Latha Jishnu: When the barracuda meets a piranha

PATENTLY ABSURD

Picture this: someone in the colony where you live, your neighbour perhaps, stations security guards at his home in a particular formation. You set up security for your home or office and the guards willy-nilly follow the same formation. This happens with other residences in your colony, in places across your city, and in cities elsewhere. The guards you employ are different, not those of your neighbours, legally bought from one of the outfits that provides them. All of a sudden, the neighbour asks you to pay a licence fee because he claims the guards you are using infringe a patent that he holds for their positioning. When you protest, you are dragged to court for infringing a patent. Bizarre?

This is the simplest analogy I can offer for a critical patents battle that is being fought in the US by Trend Micro and its rival Barracuda Networks. The dispute is over Barracuda's use of Clam Antivirus (ClamAV), a security software, in its firewall and web filter hardware appliances. Although ClamAV is not directly involved, Trend Micro claims that the use of ClamAV allows Barracuda's products to operate in such a way that it infringes its patent for applying antivirus software via gateway proxy servers. Its patent granted in 1997 stakes a claim to antivirus software capturing viruses at the server gateway through the use of file transfer protocol (FTP) and simple mail transfer protocol (SMTP).

Readers who don't follow the complexities of computer systems and software protocols need not get confused. Just stick with the security analogy on this story which promises to be significant for software developers and users.

Trend Micro has been sending legal notices to Barracuda Networks since 2006 seeking a licence fee for use of ClamAV. But Barracuda did not pay and the upshot is that Trend Micro has filed a case of patent violation. Shortly thereafter, it also filed a case before the International Trade Commission (ITC) of the US alleging that ClamAV is an imported product because it is developed by the free and open source software (FOSS) community from across the world. The fact is ClamAV is readily downloadable from SourceForge.Net, a US-based website owned by the US-based company Sourcefire.

Another claim made by Trend Micro is that Barracuda imports unique motherboards and power supplies for its products, a charge that its CEO Dean Drako dismisses. He says these are standard off-the-shelf items that can be bought anywhere. However, the ITC case, according to legal opinion, will be difficult for Barracuda because it is viewed as an onerous court for the defending party. The federal patent case in Northern California, meanwhile, has been stayed till the ITC case is resolved.

Although ITC agreed to hear the case in December 2007, it is only now that the issue has become public "" and set off a veritable storm in the FOSS community. The Net is spilling over with a passionate defence of open source, and the high priest of free software Richard Stallman has come out with a vitriolic attack on "companies that use software patents for aggression". In vintage Stallmanspeak, he describes Trend Micro as a "despicable predator, the lowest of the low," and says such companies deserve to be taught a lesson. Ignore the language and he does have a point: at any point one can get sued for using code even with the author's permission or even for the code one may have written oneself. In fact, even proprietary software developers are in danger from software patents since large programmes contain thousands of code structures.

Trend Micro, however, insists that the dispute is not about open source at all, but is really about a company selling products for profit that infringe what it does with a time-tested patent. In the past, it has reached out-of-court settlements with Symantec and McAfee, who are reported to have paid minimal fees and avoided penal action. But that is not stopping the FOSS community. The campaign against Trend Micro's actions is spreading and is marked by impassioned and, sometimes, wild rhetoric as the community bands together against what they see as a threat to software freedom.

A couple of interesting points emerge from this dispute. There are one million deployments of ClamAV at the gateway. Will they all be sued? Will they be forced to take it off their systems? If so, roughly 100 million PCs would be left unprotected. This raises the more significant issue of cost. Barracuda is said to be blocking spam and virus at just a tenth of the cost of proprietary software because anti-spam and anti-virus innovation has come mainly from open source, according to FOSS. Is this a move that will make security much more expensive for all computer users? That's why we need to keep an eye on the case.