FAQ: How will Microsoft respond to Lucky's patent application?

Lucky Green shamrock at cypherpunks.to
Sat Aug 10 15:13:49 PDT 2002 

I have received numerous questions in conversations and interviews over
the last few days as to what I believe Microsoft's response will be to
my recent patent application for methods that utilize Palladium and
operating systems built on top of TCPA to assist in the fight against
software piracy.

Rather than continuing to repeat the same answers in conversations, I
will simply make the answers available to the lists. Obviously, the
following is my personal opinion. I don't profess to speak for
Microsoft.

Allow me to first outline some principles of how patents work in the
U.S. Note that I am not a member of the federal Patent Bar and as such
the following is simply my limited understanding of the process and
should not be construed as legal advice.

For a patent to be valid in the U.S., the idea to be patented must offer
utility, be novel, and be non-obvious. I will address the three
requirements as I believe they apply to my patent application in turn:

Utility: According to the Business Software Alliance's website, in the
financial loss to U.S. society due to software piracy in the year 2000
alone amounted to a staggering USD 7.2 billion. I therefore don't
believe it can be reasonably argued that methods that may help reduce
the level of software piracy lack utility. In particular, I don't
anticipate Microsoft to argue that protections against software piracy
that assist in the enforcement of licensing agreements lack utility.

Novelty: As I mentioned in my earlier post, Peter Biddle, Product Unit
Manager for Palladium, very publicly and unambiguously stated during
Wednesday's panel at the USENIX Security conference that the Palladium
team, despite having been asked by Microsoft's anti-piracy groups for
methods by which Palladium could assist in the fight against software
piracy, knows of no way in which Palladium can be utilized to assist
this end. Peter after the panel asked Brian LaMacchia, a well-known
security expert with Microsoft, who was present but not on the panel, if
he knew of a way to utilize Palladium to assist in the enforcement of
software licenses. Brian did not respond with a solution. (At that time
I briefly mentioned to both one of the methods in which I believe
Palladium can be used to assist in the fight against software piracy).

Peter, who obviously would have been aware of all such methods were they
known to the Palladium team, struck me as a forthcoming guy. While I
will readily admit that the impression I gained of the person over the
two hours I interacted with Peter may carry little weight with those
that consider the words Microsoft and honesty to be mutually exclusive,
I would like to point out the following:

If Microsoft, after so publicly denying any knowledge of ways to use
Palladium to assist in the enforcement of application software licenses
to an audience representing a veritable who's who of computer security
and related public policy (the attendees ranged from Whit Diffie to Pam
Samuelson), were to - after my filing for a patent - suddenly assert
prior art, neither the attendees, nor the press, nor the public would
take kindly to having been so deliberately misled by Microsoft.

The likely result would be that Palladium will lose what limited support
the initiative may have at this time. I suspect that even somebody that
may have a low opinion of Microsoft will agree that Microsoft is not as
stupid as to play such a dangerous and losing game.

I was asked the next day at USENIX if Microsoft could not simply claim
prior art when in fact they had none at the time my invention was made.
I would like to reiterate my points made above and add that such claims
would need to be filed under oath. Whatever one's opinion of Microsoft
may be, I doubt that the salaries paid in Redmond are sufficiently large
to goad a mid-level employee into committing perjury.

Lastly, it does not matter for the above analysis if any supposed prior
art were to  be claimed to be created by Microsoft or third parties. It
is simply inconceivable that the scientific members of the Palladium
team would have been unaware of any such prior art given the their many
years on the project and the thorough research they engaged in as
evidenced by the lengthy DRM OS patent. If prior art existed, the
Palladium team would unquestionably have known about it and thus been
able to tell their anti-piracy group and the attendees at USENIX about
methods to utilize Palladium as a tool in the fight against software
piracy. Since they did not, the reasonable conclusion is that no such
prior art exists.

Obviousness: In the interest of brevity, I will simply state that if the
Palladium team has not thought of such methods in the years they worked
the project every day, the methods mentioned in my patent application
cannot conceivably be considered obvious.

In summary, at this time I am not aware of any grounds on which
Microsoft could challenge my patent once/if it will be issued. I
therefore currently do not anticipate that Microsoft will challenge the
patent.

Lastly, I feel obliged to mention that it is quite irrelevant what I,
Microsoft, or the subscribers to this list believe to be the case with
respect to my patent application. All that matters is what the patent
examiner at the USPTO believes. Unless one of the subscribers to this
list happens to work as a patent examiner.

--Lucky Green




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list