A patent troll is using a similar method of attack used by the anti-Linux bad-boy SCO in the first decade of the century to squeeze money out of customers who might be using software aligned to its patents.
SCO decided that instead of bothering companies who sold what it thought as its flavour of UNIX it would send writs to customers who were more likely to pay up.
More than 70 writs against AT&T, Priceline, Pinterest, Hyatt Hotels, Best Western, and Experia have been dispatched from CryptoPeak Solutions because they dare to have HTTPS websites. Many more are expected.
As you might expect, CryptoPeak claims it is based in Texas and can take advantage of the wonderful East Texas court system.
In May it bought US Patent 6,202,150, which describes “auto-escrowable and auto-certifiable crypto systems”.
It now claims that TLS-secured websites that use elliptic curve cryptography are infringing the patent – so it’s suing owners of HTTPS websites that use ECC. Most websites use ECC these days.
CryptoPeak wants damages, royalties, legal bills paid and a puppy for Christmas.
The invention was made by crypto gurus Dr Adam Young and Dr Marcel “Moti” Yung, and granted in 1997 and was focused on “a key recovery agent to recover the user’s private key or information encrypted under said user’s corresponding public key.” ECC does not really work that way but CryptoPeak claims there is an overlap between today’s ECC implementations and the patent it holds.
By suing customers, it must be hoping that it will get people to pay out rather than facing court. This backfired in the SCO case because IBM sued the outfit into a coma before its campaign could really get started.