Source Code & Software Patents: A Guide to Software & Internet Patent Litigation for Attorneys & Experts
by Andrew Schulman (http://www.SoftwareLitigationConsulting.com)
Detailed outline for forthcoming book
Chapter 3: Open source, other publicly-available source code or decompiled code, and software patent litigation
3.1 Open source and accused commercial products/services
- Commercial products are increasingly based, in part, on open source
- Definition of “open source”, GPLv3, etc.; distinguish other non-open forms of publicly-available source code
- Open source “comingled” with proprietary code (see Josh Lerner & Mark Schankerman, The Comingled Code: Open Source & Economic Development) [see also “comingling” of third-party proprietary code with producing party’s source code in chapter 9 on discovery]
- Typically open source in products has vendor modifications, additions, and deletions
- Vendor changes to open source may be explicit (#ifdef, etc.), but sometimes showing changes requires “diff”
- How to link/tie accused products/services to particular open source projects/versions
- Accused products which may also violate GPL?
3.2 Using open source in software patent litigation
- Using open source in pre-filing investigation, to produce detailed preliminary infringement contentions (see chapters 6 & 7)
- D’s arguments based on P’s failure to employ open source in pre-filing investigation
- Using documentation for open source projects, as part of analysis of commercial products
- Online open-source browsers (e.g. AndroidXref.com)
- Searching in open-source repositories (e.g. SourceForge.net, GitHub.com) for keywords found in product or in proprietary source code
- Ability to search for keywords across multiple open-source projects
- Acquiring open-source binaries (see repositories, e.g. Artifactory at JFog.com) [examples why useful]
- Why source code discovery is still necessary, even when the product uses publicly-available open source
- Product owner’s (rare) stipulations that publicly-available open source accurately reflects accused product
- Using open source to produce detailed discovery requests (see chapter 9)
- Blanket/umbrella protective orders (POs) covering open source (see chapter 11 on POs): can a vendor’s copy of open source constitute protected confidential information or part of a trade secret compilation?; vendors making “secret” use of open source; vendor use of open source is either visible from product, or should be acknowledged publicly?
- Difficulty comparing proprietary version with public version of open source, under typical PO restrictions (can’t readily copy open source to protected source-code machine, for “diff”/comparison: see chapters 11 & 15 on source-code examination PO restrictions)
- Identifying specific open-source projects/versions within proprietary source-code production, when not known beforehand
- Need to extract and print even unmodified open-source files contained in opponent’s proprietary source-code production, in absence of stipulations (see chapter 24 on printing)
- Open source as evidence of PHOSITA knowledge and skill level at a relevant time
3.3 Other litigation issues relating to open source
- Use of open-source project names as patent claim limitations
- Assertions that open source infringes patents (e.g. Microsoft 2007 accusations)
- IP auditing of open-source submissions; enterprise auditing
- Open source audits (Palamida, Black Duck, etc.) generally do not cover patent infringement, because it is more difficult to automate patent-infringement search than e.g. copyright-infringement search
- Difficulties of auditing for patent infringement, vs. concept that “with enough eyeballs, [insert problem] is shallow”?
- Liability, indemnification issues for vendors incorporating open source
- Open source as “defensive publication”
- Non-patent litigation involving open source (e.g. SCO v. IBM copyright case with patent counterclaim: insufficiently-detailed accusations?; drafting Linux code in 2003 while referring to Dynix code on computer?; missing Dynix source code; discovery disputes re: AIX source code)
- Open source litigation to counter GPL violations (e.g. BusyBox; see gpl-violations.org)
- “Tivoization”
3.4 Using other publicly-available (but not “open”) source code in patent litigation
- Source code available as part of the product itself (e.g., obfuscated JavaScript, embedded SQL)
- Improving readability of minimized JavaScript often used in internet products/services: jsbeautifier.org
- Vendor sample code, software development kits (SDKs), etc.: see chapter 6
- Source-code disclosures in patents and published patent applications (though such disclosure is usually not necessary for software patents; see Aristocrat line of cases in chapter 4 on invalidity)
3.5 Using “quasi-source” (decompiled code) in patent litigation
- “Quasi-source”: some products can be decompiled into a close-enough representation of the source code
- Difference between decompilation vs. disassembly
- Why decompilation has become feasible for bytecode languages: Java, Flash ActionScript, or Microsoft .NET (Silverlight)
- Java decompilers, e.g. JD-GUI, JAD, JEB (Android); Java obfuscation
- Flash ActionScript decompilers, e.g. Flare, Sothink, Buraks ASV, Eltima Trillix
- .NET (Silverlight) decompilers, e.g. Red Gate Reflector, Telerik JustDecompile, ILSpy, Dis#
- What is typically available or absent in decompiled bytecode?
- Current status of decompilation for e.g. C/C++ (e.g., Boomerang); Objective-C for Apple OSX, iOS (Hopper); Android Dalvik (JEB Decompiler)
- Generating header files with class definitions from Apple OSX/iOS binaries, using class-dump
Software patent cases re: open source
- Bedrock v. Softlayer (route.c; charts duplicated for each of 50 changed version over lifetime; use of representative examples)
- Apple v. Samsung (ongoing changes to open source not produced in discovery, when vendor stipulates not materially different from already-produced versions?)
- Implicit Networks v. HP (vendor modifications to open source; Tomcat; WSS; need to examine open source as part of reasonable investigation?)
