



back Microsoft patents file rights management Systems and/or methods are described that enable a user to elevate his or her rights. In one embodiment, these systems and/or methods present a user interface identifying an account having a right to permit a task in response to the task being prohibited based on a user's current account not having that right. Microsoft obtained yesterday patent 7,617,530 , a "rights elevator": People familiar with UNIX or Linux recognize immediately the file rights management that is inherent in the security that these operating systems offer. In particular, the command line instruction sudo does exactly what this patent claims: it allows a user to see a file or run a command for which it has no privileges. The sudo command dates back to around 1980. The file rights management predates this by many years. Is somebody asleep at the wheel at the US Patent Office? [Posted at 11/11/2009 08:16 AM by Christian Zimmermann on Software Patents comments(9)] Comments I have no idea if this patent would withstand the scrutiny typically associated with litigation, I find it remarkable that you apparently have not studied either the references cited during its prosecution, the file history associated with the patent, and its allowed claims. Considering just the cited references, it appears that many are directed to the systems you note in your article. For an organization that prides itself on "facts" to support its positions, this seems to be an uncharacteristic departure. [Comment at 11/11/2009 09:41 AM by MLS] Ummm... did you actually read the claims? They include a lot of limitations that go a bit beyond "sudo"--they are actually pretty narrow as claims go. As I'm sure you know, you can't evaluate a patent based solely on the title and description, yet that's what this post does. I would expect this sort of breathless, hyperbolic, fact-free article from Slashdot or some other non-IP source, not this blog. 1. One or more computer-readable media having computer-readable instructions therein that, when executed by a computing device, cause the computing device to present a user interface in response to a task being prohibited based on a user's current account not having a right to permit the task, the user interface comprising: information indicating the task and an entity that attempted the task; a selectable help graphic wherein responsive to receiving selection of the selectable help graphic, the computer-readable instructions further cause the computing device to present the information; identifiers, each of the identifiers identifying other accounts having a right to permit the task, wherein the identifiers presented are based on criteria comprising: frequency of use; association with the user; and indication of sufficient but not unlimited rights; one of the identifiers identifies a higher-rights account having a right to permit the task, wherein the one of the identifiers comprises: a graphic identifying the higher-rights accounts associated with the user; and a name of the higher-rights account; an authenticator region capable of receiving, from the user, an authenticator usable to authenticate the higher-rights account having the right to permit the task, wherein: the authenticator comprises a password, and the authenticator region comprises a data-entry field configured to receive the password. [Comment at 11/11/2009 09:51 AM by CK] As I read the documentation, I still do not see the substantial innovation compared to what UNIX and Linux have been offering for a long time. It is true that right-management pop-ups do not offer all this breadth of information about which account would allowed to do the task, but that is not the core of the patent, these are just bells and whistles that could easily be implemented if people actually cared about them. The only account that truely matters in the superuser account (or Administrator on Windows), and one can elevated oneself to superuser with sudo. [Comment at 11/11/2009 10:18 AM by Christian Zimmermann] @CK I'm not a lawyer, but I read the claims as best I could and I can't see a substantial difference between what this patent cover and what sudo does. I'm only familiar with sudo as a hobbyist Linux user who occasionally drops to the command line to write simple scripts or perform system updates, but it appears to me that sudo, in combination with other, already existing programs (multiple programs working together is the Unix way of doing things), seems to achieve the same thing being talked about in the part you posted. Are the first two comment authors familiar with sudo? If so, maybe a plain English interpretation or example would help me understand how this is supposed to be different from it, but from the outset the similarity is so great as to make me skeptical of the idea that any great advancement has been made that's worthy of granting a monopoly, that is, if I were in favor of the patent system in the first place. ;) [Comment at 11/11/2009 11:31 AM by Michael] Christian is right about the lack of information on a typical sudo pop-up window, but if the main advancement described by the patent is to present the user with a bunch of information explaining all the details about the temporary increase in a user's privileges, then that's not only a very weak innovation, but also poor user interface design. It's largely accepted that the vast majority of users don't read pop-up windows if they can possibly avoid it, they just click on them to make them go away. If you work with enough regular users, you'll see this constantly. They don't care what it says, they just want it gone. Joel goes so far as to say you should act like the user can't read when writing software: http://www.joelonsoftware.com/uibook/chapters/fog0000000062.html [Comment at 11/11/2009 11:40 AM by Michael] @CK it is *absolutely* sudo as it's implemented in X (Gnome, KDE, LXDE etc) Just so were on the same page.. you seem awfully quick to point out that the patent is very specific, yet you seem to have no idea about how these systems work. I suspect the examiner also saw lots of big words and thought that they sounded unique without really understanding what they mean, and I can bet they have no clue how *nix works. Since this is an exact description of that system. This patent is garbage, but its one more that they can use to spread FUD to linux adopters... which is all that matters. The threat of litigation is enough to scare anyone into buying your product. God bless America! [Comment at 11/11/2009 01:40 PM by Richard] Groklaw has something to say about this patent as well: http://www.groklaw.net/article.php?story=20091111094923390 [Comment at 11/11/2009 07:44 PM by Michael] Isn't one of the criteria for getting a patent supposed to be "not obvious to someone skilled in the art"? How does one square, with that, OS-authentication patents being examined solely by examiners that don't know beans about *nix? [Comment at 11/12/2009 11:03 AM by Nostromo] CK: Ah, so it is PolicyKit + metadata that they have patented? [Comment at 09/09/2010 03:07 PM by Natanael_L] Submit Comment Blog Post Name: Email (optional): Your Humanity: Prove you are human by retyping the anti-spam code.

For example if the code is unodosthreefour,

type 1234 in the textbox below. Anti-spam Code

UnoEightEightEight:

Post









