Microsoft Patents Sudo?!!

GrokLaw ^ | 11/11/2009 | PJ

[pikachu]

Micro$oft would not go through the time and expense with the patent process on something already invented if it did not think they could charge screw somebody at a later date.

[pvoce]

Extend, Embrace, Envelope.

If you cant beat them, own them.

[taxcontrol]

Sorry, your analysis is incorrect. What MS patented is NOT sudo. What they did patent is something that sudo does not do, namely, when an attempt to access an application fails, it presents a list of people who ARE authorized to execute the action.

Reading patents is very tricky and the focus has to be on the claims section and read with an mind toward lawyer speak.

[Swordmaker]

Software Patent Insanity PING!

Apple has been doing since 2001 exactly what Microsoft applied for a patent for in 2005 and received in 2009... and UNIX users have been doing it for 30 years...

Software Patent insanity Ping!

If you want on or off the Mac Ping List, Freepmail me.

[Swordmaker]

Reading patents is very tricky and the focus has to be on the claims section and read with an mind toward lawyer speak.

I just read the patent. It's not new.

[Villiany_Inc]

Could someone translate all this into common English?
What does this mean to me?
What the hell is "sudo"?

[databoss]

envelope? gonna mail that patent to someone?

[ConservativeMind]

Because neither the article, nor the poster, mentions what the heck “sudo” is, this might be helpful:

“The sudo command is a program for some Unix and Unix-like computer operating systems that allows users to run programs with the security privileges of another user (normally the superuser, a.k.a. root).”

http://en.wikipedia.org/wiki/Sudo

[rdb3]

Wow. Just wow.

[D Rider]

That will teach those nixsters once and for all! /s

[Swordmaker]

Sorry, your analysis is incorrect. What MS patented is NOT sudo. What they did patent is something that sudo does not do, namely, when an attempt to access an application fails, it presents a list of people who ARE authorized to execute the action.

I see what you are getting at... but if that is what it is, it appears to me to be a method to compromise computer security more easily. It would not be something I think would be a good thing.

[Swordmaker]

What the hell is "sudo"?

Sudo is short for "Super User Do," a command to execute a command which is restricted with privileges normally reserved for high level administrators of the computer. For example, formating the hard drive would be a restricted level command... but SUDO Format C: (simplisticly) would allow a restricted user to execute that command.

[taxcontrol]

To the extent that it notifies the potential hacker of which accounts they CAN use to gain access, you are correct. But security is always a balance. The trade of being that if you really do need access, it provides you the person to go to and get permission.

[DrDavid]

What they did patent is something that sudo does not do, namely, when an attempt to access an application fails, it presents a list of people who ARE authorized to execute the action.

You are right, sudo does not do this at all. The idea behind sudo was to find a way to preserve system security and still allow users to perform useful tasks. List users who have permission to execute an action gives crackers a road-map to break into the system, which decreases security.

[Ukiapah Heep]

I'm getting an attorney and going after awk.

[Swordmaker]

You are right, sudo does not do this at all. The idea behind sudo was to find a way to preserve system security and still allow users to perform useful tasks. List users who have permission to execute an action gives crackers a road-map to break into the system, which decreases security.

This invention apparently cuts at least half of the security out... given that it was a two step process. One had to input both an authorized user and that user's password. By cutting out the step of knowing the authorized user's name, it makes it that much easier to compromise security. For example, if I know that Joe Blow always uses his Wife's maiden name along with his anniversary date as a password, finding Joe Blow's name on the list of users authorized to execute the command opens the door to me immediately.

[Swordmaker]

You are right, sudo does not do this at all. The idea behind sudo was to find a way to preserve system security and still allow users to perform useful tasks. List users who have permission to execute an action gives crackers a road-map to break into the system, which decreases security.

This invention apparently cuts at least half of the security out... given that it was a two step process. One had to input both an authorized user and that user's password. By cutting out the step of knowing the authorized user's name, it makes it that much easier to compromise security. For example, if I know that Joe Blow always uses his Wife's maiden name along with his anniversary date as a password, finding Joe Blow's name on the list of users authorized to execute the command opens the door to me immediately.

[heiss]

“I just read the patent. It’s not new. “

You graduated from Stanford Law, right?

Seriously, leave patent claim analysis for professionals. Typically patents, like this one, try to capture some very detailed scenarios, not just basic scenario such as “sudo”. The claim 1 is long and includes many limitations that are presumed novel.

[TexasAg]

The scope of protection provided by a patent is defined by the claims, not the description of the drawings. I could file a 100-page patent application describing every aspect of a 1960 Ford Mustang and include 2 pages describing a new invention (lets say a cruise control that automatically adjusts its speed based on neighboring cars). If my claims all describe a car with this type of cruise control, I can get a patent even though most of the patent describes a known car.

Here, claim 1 says:

1. One or more computer-readable media having computer-readable instructions therein that, when executed by a computing device, cause the computing device to present a user interface in response to a task being prohibited based on a user's current account not having a right to permit the task, the user interface comprising: information indicating the task and an entity that attempted the task; a selectable help graphic wherein responsive to receiving selection of the selectable help graphic, the computer-readable instructions further cause the computing device to present the information; identifiers, each of the identifiers identifying other accounts having a right to permit the task, wherein the identifiers presented are based on criteria comprising: frequency of use; association with the user; and indication of sufficient but not unlimited rights; one of the identifiers identifies a higher-rights account having a right to permit the task, wherein the one of the identifiers comprises: a graphic identifying the higher-rights accounts associated with the user; and a name of the higher-rights account; an authenticator region capable of receiving, from the user, an authenticator usable to authenticate the higher-rights account having the right to permit the task, wherein: the authenticator comprises a password, and the authenticator region comprises a data-entry field configured to receive the password.

To invalidate this claim, you would need to show that every single part of this claim was known or suggested by what's been done before.