Barracuda Seeks Open Source Community Help In Fighting Off Patent Infringement Claims
from the prior-art-please dept
Back in December, we wrote about how a patent lawsuit being brought by antivirus firm Trend Micro against security company Barracuda could make computers less secure. As details start to come out about the case, the situation seems even worse than originally stated. T.J. writes in to point us to a detailed history of the case. It starts off by noting that Barracuda is asking for help from the open source community in finding and submitting prior art. That's because Barracuda makes some use of the open source product ClamAV. However, the additional details provided show how anti-competitive Trend Micro's lawsuit is, rather than being one designed to push for "progress."Specifically, it looks like Trend Micro worked out favorable deals with the big players in the space, McAfee and Symantec, and is now using those to suggest that the patent must be valid. Yet, in its demands to Barracuda, the terms are quite stringent -- clearly designed more to punish the company for doing something so obvious as creating a gateway for antivirus scanning. Furthermore, after threatening letters from Trend Micro, Barracuda did the smart thing and filed for a declaratory judgment in Northern California, rather than letting Trend Micro file in a place like Marshall, Texas. In response, Trend Micro used the increasingly popular loophole that gives them a second way to sue for patent infringement: bringing a claim to the US International Trade Commission, claiming that Barracuda (a US company) was illegally "importing" infringing products. This method has been an effective way for patent holders to get a second shot at attacking companies they accuse of infringement -- and doing so in a "court" that doesn't need to pay attention to Supreme Court rules on what's patentable and what's not. It all adds up to some fairly sleazy moves by Trend Micro, so if you have any prior art to help show that this patent never should have been granted in the first place, send it along.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: open source, patents, security
Companies: barracuda, trend micro
Reader Comments
Subscribe: RSS
View by: Time | Thread
How come...
[ link to this | view in chronology ]
boycot
[ link to this | view in chronology ]
Re: boycott +1
[ link to this | view in chronology ]
just use clam
so, if signatures are your only line of defense, and clam AV is one of the most frequently updated signature databases in the world, why not just skip proprietary AV software and use clam?
there is a client version for windows available here: http://www.clamwin.com
[ link to this | view in chronology ]
ITC and patent law
[ link to this | view in chronology ]
I also use avast! Antivirus. It's great! The update announcement can indeed be turned off. I'm not at home so I can't tell you exactly, but if you have merged the program and database icons into one in the notification area like I have, right click it and choose preferences or options or whatever they call it, I can't remember. There is an option in there to turn off all sounds.
I also highly recommend not using the confusing, default skin (select "minimal" during installation...after installation, there's an option somewhere in the same place to turn it off.) With these three settings and automatic updating, avast! is the least intrusive, simplest, most pleasant free antivirus software there is, in my opinion.
If you need paid antivirus (corporate), let me push NOD32.
[ link to this | view in chronology ]
See if I don't start recommending Kaspersky to my customers instead if they don't get their act together.
[ link to this | view in chronology ]
techshit morons
[ link to this | view in chronology ]
Re: techshit morons
[ link to this | view in chronology ]
Re: techshit morons
Your opinion means next to nothing here, as you've ensured with your attitude and pathetic juvenile insults that no one will take you seriously.
The only fathomable reason for your continued presence on the site is that you enjoy being a troll. In other words, you enjoy being a worthless annoyance.
"idiots, imbeciles, cretins, morons, changelings, half-wits, retards"
As for this sad excuse for an insult, you are merely reinforcing the fact that most of your posts are what would be expected by someone with a mental handicap.
[ link to this | view in chronology ]
Avast sounds
[ link to this | view in chronology ]
Re: Avast sounds
[ link to this | view in chronology ]
Re: Re: Avast sounds
1.Unplug VCR
2.Insert fork in socket
[ link to this | view in chronology ]
Re: Avast sounds
[ link to this | view in chronology ]
I'm not sympathetic to Barracuda
Yes, the entire software patent thing is insane. And this is just the latest example of how broken it is.
But Barracuda itself has behaved very poorly toward not just the open-source community, but the Internet. They may now reap some of what they've sown. Let me explain.
Their products are comprised almost entirely of open-source software: an open-source operating system, an open-source mail server, an open-source web server, an open-source ssh server, an open-source mail content scanner, an open-source virus scanner, and so on. They also make extensive use of open data sources -- in particular, lots of blacklists maintained by other people. What they've done is to slap a (very poor) web-based GUI on it, toss it on commodity hardware, and then sell very overpriced, low-quality support. (See recent comments on slashdot by some of their customers.)
So all the "heavy lifting" in their products, from both a software and a data source sense, is accomplished via work done by (a) the open-source community and (b) the volunteers who run blacklists. Now...as an exercise, go find some contributions back to those communities by Barracuda. Search the source code, the mailing lists, the web sites. Look for financial contributions as well, not just to support development/operation, but to defend those resources from DoS and legal attacks by spammers.
But that's not the biggest problem. The biggest problem is that Barracuda is still, years after they were not only informed of the problem but provided a simple fix for it, shipping products that make the spam problem worse. Use your favorite engine to search for "barracuda backscatter" and read what you find. This is already a large problem and it's still growing. A few recently-seen spam-sending Barracudas: barracuda.park1.k12.wy.us, barracuda.burdick.com, barracuda.patrickdelaney.net, barracuda.xxlmark etingdesign.com, barracuda.netlinkny.com. Many more -- MANY more -- may be found at www.backscatterers.com and www.backscatterer.org. Barracuda, to this day, refuses to fix this problem and as a result, is getting many of its own customers blacklisted for spamming.
As far as I can tell, they don't care. They don't care that their products send spam, they don't care that their customers get blacklisted, all they care about is making money. Because if they did...then they would have fixed this problem the same day they were made aware of it and it wouldn't still be an irritant years later.
[ link to this | view in chronology ]
Re: I'm not sympathetic to Barracuda
The simple fix for the backscatter problem is for the owner of the box to turn it off. It is a two second check box. Barracuda has white papers on it, they have it in their instructions, they have stickies in all their support forums. I should know, I wrote the post that is used as the sticky.
There is no backscatter problem from the Cuda unless the owner of the unit misconfigured it.
However, I would like to hear the details of your 'simple fix' that they are not using. Because real time bays analysis is not 'simple'.
[ link to this | view in chronology ]
Army dropped Trend
[ link to this | view in chronology ]
Event horizon approaching
[ link to this | view in chronology ]
Re: I'm not sympathetic to Barracuda
Two points.
First, I know about the check box. The fix isn't to recommend that customers use that to turn off backscatter; the fix is to remove the check box entirely so that it CAN'T be turned on. Ever. It's clearly irresponsible for Barracuda to continue to insist on including a "feature" whose only use is to send spam. But they have...which is why the number of spam-sending Barracudas is now measured in "thousands".
Second, turning off that check does not stop all backscatter under all circumstances. Yep, I told them, sent 'em the logs/tcpdump. Years ago. Never heard a peep about it.
[ link to this | view in chronology ]
barracuda`s are my favret an
[ link to this | view in chronology ]