|
|
Subscribe / Log in / New account

LWN.net Weekly Edition for July 15, 2004

Oracle's CMS patent

Patent 6,745,238, assigned to Oracle, is entitled "self service system for web site publishing." The abstract for this patent makes it clear that its scope is broad:

The web site system permits a site administrator to construct the overall structure, design and style of the web site. This allows for a comprehensive design as well as a common look and feel for the web site. The web site system permits content for the web site to originate from multiple content contributors. The publication of content is controlled by content owners. This permits assignment of content control to those persons familiar with the content.

The patent application ws filed in March, 2000; it was granted on June 1 of this year. Offhand, it would appear that Oracle has patented the content management system. Such systems form the core of many thousands of web sites, so the potential impact of this patent is large. It is worth a deeper look.

The "claims" section of the patent is even more impenetrable than usual:

A method for displaying content, comprising: receiving input that defines a set of perspectives, wherein each perspective in the set of perspectives is a cross category grouping of one or more content items, and wherein said one or more content items is in a plurality of content items; storing, in a database, the plurality of content items, wherein each of the plurality of content items belongs to one or more categories; receiving user input that associates subsets of said set of perspectives with each of said plurality of content items; and in response to a request to display a web page that contains one of said plurality of content items, displaying on said web page a selectable control for each perspective in the subset of said set of perspectives that is associated with said one of said plurality of content items.

Translated into English, this claim would appear to be describing a database-backed web site which allows the display of articles with category metadata and comments attached. Further claims add search capabilities, a form interface, etc. All pretty standard stuff.

The "description" section is more readable, fortunately. It sets the stage with a summary of the Bad Old Days, when anybody who wanted to put content on the web had to hand it over to a site administrator who knew the right incantations. The administrator becomes a bottleneck which slows the process of getting content onto the net. Thus, says the patent:

Accordingly, it is desirable to generate a web site creation and maintenance tool that permits non-technical people to publish content on a web site. It is also desirable to generate a web site creation and maintenance tool that apportions responsibility for web site creation and maintenance task to the most appropriate individuals.

One wonders why nobody else ever noticed this problem. But it seems that nobody did:

In the prior art, content contributors must go through the information technology department in order to publish content. This prior art methodology places content publication and maintenance on a single source. In contrast, the web site paradigm of the present invention provides for distributed control by, allowing the folder owners ... to control content for a portion of the web site.

As an added bonus, Oracle's "invention" throws in web-based administration of the site, a "quick picks" navigation bar for the most-used content, a news box, etc.

This patent clearly covers no end of free content management systems - and numerous proprietary offerings as well. There is no way that this particular patent could have been filed for in good faith; 2000, remember, was the end of the dotcom boom and content management systems were not exactly hard to find. The authors knew they were patenting widely-used technology which had been invented elsewhere. Oracle, after all, has not made its name through innovation in the web publishing arena.

If Oracle were to attempt to enforce this patent, it could create trouble for anybody producing or using an allegedly infringing system: Linux distributors, web publishers, proprietary software houses, etc. With a determined effort, this patent could almost certainly be invalidated. But if you are a small publisher facing demands from Oracle's fearsome lawyers, invalidating the patent will look like a distant, difficult, and risky goal. For the time being, the threat seems low; Oracle seems more interested in acquisitions than patent shakedowns and litigation. In the future, however, when Oracle's core business has been gutted by free database management systems, the company might just take a new interest in enforcing its "valuable intellectual property."

Comments (12 posted)

DMCA fun from StorageTek

July 14, 2004

This article was contributed by Joe 'Zonker' Brockmeier.

The latest effort to use the Digital Millennium Copyright Act (DMCA) as an obstacle to competition is courtesy of StorageTek. StorageTek, a company that sells a number of storage devices and data management software, is suing Custom Hardware Engineering & Consulting (CHE Consulting) for circumventing its GetKey algorithm to gain access to StorageTek tape library maintenance codes. So far, so good for StorageTek, which has received an injunction (PDF of the decision and the injunction) against CHE Consulting, essentially preventing the company from doing any maintenance on StorageTek tape libraries that requires access to the libraries' event messages. For the moment, an appeals court has put a stay on the injunction, but that stay could be withdrawn at any time.

Reading through the decision issued by U.S. District Judge Rya Zobel, it seems clear that Zobel has been firmly convinced of StorageTek's case. From page 10 of the decision:

The balance of harm to plaintiff from the denial of the injunction against that to defendant from the grant thereof tilts heavily to plantiff, given its financial losses and damage to customer relations from defendants' deliberate and calculated misconduct and theft.

It seems that StorageTek has managed to convince Zobel that CHE Consulting has violated the DMCA by going around the GetKey algorithm and that CHE has misappropriated StorageTek's trade secrets by gaining access to event messages on StorageTek equipment.

CHE Consulting argued that Section 117 of the Copyright Act was designed to allow third-parties to perform maintenance or repair, but that did not convince Zobel.

Defendants copy the Code by turning on the machine; however, they do so not just for repair, but also for the express purpose of circumventing plaintiff's security measures, modifying the Maintenance Level, and intercepting plaintiff's Event Messages.

What Zobel overlooks, of course, is that the only purpose to intercept the event messages is to allow CHE Consulting to perform maintenance on the equipment in question -- exactly what Section 117 of the Copyright Act was intended to allow. There is no benefit to CHE aside from being able to perform maintenance.

In order to get additional background and both sides of the story, we spoke to StorageTek spokesperson Joe Fuentes and CHE Consulting's president, David York. According to York, this case has actually been going on for some time. He noted that CHE Consulting had purchased software to access the error codes from 1997 through the first quarter of 2001, when StorageTek sent a letter to CHE Consulting alleging that the company was infringing on StorageTek's intellectual property rights. York said that CHE Consulting provided documentation that they were buying the software and then they didn't hear from StorageTek again until October of 2002 when the suit was filed. He also noted that StorageTek stopped selling the maintenance code to CHE Consulting in 2001.

When we spoke to Fuentes about the case, he was largely unable to answer most of our questions, as he said that he was not technical enough to respond to questions about the nature of the diagnostic tools and what would be required for a third-party maintenance provider to work on a StorageTek tape library without access to the maintenance code. Fuentes was also unable to provide access to a StorageTek spokesperson or employee who was knowledgeable enough about the case or the equipment to provide answers to our questions.

Fuentes did provide a statement about the case:

We believe that CHE was using our intellectual property without permission. Our job is to defend that intellectual property. I can't get any more specific than that... I think what the court is saying kind of confirms the value of our exclusive maintenance microcode. It's a competitive business, and we use our developed codes to provide superior services to enterprises.

We also asked Fuentes how StorageTek's customers would benefit from this action. According to Fuentes, "we value our relationships with our customers and want to make sure they get the best possible service. I have to stop there". While talking about StorageTek's services group, Fuentes also noted that the company serviced equipment produced by EMC, HP and other providers. Fuentes could not answer whether or not StorageTek used event messages generated by other manufacturers' equipment when providing service.

Fuentes also said that StorageTek's position was that third-parties could provide service for the equipment if they "invest and develop their own diagnostic tools to work on our equipment".

We asked York if it were possible for a third-party vendor to develop their own diagnostic tools. According to York, CHE Consulting has done so:

We've been providing this [service for StorageTek equipment] for seven years, all we're accessing is their data. We're not accessing anything that could be deemed to be actual diagnostics, we have developed our own exercise routines [for the equipment] on our own... we're talking about error data, data from the physical device. The error data is what they're claiming to own a copyright on.

We then asked York if it were possible for a third-party vendor to develop tools, as Fuentes suggested, that would allow them to generate their own codes. "Is it technically possible? We could debate that for a long time". When asked if it were reasonable to suggest that a vendor should develop that functionality on their own, he was more firm. "No, it is not".

We are still in litigation and we are feeling this decision. CHE has worked hard, its team members have worked hard. We believe we have a right to compete, we believe we have a right to exist, and we don't believe we have infringed upon anybody's rights here. We believe we're just some hard-working people. Based upon the fact that we're using the software with the customer's permission as it was designed is mind-boggling to me.

Zobel decided that "defendants' conduct has caused it [StorageTek] irreparable harm". However, Zobel doesn't seem inclined to consider the effects of the ruling on CHE Consulting. If StorageTek is successful in preventing CHE Consulting from maintaining their equipment, it is likely to be fairly catastrophic for CHE. York estimated that about half of their business consists of maintaining equipment that is now essentially off-limits to their company, unless they are successful in fighting the case. York says that CHE Consulting has filed a request for an appeal and stay of the order as of Monday, July 12.

We also asked York whether he was concerned about other vendors using the DMCA to prevent third parties from servicing their equipment:

I'm certainly concerned, but I can't say what another company might do. We service IBM equipment, even though we're partnered with them. For us to be able to provide service, IBM sells diagnostic code, manuals, parts... having said that, IBM, it appears, welcomes competition. If there is competition, IBM makes the most of it by saying, "Okay, we can sell some things, we win, independent organization wins, and most of all the customer wins."

Meanwhile, StorageTek's customers lose, and so does CHE. There would be little incentive for CHE to access event codes if some of StorageTek's customers had not decided that they wanted to have their equipment serviced by another organization.

StorageTek is not the first company to attempt to use the DMCA to lock competitors out of their business, nor are they likely to be the last. Until such a time as the DMCA is reformed, we will continue to see this sort of case. As this case illustrates, it's simply not enough to count on the courts to prevent abuse of the DMCA, nor is it enough to depend on the goodwill of corporations to protect the rights of their customers or act in their best interests.

Comments (8 posted)

SCO update

There has been some movement in a few of SCO's legal cases, so it's time for an update.

Our last episode in the Novell case ended with Judge Kimball dismissing SCO's suit because SCO did not make a claim of actual specific damages. SCO was given 30 days to refile the suit with that little oversight taken care of. SCO's new filing is available in PDF format; it's not clear that the company will get much further this time.

The specific damages alleged include:

  • Companies are refusing to buy licenses from SCO at this time because it's not clear that SCO owns what it claims to be licensing.

  • Novell's claims are being cited in various other SCO cases, making it harder for SCO to carry out its legal shakedowns.

That is about it. This discussion may be enough to keep the suit alive for now; it depends on what the judge thinks. Said judge, who, in his previous ruling, said that there was considerable uncertainty in just what the asset purchase agreement transfered, may not be amused by the repeated reference to the "clear and unambiguous terms" that are alleged to have transferred the copyrights to SCO.

The AutoZone case has been put on hold, pending the outcome of the IBM and Novell cases. AutoZone successfully argued that, until the issues in those other cases are decided, there is no point in going forward. This decision makes AutoZone's attempt to move the case to Tennessee moot for now; that motion may be reconsidered at a later time.

SCO was given the opportunity to move for a preliminary injunction, however, if it can show "irreparable" harm which could be mitigated that way. It remains to be seen whether SCO will avail itself of this opportunity. In the mean time, SCO's one attempt to shake down an actual Linux user is stalled. Though, as described in this Groklaw article, the case SCO presented in Nevada centers around its OpenServer libraries, and has little to do with Linux.

In the IBM case, things are heading toward the crucial August 4 hearing on IBM's motion for a partial summary judgment that its Linux activities do not infringe on SCO's copyrights. IBM's position is, essentially, that (1) SCO has certified that its response to IBM's discovery questions regarding allegedly infringing code is complete, and (2) that response contains no examples of infringing code. Thus, IBM says, there are no disputed questions of fact and the judgment can be rendered. Or, alternatively, if SCO now comes forward with some sort of evidence, it should be sanctioned for failing to comply with discovery while falsely certifying that its response was complete.

SCO fears this hearing, even though it has never claimed (in court) that IBM has engaged in direct copyright infringement through its contributions to Linux. An IBM victory would make it impossible for SCO to make such claims in the future, and would go a long way toward establishing the cleanness of Linux in general. So SCO has moved for a dismissal of IBM's motion, or, at the minimum, yet another delay.

SCO's motion has been accompanied by a massive tome of a memorandum in support (available in PDF format); the company had to ask for special permission to submit a memo of this length. With all those words, SCO tries to establish that it didn't really certify that its discovery response was complete, that it needs more time to dig through more of IBM's code (and IBM has been stonewalling), that it has not alleged copyright infringement resulting from IBM's Linux activities, and so on.

There are also a few "examples" of copyright infringement included; these include the ELF code, read-copy-update (which SCO, it seems, now claims directly), the header files, etc. Here's one new example:

The Linux kernel, for example, uses a ULS [user-level synchronization] routine to block and unblock access to shared data. The Linux ULS routine is substantially similar to a ULS routine in UNIX. A Mr. Russel [sic] of IBM helped a Mr. Jamie Lokier contribute the UNIX ULS code into Linux. If SCO had access to IBM's CMVC, then SCO might have discovered that Mr. Russel worked on ULS for IBM, and could have deposed Mr. Russel to determine what specific help he provided in the contribution of ULS to Linux and to whom he provided that help.

SCO is talking about the FUTEX code, which was refined and fed into the kernel by Rusty Russell. It is highly unlikely that Rusty has been anywhere near the AIX code. In any case, the FUTEX code was developed in a very public mode over several months; every step in the process was posted to and discussed on the linux-kernel list. If SCO wishes to press a claim to any piece of the FUTEX code, it should have no trouble pointing out exactly which code and saying when, and by whom, it was contributed.

SCO has also filed a renewed motion to compel discovery, claiming that IBM has not lived up to its obligations. SCO is requesting full access to IBM's revision control system. The company is also trying harder to turn up a "smoking gun" email from one of IBM's executives; the motion memo claims that IBM is being dishonest when it says that these messages do not exist.

The Red Hat case, remember, is currently on hold. The judge in that case had ordered both parties to file a letter every 90 days describing how things are progressing. The first set of letters is now available.

SCO's letter seems motivated by fear of an unfriendly ruling in the IBM case. The company is now backpedaling somewhat on its claims that the IBM case covers "most, if not all" of the copyright issues brought up by Red Hat.

At the same time, since September 2003, SCO has obviously had the opportunity to conduct further investigation of improper contributions to Linux by parties other than IBM. Through that investigation, SCO has discovered significant instances of line-for-line and "substantially similar" copying of code from Unix System V into Linux. That non-IBM conduct is conduct that SCO's complaint in Utah -- by its express terms -- does not challenge or encompass.

SCO has found itself in a bit of a difficult position here. If the IBM case addresses all of the copyright issues, and IBM wins its summary judgment, then the outcome of the Red Hat case (which Red Hat filed to establish its claim that its Linux distributions do not infringe on SCO's copyrights) is clear. If, instead, the IBM case is not so all-encompassing after all, the Red Hat case may be taken off hold and moved forward - and that is not something that SCO wants.

Red Hat's letter responds directly to SCO's, and does not mince words.

SCO's June 17 effort to explain away the numerous inconsistent statements it has made to this Court and to other federal courts around the country again make plain SCO's litigation strategy. SCO's ultimate objective is to delay for as long as possible resolution of the copyright claims that are at the heart of each of the pending lawsuits. By avoiding final adjudication of its copyright claims, SCO can continue to foster fear, uncertainty, and doubt in the marketplace about the long-term viability of Linux.

Red Hat points out that SCO wants the AutoZone case to go forward. If, says Red Hat, the AutoZone case presents sufficiently interesting issues that it should be heard now, Red Hat's case should go forward as well. Whether the judge agrees remains to be seen; given the history of this case, the likelihood of any near-term movement is small.

Finally, for those of you who have not had enough SCO fun, remember that SCO Forum 2004 is happening in Las Vegas, starting on August 1. This will be your chance to attend no end of fascinating sessions, including a keynote speech by "analyst" Rob Enderle. Don't you wish you could be there?

Comments (3 posted)

Page editor: Jonathan Corbet

Inside this week's LWN.net Weekly Edition

  • Security: Mozilla and security; New vulnerabilities in ethereal, moinmoin, PHP, and wv.
  • Kernel: NULL v. Zero; Latency problems in 2.6; RCU-safe reference counting.
  • Distributions: Distribution list update; FC3T1; Vidalinux
  • Development: p0f, the Passive OS Fingerprinter, Firefox roadmap, Schemer's Gazette, new versions of Glom, Knoda, dosemu, logcheck, mnoGoSearch, XFce, SQL-Ledger, Bakery, pygtk, Gaim-RSS-Reader, Planner, KOffice, Epiphany, LTK, DrPython, Bugzilla.
  • Press: Can LSB keep penguin from mutating?, Running free with Linux wireless, Australian guide to open-source, Electronics design moves to Linux, numbering in OOo Writer, Open source usability.
  • Announcements: UK Linux event merger, Mandrakesoft migrating 1500 French servers, Java/Bluetooth Developer Kit, UKUUG Linux 2004, 2nd Swiss Unix Conf.
Next page: Security>>

Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds