BOL 1030: SSL is SOL

Black Hat this week means lots of security vulnerabilities in the news, including the fact that Secure Sockets Layer is now just Sockets Layer thanks to an exploit discovered by Kaminsky and friends. We also decide that you can't fix stupid. Too bad. I wish we could.

Listen now: Download today's podcast

EPISODE 1030

Apple at CES 2010 says WSJ – Engadget says otherwise.
http://news.cnet.com/8301-13579_3-10299417-37.html
http://www.engadget.com/2009/07/30/wsj-apple-going-to-ces-2010-reality-nope/

Apple says jailbreaking is a national security issue
http://news.cnet.com/8301-17938_105-10298646-1.html

Details on presidential motorcades, safe house for First Family, leak via P2P
http://www.computerworld.com/s/article/9136053/Details_on_presidential_motorcades_safe_house_for_First_Family_leak_via_P2P

Researchers exploit flaws in SSL, domain authentication system
http://news.cnet.com/8301-27080_3-10299459-245.html

Intel motherboards suffer Bios flaws
http://news.zdnet.co.uk/security/0,1000000189,39698949,00.htm

Re-engineering GPS for navigation on phones
http://news.cnet.com/8301-1035_3-10298696-94.html

Windows Mobile becomes Windows Phone
http://www.theinquirer.net/inquirer/news/1495570/windows-mobile-windows-phone

Nissan introduces new smart in-car nav system
http://social.telematicsupdate.com/content/nissans-new-nav-system-focuses-safer-greener-driving

EMI selling CDs to megachains only from now on
http://slashdot.org/story/09/07/30/0117222/EMI-Only-Selling-CDs-To-Mega-Chains-From-Now-On

VOICE MAIL
Garrick the graphic designer on enhanced albums on iTunes

E-MAIL
Please keep me anonymous for various reasons

PATENT PARTS – there are two major parts of a patent, the
specification and the claims

PATENT SPECIFICATION – the specification describes how to build the
invention, it is essentially the blueprints. Think of this as the part
for engineers to read.

PATENT CLAIMS – the claims section describes what you are stating are
the original elements you want to claim ownership of. It is like the
property boundaries — “everything described by these claims are
mine”. Think of this as the part for lawyers to read.

CONTINUING PATENT – If you have filed a patent, but the patent office
has not signed off on it yet, you can file a continuing patent, which
is basically additional claims. It cannot change the patent
specification part. Its like you are saying, “Hey, we realized our
invention does some additional things we want to claim ownership of.”
Because you are *not* changing the specification part, you get the
original patent’s critical date.

CRITICAL DATE – If you file a patent today, 29 July 2009, you can
claim a critical date of up to a year earlier. For example, you can
claim a critical date of 29 July 2008. This means that if some
software shipped not quite a year ago (say 1 Aug 2008) it *cannot* be
used as prior art to invalidate the patent. Prior art must occur
before the critical date.

So look at the filing date of the patent, and then only consider art
that is at least a year older than the filing date.

**********

RE: Episode 1029, VoloMedia awarded the “Patent for Podcasting”

While I know it isn't popular to accuse Microsoft of innovating... I remember using an application a long time ago called "Sync & Go" on my Pocket PC (a Dell Axim). According to the site: http://www.wmplugins.com/ItemDetail.aspx?ItemID=177 - the 'last update' of this application was January of 2003 - well before VoloMedia applied for the patent application in November, 2003.

What Sync & Go did was to allow you to download audio and video content from partners including NPR and MSNBC. While mainly news-related, the concept was exactly the same as today's PodCasting. You would subscribe to a particular content provider's topic (e.g., "breaking news," or "business news"), and when you sync'd your PocketPC using ActiveSync, it would delete old episodes from your device, fetch the new episodes from the internet, and download them to your device. Then, on your commute (or wherever), you could play these audio and video files on your device. Of course, who on earth would ever want to play audio and video on a PDA? That was such a dumb idea...

I am glad to see that a standards-based system evolved for the distribution of episodic content, as any proprietary system will have inherent limits. It would be a shame if VoloMedia were to be successful in this patent enforcement, as this would force the industry back into the realm of proprietary episodic distribution channels...

Love the show,

/John in Fairfax

**********

So has anyone else seen people — perfectly sighted people, mind you — using canes like those used by the sight impaired so they can safely walk down the street while texting or reading their PDAs? Because I’ve seen it on three different occasions over the past year on my daily walk to work here in NYC.

It’s either ridiculously offensive or incredibly brilliant — possibly both.

–Keith, New York

**********

Whats so bad about fiber to the Node? My effective connection is 22mbps on the ATT fiber to the node, 10mb for TV, 12mbps for Internet (which could be upgraded to 18mbps) The speed is awesome, I’ve never experienced any sort of slowness during peak hours or any other time (I can’t say the same for their wondefully feacher-less DVR service, but thats another rant) I don’t quite get why people say “Oh, well thats only fiber to the node, not fiber to the home.” with such derision. There really is as far as I can tell no noticable difference between the two.

Jim M. of Lakewood, OH. on the North Coast of the US.