There’s a bit of commotion with a new patent request by Apple over on Slashdot today. The claim is that Apple is creating a new patent to stop jailbreaking.
About a month ago, we reported that a review of the DMCA put forth the possibility of jailbreaking ones phone without breaking anti-circumvention laws (though this is under a set of specific circumstances). A court also ruled that the act of circumvention in and of itself does not constitute infringement.
It was a very interesting development and it’s what made a recent report on Slashdot interesting as well. The posting suggested that Apple is trying to patent (through the “Systems And Methods for Identifying Unauthorized Users of An Electronic Device” patent) the ability to remotely disable jailbroken phones. Unfortunately, that wasn’t really true going through both links in the report. First was the link to the patent application where the only mention of a jailbroken phone was way to tell if a phone was stolen. There doesn’t appear to be anything about Apple disabling jailbroken iPhones, but it does discuss what Apple wants to do with phones that have been stolen and used by “unauthorized” users. We looked at the other article, the Arstechnica article, and nothing in the article says that Apple is trying to patent the ability to disable jailbroken phones. The patent was filed February 19, 2009.
All this doesn’t make the patent uninteresting though. Here’s the first statement of claim:
1 . A method for identifying an unauthorized user of an electronic device, the method comprising: determining that a current user of the electronic device is an unauthorized user; gathering information related to the unauthorized user’s operation of the electronic device in response to determining, wherein the unauthorized user’s operation comprises operations not related to the authentication; and transmitting an alert notification to a responsible party in response to gathering.
This was an interesting claim and they had these claims associated with it:
5 . The method of claim 1, wherein gathering further comprises gathering one or more of screenshots, keylogs, communications packets served to the electronic device, and information related to a host device coupled to the electronic device.
6 . The method of claim 1, wherein the alert notification comprises a general message indicating that an unauthorized user has been detected.
7 . The method of claim 1, wherein the alert notification comprises at least a portion of the gathered information.
8 . The method of claim 1, further comprising: gathering information related to the identity of the unauthorized user in response to determining; and gathering information related to the location of the electronic device in response to determining.
Since the date it was filed on is important, February of 2009, anything we find prior to this date is critical to putting this patent into question.
So with a little research, we’ve come across an article from 2005 on Forbes which appears to detail idea’s, at least, similar to what is being described in the above claims. Remember, the critical point in the patent is that it’s all about detecting an unauthorized user of an “electronic device”. It’s not specifically about protecting a phone as both Slashdot and Ars Technica suggests although, yes, it would include something like a cell phone.
The Forbes article discusses LoJack for laptops. You don’t have to finish reading the first paragraph to discover that this software was meant to stop laptop theft. A laptop is as much of a digital device as an iPhone in my books.
Claim 5 of the patent mentions information packets – hinting towards the data stream going from device to device. What is included in that data stream? An IP address. You can read this paragraph from the review and play “Spot the Similarities”:
Within seconds, Absolute can use one of three ways to determine where the wayward computer has gone. If it’s a dial-up modem, it can tell what phone number the computer is using to get online, and trace the address. If it’s broadband, it can track the IP address and then, with cooperation from the Internet Service Provider, locate the street address where the IP is installed. And then there’s a third way that even John Livingston, Absolute’s chairman and CEO won’t tell us about.
Moving along to claim 6, the claim suggests that an alert is created when an unauthorized user has been detected on that device. For that, we go to the previous paragraph in the review:
It works like a charm, as soon as the bandits use your stolen laptop to go online. By the way, all the time your computer’s been sitting in your office or den, it has been regularly checking in with its master in Vancouver. If the computer gets into the wrong hands and is reported stolen, Absolute’s recovery team will see that status pop up on their screen.
Sounds like LoJack is creating a notification as well.
Claim 7 says that parts of the information is used to track the device down. Claim 8 suggests that the information would also be used to identify the location of the stolen device and the unauthorized user. That sounds like something insinuated two paragraphs down in the review:
Once the computer’s been located, the recovery team–all ex-cops, by the way, most of them from the Vancouver police–call local law enforcement and tell them where they can find the purloined device
We don’t claim to be experts in the US patent system, but as far as we know, if there is prior art to a patent being filed, it puts the validity of the patent in jeopardy. With that bit of knowledge, it’s not looking good for the patent.
We’ll skip ahead to claim 11 since there’s some interesting claims related to it:
11 . An electronic device operable to detect an unauthorized user of an electronic device, the electronic device comprising: a processor operable to: receive an input from a current user of the electronic device; determine the input is not associated with an authorized user of the electronic device; and record usage information of the electronic device in response to determining; and communications circuitry operable to transmit the usage information to a remote device.
Then we have this claim:
15 . The electronic device of claim 11, further comprising: a camera operable to take a photograph of the vicinity of the electronic device; and positioning circuitry operable to determine current location information of the electronic device; and wherein the processor is further operable to: geotag the photograph by associating the photograph with the current location information.
That sounds very similar to, say, a webcam taking pictures remotely. So there’s this article dated August 24, 2008. It describes a piece of anti-theft software – open source no less – called Adeona. In that article has the following paragraph:
To track your stolen property, you can do a number of things; you can track the IP addresses and/or the Wi-Fi network name and geo-coordinates to track the general area the device is in, or your laptop can even snap a photo using its webcam (if so equipped) to snap a photo every 30 seconds to show you exactly who’s using it. The overall idea is very similar to the competition, with the only real difference being that you’re the only one seeing any of your information.
This not only further compromises claim 8, but also compromises claim 15 of the patent. This particular paragraph is nice because further down the patent is another set of claims that appear to be compromised:
17 . A system comprising: an electronic device comprising; an input device operable to receive a password provided by a user; a camera operable to take a photograph of the user; a processor operable to: determine that a predetermined number of incorrect passwords have been successively received; direct the camera to take a photograph of the user; and generate an alert notification in response to the processor determining, wherein the alert notification comprises information related to the identity of the user and the photograph of the user; and communications circuitry operable to transmit the alert notification to a remote device.
18 . The system of claim 17, wherein: the camera is operable to take a plurality of photographs of the surroundings of the electronic device; and wherein the processor is further operable to: analyze each of the plurality of photographs to identify distinguishing landmarks in the photographs; and determine the location of each photograph based on the identified distinguishing landmarks.
So claim 17 and 18 is also compromised due to prior art. This patent has 21 claims and, with a little research, we’ve been able to shoot down 9 of those claims – most of them being core aspects of the patent. Without those 9 claims, there’s not a whole heck of a lot left in the patent.
Personally, I think this is another example of why there shouldn’t be broad software patents. If all of these claims were to go through, how can other software and hardware developers protect their own customers legally? If other companies want to develop anti-theft technology for their devices, they should freely be able to do so as long as it is with the consent of a fully aware customer and user.
The scary thing is that Techdirt notes that the US Patent Office is approving more and more patents in an effort to get through a backlog more than focusing on quality control of who should and shouldn’t get patents.
I’m not sure this is really going to end well, but in the mean time, maybe I should go breathing or something – you know, to get a slice of the insanity.