Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Businesses Government The Courts Software The Internet News Linux

Trend Micro Sues Barracuda Over Open Source Anti-Virus 200

Anti-virus firm Trend Micro is suing Barracuda Networks over their use of the open source anti-virus product ClamAV. The issue is Trend Micro's patent on 'anti-virus detection on an SMTP or FTP gateway'. Companies like Symantec and McAfee are already paying licensing fees to Trend Micro. Groklaw carries the word from Barracuda that they intend to fight this case, and are seeking information on prior art to bring to trial. Commentary on the O'Reilly site notes (in strident terms) the strange reality of patents gone bad, while a post to the C|Net site explores the potential ramifications for open source security projects. "Barracuda has been able to leverage open source to bring down the cost of security. Early on Barracuda was blocking spam and viruses at roughly 1/10 the price of the nearest proprietary competitor (that was only selling an antivirus solution). Barracuda has helped to bring down prices across the board, and it has been able to do so because of open source. More open source equals less spam and more security. Trend Micro is effectively trying to raise the price of security." Slashdot and Linux.com are both owned by SourceForge.
This discussion has been archived. No new comments can be posted.

Trend Micro Sues Barracuda Over Open Source Anti-Virus

Comments Filter:
  • Yes (Score:4, Insightful)

    by niceone ( 992278 ) * on Tuesday January 29, 2008 @08:45AM (#22220676) Journal
    Trend Micro is effectively trying to raise the price of security

    Um, that's what the patent system is supposed to do - to make it worthwhile investing in inventing things! Whether this is a reasonable thing to patent is another question, but you can't really complain about the patent system doing what it is meant to do.
    • Re:Yes (Score:5, Informative)

      by hey! ( 33014 ) on Tuesday January 29, 2008 @09:06AM (#22220870) Homepage Journal
      Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

      In theory it works like this. Your company is losing $10 million dollars a year because of lack of security. Fixing the problem would cost you $5 million. The inventor comes up with something that you would not have, that cuts the cost from $5 to $1, and he splits the savings with you. He walks of with $2M, you save $2M over doing it yourself of $8M over not doing anything.

      It all breaks down when the patent system issues obvious patents of the form "apply well known technology X in common context Y." In that case, you (or somebody you hired) could solve the problem for $1M. The patent doesn't represent two million dollars of new savings, it represents a million dollars of new expenses.
      • Re:Yes (Score:5, Insightful)

        by smilindog2000 ( 907665 ) <bill@billrocks.org> on Tuesday January 29, 2008 @09:11AM (#22220904) Homepage
        In short, you can't violate a patent in your head. You should not be able to violate a patent by typing. This is the simple dividing line between the good and bad patents I see scrolling across slashdot. We let Microsoft and other big American companies con Congress into this, and the rest of the world isn't dumb enough to go along. Sooner or later, we need to fix this... every year it hurts our competitiveness.
        • Re:Yes (Score:4, Insightful)

          by eurleif ( 613257 ) on Tuesday January 29, 2008 @10:43AM (#22221858)

          You should not be able to violate a patent by typing.
          What if I type out code to program a robotic arm to construct a patented physical object?
          • Re: (Score:3, Insightful)

            by malkavian ( 9512 )
            You can happily copyright the code, but shouldn't be able to patent it. The physical object would still be patented.
            You don't violate the patent on the object just by typing the code, or even executing it. You violate the patent by actually having the robot arm create the final object. You could run the code to your heart's content if it were operating in 'test' without creating the final object without violating the patent.
          • With a second patent for your physical object.
      • Re:Yes (Score:4, Informative)

        by radarjd ( 931774 ) on Tuesday January 29, 2008 @09:48AM (#22221282)

        Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

        That may be the economic theory, but I don't think it's necessarily the legal theory. Legally, the patent system is supposed to induce inventors to create new processes, materials, machines, etc. and to disclose their inventions so that they will eventually be owned by the public. Something often lost on the discussions on this site is that any patented invention will become public domain. In 20 years, potential patent holders will have to overcome this "land grab" of patents that we're currently experiencing. The broader the patents now granted, the more difficult they will be to overcome in the future.

        I personally believe that the current problem with our system is that the patent office (due in large part to a decision by the Supreme Court) didn't grant software patents (in the form of business method or machine patents) earlier. Had the land grab happened thirty years ago, and the patent office learned to deal with it then, this all would have been worked out by now. The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers.

        The case referred to above was Gottschalk v Benson [wikipedia.org] 409 US 63 [findlaw.com]. The Court held that mathematical expressions could not be patented, and essentially found that all computer programs were mathematical expressions. The patent in question was for a bit shifter (converting decimal numbers into binary). IMO, we would be better off today had they simply found the patented material to be obvious, which is what many amici suggested.

        • Re:Yes (Score:5, Funny)

          by rben ( 542324 ) on Tuesday January 29, 2008 @10:31AM (#22221760) Homepage
          >The hobbyist software creator didn't exist in large part thirty years ago

          Damn, I just vanished in a puff of logic!
          • by radarjd ( 931774 )

            The hobbyist software creator didn't exist in large part thirty years ago

            Damn, I just vanished in a puff of logic!

            Sorry about that, I try to make as few people as possible disappear. I'm not trying to lessen the contributions of 30 years ago, just to say that in terms of sheer numbers and access, it's not what it is today.
        • Re: (Score:3, Insightful)

          Had the land grab happened thirty years ago, and the patent office learned to deal with it then, this all would have been worked out by now. The hobbyist software creator didn't exist in large part thirty years ago, and the fights would have been between large companies like IBM and its challengers.

          True that. Seriously, folks, who's got the patent on operating systems? Software that interfaces with hardware for you? That would be great. Software patents work great until it's something obvious that shouldn't be patentable, but who draws the line? That's what we're arguing here. An antivirus on an smtp or ftp gateway? In what way is that any less obvious than an operating system?

          I'm going to patent writing data to hard drives, and make millions off this system in the name of progress.

      • Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

        Sort of, yes, but mostly, no. (Or you are just be using "net cost" loosely.) Patent system isn't supposed drive down prices, it is supposed to drive up the benefits. Patent system also only works over time, sometimes quite a long time. One can't really make any claims or observations about the patent system at any sin
      • Re:Yes (Score:5, Funny)

        by prelelat ( 201821 ) on Tuesday January 29, 2008 @11:00AM (#22222064)
        Mario was a great inventor coming up with all sorts of ideas. As time went on Mario couldn't keep up with all of his ideas, he didn't know what to do. So he wrote down the process that he used to come up with those ideas so that he could hire others to think things for him so that he wouldn't loose his ideas. Weeks after this started employees quit working and started their own inventions using Mario's method of creating.

        Mario was furious and went to court he won, he had prior art. So after that he filed for a patent on all of his ways of making ideas. Mario now owned any intelligent thought. He renamed it Mario's idea machine, people had to pay him an annual fee of 200 dollars to have 2 good ideas a year, anymore and they would have to purchase extra licenses at a greater cost. Mario no longer had to have ideas of his own, he had a workshop of idea people, and the whole world had to pay him to have ideas. But there was a problem, no one wanted to have ideas because they couldn't afford to have them. People became stupid as having good ideas was no longer an excepted thing to do. The people in Mario's shop never came up with new and exciting ideas anymore because they were too busy fighting lawsuits against people who had ideas such as the pirate brain. The world stopped, hunger set in, the population decreased. Finally when the patent was about to expire Mario's great great grandchild had a great idea, extend the patent another 10 years. The law passed, only because by this time it was only accepted to have stupid ideas, seeing as how all the good ideas cost money.

        Finally the patent expired, all that were left looked like mindless cavemen. They lived in shells of homes, with little to know food. All that was spoken were grunts, people had been afraid litigation for so long they were afraid to say something smart. Forest and animals have overgrown most of the cities, people had been living off of canned spam for years.

        Moral of the story is stupid patents ruin society, stop it.
      • Well, to be more accurate, what the patent system is supposed to do in a case like this is lower the net costs of security, and then reward the inventor by diverting some of the savings to him.

        Where does it say that in the patent laws?

    • Re:Yes (Score:5, Insightful)

      by troll -1 ( 956834 ) on Tuesday January 29, 2008 @09:15AM (#22220946)
      Respectfully disagree.

      The patent system is *not* supposed to raise the price of security.

      The patent system is supposed to:

      To promote the Progress of Science and useful Arts [source: US Constitution [archives.gov], Article I, Sec. 8.

      Making a profit from something as obvious as putting a filter in a firewall does little or nothing to achieve this goal. The largest patent holders (including IBM and Microsoft) all agree the system needs reform. But patent reform is a lot like campaign finance reform, everyone agrees there's a problem but no one really has anything they can realistically take to congress.
      • Re: (Score:2, Insightful)

        by Alinabi ( 464689 )

        But patent reform is a lot like campaign finance reform, everyone agrees there's a problem but no one really has anything they can realistically take to congress.

        The congress is there to represent the People, not to rubberstamp bills crafted by corporations. As such, there is no need for them to wait for the private sector to take the initiative. They should just sit down, on their enlightened, elected asses, and come up with a law that really promotes the "Progress of Science and the useful Arts".

      • There are many reasonable solutions that CAN be taken to congress but there is no chance in hell of them making past the heavily corrupt process, just like campaign reform (many just ignore the laws they do have and only a few in recent years were caught and those that did are generally treated well even if the full extent of the crime is disclosed.)

        Government by and for the corporations. The corps have hacked out most the democracy from the system. At least now more people are joining the minority who has
    • by Anonymous Coward
      I thought that patents were supposed to protect my particular "solution" to a problem, not the entire concept of solving the problem itself.

      Let's say that I invent a machine to separate cotton from the seeds. I am granted a patent on MY PARTICULAR "method and apparatus for separating cotton from seeds". That does NOT give me a monopoly on ALL machines to accomplish the same task. Someone else comes up with a completely different mechanism to accomplish the same task, now we have a competition without any
    • Um, that's what the patent system is supposed to do - to make it worthwhile investing in inventing things!

      No, the patent system is supposed to make it worthwhile inventing things, not investing in inventing things.. Can you see the distinction?

      Did Trend Micro invent "anti-virus detection on an SMTP or FTP gateway"? No. They didn't even invent the idea of "anti-virus detection on an SMTP or FTP gateway" (not that makes any difference).

      They had a lawyer fill out a form before some other lawyer filled out

      • "and now the world is supposed to pay them"

        Not strictly true. Other US companies are supposed to pay them. Those of us who don't have software patents don't really care what Trend might think. Now, ask yourself, who is the US patent system helping? It doesn't matter a jot whether you argue the semantics of 'inventing' or 'investing', the vast majority or the people that are being penalised by this system live in N America

  • Prior art? (Score:4, Interesting)

    by initialE ( 758110 ) on Tuesday January 29, 2008 @08:49AM (#22220700)
    Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.
    • Re:Prior art? (Score:4, Insightful)

      by Thanshin ( 1188877 ) on Tuesday January 29, 2008 @09:00AM (#22220824)

      Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server?
      A lot of processes can be simplified in such way and still are original. A decision has to be made even if a process seems obvious after being "discovered".
      • So does that mean I can file a patent for running Microsoft Word in a VM just because I happen to be doing it right now?

        An idea has to be ORIGINAL and NOVEL to be patentable. Just saying "take A and B and do them together!" does not a patent make.
        • Just saying "take A and B and do them together!" does not a patent make.
          Still, that a process can be described as "the simultaneous use of A and B" doesn't mean it isn't patentable. Thus, my response to the thread starter.
    • Re: (Score:3, Funny)

      by _KiTA_ ( 241027 )

      Why not say that this behavior is the inadvertent result of placing 2 products, an SMTP gateway, and an antivirus client, side by side on the same server? the gateway stores the mail in a temporary store, whereupon the antivirus just happens to sanitize it, before the mail is again sent on it's way. This is obviousness in the extreme.


      That's a good idea, you should patent it.

      "Virus scanning of cache and temporary files before end user utilization."
  • There's a lot of mail admins out there - and a lot who consider a quick & dirty mail relay running Linux and ClamAV to be a pretty good first line of defense against email-borne trojans and virii. Seeing as ClamAV doesn't have a daemon mode, and end users in any large organisation can seldom be trusted to run their own AV scans as required[1] that's pretty much the biggest use for it.

    [1] Yes I know all you geeks might be OK. But you're not the sort to open every silly email you receive. The reception
    • Re: (Score:3, Informative)

      by j-turkey ( 187775 )

      There's a lot of mail admins out there - and a lot who consider a quick & dirty mail relay running Linux and ClamAV to be a pretty good first line of defense against email-borne trojans and virii. Seeing as ClamAV doesn't have a daemon mode, and end users in any large organisation can seldom be trusted to run their own AV scans as required[1] that's pretty much the biggest use for it.

      ClamAV does have a daemon mode [die.net]. Are you thinking of a local Windows client? Realtime filesystem scanning?

      • by jimicus ( 737525 )

        ClamAV does have a daemon mode. Are you thinking of a local Windows client? Realtime filesystem scanning?

        Yes, you're quite right. I was thinking of a local Windows client with realtime filesystem scanning.

        I completely mis-worded that.
    • by account_deleted ( 4530225 ) on Tuesday January 29, 2008 @08:57AM (#22220796)
      Comment removed based on user account deletion
    • Re: (Score:2, Informative)

      by kc8tbe ( 772879 )
      ClamAV does have a daemon, it just doesn't have on on-access scanner for Windows -- yet. The people over at Clamwin http://www.clamwin.com/content/view/35/27/ [clamwin.com] are working on one. Linux users interested in on-access scanning should look up Clamuko, but then if you run Linux you probably don't need an on-access virus scanner...
    • jimicus wrote:
      > Seeing as ClamAV doesn't have a daemon mode

      The stackable filesystem team (the ones who wrote Unionfs [sunysb.edu]) put together a filesystem that uses ClamAV [sunysb.edu] to perform on-access virus scanning in the kernel.
    • Re: (Score:3, Insightful)

      While your statement is true, there is a huge difference between what everyday admins are doing within their organization and what Barracuda is doing. Barracuda are packaging clamav and selling it as a product (regardless of the merits or lack their of of this lawsuit).

      Also, while I do believe the patent is overly broad, this is what the patents are for. It is not like Trend Micro is a patent hoarding firm, they do make products, in fact they actually make products that relate to the patents they hold, so
    • Seeing as ClamAV doesn't have a daemon mode

      I suggest you do research before making such ridiculous claims.

      me@mymachine:~$> man clamd
      Clam Daemon(8) Clam AntiVirus Clam Daemon(8)

      NAME
      clamd - an anti-virus daemon

      DESCRIPTION
      The daemon listens for incoming connections on Unix and/or TCP socket
      and scans files or directories on d

  • by Anonymous Coward on Tuesday January 29, 2008 @08:54AM (#22220752)
    Can we really be bothered to break out those archived procmail scripts? We're talking about a functional equivalent of a unix pipe; novel or inventive -- I think not!

    Go barracuda!

    • Re: (Score:2, Insightful)

      by ElBeano ( 570883 )
      AC is exactly right. This isn't worthy of a patent. Convincing the court of this will nonetheless require educating people who are likely to be clueless as to WHY this is obvious. To those who disagree, please tell my why this deserves a patent and why any sane admin wouldn't think of it without Trend Micro's help?
  • by RupW ( 515653 ) * on Tuesday January 29, 2008 @08:54AM (#22220770)
    From TFA (the Groklaw article):

    We also believe that a product called MIMESweeper 1.0 from a company called Clearswift, Authentium, or Integralis anticipates several claims of the '600 patent. We have yet to locate a copy of this product and would appreciate anyone who has a copy sending it our way.
    Yes, Clearswift currently own MIMEsweeper although Clearswift didn't exist back then - they're a merger of several firms who had similar products.

    They're not hard to find [clearswift.com]. Why not just ask them?
    • They would do well to find that product. According to this Google Groups thread [google.com], it was shown at a tradeshow called "Networks 95" in July, 2 months before the patent application was filed.

      Either way, the mere fact that people were asking for such a product on usenet prior to the filing date should help their case.
  • by Thanshin ( 1188877 ) on Tuesday January 29, 2008 @08:56AM (#22220790)
    The people who grant patents should be liable to be fired for gross incompetence?

    If I file a patent for the process of giving names to children so they can be distinguished and it's granted, is there someone responsible for that? When a judge overturns the patent, the granter should suffer the consequences somehow.

    • If you did that, nobody would want to work for the patent office.
      Besides, the whole point of banding together to form a collective, whether it be a corporation, a non-profit, or a government institution, is that people can have a greater effect on society by pooling their work together into a coordinated effort while limiting their liability.
      If you would like the USPTO as a whole to be penalized for the aggregate proportion of lame versus useful patents, that would be more acceptable, but still hard to impl
      • by Rob T Firefly ( 844560 ) on Tuesday January 29, 2008 @10:03AM (#22221460) Homepage Journal

        Firing whoever's in charge of it? Again, nobody would want to work there if they had to accept that liability.
        Yeah, it'd really suck if those put in positions of power whose daily actions affect the entire future of innovation of an entire country were to be actually held accountable for the fallout from their bad decisions.
      • Re: (Score:3, Insightful)

        by Thanshin ( 1188877 )

        If you did that, nobody would want to work for the patent office.

        That only means it's underpaid.

        Lot's of people work in positions that would instantly fire them at the first mistake, and with much subtler mistakes than those we are arguing about*. They still like those jobs because, as long as they can keep them, they pay well.

        *: I do believe that in patent granting there must be really convoluted and complex cases that involve very uses of previous knowledge in subtle ways. However I don't believe those cases conform the majority.

      • If you did that, nobody would want to work for the patent office.

        Wait, I'm confused. Are you arguing that this is bad or good?

  • My ISP... (Score:2, Interesting)

    by baadger ( 764884 )
    My ISP does anti-viral scanning on outgoing mail via SMTP. Does this mean they, and every other similarly setup ISP, are paying royalties to Trend Micro?

    If so, I think I quite fancy changing ISPs. I could be paying to support this ludicrous patent.
    • Re: (Score:2, Insightful)

      by AndrewNeo ( 979708 )
      The ISP probably didn't write their own virus-scanning software. They probably bought it, and the company they bought it from may or may not be paying royalties.
  • Trend Micro have been in the business a long time, how long? Long enough to OWN "antivirus.com". How many 386 and earlier motherboards had "trend chip away boot sector protection"?

    They invented a few of the modern ways to scan for and stop virus, spyware and spam email from getting into a windows box, pretty much every one else in the industry will accede to that, why do these guys think, they can get a free lunch for something someone else invented a fair while back.

    Symantec wouldn't be paying up unless th
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      AV scanning SMTP isn't an invention, it's the very definition of freaking obvious. The patent is a joke.
      • by kscguru ( 551278 )
        It's obvious today, in 2008. Looking back to 1997, I'm not entirely sure it was obvious. Windows 95 ruled, Linux was still in the 1.0 era. Netscape 4.0 came out in 1997. Sure, a 1997 UNIX sysadmin could have written a quick script that did what this patent describes - but I suspect very few did (non-obvious), and none (except Trend Micro) saw the business opportunity to do so.

        Hate to say it, but this patent (1) seems non-obvious, (2) is by a company doing useful work in the area, and (3) seems cheap e

    • by nagora ( 177841 )
      They invented a few of the modern ways to scan for and stop virus, spyware and spam email from getting into a windows box, pretty much every one else in the industry will accede to that, why do these guys think, they can get a free lunch for something someone else invented a fair while back.

      If by "invented" you mean "applied established techniques in a way that's obvious to a five-year-old and thus is not eligable for patent protection except if the patent office is out of control and making up the law as

      • I think the example of BBS's scanning uploads pretty much stands as prior art, at least as far as FTP goes. Sure, X/Y/Z-Modem are different protocols, but they, like FTP, are file transfer protocols.

        As to email, filtering systems like Procmail have been around a lot longer than this patent, and all an AV scanner on a mail server is is a specialized filter that links an AV scanner into the incoming mail queue.
    • by Alioth ( 221270 )
      Symantec probably don't pay, they probably just have a cross-licensing agreement. Getting a cross-licensing agreement in place is probably a whole lot less effort than litigating - so the companies choose the path of least resistance.
    • Re: (Score:3, Interesting)

      by cfulmer ( 3166 )

      Symantec wouldn't be paying up unless they knew it was an un-winnable case.

      Phooey. Here's a fairly common scenario:

      (1) Company gets questionable patent
      (2) Company offers a very inexpensive license to a big-name suspected infringer
      (3) big-name suspected infringer buys the license because it's a lot cheaper than litigating
      (4) Company goes around to others and says "big-name suspected infringer has a license, so it must be legit. Pay up." Only, this time, Company asks for a lot more money.

      The US Patent

    • Unless they thought that the cost of licensing was less than fighting a nice, protracted court case. Because, as the SCO case has shown, court cases are exceptionally inexpensive right?
  • Scrap patents completely across the board. The days of government-backed monopoloies are dead and gone, aren't they? So let's ditch the corrupted patent system altogether.

    TWW

  • Excise said offending code from the codebase, then, make it available as a free plugin hosted outside of the United States.

    Done.
    • Excise said offending code from the codebase,

      That won't work in this case. The patent is for "A system for detecting and eliminating viruses on a computer network includes a File Transfer Protocol (FTP) proxy server, for controlling the transfer of files and a Simple Mail Transfer Protocol (SMTP) proxy server for controlling the transfer of mail messages through the system." So for Barracuda to comply they must stop scanning e-mails for viruses in their products.

      This also means that it is not the use of Cla

  • by Arrogant-Bastard ( 141720 ) on Tuesday January 29, 2008 @09:26AM (#22221062)

    Note that Barracuda's products are notorious for generating spam. Barracuda's engineers were informed of the problem years ago, provided with a fix -- and stubbornly refused to address the situation. It's no wonder that there are now thousands of Barracuda installations on various blacklists. (Two examples: Backscatterers [backscatterers.com] and Backscatterer.org [backscatterer.org]) Barracuda doesn't seem to care as long as they make money.

    A secondary point is that Barracuda's products are NOT open-source. Oh, they're built almost entirely on open-source (an open-source operating system, an open-source mail server, an open-source anti-spam scanner, an open-source anti-virus scanner, etc.) but they're not open-source. Essentially what they've done is take all of that open-source code, slap a web front-end on it for the point-and-drool crowd, and then sell it. They're not in this to help out the Internet or stop spam or anything else admirable: they're in this to make money, and they're perfectly willing (see first point) to make the spam problem worse if it increases their profits.

    They're not alone in that -- there are others out there who are in business to profit from our collective misery. An excellent way of spotting such companies is to ask the question: "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

    • by SlamMan ( 221834 )
      Interesting. Barracuda's recommended settings (I have one sitting next to me we no longer use) are to have the bounce-on-reject or whatever its called turned off. The default is to have it on, but the defaults are clearly defined as a least restrictive/change these to meet your environment before putting in production sort of thing.
    • Re: (Score:3, Insightful)

      by svallarian ( 43156 )
      I couldn't give a spit that the front end isn't open source. All I know is that I was able to get gateway level spam protection for under $5k for 200 users. Which would have cost well over $20k+ for a commercial solution that only works half as well. And, yes, I could have set all of that up from scratch and save a few thousand, but my time is better spent elsewhere.

    • >> "What would happen if the problem they claim to address was actually solved?" If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

      You know, I ask that of the War on Terror / Drugs / Communists / File Sharers on a daily basis ...
    • Re: (Score:3, Informative)

      Not to mention that my six year old daughter could provide better tech support than Barracuda does :(

      We use a pair of Barracudas where I work to filter incoming e-mail, and in all truth, they work really, really well. That is, until something breaks. One of our units had problems with its hard drive, so we called tech support. They dinked around with the box (on our network) for over a week without fixing it -- all the while it was spooling up mail, but not delivering it -- and then things got bad. T
    • by krunk7 ( 748055 )

      If the answer to that question is "they would go out of business", then their motivation for always treating the symptoms and never treating the underlying cause will become clear.

      The rest of your post might be spot on, but this is a piss poor litmus test. I can't imagine any specialist profession that the answer to that question wouldn't be "they would go out of business". For example, "What would happen to all the oncologists if cancer were cured?" => "They would go out of business!". But this hardly

      • Clarification: I meant that remark to apply only to various anti-spam vendors, not to doctors or anyone else.

        I'd like to add that there's nothing wrong with symptomatic treatment as an adjunct to root-cause treatment; it's generally a good idea unless it gets in the way (say by masking the problem, making it tougher to pinpoint). However, I think there is something wrong with only doing symptomatic treatment when root-cause treatment techniques are well-known and readily available. And that's what I thin

  • I did a quick advanced search up until 1995 and found bits and pieces of stuff. I think y ou would have to search for all the available anti-virus at the time and THEN look for modules that handled proxy filtering.
  • Err (Score:3, Funny)

    by Vexorian ( 959249 ) on Tuesday January 29, 2008 @09:53AM (#22221338)
    I guess I'll wait for a new protocol to come and patent "Fighting virus on XX protocol" That should do it. Man, this patent is so retarded, Trend Micro should be ashamed for ever filing it...
    • Hey! That violates my patent "#5699039: A system for creating patents based on newly released protocols".
  • by Anonymous Coward
    Perhaps the best play is to use the bad patent system and patent an antivirus system with included smtp and ftp abilties... because in the eyes of the patent office, this is completely different from an smtp and ftp system with antivirus abilities.
  • by PinkyDead ( 862370 ) on Tuesday January 29, 2008 @10:01AM (#22221438) Journal
    I must be missing something here...

    I have configured for a number of my clients their own SMTP servers for which I charge. These servers are generally gateways with postfix as the server. The anti-virus is ClamAV which is called by postfix.

    Or to put it another way they have 'anti-virus detection on an SMTP or FTP gateway'.

    Does this this mean I have violated this patent? Or should the patent be rewritten as 'Patent 5,623,600: Installing software on a computer'?

    • I've been doing the same thing with qmail for at least 10 years with McAfee before ClamAV.
    • IANAL, blah blah blah (of course), but I would think since you don't own the copyright on the software (and therefore don't own full rights to it), you're not liable.
      • I wrote and hold the copyright on the main.cf - which is the bit that puts anti-virus software on the SMTP gateway.

        (To be fair I'm sure you're right - I'm just being facetious in response to a spurious patent).
  • by martyb ( 196687 ) on Tuesday January 29, 2008 @10:21AM (#22221654)

    Thanks to google and its archive of usenet posts: this query [google.com] on google groups of: "FTP SMTP virus proxy server group:comp.*" for the time period of 01-Jan-95 through 26-Sep-95 (the patent was filed on 26-Sep-95) returned this link [google.com].

    It appeared in the comp.security.misc newsgroup and the first few paragraphs (emphasis added) suggests to me this might be prior art:

    FOSE '95, WASHINGTON, March 21 /PRNewswire/ -- Norman Data Defense Systems, Inc. today introduced the Norman Firewall, a firewall providing a single, highly secured route for data traveling between networks and the Internet.

    "We are proud to deliver a new level of data defense for networks that are currently vulnerable to attack from a variety of global data security threats, including hackers and viruses," said Norman Data Defense Systems, Inc. President and CEO David J. Stang, Ph.D.

    Like a sentry positioned to identify visitors and then authorize or deny entry, the Norman Firewall combines an integrated front-end server, proxy server, and virus detector to defend systems and information. The Norman Firewall essentially opens incoming and outgoing data packets, and inspects, virus-checks (against more than 6,500 known viruses), and repackages the data packets, before delivery to their destination. No packets ever need to directly enter or leave internal networks.

    I don't have time right now to search further, but wanted to put this out there for others to follow up on. Any takers?

    P.S. As a point of comparison, consider that the Morris Worm [wikipedia.org] was released onto the internet on 02-Nov-88 (more details here: A Tour of the Worm [std.com]) and THAT was nearly SEVEN YEARS before this patent was filed!

    • Here's on for TFS [google.com], which:

      Its pretty functional - gateways between any/all MS/MAIL, WP-OFFICE, CC:MAIL,
      SMTP, UUCP, MCI-MAIL. It does uuencode and MIME attachments (configurable per
      address or domain wildcard) and international characters. It can also virus
      scan attachments on the way through the gateway, and access can be controlled
      on a user by user basis!

      It looks like it's still around in some form from foxT [tfstech.com]. So long as the SMTP part is invalidated, I think the Internet will live on, and maybe FTP can just g

  • But they're not going after small potatoes ClamAV for violating their patent. They're going after bigger potatoes, someone using a free service. This would be like if your computer uses an operating system, you've got to pay a fee to Microsoft no matter which OS you use--oh wait!

    Seriously, it seems to me that this patent is another one of those overreaching ones. It's coming upon obvious technology, not created by itself and rushing to get a patent so that everyone who uses this technology to fight viruses
    • by Ilgaz ( 86384 ) *

      But they're not going after small potatoes ClamAV for violating their patent. They're going after bigger potatoes, someone using a free service. This would be like if your computer uses an operating system, you've got to pay a fee to Microsoft no matter which OS you use--oh wait!

      Seriously, it seems to me that this patent is another one of those overreaching ones. It's coming upon obvious technology, not created by itself and rushing to get a patent so that everyone who uses this technology to fight viruses has to pay a fee.

      I don't buy the "ClamAv will be sued" too. Last thing a security company needs is making near all server admins mad. Even OS X Server comes with Clamav installed, go figure.

      I didn't see any notorious action from Trend Micro all these years, for example the offer OS X/Linux users free commercial quality antivirus running in Firefox via Java ( http://housecall.antivirus.com/ [antivirus.com] with Firefox/OSX ). Imagine what would happen if Symantec came with a similar solution. They never came up with the abuse of "Theoreti

  • by nologin ( 256407 ) on Tuesday January 29, 2008 @10:29AM (#22221734) Homepage
    Hmm, the last time I installed a Trend Micro product was about 18 months ago. I know that back in that time, Trend was using postfix on their SMTP gateway anti-virus products implemented on Linux systems.

    If Trend Micro is really trying to prevent other companies from offering cheap solutions for anti-virus/anti-spam gateways, I would take a long hard look at how they themselves got to where they did at this point in time.
  • Is it just me, or.. (Score:3, Interesting)

    by Seth Kriticos ( 1227934 ) on Tuesday January 29, 2008 @10:58AM (#22222040)
    Is anyone else starting to get tired of this?

    The patent system was invented quite some decades ago to protect inventors from other people, who just stole their inventions and made profit of it.

    Back in that days, inventions were actually realy made and development was so slow, that 20 years were a reasonable time for the protection of the invention.

    Then time moved on, the number of real inventions did not realy rase, but most stuff was just a mere reorganization of existing stuff, but the number of patents went up.

    Nowdays, if someone realy invents something, that would make the world a better place, some big corporation ensures, that it never surfaces bigger public, because that would harm their bussiness. (Like some drafts of more effective engines, and the like).

    Now we start putting patents on Software, which is like a book, and should get copyright, but why on earth sould it be patented? And where does that benefit the creation of new inventions? It clearly does the opposit in most perspectives.

    So maybe I'm missing the point, but I don't realy see, why this kind of system can keep existence, even thow it slowly brings economy to ruin and helps humanity to get a step closer to selfdestruction. Hmm.. Maybe I'm a bit exagerating, please prove me wrong.
  • Maybe it's cheaper to just relocate all the developers with nice programming jobs in some nice European country like Sweden?
  • Folks have been doing stuff like that for years now, with tools like procmail and others.
  • With the bloated McAfee and Norton products, that brought systems to more of a standstill than the viruses they let through anyway, I always saw Trend as a bit of a good guy in the market. Their relatively lightweight online scan, Housecalls, always worked well for me in fixing up other people's PC's. (Their last version with Active X and shit became a bit more flaky and a bit more of a dog, but still beat Norton and McAfee, IMHO.)

    Now they've fallen into the "asshole" category in my mind (man, it's gettin
  • If this gets rid of those God-awful ads on XM that annoy the shit out of me all the time, then I'm all for it. Then again, I'd *MUCH* rather it be AppRiver they were going after... my commute to and from work each day would be SO much better without those abortions!

    "AppRiver...apply directly to your eMail! AppRiver... apply DIRECTLY to your eMail! AppRiver... apply directly to YOUR eMail!"

    I've got a baseball bat I want to apply to someone's fucking head!

    (first person that points out the obvious, that I c

Don't get suckered in by the comments -- they can be terribly misleading. Debug only code. -- Dave Storer

Working...