Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Patents Encryption

Intuit Beats SSL Patent Troll That Defeated Newegg 59

Last fall, Newegg lost a case against patent troll TQP for using SSL with RC4, despite arguments from Diffie of Diffie-Hellman key exchange. Intuit was also targeted by a lawsuit for infringing the same patent, and they were found not to be infringing. mpicpp (3454017) sends this excerpt from Ars: U.S. Circuit Judge William Bryson, sitting "by designation" in the Eastern District of Texas, has found in a summary judgment ruling (PDF) that the patent, owned by TQP Development, is not infringed by the two defendants remaining in the case, Intuit Corp. and Hertz Corp. In a separate ruling (PDF), Bryson rejected Intuit's arguments that the patent was invalid. Not a complete victory (a clearly bogus patent is still not invalidated), but it's a start.
This discussion has been archived. No new comments can be posted.

Intuit Beats SSL Patent Troll That Defeated Newegg

Comments Filter:
  • Re:WAT (Score:2, Informative)

    by Anonymous Coward on Thursday June 26, 2014 @10:39AM (#47324247)

    It is not of high quality.

    http://en.wikipedia.org/wiki/RC4#Security

    http://threatpost.com/attack-exploits-weakness-rc4-cipher-decrypt-user-sessions-031413/77628

    http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx

    https://www.schneier.com/blog/archives/2013/03/new_rc4_attack.html

    http://www.networkworld.com/article/2164421/security/potential-weakness-in-ssl-tls-security-downplayed-by-certificate-group.html

  • Re:WAT (Score:5, Informative)

    by SJ2000 ( 1128057 ) on Thursday June 26, 2014 @11:43AM (#47324869) Homepage
    Yes you can. There are many types of cryptographic weakness (Eg: an attack that reduces the effective key space) but specifically regarding RC4, there are weaknesses [uconn.edu] which make it difficult to use properly in common scenarios.

This is the theory that Jack built. This is the flaw that lay in the theory that Jack built. This is the palpable verbal haze that hid the flaw that lay in...

Working...