Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Patents The Courts

Programmer Apologizes For Sending Letters Claiming Patent on Age-Old Web Standard (theregister.com) 56

"The director of a tiny UK company has apologised after sending letters to businesses suggesting they had infringed his patents that he claimed covered an age-old web standard," writes The Register.

LeeLynx shares their report: The tech in question is the content security policy (CSP) mechanism that websites use to protect their visitors from cross-site scripting (XSS) attacks and similar exploits that steal data and hijack accounts. Specifically, the cryptographic nonce [number-used-once] feature of CSP to stop unauthorized scripts from running. Datawing Ltd sent a number of letters to small businesses this month claiming to own one UK and one US patent on CSP and its use of a nonce.

After an initial wave of alarm and outrage on Twitter when the letters surfaced, The Register tracked down their author: a penitent William Coppock... "What a stupid plonker, all I've done," he sighed, adding that he has six children and has been diagnosed with cancer. Applying for the UK and US patents cost him his "life savings," he said, adding: "I didn't intend any harm to come to anyone. Maybe I've just got to sell or give this thing to Mozilla...."

[H]e denied to The Register that he was a patent troll. A law firm had checked over the letter and the "patent infringement outline" document before he sent them, he claimed. Coppock also apologised to all who received his letters and urged them to contact him if they had any questions about it.

We have asked the law firm Coppock named for comment on the advice he says it gave him and will update this article if we hear back from it.

This discussion has been archived. No new comments can be posted.

Programmer Apologizes For Sending Letters Claiming Patent on Age-Old Web Standard

Comments Filter:
  • by JoshuaZ ( 1134087 ) on Saturday August 28, 2021 @03:43PM (#61739475) Homepage
    Forgive me but I'm a bit skeptical about the cancer claim. It seems like exactly the sort of thing someone would say to try to get sympathy with not much ethics. And given what he apparently was doing, we're already seeing a lack of ethics here.
    • by stephanruby ( 542433 ) on Saturday August 28, 2021 @04:00PM (#61739517)

      Also, he doesn't sound like he knows what he did wrong. Note the keyword "sell" and the non-apology apology "I didn't intend any harm to come to anyone."

      "I didn't intend any harm to come to anyone. Maybe I've just got to sell or give this thing to Mozilla...."

    • by phantomfive ( 622387 ) on Saturday August 28, 2021 @04:04PM (#61739527) Journal

      Yeah but it's a good approach if you're ever being harassed by an online cancel mob. Call yourself stupid, claim a mortal disease, then use the attention to try to find a buyer.

      • How many times did anyone criticizing Greta get hit by "Why are you so threatened by a disabled little girl"? I still see that shit even though she is literally a grown adult woman.

        • A mistaken grown woman
      • by dvice ( 6309704 )

        "An appeal to pity (also called argumentum ad misericordiam, the sob story, or the Galileo argument)[1][2] is a fallacy in which someone tries to win support for an argument or idea by exploiting their opponent's feelings of pity or guilt. It is a specific kind of appeal to emotion. The name "Galileo argument" refers to the scientist's suffering as a result of his house arrest by the Inquisition. "
        https://en.wikipedia.org/wiki/... [wikipedia.org]

    • Forgive me but I'm a bit skeptical about the cancer claim.

      I don't necessarily disagree with you, and I know nothing about this guy, but - I could see something like this happen if a person got sick, wasn't really well prepared for the future and so was casting about, trying to figure out what he could do to provide for his kids after he's gone.

    • Whether or not he has cancer, he can still be an idiot, or worse, an extortionist.
  • Since when is 2011 - or even later - “age-old”? Unless you’re a mayfly, of course.

    • Yeah it doesn't seem that long ago to me. But, I'm old.

      I came up with the same idea, brought it to the IETF, and was informed that there was a group already working on that idea. Because the time it became a standard it had become quite a bit more complicated. That's both good and bad.

      At the time, a simple header from the server saying "there are no scripts on this page" would have been useful and that was what I first tested. Nowadays, we certainly couldn't introduce that as a new feature. Far too many pag

  • by stephanruby ( 542433 ) on Saturday August 28, 2021 @04:06PM (#61739535)

    Coppock also apologised to all who received his letters and urged them to contact him if they had any questions about it.

    If you've received such a letter (and it wasn't registered or certified), do not contact him.

    Contacting him about it would be an admission that you received the letter in the first place.

    Do not make it too easy for him or his lawyer.

  • Has a rather different meaning in the UK

    https://en.wiktionary.org/wiki... [wiktionary.org]

    • Has a rather different meaning in the UK

      https://en.wiktionary.org/wiki... [wiktionary.org]

      This was the first thing that crossed my mind, not the greatest choice of shorthand.

      • Except that in a crypto setting it has been used for quite a long time, and is referenced in many standards and descriptions of common algorithms.

      • It's a tiny little country, nobody cares about their slang. They can change it if they want. Their empire fell long ago. The computer world uses American English.

        • American english is a dalect with an amusing nasal accent. English - the clues in the name. If I wanted to speak proper spanish I wouldn't learn it in mexico, I'd go to Spain.

          • That's right, lift your nose high and chortle. Nobody cares.

            If you were going to speak Spanish in the Americas, you'd be an idiot to learn it in Spain, and nobody would be at all impressed by all your mispronunciations.

          • I couldn't recommend England as a source for proper English either. Half the twits I met over a 6 month period used more undecipherable garbage slang than actual words, same with Australia. Oddly, the cleanest English I've heard on the planet is actually in Riga, Latvia (which is funny to me because I couldn't find a single person in Poland that actually spoke English, though I was only driving through for a couple days).
          • tho you can thpeak like thith?
    • by nagora ( 177841 )

      It's not at all obvious to me how Wiktionary orders its meanings but #3 and #4 are far more widespread, IME, than the sex offender meanings which seem to be mostly London-centric usages.

      • That semantic is national, not London centric, it is certain the mostly obvious meaning in Yorkshire and the North.

  • He found Jesus after he got diagnosed with cancer. Trauma sometimes puts things in perspective? If it doesn't make you more pissed off/bitter that is.

    • Oh, if you live long enough after the diagnostic, the pissed off / bitter only lasts 6 months to a year. After that you realize money / possessions mean nothing, people really mean nothing except the ones that choose to be around you only for the sheer company, and you start to see humanity for the cockroach infested civilization that is truly is. Then you can sit back and watch all the self destructive behavior and admire how deserving the destiny of humanity is.
  • The guys sounds more like a (rather gullible) victim of greedy lawyers - the one that prompted him to sink his hard-earned in applications for patents covering prior art, and the one that encouraged him to try and cash in on them.

    On the other hand, they're an equal chance that the guy himself is a greedy patent troll who tried to get in on the action and failed miserably.

    Either way, the true victims are his kids.

    • Except that the summary says, "A law firm had checked over the letter... before he sent them, he claimed."

      He wrote the thing, and the lawyers checked it over.

  • Here is the actual text of claim 1 from the US patent. The other claims are dependent (i.e., are narrower in scope). The patent examiner found that the claim here is for something novel and non-obvious, which may be true. It may also be true however, that what is claimed is not what CSP actually does, in which case CSP would not be infringing this claim.

    A method of preventing unwanted code execution in a client/server computing environment executing a client-side script by an internet browser, said internet

  • Guess he didn't have much saved.

  • In what country does using a feature in a program that you did not write constitute an infringement upon someoneâ(TM)s patent, regardless of the actual legitimacy of the claim of infringement?

    Or is the point here that the dude is off his rocker?

  • You cant file prior art patents in the UK so either his legal team have taken him for a ride or he's a liar. Or probably both.

  • The use of a nonce to prevent record/replay attacks was not new in 2011, it had already been a practice for preventing Flash streaming media playback from being spoofed by that point and I doubt Adobe were the first to think of it. The PTO were idiots to grant that patent but they're clear that they don't take responsibility for establishing novelty. To be blunt, most of the IP patents related to the Web between 2000–2015 are questionable at best; the Microsoft Word XML patent splitting raw text from

  • In The Register's comments section: https://forums.theregister.com... [theregister.com]

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...