02.04.09

Gemini version available ♊︎

Guest Post: Watch Out for “Patented API” Traps, by Jose X

Posted in Free/Libre Software, GPL, Patents at 4:08 am by Dr. Roy Schestowitz

The Trap in a Nutshell

A patented API is short-hand for saying that an API (a software interface) is defined to parallel a patent so that using the API to build applications creates patented material unavoidably.

This is a trap API. Use it, and infringe.

The story:

  • A person writes up a patent and designs a matching API.
  • You use their trap API to write a program.
  • Your application violates the patent because the API gave your application properties that match the patent.
  • Fix the problem only by dumping the API, redesigning, and re-coding the application itself. There are no short-cuts.

Q: Can I “work around” the patent?
Q: Can I re-implement the API libraries so as not to have to redesign and recode all apps?
Q: Can I map or translate the app automatically into something safe?

A: In general, no, you can’t, if the trap is a good one.

This covers the trap in a nutshell.

[The disclaimer: I am not a lawyer, and I have never written a patent application. But.. I do know how software works, and I have developed more than just half a clue about how patents work (in the US).]

Further Basic Discussion

For those that want a little more explanation, we have this link.

..as well as a hypothetical “Tetris” Patent Trap example.

Visual Basic function

“Tetris” Patent Trap

Patent Tetris
Patent CoolDraw
API Tetris
API CoolDraw

We have two patents and two API. One patent and one API are high-level (Tetris). The other patent and API are low-level (CoolDraw). The high-level patent and high-level API are designed together as a trap as mentioned above. Ditto for the low level ones.

Let’s look at a few more details on the patents and on the APIs. Then, we’ll cover the four main scenarios. Do note the interplay of high-level with low-level. When the levels are the same (and matching), we have stepped onto the trap.

– Patent Tetris: patents any tetris like game.

– Patent CoolDraw: patents a cool way to draw on the screen from computer memory.

– API Tetris: a createTetris function produces a tetris game when you input things like block size, colors, number of rows, time, etc.

– API CoolDraw: a doCoolDraw function uses a cool algorithm to move values onto the screen.

Case 1:
– Patent Tetris
– API Tetris.

In this scenario, if we use API Tetris within our app so that a tetris game is created, we violate Patent Tetris, guaranteed.

Case 2:
– Patent Tetris
– API CoolDraw.

In this scenario, if we use API CoolDraw within our app so that we draw to the screen, we do not violate Patent Tetris unless we write a lot more code so as to create our own tetris game. It would take many lines of code to violate Patent Tetris.

Case 3:
– Patent CoolDraw
– API Tetris.

In this scenario, if we use API Tetris within our app so that a tetris game is created, we may violate Patent CoolDraw ..or not. It depends on how API Tetris was implemented. Does createTetris write to the screen the way described by Patent CoolDraw?

Case 4:
– Patent CoolDraw
– API CoolDraw.

In this scenario, if we use API CoolDraw within our app so that we draw to the screen, we violate Patent CoolDraw, guaranteed.

Quick Analysis

Case 1 (and Case 4) patent and API are at the same level (and matching). This is a trap. To avoid infringement, you have to redesign and re-code the application using a different API.

Case 2 is the case when people consider “working around” the patent. It’s an odd event. You have to write many lines of code in order to possibly be infringing. If you are, you then try to code around it, perhaps by building something a little different than tetris. [In general, avoid infringement by make sure some of the properties of the patent claim are not met.]

Case 3 is the case where if a violation were to exist in the API implementation, you can try to re-implement the libraries and this way avoid re-implementing each and every single app as would be required for Cases 1 and 4.

The reason Case 3 allows you to re-implement the libraries and avoid re-coding up every application is fundamentally because you can re-implement the API but keep fixed the same interfaces and specifications enshrined in the API contract and assumed by the applications. This is not possible in Case 1 and Case 4 because any re-implementation of the same specification, for these cases, will infringe in the same exact way as with the original implementation since it’s the specification itself (not any implementation of any part of it) that parallels the patent.

The reason Case 2 does not result in automatic infringement as happens with Case 1 and Case 4 is that the API interface and patent requirements don’t match. It’s that simple. Case 2 is where the application could possibly end up violating if you code enough with that API or with another. The Case 2 patent is high-level while the API is low-level. Case 3 is different in that the patent is low-level while the API is high-level; thus, Case 3 contrasts with Case 2 because in Case 3 the potential violations would not happen within the application (as with Case 2) but rather within the library.

In short, Case 1 and Case 4 are the only cases (of the four) where any API usage, by definition, specifies that the application will acquire all the properties of the matching patent claim. These are the traps.

Random APIs will not shadow any given patent as occurred in Case 1 and in Case 4. Developers normally would not have to worry. They can expect a Case 2 or a Case 3, if anything. However, Case 1 and Case 4 can be designed on purpose when the patent author and API designer are the same entity. Why would this author create this trap for developers? Well…

– The patent author is determined to file lawsuits as necessary (maybe via proxies) in order to slow down many and/or key competing applications (eg, FOSS applications).

“You can be given a patent license and even GPL code for the core API, but not for the patented API extensions.”If you are using an API designed by such a vendor (regardless of who implemented the libraries), beware. I see lots of redesigning and re-coding in your future, just to get back to the same point (on a per app basis). Remember that the patent might still be in the pipeline, have been sold to a proxy, or have been developed through a partnership under a different company or alias.

The above nutshell and sample analysis omit many details. There are many corner cases and things are not cut and dried. In a second article to follow (possibly), we will look closer into many details of the trap scenario.

Finally, there is a more insidious trap that exists. You can be given a patent license and even GPL code for the core API, but not for the patented API extensions. You may then find that you can create only simple applications safely (with that core API), even if you decide not to use the patented extension API but build your own. This is more insidious because the patent and copyright licenses given for the core API give the illusion of safety (a green light to proliferate), and is insidious and dangerous all the more so since you might purposely avoid the patented extensions. The trap happens if you use the “safe” core with any extension whatsoever (since the extended patented properties can be very general in nature). The details of this extended insidious trap may form the subject of a third article later on. It’s also described further here.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

11 Comments

  1. Jose_X said,

    February 4, 2009 at 9:38 am

    Gravatar

    Thanks for posting this Roy. It took a while to find the right balance. Hopefully, parts 2 and 3 will be forthcoming.

    I hope developers and users supporting APIs **designed** by companies that have much to gain or to preserve by holding FOSS hostage with patents when the right moment comes (when the poison has spread deeply) do re-evaluate their position and dump these APIs and all the applications that depend on them, the sooner the better. No API or platform is worth even 10% of the trouble this may create for everyone.

    Add your great contributions to applications built on more sound foundation. This way your contributions are much less likely to be wasted.

    Also, ask those developers implementing APIs designed by aggressive companies/monopolies, to fork, to deviate significantly from the path laid out carefully before them by the antisocial API-patent designers.

    To any FOSS developers that might be implementing such a risky API: the few interesting bits of such a platform/API can be adopted by virtually every other API out there so that nothing or little that is good is left behind. That’s the best of all worlds.. So contribute your great bits of innovation or what you like to APIs/platforms that are much less likely to sink you down the road.

    Redesigning and re-coding just to end back where you started is not an option I’d ever exercise, and users would be left stranded.

    Whatever. People will always take long-term risks for a short-term high.

  2. Shane Coyle said,

    February 4, 2009 at 9:55 am

    Gravatar

    People will always take long-term risks for a short-term high.
    Jeez, we’re not really gonna talk about Michael Phelps here, too, right?
    ;^ )

  3. David Mohring (NZheretic) said,

    February 4, 2009 at 3:44 pm

    Gravatar

    I made the same argument in detail back in April 25th, 2003 with Miguel De Icaza responding.

  4. Roy Schestowitz said,

    February 4, 2009 at 4:07 pm

    Gravatar

    it’s the familiar defence of “see the FAQ” (OpenSUSE/Novell do this too):

    NZHeretic keeps posting this standard template everytime he sees the word Mono. You would think he would have given up and read the Mono FAQ that addresses his question.”

    Miguel”

    These FAQs are always damage control. They are PR.

    http://meandubuntu.wordpress.com/2008/12/16/the-opensuse-faq-touched-me-in-a-bad-place/

  5. Jose_X said,

    February 4, 2009 at 4:40 pm

    Gravatar

    David Mohring (NZheretic), yes, I just read it. Great. Maybe you will receive more support this time around in pushing this info out.

    For me, this is somewhat new in the sense that I generally believed this could be done (took it for granted it could), but had not looked at it too closely until this past year. When you actually look at some patents, in conjunction with things like this http://en.wikipedia.org/wiki/Claim_(patent) , it shocks that patenting would have such loopholes. Any new combination, at any high-level, can be argued to be “innovative”, etc, and hence cover almost anything ..in that special new combo way.

    Now fabricate an API to match and get people to follow it closely, and they are screwed and you’d almost have to say they deserve it given Microsoft’s patent talk and position in the market (wrt FOSS). ..except that many that use and install mono and maybe some that code it perhaps are a bit confused.

    Large vendors can ultimately (at a real cost in some cases to their competitive position) negotiate with Microsoft, but I don’t think people want to keep giving Monopolysoft such powerful freebies. You keep doing that, the game won’t change.

    If you want to contribute any worked out examples (real or fabricated) on this thread over time go ahead since that helps communicate the message. It actually took me many attempts to write the above because I couldn’t manage to reach a balance between getting the point across to nondevs while providing enough info to be at least half-convincing (or get the serious attention) of devs.

    For part two, I want to focus on the more subtle arguments and display many examples to show all of this.

    Part 3 is also what you were talking about in that once you are stuck using the core, you can’t step anywhere (while tied down to that core) because of how easy it is to patent all around that core for almost anything useful you would want in an application.

    Thanks for pointing to your post. Now, let’s find more such older posts and see if we can push this again. Today, mono has taken on a much larger role than back in 2003. Not accidentally, these years of slow mono growth gave Microsoft much time to patent any and everything under the sun that would extend from mono core.

    ..To repeat a point before ending this… It’s a major loophole in patenting, and you’d expect no one to fall into that trap *accidentally* because all the components already exist and some of the precise semantics of this new Monopolysoft mix are almost arbitrary (a bit like accidentally writing a modest size essay that violates copyright.. the odds are tiny). Yet.. yet, probably out of ignorance to some extent, you actually find people stepping on the **same exact path**. And once you go deep enough into the path, it’s very costly to turn back and everywhere you step, boom, step on a mine. An analogy: People using mono are basically doing the equivalent in copyright law of significantly copying verbatim someone not willing to give you a FOSS compatible copyright license. Only by this blind copying could you manage to get yourself deep enough into this particular minefield. Mono and it’s spread is a HUGE asset to Monopolysoft.

  6. Jose_X said,

    February 4, 2009 at 5:43 pm

    Gravatar

    From this link
    >> http://meandubuntu.wordpress.com/2008/12/16/the-opensuse-faq-touched-me-in-a-bad-place/

    >> There is no general strategic alliance. Novell continue to be fierce competitors of Microsoft, which should be evident by the openSUSE and SUSE Linux Enterprise products.
    >> Novell even has ongoing litigation against Microsoft.

    They take very seriously how their partnership will be viewed. They need the proxy effect without getting antitrust officials riled up.

    Novell is quite an asset to Microsoft. Antitrust laws are being violated.

    >> Having many of the greatest free software developers on their payroll making sure they can focus on writing free software.

    Reserving opinion on the adjective “greatest” as used here, Novell is trying to use talent to get mono and MS protos spread far and wide,and in general to manage Monopolysoft’s Linux play. Why would they seek out “mediocre” developers? How is this good news?

    >> Novell continue to be fierce competitors of Microsoft, which should be evident by the openSUSE and SUSE Linux Enterprise products.
    >> [Novell] would not do anything that they thought would harm Linux in general

    “Linux” is just a product. FOSS is what is being harmed or threatened — not to mention the most FOSS-dependent commercial players, as Novell aims their sights on Linux players (with Monopolysoft’s help) more vigorously than competing with Monopolysoft today.

    Doesn’t Novell have a life-sustaining contract with Monopolysoft? Why yes they do. That’s just how “aggressive competitors” do their competition with each other … just like how a subsidiary competes vigorously with the parent.

    Monopolysoft needs a Linux branch (“partner”) to handle those sales that would defect to (eg) Red Hat.

    This is the role Novell is playing today in action.

    Antitrust antitrust antitrust antitrust.

    >> There can be absolutely no doubt that Novell is one of the most significant contributors to open source software, ever.

    Read: Monopolysoft (through proxies) jumped in with both feet when buying FOSS and when trying to spread their poison.

    Novell saw value to Monopolysoft, they made the acquisitions, and they “partnered” with Monopolysoft afterwards.. (this is a generous interpretation that assumes the components did not see value to Monopolysoft from way back when (eg, mono)).

    Even if Novell was a decent player once, it sure didn’t take them too long to turn the net asset into a net liability.

    >> Novell has also created or is among the top sponsors of projects such as

    I don’t think anyone will deny that many people employed by Novell today or in the past have made significant contributions at some point in time. Novell is a fairly large company, and they have gone on a buying spree of contributors.

    Not lost is that some of the projects mentioned are helping to spread what I will call the mono poison.

    [Note, "Monopolysoft" communicates more in short space than would "Microsoft .." or "the company that...".]

    >> Ted Haeger: I removed the statement about my departure having nothing to do with the deal. It was a false statement made without consulting me. I did not want to make my departure a statement about the deal, but by using my name in this way on this page, it forces me to state a correction. My departure did have something to do with the Novell-MS deal. I would likely still be at Novell if it had not happened. I prefer to focus on the positive side of why I left, so please do not cite my departure as unrelated to the MS-Novell deal.

    Nice quote.

    >> The interopability features cannot be included in other distributions
    >> Again, this is untrue. Other distributions have already seen the software benefits from this deal

    Spreading the poison is a negative not a positive.

    >> Yes, Ballmer has said many disparaging things about Linux, but (i) this was never part of the original deal, (ii) Novell have, in an open letter to the Community, challenged those statements.

    Wow, a letter that “challenges” through “in no way an acknowledgment that Linux infringes upon any Microsoft intellectual property”.

    Actions speak louder than (weak) words. Spreading mono and Monopolysoft based technologies despite the patent risks and mind share losses speaks louder than “in no way an acknowledgment that Linux infringes upon any Microsoft intellectual property”.

    >> the GPLv3 “grandfathers” in such agreements

    Wow. Monopolysoft’s Linux arm (as long as they remain legally separate from the main body) gets a monopoly on a bypass mechanism to the GPLv3. Why am I not surprised they pulled this one off?

    >> Novell even has ongoing litigation against Microsoft.

    Some would call this money laundering.

    Of course, even if Novell is out to help their leverage with momma relative to the siblings.. or to help keep antitrust authorities at bay.. how is this consolation?

    ***

    There is no reason to assume bad intent on Novell’s part (as fun as that might be). The evidence may strongly suggest such possibilities, but the bottom line is that, independent of intention, Novell is in practice aiding Monopolysoft’s strategic position within the FOSS community and general market place. That is their contract, and all the nice talk doesn’t change that. And Monopolysoft continues to do what they have to do to protect their empire and position. This doesn’t mix with FOSS in any way beneficial to the wider community (especially to end users).

    Some people have come on here and suggested Novell is independently simply trying to better their position and not abuse the community.

    However, if they need.. if they are accepting the big dollars from this particular partner.. if they are taking actions that hurt the community.. if for years people have been pointing out the patent risks in spreading MS API but they continue to push that….

    Intent doesn’t matter for this discussion [though antitrust authorities likely do care about intentions]. Results matter. What is and will Novell do?

  7. Jose_X said,

    February 4, 2009 at 5:44 pm

    Gravatar

    Cross linking: http://boycottnovell.com/2009/02/03/jeff-waugh-direction-change/#comment-59345

  8. Jose_X said,

    February 4, 2009 at 5:52 pm

    Gravatar

    Another cross-link.. this one about how Novell can potentially make a great go at Microsoft market share without hurting the community: http://boycottnovell.com/2009/01/11/ms-maintaining-gap-vs-linux/#comment-58215

    It’s easy to give Novell a free pass by saying they might secretly be working towards this goal. This is called wishful thinking, and the evidence that this fantasy will become reality doesn’t look good. Anyway, I prefer to leave secrets and intentions out and focus on current actions and positioning.

  9. Roy Schestowitz said,

    February 4, 2009 at 5:54 pm

    Gravatar

    Good catch there about Ted. Somehow I missed it.

  10. Jose_X said,

    February 4, 2009 at 6:08 pm

    Gravatar

    David Mohring (NZheretic), the main post at the top didn’t much go into what you actually discussed in that link wrt a unique combo/mix being patented. Part 2 will look more carefully at that. Patents on combos, where all or almost all parts are common (but perhaps never expressed in just that way), are given in reality and likely make up the vast bulk of patents. The patent industry actually depends on this laxity since it leads to many more “inventions”. [Real inventions can be kept as trade secrets to give more bang for buck.] Plus, who is to judge otherwise since most that might be judges either don’t care about patents, don’t want to work for free, or are busy exploiting the system?

  11. Jose_X said,

    February 4, 2009 at 6:20 pm

    Gravatar

    Roy that topic came up here before. That a person doesn’t explicitly make a public statement saying they were against the deal certainly doesn’t imply they were for it or unaffected by it. Most customers, when they switch brands, they don’t write a letter to the old company stating they are switching for reason X or Y. They let their feet do the talking. For reason X or Y, are people not leaving Novell? It would make sense to lay people off if management thinks these employees aren’t gung-ho about the direction of the company, for example. They could be seen as dead weight that might be accepting a paycheck as long as they can. Maybe they had already refused (or failed to show enthusiasm) for job assignments working on mono or related. [OTOH, I'd be careful about moles-to-be leaving the ship.]

    [The context I’m remembering had to do with Compiz. As if the break from it (beryl) and the waning interest in that project today (eg, including post the re-merger with beryl) didn’t speak to this effect even if no one said anything publicly… maybe this is one of the links: http://boycottnovell.com/2009/01/02/amd-novell-friction/#comment-57230 ]

DecorWhat Else is New


  1. StatCounter: GNU/Linux (Including ChromeOS) Grows to 8% Market Share Worldwide

    This month’s numbers from StatCounter are good for GNU/Linux (including ChromeOS, which technically has both GNU and Linux); the firm assesses logs from 3 million sites and shows Windows down to 66% in desktops/laptops (a decade ago it was above 90%) with modest growth for GNU/Linux, which is at an all-time high, even if one does not count ChromeOS that isn’t freedom- or privacy-respecting



  2. Journalism Cannot and Quite Likely Won't Survive on the World Wide Web

    We’re reaching the point where the overwhelming majority of new pages on the Web (the World Wide Web) are basically junk, sometimes crafted not by humans; how to cope with this rapid deterioration is still an unknown — an enigma that demands hard answers or technical workarounds



  3. Do Not Assume Pensions Are Safe, Especially When Managed by Mr. EPOTIF Benoît Battistelli and António Campinos

    With the "hoax" that is the financial assessment by António Campinos (who is deliriously celebrating the inauguration of illegal and unconstitutional kangaroo courts) we urge EPO workers to check carefully the integrity of their pensions, seeing that pension promises have been broken for years already



  4. Links 04/06/2023: Why Flatpak and Wealth of Devices With GNU/Linux

    Links for the day



  5. Gemini Links 04/06/2023: Rosy Crow 1.1.3 and NearlyFreeSpeech.NET

    Links for the day



  6. IRC Proceedings: Saturday, June 03, 2023

    IRC logs for Saturday, June 03, 2023



  7. Links 04/06/2023: Azure Outage Again (So Many!) and Tiananmen Massacre Censored

    Links for the day



  8. Links 03/06/2023: Qubes OS 4.2.0 RC1 and elementaryOS Updates for May

    Links for the day



  9. Gemini Links 03/06/2023: Hidden Communities and Exam Prep is Not Education

    Links for the day



  10. Links 03/06/2023: IBM Betraying LibreOffice Some More (After Laying off LibreOffice Developers)

    Links for the day



  11. Gemini Links 03/06/2023: Bubble Woes and Zond Updates

    Links for the day



  12. Links 03/06/2023: Apache NetBeans 18 and ArcaOS 5.0.8

    Links for the day



  13. IRC Proceedings: Friday, June 02, 2023

    IRC logs for Friday, June 02, 2023



  14. The Developing World Abandons Microsoft Windows, GNU/Linux at All-Time Highs on Desktops/Laptops

    Microsoft, with 80 billion dollars in longterm debt and endless layoffs, is losing the monopolies; the media doesn’t mention this, but some publicly-accessible data helps demonstrate that



  15. Links 02/06/2023: Elive ‘Retrowave’ Stable and Microsoft's Half a Billion Dollar Fine for LinkeIn Surveillance in Europe

    Links for the day



  16. Linux Foundation 'Research' Has a New Report and Of Course It Uses Only Proprietary Software

    The Linux Foundation has a new report, promoted by Clickfraud Spamnil and others; of course they’re rejecting Free software, they’re just riding the “Linux” brand and speak of “Open Source” (which they reject themselves)



  17. Links 02/06/2023: Arti 1.1.5 and SQL:2023

    Links for the day



  18. Gemini Links 02/06/2023: Vimwiki Revisited, SGGS Revisited

    Links for the day



  19. Geminispace/GemText/Gemini Protocol Turn 4 on June 20th

    Gemini is turning 4 this month (on the 20th, according to the founder) and I thought I’d do a spontaneous video about how I use Gemini, why it's so good, and why it’s still growing (Stéphane Bortzmeyer fixed the broken cron job — or equivalent of it — a day or two after I had mentioned the issue)



  20. HMRC Does Not Care About Tax Fraud Committed by UK Government Contractor, Sirius 'Open Source'

    The tax crimes of Sirius ‘Open Source’ were reported to HMRC two weeks ago; HMRC did not bother getting back to the reporters (victims of the crime) and it’s worth noting that the reporters worked on UK government systems for many years, so maybe there’s a hidden incentive to bury this under the rug



  21. Our IRC at 15th Anniversary

    So our IRC community turns 15 today (sort of) and I’ve decided to do a video reflecting on the fact that some of the same people are still there after 15 years



  22. IRC Proceedings: Thursday, June 01, 2023

    IRC logs for Thursday, June 01, 2023



  23. Links 02/06/2023: NixOS 23.05 and Rust 1.70.0

    Links for the day



  24. Gemini Links 02/06/2023: Flying High With Gemini and Gogios Released

    Links for the day



  25. Links 01/06/2023: KStars 3.6.5 and VEGA ET1031 RISC-V Microprocessor in Use

    Links for the day



  26. Gemini Links 01/06/2023: Scam Call and Flying High With Gemini

    Links for the day



  27. Links 01/06/2023: Spleen 2.0.0 Released and Team UPC Celebrates Its Own Corruption

    Links for the day



  28. IRC Proceedings: Wednesday, May 31, 2023

    IRC logs for Wednesday, May 31, 2023



  29. Tux Machines Closing the Door on Twitter Because Twitter is Dead (for a Lot of People)

    Tux Machines recently joined millions of others who had already quit Twitter, including passive posting (fully or partly automated)



  30. Links 31/05/2023: Inkscape’s 1.3 Plans and New ARM Cortex-A55-Based Linux Chip

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts