Thursday, October 27, 2011

95. Apple's Newly Awarded Patent Shows Cracks in a Broken System

[Article first published as Apple's Newly Awarded Patent and a Broken System on Blogcritics.]

If you read my stuff with any sort of frequency then you know how I feel about the current state of the American patent system as it’s applied to software and technology.  The people that originally developed the patent system had no way of knowing what it would mean in today’s explosion of technological advance. 
The result, in my humble opinion, is that the system is broken for the modern age and in need of an overhaul.  Over the last few years I’ve seen patents, which were originally developed as a form of protection for an inventor, become a corrupted version of its original intent.  Instead of protection they’re now used primarily as strategy and legal weaponry against competition.  And the reason is the pure power behind it – a patent grants exclusive rights on the technology in question for 20 years.

Outside of basic patent trolling, there are a number of examples that can be cited here that illustrate the shambles that our patent system is now plagued with, but it was the most recent one that set me off this week.  Just recently Apple, which is a perennial member of the patent lawsuit club, was just awarded patent 8,046,721 (7,657,849 is the same thing just older) by the good ol’ USPTO, entitled “Unlocking a device by performing gestures on an unlock image.”  I’m going to let that one sink in for a second and let you read some of that patent I linked before the tirade that’s about to follow, divided cleanly into three (3) parts for your convenience.  And before I get to it, let me put a disclaimer out there that I’m not a lawyer, nor do I have any formal legal education or professional experience.

You good?  OK.

1.  On the grounds of ridiculousness and greed

A lot of the big sites that are covering this are making a big deal that “Slide to Unlock” has now been patented, and that any other system, as in targets, i mean devices running Android or Windows Mobile that uses a sliding system as a means for device unlock are now all immediately infringing on Apple’s patent rights.  But they’re missing the bigger point, and/or they didn’t actually read the patent before they excitedly posted it as news.  But I’m not going to leave you in the dark like that.  I like you guys.  You read my stuff.  So the link I have above goes to the actual text of the patent on the official US Patent and Trademark Office website.  Search the text for “slide to unlock.”  Can’t find it, can you?  That’s because that phrase isn’t mentioned once in the entire text of the patent.  What is mentioned is “gestures.”  This means that not only sliding, but as the patent says (I’m paraphrasing), any continuous touch motion following a predefined path on a predefined unlock image for means of unlocking a device is covered.  Even if instead of a slide, your device requires you to sketch the Mona Lisa over a specified unlock region to unlock your phone, it’s still infringement on Apple’s new patent in the United States.  As most smartphones today have a full touch screen in a “candybar” form factor, what does apple suggest we do to unlock our devices?  The only option left is a series of hard button presses.  Oh right, or keep the gesture unlock, and pay apple a few bucks for every unit sold.

2. On the grounds of prior art

OK, so “ridiculousness and greed” wasn’t really much more than just my chagrin articulated in text, but prior art is a legitimate thing when it comes to evaluating patents and intellectual property.   Based on my perusal of patent rules and the Manual of Patent Examining Procedure (the MPEP for short, and man is that thing complex) the nutshell definition of prior art is that “it’s been done before.”  Now while people were marveling over the iPhone when it was released in the summer of 2007, no one seemed to recall the Neonode N1m, a Windows CE device released in 2005, almost 2 years prior to the iPhone.  The N1m was a touchscreen device that had one very relevant feature to this story:  you slide your finger from left to right on the screen to unlock it.  There’s a video review of the N1m on YouTube that was made around the time of the iPhone release (via Android Central).  You can skip the beginning and start at the 4:00 mark.  It clearly shows the sweeping left to right motion over a visibly marked lock area to unlock the device and get back to the functional menus.  This case was dismissed by Dutch courts for this very reason.  While Apple and Samsung are taking shots at each other across the pond, the N1m came up, forcing the judge to rule that Apple’s patent claim as “non-inventive” and likely invalid.

3.  On grounds of “for the good of the game”

When it comes to software and especially mobile tech, it’s relatively easy for large corporations to either file trivial patents for the sole purpose of extracting money from others or to acquire smaller companies and get ownership of their patents, again for the sole purpose of extracting money from others.  Weaponizing a practice that was originally meant to protect an inventor from unjust theft changes the game.  With this new strategy, fear of a lawsuit creates a huge new barrier to entry for small startups and inventors, who could be forced with a horrible decision between huge licensing fees and closing up shop.  And as for patent wars between tech giants, why invest in R&D and engineering to try to come up with something new and inventive for consumer-generated revenue streams when you can buy or bully a startup for less and charge licensing fees?  Take a look at the recent Microsoft-Compal deal.  Now Microsoft collects licensing fees from over half of Android device manufacturers.  So instead of tech teams trying to innovate, surprise!  A new patent troll comes screaming and kicking into the world.  Look at all that wasted talent.

I don’t know exactly how to fix the system; I just know that a system that let this through needs to be fixed.  Software and tech aren’t really “things” the traditional way most static or mechanical patentable things are, which means that a traditional system can’t work. 

Wednesday, October 12, 2011

94. Hacking, Social Engineering and RSA

[Article first published as Hacking, Social Engineering and RSA on Blogcritics.]

More than occasionally people will come to one of my tech friends or me with a computer problem.  No longer an uncommon occurrence with the ever-present digital influence in our lives, we’ve all grown accustomed to the fact that this will, in fact, never end. 

If what they say is true that knowledge is power, it’s kind of our duty as computer nerds – versions of “keyboard cowboys” if you’ll allow me to make a reference to Hackers, to help people when it comes to all things technical.  But we’ve all noticed a sharp shift in what people come to us for – when a few years ago it might have been basic OS reinstalls or simple virus cleans, today it’s a lot of security and protection of personal data.  And the reason for that is the evolution of the development of viruses and other pieces of malicious software. 

Back then viruses were designed for one of a few goals: humor and annoyance (i.e. Yankee Doodle and its ilk) or at worst, data destruction (remember Michelangelo?).  But once the internet age took hold, destruction of data wasn’t enough.  Now there are networks.  Now there are advanced communication methods.  Which means now there are means and opportunity.

Where there’s means and opportunity of course there’s theft.  Why just destroy data when systems are in place now to try and leverage that data for gain?  That’s the kind of thinking we need to deal with now.  And while most people may think that the biggest thing to fear on that front is a virus or worm that could steal information or holes in their security, they’re only half right.  What’s more dangerous is the blind spot they have which prevents them from seeing the human element – how those security holes are exploited and how those and trojans and malware are deployed to begin with.  And that human element is called social engineering.

In a nutshell, social engineering means bending someone to your will, whether they know it or not, into giving you their trust, and any information that comes along with that.  It’s a method for skimming information in which a human is the target, not necessarily a computer, and for that reason doesn’t even need a computer.  It can be done over the phone or even in person.  A common form of social engineering is phishing, where a user is baited into handing over information.  Have you ever gotten those emails that appear to be from Amazon or UPS linking a tracking number or purchase ID?  Yet, when you click on the link, it takes you somewhere that isn’t Amazon or UPS and starts asking for names, passwords and credit card numbers?  What the phisher is hoping is that they gain your trust by hoping to be someone you routinely do business with, then convince you to give them the information they want.  See?  A metaphorical bait and hook.  There’s a myriad of other types of social engineering that I may get into in later posts, but this just background for a specific story.

RSA, a highly respected security company who provides the popular SecurID two-factor authentication system was hacked back in March of this year, and that hack started a wave of attacks on companies that do contract work for the US Government like Lockheed Martin, L-3 and Northrop Grumman.  They’re in the news again, this time with some theories after investigating the incident with the FBI and Department of Homeland Security.  At RSA’s security conference in the UK on Tuesday, their president Tom Heiser stated, based on the complexity of the attack, that “we can only conclude it was a nation-state sponsored attack.”  They believe that the hackers’ goal was to directly exploit companies that did work for our government, and of course for security reasons have withheld other information.  Scary as hell right?

So how did all of this happen to a company of such reputation in the field of security?  It’s been reported (unconfirmed by RSA) that access was gained through a phishing email targeting employees in the HR department with an excel spreadsheet entitled “2011 Recruitment Plans” and a body text of nothing but “I forward this file to you for review.  Please open and view it.”  No signature, no name, no contact information and presumably unsolicited.  All it took was for someone to trust that the mail was legitimate, open the attachment, and unwittingly let the code execute.  Supposedly in this case it was an exploit in Adobe Flash that allowed the real attack to be executed, but simple phishing provided the entry point.

So what point am I trying to drive home here?  Hackers don’t need to rely on a toolkit of scripts and exploits to gain unauthorized access to networks.  Sophistication isn’t a prerequisite for to successfully find a point of intrusion – even primitive social engineering schemes like this one were enough to break into a company like RSA.  So next time you get an email that’s asking you for personal information, or someone’s asking questions that are getting a bit too personal, do yourself a favor and don’t answer them, whether it’s over the phone, via email or on the web.  Ask your service provider if what you received was really from them and legitimate, and consult one of your nerd friends.

And go buy some antivirus software, I know too many of you are running systems without.

Thursday, October 6, 2011

93. Remembering Steve Jobs (1955-2011)

[Article first published as Remembering Steve Jobs, 1955-2011 on Blogcritics.]

In my scribblings over the years, I’ve occasionally taken the pen to Apple on certain topics, namely mobile wars and the iPhone.  Make no mistake, though I do from time to time disagree with Apple’s tactics and philosophies, you’ll notice that I never once said that they made devices that were ever less than excellent.  And that’s no accident.

Yesterday Steve Jobs, one of the founders and former CEO of Apple passed away after a long battle with pancreatic cancer.  With his notorious micromanaging and perfectionist personality, his name was synonymous with “Apple,” as people were unable to see the iconic fruit logo without seeing him.  It was after all his vision and strategies that put the company on the map as one of the leaders in technology and innovation, and changed the way we live our lives.

Throughout his life, Mr. Jobs’ philosophy was one of achieving one’s dreams – regardless of how ridiculous or far-reaching they seemed at the time.  The kind of ambitions that would invite accusations of insanity if it were any one of us.  But fortunately for him, and us, he had the tenacity, need for perfection, outright skill and passion for tech and design to make them all happen.  Even as a youth growing up in Cupertino, California, this held true.  As a teenager, he had the nerve to call William Hewlett (yes, of Hewlett-Packard) and ask him for computer chips and parts he wanted to use for a school project.  Hewlett was convinced, and ended up delivering with the parts Jobs needed, and was impressed enough to offer him a summer job along with them.

That summer job at HP led to a job at Atari in its formative stages, as well as a membership in the Homebrew Computer Club in the late 1970’s.  This was a collection of computer hobbyists, engineers and other folks who saw infinite promise in the realm of personal computing.  This club had members the likes of George Morrow, Jerry Lawson, and of course, Steve Wozniak.  The Woz designed a few computer systems just for fun, but Jobs was the one that recognized the potential of his projects – not only for business, but for something that could be used by the masses, not just nerds tinkering with chips.  After calling all of Wozniak’s family and friends to help, shall we say, he was guided to the right decision, Wozniak ended up leaving HP even though his tinkering was originally just for fun, and Apple Computer was born.  Par for the course – Jobs had gotten his way, as he always did, and always would.

Even back then he had a near-supernatural ability to see not only what was coming next, but more specifically what was important.  Shown again later in his career in an interview with Playboy magazine in 1985, he said that “The most compelling reason for most people to buy a computer for the home will be to link it to a nationwide communications network.  We're just in the beginning stages of what will be a truly remarkable breakthrough for most people--as remarkable as the telephone.”  1985.  Back when a gigabyte was a thing unheard of, the internet didn’t exactly exist, and modem speeds were measured in baud and heard in decibels.

Then came the Apple II, and eventually development of the Lisa, where his time at Xerox PARC would help him drive a system using graphical windows, “files” and “folders,” and a mouse-controlled interface.  As he found the Lisa project team wasn’t ready for that or his demanding management style, he moved over to the Macintosh team.  Energized by his passion and style, they took those technology principles and ran with them.  As Jobs told Steven Levy in 1983, while the Lisa team did want to make something great, “the Mac people want to do something insanely great.”  So came the Mac personal computer in 1984, heralded, ironically, by their “1984” Super Bowl Ad.  But it didn’t sell as well as they anticipated, and Jobs brought in Pepsi’s John Sculley to run the show.  Sculley almost immediately fired Jobs from his own company.

In retrospect, getting fired might have been the best thing that could happen to Jobs.  It allowed him to begin working with George Lucas at a small computer graphics studio called Pixar, leading them to develop successful animated films, ultimately selling to Disney for a shade over $7 billion.  Returning to Apple after Pixar was sold, Jobs took the helm at Apple again with a slightly different philosophy.  Jobs believed in the merging of art and science to create products that stood out from the rest that consumers craved.  With this philosophy he started what would be over a decade of innovative design for consumer goods for Apple, starting with the iPod in 2001, the iPhone in 2007, and finally the iPad in 2010.  Of course that is to say nothing of the iTunes service and their massive App Store.  Apple has since been one of the top companies in personal computing, and has the same influence, if not more, than IBM and Microsoft on the way we live and do business today.

His fans regard him as nothing short of a God – as a central figure in their lives whom they’ve never even met.  As irritating as it can get sometimes as I hang out in the Android camp, it’s a testament to the mark Jobs has left on the world – creating products that people – not just tech nerds but civilians – wanted, no matter what… even if they might not have known they wanted it to begin with.  He created the market for modern portable music devices.  He created the smartphone market.  And most recently, the American tablet craze is all thanks to him.  His works not only affected his fans, but fostered fierce competition and helped spur innovation from other companies, in the hopes of matching or beating his product offerings.  Touch technology might not have been as ubiquitous as it is today without Apple’s iPhone fueling competition in mobile communications. 

No one was really trying to make ultra light notebooks until Apple’s MacBook Pro and MacBook Air.  Countless technologies exist that may not have been invented by Apple, but have the hand of Jobs somewhere in the initial inspiration for those designs.  And that’s not even getting into entertainment and everything that evolved from Pixar and movies like Toy Story.  He helped build the computing industry and would be a face on the Mt. Rushmore of technology if such a thing ever existed, along with faces like Bill Gates and Tim Berners-Lee.  As personal computing evolved, so did business and enterprise IT.  And on a personal level, the industry he helped create along with other tech giants gave me a hobby as well as a career.  And all along the way we were all inspired, even if only from time to time, to “think different.”

So for everything, thanks Steve. 

Tuesday, October 4, 2011

92. App Ninja Sneaks one by Apple with Fake Ninja Turtles Game

[Article first published as App Ninja Sneaks one by Apple with Fake Ninja Turtles Game on Blogcritics.]

Apple prides itself on their strict guidelines and screening process for the apps that can be sold in their App Store.  They have a number of rules that cover functionality, quality, content, payment, and of course trademarks and copyrights.  Suffice it to say that there are a number of reasons that the iPhone app you’ve been working on can possibly be rejected at any given time.  So given this strict attitude towards software written by third-party developers, what happens when an app submitted breaks almost all of Apple’s rules?  Generally, the app is rejected and the developer can file an appeal with the review board.  However, certain apps somehow still fall through the cracks.

Recently available on the App Store (August 18, to be precise) was a game that marketed itself as one based on the Teenage Mutant Ninja Turtles franchise.  Now of course when one thinks of TMNT, there are a number of things that come to mind – turtles named after artists, heroes in a half shell trained in the art of ninjutsu, a healthy amount of pizza being crushed by said turtles, and an overuse of old surfer slang, i.e. “cowabunga” and/or “radical.”  Sadly, much to the dismay and outrage of many Apple customers, this game included none of the above.

The game was made by Vietnamese developer Namphuong Star, who convinced customers with a $5 price tag that it was authentic and official, even going as far as to sport a licensed TMNT logo in its app description.  Opening the app reveals a very different story.  In addition to not having any turtles, there’s no functionality, and the game sprites and backgrounds are flat out stolen from other games.  Look at the screenshot up there.  Look familiar to anyone?  Because it sure looks like Konami’s Contra to me.  I remember a pop-out cannon in that blotched out region of the cliff there, and I don’t even know where to begin with those little army men (?) that must have taken all of 40 seconds to draw in MS Paint.  

This game is horrible straight through to the core, not just on it’s ridiculous surface.  You see, in addition to lying and tricking customers into purchasing it, the developer rewards their purchase with an app that simply does not function, as well as a support site shilling Apple accessories instead of fixing the issues.  Reviews of the game reflected the plight of those who purchased it, but the following three seem to address all the problems present with this particular piece of software:

“I bought this game for my grandson, he loves the TMNT!! This game has no directions we can't figure out how to play, or even how to restart the game. There aren't any turtles in the game. A total waste of $5”

"The character immediately slides off the side of the screen. There seems to be no way to actually interact with the game. And there doesn't seem to be any way to start a new game. The use of the Teenage Mutant Ninja Turtles characters on the splash screen are almost certainly infringement; the blob that slides off the 
screen during the actual game isn't identifiable as a turtle. Or much of anything.”

“Visiting the developer website and the support site both go to the same spammy, Vietnamese-language website selling iPhone and iPod accessories. There doesn't appear to be any actual support. Deleted and requested refund.”

So let’s round up all of the problems and how they violated Apple’s guidelines.  Just the description breaks Apple’s rules on name and description metadata.  Using sprites and backgrounds from other games, as well as the fact that Nickelodeon owns the rights to the TMNT brand, violates the rule on use of material trademarked or copyrighted by a third party.  The fact that it outright doesn’t work violates Apple’s rules on functionality.  Granted, it may be rare that something like this falls through the cracks, but if any reviewer took any look at this app for more than half a second then this should have been caught right away.  We all remember what happened with the I Am Rich app a little while ago, right?

More than anything else though, this is just plain silly.  I hope the person who bought this for their grandson gets their $5 back.