Clive Turvey’s dumppe and dumppdb utilities for Windows PE and debug symbol files

Clive Turvey has written some excellent tools for extracting information from Windows PE executable (exe, dll, sys, etc.) files, and from Windows PDB debug symbol files. Clive has given me permission to host these.

Download zip file containing dumppe, dumppdb, dumplx, and guid.dat and win32_dll_ord.dat files (see below): clive_turvey_utils_dumppe_dumppdb.zip

I will be using these tools (among many others) in a forthcoming six-hour video from Packt on Software Reverse Engineering.

dumppe command-line options:

Usage : DumpPE [options] <Win32 PE Portable Executable>

Options : -quiet Suppress copyright string
 -disasm Rough disassembly
 -disasm:start,length -disasm:400DE,1FE
 -disasm:+offset,length -disasm:+DE,1FE
 -disasm:!symbol -disasm:!start
 -def <File> Disassembler definition file
 -dat <File> Specify Ordinal database file
 -guid <File> Specify GUID database file
 -getsym Pull symbols from Microsoft Symbol Server
 -path <Path> Alternate path for PDB symbols
 -pdb <File> Specify PDB symbol file
 -reloc Display base relocations
 -checksum Calculate Checksum
 -resource Display resource section
 -nosym Suppress symbolic output

The combination of -getsym and -disasm is particularly useful, providing much of the functionality available for Win32 disassembly in IDA Pro.

The -guid option will use a file such as guid.dat (in the zip file) to improve disassembly by providing text names for UUIDs/GUIDs in the code.

The -dat option will use a file such as win32_dll_ord.dat (in the zip file) to improve disassembly by providing text names for module.ordinal imports (e.g. OLEAUT32.7 is SysStringLen).

====

For more information on PDB files, and source code for a Microsoft PDB dumper, see https://github.com/Microsoft/microsoft-pdb ; Microsoft’s cvdump works with PDB files and is available at https://github.com/Microsoft/microsoft-pdb/tree/master/cvdump .

cvdump help:

Microsoft (R) Debugging Information Dumper Version 14.00.23611
Copyright (C) Microsoft Corporation. All rights reserved.

Usage: cvdump [-?] [-asmin] [-coffsymrva] [-fixup] [-fpo] [-ftm] [-g]
 [-h] [-headers] [-id] [-inll] [-illines] [-l] [-m] [-MXXX] [-omapf]
 [-omapt] [-p] [-pdata] [-pdbpath] [-s] [-seccontrib] [-sf] [-S]
 [-t] [-tmap] [-tmw] [-ttm] [-x] [-xdata] [-xme] [-xmi] file

-asmin Merged assembly input
 -fixup Debug fixups (PDB only)
 -fpo FPO data
 -ftm Function token map
 -g Global Symbols
 -h Header (section table)
 -headers Section Headers (PDB only)
 -id IDs
 -inll Inlinee lines
 -illines IL lines
 -l Source lines
 -m Modules
 -MXXX XXX = Module number to dump
 -omapf OMAP From Source (PDB only)
 -omapt OMAP To Source (PDB only)
 -p Publics
 -pdata Function Table Entries (PDB only)
 -pdbpath PDB search details
 -s Symbols
 -seccontrib Section contributions (PDB only)
 -sf Sorted source file list
 -stringtable String table
 -S Dump static symbols only
 -t Types
 -tmap Token Map (PDB only)
 -tmw Type UDT Mismatches
 -ttm Type token map
 -x Segment Map
 -xdata Exception Data (PDB only)
 -xme Cross module export IDs
 -xmi Cross module import IDs
 file Executable file to dump

cvdump -pdbpath <pe_file> is especially useful when the results are piped through a C++ demangling utility such as Microsoft undname, or vc++filt , or submitted to the online demangler (https://demangler.com/).

 

 

Posted in Uncategorized | Comments closed

Recent news re: source code, software reverse engineering, patent litigation, etc.

2017/03/15 07:39:43 UTC
Teaching Students to Marshal Evidence and Evaluate Claims
Higher education can help teach students critical thinking to marshal
evidence and evaluate claims, bringing scholarly best practices to
the modern web. Jon Udell, hypothes.is

2017/03/14 08:31:35 UTC
The Hardware Hacker: Adventures in Making and Breaking Hardware
The Hardware Hacker: Adventures in Making and Breaking Hardware [Andrew ‘bunnie’ Huang] on Amazon.com. Hardware, says Bunnie Huang, is a world without secrets: if you go deep enough, even the most important key is…

2017/03/13 11:02:10 UTC
‘Zero-Day’? Hacking Vulnerabilities Can Last For Years – Study
Despite bug bounty programs seeking to find these flaws, it can take 7 years for exploits to be found

2017/03/13 10:58:51 UTC
Using Functional Language to Define the Capabilities of Structure
35 USC  112(b) requires that the specification of a patent conclude with one or more claims particularly pointing out and distinctly claiming the…

2017/03/13 05:24:41 UTC
How Much Did the Federal Circuit Narrow Eligibility for Covered Business Method Review
In November of last year, the Federal Circuit narrowed the types of patents eligible for covered business method review in Unwired Planet, LLC v. Google Inc….

2017/03/13 05:19:42 UTC
Supreme Court decision in Life Technologies v. Promega does not relieve manufacturers from the risk – IPWatchdog.com | Patents & Patent Law
The decision in Promega does not relieve manufacturers from risk that their single-part product can be used inadvertently to infringe a US Patent overseas.

2017/03/12 07:35:20 UTC
The FBI’s Secret Rules – An Investigative Series by The Intercept
President Trump has inherited a vast domestic intelligence agency with extraordinary secret powers. A cache of documents offers a rare window into the FBI’s quiet expansion since 9/11.

2017/03/12 07:29:45 UTC
WikiLeaks Files Show the CIA Repurposing Hacking Code To Save Time, Not To Frame Russia
WikiLeaks said CIA hackers impersonated foreign hackers. In fact, the files simply showed re-use of code – in ways that implicated no one else.

2017/03/10 07:17:12 UTC
Search Engine for Source Code
Search engine for source code – ultimate solution for digital marketing and affiliate marketing research.

2017/03/10 05:02:18 UTC
WikiLeaks Will Help Tech Companies Fix Security Flaws, Assange Says
The WikiLeaks founder said the group would work with Apple and Google to give them exclusive access on the technical details that have allowed the C.I.A. to hack their devices.

2017/03/09 04:52:55 UTC
WikiLeaks will give tech firms access to CIA hacking tools: Assange
WikiLeaks published documents this week it said revealed the tools the CIA used to break into smartphones, computers and TVs.

2017/03/08 06:47:22 UTC
Wikileaks’ CIA dump looks like a dud for now
Wikileaks’ latest data dump, the Vault 7, purporting to reveal the Central Intelligence Agency’s hacking tools, appears to be something of a dud.

2017/03/08 05:34:43 UTC
Finding Prior Art in the Most Unusual Places
Searching perfect prior art for a patent is an art. A prior art that can invalidate an issued patent or render a patent application not novel is what every prior art searcher aims to find. Searching for prior art not only requires knowledge of…

2017/03/08 05:28:34 UTC
Intellectual Ventures: XML Patent Invalid
by Dennis Crouch Intellectual Ventures v. Capital One (Fed. Cir. 2017) In parallel decisions, the Federal Circuit has affirmed two .

2017/03/07 07:40:44 UTC
Edward Snowden: WikiLeaks document dump on CIA hacking capability ‘looks authentic’
Former NSA contractor Edward Snowden said on Tuesday that the WikiLeaks dump of what it claims to be more than 8,700 documents from the CIA’s Center for Cyber Intelligence looks authentic and is genuinely a big deal. WikiLeaks announced that its…

2017/03/07 04:22:53 UTC
WikiLeaks Releases Trove of Alleged C.I.A. Hacking Documents
The documents describe agency tools used to hack into smartphones and TVs, as well as to bypass encryption on programs like Signal and WhatsApp.

2017/03/06 05:43:07 UTC
Patent Drafting Tip: A comma affects meaning of items in list – IPWatchdog.com | Patents & Patent Law
The issue was whether the comma in the phrase ‘, otherwise available to the public’ meant that the phrase also modifies the phrase ‘on sale. At least one…

2017/03/06 05:40:45 UTC
What’s happened to software inventions? Five changes in patent eligibility: Frost Brown Todd Law Firm
This isn’t the first time courts have tried to issue new rules to rein in what they see as an out of control patent system. After such a flurry of activity, it seems reasonable to wonder what remains of what we thought we knew about subject matter…

2017/03/06 05:35:01 UTC
One Weird Trick to Beat Alice Rejections (Examiners HATE This!) – GreyB
The Alice v. CLS Bank has had a tremendous impact on how the patent office treats applications for business method inventions. Indeed, since the Supreme Court’s decision in Alice, the allowance rate for class 705 (Data Processing: Financial,…

2017/03/05 06:14:09 UTC
Software patents fight back in the US as Federal Circuit decisions begin to influence lower courts
Software patents fight back in the US as Federal Circuit decisions begin to influence lower courts

2017/03/03 08:07:13 UTC
How Uber Used Secret Greyball Tool to Deceive Authorities Worldwide
A program uses data Uber collected to evade law enforcement in cities that resist the ride-hailing service, some current and former Uber employees said.

2017/03/03 05:45:24 UTC
Q&A: Encoding a Classic Film, Computer Operating System in DNA | The Scientist Magaziner
A conversation with computer scientist Yaniv Erlich

2017/03/03 01:42:32 UTC
U.S. appeals court tosses patent verdict against Apple
(Reuters) – A federal appeals court has thrown out a jury verdict that had originally required Apple Inc to pay $533 million to Smartflash LLC, a technology developer and licenser that claimed Apple’s iTunes software infringed its data storage pa

2017/03/02 02:13:39 UTC
Revisiting the Standard NDA After ZeniMax v. Oculus – IPWatchdog.com | Patents & Patent Law
Entering into an NDA before disclosing confidential information is very important, whether you will discuss potential commercial transactions, funding or…

2017/03/02 02:08:20 UTC
All Trade Secrets Must Be Secret; But Not All Secrets are Trade Secrets
A pair of recent cases illustrate two important interrelated points about trade secret law: First, all trade secrets must be secret. Second, and less…

2017/02/24 09:40:25 UTC
Security researchers announce first practical SHA-1 collision attack
CWI institute in Amsterdam working with a team from Google Research say they have found a faster way to compromise the SHA-1 hash algorithm – announcing what they describe as the first practical technique for generating a SHA-1 collision…

2017/02/23 06:16:20 UTC
AI learns to write its own code by stealing from other programs
Software called DeepCoder has solved simple programming challenges by piecing together bits of borrowed code

2017/02/22 05:15:59 UTC
Stark Strikes Intellectual Ventures’ Infringement Contentions Ahead of Trial
In a recently unsealed order, a Delaware federal judge last week chipped away at some of Intellectual Ventures’ infringement contentions against AT&T Mobility, finding that the plaintiff had not provided adequate notice for its literal…

2017/02/21 09:42:28 UTC
Xilinx, Inc. v. Papst Licensing GmbH & Co. KG (Fed. Cir. 2017)
Personal Jurisdiction Exists Due to Warning Letters and Prior Litigations in Forum – Establishing personal jurisdiction in the…

2017/02/21 05:08:27 UTC
Flipping Bits and Opening Doors: Reverse Engineering the Linear Wireless Security DX Protocol
A security researcher on the Duo Labs team details how he found several vulnerabilities in a wireless physical security system.

2017/02/20 12:21:48 UTC
District of New Jersey Amends Local Patent Rules | Lexology
On February 1, 2017, Chief Judge Simandle issued an Order, effective immediately, amending certain Local Patent Rules for the District of New Jersey.

2017/02/19 06:16:54 UTC
Colorado Court Overturns $1.3 Million Trade Secret Award Because Design Isn’t Secret
Businesses often go to great lengths to protect the secrecy of an essential product design or valuable manufacturing process. But if that design or process is commonly known in the industry, it isn&rs

2017/02/17 07:19:33 UTC
Self-driving cars are mostly getting better at navigating California’s public roads
Human drivers have to take over far less often.

2017/02/16 10:37:58 UTC
Semantic Coloration
Great Exploration Utility ????? Fantastic tool that keeps getting better. Hopper is an affordable disassembler that supports scripting (in Python). A great tool if you ever need to take apart code for debugging, or just learning. Disassembles Mach-O,

2017/02/16 10:31:02 UTC
Android Apk decompiler
Android application package (APK) is the package file format used to distribute and install application software onto Google’s Android operating system. This site uses a perfect open-source APK and DEX decompiler called Jadx:…

2017/02/16 10:30:12 UTC
.JAR and .Class to Java decompiler
Java decompilers online: *JAD, *JDCore, *Procyon, *Fernflower, *CFR. √ A user interface to extract source code from .class and .jar `binary’ files.

2017/02/16 10:22:21 UTC
An open-source x64/x32 debugger for windows.
All the donators!, Everybody adding issues!, People I forgot to add to this list, EXETools community, Tuts4You community, ReSharper, Coverity, acidflash, cyberbob, cypher, Teddy Rogers, TEAM DVT, DMichael, Artic, ahmadmansoor, _pusher_, firelegend,..

2017/02/16 10:20:18 UTC

2017/02/16 10:18:05 UTC
What JSNice does for you ?
By using this service you warrant that all your entries are in your sole responsibility and do not infringe any laws or third-party rights like copyrights and the like. ETH and its employees cannot be held liable in any way. All entries are logged fo

2017/02/16 10:15:25 UTC
Talks (Invited, Keynote, etc)
The increased availability of massive codebases, sometimes referred to as Big Code, creates a unique opportunity for new kinds of programming tools and techniques (e.g. analysis and synthesis) based on machine learning and statistical models. These

2017/02/16 10:13:31 UTC
Introduction
Learning From Big Code

2017/02/16 03:10:11 UTC
http://swipreport.com/pleading-patent-infringement-remains-a-low-bar/
Plaintiff in patent infringement case pled facts on information in belief that it should have known; complaint dismissed.

2017/02/15 08:19:28 UTC
DeGuard: Statistical Deobfuscation for Android
DeGuard reverses the process of obfuscation performed by Android obfuscation tools. This enables numerous security analyses, including code inspection and predicting libraries.

2017/02/14 09:06:28 UTC
Practical Reverse Engineering Part 5 – Digging Through the Firmware
14 Dec 2016 In part 4 we extracted the entire firmware from the router and decompressed it. As I explained then, you can often get most of the firmware directly from the manufacturer’s website: Firmware upgrade binaries often contain partial or entir

2017/02/14 08:46:49 UTC
Practical Reverse Engineering Part 1 – Hunting for Debug Ports
08 Apr 2016 In this series of posts we’re gonna go through the process of Reverse Engineering a router. More specifically, a Huawei HG533. At the earliest stages, this is the most basic kind of reverse engineering. We’re simple looking for a serial..

2017/02/14 03:18:33 UTC
BullsEye Quiz: Moves to Discover Their Expert’s Emails
Feeling savvy? Test your expert witness discovery know-how with this quiz. Which of These Emails Can You Get? 1. Sneed’s Email Providing Sales Figures: GET 2. Pistol’s Draft Report and Expert Fees: GET (the email, not the attachment) 3. The…

2017/02/14 02:54:25 UTC
Nebraska Daubert Order Finds Expert a Mile Wide at the Mouth, But Only Six Inches Deep | Lexology
A case from Douglas County, Nebraska, caught our eye this week for a couple of reasons. It’s a great Daubert order in an Accutane case in Nebraska.

2017/02/14 02:45:35 UTC
The ITC: Reviewing 2016 and Looking Ahead | Lexology
The U.S. International Trade Commission (ITC or Commission) is a popular venue for resolving unfair trade practices, including patent disputes.

2017/02/14 02:41:51 UTC
Preliminary injunction affirmed despite initiation of PTAB post-grant review proceeding | Lexology
The Federal Circuit recently affirmed a district court’s granting of a preliminary injunction barring the alleged infringer from selling its Balloon.

2017/02/14 02:38:58 UTC
Drug manufacturers cannot avoid infringement by dividing method between physicians and patients | Lexology
The Federal Circuit recently stated that a physician may directly infringe a Patented method for drug administration, even when the infringing steps.

2017/02/14 02:31:03 UTC
Bounty or Bug Programs: A How-To Guide | Lexology
Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of.

2017/02/14 02:22:43 UTC
Scan-to-Email Patent Finally Done; Claim Scope Broadened by Narrow Provisional Application
MPHJ Tech v. Ricoh (Fed. Cir. 2017)[16-1243-opinion-2-9-2017-11] MPHJ’s patent enforcement campaign helped revive calls for further reform of the patent .

2017/02/13 06:12:48 UTC
What to Expect From Neil Gorsuch on IP, Patents and Trade Secrets
Though Gorsuch’s views on patents are mostly unknown, the Tenth Circuit judge has had plenty to say in other areas of intellectual property. And attorneys se…

2017/02/13 06:05:43 UTC
Oracle continues legal fight with Google, lawsuit not yet over
These two tech giants have been at it for seven years, and we’re still not done. Oracle has filed an appeal to overturn the decision of a federal court saying

2017/02/13 05:30:13 UTC
Yahoo Class Action Says Small Businesses Affected by Massive Data Breaches
Yahoo failed to adequately protect its small business customers’ sensitive information from two data breaches, according to a class action lawsuit.

2017/02/13 05:26:22 UTC
Yahoo hit with data-breach class-action lawsuit claiming credit-card details stolen
After two huge breaches of users’ data, troubled Yahoo has been hit with another class-action lawsuit, this one claiming credit card information was stolen.

2017/02/13 03:58:37 UTC
4 Tips For Crafting Effective Post-Halo Opinion Letters – Law360
The U.S. Supreme Court’s Halo ruling, which made it easier for judges to award enhanced damages in patent cases, has reawakened interest among companies in getting noninfringement opinions from counsel as a defense. Here, attorneys discuss how to…

2017/02/12 06:54:48 UTC
Machine Learning at Heart of Security M&A Splurge | Light Reading
Four acquisitions in a week all point to the growing importance of machine learning for major security system vendors.

2017/02/12 06:38:16 UTC
Alibaba Will No Longer Act on Notice & Take Down Requests from IP Agencies
Alibaba Group Holding alleged on Thursday that several intellectual property (IP) firms have taken to filing unsubstantiated complaints against vendors on its e-commerce platforms. Hangzhou Wangwei Technology and a number of other native Chinese IP…

2017/02/12 06:21:12 UTC
Spyware’s Odd Targets: Backers of Mexico’s Soda Tax
The first hints that the phones of nutrition policy makers were infected were strange messages from unknown contacts.

2017/02/11 12:27:36 UTC
Banking Is Only The Start: 27 Big Industries Where Blockchain Could Be Used
Banking and payments aren’t the only industries that could be affected by blockchain tech. Law enforcement, ride hailing, and charity also could be transformed.

2017/02/10 06:39:22 UTC
TC Heartland v. Kraft: Awaiting a 2017 Supreme Court Decision with Potentially Significant Implications for Patent Litigation
Patent litigation continues to be concentrated in a small number of venues. Of the 4530 patent cases filed in 2016, for example, patentees chose the Eastern District of Texas more than one third of the time (1661 cases).1 In fact, patentees filed…

2017/02/10 06:29:36 UTC
Setting Up the Scope of IPR Estoppel for the Federal Circuit
Notes: [1] Intellectual Ventures I LLC et al. v. Toshiba Corp. et al. ( IV), Civ. No. 13-453-SLR (D. Del. Jan. 11, 2017). [2] Id. (Dec. 19, 2016 order at 1). [6] Id. (Jan. 11, 2017 order at 1) While it was not disputed that the ground at question..

2017/02/10 06:19:51 UTC
Will Broadest Reasonable Interpretation in IPRs Get Trumped? It’s Possible | Lexology
In 2016, the Federal Circuit and the Supreme Court both resolved that the U.S. Patent and Trademark Office (PTO) Patent Trial and Appeal Board (PTAB).

2017/02/10 06:11:50 UTC
Plan for $10 Billion Chip Plant Shows China’s Growing Pull
The project by the California-based GlobalFoundries is an interesting counterpoint to the recent high-profile announcement from Intel.

2017/02/10 05:56:26 UTC
SIPO targets relief of overburdened patent processing system
The State Intellectual Property Office has taken steps to relieve the pressure on China’s patent examinations system in the wake of the rapidly increasing number of applications in recent years.

2017/02/10 05:44:41 UTC
Inside Baseball Teams’ Battle to Keep Their Secrets Safe
Hacking isn’t the only threat to information creep

2017/02/10 05:38:57 UTC
Battle-Of-The-Stays – Chalk Up Another Victory to the Petitioners | Lexology
The multiple flavors of review and prosecution at the Patent Office produce an environment where a patent family could be subject to inconsistent.

2017/02/10 05:31:19 UTC
Federal Circuit Dismisses Appeal where IPR Petitioner Lacked Standing to Appeal | Lexology
In Phigenix, Inc. v. ImmunoGen, Inc., No. 2016-1544 (Fed. Cir. Jan. 9, 2017), the Federal Circuit dismissed, for lack of standing under Article III.

2017/02/10 05:27:47 UTC
Judge Rejects Attorney Fee Bid in Patent Case
U.S. District Judge Nora Barry Fischer said litigation tactics employed in a suit over an infant chair didn’t qualify as exceptional.

2017/02/10 05:24:47 UTC
District of New Jersey Amends Local Patent Rules | Lexology
On February 1, 2017, Chief Judge Simandle issued an Order, effective immediately, amending certain Local Patent Rules for the District of New Jersey.

2017/02/09 07:11:58 UTC
NSA contractor indicted over mammoth theft of classified data
(Reuters) – A former National Security Agency contractor was indicted on Wednesday by a federal grand jury on charges he willfully retained national defense information, in what U.S. officials have said may have been the largest heist of classifi

2017/02/09 07:08:55 UTC
What Schulhauser Means For Conditional Claim Limitations – Law360
For the first time since 2013, the Patent Trial and Appeal Board recently designated a decision on an ex parte appeal as precedential. In view of this ruling in Schulhauser, method claims should be drafted such that any condition precedent required…

 

Posted in Uncategorized | Comments closed

Recent news re: source code, reverse engineering, software patents, patent litigation

2017/02/09 04:44:27 UTC
Microsoft Adds Patent Suit Protections For Cloud Customers
Offer will help Microsoft distinguish itself from rivals in fast-growing internet-based computing market.
“All of our customers are at some level becoming software providers of their own,” … Customers will be able to pick one patent from a pool of 10,000 offered — Microsoft has 60,000 patents total — to use in their defense.

2017/02/08 06:00:54 UTC
The ITC: Reviewing 2016 and Looking Ahead
The ITC had its busiest year since 2011, which was the peak of the smartphone wars. In 2016, 55 complaints were filed, 16 of those were filed by foreign…
“Looking ahead, it appears that the ITC will slot more cases for
early disposition under the 100-day program, as it has received
increasing attention. We also may see more open Commission hearings.
Finally, we expect to see continued use of the ITC’s pilot program for expedited review of new and redesigned products that are covered by existing remedial orders.”

2017/02/08 05:59:06 UTC
Apple v. Samsung legal battle goes back to its roots
A federal appeals court says it’s up to a district court to decide if there should be a damages retrial in the long-running patent case.
In December, the Supreme Court said in a unanimous opinion that
damages for design patent infringement can be based only on the part
of the device that infringed the patents, not necessarily on the
entire product…. The Supreme Court didn’t give guidance on how damages should be decided, though, and now an appeals court isn’t weighing in, either. With Tuesday’s ruling, the US court of appeals for the federal circuit has punted the case back to district court for the Northern District of California….

2017/02/08 05:56:53 UTC
TC Heartland: Statutory Interpretation, Fairness, and E.D.Texas
by Dennis Crouch The topside briefs have been filed in TC Heartland with strong support for the petitioner who is looking .
Useful summary of amicus briefs

2017/02/08 02:18:52 UTC
ALJ Lord Denies Motion To Preclude Reliance On Certain Representative Products In Certain Semiconductor Devices (337-TA-1010) | Lexology
On February 1, 2017, ALJ Dee Lord issued the public version of Order No. 58 (dated January 17, 2017) denying a motion filed by Respondents Broadcom.
Representative products in domestic industry showing at ITC.

2017/02/08 02:12:35 UTC
A Defendant’s Understanding of Infringement Contentions Is Not Enough To Comply With The Patent Local Rules | JD Supra
Order Granting Motion to Strike, Staying Discovery, and Granting Leave to Amend, GeoVector Corporation v. Samsung Electronics Co. Ltd, Case No….
Judge Orrick explained that the local rules require specific infringement contentions so that defendants can properly respond to the claims, but also so the Court can make a principled decision on whether discovery will proceed. Thus, even if Samsung truly did understand the plaintiff’s direct infringement contentions, GeoVector still was required to articulate its contentions in the proper format contemplated by the rules.

2017/02/07 09:47:41 UTC
Why claim charts?: Underlying purposes and policies for Local Patent Rule requirements
Claim charts perform a major role in patent litigation. Also known as claims tables, infringement contentions (ICs), or invalidity contentions, claim charts are required under the Local Patent Rules (LPRs) adapted in most federal district courts, and infringement charts would be mandated under proposed amendments to the federal patent statute, particularly Rep. Goodlatte’s “Innovation Act” proposed changes to 35 USC 281A (“Pleading requirements for patent infringement actions”). But over the years, I’ve noticed widespread unclarity among consultants, experts, and even attorneys, as to what pur
A discussion of the underlying reasons why Local Patent Rules require claim charts (infringement contentions, invalidity contentions, etc.) in patent litigation. These reasons go beyond mere notice to the other side.

2017/02/07 05:27:56 UTC
Microsoft hosts the Windows source in a monstrous 300GB Git repository
Virtualized file system approach makes Git work better for huge
repositories.

2017/02/06 09:22:27 UTC
Russians Engineer a Brilliant Slot Machine Cheat—And Casinos Have No Fix
Digging through slot machine source code helped a St. Petersburg-based syndicate make off with millions.
Not sure I entirely believe this, and very unlikely source code
itself (as opposed to reverse engineered binary code) was accessible
in slot machines purchased on the open market, but
interesting/amusing on reverse engineering pseuorandom number generators in slot machines

2017/02/04 07:25:56 UTC
Self-described ‘Hacker’ and Cybersecurity Expert Joins LSU Faculty
New LSU faculty member Golden Richard developed an obsession with how computers work that has grown into a career as a leading cybersecurity expert
Golden G. Richard III will be teaching the university’s first class on reverse engineering where students take apart and analyze malicious software and viruses to study them. Students will see how systems are exploited and how they can be protected.

2017/02/04 05:18:41 UTC
The alleged betrayal in these photos, texts, and emails cost Snapchat $158 million
When Snap Inc. filed its IPO papers with the SEC last night, it ended
one of the most tantalizing mysteries in tech: What happened to the third founder of Snapchat, the Stanford student who allegedly invented the concept, designed the ghost logo, and

2017/02/04 05:15:51 UTC
Lawsuit Alleges Apple Broke FaceTime on iOS 6 to Force iOS 7 Upgrades, Save Money
Christina Grace of California has filed a new class-action lawsuit that alleges Apple broke FaceTime in iOS 6 to force users to upgrade to iOS 7,…
… When Apple’s peer-to-peer FaceTime technology was found to infringe on VirnetX’s patents in 2012, Apple began to shift toward Akamai’s servers to handle iPhone-to-iPhone connections. A year later, Apple was paying $50 million in fees to Akamai, according to testimony from the VirnetX trial. The class-action lawsuit, pointing to an internal email titled “Ways to Reduce Relay Usage,” alleges that the growing fees were beginning to bother Apple executives….”

2017/02/03 08:55:41 UTC
About Half of Patent Owners’ Attorneys Say PTAB Beneficial
The Patent Trial and Appeal Board proceedings, once called patent “death squads,” received high marks from about half of the attorneys representing patent owners, a recent survey found.
In-house counsel for patent owners were about evenly split on whether the value of their patents had decreased since the PTAB proceedings became available. But only 7 percent of them said their budgets for filing patent applications were decreased…. The most likely explanations are that the petitioner’s PTAB decision was to cancel some, and maybe even most, but not all, the patent claims. …

2017/02/03 08:52:02 UTC
Focused Patent, Copyright Bills Are on House Agenda
The House Judiciary Committee will advance bills to update copyright law and curb patent litigation abuses this year, committee chairman Robert W. Goodlatte said Feb. 1, but only after it deals with…

2017/02/03 07:22:45 UTC
Our take on recent patent litigations – GreyB
Almost every day, multiple patent litigations suits are filed. The increasing frequency of these cases indicates companies are now more inclined to stop competition or get value over their claimed invention. But what if these claimed inventions…
“… we started conducting preliminary analysis on recent patent litigation cases to check if a plaintiff’s patent really holds water or not? The table below includes our comments on the strength of various patents under litigation i.e., it will survive a litigation or not? …”

2017/02/03 06:28:19 UTC
Facebook
The Zenimax vs Oculus trial is over. I disagreed with their characterization, misdirection, and selective omissions. I never tried to hide or wipe any…
‘… If he had said “this supports a determination of”, or dozens of other possible phrases, then it would have fit in with everything else, but I am offended that a distinguished academic would say that his ad-hoc textual analysis makes him “absolutely certain” of anything….’

2017/02/03 04:52:12 UTC
http://swipreport.com/
The Software Intellectual Property Report covers the places where software intersects the law of intellectual property, including the “big four” of patents,

2017/02/03 02:18:08 UTC
Cloud Computing: Software Patent Claims and the Risks to Service Availability | Lexology
As the public cloud services market continues to mature and grow – up from $178bn in 2015 to $209bn in 2016 according to research company Gartner.
… OSS developments and communities are easier targets for NPEs than proprietary software as they don’t need to go to the same lengths to discover potential infringement. The softness of the target increases risk for CSPs using OSS and their users.

2017/02/03 01:35:43 UTC
Ninth Circuit’s Recent Patent Local Rules Amendments: Elevating Damages Considerations to Same Level as Infringement and Invalidity Contentions
Given the large cluster of technology companies in Silicon Valley, the Northern District of California has long been a top venue for patent infringement litigation. In December 2000, that court adopte
The biggest changes come in Pat. L.R. 3-8 and 3-9. The former requires the patent owner(s) to serve detailed Damages Contentions not later than 50 days following service of the accused infringer’s Invalidity Contentions. The latter requires that the accused infringer serve its Responsive Damages Contentions thirty days later.

2017/02/02 07:03:51 UTC
Goodlatte pledges to pursue patent litigation reform, copyright reform in 115th Congress – IPWatchdog.com | Patents & Patent Law
Goodlatte’s agenda includes patent litigation reform to address what he characterizes as ‘truly frivolous lawsuits,’ as well as copyright reforms to keep…

2017/02/02 06:55:29 UTC
N.D. Cal New Disclosure Rules
By Dennis Crouch The N.D. California Court has amended its local rules used for patent infringement cases. [patent_local_rules_1-2017]. One of the most .
By Dennis Crouch. The N.D. California Court has amended its local rules used for patent infringement cases. … Damages Contentions Within 50-days of Invalidity Contentions: Identify each . category[] of damages it is seeking for the asserted …

2017/02/02 06:52:16 UTC
The Western District Declines to Compel Additional Discovery | JD Supra
Armstrong Pump, Inc. v. Hartman, No. 10-CV-446S, 2016 WL 7208753 (W.D.N.Y. Dec. 13, 2016) – In this case, pending before the Court was a motion by…
“In support of its motion to compel, Armstrong now argues that the reviewed documents did not contain “actual programming” and thus were able to be produced under the parties’ protective order for discovery without any additional protections designed to protect source code. Optimum argued in response that the documents were “functionally equivalent to source code” and should not be subject to production. … when adding a few more pages of documents requires five or six inches of motion papers, and when those few more pages would be added to over one million pages of total discovery, …”

2017/02/02 06:37:58 UTC
Supplier’s Role Shows Breadth of VW’s Deceit
The German company Bosch will pay $327.5 million to vehicle owners in the United States over claims that it helped devise software to cheat on tests.
“When Volkswagen executives decided in 2006 to use software to evade emissions rules, they needed help. No one inside Volkswagen knew how to write the software. So the company turned to one of its most trusted partners: the German supplier, Robert Bosch. Working from Volkswagen specifications, Bosch developed code that instructed computers in diesel engines to fully deploy pollution controls only when the cars were being tested in laboratories, according to lawsuits in the United States and Germany….”

2017/02/02 06:23:42 UTC
http://swipreport.com/cafc-rejects-construction-of-controller-in-patent-claim/
In a de novo review of claim construction, the Federal Circuit rejected the District Court’s (ILND) claim construction of the patent claim term “controller” in The Chamberlain Group, Inc. v. Techtronic Industries Co. LTD (Fed. Cir. 2017). The…
‘This case highlights that claim construction can turn on a thorough description of claim terms in the written description. In this case, the patent applicant not only described what a “controller” is, but also provided two examples. The CAFC used those examples to specifically undercut a theory that the claim only covered one of those examples….’

2017/02/02 06:21:40 UTC
http://swipreport.com/data-processing-claims-survive-alice-challenge/
Patent claims directed to processing data for more efficient data access not patent-ineligible for being directed to an abstract idea.
“Here is a case that undercuts the notion that claims are patent-ineligible where they are entirely directed to processing data. This is a favorite rationale of patent examiners rejecting claims under the Alice test. In Speedtrack, Inc. v. Amazon, Inc….”

2017/02/02 06:09:29 UTC
A Look At Post-Alice Rule 12 Motions Over The Last 2 Years – Law360
The use of Rule 12 motions by defendants facing infringement claims
based on computer-based subject matter is likely here to stay. But now that there have been hundreds of post-Alice decisions resolving such motions, several guiding principles for…

2017/02/01 11:40:48 UTC
Dallas Jury Slaps Facebook With $500M Verdict in Oculus IP Case
In a win for lawyers at Skadden, Arps, Slate, Meagher & Flom, a Dallas jury hit Facebook-owned Oculus with a $500 million verdict.
…. Facebook attorneys had just one weekend to conduct due diligence before completing the deal….

2017/02/01 06:52:43 UTC
Recent PTAB Decisions Further Illuminate Denial of Review Under 35 U.S.C.  325(D) –
Authors: Kevin J. Spinella Editor: Aaron J. Capron Recently, the
Patent Trial and Appeal Board (“PTAB”) denied grounds in petitions under 35 U.S.C.  325(d

2017/02/01 04:57:43 UTC
Apple vs. Qualcomm: Everything you need to know
Apple is following the FTC’s lead and has sued Qualcomm for a massive
$1 billion in the U.S. and $145 million in China.

2017/02/01 04:26:43 UTC
U.S. Court of Appeals officially reopens the Apple vs. Samsung patent case
The U.S. Court of Appeals for the Federal Circuit has reopened the years-long case between Apple and Samsung in which Samsung has been accused of copying the design of the iPhone for its Galaxy S series.
article of manufacture” – the legal term that refers to both a product sold to a consumer and a component of said product – has a “broad meaning,” and that an “article” could refer to “a particular thing.” In Samsung’s case, an “article” could be an infringing smartphone’s appearance, for instance, or software feature.

2017/02/01 02:29:47 UTC
Cambridge Design Technology explains reverse engineering
News from Cambridge businesses. Network members upload news here about their products, services and achievements.

2017/01/30 08:56:10 UTC
A Former Goldman Employee’s Long, Strange Legal Odyssey
Sergey Aleynikov, accused of taking computer trading code from his former Wall Street employer, has had success and setbacks as courts differ on what “tangible” means.
“Aleynikov admitted that he had downloaded source code used by Goldman for its high-frequency trading operation, and that he planned to use the data in a new job to create a competing platform. He has long maintained that his actions did not break the law, and violated only Goldman’s internal corporate confidentiality policy, which he argued should not be the basis for a criminal prosecution.”

2017/01/25 07:21:04 UTC
PTAB Finds MRI Machine Claims Patent-Ineligible Under Alice | JD Supra
On December 29, 2016, the Patent Trial and Appeal Board (PTAB) issued a decision rejecting most claims of an application for an MRI machine patent,…

2017/01/25 06:16:24 UTC
One Fish, Two Fish, Red Fish, Enfish: Unraveling the Maze of Parallel Court/PTAB Proceedings | Lexology
The saga of Enfish v. Microsoft continues. The Enfish litigation provides a textbook example of the multi-pronged defense now common with the advent.

2017/01/24 11:01:00 UTC
Federal Circuit Invalidates Ameranth’s Menu Software Patents as Unpatentable Abstract Ideas | Lexology
The Federal Circuit’s recent decision in Apple, Inc. v. Ameranth, Inc. highlights the potential impact of including a discussion in the specification.
the Federal Circuit relied on an admission in the specification that “the discrete programming steps are commonly known and thus programming details are not necessary to a full description of the invention.”

2017/01/24 07:32:08 UTC
Aleynikov on the Hook Again for Taking HFT Code From Goldman
Former Goldman Sachs Group Inc. programmer Sergey Aleynikov is guilty
of theft — again — for taking the bank’s high-frequency trading code to a new job.

2017/01/24 07:28:47 UTC
Biz claims it’s reverse-engineered encrypted drone commands
The internet of sh*t hits the rotor
Article is skeptical about company’s claims

2017/01/24 05:54:09 UTC
How Does Industrial Espionage Affect Economic Growth?
A new economic paper argues that industrial espionage works.
Based on study of East German archives

2017/01/23 10:00:02 UTC
Attacks on Embedded Open Source Code Could Rise by 20 Percent This Year
Researchers from Black Duck Software expect the rate of attacks against known vulnerabilities in open source code to increase by 20 percent in 2017.
“Security researchers from Black Duck Software told CSO Online that the number of commercial software projects composed of 50 percent or more of open source code has increased tenfold, from 3 percent of the overall market in 2011 to 33 percent in 2017…. According to Black Duck, the average commercial application has 100 open source components. Of these applications, two-thirds are likely to contain code with known vulnerabilities. This is likely because developers don’t typically conduct their own independent security audits on OSS software….”

2017/01/23 09:18:33 UTC
Kudelski Group Takes on the NFL Over Patent Infringement – Streaming Media Magazine
The Kudelski Group and subsidiary OpenTV have sued the biggest names in streaming in the last few years. Now, the NFL joins the list.
“patents involved are for ways to insert content into video streams, let viewers interact with videos, and link multiple sets of video metadata … combining multiple data streams into one broadcast stream, and linking streamed videos to other websites.”

2017/01/23 09:14:52 UTC
DARPA, Galois Launch Benchmark Challenges To Prevent Software ‘Reverse Engineering’
Galois today announced two benchmark challenges – sponsored by DARPA – that invite competitive submissions able to break the security of program obfuscation technology designed to prevent software `reverse engineering.’ The challenges are part of…
“The DARPA SafeWare Program aims to develop obfuscation technology
that uses cryptographic methods to render the intellectual property
in software incomprehensible to a reverse engineer, yet allow the
code to otherwise compile and run normally.”

 

Posted in Uncategorized | Comments closed

Recent news re: source code, reverse engineering, software patents, patent litigation

2017/01/22 08:33:26 UTC
Predicting Patent Policy Under the Trump Administration | Publications | Shearman & Sterling LLP
The America Invents Act (“AIA”), signed into law by President Obama on September 16, 2011, was the biggest legislative overhaul to the United States patent system since the Patent Act of 1952. Among other changes, the AIA moved the U.S. to a…

2017/01/22
Ex parte Itagaki: Has the PTAB gone too far in invalidating patents under 35 USC 101

2017/01/19 04:09:41 UTC
ALJ: Complainant Waived Work Product Protection | Lexology
On January 13, Judge Lord issued the public version of Order 50 in Certain Semiconductor Devices, Semiconductor Device Packages, And Products.

2017/01/18 06:50:24 UTC
Purdue Not Estopped From Raising Invalidity Contentions at Trial That Were Submitted But Not Instituted During IPR | Lexology
Recently, the Federal District Court for the District of New Jersey allowed Purdue Pharma to assert invalidity arguments in the litigation that were.

2017/01/18 06:48:24 UTC
District Court Denies Motion to Withdraw Deemed Admissions | JD Supra
The plaintiff filed an ex parte application to be relieved of admissions that were deemed admitted for failure to respond. In analyzing the ex parte…

2017/01/18 06:46:05 UTC
Federal Circuit Provides Guidance on Divided Infringement, Inducement of Infringement, and Indefiniteness | JD Supra
Patent owners will applaud the Federal Circuit’s latest pronouncement on divided infringement, inducement of infringement, and claim definiteness…

2017/01/18 06:35:32 UTC
Devs reverse-engineer 16,000 Android apps, find secrets and keys to AWS accounts
It’s 2017 and developers are still doing really dumb things

2017/01/17
‘Ancient’ Data (and Documents): Prepare for Federal Changes to a Long-standing Hearsay Exception
“Ancient” electronic documents

2017/01/16 05:57:40 UTC
The biggest US patent litigation targets see a big drop off in cases in 2016
The biggest US patent litigation targets see a big drop off in cases in 2016

2017/01/15 11:18:13 UTC
Smart Ways to Perform Patent Invalidity Searches for Mathematical Expressions – GreyB
Different methods to find prior art to perform a patent invalidity search for a patent that claims have mathematical expressions is discussed in the article

2017/01/15 08:04:59 UTC
Neuroscientist’s Attempt to Reverse-Engineer an Atari Ends Badly
‘Donkey Kong’ poses some serious questions about how we study the human brain.

2017/01/14 06:02:47 UTC
Interfaces on Trial 3.0 – policybandwidth
This is the website for my law firm, policybandwidth. I specialize in copyright law and policy relating to the Internet, software, libraries, and educational institutions. I counsel clients, lobby, and write appellate briefs. My website list the many

2017/01/14 06:00:43 UTC
Software Copyright Litigation After Oracle v. Google
Many observers, including me, predicted that the 2014 decision of the U.S. Court of Appeals for the Federal Circuit (“CAFC”) in Oracle America v. Google would provoke a new wave of litigation concerning copyright and interoperability. In…

2017/01/13 07:53:21 UTC
2016 Annual Patent Dispute Report
OverviewWhile the volume of patent litigation in district courts dipped in 2016, the number of PTAB challenges stayed flat, approximately matching the number of petitions seen in 2014 and 2015. District court litigation was down 24.8% from 2015 and..

2017/01/13 06:52:59 UTC
DOJ claims VW destroyed records as diesel crisis unfolded
During a press conference Wednesday, officials from the Department of Justice issued indictments for six VW employees, including the former head of engine development at the automaker who …

2017/01/13 06:44:41 UTC
Q4 Litigation Update – Lex Machina
Lex Machina Q4 2016 Litigation Update Patent litigation District Court In the final quarter of 2016, plaintiffs filed 1,140 patent cases, bringing the total for 2016 to 4,520 patent cases. The fourth quarter represents a slight increase over the thir

2017/01/13 02:04:46 UTC
Gust, Inc. v. Alphacap Ventures, LLC (S.D.N.Y. 2016); O2 Media, LLC v. Narrative Science Inc. (N.D. Ill. 2017) | JD Supra
… whether litigating patents ultimately invalidated by Alice rises to the level of “exceptional” under 35 U.S.C.  285 and therefore the prevailing party would be awarded attorneys’ fees …

2017/01/12 03:52:07 UTC
The Future of Forum-Shopping in a Post-TC Heartland World – IPWatchdog.com | Patents & Patent Law
The Federal Circuit’s broad interpretation of the patent-venue statute has led to widespread forum-shopping with a disproportionate number of cases filed…

2017/01/11 11:30:11 UTC
Supreme Court of Missouri Holds No Waiver of Work Product Privilege When Party Rescinds Designation of Expert Witness Without Disclosing the Expert’s Analysis or Conclusions | JD Supra
P endorsed, and later dis-endorsed the expert; D sought deposition of expert… Because P withdrew expert’s designation before disclosure of expert’s opinions and conclusions, there was no disclosing event that waived work product privilege. …

2017/01/11 11:25:45 UTC
“It’s In The Game” – Proof Issues In Software Copyright Infringement Cases | JD Supra
… testimony given as to how the games “appear” was not relevant to the crucial issue as to whether there was substantial similarity in the source code…. it was the source code that was the protected work, not the appearance of the games …

2017/01/11 05:20:33 UTC
ALJ Shaw Denies Motion to Strike in Certain Magnetic Data Storage Tapes (337-TA-1012) | Lexology
“Sony’s supplemental contentions have not unduly prejudiced Fujifilm, who agreed to receive testing data beyond the close of fact discovery….”

2017/01/11 05:14:39 UTC
Pentagon should have direct access to its systems’ source code, Defense Innovation Board says
Secretary Ash Carter’s group of innovators made formal recommendations on Monday, including one to institute a policy on department access to source code.

2017/01/10 10:20:03 UTC
Source Code Protective Orders, from the perspective of a source-code examiner
Attorneys working in software-related litigation (such as patent, copyright, and trade secret cases) often agree to protective order (PO) restrictions on source code access, without thinking through the implications for how the source code will be examined by experts and consultants. Certain common PO restrictions may dramatically increase source-code examination time and expense, or in some instances even possibly affect its thoroughness. (For background on computer software source code, see article here.) As a simple example, consider a software copyright case, in which source code from the

2017/01/09 11:54:32 UTC
How the Fate of Software and Business Method Patents has Turned on USPTO Directors and the Courts
A decade of USPTO data shows ‘software patents’ alive and well, though business methods are on the ropes.

2017/01/06 04:08:15 UTC
Is It or Isn’t It? Patent Eligibility Takes Yet Another Turn In Amdocs Case | Lexology
An interesting case came out of the Federal Circuit in Amdocs (Israel) Limited v. Openet Telecom, Inc., No. 2015-1180, 2016 WL 6440387 (Fed. Cir. Nov.

2017/01/04 06:31:13 UTC
Some patent claim types are better than others
At our previous firm, we would analyze large portfolios, sometimes consisting of thousands of patents, to identify patents to enforce. Leveraging a pa

2017/01/04 06:27:11 UTC
34% Pricing Premium and 41% Better Chance of a Sale. Selling a Patent With or Without Claim Charts?
“I Don’t Look at the Seller’s Claim Charts” or Maybe You Do We regularly hear from our corporate patent buying clients that they do not look at the cl

2017/01/04 05:30:17 UTC
“Cyberwar for Sale”
Interesting article on Hacking Team (“offensive security” company based in Milan), and Remote Control System (RCS), whose source code, along with Hacking Team emails and client list, became available in a searchable database on Wikileaks.

2017/01/04 03:21:30 UTC
Challenge to ITC’s Extraterritorial Authority over Trade Secret Dispute Launched by Chinese Corporation | Lexology
The United States International Trade Commission (“ITC”) is an independent, quasijudicial Federal agency with broad oversight over trade matters. In.

2017/01/03 08:18:23 UTC
7 open source-related legal developments that grabbed headlines in 2016 | Opensource.com
Learn about a few of the many open source-related legal developments that made headlines in 2016.

2017/01/02 09:39:46 UTC
Common claim chart problems in patent litigation
Claim charts (infringement contentions [ICs], invalidity contentions, etc.) are required in patent litigation under the Local Patent Rules (LPRs) adapted in most federal district courts. The rules require something that doesn’t just look like a chart with claims in it. The chart is supposed to provide adequate notice of the party’s theory of infringement or invalidity, with granularity at the level of the elements or steps that make up each claim. “A chart identifying specifically where each limitation of each asserted claim is found within each Accused Instrumentality…” is a typical LPR req

2016/12/31 06:30:36 UTC
The Copyright Office Report on Software-Enabled Consumer Products, Part II: Interoperability and Competition
Copyright Office’s report on Software-Enabled Consumer Products did not adequately address the adverse impact of software licenses on noninfringing conduct. However, author commends the report’s discussion of interoperability.

2016/12/31 12:07:57 UTC
The Lauded Russian Hacker Whose Company Landed on the U.S. Blacklist (Alisa Shevchenko)
The United States’ sanctions list includes the company of a minor celebrity hacker who was once recognized by the American government for her work helping companies fight cybercrime.

2016/12/30 07:55:54 UTC
The Hardware Hacker: Bunnie Huang’s tour-de-force on hardware hacking, reverse engineering, China, manufacturing, innovation and biohacking
I’ve been writing about genius hardware hackers Andrew “bunnie” Huang since 2003, when MIT hung him out to dry over his book explaining how he hacked the original Xbox; the book h.

2016/12/30 05:09:14 UTC
Failure to Introduce Source Code of Original Work Fatal to Claim Against Alleged Derivative Work
The US Court of Appeals for the Ninth Circuit affirmed an order dismissing a breach of contract action, finding that the plaintiff failed as a matter of law to establish copyright infringement under t

2016/12/29 05:31:55 UTC
MIT researchers create bug squashing AI ten times better than predecessors – Tech2
The system analysed the general properties of 777 patches in open source programs, and learned about the general properties of the successful patches.

2016/12/29 05:31:17 UTC
Assessing USPTO’s Memo On Software Claim Patent Eligibility – Law360
A recent U.S. Patent and Trademark Office memo to the Patent Examining Corps, in combination with precedential cases from the Federal Circuit, provides guidance to owners of software patents and patent applicants with software claims pending at the…

2016/12/29 05:06:14 UTC
Computer trading code – Why Did Regulator Have It On Personal Computer?
computer trading code Allegations a regulator may have improperly requested computer code and downloaded it to a personal computer

2016/12/28 08:19:51 UTC
2016 Update: Annotated Local Patent Rules For The Northern District Of Illinois – Intellectual Property – United States
In an effort to create greater predictability for patent litigation in the Northern District of Illinois, the District enacted Local Patent Rules (“LPR”) effective as of October 1, 2009.

2016/12/28 08:16:32 UTC
ALJ: Legal Contentions Are Not Confidential | Lexology
On December 16, 2016, Judge Lord issued Order No. 51 in Certain Semiconductor Devices, Semiconductor Device Packages, and Products Containing Same.

2016/12/28 08:15:06 UTC
Kraft case a reminder that Congress should enact patent system reform
OPINION | The case shows why ‘forum shopping’ isn’t so sweet.

2016/12/28 08:13:37 UTC
District Court Strikes Infringement Contentions Pursuant to Doctrine of Equivalents Because They Contained Blanket Assertions That Did Not Comply with the Local Patent Rules | JD Supra
The Defendants filed a motion to strike the Plaintiff’s infringement contentions, including their contentions under the doctrine of equivalents…

2016/12/28 05:52:11 UTC
Defend Trade Secrets Act: Considerations for the Year Ahead
The federal Defend Trade Secrets Act (DTSA) was enacted in May 2016 in large part to create a uniform national standard for trade secrets litigation, and.

2016/12/27 07:32:43 UTC
Patent Infringement Pleading Standards Since the Abrogation of Rule 84 and Form 18: A Year in Review
Under the pleading standards of Twombly and Iqbal, a complaint must be dismissed unless it alleges stating a claim to relief that is plausible on its face.

2016/12/27 07:24:55 UTC
These three 2016 cases gave new life to software patents
It’s harder, but not impossible, for owners of software patents to win cases.

2016/12/22 06:21:22 UTC
Software, 2017: Does Alice live here any more?
Federal Circuit judges spar over software patents. Will they ever agree?

2016/12/22 06:06:29 UTC
Claim charts for patent litigation: preface to forthcoming book
This is the preface to a forthcoming book, Claim Charts: Marshaling Facts in Patent Litigation, by Andrew Schulman (SoftwareLitigationConsulting.com). For another excerpt from the book, see Introduction to claim charts. For outlines of the entire book’s contents, and unedited draft material, see Claim charts book. Other sections of the book, covering common claim-chart problems and the underlying purposes/policies for claim-chart requirements, will also be provided on LinkedIn. Preface Claim charts perform a major role in patent litigation. Also known as claims tables, infringement contentions

2016/12/22 05:11:52 UTC
Blockchain patent filings by Goldman, others tip future cost risk
In the headlong rush to revolutionise modern finance, blockchain enthusiasts are overlooking one potentially costly problem.

2016/12/22 05:01:47 UTC
CAFC affirms default judgment, permanent Injunction requiring defendant to turn over mold – IPWatchdog.com | Patents & Patent Law
Permanent injunction may enjoin substantially similar products and may require surrendering a crucial enabling work piece, such as a mold, even though…

2016/12/22 02:28:32 UTC
Not Just a Formality? USPTO Sequence Rules May Impact Existing Biotech Portfolios | Patexia.com
Not Just a Formality? USPTO Sequence Rules May Impact Existing Biotech Portfolios. Written by Scott Siera, Ph.D. and Agnes Juang, Ph.D. Patent applications containing nucleic acid or protein sequences are required to include an electronic…

2016/12/21 11:45:40 UTC
CAFC Explains PTAB Expertise & Its Role In IPR Fact Finding | Lexology
AIA trial practices of the Patent Trial & Appeal Board (PTAB) are often analogized to that of the district courts. Yet, in practice, there are more.

2016/12/21 11:43:50 UTC
Evidentiary Thresholds for Establishing Prior Public Use in Post-Grant Proceedings | JD Supra
Petitioners in post-grant review (PGR) and covered business method (CBM) proceedings have a greater arsenal of prior art to develop patentability…

2016/12/21 07:42:01 UTC
Revised Chinese patent guidelines mean better prospects for software, business methods than U.S. – IPWatchdog.com | Patents & Patent Law
The Chinese Patent Office recently released a new set of guidelines for Chinese patent examiners making China friendlier to software patents than the U.S.

2016/12/21 07:34:21 UTC
John Deere Really Doesn’t Want You to Own That Tractor
John Deere is at it again, trying to strip customers of the right to open up and repair their own property. In the new License Agreement for John Deere Embedded Software [PDF], customers are forbidden to exercise their repair rights or to even look a

2016/12/21 01:33:36 UTC
New study shows wide gap in litigation success rates on acquired patents
New study shows wide gap in litigation success rates on acquired patents … the patent owner won in 21.1% of the cases for patents that they had bought and in 28% of the cases for patents they had developed in-house …

2016/12/21 12:15:43 UTC
BlackBerry’s deal with TCL leaves the company free to focus on monetising its patents and technology
BlackBerry’s deal with TCL leaves the company free to focus on monetising its patents and technology

2016/12/20 02:19:54 UTC
Hiding in plain sight: Using reverse engineering to uncover (or help show absence of) software patent infringement
[While the opening to this article is admittedly long-winded, taking too long to come to the point, the point is nonetheless a useful and important one, and hopefully worth wading through. Or just jump ahead to the paragraph “Under FRCP Rule 11…”.] Imagine a building site where some event has occurred, and imagine some litigation about the event. Both sides are staring at the blueprints, but no one has even thought to visit the building site. Of course, blueprints present a lot of information not apparent from a building or jobsite. But since “as built” construction diverges considerably fro

2016/12/20 01:05:32 UTC
Accountants and spies: The secret history of Deloitte’s espionage practice
How Deloitte used veteran CIA officers shows just how intense the competition between major accounting firms is.

2016/12/19 10:30:48 UTC
Post-Alice Section 101 Eligibility Roadmap for Software Inventions | Lexology
In the wake of Alice the waters of eligibility under section 101 can be challenging to navigate, and particularly so for those seeking to obtain or.

2016/12/19 07:19:58 UTC
New Federal Rule of Evidence to Directly Impact Computer Forensics and eDiscovery Preservation Best Practices
Federal Rule of Evidence 902(14) impact on eDiscovery collection best practices and computer forensics

2016/12/19 07:16:52 UTC
Court decisions protect a litigant’s right to choose eDiscovery methods
Courts are affirming The Sedona Conference Principle No. 6, which expressly protects litigants’ rights to choose their own eDiscovery methods.

2016/12/18 11:41:24 UTC
Claim charts for patent litigation: a brief introduction
A claim chart takes the “business end” of a patent – its claims – and breaks those claims down into parts or components (for patented devices) or into steps (for patented methods or processes), comparing each part or step in the patent claim on the one hand, with a corresponding part or step found somewhere else, usually in a product or system accused of infringing the patent or in a piece of prior art being used to try to invalidate a patent claim. Like so: (The left column here represents a portion of US 4,097,899 claim 12, and the imaginary infringement facts in the right column are based o

2016/12/18 09:31:30 UTC
Improving Patent Eligibility for Your Software Despite the Prohibition of Patent Protection for “Abstract Ideas” | JD Supra
As technologies advance, the Patent Office (as well as the Nation’s courts) must utilize Section 101 of the Patent Act to place reasonable limitations…

2016/12/18 09:29:37 UTC
Amdocs v. Openet: Opening a Software Rift in Alice’s Wonderland | Lexology
Echoing the recent decisions that the Alice test did not render specific software patents ineligible in cases such as McRo and DDR Holding, the.

2016/12/18 01:30:46 UTC
DMCA Exemptions Lift Hacking Restrictions
White hat hackers can hack cars, medical devices and home IoT devices without fear of running amiss of DMCA laws that prevent reverse engineering.

2016/12/18 01:29:30 UTC
DMCA Ruling Ensures You Can’t Be Sued For Hacking Your Car, Your Games Or Your iPhone
An exemption in the DMCA paves the way for car, game and iPhone hackers to do as they please with their connected machines. But the exemption only lasts for three years, and won’t come into force until 2016…

2016/12/17 09:38:47 UTC
Reverse engineering as a fact-investigation tool in software patent litigation
Frequently-asked questions (or frequently-held assumptions) about using reverse engineering as a litigation tool in software/internet patent cases: “Where else would you look, to determine infringement, besides the source code?” Anyone who has litigated software/internet patents, has probably heard (or even thought) something like the following: “There’s only so much we can do about factual investigation, until we get the other side’s source code.” “Where else would you look, to determine infringement, besides the source code?” “Source code is basically the only place to find out if a patent c

2016/12/17 06:41:42 UTC
Software Patent Eligibility May Be Informed by Copyright Law
Dissents in two recently decided cases suggest that patent eligibility of ‘intangible’ inventions finds analogies in copyright eligibility.

2016/12/16 09:25:40 UTC
New Exchange Is Formed for Trading Patent Rights
The Intellectual Property Exchange International, or IPXI, wants to make the patent licensing marketplace more transparent.

2016/12/16 07:26:34 UTC
Hiding in Plain Sight: Using Reverse Engineering to Uncover (or Help Show Absence of) Software Patent Infringement
Hiding in Plain Sight: Using Reverse Engineering to Uncover (or Help Show Absence of) Software Patent Infringement By Andrew Schulman Imagine a building site where some event has occurred, and imagine some litigation about the event. Both sides…

2016/12/16 04:58:40 UTC
Computer software source code and e-discovery
While electronic discovery (e-discovery) focuses largely on data stored in or generated by computers, there is an additional area whose handling is becoming an essential e-discovery skill: code, that is, the software which computers run in order to create and process data. This article quickly compares and contrasts source code (the most readable type of software evidence) with e-discovery generally, noting cases the reader may consult for more details (most are federal patent cases; some are cited for fact patterns rather than for the central holding in the case). For a discussion of source-c

2016/12/16 04:29:55 UTC
Source code examination for litigation: a few basics and FAQs
Source-code examination is not like searching any other form of text. Computer source code conforms to rules. These rules are dictated by programming languages, platforms (such as Android, Windows, or the Apple iOS and OSX operating systems), APIs (application programming interfaces), and other constraints (e.g. interoperability with other software and with devices). In addition, there is typically too much code to read all of it, and much depends on the proper selection of areas requiring close reading. These two attributes of source code — its structured nature, combined with its typically

2016/12/16 04:04:08 UTC
Important Security Information for Yahoo Users
By Bob Lord, CISO Following a recent investigation, we’ve identified data security issues concerning certain Yahoo user accounts. We’ve taken steps to secure those user accounts and we’re working closely with law enforcement. What happened? As we…

2016/12/15 03:46:42 UTC
Failure to produce source code precluded jury’s verdict that EA owed royalties to developer of first Madden video game
By Cheryl Beise, J.D. The federal district court in San Francisco properly granted judgment as a matter of law (JMOL) to Electronic Arts, Inc. (EA), on copyright infringement and

2016/12/15 02:50:07 UTC
Arista beats Cisco’s $335M copyright claim with an unusual defense
Jury found that Cisco command lines were “scènes à faire.”

2016/12/15 12:01:59 UTC
Goodbye E.D.Texas as a Major Patent Venue
by Dennis Crouch In a case with the potential to truly shake-up the current state of patent litigation, the Supreme Court .

2016/12/14 07:08:22 UTC
API Copyrightability Bleak House: Unraveling the Oracle v. Google Jurisdictional Mess
Like Dickens’ tale of Jarndyce and Jarndyce, the Oracle v. Google litigation has droned on for what seems like generations in the software industry with

2016/12/14 05:05:55 UTC
Learning Linux Binary Analysis

2016/12/14 04:56:12 UTC
Patentability of Business Methods, Software and Other Methods, 2016 Edition

2016/12/14 04:41:30 UTC
CO Court of Appeals: Protecting a `Trade Secret’ Doesn’t Make It One
`Unusual’ trade secrets case yields lessons for companies on secret status and agreements When taking steps to protect a trade secret, companies should make sure it’s a secret to begin with, according to a new opinion by the Colorado Court of Appeals

2016/12/14 04:36:29 UTC
M&A deals imperilled by failure to manage open source software risk, says expert
Phil Odence, general manager of Black Duck On-Demand Audits, which carries out software audits in the context of mergers and acquisitions (M&As), told Out-Law.com that he was personally aware of a 12 week delay to one deal as a result of concerns…

2016/12/13 06:30:36 UTC
Can a YouTube video be submitted as prior art?
I’m trying to determine whether there is evidence that definitively confirms that a YouTube video can be submitted as prior art.If there is an example of one being used as the grounds for rejecti…

2016/12/13 05:18:48 UTC
Was the Robber 6-foot-3 or 5-foot-6?
Testing the reliability of video analysis.

2016/12/12 07:04:06 UTC
The code that took America to the moon was just published to GitHub, and it’s like a 1960s time capsule
When programmers at the MIT Instrumentation Laboratory set out to develop the flight software for the Apollo 11 space program in the mid-1960s, the necessary technology did not exist. They had to invent it.

2016/12/12 07:01:09 UTC
The (Suprisingly Funny) Code for the Apollo Moon Landings Is Now on GitHub
BURN_BABY_BURN- -MASTER_IGNITION_ROUTINE

2016/12/05 07:32:46 UTC
Alleging theft of trade secrets, Zynga takes 2 ex-employees to court
This week Zynga filed a lawsuit against ex-employees Massimo Maietti and Ehud Barlach, as well as their new employer Scopely, alleging that the pair pilfered valuable trade secrets when they quit.

2016/12/05 07:25:08 UTC
Microsoft, Intel, Others Oppose China Plans to Get Access to Source Code
“How is that supposed to boost security?” Microsoft asks

2016/12/02 08:11:40 UTC
Software reverse engineering & source-code exam
Software tools, books, and articles about software reverse engineering, and source-code examination, especially as used in litigation, and analysis of infringement and non-infringement of software patents, copyright, and trade secrets. Also some…

2016/12/02 07:31:55 UTC
Electronic voting machines are broken-and here’s the code to prove it
‘To [senators], ‘certified’ is like putting ‘organic’ on a yogurt cup.’

2016/12/02 07:22:51 UTC
Inside Android’s source code… // TODO – Finish file encryption later
Android 7.0’s crypto sauce is ‘half-baked’ and Google promises to make it better, soon

2016/12/02 06:33:11 UTC
“Fatal” security bugs discovered in defibrillators and medical implants
Researchers in the U.K. and Belgium found potentially “fatal” security vulnerabilities in medical devices like defibrillators that allowed hackers to steal sensitive healthcare data and alter the functions of the devices.

2016/12/02 05:59:02 UTC
Supreme Court May Consider ITC’s Authority Over Trade Secret Matters – Intellectual Property – United States
Here at TSW, we continue to watch closely developments in the Sino Legend v. ITC case.

2016/12/01 08:01:13 UTC
A Guide to Software Patent Eligibility at the Federal Circuit – IPWatchdog.com | Patents & Patent Law
The Alice/Mayo framework is the decisional approach adopted by the Supreme Court for determining if software patent claims are patent eligible. Recently…

2016/12/01 07:58:14 UTC
Flash Crash Fears Subvert Trade Secret Protection of Source Code – Trade Secrets Trends
On November 4, 2016, the U.S. Commodity Futures Trading Commission approved a supplemental notice of proposed rulemaking concerning its access to algorithm

 

Posted in Uncategorized | Comments closed

Online searching of Apple OSX and iOS binaries

An earlier post notes some examples of “deep indexing” of the textual contents of commercial software products:

Such deep indexing of binary code files has been done in some limited areas, such as the superb PDP-10 software archive at http://pdp-10.trailing-edge.com/ in which files have been extracted from tape images, each file given its own web page, and contents of executable files included on the page, enabling a Google search for strings. See also sites such as totalhash.com which, for a variety of reasons, dump strings from Windows executable files (EXEs, DLLs, etc.) onto web pages, which are then indexed by Google (see e.g. Google search for “CEventManagerHelper::UnregisterSubscriber()  : m_piEventManager->UnregisterSubscriber()”).

Another example is the online posting of Objective-C header files, extracted from Apple OSX (Mac) and iOS (iPhone, etc.) binary/object files.

Read More »

Posted in Uncategorized | Comments closed

Patent examiners on software prior art, at crowdsourcing site

The White House recently announced the US PTO’s launch of “Ask Patents” (a forum at the “Stack Exchange”) as a crowdsourcing platform to identify prior art.

Right now, the forum seems to mostly have general questions and answers. There are several interesting Q&As, in which patent examiners explain that they do not consider software itself (e.g. open source) when searching prior art. See http://patents.stackexchange.com/questions/401/do-uspto-examiners-search-open-source-codebases/1885#1885 and http://patents.stackexchange.com/questions/4491/does-a-software-implementation-count-as-prior-art.

One examiner explains, “It’s very tough to map a plain-english statement to a block of code in a way that will convince the attorney/applicant that it’s truly invalidating.”

That is what source-code examiners and experts do every day in software patent litigation. But with current systems, there isn’t time for examiners at the PTO to do this type of search. This is in part because, “First, the search tools that we examiners have are tuned for searching natural language, not source code, so it’s far easier to find natural-language prior art than source code prior art.”

That a rigorous code/claim comparison would take too much time during patent examination is consistent with Lemley’s theory of “rational ignorance at the patent office”: most patents will not be exercised, so defer the tough validity examination until litigation.

But one of these posts at the crowdsourcing site also states that many PTO software-patent examiners lack the skills or training to do this sort of code vs. claims comparison: “it’s far easier to find natural-language prior art than source code prior art. And your question assumes that most patent examiners who handle software-related applications are proficient at reading source code. Most of us are not….”

Further, “Even if I am absolutely sure that a certain program has implemented a procedure that’s being claimed, and even if I have access to the source code of that program, and even if I am able to establish a clear prior art date of that source code, and even if that source code is written in a programming language I am comfortable reading, I still am very unlikely to cite that source code as prior art. The people that we write for (attorneys and other patent examiners) rarely have experience reading source code, so it takes even longer to explain the code than just cite a source that explains it in natural language; a better document is something like an API reference or software documentation.”

There are several possible answers. One might be using an auto-documentation system such as Doxygen to create more-readily citable references from open source.

Posted in Uncategorized | Comments closed

US National Software Reference Library (NSRL) and Software Patent Prior Art, Part 2

The previous post discussed the US government’s National Software Reference Library (NSRL), a collection of 15,000 commercial products, currently indexed by files (hash, filename.ext) comprising each product.

The post posed the question whether the NSRL could be used as the basis for a library of software prior art, usable by examiners at the US Patent & Trademark Office (PTO), and by software-patent litigants.

Such a database is needed. A major complaint regarding software patents is that the currently-searched sources of prior art are inadequate: “prior art in this particular industry may simply be difficult or, in some cases, impossible to find because of the nature of the software business. Unlike inventions in more established engineering fields, most software inventions are not described in published journals. Software innovations exist in the source code of commercial products and services that are available to customers. This source code is hard to catalog or search for ideas.” (Mark A. Lemley and Julie E. Cohen, Patent Scope and Innovation in the Software Industry, 89 Cal. L. Rev. 1, 13 (2001)). Query: has the situation improved since 2001? Is a larger percentage of software innovation now published in journals and patents?

Open source is an obvious software prior-art resource, and good full-text indexes of open source already exist. On the other hand, proprietary source code may not even constitute prior art, which must by definition have been publicly accessible at the relevant time. Thus, to meet the need for a database of software prior art based on something other than descriptions in published journals or previously-issued patents, it is appropriate to consider a library based on whatever text can be gleaned from publicly-accessible commercial software.

To be useful as patent “prior art,” such a library would require indexing the contents of the files. The previous post indicated that commercial software products often contain useful-looking text. Such text includes source-code fragments from “assert” statements, debug statements left in the product, error messages, dynamic-linking information, C++ function signatures, and so on. Some further examples, beyond those shown in the previous post, include the following, found inside a small sample of Windows dynamic-link libraries (DLLs) known to be part of NSRL:

  • “TCP and UDP traffic directed to any cluster IP address that arrives on ports %1!d! through %2!d! is balanced across multiple members of the cluster according to the load weight of each member.” [found in netcfgx.dll]
  • “This DSA was unable to write the script required to register the service principal names for the following account which are needed for mutual authentication to succeed on inbound” [adammsg.dll]
  • “Consider either replacing these auditing entries with fewer, more inclusive auditing entries, not applying the auditing entries to child objects, or not proceeding with this change.” [aclui.dll]
  • “Transformed vertex declaration (containing usage+index D3DDECLUSAGE_POSITIONT,0) must only use stream 0 for all elements. i.e. When vertex processing is disabled, only stream 0 can be used.” [d3d9.dll]
  • “On receiving BuildContext from Primary: WaitForSingleObject Timed out. This indicates the rpc binding is taking longer than the default value of 2 minutes.” [msdtcprx.dll]

These strings appear to contain patent-relevant information: terminology such as cluster, balanced, load weight, DSA (likely Directory System Agent), script, mutual authentication, inbound, auditing entries, child objects, transformed vertex declaration, RPC (remote procedure call) binding, and so on.

But do binary/object files comprising commercial products contain enough such material to be worth indexing? And is such material of the types that would be helpful to someone searching for patent prior art?

(Whether commercial software uniquely contains such information, i.e., whether this is a good source to supplement existing sources such as previous-issued patents and published patent applications, academic literature, and so on, or whether such publications already contain what we would find inside code files, is a different question which will be addressed in a later post. Another question to be addressed later is whether additional text, while not verbatim present in binary/object code files, can be safely imputed to such files, based for example on the presence of “magic” numbers, such as GUIDs or UUIDs, module ordinal numbers, and the like.)

To test whether such files contain readily-available text, of the type useful to examiners at the PTO or to patent litigants seeking out prior art, one needs to know what sorts of searches they would be doing. These searches are typically based on patent claim language, and contain the “limitations” (elements of a device or system, or steps of a method) of the claim, together with likely synonyms or examples of each limitation.

Taking as an example an unusually short software patent claim:

  • “16. A method for processing metadata of a media signal comprising: embedding metadata steganographically in the media signal, wherein the metadata in the media signal includes a location stamp including: marking an event of processing the media signal with the location stamp.” [US 7,209,571 claim 16]

One looking for prior art to this claim would likely search for sources containing all of the following terms and/or synonyms or examples for each term (another complaint about software patents is that the industry lacks standardized terminology):

  • metadata
  • steganographic
  • media signal
  • location stamp
  • processing
  • marking

The search would likely give more weight to less-common terms (here, “steganography”). The search would be carried out across previously-issued patents and patent applications, and printed publications.

(As a quick test, one might try a Google search for “metadata steganography media signal location stamp process marking”. Google however does not currently index code files found on the web — not even readily-readable ones, such as *.js files, much less binary files — though there are web sites which do extract strings from some binary code files, and these sites are, in turn, indexed by Google.)

So, how to systematically test whether commercial code files (Windows exe/dlls, Unix .so files, iPhone .ipas, etc.) contain this sort of information, matching the sorts of terminology found in software patent claims?

As a preliminary test, one can take a large number of software patents, extract the claims, find out what words appear in these claims, and then see if these words also appear in commercial code files.

While there is no universally-agreed-upon standard definition of what constitutes a software patent, I randomly selected 2,000 patents from US patent classes classes 703, 705, 707, 709, 712, 717, 719, 726. (I will later do a similar test, using published patent applications, rather than granted patents, as a fairer test of what examiners at the US PTO would be working with.) The median patent number was 7,058,725 from 2006. I extracted independent claims from these 2,000 patents (using software which will be described in a later blog post). Individual words were then counted; a better test would break the claims into multi-word terms, by parsing along punctuation and along the most-common short words. A better test would also count the number of patents in which a word appears, rather than counting the number of words. Results of the quick test done here:

  1. Of course, the most-frequent words include those common to any English text: the, of, a, to, and, in, for, etc.
  2. Next are words common to any patent claim: said, wherein, claim, method, comprising, plurality, device, etc.
  3. Next are generic words common to any software patent: system, information, computer, network, program, memory, storage, server, processing, request, object, database, message, application, address, instruction, etc.
  4. After quite a bit of these generic terms, we finally get to more specific terms: cache, command, bus, receive, agent, security, link, vector, threshold, encrypted, tree, domain, channel, thread, token, browser, stack, etc.

It is the words in the 4th group which can now be sought out in strings of text extracted from binary/object code files. This test will not include the synonyms or examples for which a search would likely also be performed, nor will it consider translation between software patent terms (e.g. “socket address”) and programming terms (e.g. “sockaddr”).

Because individual patent-claim words would often appear within a single code word (e.g., “accounts” and “file” appear within the single word, “CreateAccountsFromFile”), matching was done of each patent-claim-word to entire entire line of code text. Large regular expressions were created for blocks of the words appearing in the selected patent claims (e.g., “voicemail|voicexml|volatile|…”). Each of the regular expressions were then run against each unique line of text extracted from the sample of 9,900 Windows DLL files. A count was made of the number of regular expressions matched, and those strings matching four or more different regexes were then printed.

The results comprised 130,000 different lines of text, out of 1,529,718 unique strings extracted from the 9,900 sample DLLs. In other words, in this simple and simplistic initial test, about 10% of the extracted strings were potentially useful in a patent prior-art search. An improved test would likely both raise and lower this 10%. Raise, because additional useful text could be found by using other techniques more sophisticated than simply running the “strings” utility. Lower, because some of the found strings are junk.

My sample of 9,900 DLLs known to be part of NSRL only represents about 1% of the 811,000 unique DLLs in the NSRL. On the other hand, there is likely less duplication of contents within files in my sample, as it included only one copy of a given filename e.g. kernel32.dll.

The 130,000 strings included those shown earlier in this post. These were cherry picked. Randomly selecting ten lines, we see:

  • An outgoing replication message resulted in a non-delivery report.%nType: %1%nMessage ID: %2%nNDR recipients: %3 of %4%n%5
  • The vertical position (pixels) of the frame window relative to the screen/container.WW=
  • socket %d notification dispatched
  • CVideoRenderTerminal::AddFiltersToGraph() – Can’t add filter. %08x
  • river util object failed to AddFilteredPrintersToUpdateDetectInfos with error %#lx
  • Software\Microsoft\Internet Explorer\Default Behaviors
  • PredefinedFormatsPopup
  • Indexing Service Catalog Administration ClassW1
  • ?pL_CaptureMenuUnderCursor@@3P6GHPAUstruct_LEAD_Bitmap@@PAUtagLEADCAPTUREINFO@@P6AH01PAX@Z2@ZA
  • ??0LNParagraphStyle@@QAE@ABUCDPABDEFINITION@@W4LNUNITS@@@Z

The last two are C++ function signatures, the first of which can be automatically translated into:

  • int (__stdcall* pL_CaptureMenuUnderCursor)(struct struct_LEAD_Bitmap *,struct tagLEADCAPTUREINFO *,int (__cdecl*)(struct struct_LEAD_Bitmap *,struct tagLEADCAPTUREINFO *,void *),void *)

Since the extracted strings as a whole represented about 10% of the content of the underlying DLL files, and since it appears that about 10% of those extracted strings are potentially useful in a prior-art search, a very rough estimate is that 1% of the contents of code files (at least of this type, DLLs for Microsoft Windows) would be useful. As noted earlier, the tested DLLs represent about 1% of NSRL’s collection of DLL files (though likely with less duplicated contents of files, e.g., only one version of a file named kernel32.dll). Thus, the 130,000 potentially-useful strings in this test may represent about 10 million such strings among NSRL’s DLL files.

These DLL files comprise about 2.25 % of the total 36 million different files in NSRL’s collection; however, as noted in the previous post, the bulk of the NSRL files are not code but media. Further, some code files may be less “chatty” than Windows DLLs.

On the other hand, the information extraction conducted in this test was bare-bones; there are many additional ways to extract information from binary/object code files. For example, such files often contain “magic” numbers which are readily turned into text indicative of a protocol or service employed by the code. An example was shown above of turning a “mangled” C++ function signature into a “demangled” version which looks like source code. Another example is associating GUIDs and UUIDs with names of services. Many of the DLL files in the test done here could easily have been supplemented with matching debug information (PDB files) from Microsoft’s Symbol Server (this will be shown in a future blog post).

Some conclusions from these very preliminary findings will be drawn in the next blog post.

Posted in Uncategorized | Comments closed

US National Software Reference Library (NSRL) and Prior Art, Part 1

I’ve been looking into the possible use of the US National Software Reference Library (NSRL), http://www.nsrl.nist.gov, maintained by the National Institute for Standards and Technology (NIST), as a library of software prior art. Such a library would be useful both to the US Patent & Trademark Office (PTO) and to patent litigators.

The original purpose of the NSRL is largely as a set of hashes of known files, so that a criminal investigator examining a computer can know which files do NOT need to be examined.However, NSRL is moving beyond this to “digital curation,” for example, of a Stanford University Library collection of 15,000 software products from the early days of microcomputing. In contrast to their current storage in boxes and indexing only by product name (which is consistent with most library software archives), NSRL is performing file-level cataloging of the collection.

The next step would be to index the contents of the files themselves. Software binary/object code files often contain useful strings of text, relevant for example to patent prior-art searching. Such “deep indexing” or data mining of code file contents is a goal of the “CodeClaim” project (to be described in a forthcoming blog post).

Such deep indexing of binary code files has been done in some limited areas, such as the superb PDP-10 software archive at http://pdp-10.trailing-edge.com/ in which files have been extracted from tape images, each file given its own web page, and contents of executable files included on the page, enabling a Google search for strings. See also sites such as totalhash.com which, for a variety of reasons, dump strings from Windows executable files (EXEs, DLLs, etc.) onto web pages, which are then indexed by Google (see e.g. Google search for “CEventManagerHelper::UnregisterSubscriber()  : m_piEventManager->UnregisterSubscriber()”).

The core NSRL product is a hashset of 36,108,465 file hashes, listing one example of every file in the NSRL. For example, ten copies of the exact same file contents will share a single MD5 hash, even if each of the files has a different filename or file date, or came from different sources. NSRL calls this the “minimal” hashset. It is a file named NSRLFile.txt, about 4 GB in size, contained in a 2.4 GB zip file (filename rds_243m.zip) from the NSRL downloads page.

Entries in NSRLFile.txt look like this:

  • “SHA-1″,”MD5″,”CRC32″,”FileName”,”FileSize”,”ProductCode”,”OpSystemCode”,”SpecialCode”
  • “00000DE72943102FBFF7BF1197A15BD0DD5910C5”, “AD6A8D47736CEE1C250DE420B26661B7”, “7854257F”, “PROGMAN.EXE”, 182032, 10912, “358”,””

Note that file dates are not included. Of course, the same exact file contents could be associated with different file dates, just as the same file contents can be associated with different file names. Dates of various types (OS file system create and write dates, (c) notice dates within files, linker dates within files) are of course crucial for a prior-art library. A method of associating dates with files will be noted later.

The collection contains media files (*.gif, *.wav, *.jpg). Crucial for a collection of prior art software, it also contains binary/object code files, for example:

  • “0000046FD530A338D03422C7D0D16A9EE087ECD9”, “680CA0BCE1FC7BC4136ADF4E210869C5″,”277D6BD5”, “TokenTypes.class”,2075,20318,”358″,””
  • “00000DE72943102FBFF7BF1197A15BD0DD5910C5”, “AD6A8D47736CEE1C250DE420B26661B7″,”7854257F”, “PROGMAN.EXE”,182032,10912,”358″,””
  • “00000FF9D0ED9A6B53BC6A9364C07074DE1565F3”, “A5D49D6DA9D78FD1E7C32D58BC7A46FB”,”2D729A1E”, “cmnres.pdb.dll”,76800,10055,”358″,”

A test of file extensions (not a guaranteed method to determine file type, but close enough for current purposes) in NSRLFile.txt provides a sense of what’s currently in the NSRL:

  • Many of the 36 million files are images (3.9 million GIF, 1.3 million JPG, 0.95 million PNG)
  • Files are predominantly from Microsoft Windows
  • A little over 1.2% are marked as “Linux”
  • There are files marked as “MacOSX”, “Mac OS 9+”, etc., but these do not appear to include binary code files (e.g., FaceTime)
  • There appear to be few mobile application files, e.g. *.ipa, *.apk
  • Many of the files are archive files, e.g. *.gz, *.zip, *.cab
  • Many of the files are compressed installers, e.g. *.msi, *.dmg; note that NSRL has researched “smart unpacking” of files
  • Many of the files are still compressed using Microsoft KWAJ, e.g. *.dl_, *.ex_
  • The most-frequently-occurring binary code file extension is *.class (Java), with 1.9 million different files
  • There are 811,468 different files with the extension .DLL (dynamic link library files for Windows)
  • There are 295,870 different files with the extension .EXE (Windows executables, possibly with some older DOS EXEs)
  • There are many different versions of code files with the same name, e.g. 835 different files (different MD5 hashes) of files with “kernel32.dll” in the name
  • There are many text files which contain (or potentially contain) source code, including 3.8 million HTML files, and about 1.7 million C/C++ files.

The following describes tests performed with Windows dynamic link library (DLL) files.

Even without access to the underlying files at NSRL itself, the presence of MD5 hashes makes it possible for anyone with a sufficiently-extensive collection of files, and a utility such as md5sum, to do some testing of the files in the NSRL database.

For example, NSRL includes a file with the MD5 hash 2bcbe445d25271e95752e5fde8a69082, and its minimal set of hashes provides the filename “IMPTIFF.DLL”.

The CodeClaim collection of code files contains about 490,000 files which are also in NSRL. One of these 490,000 files has the MD5 hash 2bcbe445d25271e95752e5fde8a69082. In CodeClaim, this file is X:\CD0138\CORELWPA\PROGRAMS\IMPTIFF.DLL; the file-system date is March 23, 1995.

Of the 811,000 files with the extension DLL in NSRL, CodeClaim currently has about 27,000. I have begun testing a subset of these: about 9,900 uniquely-named DLL files, with a total size of 2.28 GB. “Uniquely-named” means for example that one file with the name “kernel32.dll” was used out of the 90 different versions in CodeClaim; this file was selected at random, and is unlikely to be the newest or largest.

A “strings” utility was run on 9,900 DLL files, resulting in about 278 MB of output, about 10% of the size of the underlying code files. This 10% is both an over-estimate and an under-estimate of the usable text to found at least in Windows-based code files. An over-estimate because it contains a large amount of junk which merely looked like readable text to the “strings” utility. An under-estimate because “strings” is only one of at least a dozen methods of extracting useful text from binary code files. For example, given GUIDs or UUIDs in the file, these can often be turned into the corresponding textual name of a protocol or service; there are several other types of numeric-to-string lookup.

How useful would strings contained in binary code files be, for a library of software prior art? A search for “->” quickly turned up many source-code fragments which had made their way into the binary code files, presumably as “asserts” or logging statements. For example:

  • !FFlag(lppcminfo->dwPcm, PCM_RECTEXCLUDE) && FFlag(lppcminfo->dwPcm, PCM_RECTBOUND)
  • !(mod & 0x0004) || (!lpbxi->fDBCSPrio && *lpchIns == ((BYTE)’\x20′)) || (lpbxi->fDBCSPrio && *lpchIns == 0x81 && *(lpchIns + 1) == 0x40)
  • !_pmsParent->IsShadow() && ((char *)(“Dirtying page in shadow multistream.”) != 0)
  • %s — g_PluginModuleInstance->DeInitializeContext() failed.
  • %s:pChannel->RespondToFastConnect returned 0x%08lx
  • ( LSeekHf( qbthr->hf, ( (LONG)( qcb->bk) * (LONG)( qbthr )->bth.cbBlock + (LONG)sizeof( BTH ) ), 0 ))==( ( (LONG)( qcb->bk) * (LONG)( qbthr )->bth.cbBlock + (LONG)sizeof( BTH ) ) )
  • ((sidTree != sidParent) || (pdeChild->GetColor() == DE_BLACK)) && ((char *)(“Dir tree corrupt – root child not black!”) != 0)
  • (FreeBlock >= ChangeLogDesc->FirstBlock) && (FreeBlock->BlockSize <= ChangeLogDesc->BufferSize) && ( ((LPBYTE)FreeBlock + FreeBlock->BlockSize) <= ChangeLogDesc->BufferEnd)

To emphasize, we know that these snippets of code are present in the underlying NSRL collection, because the files examined in this quick test all had MD5 hashes found in NSRLFile.txt.

But so what? What difference does it make that some strings of text which resemble source code are located in commercial products? How useful is this for constructing a searching library of software prior art?

The next step is to see how the types of terminology found in code files are also used in the claims of software patents. This will be discussed in the next blog post.

 

Posted in Uncategorized | Comments closed

US government’s National Software Reference Library (NSRL): recent article

Reading the article, it may not seem to have anything to do with IP litigation, but this National Software Reference Library appears to potentially be an important basis for a prior-art software library (that is, not a collection of publications about software, but of text extracted from the software itself, for use as prior art). Modern software generally contains a large amount of useful text. This text would need to be extracted from binary/object files, and then indexed.

The National Software Reference Library
by Barbara Guttman

LinkedIn IP Litigation discussion

The list of products in the collection is available at http://www.nsrl.nist.gov/RDS/rds_2.43/NSRLProd.txt (3 MB text file). Of course, to be useful as searchable prior art, either to litigators or the PTO, more would be needed than this list of products or even the list of individual files comprising the products. I’m going to do some tests of text extraction against some of the files in their collection.

The fingerprints right now are file-level MD5, SHA1, etc. The original purpose, as I understand it, was so that criminal investigators would know what files they did NOT need to look at when examining a suspect’s computer. They do seem to be expanding the goals, so that now for example they’re working with Stanford to incorporate a large collection of software from 1975-1995 as part of a “digital curation” effort: http://www.nsrl.nist.gov/Documents/nsrl_curategear_2013%20bg%20dw.pdf .

Use of the collection as software prior art would require going down below their current file-level granularity, to do string extraction from binaries, extraction of class headers, etc.

I started a process like this, named CodeClaim, with Frank van Gilluwe and Clive Turvey. CodeClaim is a database of software prior art, generated from the software binary code itself, as opposed to using documents about the software, and in contrast to databases that exist today of open source, such as Black Duck and Palamida. Clive Turvey and me wrote a lot of back-end code, and it was used to process several hundred CDs and a few gigabytes of sample firmware code. The processing we did employed the first few of about 20 different information-extraction methods. Some proof-of-concept testing showed that strings of text in commercial software tends to contain information that would be responsive to queries based on the terminology appearing in patent claim limitations. I also did some preliminary work on weighting of terms (so that for e.g. boilerplate startup or RTL code appearing in every executable would play a reduced role in responding to queries).

Technical and legal aspects of CodeClaim are discussed, though not by name, in:

 

Posted in Uncategorized | Comments closed

Good article on using Wayback Machine (archive.org) in patent litigation

One important use is as a source of reliably-dated prior art. The authors discuss admissibility and authentication issues. Two additional points not made in the article:

  • Technical experts may reasonably rely on dated web pages from archive.org.
  • In addition to web pages, the Wayback Machine also contains a substantial amount of software with datestamps — a potentially good source of software prior art.

[Way]Back to the Future: Using the Wayback Machine in Patent Litigation
By James L. Quarles III, Richard A. Crudo

http://www.americanbar.org/publications/landslide/2013-14/january-february/wayback_the_future.html

 

Posted in Uncategorized | Comments closed