"A judge on Tuesday ordered Microsoft to stop selling Word, one of its premier products, in its current form due to patent infringement.

Judge Leonard Davis of the U.S. District Court for the Eastern District of Texas issued a permanent injunction that "prohibits Microsoft from selling or importing to the United States any Microsoft Word products that have the capability of opening .XML, .DOCX or DOCM files (XML files) containing custom XML," according to a statement released by attorneys for the plantiff, [Toronto based] i4i".

Microsoft got bit by the very pet it's been nurturing.  Some of you may think I take some kind of perverse pleasure from this news.  And I do, but not for the reasons you might think.  Software patents are wrong. At its core, software is mathematics.  Mathematics cannot be patented.  Ideas cannot be patented.  Expressions of ideas cannot be patented.  Protection for the expression of ideas is well provided for through copyright.  The fact that these ideas are presented via an electronic computer ought not make them patentable.

Imagine, for a moment, a world where mathematics is patentable... 1 + 1 = 2 and "that will be $5 please".  Slope = rise / run.  Mathematically that's:

That's gotta be worth 200 bucks.  And, it's needed by everyone building roads, roofs, stairs and bridges etc.  In this world, if you can't afford enough mathematics you might as well not get out of bed in the morning.

Isaac Newton said "If I have seen further it is by standing on ye shoulders of Giants."  Science is built on the knowledge of those who have come before.  It has always been thus.  Could society have progressed if every generation, nay every individual, had to begin with the sum of human knowledge as it stood in the stone age?  This is precisely the world that the software patent lobby would have us inhabit.

So, am I happy to see Microsoft caught in this web?  You betcha.  Do I think the $277 million they've been ordered to pay will be enough to get them to see the light and fight to have these ludicrous patents overturned?  Not a chance.  But they will likely fight to have this particular patent invalidated and every brick removed from the wall helps.

The US courts and the US Patent and Trademark Office have recently offered some hope.  The US court of appeals decision on Bilski dramatically reduced the scope of eligible patent matter and the PTO has made it clear that they will be reviewing any number of questionable patents.

We're still a long way from where we need to be but there appears to be a flicker at the end of the tunnel.

Toronto Hydro has sent a letter notifying each of its customers of a security breach that has put customer information in the hands of a third party.  Taken by itself, the information revealed is not sufficient to cause financial loss. However, there is a concern that it may be enough to leverage other, more sensitive, data in a social engineering* gambit.

Even if you don't understand how, please accept the following as fact: Information has value.  Criminal organizations are behind the majority of data breaches you read about in the news.  Unscrupulous people with some technical savvy are more than happy to accept money for breaching security systems.  Seemingly innocuous data from disparate sources can be merged to create a more complete profile of an individual or organization that may potentially be used to facilitate improper access to further information or, perhaps, funds.

If any good can be taken from this unfortunate event let it serve as a reminder to limit, to the greatest extent possible, the information you provide to anyone with whom you choose to do business.  Rogers does not need your drivers license number to provide phone service.  Bell does not need your social insurance number to sell you ExpressVu.  If these organizations don't have the information, they can't inadvertently disclose it.  The fact that there is a box on a form in no way obligates you to disclose information that is irrelevant to the transaction at hand.  Privacy laws aside, ultimately you are responsible for the security of your personal information.

*Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.

"I told Microsoft I'm giving them their divorce papers" says City of Edmonton CIO Chris Moore.  Yes, it's true.  We are overjoyed to hear that someone spending public funds has finally realized that "we spend a ridiculous amount of money just to use the software" and, given that there are free and open-source alternatives available, this is not an intelligent use of those funds.

Moore says the IT department is also investigating a new virtualization software model that would push applications out to end-user computers from a centralized server, so it wouldn’t matter what kind of computer the user has – Mac, PC, netbook, desktop, whatever.  Of course, this is exactly the model that JC Kelly Microsolutions has been advocating for several years now so there's really nothing new here but, if you'd like to get another point of view, read the full article at Information Exec.

Lisa Severens, a clinical trials manager from Worcester, Massachusetts, learned the hard way. A virus took control of
her laptop and started sending pornographic photos to colleagues.

"I was mortified about having to deal with it at work," said Severens, whose employer had to replace her computer
because the malicious software could not be removed.

Ignoring for the moment the hyperbole about replacing computers because of malicious software that "could not be removed", this story, printed in today's Toronto Sun and published a week ago by Reuters, reminds us that there is no "safe haven" on the internet and that up-to-date protection is vital.  URL filtering, static block lists and signature based anti-virus software are, quite simply, inadequate protection against today's threats.  Seventy percent of the web borne threats identified by Google over the last year originated on legitimate sites that have been compromised.  They day when you could protect yourself by avoiding pornographic or illegal "warez" sites has long passed.

It's a question with connotations far beyond the words, but it is, nonetheless, the question I was asked today when I provided a client with a price to renew the anti-virus and anti-spam licenses for his one year old Net Integrator from Net Integration Technologies.

Some background is in order.  Net Integration Technologies Inc. was a Markham, ON based company with an incredible server appliance targeted at small businesses.  Over the past 7 years, I've installed and/or supported over 40 of these systems.  Suffice it to say we're familiar with them -- and happy.  In February 2008, the company was purchased by IBM.  Today, the fallout of that purchase landed on my client.

Prior to today, the cost for his prospective purchase was $870.  As of two o'clock this afternoon, it's $2,749.  A whopping 216% increase.  Oh, to be sure, he's getting other things for that money.  The new price also includes an upgrade to the latest version of the operating system, now called Lotus Foundations Start, and a year of software assurance. Only... The client doesn't need the new version of the operating system and still has almost a year of software assurance remaining from his last purchase.  Obviously, at IBM, software assurance doesn't really assure much at all.

Whatever will he do?

A study by the A. James Clark School of Engineering at the University of Maryland found that an Internet connected PC will be attacked at a "near-constant rate" -- every 39 seconds on average.

The study, conducted by Michel Cukier, Clark School assistant professor of mechanical engineering and affiliate of the Clark School's Center for Risk and Reliability and Institute for Systems Research, profiled the behavior of "brute force" hackers, who use simple software-aided techniques to randomly attack large numbers of computers. The researchers discovered which usernames and passwords are tried most often, and what hackers do when they gain access to a computer.

"Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections," Cukier notes.  "The computers in our study were attacked, on average, 2,244 times a day."

Without a reliable network infrastructure, your business is at risk

The potential risk to your business comes in many forms:

• Theft of sensitive company information - client lists, competitive data, trade secrets
• Theft of bank account or credit card information
• Theft of network bandwidth and misuse of your company assets
• Destruction of data
• Productivity loss
• Damage to reputation