You are currently browsing the category archive for the ‘Misc’ category.

In what looks like an uphill tasks for Uniloc Singapore and Uniloc USA in their patent infringement case against Microsoft, they finally won the court case and was awarded a princely sum of $388 million for their perseverance.

The most ironic of the whole thing is, the court found that Microsoft has copied  the same algorithm in their anti-piracy software to prevent users to make copies of MS Office or Windows operating system that belongs to Uniloc.

The Federal Circuit concluded that the District Court erred in granting Summary Judgment by failing to credit this admission of Microsofts affiants confirming that the same algorithms at issue were used in Microsofts system. The Federal Circuit also flatly rejected all of Microsofts alternative claim construction arguments.

Uniloc sells a product call Softanchor that does, among others:

  • Prevents the creation, distribution, and use of unauthorized copies
  • Find out precisely who is using your software
  • Whether they’re legal or “unconverted” users
  • Where illegal copies originate and where they travel

Apparently Ric Richardson, an Aussie, now based in Orange County, the creator of the software, and founder of Uniloc, showed Microsoft of his invention back in 1993. So, if only Microsoft would have think ahead and just buy Uniloc back then, they would have save some money (and blushes) before the lawsuit was filed in 2003.

For some reason, an earlier report by Business Times said the award was like $588 mn, but I think the correct figure should be $388 mn, but it seems the jury can still raise the figure higher, if that’s true, it will be a wind fall for Uniloc.


In one of the weirdest anti-piracy commercials I have seen, this one takes the cake. It didn’t mentioned a word on video piracy or warned you like it used to.

Recently Guardian posted eight yester-year anti-piracy commercials.

You can see the contrast of the latest and the oldies, either way, the movie and music industry are still losing the war against illegal downloads, maybe a fresh new approach is required?

Obviously, the current method is not working and will continue to fail. 

Vodpod videos no longer available.
Michael Howard, Microsoft Sr Security Program Manager

Michael Howard, Microsoft Sr Security Program Manager


Michael Howard recently updated his blog on March 24 that Ken Johnson aka Skywing has joined his group in Microsoft.

Johnson in 2005, together with another hacker, Matt Miller aka Skape published a paper on how to bypass Window’s Data Execution Prevention (DEP).

This news looks like a continuing trend of Microsoft recruiting well known hackers that has proven themselves in the field of circumventing Windows defenses, which is a good thing.

Others who have joined Microsoft recently are:

Matt Miller, August 2008

Crispin Cowan,  January 2008

Adam Shostack, June 2006

One way to make a significant contribution is to join the market leader and make the change from within that organization itself and this is good for Microsoft as it evolves its Windows OS to be more secure over time. And ultimately its the consumers who benefit, a win-win scenerio.

I have yet to come across such thing hapening to Apple, though. And, lately I have been reading tonnes of news how insecure Mac OS X “Leopard” is, it scares me shitless that some still thinks that Linux/Unix or FreeBSD-based OS is inherently secure, which is not really the case anymore.

As Apple gains more market share, more hackers will be targeting it, since it’s going to be easy picking – less secure, less work, easy to exploit, make sense?

Update 29 March: Trend Micro reported that pirated Mac software has been found to be embedded with malware.


With today’s concern on ensuring a web server is properly configured and locked down, it’s still amazing to find (at times), a web server that somehow escaped the administrator’s scrutiny.

Usually, before a server goes ‘live’, one of the process is to do a penetration test or pen-test to ensure that the server is being properly configured and there is no information being leaked unintentionally ie Apache version should not be published. 

This is pretty basic stuff that any decent system admin or security admin who is worth his salt will know exactly what to do.

But, like the example shown above, not all companies give the same priority to this issue, this is until the server got hacked.


July 2018
« Apr    

Blog Stats

  • 1,702 hits