It looks like Cenzic is suing SPI Dynamics (now owned by HP) over a patent infringement. Cenzic has patented fault injection. Cenzic obviously feels confident that SPI is infringing on the technology they have patented. It’s a strange move, given how many people have vested interesting in making this patent go away. Now that Cenzic has become litigious it seems like it would be in the best interest of the industry and indeed all companies everywhere that use other scanning technology to get the patent thrown out. At first I didn’t care about this when I first read about it but now that Cenzic has taken to suing companies, I feel compelled to take action.
Personally I hope that SPI wins this and the patent is thrown out for a number of reasons. I think the patent is both obvious, has been done prior to their claims and been invented by dozens of people and companies over the years who have released their findings under various copyrights and licenses (myself included - I built a number of tools that injected specific faults into systems as early as 1995 and let’s not forget SATAN written in 1993 and stuff like the PHF scanning worms in 1996). But most importantly it’s hostile to the industry as a whole. It would only make things far more difficult, inhibit innovation and reduce our ability to secure the Internet as a whole. I have nothing against Cenzic, but this patent must die. In the mean-time, until this patent is thrown out, you are taking a risk if you have built any fault injection scanning technology that does not license Cenzic’s patent. Everyone else, please submit your prior art to the comments of this post or to SPI’s lawyers as you see fit.