is losing $10 million dollars a year because of lack of security. Fixing the problem would cost you $5 million. The inventor comes up with something that you would not have, that cuts the cost from $5 to $1, and he splits the savings with you. He walks of with $2M, you save $2M over doing it yourself of $8M over not doing anything.

      It all breaks down when the patent system issues obvious patents of the form "apply well known technology X in common context Y." In that case, you (or somebody you hired) could solve the problem for $1M. The patent doesn't represent two million dollars of new savings, it represents a million dollars of new expenses.

      • Re:Yes (Score:5, Insightful)

        by smilindog2000 (907665) <bill@billrocks.org> on Tuesday January 29, @10:11AM (#22220904) Homepage
        In short, you can't violate a patent in your head. You should not be able to violate a patent by typing. This is the simple dividing line between the good and bad patents I see scrolling across slashdot. We let Microsoft and other big American companies con Congress into this, and the rest of the world isn't dumb enough to go along. Sooner or later, we need to fix this... every year it hurts our competitiveness.

        • Re:Yes (Score:4, Insightful)

          by eurleif (613257) on Tuesday January 29, @11:43AM (#22221858)

          You should not be able to violate a patent by typing.
          What if I type out code to program a robotic arm to construct a patented physical object?

      • Re:Yes (Score:4, Informative)

        by radarjd (931774) on Tuesday January 29, @10:48AM (#22221282)

        Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

        That may be the economic theory, but I don't think it's necessarily the legal theory. Legally, the patent system is supposed to induce inventors to create new processes, materials, machines, etc. and to disclose their inventions so that they will eventually be owned by the public. Something often lost on the discussions on this site is that any patented invention will become public domain. In 20 years, potential patent holders will have to overcome this "land grab" of patents that we're currently experiencing. The broader the patents now granted, the more difficult they will be to overcome in the future.

        I personally believe that the current problem with our system is that the patent office (due in large part to a decision by the Supreme Court) didn't grant software patents (in the form of business method or machine patents) earlier. Had the land grab happened thirty years ago, and the patent office learned to deal with it then, this all would have been worked out by now. The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers.

        The case referred to above was Gottschalk v Benson [wikipedia.org] 409 US 63 [findlaw.com]. The Court held that mathematical expressions could not be patented, and essentially found that all computer programs were mathematical expressions. The patent in question was for a bit shifter (converting decimal numbers into binary). IMO, we would be better off today had they simply found the patented material to be obvious, which is what many amici suggested.

      • Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

        Sort of, yes, but mostly, no. (Or you are just be using "net cost" loosely.) Patent system isn't supposed drive down prices, it is supposed to drive up the benefits. Patent system also only works over time, sometimes quite a long time. One can't really make any claims or observations about the patent system at any sin

      • Re:Yes (Score:5, Funny)

        by prelelat (201821) on Tuesday January 29, @12:00PM (#22222064)
        Mario was a great inventor coming up with all sorts of ideas. As time went on Mario couldn't keep up with all of his ideas, he didn't know what to do. So he wrote down the process that he used to come up with those ideas so that he could hire others to think things for him so that he wouldn't loose his ideas. Weeks after this started employees quit working and started their own inventions using Mario's method of creating.

        Mario was furious and went to court he won, he had prior art. So after that he filed for a patent on all of his ways of making ideas. Mario now owned any intelligent thought. He renamed it Mario's idea machine, people had to pay him an annual fee of 200 dollars to have 2 good ideas a year, anymore and they would have to purchase extra licenses at a greater cost. Mario no longer had to have ideas of his own, he had a workshop of idea people, and the whole world had to pay him to have ideas. But there was a problem, no one wanted to have ideas because they couldn't afford to have them. People became stupid as having good ideas was no longer an excepted thing to do. The people in Mario's shop never came up with new and exciting ideas anymore because they were too busy fighting lawsuits against people who had ideas such as the pirate brain. The world stopped, hunger set in, the population decreased. Finally when the patent was about to expire Mario's great great grandchild had a great idea, extend the patent another 10 years. The law passed, only because by this time it was only accepted to have stupid ideas, seeing as how all the good ideas cost money.

        Finally the patent expired, all that were left looked like mindless cavemen. They lived in shells of homes, with little to know food. All that was spoken were grunts, people had been afraid litigation for so long they were afraid to say something smart. Forest and animals have overgrown most of the cities, people had been living off of canned spam for years.

        Moral of the story is stupid patents ruin society, stop it.

    • Re:Yes (Score:5, Insightful)

      by troll -1 (956834) on Tuesday January 29, @10:15AM (#22220946)
      Respectfully disagree.

      The patent system is *not* supposed to raise the price of security.

      The patent system is supposed to:

      To promote the Progress of Science and useful Arts [source: US Constitution [archives.gov], Article I, Sec. 8.

      Making a profit from something as obvious as putting a filter in a firewall does little or nothing to achieve this goal. The largest patent holders (including IBM and Microsoft) all agree the system needs reform. But patent reform is a lot like campaign finance reform, everyone agrees there's a problem but no one really has anything they can realistically take to congress.

  • Prior art? (Score:4, Interesting)

    by initialE (758110) on Tuesday January 29, @09:49AM (#22220700)
    Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.

    • Re:Prior art? (Score:4, Insightful)

      by Thanshin (1188877) on Tuesday January 29, @10:00AM (#22220824)

      Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server?
      A lot of processes can be simplified in such way and still are original. A decision has to be made even if a process seems obvious after being "discovered".

    • Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.


      That's a good idea, you should patent it.

      "Virus scanning of cache and temporary files before end user utilization."

  • Prior art or obviousness? (Score:3, Insightful)

    by Anonymous Coward on Tuesday January 29, @09:54AM (#22220752)
    Can we really be bothered to break out those archived procmail scripts? We're talking about a functional equivalent of a unix pipe; novel or inventive -- I think not!

    Go barracuda!

  • MIMEsweeper prior art (Score:5, Informative)

    by RupW (515653) * on Tuesday January 29, @09:54AM (#22220770)
    From TFA (the Groklaw article):

    We also believe that a product called MIMESweeper 1.0 from a company called Clearswift, Authentium, or Integralis anticipates several claims of the '600 patent. We have yet to locate a copy of this product and would appreciate anyone who has a copy sending it our way.
    Yes, Clearswift currently own MIMEsweeper although Clearswift didn't exist back then - they're a merger of several firms who had similar products.

    They're not hard to find [clearswift.com]. Why not just ask them?

  • Granting frivolous patents should be punishable (Score:4, Interesting)

    by Thanshin (1188877) on Tuesday January 29, @09:56AM (#22220790)
    The people who grant patents should be liable to be fired for gross incompetence?

    If I file a patent for the process of giving names to children so they can be distinguished and it's granted, is there someone responsible for that? When a judge overturns the patent, the granter should suffer the consequences somehow.

  • Barracuda makes the problem worse (Score:5, Interesting)

    by Arrogant-Bastard (141720) on Tuesday January 29, @10:26AM (#22221062)

    Note that Barracuda's products are notorious for generating spam. Barracuda's engineers were informed of the problem years ago, provided with a fix -- and stubbornly refused to address the situation. It's no wonder that there are now thousands of Barracuda installations on various blacklists. (Two examples: Backscatterers [backscatterers.com] and Backscatterer.org [backscatterer.org]) Barracuda doesn't seem to care as long as they make money.

    A secondary point is that Barracuda's products are NOT open-source. Oh, they're built almost entirely on open-source (an open-source operating system, an open-source mail server, an open-source anti-spam scanner, an open-source anti-virus scanner, etc.) but they're not open-source. Essentially what they've done is take all of that open-source code, slap a web front-end on it for the point-and-drool crowd, and then sell it. They're not in this to help out the Internet or stop spam or anything else admirable: they're in this to make money, and they're perfectly willing (see first point) to make the spam problem worse if it increases their profits.

    They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

  • Err (Score:3, Funny)

    by Vexorian (959249) on Tuesday January 29, @10:53AM (#22221338)
    I guess I'll wait for a new protocol to come and patent "Fighting virus on XX protocol" That should do it. Man, this patent is so retarded, Trend Micro should be ashamed for ever filing it...

  • Hang on a second... (Score:5, Insightful)

    by PinkyDead (862370) on Tuesday January 29, @11:01AM (#22221438) Journal
    I must be missing something here...

    I have configured for a number of my clients their own SMTP servers for which I charge. These servers are generally gateways with postfix as the server. The anti-virus is ClamAV which is called by postfix.

    Or to put it another way they have 'anti-virus detection on an SMTP or FTP gateway'.

    Does this this mean I have violated this patent? Or should the patent be rewritten as 'Patent 5,623,600: Installing software on a computer'?

  • A quick google for prior art... (Score:5, Informative)

    by martyb (196687) on Tuesday January 29, @11:21AM (#22221654)

    Thanks to google and its archive of usenet posts: this query [google.com] on google groups of: "FTP SMTP virus proxy server group:comp.*" for the time period of 01-Jan-95 through 26-Sep-95 (the patent was filed on 26-Sep-95) returned this link [google.com].

    It appeared in the comp.security.misc newsgroup and the first few paragraphs (emphasis added) suggests to me this might be prior art:

    FOSE '95, WASHINGTON, March 21 /PRNewswire/ -- Norman Data Defense Systems, Inc. today introduced the Norman Firewall, a firewall providing a single, highly secured route for data traveling between networks and the Internet.

    "We are proud to deliver a new level of data defense for networks that are currently vulnerable to attack from a variety of global data security threats, including hackers and viruses," said Norman Data Defense Systems, Inc. President and CEO David J. Stang, Ph.D.

    Like a sentry positioned to identify visitors and then authorize or deny entry, the Norman Firewall combines an integrated front-end server, proxy server, and virus detector to defend systems and information. The Norman Firewall essentially opens incoming and outgoing data packets, and inspects, virus-checks (against more than 6,500 known viruses), and repackages the data packets, before delivery to their destination. No packets ever need to directly enter or leave internal networks.

    I don't have time right now to search further, but wanted to put this out there for others to follow up on. Any takers?

    P.S. As a point of comparison, consider that the Morris Worm [wikipedia.org] was released onto the internet on 02-Nov-88 (more details here: A Tour of the Worm [std.com]) and THAT was nearly SEVEN YEARS before this patent was filed!

    • Re: (Score:3, Informative)

      by j-turkey (187775)

      There's a lot of mail admins out there - and a lot who consider a quick & dirty mail relay running Linux and ClamAV to be a pretty good first line of defense against email-borne trojans and virii. Seeing as ClamAV doesn't have a daemon mode, and end users in any large organisation can seldom be trusted to run their own AV scans as required[1] that's pretty much the biggest use for it.

      ClamAV does have a daemon mode [die.net]. Are you thinking of a local Windows client? Realtime filesystem scanning?

    • Re:Bad news for a lot of us (Score:5, Funny)

      by MonsterOfTheLake (880659) on Tuesday January 29, @09:57AM (#22220796) Homepage

      The receptionist who forwards all the "Look Out for the Terrible Good Times Virus!!!111OMGWTFBBQ" emails she receives is, and if she could be relied upon to follow good computing practices, we wouldn't need AV software in the first place.
      Man, I hate that receptionist.
    • jimicus wrote:
      > Seeing as ClamAV doesn't have a daemon mode

      The stackable filesystem team (the ones who wrote Unionfs [sunysb.edu]) put together a filesystem that uses ClamAV [sunysb.edu] to perform on-access virus scanning in the kernel.
    • While your statement is true, there is a huge difference between what everyday admins are doing within their organization and what Barracuda is doing. Barracuda are packaging clamav and selling it as a product (regardless of the merits or lack their of of this lawsuit).

      Also, while I do believe the patent is overly broad, this is what the patents are for. It is not like Trend Micro is a patent hoarding firm, they do make products, in fact they actually make products that relate to the patents they hold, so

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2008 SourceForge, Inc.