BOL 1030: SSL is SOL

Black Hat this week means lots of security vulnerabilities in the news, including the fact that SSL is now just SL thanks to an exploit discovered by Kaminsky and friends. We also decide that you can't fix stupid. Too bad. I wish we could.

Tom Merritt Former CNET executive editor
4 min read

Black Hat this week means lots of security vulnerabilities in the news, including the fact that Secure Sockets Layer is now just Sockets Layer thanks to an exploit discovered by Kaminsky and friends. We also decide that you can't fix stupid. Too bad. I wish we could.

Watch this: BOL 1030: SSL is SOL


Subscribe with iTunes (audio)
Subscribe with iTunes (video)
Subscribe with RSS (audio)
Subscribe with RSS (video)


Apple at CES 2010 says WSJ – Engadget says otherwise.

Apple says jailbreaking is a national security issue

Details on presidential motorcades, safe house for First Family, leak via P2P

Researchers exploit flaws in SSL, domain authentication system

Intel motherboards suffer Bios flaws

Re-engineering GPS for navigation on phones

Windows Mobile becomes Windows Phone

Nissan introduces new smart in-car nav system

EMI selling CDs to megachains only from now on

Garrick the graphic designer on enhanced albums on iTunes

Please keep me anonymous for various reasons :)

PATENT PARTS – there are two major parts of a patent, the
specification and the claims

PATENT SPECIFICATION – the specification describes how to build the
invention, it is essentially the blueprints. Think of this as the part
for engineers to read.

PATENT CLAIMS – the claims section describes what you are stating are
the original elements you want to claim ownership of. It is like the
property boundaries — “everything described by these claims are
mine”. Think of this as the part for lawyers to read.

CONTINUING PATENT – If you have filed a patent, but the patent office
has not signed off on it yet, you can file a continuing patent, which
is basically additional claims. It cannot change the patent
specification part. Its like you are saying, “Hey, we realized our
invention does some additional things we want to claim ownership of.”
Because you are *not* changing the specification part, you get the
original patent’s critical date.

CRITICAL DATE – If you file a patent today, 29 July 2009, you can
claim a critical date of up to a year earlier. For example, you can
claim a critical date of 29 July 2008. This means that if some
software shipped not quite a year ago (say 1 Aug 2008) it *cannot* be
used as prior art to invalidate the patent. Prior art must occur
before the critical date.

So look at the filing date of the patent, and then only consider art
that is at least a year older than the filing date.


RE: Episode 1029, VoloMedia awarded the “Patent for Podcasting”

While I know it isn't popular to accuse Microsoft of innovating... I remember using an application a long time ago called "Sync & Go" on my Pocket PC (a Dell Axim). According to the site: http://www.wmplugins.com/ItemDetail.aspx?ItemID=177 - the 'last update' of this application was January of 2003 - well before VoloMedia applied for the patent application in November, 2003.

What Sync & Go did was to allow you to download audio and video content from partners including NPR and MSNBC. While mainly news-related, the concept was exactly the same as today's PodCasting. You would subscribe to a particular content provider's topic (e.g., "breaking news," or "business news"), and when you sync'd your PocketPC using ActiveSync, it would delete old episodes from your device, fetch the new episodes from the internet, and download them to your device. Then, on your commute (or wherever), you could play these audio and video files on your device. Of course, who on earth would ever want to play audio and video on a PDA? That was such a dumb idea...

I am glad to see that a standards-based system evolved for the distribution of episodic content, as any proprietary system will have inherent limits. It would be a shame if VoloMedia were to be successful in this patent enforcement, as this would force the industry back into the realm of proprietary episodic distribution channels...

Love the show,

/John in Fairfax


So has anyone else seen people — perfectly sighted people, mind you — using canes like those used by the sight impaired so they can safely walk down the street while texting or reading their PDAs? Because I’ve seen it on three different occasions over the past year on my daily walk to work here in NYC.

It’s either ridiculously offensive or incredibly brilliant — possibly both.

–Keith, New York


Whats so bad about fiber to the Node? My effective connection is 22mbps on the ATT fiber to the node, 10mb for TV, 12mbps for Internet (which could be upgraded to 18mbps) The speed is awesome, I’ve never experienced any sort of slowness during peak hours or any other time (I can’t say the same for their wondefully feacher-less DVR service, but thats another rant) I don’t quite get why people say “Oh, well thats only fiber to the node, not fiber to the home.” with such derision. There really is as far as I can tell no noticable difference between the two.

Jim M. of Lakewood, OH. on the North Coast of the US.