Kim Dotcom Wants Money From Google, Twitter For 2-Factor Authentication

Nyder writes "Kim Dotcom posted via Twitter, with a link to Torrentfreak, that he owns a security patent US6078908, titled 'Method for authorizing in data transmission systems.'" Techdirt points out that Dotcom isn't just asking for financial help: Instead, he's asking companies which use two-factor authentication "to help fund his defense, in exchange for not getting sued for the patent. He points out that his actual funds are still frozen by the DOJ and (more importantly) that his case actually matters a great deal to Google, Facebook and Twitter, because the eventual ruling will likely set a precedent that may impact them -- especially around the DMCA." Update: 05/23 14:23 GMT by T : Why is this relevant to Twitter? If you're not an active Twitter user, you might not realize that (after some well publicized twitter-account hijackings), the company is trying to regain some ground on security. Nerval's Lobster writes "Twitter is now offering two-factor authentication, a feature that could help prevent embarrassing security breaches. Twitter users interested in activating two-factor authentication will need to head over to their account settings page and click the checkbox beside 'Require a verification code when I sign in.'"

Re:Here's what you say

[lxs]

Someone should lock Julian Assange, John Mcaffee and Kim Dotcom in one room for a month and film it. I'd probably pay to watch that.

Re:Here's what you say

[serviscope_minor]

Please add Steve Ballmer and a good supply of chairs.

Re:

[Anonymous Coward]

Are you Slashdot's most renowned trolls? If so then why should we listen?

Re:Here's what you say

[DogDude]

Kim Dotcom would just eat the other two.

Re:

[Nadaka]

That depends on if Mcaffee has a supply of bath salts.

Re:Here's what you say

[PRMan]

First, Ballmer throws a chair at Assange but he catches it and stands on it to make sure that he's bigger than everyone in the room. Dotcom then eats Mcafee but immediately has a heart attack because of eating too much salt. Ballmer charges at Assange but his plan of attack is all screwed up and he hits the wall instead. Assange writes about the deaths of all the others on a Wikileaks exclusive.

Re:

[AlphaWolf_HK]

Bass to mouth?

Re:

[cavok]

You are missing RMS there..

Re:

[Anonymous Coward]

The DOJ is actively trying to do exactly that.

Better than all the shit on TV now

[TiggertheMad]

...You sir, are the most brilliant programming exec I have ever met.

Of course, that really is kind of a backhanded insult, but still....

Re:

[MightyMartian]

Indeed. Would somebody please put this worthless piece of crap in jail.

Extortion maybe?

[zitsky]

What is the definition of extortion, Alex?

Re:Extortion maybe?

[GodInHell]

Offering to waive a right in return for settlement without bringing suit is not extortion.

Re:Extortion maybe?

[Yvanhoe]

It is, but in US it is legal.

Re: Extortion maybe?

[iamhassi]

Doesn't matter, he has no money to fight his own legal battles, much less go after google. And wasn't he arrested for having a website that encouraged stealing movies? Ironic he's now upset people are "stealing his patent" (quotes because he hasn't proven anything in court yet)

Re:

[MightyMartian]

If he has no money to fight his legal battles, he has no money to sue Google or anyone else. So I think the appropriate response should "Fuck off."

Re: Extortion maybe?

[NFN_NLN]

If he has no money to fight his legal battles, he has no money to sue Google or anyone else. So I think the appropriate response should "Fuck off."

That's how you know the system is working properly: winning isn't based on the validity of the patent... it's based on how much money you have.

Sarcasm off.

Re:

[Absolutely.Geek]

exactly what I was thinking!

Re:

[Yvanhoe]

You say it like it is not an intended feature...

Re: Extortion maybe?

[tattood]

If he has no money to fight his legal battles, he has no money to sue Google or anyone else.

I'm sure one of the many patent troll companies would be happy to foot the bill for the legal costs in return for a large chunk of the settlement if they win.

Re:Extortion maybe?

[K. S. Kyosuke]

Offering to waive a right in return for settlement without bringing suit is not extortion.

Wow, that means that the Prenda and MAFIAA guys are actually good guys!

Re:

[Anonymous Coward]

Threatening others with patents are bad... Well until it's done by someone we like. Then clearly it's okay. Slashtard hypocrisy never fails to amuse.

Re:

[bsane]

Don't hate the player, hate the game ;-)

Re:

[Anonymous Coward]

The game is not something separate and apart from those playing it. It ~is~ the players.

Re:

[Runaway1956]

The second AC to post sums it up. Without the players, there is no game. The players ARE the game.

Re: Extortion maybe?

[iamhassi]

We don't like Kim dotcom

Re:

[Desler]

So explain the hivemind circle jerks that go on whenever one of the many gushing submissions about him are posted.

Re:

[DahGhostfacedFiddlah]

I'd never heard of Kim Dotcom before the raid, and my opinion of him has been shaped solely by /. comments (who has time to RTFA?). So I'm in a pretty good position to comment on the "Slashtard hypocrisy".

The general consensus seems to boil down to "He's a dick who's on the right side of one specific issue". So you'll see comments supporting him in the one specific issue, but you'll see other comments decrying his general dickishness - including his current patent trolling.

However, I'm not really sure hav

Re:

[gstoddart]

So, "give me money to help defend against this lawsuit or I will file one against you" isn't extortion?

I'm not sure I agree with that interpretation.

Re:

[Desler]

Nice mental gymnastics there. If this were Mosaid doing the exact same thing the comments would be filled with nothing but attacks and how the patent is invalid and obvious, etc. Interesting to see that apparently Kim Dotcom has the only valid software patent in existence.

Re:

[Khyber]

"What is the definition of extortion, Alex?"

Funny that you ask me, since I have an extortion charge on my criminal record.

This isn't extortion. There's no criminal threat to cause bodily harm or injury to reputation going along with the demand for money. 'Pay or I sue' is not extortion. 'Pay or I'll hurt you somehow' is.

This is essentially how our patent system is supposed to work.

Re:

[Desler]

And yet when other companies do this they are string up and all the comments are about how trivial and obvious it is. But now that it's a Slashdot hero the comments are strangely silent on that.

Re:

[Desler]

Because numerous posters treat him as such. He also gets plenty of gushing stories posted about him by the editors. Are you being intentional dense?

Re:

[cheekyjohnson]

I've seen people stick up for his rights, but I haven't really seen where a majority of people here think he's an actual hero.

Re:

[PoolOfThought]

Numerous voters treat the current president as a hero who only poops sunshine and rainbows and is constantly fighting the good fight. And numerous voters treat the previous one as such also. It doesn't make either one of those an "American hero" - not even close.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[gstoddart]

Except this is "help pay for my legal defense against this, and I won't sue you for that".

The suggestion of a lawsuit over an unrelated matter would definitely seem to be a threat, and would therefore be extortion, no?

Re:

[Khyber]

No, there needs to be direct threat of personal injury or harm to a protected status in order to trigger extortion.

Nothing Dotcom has said applies.

Re:

[Anonymous Coward]

If Khyber said: "The law clearly says, that threatening others with lawsuit IS extortion", then in your mind he wouldn't be a hypocrite, yes? Only then, he'd be lying. Let me quote an actual lawyer, Hanna Hasl-Kelchner:

"Getting sued is no fun. But to determine whether it rises to the level of extortion requires a closer look at what extortion really is.

Legally, extortion happens when someone unlawfully gets something (money, goods, or services) through coercion. So we have two key drivers of this definitio

Re:

[gstoddart]

Well, hopefully there's an equivalent point in law for what they're doing -- because it has a lot of the same hallmarks as extortion.

Re:

[Khyber]

If Kim files suit and the suit is found frivolous, there's a chance of extortion charges being laid against him, but more likely he'll be hit with vexatious litigant status and from there, pretty much no lawyer will take up any of his cases, except public defenders when he lands in a court room on criminal charges.

Re:

[Anonymous Coward]

I've known Kim since the Amiga days here in Germany, I've met him many times. He is possibly the most dishonest person I've ever met. I'm saddened he's become a poster boy for the Torrent/Anti-Big Media crowd. His profiteering from piracy distracts from real issues. Very sad.

Re:

[Desler]

Impossible! Kim Dotcom is a freedom-fighting hero! How dare you speak ill of him! You fucking MAFIAA shill!

Good luck enforcing that patent

[Anonymous Coward]

I don't see Kim hopping on a US-bound plane to sue the infringing companies any time soon. They must be shaking in their boots.

Re:Good luck enforcing that patent

[PRMan]

I'm pretty sure they said it was valid in a dozen countries and that Google, Facebook, Twitter, etc. are international companies...

doesn't he also have

[nopainogain]

a couple million dollars in the central bank of Nigeria that he needs our help to recover?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:How about this?

[Anonymous Coward]

How about we not give a free pass to a patent troll just because he used to host a popular, thinly veiled warez site?

Re:

[Xarvh]

Because he's fighting TEH SYSTEM!
Kinda.

Empty threat

[SirGarlon]

I seriously doubt Kim Dotcom is in a position to actually litigate his patent claim. Financially, that is.

Re:

[Anonymous Coward]

What does that say for 'anyone' with a legitimate patent claim but no funds to defend it?

Re:

[Desler]

Where has it been determined that he has a valid patent claim?

Re:

[PoolOfThought]

Well, presumably, when he filed for that patent he knew what he was patenting. He and his lawyers came up with the a set of "claims" that are the actual meat of the IP. And if some actor later comes and inserts a product into the market that could not have been created without stepping on one or more of the claims in the patent then he knows one of two things:

(1) he has a valid complaint that the person is stepping on his IP
or
(2) whoever wrote the claims in his patent did so in such that there was a wor

Re:

[doconnor]

He could sell the patent to someone who can.

Re:

[Anonymous Coward]

I seriously doubt Kim Dotcom is in a position to actually litigate his patent claim. Financially, that is.

It doesn't matter. He can just sell the patent to Yahoo or Apple or Patent Trolls R Us, or whoever and then they can litigate it.
   

Kim-Dot-Con

[Shoten]

It bears mentioning that Kim Dotcom was once named Kimble Schwartz, who basically went from one moneymaking scheme to another. Kimvestor, for example, got him jailed for securities violations. YIHAT was a front of an organization that tried to rally people around hacking terrorists. The list goes on and on. About 15 years ago he was noted as being a fraud in the security space, despite claiming to be a hacker. I think he got lucky with Megaupload, but now he's back to his old usual failing-yet-highly-vocal self.

Re:

[MetalliQaZ]

Don't forget the "music career" with that tasteless music video!

Re:

[Shoten]

Don't forget the "music career" with that tasteless music video!

Oh yeah! Forgot about that one...it's easy to lose track of all the ways this self-indulgent butthead has tried to reinvent himself.

Re:Kim-Dot-Con

[Anonymous Coward]

I'm surprised this was actually modded up here... The hivemind has something of a hard-on for Kim Dotcom, anyone who was even mildly critical of him during the Megaupload situation was immediately dismissed as a troll.

It's rather smugly satisfying to see him turn the tables completely and reveal himself as a patent troll now that he needs some extra cash. It's even more satisfying to know that he's ALWAYS been a money grubbing scumbag, because from what you've posted here, those same people running to his defense should have known better.

Re:

[Ian A. Shill]

I would say there's a shitload more than a degree of nuance if you want to compare Kim Dotcom with starving families in Calcutta. Perhaps you mean to speak of the starving family as "groups whose collective food intake is less than Kim Dotcom" or "things than Kim Dotcom could eat in one sitting".

I'm only watching this freak show for the entertainment value, myself.

Eh, the situation isn't exactly as clear-cut as it appears though. Is he acting like a patent troll? Yes. But could he pay for his own legal defense? No.

He's as much a patent troll as someone who steals a loaf of bread to feed their starving child in the Calcutta slums is a thief. There's a degree off nuance to the whole thing. Although his past actions do make it clear he's doing this to get rich and doesn't care about the politics...if we all benefit from this fight (by having less draconian copyright laws) then why not root for him, for now at least?

Re:

[Fallout2man]

I would say there's a shitload more than a degree of nuance if you want to compare Kim Dotcom with starving families in Calcutta. Perhaps you mean to speak of the starving family as "groups whose collective food intake is less than Kim Dotcom" or "things than Kim Dotcom could eat in one sitting".

I'm only watching this freak show for the entertainment value, myself.

You "would" but you didn't. So what exactly ARE you saying? I even explained how this benefits us and all you've got is a cheap shot at his weight? Come on; I expected better. ;p

Re:

[Ian A. Shill]

I would say there's a shitload more than a degree of nuance if you want to compare Kim Dotcom with starving families in Calcutta. Perhaps you mean to speak of the starving family as "groups whose collective food intake is less than Kim Dotcom" or "things than Kim Dotcom could eat in one sitting".

I'm only watching this freak show for the entertainment value, myself.

You "would" but you didn't. So what exactly ARE you saying? I even explained how this benefits us and all you've got is a cheap shot at his weight? Come on; I expected better. ;p

Kim Dotcom is not comparable to a starving family Calcutta. The crack about his weight was not very mature, I'll give you that, but Kim Dotcom is hardly starving. Last I was aware, he was still living in a large mansion, and where I come from, if you don't have money, you don't live in a home like that. What I am saying, is what I did say, I'm only watching this for the entertainment value. My reasons are that I can't bring myself to care what Kim Dotcom does, because I am prejudiced with regards to him,

Re:

[Fallout2man]

Kim Dotcom is not comparable to a starving family Calcutta. The crack about his weight was not very mature, I'll give you that, but Kim Dotcom is hardly starving. Last I was aware, he was still living in a large mansion, and where I come from, if you don't have money, you don't live in a home like that. What I am saying, is what I did say, I'm only watching this for the entertainment value. My reasons are that I can't bring myself to care what Kim Dotcom does, because I am prejudiced with regards to him, I feel he's an attention whore. But that's just me. My attention wrt this situation is the (apparent) overwhelming use of force in raiding this man's home. I don't see a whole lot of difference between mega download or whatever he was running, and other file locker services, but I have never used any of them, so my knowledge is admittedly limited.

I think the use of U.S. law enforcement resources to enforce copyright(s) is beyond what I would consider appropriate.

Are you happy now? You made me say *something*.

Quite! ^_^ And the difference is he had all of his financial assets frozen at the time of the raid by the U.S. government. Yes he HAD money, but that money was confiscated from him and cannot be used to fund his defence. That's why this is so important. Kim Dotcom, the magnificent bastard that he is, is our best hope for bringing a court case up that could establish sane copyright law.

It's not pretty, I wish he didn't have to do any of this. Yet, I see the necessity of it. How else is someone who just lost

Re:Kim-Dot-Con

[SirGarlon]

I always thought he was a scumbag. I don't understand why Slashdot and others treat him like some kind of folk hero.

Re:Kim-Dot-Con

[Desler]

Enemy of my enemy, apparently.

Schmitz not Schwartz

[Anonymous Coward]

Actually is name was Schmitz not Schwartz but the rest is true: http://en.wikipedia.org/wiki/Kim_Dotcom

Go ahead, sue Google

[MetalliQaZ]

See what happens.

Re:Go ahead, sue Google

[Laxori666]

Um. Kim's actual twitter message [twitter.com] was "Google, Facebook, Twitter, I ask you for help. We are all in the same DMCA boat. Use my patent for free. But please help funding my defense." That's not really threatening to sue, that's asking for help. Yellow journalism much?

Re:Go ahead, sue Google

[Desler]

I never sued them. I believe in sharing knowledge & ideas for the good of society. But I might sue them now cause of what the U.S. did to me

From here [twitter.com]. In your hasty attempt to defend Kim Dotcom you might have wanted to actually do a but more research.

Re:

[PRMan]

I still think it's more of a "I might have to sue because I have no money to operate." He really doesn't want to do it, but I can see how people can read it as a thinly-veiled threat, especially given his background.

Re:

[Laxori666]

Oh true. I blame the article for not posting a more relevant link & twitter for being hard to use.

Re:

[Anonymous Coward]

No, what we need now is for NewEgg to make a two-factor auth system on their website. Then wait until they get sued, and...

Re:

[Ian A. Shill]

He should start with Newegg.

See what happens.

interesting quote FTFA

[sl4shd0rk]

"I believe in sharing knowledge & ideas for the good of society. But I might sue them now cause of what the U.S. did to me,"

Sounds like the typical ire most people have towards the US legal system right now. Including the US itself.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Bill, Shooter of Bul]

They do apply to sending a code via text message that needs to be input to complete authentication... Which is exactly how twitter is doing it. I wouldn't be surprised if there is prior art.

Re:

[Java Pimp]

Interesting point. There were fewer devices in '98 available to be used to receive a back channel message. Could this be a case of technology evolving so fast it obviates a patent before it has expired? What might have been considered non-obvious then would certainly be obvious now.

Say what you will....

[kermidge]

Whatever you may think or say about Kim, he's got some interesting moves. (I don't yet have much of a viewpoint on him beyond what I just said, being too busy learning to make good popcorn and trying to follow what's what.)

Is this a really a plea for help, or extortion, or patent-trolling (the latter two might be synonymous)?

On the related matter, I've not read the whole law and am curious: Are violations of DMCA to be pursued under civil or criminal law? Or either one or both depending on circumstance?

Prior Art - ATM?

[Kwyj1b0]

It baffles me that two-factor authentication patents can be valid. Haven't ATM machines always done that (One factor - the ATM card, the second factor is the PIN)? What about USB key+password decryption? I know the patent system is broken, but this should get thrown out when challenged. More interesting, what advice is Dotcom's lawyer giving him? Or does New Zealand legal system not provide lawyers to someone arrested there who can't afford one?

Re:

[Jahta]

It baffles me that two-factor authentication patents can be valid.

Me too. According to Google's patent search, he filed the patent in 1998. In 1996 I worked on an online banking application that used two-factor authentication. Each customer was issued with a hand-held device (about the size of a small calculator) which generated a transaction authorisation number (TAN) in response to a challenge from the online system. The devices were commercially available at least two years before the patent filing.

Re:

[pellik]

1992- Swipe card. My voice is my passport, verify me. Is that prior art here?

Re:

[Kaenneth]

Which costs more; paying lawyers to defend Dotcom; or paying lawyers to defend a Patent case?

Which one has the worst-case outcome, for the shareholders?

Re:

[Anonymous Coward]

RSA's two factor auth has been around since before Kim Dotasshat

Re:

[david_thornley]

A patent on two-factor authentication itself would be invalid. A patent on a particular way of doing it can be legally valid. Presumably, Dotcom's patent describes a specific technique.

RSA's SecureID

[nocloo]

I'm pretty sure SecureID uses 2-factor authentication before Kim's patent. Where you enter the password, a token is generated and you have to enter the key before access is granted.
I guess the different maybe the token is automatically generated every min instead of being transmitted to to a secondary device. If his patent is validated in court, it's worth a lot more than the 50mil he asked.
 

Re: This is in our favor

[kurkosdr]

Guys, guys guys! This can only end up in OUR FAVOR. Let's see... Kim's company (mega.co.nz) is not a "non-practicing entity", so the only way Google and Twitter could avoid paying him whatever he asks, is to set some rules on what can be patented when it comes to software patents. Not as good as abolishing soft patents at all, but a win nevertheless.

In need of money for defense = No money for offens

[businessnerd]

So if he is admitting that he needs financial help with the defense of his current court battle, it would be a pretty reasonable assumption that he does not have the funds to initiate a second court battle. Sounds like a pretty empty threat, if you ask me.

A troll by any other name still smells foul

[sirwired]

"Fund my defense in return for me not suing you about my worthless patent" doesn't make you any less of a troll than "Pay me money in return for me not suing you about my worthless patent."

Excutive Order

[ThatsNotPudding]

Look soon for a Presidential Executive Order finding that if you are an Enemy Combatant against the Entertainment State, any patent you possess is null and void - along with any sense of openness, honesty, or due process.

After reading the patent, Google is in the clear..

[sl3xd]

After having actually read the patent, it looks like Google Authenticator, for example is in the clear.

The patent states that the following must occur:

1.) User inputs a password
2.) Authenticating device receives the password from #1, generates a password, and sends this new password out-of-band to an external device. (Pager, phone, etc)
3.) Person then reads the password from the device
4.) Person inputs the new password into their computer
5.) Computer sends second password over to authenticating device.
6.) Authenticating device finally grants access.

Google authenticator works differently.
1.) User input password
2.) User inputs password read from device
3.) BOTH are sent over the network to the authenticating computer, at the same time.
4.) Authenticating computer grants access.

Note that Google Authenticator does not generate the 'multi-factor' password after receiving the first password from the user.

The multi-factor password is streamed passed to the (pager, phone, etc.) every X seconds.

It's an entirely different mechanism.

Which means that my already low opinion of this guy is now lower, as he's descended into obvious patent troll territory.

Re:

[heypete]

Note that Google Authenticator does not generate the 'multi-factor' password after receiving the first password from the user.

The multi-factor password is streamed passed to the (pager, phone, etc.) every X seconds.

No it's not. Google Authenticator implements TOTP [wikipedia.org] which depends only on having a reasonably accurate clock and a previously-agreed-upon shared secret from which the codes are generated.

When one uses Google Authenticator, one gets a shared secret from Google (which can be easily input in the form of a QR code, though one can manually input it as well) and adds it to the GA app. When one wishes to authenticate to a service (e.g. a Google Account or any other service that implements TOTP), the app uses the cur

Re:

[sl3xd]

I stand corrected.

TOTP is still very much outside the realm of Kim's patent.

Frozen..

[Roogna]

Not on either side of the issue, but if all his funds are frozen, wouldn't that also include any valuable assets he might own. Such as a patent...