Some representative cases and projects undertaken for clients by Andrew Schulman (SoftwareLitigationConsulting.com) include:
Industry areas:
- System software (including source-code review of Microsoft Windows, Apple OSX, Apple iOS, and proprietary vendor modifications to Android)
- Application software (including source-code review of Microsoft Office/Word/Excel, and of Apple Facetime)
- Social media software (including source-code review of Facebook back-end code in patent litigation)
- Firmware (including Broadcom firmware in patent litigation)
- Electric arc steel furnaces (industrial control)
- Ground transportation services
- Metal detectors
- Actor motion/gesture capture
- STD online dating (privacy)
- Machine tools, robotics
- Hedge fund
- DNA microarray
- Automotive firmware
- Door locks (Bluetooth, NFC; mobile phone as intelligent key; IoT)
- Chinese online payment systems
- Mobile check deposit
- Cable modems
- Video teleconferencing
- Online shopping & advertising
- Web Rx ordering
Consulting history (partial; newer cases towards the top of the list; party names removed; confidential list of party names for conflict check available under NDA):
- Recovery of hardware and digital assets: source code, scripts, binary software, business records — court-appointed forensic expert; facial motion capture for video production
- Patent infringement investigation — investigation of possible infringement of patent related to NFC (near field communication) door locks and associated mobile device apps
- Trade secrets — Chinese mobile payment services compatible with AliPay, WeChatPay
- Patent litigation — Investigation of asserted infringement of patents related to video/audio DRM; decompilation of Windows Media Foundation using NSA Ghidra
- Patent litigation — Cable modems, DOCSIS 3.0 channel bonding
- Legal malpractice re: underlying class-action privacy case — Use of software expert in case re: online-dating database system
- Competition law consumer class action, British Columbia, Canada — Undocumented APIs, deliberate incompatibilities, web browser evolution, development of JavaScript as application development platform
- Patent infringement litigation, Eastern District of Texas (EDTX) — GFP-T, G.7041, G.709 standards
- Copyright infringement litigation, C.D.Cal — Firmware/software used in metal-detection devices
- Patent infringement litigation — Identity validation, hash chains (Merkle tree)
- Patent & copyright infringement litigation, ITC & N.D.Cal. — Software and documentation for network switches
- Patent infringement litigation, injunction enforcement, EDTX — Web & mobile software for ground transportation services
- Trade secret & copyright litigation, N.D. Ohio (Cleveland) — Software used in electric arc steel furnace; testified at hearing
- Pre-filing patent infringement investigation & patent litigation, C.D. Cal. — Bluetooth lock/key controlled by mobile device
- Consumer antitrust class action, N.D. Cal. (Oakland) — Music store & devices, digital rights management (DRM)
- Patent litigation, EDTX — Interactive web services, shopping cart integration to back-end warehouses
- Technical assistance with patent prosecution, and with potential infringement investigation) — Privacy, anonymity
- Pre-filing patent infringement investigation — Virtual building/construction software; gaming
- Patent litigation — Prescription (Rx) ordering on mobile devices; packet sniffing mobile/server communications in state with one-party consent rules
- Patent litigation, EDTX — Wifi & telephony on mobile devices
- Patent litigation, ITC — Video conferencing & telephony on mobile devices
- Patent litigation, EDTX — Media processing technology; automatic resizing of images for uploading
- Potential patent litigation, pre-filing patent infringement investigation — Document collaboration; packet sniffing document deltas among multiple doc editors
- Patent litigation, Delaware — Multimedia audioplaylists
- Patent litigaton, Delaware, ITC — Prior art technical consultant
- State antitrust litigation, Calif. Sup. Ct. (San Francisco) — Operating systems, pen computing
- Patent litigation; PTO re-exam — PC-based machine-tools technology (Windows GDI + HP plotter device driver = vector graphics); provided expert report
- Patent litigation, EDTX, transferred to Delaware — DOCSIS modem protocol; examination of source code including firmware and RTOS (real-time operating systems) code
- Consumer antitrust class action; Iowa Dist. Ct. (Polk Co.) — Microsoft Windows and Office; provided expert reports and testified at deposition
- Private antitrust litigation, Utah Dist. Ct. (Salt Lake City) — Microsoft Windows and Office
- Non-litigation patent analysis — Reviewed public materials regarding DRM removal technology
- Non-litigation patent portfolio analysis — Analyzed portfolio of 1,500+ patents re: databases, user interface, operating systems; compared top 25 to potential infringer’s technology
- Non-litigation patent analysis, pre-filing patent infringement investigation — Graphics software, shaders, 3D, parallel-processing pipeline; low-level implementation of shader language
- CodeClaim (not litigation related — Partner in company producing a searchable database of prior-art software
- Consumer antitrust class action, Minnesota — Operating systems, undocumented APIs
- Consumer antitrust class action, California — Operating systems, undocumented APIs
- European (EU) competition case — Verifying Windows Media Player DLL removal from Windows
- Deceptive trade practices, New York — Operating systems, error messages related to third-party applications
- Trade secrets misappropriation case, New York) — Hedge fund software
- Patent infringement case, EDTX — Memory management
- Non-litigation project, worked on development of hardware device drivers for Windows CE (mobile device viewport into larger virtual 3D space)
- Patent litigation — DNA microarray
- Software contract dispute (arbitration, San Diego) — automated help generation; testified at deposition and at arbitration
- Non-litigation consulting on multi-user Windows technology
- Non-litigation consulting on Win9x VMM/VxD (virtual machine manager, virtual device drivers)
- Patent litigation — Cursor-controlled user interface
- Hard-disk-capacity class action — Provided expert declaration
- Consumer privacy class action — research vendor compliance with its privacy notices
- Consumer privacy class action — research third-party advertising information sharing
- Clickwrap license & internet privacy class action
- Non-litigation — Privacy Foundation chief researcher on workplace privacy and ID card/biometrics issues
- Graphics device driver copyright infringement — provided expert report
- Patent infringement & trade secret misappropriation — automatic disk compression software in operating system
Source code examination:
- Numerous source-code examinations under protective order, to show infringement, non-infringement, invalidity, or working/practicing of patent claims (e.g. to show “domestic industry” in ITC actions), and for copyright and trade-secret cases
- Construction of scripts to partially automate source-code examination (e.g. to extract relevant functions from 100 different versions of source-code tree on other side’s source-code computer)
- For trade-secrets case, designed and wrote software to generate spreadsheet to find similarities between over 1,000 Java source code files found on defendant’s computer on the one hand, with Java source code contained in plaintiff’s PVCS version-control archive on the other.
- To show lack of technical necessity (“constraints”) for overlap between defendant’s and plaintiff’s C++ and JavaScript source code in copyright infringement case, wrote more efficient versions of code.
- In copyright case, automated comparison among over 1 million lines of source code (C/C++, Java, Visual Basic, HTML, resource scripts, help scripts, etc.) produced by defendants and plaintiffs, to find percentage overlap, while filtering out common boilerplate code, and code “constrained” by the application domain; reported results in terms of abstraction-filtration-comparison (AFC) test.
- In copyright case, examined source code to show evolution of software over five versions, measuring percentage overlap between each, and showing that despite minimal overlap between first and last version, defendant’s first version (stipulated to be based on plaintiff’s software) acted as “scaffolding” from which defendant’s final version was constructed.
- Correlated logged changes to source code in version-control system, with changes to vendor’s contemporaneous public documentation at archive.org (Wayback Machine).
- Tokenization and structural testing of source-code similarity between plaintiff’s and defendant’s code, written in different programming languages but with alleged copying.
- Automated extraction of timestamped changes to JavaScript source code, from web pages at archive.org.
- Wrote script to locate changes to specific functions in Java source code, across dozens of produced versions of source code, using scripting facility (Windows WSH) present on other side’s computer locked-down under PO.
- Performed copyright comparison between two source-code trees located on different non-networked computers, using sampling (lists of most prevalent lengthy non-common tokens from each source-code tree).
- In trade-secrets litigation regarding industrial automation code, help assess protected vs. non-protected nature of assertedly misappropriated code.
- Comparison of source code produced in discovery on the one hand, with actual product/service code on the other hand, to assess “dead code,” “latent code,” and failure to produce relevant source code in discovery.
- Software and business-record asset recovery following judgment, including generating baseline/inventory of assets to be recovered, based on keyword scoring in source and binary files, copyright notices, cross-references among source files, references in internal documentation, partial version-control remnants from SVN repository .entries files, and linker dates in executables; using MD5 and fuzzy-hash signatures from baseline to detect identical and near-identical files to be recovered; scripting to semi-automate examination of millions of files and directory listings.
Software reverse engineering:
- Numerous inspections of binary/object code in software products, internet services, and mobile devices, to show (or rebut) patent infringement
- Designed and wrote software that uses Java decompiler to automatically find similarities between plaintiff’s and defendant’s binary Java .class files, without access to source code.
- Designed and wrote software that uses Win32/x86 disassembler to automatically compare DLLs and other compiled binary Win32 software, without access to source code. In addition to being used in several software litigation projects, this technique is described in a three-part series: Andrew Schulman, “Finding Binary Clones with Opstrings and Function Digests,” Dr. Dobb’s Journal, July 2005 (Part I), August 2005 (Part II), September 2005 (Part III).
- In antitrust case, designed and wrote software to automatically inspect binary code files to determine inter-module dependencies, and thereby partition system of over 2,000 DLLs into separable components.
- In antitrust case, using Windows ToolHelp API, designed and wrote software to determine the modules used uniquely by (and therefore comprising) Win32 applications running on Windows XP.
- In patent case, using Windows NT kernel device drivers, designed and wrote software to measure use of litigated microprocessor special flags by each process on NT/Win2K/XP systems.
- In antitrust and trade libel cases, given error messages displayed by defendant’s product when plaintiff’s software is run, used Windows and DOS disassemblers and debuggers to trace back from the error messages to the lines of code that produced them; wrote reports assessing whether the error messages were technically necessary, bugs, or deliberate incompatibilities.
- In patent case, used packet sniffers to examine encrypted communications between defendant’s client software and plaintiff’s server.
- In antitrust case, wrote device drivers to help attach external Tekronix counting device to Pentium debug registers, to measure usage or non-usage of operating-system features.
- In antitrust and European competition cases, designed and wrote scripts to verify whether software to be removed from system under court order was, in fact, truly and completed removed.
- Used packet sniffer to verify compliance of client/server communications with web site privacy notice.
- Used sequences of API calls in binary code as “fingerprints” to show similarity between defendant’s and plaintiff’s code, for which source code was not yet produced in discovery.
- In patent case, did BlueTooth Low Energy (BLE) packet monitoring, correlating data in BLE packets with tagged data in XML/JSON from web packet capture.
- In patent case, watched changes made to MySql and encrypted SqlLite (SqlCipher) databases, using “diff” between before & after snaphots of process memory on Android device.
- In patent case, correlate iOS and Android event logging with source code, creating timeline of code execution.
- Preparatory to source-code examination, created map of iOS classes/methods from disassembly and class dump of iOS Simulator files from XCode.
- Preparatory to source-code examination, created map of classes/methods from C++ disassembly and Java decompilation, with function-signature demangling.
- Assess copyright-infringement assertions using decompilation of Win64 C++ code (e.g. Microsoft Media Foundation mfcore.dll CPolicyEngine), generated with NSA Ghidra decompiler and PDB debug symbol files.
- Partially document undocumented Microsoft interface in 32-bit and 64-bit DLLs, using decompilation listings produced by NSA Ghidra (taking account of partially obfuscated “Warbird” code), Microsoft PDB symbol files, and public documentation of APIs used by the undocumented interface.
- In privacy-related class action regarding online dating service, compare de facto practices to vendor’s published privacy policy; use SQL database to determine third-party viewers of class plaintiffs’ profiles.
- Reverse engineer older version of client’s own product, using contemporaneous tools, to show feasibility at a given date that other side reasonably could have uncovered (from publicly-accessible materials) alleged infringement, relevant to laches and statute of limitations.
Miscellaneous:
- Claim charts in patent litigation (infringement contentions, non-infringement, invalidity, ITC domestic industry, etc.)
- Expert reports and sworn affidavits
- After comparing claims table based on plaintiff’s patent on the one hand with pseudocode for defendant’s software on the other, constructed demonstrative exhibits showing divergence between patent claims and allegedly infringing software.
- Wrote software to partially automate ranking of patent portfolios, based upon intrinsic (e.g. claim length) and extrinsic (e.g. citations from competitor patents) factors; used software to rank portfolio of over 500 software patents based on relevance to potential infringer’s technology.
- Based on examination of publicly-available information regarding voicemail system used by defendant, determined defendant’s ability to respond to discovery request by keyword-searching archived voicemails.
- As demonstrative exhibit for trial in antitrust case, constructed timelines showing correlation between defendant’s internal emails and code in its shipping product.
- Scripted generation of Excel spreadsheets for use by damages experts, based on input from thousands of multiple defendants’ spreadsheets, combined with testifying technical expert’s selection of model/part numbers, and information extracted from hundreds of manufacturer data sheets.
- For various tools and resources used, see Pinterest board on reverse engineering on source-code exam for litigation (plain HTML list here).
For more information, contact andrews@softwarelitigationconsulting.com .