Full Disclosure mailing list archives

RE: grsecurity: Another one bites the dust...

From: "Andrew Hintz \(Drew\)" <drew () overt org>
Date: Tue, 1 Apr 2003 08:45:57 -0600

I bet they're referring to this patent:

Security management system and method #6,542,993

Abstract:
A comprehensive system and method for managing security in an electronic
network. The method includes the steps of providing a plurality of security
services, providing a plurality of security mechanisms, and linking the
services and mechanisms with a plurality of security management functions.
<http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2F
netahtml%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F65429
93>

I just got a letter about this one too.  Oh well, what is this world coming
to?  All these patents and such...
I just don't get it.

HTH,
--
^Drew

http://guh.nu

--Begin PGP Fingerprint--
3C6C F712 0A52 BD33 C518  5798 9014 CA99 2DA0 5E78
--End PGP Fingerprint--

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of
Glenn_Everhart () bankone com
Sent: Tuesday, April 01, 2003 8:06 AM
To: jeff () xiir net; full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] grsecurity: Another one bites the dust...

Anybody know what the patent claims are?

Some of the descriptions of grsecurity sound an awful lot like technology
I developed for VMS and published in the late 1990s in the Safety
program (still available, free) or documented as trivial
extensions (rate limits).

A brief description of the Safety program is at http://users.rcn.com/gce
in case there is a wish to see what it has in a very limited way.
It assumes
the VMS ACL system of course, and some of the other security
goodness in VMS,
but gets fairly tricky in other ways.

The rate limiting idea was something I have described as a useful
feature for
at least the past 6-7 years and can be found here and there in my
mails and
some bits of publications (DECUS sigtapes mainly).

At any rate, it is possibly prior art and publication, and was certainly
released to the public and should be useful in defending claims
that functions
it provides could be patented by someone else.

At one time I wanted to sell Safety, but gave up on that and just
published the
sources several years ago. The documents had been published when
it was first
implemented (along about 1995).

While there is a bunch of other stuff in grsecurity that is not in Safety
it is probably worth while to keep aware of what has been
published (even in
publications that (alas) seem to have narrow circulation) so that
if someone
claims patents on some of those functions, the patents can be disputed.

Glenn Everhart

-----Original Message-----
From: Jeff [mailto:jeff () xiir net]
Sent: Monday, March 31, 2003 10:14 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] grsecurity: Another one bites the dust...

http://www.grsecurity.net

Looks like another big company screwed over a team of innocent developers.
It's a shame, grsecurity had so much promise.

Figures.

-jeff
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

**********************************************************************
This transmission may contain information that is privileged,
confidential and/or exempt from disclosure under applicable law.
If you are not the intended recipient, you are hereby notified
that any disclosure, copying, distribution, or use of the
information contained herein (including any reliance thereon) is
STRICTLY PROHIBITED. If you received this transmission in error,
please immediately contact the sender and destroy the material in
its entirety, whether in electronic or hard copy format. Thank you
**********************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

grsecurity: Another one bites the dust... Jeff (Mar 31)
- Re: grsecurity: Another one bites the dust... Stephen Amadei (Mar 31)
- Re: grsecurity: Another one bites the dust... Stephen Amadei (Mar 31)
  - Re: grsecurity: Another one bites the dust... Brian Houk (Mar 31)
- Re: grsecurity: Another one bites the dust... martin f krafft (Apr 01)
- <Possible follow-ups>
- grsecurity: Another one bites the dust... Jeff (Apr 01)
  - RE: grsecurity: Another one bites the dust... smenard (Apr 01)
- Re: grsecurity: Another one bites the dust... Kelledin (Apr 01)
- RE: grsecurity: Another one bites the dust... Glenn_Everhart (Apr 01)
  - RE: grsecurity: Another one bites the dust... Andrew Hintz (Drew) (Apr 01)
  - RE: grsecurity: Another one bites the dust... Scott Phelps / Dreamwright Studios (Apr 01)
- RE: grsecurity: Another one bites the dust... madsaxon (Apr 01)
- RE: grsecurity: Another one bites the dust... Rainer Gerhards (Apr 01)