Patent threatening how websites protect users

I just found this article on Ars Technica about a patent troll, TQP, that threatens the very way encrptions occur on the internet. In fact, this patent based on the single picture, is extremely dangerous. The article claims that the company has sued hundreds of companies, including 100 in the past 12 months. This type of behavior needs to stop. Effectively this patent could be used against any website that uses even the most generic encryption method. The patent is based on a pretty generic frame work and likely is significantly overly broad.

Historically, I’ve had serious issues with many software patents especially when it comes to web services. This one looks incredibly bad and hasn’t made it to any sort of trial yet. One of my problems with this patent is the fact that it uses a very generic “encryptor/decryptor” block, which as long as there’s a counter and psuedorandom number generator involved in the method to use it, could be impacted. This seems like a rather logical method for transmitting and setting the encryption key.

I personally think that anything that targets a user ability to protect their data is the worst of the worst. In the world we live in today, exploiting something that was likely given to the general community without a second thought then a method to “apply” it, is wrong, because it was given to the general public to ensure our data was protected.

That’s one of the most beautiful things about the open source movement. These technologies which can benefit users in many levels, business, personal, government and the interface between the three, are developed because they solve a problem for that community. In many cases these technologies are created by businesses, but by license mandate are required to be given to the community for free. Should this be considered a waste of money by the company creating it? Should they be able to make money off of it? No and Yes. Here’s how they can make money off of the technology they give to the community: use it to provide secure services to your customers. If the customers are using a platform that you don’t own, ensuring that they are able to access their information they are giving to you is in your best interest.

This is one of the reasons we need to support the EFF initiative to modify software patents. Check that out here: