Semantic Labs Tech Blog

Jury clears Google of infringing on Oracle patents

And the other shoe falls…hard…on Oracle. They tried their best to get a piece of the Android pie, but instead of using it to create something they opted to steal the legs out from under it. They announced to the world that they were wronged, and they knew just who wronged them. The problem is, they weren’t wronged.

In a unanimous decision at the U.S. District Court of Northern California this morning, the jury in the trial said Google did not infringe on six claims in U.S. Patent RE38,104 as well as two claims in U.S. Patent number 6,061,520.

The verdict is a win for Google, and marks the end of the trial’s second phase, which focused on the claims of patent infringement.

IMHO, this case was destined for failure. Why? Because Oracle is not Apple.

Apple created things that others emulated. Remember that Jobs’ quote (actually Pablo Picasso) “Good artists copy, great artists steal?” Well, as far as Apple is concerned, many have stolen from it. But they do actually make products that many desire. They designed software and hardware. They did studies to see what they would convince people to like. They marketed their own (mostly) technology. They created things for which people are willing to part with their hard-earned cash…even though they’re pricey.

Oracle did not make Java; they appropriated (bought, inherited, absconded with) it. Oracle bought Sun, which created Java. After their ownership was secure, Oracle went after Google. They said they were wronged and that they were going to get billions out of Google for the audacity of its blatant piracy of their property. And Sun? Well, the only Sun left is the one that rises every morning in the sky. Would they have gotten anything for their creation of Java had Oracle won anything? Unlikely, since Sun is no more. So the argument “It’s the principle of the thing” means just what exactly?

Some would say that stealing is stealing and they would be correct…usually. When the decision to call an action “stealing” is left up to the court, however, a lot more proof is required. Gut instincts won’t cut it in a court of law. Without enough evidence, even what appears to be a slam-dunk case will fail.

(Source: zdnet.com)

Report: Android Malware Growing Exponentially

Robbing a person used to be a difficult thing that required the availability of an exit route, a victim, timing, and a place to calm down. Now, many thieves don’t even see their victims…and the game is far more lucrative. The only odd thing is that the requirements have changed yet again: in the 50’s you needed brawn, at the turn of the century you needed craftiness, now you need a familiarity with computer code. They used to get victims to open payloads with catchy titles; now that people have become wary it has been necessary to change tactics. One thing they have been doing lately is using the bootleg route: give you a “free” copy of a popular app with an inconspicuous payload attached.

“These are called wrappers,” explained George Usi, president of Sacramento Technology Group, a northern California-based channel partner, to CRN. “The malware authors embed their code into popular applications and start capturing passwords and messages across the mobile devices. We haven’t seen people start taking control of the target’s accounts, but that’s probably the next step. When we see them start scraping keystrokes off the systems, they can gain all kinds of access.”

What many people seem to forget is that our smartphones now have more in common with our desktops (or laptops) than with the phones from even five years ago. Smartphones are portable computers that can make calls via the cell system. We really tend not to notice how important they are to us until we lose them; then there is generally a lot of hair-pulling and teeth-gnashing. If the phone happens to be a business phone as well then the direct owner won’t be the only one with no hair and flat teeth.

It sucks that we have to be so careful with our phones. It also sucks that we have to lock our homes and our cars and we have to take our shoes off to get onto a bloody airplane flight that’s going two states away. The best we can do is back up our data in a good, trusted place and do it often…and don’t expect something for nothing. If it seems too good to be true, it usually is.

(Source: crn.com)

Clash in US on mobile privacy protection

Electronic social interaction has been both a delight for some and a nightmare for others. On the one hand, you have something like what Facebook was supposed to be, but on the other you have things like “Girls Around Me.” They are really the same coin but opposite sides. The intent is to let their present friends and perhaps new friends know where they are; the mutation is to let everyone know where they are…including the wolves who are only interested in feeding.

Police are an unusual bunch: on the one hand they uphold the law, but on the other it seems to be very easy to slip and abuse the very law they’re supposed to uphold. Yes, there are a lot of good cops…but the sad truth is that it takes only one abusive cop to tarnish the reputation of an entire department.

“Do we really want to slow down the apprehension of murderers and rapists so they can build their trophy wall by increasing the amount of legal documents necessary to gather information?”

Joseph Cassilly of the National District Attorneys Association said the law “would hamper law enforcement’s ability to quickly obtain important information that could be used to save lives.”

“Because so many cases are time sensitive in nature — including child abductions, other forms of kidnapping and organized criminal and/or terrorist activities — law enforcement must be able to work these cases without unnecessary administrative delay,” Cassilly said.

It is true that there are many time-sensitive crimes that happen. IMHO, the problem is that when methods like “proper search and seizure” are short circuited the time wasted can actually allow the real criminal to go free. For instance, in a fictional scenario where a warrant is not initially required, a stabbing murder occurs and there are three main suspects: Billy the Fist, Red John, and Killer. Billy the Fist and Red John swear that they were both at the bar on the other side of town last night. Killer says he was at his cabin on the edge of the forest watching late-night TV by himself. Since the cops don’t need a warrant, they waltz into Killer’s cabin and find a large Bowie knife that has been recently cleaned and disinfected. The knife tests positive for blood. The victim was stabbed multiple times with a large knife. The cops arrest Killer and charge him with murder in the first degree. They take the knife and use it as a key to get a full search warrant. The police tear apart Killer’s cabin and find…a deer out of season in the basement freezer. In the meantime, the press has jumped on the bloody knife the police found in Killer’s place as the murder weapon…and Red John has quietly disappeared. His trailer is empty…except for a rather large patch of blood on the floor that forensics was able to find despite the attempts to clean it up. The only problem is that several weeks have passed since the murder. What now?

The police are meant to uphold the law…not go on fishing expeditions. This is no different than the Cellbrite UFED Physical Pro device they used in Michigan during a routine traffic stop. That thing is basically a phone vampire and can copy everything on the phone…so if you happen to have racy pictures of your significant other on your phone the cops will too. They don’t do this because they need to; they do it because they can.

With enough circumstantial evidence, you can be incarcerated. It doesn’t matter that you’ll get out eventually…the trauma is real and long lasting. For those who say that only the guilty have anything to hide remember this: you can be taken to jail when your only crime is resisting arrest.

(Source: phys.org)

Malware poses as software updates: Why the FBI is warning travelers

Software updates are a fact of life. Sometimes the updates actually add functionality but most of the time they either fix bugs or close security holes. Software updates are generally a good thing…but there is a problem.

Updates that enhance functionality are usually few and far between so when we receive those they are greeted with interest. Updates that fix bugs or close security holes are — for the most of us — just something that should have been included as part of the finished product so we simply accept them and move on. What we don’t really feel is that complex software is really never finished…it just reaches acceptable milestones.

The “always on, always there” nature of the Internet has made us notice its absence rather than its presence…we simply assume that connecting to the Internet is the same everywhere and the only thing we have to worry about is the strength of our connectivity. This is not even remotely true. The FBI has actually had to file a report on the subject.

“Recently, there have been instances of travelers’ laptops being infected with malicious software while using hotel Internet connections. In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely used software product.”

“If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.”

We have grown so used to the update cycle that the tendency is to accept an update if it appears to be from a program we actually use. Our internal alarm systems tend to have a higher threshold for programs with which we are familiar. We can get caught by something that looks right if we’re not careful.

Basically, updating on anything other than the network at work or the one at home is a throw of the dice. As we have gotten more wary, the malware writers have gotten more devious. We want our computers to work properly and efficiently; they want to either use us to get money from someone else or take our money directly. Remember that a public hotspot is just that…public. Anyone can get on. It is specifically made to be easy, but easy goes both ways. If a bad guy doesn’t get you then he can move on to someone else; if he does get you then you are hosed…and he’ll still move on to snag somebody else. Update at home or at work…unless your connection at either place is unsecured.

(Source: techrepublic.com)

Judge denies Oracle’s motion to throw out Google’s fair use claim

Once again the case moves away from being swallowed by the abyss. All of the attempts by the lawyers from Oracle to make a case definitively against the idea of fair use have not worked. Considering the odd direction of the case (not copying the code but copying the “structure, sequence, and organization” of Java APIs.) it is probably a good thing that they cannot lock their case down. Unlike many persons in power making policies on technology they do not understand, Judge Alsup actually seems to know what he’s seeing.

But Alsup continued to demonstrate his understanding of the makeup of the Java packages, remarking that along with names, methods in APIs are not copyrightable because if a developer wants a particular function, there is only one possibility.

“Oracle doesn’t have a monopoly on that,” Alsup continued. “If you want to have a function, that is the only way to write it.”

I am probably wrong, but I cannot seem to shake the feeling that only the judge cares about what is right…the others seem to care only about winning. It seems that each side is doing what it can to swing the ball in its favor…whether or not that is a good thing is immaterial. What do they say, “Win, or go home?” Or perhaps the other, more negative saying “Second place is the first loser?” This case is worth it for us as users and developers…but is it really worth it to Oracle? If they win, they could effectively kneecap Java by making the idea of really using it not a good thing for fear of being sued. They can say all they want that they won’t but if they’ll sue one entity there’s no real guarantee they won’t sue another.

(Source: zdnet.com)

Google guilty of infringement in Oracle trial; future legal headaches loom

So, the verdict is in: Google infringed on Java. Google picked on the wrong company this time. Bullies never prosper: they should only pick on other companies their own size. Now, it’s just a matter of deciding what compensation the giant will be giving to…the other giant? No, not so fast.

What did Google infringe? Well, according to the jury there are some nine lines of code which Google copied. Is a single function copyright infringement? Google admitted that it copied it. Under ordinary circumstances, something like this would have been laughed out of court. The other shoe, though, is the important one:

Even though Google’s code in Android was original or borrowed from other open source code, the jury found that the Android APIs copied the “structure, sequence, and organization” of Java APIs.

So the code itself is seen as original, but the structure, sequence, and organization are seen as infringement. Perhaps I am missing something but it seems that constructions in cyberspace have to be functionally different but reach the same conclusions in order to co-exist and compete. This sounds to me like they would have judged the Airbus 320 to be an infringement on the Boeing 737 because  the Airbus has a cylindrical body, two wings, two horizontal stabilizers, two wing-mounted engines, and a single vertical stabilizer just like the Boeing…which was created first.

If the verdict that Android infringed copyrights stands, it could put programmers in a difficult situation. Java is an open source language, but now it’s not clear how free programmers are to use it, since Oracle has said that anyone following the Java APIs—which are basically sets of instructions about how to use Java—needs a license.

The effects beyond Android and Java are unclear.

This has an unfortunate sound to it. It very much sounds like “you can use it so long as you don’t make lots of money at it. If you do make a lot of money, we will be coming after you for a cut.” I have always felt that there was some peculiar wording in the EULA of Java but it is one of those instances where you can decline to use it if you wish…but unless you shut it off completely any bug fixes (which are the main point of Java updates) will not be applied to your machine. In other words, agree or take the considerable chance that a virus will bypass all of your security and take up residence within your machine.

The case is still in court. Hopefully, clarity of our position will also be a part of the conclusion. I have my doubts.

(Source: Ars Technica)

Consumerization trend driving IT shops ‘crazy,’ Gartner analyst says

Phones are not what they used to be. Now, even the most basic phone can do more than make a mobile call. What we call smartphones are basically small computers that can make calls rather than phones that can do a little calculating. What we call tablets are basically an intermediate step between our always-with-us phones and our more-powerful-but-restricted-mobility primary computer systems.

Our smartphones are great for quick Internet searches or getting directions and accessing documents but not so much for reading or creating documents or viewing videos. Tablets are great for reading documents and watching videos but without an alternate means of data entry are not so good for creating documents…hence the need for the primary computing system. Still, both the smartphone and the tablet are much better in their niches than the primary computer is and once you experience them it’s difficult to go back to being without them…IMHO it’s like having electricity.

Amusingly enough, while the world around us is moving faster and faster towards a technological revolution many humans are a little unrealistic in their expectations. Most people seem to feel that if their work computer can be accessed from their home computer then there should be no problem with accessing their work computer from their hand-held computer. The difficulty is that while the home computer has pretty decent security and the laptop has reasonable security (its size would tend to be noticed when missing…but not always) the smaller devices do not. There are also a very limited number of OSes that primary computer systems use, unlike the myriad incompatible OSes that smartphones use. Additionally since the input system of the smaller devices (touchscreen) can be awkward, the tendency is for passwords to be stored on the device itself…and unlike a laptop it is rare for someone to put a password on their tablet or smartphone…that defeats the instant use ability of the device.

“The number of devices coming in the next few years will outstrip IT’s ability to keep the enterprise secure,” he said. “IT can’t handle all these devices. They’re going crazy. They get into fights on whether users should get upgrades or not.”

And because IT shops won’t be able to keep up, software vendors will be forced to innovate and create what Dulaney called “beneficial viruses” — software that will be embedded in sensitive corporate data, such as financial or patient information, that’s carried on a smartphone or other mobile device. These beneficial viruses would work like Digital Rights Management (DRM) software seen on music and video files, which require a license to play the file, Dulaney explained.

Yes, the idea DRM leaves a bad taste in most peoples’ mouths. Had it been done properly instead of attempting to usurp control of your entire machine I feel it would have been accepted. Still, as far as company data goes, there needs to be some sort of DRM or you might as well project your company internals on the side of a building and hope no one who can see it has a high-res camera handy.

I think the poison pill idea is a pretty good one, but they have to be careful with it. I can see a potential scenario where a phone is lost and the owner makes a request to IT to wipe the whole thing: company data and personal data. This sounds like a good idea until you think about “what happens if I leave this place?” They will have to remove their poison pill information without compromising your personal stuff. If you happen to get fired or leave under less than friendly circumstances, they might not be so careful when they scrub their data from your device…and the backup you make of your phone data might still include a copy of their pill which will erase data when it’s activated.

Another thing about the poison pill: just like physical poison, it needs to be digested (processed) for it to work. I presume that the idea is for the pill to erase the data to which it’s assigned and then erase itself; if this is not the case then purloined devices will have intact copies of the executable on them for study. Casual criminals will be dissuaded by this tactic but authentic information brokers are patient…and allowing them to study processes is allowing them ways to get around the processes. Remember, in real-space a fence is still a fence when you are not looking at it. In cyberspace a fence has to be processed before it can be identified as a fence…just like the data that the fence is supposed to protect, and the thief trying to bypass the fence to get to the data. They’re all 1’s and 0’s until they get processed…but there are a lot of ways that 1’s and 0’s can be arranged and a lot of ways they can be read. The trick IT needs to accomplish is allowing the right person to read without the wrong person gaining access if they steal an authorized device…a tall order with many different devices with varying levels of security on them.

(Source: computerworld.com)

Java creator James Gosling: ‘Google totally slimed Sun’

IMHO, the whole idea behind Java was to be able to write a program once that would work on any system that could understand it. Basically, each OS was supposed to have a virtual machine (VM) that understood how it was laid out functionally, and could also understand Java. In this virtual manner, Java would be able to use a machine’s resources to run; there would no longer be a need to write different code for different machines to do the same thing.

Android was supposed to be the Java implementation on phones; basically a VM that understood the internal functions of a smartphone and allowed full and efficient use of the smartphone resources. After all, a smartphone is no longer just a phone; in reality it is simply a small form-factor computer with limited internal resources. A Java VM should be perfect for a smartphone; on the primary side it understands Java and on the secondary side it understands the vagaries between different manufacturer’s products. Unfortunately, that is not how it played out.

“It’s really hard to tell what their intentions are with Android. They put this thing out there, and you’ve got lots of people picking it up. The big attraction seems to be the zero on the price tag. But everybody I’ve talked to who is building an Android phone or whatever, they’re all going in and they’re just hacking on it. And so all these Android phones are going to be incompatible.

To say that Android is fractured is like saying the Challenger Deep is under water. Many brand-new Android smartphones today cannot even run the latest version of Android because they are like the space shuttle; at the time the design was finalized, the latest data did not exist so none of the new findings could be applied. However, unlike the space shuttle, it is not in manufacturers’ best (aka. immediate) interests to update technology already out of the door. They want you to buy their latest technology; by the time they test the new software on the old hardware the new hardware is about ready to produce. If consumers can use the new software on their old technology what’s the incentive to buy the new hardware?

I believe that they are trying to emulate Apple’s ability to make people want the new iPhone when it comes out; people go nuts when a new one comes out. What manufacturers do not seem to understand is that the reason people clamor for iPhones is because they bloody well work: consumers can go to iTunes and know — without a shadow of a doubt — that they will run the apps that they find there. People know that when a fix to the OS comes out that it will be implemented. People know that their phones will handle at least one full OS upgrade and its associated bug fixes before they will need to get a new iPhone if they want the latest and greatest.

Are there drawbacks to being forced to use iTunes? Sure…but being able to purchase a phone from a manufacturer and knowing that it’ll run that cool app your friend had takes some of the wallet pain away. Being a closed ecosystem limits some things that are good but also makes sure that what’s there actually does what it’s supposed to do. If Android had been a little more locked or at least had some rules that demanded compliance to a standard it would have far fewer problems. Live and learn.

(Source: CNET)

Small Firm Takes on Apple, Google, Over Voice Patent

Very soon, I expect someone or some consortium to patent “the flow of electrons confined within a cylindrical transport medium.” To protect themselves from the possibility of anyone attempting to bypass their patent, they will also patent “the flow of electrons within mass-produced mineral substrates and their corresponding oxides.” After both of their patents are secured, they will proceed to sue every wire and cable manufacturer, every power company, and every semiconductor factory on the planet. While many will fight, someone is bound to pay rather than go to court.

Patent litigation among mobile device makers has become fast and furious in recent years as the lucrative mobile market has grown quickly. Potter’s suit is notable for its broad range of targets and the fact that it comes from a largely unknown company. Potter Voice lists an address in Brighton, Colorado, a suburb of Denver.

Basically, Potter Voice is suing Apple, Google, Microsoft, and all the major smartphone manufacturers for infringement of its patent on “natural-language voice control of a computer.” Since they are suing basically everyone I’m under the impression that all the hardware manufacturers are using the same program that the software companies use to make their products. It is also interesting to note that the ability to parse natural language is apparently inherent in the hardware itself…were this not the case then the hardware would not be infringing, correct?

There is a problem with the U.S. Patent Office: it cannot do what it needs to do with what it presently has. I could also include the U.S. Justice Service, but their problems are not to be discussed here. The Patent Office is overworked and understaffed; many patents have been granted for things that should not have gotten patents in the first place. IMHO, all patents should have a working prototype which can be examined in minutiae by accredited mobile U.S. Patent Officers. If the invention does not work as claimed or if there is no invention then there should be no patent granted, period. This constant litigation needs to stop.

(Source: pcworld.com)

Your Next Phone May Be Able to See Through Walls

There was a time not too long ago when mobile phones only made phone calls. They were big and somewhat bulky, but they allowed you to leave your house and still be reachable with a single phone number as long as you were within range of a broadcast tower. Increasing computing power has led to smaller devices which can do much more. There are very few phones which cannot text, surf the Internet, take pictures, organize information, and in general be a hand-held communication device; they are out there for now, but you have to look for them.

In keeping with the intent of turning our smartphones into the proverbial “devices without which we cannot live,” there is a new use for the camera which used to be a snapshot device but is rapidly becoming a real photographic device: looking through minor obstacles. We used to be able to take pictures of things we could see…now we’ll be able to take those same pictures but of things we can’t actually see.

The combination of CMOS and terahertz means you could put this chip and receiver on the back of a cellphone, turning it into a device carried in your pocket that can see through objects.”

In developing their chip, the researchers, who are concerned about privacy, are focusing on a range of less than four inches. Once the chip hits the mainstream, though, there are plenty of folks, many of them wearing uniforms, who have fewer qualms than the researchers about boosting the range of the chip.

The new chip sees in Terahertz radiation which is basically between infrared and microwaves. Do you remember that big scare about Pass Filter lenses a few years back where it was discovered that certain wavelengths of infrared light made many articles of clothing basically transparent? Well Terahertz light penetrates even further than infrared…but not as far as microwaves so there is really no danger of being irradiated. Theoretically, Terahertz radiation could be used as the first iteration of the almost mythical tricorder device that could look through clothing and dirt and blood to see the real wound, among other things.

If they manage to make these chips cost-effectively I gather that they will either be standard equipment for the higher-end phones or at least an add-on; Apple will probably patent it to keep others from doing so. I also have no doubt whatsoever that someone will mess with the focal range to allow for greater scope. Not just pervs will want the ability to quickly scan another person; paranoid people would find something like this invaluable. I wonder if there will be a niche line of underwear labeled as “opaque to T-Rays?” It’ll probably be a great seller…it doesn’t take much to make ordinary people self-conscious.

(Source: pcworld.com)