informa
/
4 min read
article

Does Microsoft's 'Sudo Patent' Protect User Account Control?

Has Microsoft gone one step closer to patenting the words "May I?" That's been the general sentiment about the granting of Microsoft's "Rights elevator" patent -- which would cover User Account Control ("UAC") in Vista and Windows 7, but possibly also the generic sudo command in Unix.

Has Microsoft gone one step closer to patenting the words "May I?" That's been the general sentiment about the granting of Microsoft's "Rights elevator" patent -- which would cover User Account Control ("UAC") in Vista and Windows 7, but possibly also the generic sudo command in Unix.

The exact wording in the abstract of the patent (#7,617,530) seems to describe UAC to a T:


Systems and/or methods are described that enable a user to elevate his or her rights. In one embodiment, these systems and/or methods present a user interface identifying an account having a right to permit a task in response to the task being prohibited based on a user's current account not having that right.

Such wording also describes any number of other mechanisms that were implemented before or around the same time -- not least of which is programs like Unix/Linux's su, sudo and gksudo. (All of these things work in slightly different ways but have the same basic concepts: running one program as another user with that user's privileges.)

As you can imagine, this has generated a massive wavefront of controversy from everyone with an even remotely skeptical view of software patents or Microsoft (e.g., Groklaw).

Much of the problem, I fear, lies in the way patent submissions work in general. They require such top-heavy language that contract lawyers run screaming into the night. You'd need a gallon of coffee and some flowcharting tools to figure out what exactly is being patented when you read the details for any patent claim, and this patent is no less convoluted. Most people read the abstract and quit there; going any further than that costs them too many brain cells.

From what little I've been able to figure out, the specific things covered by the patent are the fact that the user can be given the opportunity to escalate privileges when they attempt to do something they're not permitted to do, rather than denying them outright. The patent also covers things like providing a list of users who do have the right to perform said action, and to allow the guy at the keyboard to authenticate as one of those users. Microsoft seems to believe this last part that provides the biggest distinction between this patent and the generic implementations of it we've seen elsewhere. UAC works like this, so it's safe to assume this patent covers how UAC behaves when you run as a regular user and you try to do something that requires admin privilege.

But is that worth honoring with a patent? That goes back to the core problem: deciding what is and isn't worthy of being recognized as an original invention. I will play devil's advocate here and note that UAC was cited -- for better or worse -- as one of Vista (and now WIndows 7's) defining features, precisely because of the manner of its implementation and not just because it was implemented at all. Right now, that would seem to be one of the major hallmarks for what's patentable: is it a new wrinkle on something or just the same old? I know I found it at least somewhat novel, since the graphical implementations I saw elsewhere didn't have the choose-a-user element -- but that just makes me wonder what sort of experience a patent examiner needs to have to determine what the threshold is for "original" vs. "prior art".

The Bilski case before the Supreme Court right now could completely change the threshold between the two. From what few bits have leaked so far, it sounds like the judges are sympathetic to the idea that you can't patent a process unless it actually transforms something in the real world. It's left to us to define whether or not bits on a disk are a real-world thing, so you see how this may simply close one Pandora's Box and crack open yet another.

What Microsoft ought to do is issue a clarification about their intentions, or at least start some kind of dialogue to keep people from pre-emptively calling them patent trolls. It would be a nice tip of the hat, given how their patent filings are scrutinized with more intensity than most senators' tax returns.

InformationWeek has published an in-depth report on new software models. Download the report here (registration required).

Twitter: Me | InformationWeek
Facebook: InformationWeek