Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Patents Google The Almighty Buck The Courts

Kim Dotcom Wants Money From Google, Twitter For 2-Factor Authentication 122

Nyder writes "Kim Dotcom posted via Twitter, with a link to Torrentfreak, that he owns a security patent US6078908, titled 'Method for authorizing in data transmission systems.'" Techdirt points out that Dotcom isn't just asking for financial help: Instead, he's asking companies which use two-factor authentication "to help fund his defense, in exchange for not getting sued for the patent. He points out that his actual funds are still frozen by the DOJ and (more importantly) that his case actually matters a great deal to Google, Facebook and Twitter, because the eventual ruling will likely set a precedent that may impact them -- especially around the DMCA." Update: 05/23 14:23 GMT by T : Why is this relevant to Twitter? If you're not an active Twitter user, you might not realize that (after some well publicized twitter-account hijackings), the company is trying to regain some ground on security. Nerval's Lobster writes "Twitter is now offering two-factor authentication, a feature that could help prevent embarrassing security breaches. Twitter users interested in activating two-factor authentication will need to head over to their account settings page and click the checkbox beside 'Require a verification code when I sign in.'"
This discussion has been archived. No new comments can be posted.

Kim Dotcom Wants Money From Google, Twitter For 2-Factor Authentication

Comments Filter:
  • Extortion maybe? (Score:3, Insightful)

    by zitsky ( 303560 ) on Thursday May 23, 2013 @10:14AM (#43802573) Homepage

    What is the definition of extortion, Alex?

    • by GodInHell ( 258915 ) on Thursday May 23, 2013 @10:21AM (#43802647) Homepage
      Offering to waive a right in return for settlement without bringing suit is not extortion.
      • by Yvanhoe ( 564877 ) on Thursday May 23, 2013 @10:31AM (#43802745) Journal
        It is, but in US it is legal.
        • Doesn't matter, he has no money to fight his own legal battles, much less go after google. And wasn't he arrested for having a website that encouraged stealing movies? Ironic he's now upset people are "stealing his patent" (quotes because he hasn't proven anything in court yet)
      • by K. S. Kyosuke ( 729550 ) on Thursday May 23, 2013 @10:32AM (#43802765)

        Offering to waive a right in return for settlement without bringing suit is not extortion.

        Wow, that means that the Prenda and MAFIAA guys are actually good guys!

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Threatening others with patents are bad... Well until it's done by someone we like. Then clearly it's okay. Slashtard hypocrisy never fails to amuse.

        • by bsane ( 148894 )

          Don't hate the player, hate the game ;-)

          • by Anonymous Coward

            The game is not something separate and apart from those playing it. It ~is~ the players.

          • The second AC to post sums it up. Without the players, there is no game. The players ARE the game.

        • We don't like Kim dotcom
          • by Desler ( 1608317 )

            So explain the hivemind circle jerks that go on whenever one of the many gushing submissions about him are posted.

        • I'd never heard of Kim Dotcom before the raid, and my opinion of him has been shaped solely by /. comments (who has time to RTFA?). So I'm in a pretty good position to comment on the "Slashtard hypocrisy".

          The general consensus seems to boil down to "He's a dick who's on the right side of one specific issue". So you'll see comments supporting him in the one specific issue, but you'll see other comments decrying his general dickishness - including his current patent trolling.

          However, I'm not really sure hav

      • So, "give me money to help defend against this lawsuit or I will file one against you" isn't extortion?

        I'm not sure I agree with that interpretation.

      • by Desler ( 1608317 )

        Nice mental gymnastics there. If this were Mosaid doing the exact same thing the comments would be filled with nothing but attacks and how the patent is invalid and obvious, etc. Interesting to see that apparently Kim Dotcom has the only valid software patent in existence.

    • by Khyber ( 864651 )

      "What is the definition of extortion, Alex?"

      Funny that you ask me, since I have an extortion charge on my criminal record.

      This isn't extortion. There's no criminal threat to cause bodily harm or injury to reputation going along with the demand for money. 'Pay or I sue' is not extortion. 'Pay or I'll hurt you somehow' is.

      This is essentially how our patent system is supposed to work.

      • by Desler ( 1608317 )

        And yet when other companies do this they are string up and all the comments are about how trivial and obvious it is. But now that it's a Slashdot hero the comments are strangely silent on that.

      • Except this is "help pay for my legal defense against this, and I won't sue you for that".

        The suggestion of a lawsuit over an unrelated matter would definitely seem to be a threat, and would therefore be extortion, no?

        • by Khyber ( 864651 )

          No, there needs to be direct threat of personal injury or harm to a protected status in order to trigger extortion.

          Nothing Dotcom has said applies.

          • Well, hopefully there's an equivalent point in law for what they're doing -- because it has a lot of the same hallmarks as extortion.

            • by Khyber ( 864651 )

              If Kim files suit and the suit is found frivolous, there's a chance of extortion charges being laid against him, but more likely he'll be hit with vexatious litigant status and from there, pretty much no lawyer will take up any of his cases, except public defenders when he lands in a court room on criminal charges.

      • by Anonymous Coward

        I've known Kim since the Amiga days here in Germany, I've met him many times. He is possibly the most dishonest person I've ever met. I'm saddened he's become a poster boy for the Torrent/Anti-Big Media crowd. His profiteering from piracy distracts from real issues. Very sad.

  • by Anonymous Coward

    I don't see Kim hopping on a US-bound plane to sue the infringing companies any time soon. They must be shaking in their boots.

  • a couple million dollars in the central bank of Nigeria that he needs our help to recover?
  • How about this? (Score:5, Interesting)

    by MikeRT ( 947531 ) on Thursday May 23, 2013 @10:19AM (#43802623)

    Sign a patent deal with them that if they will fully fund his defense, he'll agree to not sue anyone and when the case is over he'll turn the patent over to the public domain.

  • I seriously doubt Kim Dotcom is in a position to actually litigate his patent claim. Financially, that is.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      What does that say for 'anyone' with a legitimate patent claim but no funds to defend it?

      • by Desler ( 1608317 )

        Where has it been determined that he has a valid patent claim?

        • Well, presumably, when he filed for that patent he knew what he was patenting. He and his lawyers came up with the a set of "claims" that are the actual meat of the IP. And if some actor later comes and inserts a product into the market that could not have been created without stepping on one or more of the claims in the patent then he knows one of two things:

          (1) he has a valid complaint that the person is stepping on his IP
          (2) whoever wrote the claims in his patent did so in such that there was a wor
    • He could sell the patent to someone who can.

    • by Anonymous Coward

      I seriously doubt Kim Dotcom is in a position to actually litigate his patent claim. Financially, that is.

      It doesn't matter. He can just sell the patent to Yahoo or Apple or Patent Trolls R Us, or whoever and then they can litigate it.

  • Kim-Dot-Con (Score:5, Interesting)

    by Shoten ( 260439 ) on Thursday May 23, 2013 @10:23AM (#43802667)

    It bears mentioning that Kim Dotcom was once named Kimble Schwartz, who basically went from one moneymaking scheme to another. Kimvestor, for example, got him jailed for securities violations. YIHAT was a front of an organization that tried to rally people around hacking terrorists. The list goes on and on. About 15 years ago he was noted as being a fraud in the security space, despite claiming to be a hacker. I think he got lucky with Megaupload, but now he's back to his old usual failing-yet-highly-vocal self.

    • Don't forget the "music career" with that tasteless music video!

      • by Shoten ( 260439 )

        Don't forget the "music career" with that tasteless music video!

        Oh yeah! Forgot about that's easy to lose track of all the ways this self-indulgent butthead has tried to reinvent himself.

    • Re:Kim-Dot-Con (Score:5, Insightful)

      by Anonymous Coward on Thursday May 23, 2013 @10:41AM (#43802857)

      I'm surprised this was actually modded up here... The hivemind has something of a hard-on for Kim Dotcom, anyone who was even mildly critical of him during the Megaupload situation was immediately dismissed as a troll.

      It's rather smugly satisfying to see him turn the tables completely and reveal himself as a patent troll now that he needs some extra cash. It's even more satisfying to know that he's ALWAYS been a money grubbing scumbag, because from what you've posted here, those same people running to his defense should have known better.

    • Re:Kim-Dot-Con (Score:5, Interesting)

      by SirGarlon ( 845873 ) on Thursday May 23, 2013 @11:12AM (#43803227)
      I always thought he was a scumbag. I don't understand why Slashdot and others treat him like some kind of folk hero.
    • by Anonymous Coward

      Actually is name was Schmitz not Schwartz but the rest is true:

  • Go ahead, sue Google (Score:5, Interesting)

    by MetalliQaZ ( 539913 ) on Thursday May 23, 2013 @10:31AM (#43802741)

    See what happens.

    • by Laxori666 ( 748529 ) on Thursday May 23, 2013 @11:23AM (#43803363) Homepage
      Um. Kim's actual twitter message [] was "Google, Facebook, Twitter, I ask you for help. We are all in the same DMCA boat. Use my patent for free. But please help funding my defense." That's not really threatening to sue, that's asking for help. Yellow journalism much?
      • by Desler ( 1608317 ) on Thursday May 23, 2013 @11:31AM (#43803439)

        I never sued them. I believe in sharing knowledge & ideas for the good of society. But I might sue them now cause of what the U.S. did to me

        From here []. In your hasty attempt to defend Kim Dotcom you might have wanted to actually do a but more research.

        • by PRMan ( 959735 )
          I still think it's more of a "I might have to sue because I have no money to operate." He really doesn't want to do it, but I can see how people can read it as a thinly-veiled threat, especially given his background.
        • Oh true. I blame the article for not posting a more relevant link & twitter for being hard to use.
    • by Anonymous Coward

      No, what we need now is for NewEgg to make a two-factor auth system on their website. Then wait until they get sued, and...

    • He should start with Newegg.

      See what happens.

  • "I believe in sharing knowledge & ideas for the good of society. But I might sue them now cause of what the U.S. did to me,"

    Sounds like the typical ire most people have towards the US legal system right now. Including the US itself.

    • Yeah, it's the old "Something related to X did this to me, therefore I'm going to attack people also related to X but in another way that doesn't mean they had any control over the first thing" thing.

      See also numerous wars we've been involved in over the last few decades.

  • Whatever you may think or say about Kim, he's got some interesting moves. (I don't yet have much of a viewpoint on him beyond what I just said, being too busy learning to make good popcorn and trying to follow what's what.)

    Is this a really a plea for help, or extortion, or patent-trolling (the latter two might be synonymous)?

    On the related matter, I've not read the whole law and am curious: Are violations of DMCA to be pursued under civil or criminal law? Or either one or both depending on circumstance?

  • Prior Art - ATM? (Score:4, Interesting)

    by Kwyj1b0 ( 2757125 ) on Thursday May 23, 2013 @11:32AM (#43803459)

    It baffles me that two-factor authentication patents can be valid. Haven't ATM machines always done that (One factor - the ATM card, the second factor is the PIN)? What about USB key+password decryption? I know the patent system is broken, but this should get thrown out when challenged. More interesting, what advice is Dotcom's lawyer giving him? Or does New Zealand legal system not provide lawyers to someone arrested there who can't afford one?

    • by Jahta ( 1141213 )

      It baffles me that two-factor authentication patents can be valid.

      Me too. According to Google's patent search, he filed the patent in 1998. In 1996 I worked on an online banking application that used two-factor authentication. Each customer was issued with a hand-held device (about the size of a small calculator) which generated a transaction authorisation number (TAN) in response to a challenge from the online system. The devices were commercially available at least two years before the patent filing.

    • by Kaenneth ( 82978 )

      Which costs more; paying lawyers to defend Dotcom; or paying lawyers to defend a Patent case?

      Which one has the worst-case outcome, for the shareholders?

    • by Anonymous Coward

      RSA's two factor auth has been around since before Kim Dotasshat

    • A patent on two-factor authentication itself would be invalid. A patent on a particular way of doing it can be legally valid. Presumably, Dotcom's patent describes a specific technique.

  • I'm pretty sure SecureID uses 2-factor authentication before Kim's patent. Where you enter the password, a token is generated and you have to enter the key before access is granted.
    I guess the different maybe the token is automatically generated every min instead of being transmitted to to a secondary device. If his patent is validated in court, it's worth a lot more than the 50mil he asked.

  • Guys, guys guys! This can only end up in OUR FAVOR. Let's see... Kim's company ( is not a "non-practicing entity", so the only way Google and Twitter could avoid paying him whatever he asks, is to set some rules on what can be patented when it comes to software patents. Not as good as abolishing soft patents at all, but a win nevertheless.
  • So if he is admitting that he needs financial help with the defense of his current court battle, it would be a pretty reasonable assumption that he does not have the funds to initiate a second court battle. Sounds like a pretty empty threat, if you ask me.
  • "Fund my defense in return for me not suing you about my worthless patent" doesn't make you any less of a troll than "Pay me money in return for me not suing you about my worthless patent."

  • Look soon for a Presidential Executive Order finding that if you are an Enemy Combatant against the Entertainment State, any patent you possess is null and void - along with any sense of openness, honesty, or due process.
  • After having actually read the patent, it looks like Google Authenticator, for example is in the clear.

    The patent states that the following must occur:

    1.) User inputs a password
    2.) Authenticating device receives the password from #1, generates a password, and sends this new password out-of-band to an external device. (Pager, phone, etc)
    3.) Person then reads the password from the device
    4.) Person inputs the new password into their computer
    5.) Computer sends second password over to authenticating device.
    6.) Authenticating device finally grants access.

    Google authenticator works differently.
    1.) User input password
    2.) User inputs password read from device
    3.) BOTH are sent over the network to the authenticating computer, at the same time.
    4.) Authenticating computer grants access.

    Note that Google Authenticator does not generate the 'multi-factor' password after receiving the first password from the user.

    The multi-factor password is streamed passed to the (pager, phone, etc.) every X seconds.

    It's an entirely different mechanism.

    Which means that my already low opinion of this guy is now lower, as he's descended into obvious patent troll territory.

    • by heypete ( 60671 )

      Note that Google Authenticator does not generate the 'multi-factor' password after receiving the first password from the user.

      The multi-factor password is streamed passed to the (pager, phone, etc.) every X seconds.

      No it's not. Google Authenticator implements TOTP [] which depends only on having a reasonably accurate clock and a previously-agreed-upon shared secret from which the codes are generated.

      When one uses Google Authenticator, one gets a shared secret from Google (which can be easily input in the form of a QR code, though one can manually input it as well) and adds it to the GA app. When one wishes to authenticate to a service (e.g. a Google Account or any other service that implements TOTP), the app uses the cur

  • Not on either side of the issue, but if all his funds are frozen, wouldn't that also include any valuable assets he might own. Such as a patent...

"Well, it don't make the sun shine, but at least it don't deepen the shit." -- Straiter Empy, in _Riddley_Walker_ by Russell Hoban