Upload File

reverse analysis and confidentiality of software

  • Home
  • Documents
  • Reverse analysis and confidentiality of software
3
Case report CASE REPORT REVERSE ANALYSIS AND CONFIDENTIALITY OF SOFTWARE David Bainbridge Mars UK Ltd vTeknowledge Ltd 11 June 1999, Chancery Division, is an important case involving allegations of infringement of copyright and database right in addition to an allegation of breach of confidence. It has impli- cations for reverse engineering of computer software and whether encrypted software can be subject to an obligation of confidence. Some aspects of the judgment are also relevant to software maintenance and whether there is a common law right, based on non-derogation from grant, to engage third parties to maintain software. THE FACTS The claimant, Mars UK Ltd, made coin operated machines and coin changing machines containing discriminators which checked to determine whether a coin was valid and its denomination. These discriminators contained sophisticated software residing on chips. The software was used to check whether a coin was legal tender and was based on algorithms to determine this and detect invalid coins or disks, known in the trade as 'slugs'. As valid legal coins vary in their dimen- sions and weight, each parameter checked had to have a win- dow of acceptable values. Working out these windows of values required a great deal of experimentation, skill and judg- ment. Initially, discriminators were fitted with PROM chips (programmable read-only memory). If there was a change in currency or a new slug came into circulation, it was neces- sary to replace the PROM chip with a new one. In 1990, Mars commenced the design of a new discrimi- nator, called the 'Cashflow', which used an EEPROM chip (electronically erasable programmable read-only memory). Software stored on EEPROM chips can be erased and new software can be installed on them. Mars wanted to make access to the software difficult for a number of reasons including the ability to control the reprogrmmning of the chips so that only Mars or its approved agents could do this. Therefore, the data in the software installed on the EEPROM chips was in an encrypted form. Mars realized that it would not be impossible to 'crack' the encryption system but con- sidered that it would be very difficult for a third party to do this. Mars did not publish the algorithms used or information concerning the windows used for particular coins. A number of independent service companies were autho- rized by Mars to reprogram the EEPROM chips.They had to hire a tool from Mars and pay a fee per EEPROM reprogrammed of around £10. These service companies were not given all the unpublished information relating to the algorithms and windows. The defendant was a company in the field of discrimina- tors and was an approved agent for other companies making coin machines. By a process of reverse engineering, the defen- dant learnt some time ago how to write to new PROMS or write to unused portions of old PROMS to take account of changes in coinage. Eventually, the defendant successfully reverse engineered the Cashflow machine.At the time of the trial, it was the only company to do so. THE CLAIMS Mars originally claimed thatTeknowledge had infringed copy- right and database right subsisting in the windows data and infringed copyright in the programs and discrimination algo- rithms. The infringements related to copying, including the making of transient copies of the program code. Mars also claimed that Teknowledge was in breach of confidence in relation to the encrypted information. From an acadeinic point of view, it was a something of a dis- appointment when Teknowledge conceded that it had infh- nged the copyrights and database fight, relying solely on the British Leyland defence. It would have been interesting to have some judicial analysis of the subsistence and infringement of the database right which has only been around since 1 January 1998. Nevertheless, what Jacob J had to say on the scope of that defence and on the confidence issue is very important in respect of reverse engineering of software and whether encrypted software contained in artides made available to the public can ever be subject to an obligation of confidence. BRITISH LEYLAND DEFENCE To any intellectual property lawyer, the decision in this case is notorious but it must be seen in the context of copyright law under the CopyrightAct 1956, before the Copyright, Designs and PatentsAct 19SScame into force. It had been discovered that copy- right in drawings could, potently, protect functional industrial designs for the life of the author of the drawing plus 50 years. However, designs which were registrable tinder the Registered DesignsAct 1949 were only protected for a nm_ximum of 15 years by registration and renewal. Whether or not such a design was registered, copyright protection was effectively limited to 15 328 Computer Law & Security Report Vol. 15 no. 5 1999 ISSN 0267 3649/99/$20.00 © 1999 Elsevier Science Ltd. All rights reserved

Upload: david-bainbridge

Post on 03-Jul-2016

216 views

Category:

Documents


4 download

Report

TRANSCRIPT

Page 1: Reverse analysis and confidentiality of software

C a s e r e p o r t

CASE REPORT REVERSE ANALYSIS AND CONFIDENTIALITY OF SOFTWARE David Bainbridge

Mars UK Ltd vTeknowledge Ltd 11 June 1999, Chancery Division, is an important case involving allegations of infringement of copyright and database right in addition to an allegation of breach of confidence. It has impli- cations for reverse engineering of computer software and whether encrypted software can be subject to an obligation of confidence. Some aspects of the judgment are also relevant to software maintenance and whether there is a common law right, based on non-derogation from grant, to engage third parties to maintain software.

THE FACTS

The claimant, Mars UK Ltd, made coin operated machines and coin changing machines containing discriminators which checked to determine whether a coin was valid and its denomination. These discriminators contained sophisticated software residing on chips. The software was used to check whether a coin was legal tender and was based on algorithms to determine this and detect invalid coins or disks, known in the trade as 'slugs'. As valid legal coins vary in their dimen- sions and weight, each parameter checked had to have a win- dow of acceptable values. Working out these windows of values required a great deal of experimentation, skill and judg- ment. Initially, discriminators were fitted with PROM chips (programmable read-only memory). If there was a change in currency or a new slug came into circulation, it was neces- sary to replace the PROM chip with a new one.

In 1990, Mars commenced the design of a new discrimi- nator, called the 'Cashflow', which used an EEPROM chip (electronically erasable programmable read-only memory). Software stored on EEPROM chips can be erased and new software can be installed on them. Mars wanted to make access to the software difficult for a number of reasons including the ability to control the reprogrmmning of the chips so that only Mars or its approved agents could do this. Therefore, the data in the software installed on the EEPROM chips was in an encrypted form. Mars realized that it would not be impossible to 'crack' the encrypt ion system but con- sidered that it would be very difficult for a third party to do this. Mars did not publish the algorithms used or information concerning the windows used for particular coins.

A number of independent service companies were autho- rized by Mars to reprogram the EEPROM chips.They had to hire a tool from Mars and pay a fee per EEPROM reprogrammed of around £10. These service companies were not given all the unpublished information relating to the algorithms and windows.

The defendant was a company in the field of discrimina- tors and was an approved agent for other companies making coin machines. By a process of reverse engineering, the defen-

dant learnt some time ago how to write to new PROMS or write to unused portions of old PROMS to take account of changes in coinage. Eventually, the defendant successfully reverse engineered the Cashflow machine.At the time of the trial, it was the only company to do so.

THE CLAIMS Mars originally claimed thatTeknowledge had infringed copy- right and database right subsisting in the windows data and infringed copyright in the programs and discrimination algo- rithms. The infringements related to copying, including the making of transient copies of the program code. Mars also claimed that Teknowledge was in breach of confidence in relation to the encrypted information.

From an acadeinic point of view, it was a something of a dis- appointment when Teknowledge conceded that it had infh- nged the copyrights and database fight, relying solely on the British Leyland defence. It would have been interesting to have some judicial analysis of the subsistence and infringement of the database right which has only been around since 1 January 1998. Nevertheless, what Jacob J had to say on the scope of that defence and on the confidence issue is very important in respect of reverse engineering of software and whether encrypted software contained in artides made available to the public can ever be subject to an obligation of confidence.

BRITISH LEYLAND DEFENCE To any intellectual property lawyer, the decision in this case is notorious but it must be seen in the context of copyright law under the CopyrightAct 1956, before the Copyright, Designs and PatentsAct 19SS came into force. It had been discovered that copy- right in drawings could, p o t e n t l y , protect functional industrial designs for the life of the author of the drawing plus 50 years. However, designs which were registrable tinder the Registered DesignsAct 1949 were only protected for a nm_ximum of 15 years by registration and renewal. Whether or not such a design was registered, copyright protection was effectively limited to 15

328 Computer Law & Security Report Vol. 15 no. 5 1999 ISSN 0267 3649/99/$20.00 © 1999 Elsevier Science Ltd. All rights reserved

Page 2: Reverse analysis and confidentiality of software

C a s e r e p o r t

years.This apparent anomaly in the term of protection for fimc- tional designs and aesthetic designs was compounded in the case of spare parts as many, not being registrable as designs, would enjoy long term protection through copyright in drawings. This was the problem facing the House of Lords in British I.eylaad Motor Corp Ltd v Armstrong Patents Co I.td [1986] AC 577 and the response of their Lordships was to refuse to enforce copy- right in drawings of exhaust pipes for motor cars even though, technically and in accordance with the 1956Act, there had been an infringement of copyright by the defendant who made replacement exhaust pipes for British Leyland motor cars after reverse engineering one of British Leyland's own exhaust pipes.

The main thrust of the decision was that based on the con- cept of non-derogation from grant which, in this context, meant that the owner of a complex object, which would need replacement parts during its normal life, had a right to a free market in replacement parts. In other words, the original man- ufacturer was not to be permitted to exercise his copyright in order to control the aftermarket in spare parts. Importantly, the 'right' to a free market extended so as to allow third party man- ufacturers to make spare parts without payment of a royalty.

The British Leyland principle survived the passing of the Copyright, Designs and Patents Act 1988 Act and this was con- firmed in Flogates Ltd. v Refco Ltd._[1994] 8 EIPR D-205 by Jacob J. Indeed, the Act itself suggests this and section 171(3) states that nothing in the part of the Act dealing with copy- right "...affects any rule of law preventing or restricting the enforcement of copyright, on grounds of public interest or otherwise". As far as computer software is concerned, it has even been accepted that there is an arguable case that British Leyland applies, for example, in Digital Equipment Corporation v LCE (unreported) 22 May 1992 and Intergraph Corp v Solid Systems CAD Services Ltd (unreported) 20 March 1992. However, the defence was unsuccessful in relation to copying a file transfer program in IBCOS Computers Ltd v Barclays Mercantile Highland Finance Ltd [1994] FSR 275. Nevertheless the defence may be appropriate in terms of soft- ware maintenance, for example, where a software company is unable or unwilling to maintain software it has licensed out.

BRITISH LEYLAND AND SOFTWARE MAINTENANCE Software maintenance is a vital issue in software procurement and software companies are reluctant to allow their software to be maintained by the licensee or by third parties. However, this locks in the licensee into long term reliance on the soft- ware company and lends itself to abuse such as where the soft- ware company increases its maintenance fee year on year at a rate exceeding inflation. It is certainly plausible for the British Leyland principle to apply in such circumstances.Additionally, where the software company is a major player, a refusal to allow maintenance by the client or third parties offering main- tenance services might well fall foul of European Community Competition law or the United Kingdom Competition Act 1998, when it comes into force next year.

It seems likely that British Leytand if it applies to software maintenance, will be limited to error correction only. For exam- ple, in Saphena Computing v Allied Collection Agencies_[1995] FSR 616 (decided in 1989), the software company provided a copy of the source code a n d it was held that the licensee could

use it for error correction only but not for making improve- ments to the program. This appears to limit the application of the British Leytand principle to error correction, the software equivalent of mechanical repair of a vehicle.

EROSION OF BRITISH LEYLAND In Mars v Teknowledge,Jacob J noted the cautious approach to British Leyland given in the judgment of Lord Hoffmann in Canon v Green Cartridge (I-Iong Kong) Ltd 1199711AC 728 with his veiled criticism of British Leyland. Giving the judgment of the Judicial Committee of the Privy Council, Lord Hoffmann said:

"It is of course a strong thing (not to say constitutionally questionable) for a judicially declared head of public pol- icy to be treated as overriding or qualifying an express statutory right. Their Lordships therefore think that the prospect of any extension of the British Leyland excep- tion should be treated with some caution." In Canon, the defendant made toner cartridges for the

plaintiff's laser printers and photocopying machines and claimed the British Leyland defence applied. However, it was held that the case was distinguishable from British Leyland as persons buying such machines would be likely to take into account the cost of replacement cartridges when deciding which machine to buy. The public policy argument was not effective as a manufacturer who priced his replacement car- tridges too highly would be likely to sell fewer machines.

The public policy is based on the need to prevent a man- ufacturer from using his copyright to control the aftermarket in spare parts. In Hyde Park Residence v Yelland (unreported) 2 February 1999 Jacob J recognized such a policy and said that the test to apply was whether "the court could be rea- sonably certain that no right-thinking member of society would quarrel with the result." He did not think that test was satisfied in Mars vTeknowledge and, hence, the British Leyland defence failed. An economic analysis of the market may assist the court in deciding the applicability of the defence but there was little evidence in Mars.Another factor which influenced Jacob J was that persons who buy sophisti- cated equipment controlled by computer programs normally look to the original manufacturer for maintenance and upgrading. Modifying the coin machines to respond to differ- ent coins was far removed from the concept of repair; even more so than in Canon. He said that the example drawn on by Lord Bridge in British Leyiand of repair by a blacksmith had no compelling analogy with this case.

SOFTWARE MAINTENANCE AFTER MARS The issue now is the effect of the judgment of Jacob J in Mars taking the restrictive view of the right to repair principle as expounded by Lord Hoffmann in Canon, has on software main- tenance and whether there is any room for the concept of non- derogation from grant.Jacob J thought that the expectation of persons buying computer-controlled equipment is that it will be maintained and modified by the original manufacturer rather than by a 'handy computer blacksmith'. Put in the con- text of the maintenance of licensed software, this suggests that maintenance by third parties is out of the question unless, of course, the licence agreement specifically allows this.

The question of software maintenance has always been a

329

Page 3: Reverse analysis and confidentiality of software

C a s e r e p o r t

thorny issue. Software companies have been loathe to allow others to maintain their software. There are two possible explanations for this. The first is that an agreement to main- tain software creates a long lasting contractual, and potential- ly rewarding relationship from the software company's perspective. Secondly, software companies are sensitive to the possibility of third party maintenance carried out badly reflecting on the software companies ' goodwill.

Powerful licensees may be able to insist that they have a copy of the source code and the ability to control maintenance of the software but others, especially non-exclusive licensees) have been in a much more vulnerable position. The software may have been made available on a'take it or leave it basis 'with an annually renewable maintenance agreement. In some cases, this may be perpetually renewable with no effective provision for termination by the licensee without cause.Jacob J failed to frilly address the commercial reality of software licensing when he said that purchasers of articles containing software expect the original supplier to provide maintenance and enhance- ment. They have had little choice. Many licensees would wel- come a free market in software maintenance.

BREACH OF CONFIDENCE AND ENCRYPTION As regards breach of confidence, Jacob J found in Mars v Teknowledge that the information contained within the soft- ware did not have the necessary quality of confidence about it, the first requirement for a breach of confidence action as set out by Megarry J in Coco v A N Clark (Engineers) Ltd [1969] RPC 41.Jacob J addressed this issue in a unusual man- ner, taking in factors that are more relevant to the second requirement of Megarry J, being an obligation of confidence.

Jacob J came to the conclusion that an article, when pur- chased, becomes the full property of the owner with the right to disassemble it to see how it operates and impart such infor- mation to anyone he pleases. This right was recognized by Morritt J in Alfa Laval v Wincanton [1990] FSR 583. However, he did add that obtaining such an article unlawfully to discover its secrets could give rise to an action for breach of confidence trader the 'springboard' doctrine, described in Terrapin v Builders Supply [1960] RPC 128. In that case Roxburgh J held that a rival who attempts to increase his lead illegally by steal- ing the information already gained by somebody else to save himself the time, trouble and expense, would expose himself to the possibility of an action for breach of confidence.The law of confidence merely stops another party using the 'springboard' method and gaining a march on another's efforts.

Finding that the information did not have the necessary quality of confidence,Jacob J still went on to consider anoth- er important question, being whether the act of encrypt ion of software imposed an obligation of confidence on a person obtaining or gaining access to a coin machine discriminator made by the claimant. That is, " . . .whether it is possible to impose confidentiality upon someone who receives informa- tion by purchasing an article in the open market."This point is of some significance to anyone considering an activity involv- ing reverse engineering. In terms of imposing an obligation of confidence on a person lawfully in possession of an article such as a coin machine, does the act of encrypting software give rise to an implied obligation of confidence? Does this mean, as stated by Mars, that the very act of encrypt ion

implies an obligation of confidence on a person by way of a declaration inferring that the material is confidential and should not be disclosed?

Jacob J decided that, although the act of encryption silently deterred access to the source of information, it did not mean that the information contained within it was confidential. It merely signalled to another person that the owner of the arti- cle strongly discouraged unauthorized entry. Purchasing an arti- cle legally on the market and reverse engineering it to discover how it operates would be considered a reasonable and accept- ed practice for competitors. Mars relied heavily on the Spycatcher case (Attorney-General v Guardian Newspapers (no2) [1990] 1 AC 109) and Lord Goff's reference to an "obvi- ously confidential document" falling accidentally into the receipt of an unintended recipient. However, in this case the recipient was the intended customer and the machines in question bore no warning of confidentiality upon them; indeed there was no notice of any encryption, by which time it would be far too late to impose any duty of confidence.Thus,Jacob J rejected the claim by Mars of breach of confidence in that encrypting information did not,per se, impose an obligation of confidence and that reverse engineering an article legally bought on the market was a given right to promote innovation and an interchange of different ideas.

The implications for owners of information embodied in equipment or articles made available to the public are serious. They will now be contemplating just how they can protect that information by technical and legal means. In terms of tech- nology, it may be a matter of using encryption algorithms which are more difficult to crack. Legal techniques may include the contractual imposition of an obligation of confidence as was successfldly done in K S Paul (Printing Machinery ) Ltd v Southern Instruments Ltd [1964] RPC 118, a case concerning a telephone answering machine with a contractual obligation not to dismantle it to determine how it worked. However, the position is much more difficult as regards third parties and sim- ply attaching a notice to a machine is tmlikely to be sufficient to impose an obligation of confidence.

Encouraging as this case is for reverse engineers , their activities may fall foul of other rights, no twi ths tanding the weaknesses in the law of conf idence . As in Mars v Teknowledge, the chances are that rights such as copy- right will be infringed. Decompil ing a compute r program, for example, will infringe unless wi th in the nar row decom- pi lat ion permi t ted act in sect ion 50B of the Copyright. Designs and Patents Act 1988. Making copies, inc luding t ransient copies, will infringe copyright in compute r pro- grams and data. However, a reverse eng ineer may still be able to get to the ideas and pr inciples under ly ing a com- puter program by vir tue of sect ion 296A(1) (c) of the 1988 Act which makes void any term or condi t ion in an agree- men t which purpor t s to prohibi t or restrict the use of any device or means to observe, study or test the func t ion ing of a compu te r program in order to unders tand the ideas and pr inciples under lying any e lement of the program. This may involve, for example, moni tor ing output pro- duced by r unn i ng a compute r program in order to under- stand its basic algorithm.

David Balnbridge and Lorraine Keenan Aston Business School Aston University

330


How Developers Drive Software Evolutionscg.unibe.ch/archive/papers/Girb05cOwnershipMap.pdf · Keywords: software evolution, software visualization, reverse engineering, development

Reverse engineering of AirCrack software - Freelaurent.fallet.free.fr/docs/concordia/aircrack.pdf · Reverse engineering of AirCrack software Summary Report on the reverse engineering

Reverse engineering reusable software components from

K. Salah1 Software Reverse Engineering Software Cracking Sometimes, the best way to advance is in reverse

Software Reverse Engineering and Cleanrooming, When Is It Infringement?

Software Engineering Education and Reverse Engineering · Introduction 16 th Workshop Software Engineering Education and Reverse Engineering . Jahorina, BiH. 22 nd – 26 th August

Software Maintenance Improvement Using Reverse Engineering

The Future of Computing Software in the Reverse

London Stock Exchange Admission and Disclosure Standards · London Stock Exchange Admission and Disclosure Standards ... Confidentiality ... B5: Reverse takeovers

Extending Reverse Engineering for Software Maintenanceselab.hongik.ac.kr/down/journal/201512474-477_woo-sung.pdf · 2016. 2. 1. · Extending Reverse Engineering for Software Maintenance

Software Part 4 Software 2 Software Reverse Engineering (SRE)

A Small Primer on Software Reverse Engineeringholgerkienle.wikispaces.com/file/view/MK-UVic-09.pdf · A Small Primer on Software Reverse Engineering ... Reverse engineering strategies

Reverse Software Engineering Large Object Oriented Software

Reverse Engineering Reusable Software Components from ...seriai/uploads/Enseignement/API.pdf · Reverse Engineering Reusable Software Components from Object-Oriented APIs ... of dependencies

Software Reverse Engineering · 2020. 2. 11. · VirtualBox VirtualBoxOption: Bridged Network Software Reverse Engineering Spring 2020 12 Windows VM Linux VM Native Applications Your

The Scope of Reverse Engineering of Computer Software under …nopr.niscair.res.in › bitstream › 123456789 › 19461 › 1 › JIPR 6(2) 94-1… · Reverse Engineering Reverse

Using Metrology Software to Capture Data for Reverse Engineering

55xx.drathus.comauthorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly

Reverse .NET Software IX

Vaxign Reverse Vaccinology Software Demo Introduction · 2014-03-25 · Vaxign Reverse Vaccinology Software Demo Introduction Zhuoshuang “Allen” Xiang, Yongqun “Oliver” He

Manutenzione e Reverse Engineeringunina.stidue.net/Ingegneria del Software 2/Materiale... · 2010. 12. 1. · Ingegneria del Software 2 – Manutenzione e Reverse Engineering 3 La

Reverse Engineering for Software and Digital Systems · Reverse Engineering for ... The scope of this report RE software and electronic hardware device ... Charles Kilgore, Richard

Reverse Engineering Software Code in Java to Show Method

Reverse Engineering and Code Annotations ITC-Irst - Software

Reverse Engineering Feature Models from Software Configurations

Reverse Software Engineering as a Project-Based Learning Tool

Reverse Engineering (640458) - Philadelphia University · Reverse Engineering (640458) Software RE Legacy Systems: Older software systems that remain vital to an organization

Software Reverse Engineering (SRE)

Software visualization in software maintenance, reverse ...jmaletic/cs63903/papers/Koschke03.pdf · Because the addressed people belong to the domainsof software maintenance, reverse

© SERG Reverse Engineering (Bunch) Software Clustering Using Bunch

Reverse Engineering and Computer Security · Reverse Engineering in the Computer Underground •Cracking software copy protection PC software and games modding the Xbox and Playstation

METHODOLOGY OF REVERSE ENGINEERING FOR LARGE …2.2. Reverse Engineering for mechanical components Several software solutions propose semi-automatic solutions for Reverse Engineering

Ghidra Software Reverse Engineering for Beginners

Reverse engineering of AirCrack software

Reverse Engineering Feature Models from Software Con …ceur-ws.org/Vol-1252/cla2014_submission_13.pdf · 2014-09-15 · Reverse Engineering Feature Models from Software Con gurations