Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 1 of 22
`
`
`
`PAUL ANDRE (State Bar No. 196585)
`pandre@kramerlevin.com
`LISA KOBIALKA (State Bar No. 191404)
`lkobialka@kramerlevin.com
`JAMES HANNAH (State Bar No. 237978)
`jhannah@kramerlevin.com
`KRISTOPHER KASTENS (State Bar No. 254797)
`kkastens@kramerlevin.com
`KRAMER LEVIN NAFTALIS & FRANKEL LLP
`990 Marsh Road
`Menlo Park, CA 94025
`Telephone: (650) 752-1700
`Facsimile: (650) 752-1800
`
`Attorneys for Plaintiff
`FINJAN, INC.
`
`
`IN THE UNITED STATES DISTRICT COURT
`
`FOR THE NORTHERN DISTRICT OF CALIFORNIA
`
`SAN FRANCISCO DIVISION
`
`FINJAN, INC., a Delaware Corporation,
`
`
`
`
`
`
`Plaintiff,
`
`v.
`
`
`JUNIPER NETWORKS, INC., a Delaware
`Corporation,
`
`
`Defendant.
`
`
`
`Case No.: 3:17-cv-05659-WHA
`
`DECLARATION OF DR. MICHAEL
`MITZENMACHER IN SUPPORT OF
`PLAINTIFF FINJAN, INC.’S OPPOSITION
`TO DEFENDANT JUNIPER NETWORKS,
`INC.’S SECOND MOTION FOR SUMMARY
`JUDGMENT
`
`May 2, 2019
`Date:
`8:00 a.m.
`Time:
`Courtroom: Courtroom 12, 19th Floor
`Before:
`Hon. William Alsup
`
`
`
`
`
`
`REDACTED VERSION OF DOCUMENT SOUGHT TO BE SEALED
`
`
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 2 of 22
`
`
`
`I, Michael Mitzenmacher, hereby declare that:
`1.
`
`I have been asked by Plaintiff Finjan, Inc. (“Finjan”) to testify as an expert witness in
`
`the above referenced action. As part of my work in this action, I have been asked by Finjan to provide
`
`a declaration as to if Defendant Juniper Networks, Inc. (“Juniper” or “Defendant”) infringes Claim 9 of
`
`U.S. Patent No. 6,804,780 (the “’780 Patent”). I expect to testify at trial in these actions regarding the
`
`opinions set forth in this declaration, as well as on any other issues for which I have submitted or will
`
`submit an expert report in this action. I relied on the documents cited herein, including the ‘780 Patent,
`
`the file history of the ‘780 Patent, the source code review computer, source code printouts, the
`
`deposition transcripts of Juniper’s employees and Dr. Rubin, as well as exhibits thereto, Finjan’s
`
`Infringement Contentions, and Juniper’s Discovery Responses.
`I.
`
`BACKGROUND, EXPERIENCE AND QUALIFICATIONS
`2.
`
`My background is set forth in my previous declarations submitted in this case. Dkt.
`
`Nos. 127-6, 368-6.
`3.
`
`My rate of compensation for my work in this case is $750 per hour plus any direct
`
`expenses incurred. My compensation is based solely on the amount of time that I devote to activity
`
`related to this case and is in no way affected by any opinions that I render. I receive no other
`
`compensation from work on this action. My compensation is not dependent on the outcome of this
`
`matter.
`II.
`
`LEGAL STANDARDS
`4.
`
`Counsel for Finjan has informed me of the following legal standards that I have used as
`
`a framework in forming my opinions contained herein.
`5.
`
`My understanding of the framework for direct infringement and doctrine of equivalents
`
`is set forth in my previous declaration. Dkt. 127-6.
`6.
`
`My opinions below are from the perspective of a person of ordinary skill in the art
`
`(POSITA). My opinion on who would be a person of a person of ordinary skill in the art is set forth in
`
`my previous declaration (Dkt. 127-6). I note that Dr. Rubin has suggested slightly more experience
`
`and/or education for a POSITA in his declaration (Dkt. 370-6, Rubin Decl., ¶ 9), and I believe my
`
`opinions herein would be the same under either definition.
`
`1
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 3 of 22
`
`
`
`III.
`
`SUMMARY OF DECLARATION
`7.
`
`I have been asked by counsel for Finjan to consider if Juniper infringes Claim 9 of the
`
`‘780 Patent and to consider the opinions set forth by Juniper’s expert, Dr. Aviel Rubin, in support of
`
`Juniper’s Motion for Summary Judgment (Dkt. 370-6, “Rubin Decl.”). In particular, I have been asked
`
`by counsel for Finjan to consider whether the ATP Appliance infringes Claim 9 of the ‘780 Patent. I
`
`have also been asked to consider the state of the art and claim construction issues in Dr. Rubin’s
`
`declaration (Dkt. 370-6). I have reviewed Dr. Rubin’s declarations for Claims 1 and 9 of ’780 Patent
`
`submitted in this case. I note that the declarations have many of the same arguments. Thus, I also
`
`incorporate my rebuttals in my previous declaration (Dkt. 127-6) to the extent that is applicable.
`8.
`
` I assumed that Claim 9 of the ‘780 Patent is valid and enforceable. I have not
`
`considered any issues related to damages associated with this infringement.
`9.
`
`I understand Dr. Rubin is not providing a validity opinion on Claim 9 of the ’780 Patent.
`
`Ex. 1, Rubin (2019/03/09) Tr. at 30:19-31:17. To the extent that Dr. Rubin provides opinions that one
`
`or more claim elements are invalid, I reserve my rights to rebut.
`10.
`The language of Claim 9 of the ‘780 Patent is set forth below.
`9. A system for generating a Downloadable ID to identify a Downloadable,
`comprising:
`
`
`a communications engine for obtaining a Downloadable that includes one
`or more references to software components required to be executed by the
`Downloadable; and
`
`
`
`an ID generator coupled to the communications engine that fetches at least
`one software component identified by the one or more references, and for
`performing a hashing function on the Downloadable and the fetched
`software components to generate a Downloadable ID.
`IV. OVERVIEW OF THE ‘780 PATENT
`11.
`The ’780 Patent describes techniques for protecting computer systems against
`
`potentially malicious web content that would typically be downloaded to be run by a process such as an
`
`Internet browser. The patent refers to such programs as “Downloadables.” See e.g., Dkt. 371-5, ’780
`
`Patent at 1:50-55 (“A Downloadable is an executable application program downloaded from a source
`
`computer and run on the destination computer. Downloadables are typically requested by an ongoing
`
`2
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 4 of 22
`
`
`
`process such as by an Internet browser or web engine. Downloadables can include references to
`
`various software components. As one example, an HTML file includes a reference such as a tag to an
`
`iframe or a JavaScript script which dynamically obtains content for the HTML file. ’780 Patent at 2:5-
`
`6 (stating that Downloadables include Java applet, an ActiveX control, a JavaScript script, or a Visual
`
`Basic script). As another example, an executable (such as a JAR file) includes components such as
`
`Java classes where one Java class may contain reference to another. As yet another example, a PDF
`
`file includes a reference to a JavaScript script, or ActiveX code, where such script/code can be
`
`automatically executed.
`12.
`
`The ‘780 Patent specifies the generation and use of a “Downloadable ID” as an identifier
`
`for a Downloadable and the associated software components. Benefits of using a Downloadable ID
`
`include allowing the network security system to quickly identify previously seen Downloadables and
`
`thus avoid expensive re-analysis for Downloadables. It may also allow the security system to allow or
`
`block the Downloadable without further reanalysis. The use of a Downloadable ID can yield
`
`significant performance improvements in the Web environment. See, e.g., ’780 Patent at 8:7-20 (“The
`
`first comparator 320 in step 608 examines the lists of Downloadables to allow or to block per
`
`administrative override 425 against the Downloadable ID of the incoming Downloadable to determine
`
`whether to allow the Downloadable automatically. If so, then in step 612 the first comparator 320
`
`sends the results to the logical engine 333. If not, then the method 600 proceeds to step 610. In step
`
`610, the first comparator 620 examines the lists of Downloadables to block per administrative override
`
`425 against the Downloadable ID of the incoming Downloadable for determining whether to block the
`
`Downloadable automatically. If so, then the first comparator 420 in step 612 sends the results to the
`
`logical engine 333. Otherwise, method 600 proceeds to step 614.”).
`13.
`
`The ’780 Patent and Claim 9 describe the Downloadable as including one or more
`
`references to software components required to be executed by the Downloadable. ’780 Patent, Claim 9;
`
`see also ’780 Patent at 9:62-65. The ’780 Patent does not limit software components to be “external”
`
`or “internal”. The ’780 Patent describes fetching at least one referenced software component and
`
`performing a hashing function on the Downloadable and fetched component. ’780 Patent, Claim 9; see
`
`id. at 9:65-66 (“The ID generator 315 in step 840 performs a hashing function on at least a portion of
`
`3
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 5 of 22
`
`
`
`the Downloadable code … ”). A Downloadable ID can be generated based on the performance of the
`
`hashing function. Id.
`A.
`14.
`
`State of the Art
`
`It is my opinion that Claim 9 of the ’780 Patent is not directed to a well-understood,
`
`routine, and conventional concept at the time of the invention.
`15.
`
`It is my opinion that the concept of the ’780 Patent provides a specific improvement to
`
`computer security applications. The ’780 Patent addresses the problem of identifying a Downloadable
`
`where it includes references to software components. This “ID” can then be used to quickly determine
`
`information about the Downloadable because the identification function can be applied to an incoming
`
`Downloadable to determine if it is the same as a Downloadable that has already been seen, which is a
`
`much cheaper operation than reanalyzing the Downloadable.
`16.
`
`Furthermore, the ’780 Patent addresses the security issues caused by a Downloadable,
`
`which is an issue specific to computer network security. Additionally, at the time of the invention,
`
`Downloadables spreading through the Internet constituted a new type of threat. The existing solutions
`
`were not well-equipped to address this security issue. This is further evidenced by the fact that the
`
`validity of Claim 9 of the ’780 Patent was challenged both in district courts and in at least two IPRs.
`
`Finjan v. Blue Coat Systems Inc.(“Blue Coat I”), Case No. 5:13-cv-03999, Dkt. 438 at 5 (N.D. Cal,
`
`Aug. 4, 2015); Finjan, Inc. v. Sophos, Inc., Case No. 3:14-cv-01197, Dkt. 398 (Jury Verdict) (N.D. Cal.
`
`Sept. 21, 2016); Finjan, Inc. v. Secure Computing Corp., Case No. 1-06-cv-00369, Dkt.. 226 (jury
`
`verdict) (D. Del. March 12, 2008); Palo Alto Networks, Inc. v. Finjan, Inc., Case No. IPR2016-00165,
`
`Paper 7 (P.T.A.B. April 21, 2016); Blue Coat Systems, Inc. v. Finjan, Inc., Case No. IPR2016-00492,
`
`Paper 11 (P.T.A.B. June 8, 2016). All of these actions have found that Claim 9 is valid, which in my
`
`understanding shows that the invention presented in Claim 9 is novel.
`17.
`
` Comments on Dr. Rubin’s Analysis. I have reviewed the portion of Dr. Rubin’s
`
`declaration entitled “State of the Art” (¶¶ 14-23). I disagree with Dr. Rubin’s opinions.
`18.
`
`In paragraph 14 of his declaration, Dr. Rubin discusses “hashing functions” but there are
`
`inaccuracies in his description. For example, Dr. Rubin states, “[t]ypically, hashing functions are
`
`designed to minimize ‘collisions,’ meaning that each input ideally hashes to a unique output.”
`
`4
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 6 of 22
`
`
`
`However, while he states that “each input ideally hashes to a unique output,” that is not possible under
`
`any circumstance where the number of inputs is larger than the number of outputs. I understand that
`
`Dr. Rubin also testified to the inaccuracy of his statement in his previous deposition. Ex. 26, Rubin
`
`(2018/06/12) Tr. at 18:24-20:9.
`19.
`
`Dr. Rubin also states, in paragraph 14 of his declaration, that “[a]dditionally, in
`
`computer science applications, hash functions are expected to be non-invertible, meaning that it is
`
`computationally impractical to determine an input given only the corresponding hash.” This is not
`
`correct; the idealized non-invertible hash functions he describes are typically referred to as
`
`“cryptographic hash functions” (see e.g., https://en.wikipedia.org/wiki/Cryptographic_hash_function),
`
`and the requirement of non-invertibility (which generally is not guaranteed, and involves significant
`
`tradeoffs) is only expected or desired in specific computer science applications. While this desideratum
`
`does often appear in security applications, it is not a general property of hash functions, as Dr. Rubin
`
`suggests. Indeed, Exhibit 17 to the Declaration of Rebecca Carson in support of Juniper’s Motion for
`
`Summary Judgment (“Carson Decl.”) at page 508, citing Knuth, discusses two non-invertible hash
`
`functions (“let h(K) be three digits chosen from somewhere near the middle of the 20-digit product of K
`
`X K” and “we simply use the remainder module M: h(K) = K mod M.”).” Dkt. 371-21 at 508.
`
`Moreover, Dr. Rubin acknowledged in his testimony that hash functions do not have to be non-
`
`invertible. Ex. 26, Rubin (2018/06/12) Tr. at 18:24-20:9.
`20.
`
`I also disagree with Dr. Rubin’s conclusion that “one cannot determine the hash of the
`
`combination by simply combining the hashes of the components.” Rubin Decl. at ¶ 17. Dr. Rubin’s
`
`statement does not seem sensible. He appears to be saying that an MD5 hash for the word “Test” is not
`
`easily derived from the MD5 hash for “Te” and “st”, but that is irrelevant to the issues of the ’780
`
`Patent. It is possible to hash the word “Test” by applying an MD5 hash to the first half “Te”, and an
`
`MD5 hash to the second half “st”, and then combining the hashes in some way. Using sub-hashes to
`
`obtain a global hash is a common occurrence. A system implementing a hash function determines how
`
`the hash function should be applied to the file. For example, the system can choose to apply the hash
`
`function to only a portion of the file and use the output as the identifier for the file. The system can also
`
`choose to apply a hash function to multiple portions and link, combine, or append the resulting hash
`
`5
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 7 of 22
`
`
`
`values and use the linked, combined, or appended value as the identifier – in this case, the end result is
`
`determined by a hash function that utilizes various sub-hash functions on portions of the original file.
`
`The system can also apply a hash function to the entirety of the file.
`B.
`21.
`
`Benefits of the ‘780 Patent
`
`The ‘780 Patent describes systems and method for implementing a new solution that was
`
`part of Finjan’s pioneering technology. The ‘780 Patent provided benefits to this system because it
`
`specifically addressed Downloadables, which, at the time of the filing of the ‘780 Patent, represented a
`
`novel type of threat based on the growth of executable content downloaded on the Internet.
`22.
`
`In addition, at the filing of the ‘780 Patent, virus scanning was focused on “signature
`
`matching” where a set of signatures was scanned over a file. In this case, the signatures would be used
`
`to scan a file every time, and it was counterintuitive to make a separate ID for a file because the
`
`signature itself may identify the file. The ‘780 Patent thus provided a benefit, particularly for Finjan’s
`
`new behavioral based technology, because Finjan’s technology protected against Downloadables and
`
`generated IDs for the Downloadable and software components. A Downloadable ID achieves this
`
`efficiency by enabling the security system to allow or block the Downloadable without reanalyzing the
`
`Downloadable because the Downloadable ID can be used to determine if that Downloadable has
`
`already been seen by the security system, so that it does not need to be analyzed again, but its prior
`
`analysis can be used. As a result, these Downloadable IDs allowed Downloadables to be identified
`
`without needing to rescan them.
`23.
`Comments on Dr. Rubin’s Analysis. To the extent that Dr. Rubin uses paragraphs 18-
`201 of his declaration to argue that the claim 9 is well-known or does not have benefits, I disagree. The
`U.S. Patent No. 5,638,446 is about ensuring the integrity of a file by comparing the hashes of the file
`
`pre- and post- transmissions by using a trusted third party. This patent does not address the same issue
`
`as the ’780 Patent, which is not about ensuring a file is properly transmitted, and does not utilize a
`
`trusted third party. The U.S. Patent No. 5,815,709 does not address the same issue as the ’780 Patent,
`
`either. This reference does not disclose fetching at least one referenced component, nor does it disclose
`
`1 I note Dr. Rubin cited to U.S. Pat. No. 5,685,875 in ¶ 20 of his Declaration. However, this patent titled
`“Fluid sampling device for closed collection systems” has nothing to do with computer technologies. I
`reserve my right to rebut to the extent that Dr. Rubin changes to another patent.
`6
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 8 of 22
`
`
`
`hashing a Downloadable with a fetched component. The patent does not otherwise state that such an
`
`idea would have been well-understood, routine, and conventional, either. In fact, the two patents were
`
`previously asserted as prior art in an IPR on the ’780 Patent and Dr. Rubin submitted a declaration in
`
`that IPR arguing that the ’780 Patent is invalid in view of the two references. Palo Alto Networks, Inc.
`
`v. Finjan, Inc., IPR2016-00165, Exhibit 1002 (P.T.A.B.). The Board, however, denied institution of
`
`the IPR and found that the limitations of “fetching at least one software component identified by the
`
`one or more references” and “performing a hashing function on the Downloadable and the fetched
`
`software components to generate a Downloadable ID” were not taught by the two references. Palo Alto
`
`Networks, Inc. v. Finjan, Inc., IPR2016-00165, Paper 7 at 19-20 (P.T.A.B. Apr. 21, 2016).
`24.
`
`I disagree with Dr. Rubin in several respects in ¶ 22 of his Declaration. First, I disagree
`
`with Dr. Rubin’s opinion that “[b]y the time of the filing of the ’780 patent, executable software
`
`programs commonly included references to other software components, such as classes from the Java
`
`class library, that are required for execution but may not have been included in the code of the software
`
`program itself and thus needed to be fetched.” Rubin Decl. at ¶ 22. Dr. Rubin seems to suggest that
`
`components of the “runtime environment” would be considered as part of the fetched components. I
`
`disagree because this is equivalent to the operating system used for the Java Applet, and would not be
`
`considered one of the “software components.” Dr. Rubin’s additional discussion in ¶ 22 of his
`
`Declaration suggesting that the ’780 Patent refers to “Information retrieval” over the Internet, is out of
`
`place and not suggested by the ‘780 Patent itself which deals with the security of Downloadables. His
`
`alleged prior art reference U.S. Patent No. 5,694,546 is about obtaining information from the Internet
`
`for a user, such as product catalogs or new magazines, which is an entirely different context than the
`
`’780 Patent.
`25.
`
`I also disagree with Dr. Rubin’s opinion in paragraph 23 of his Declaration. Neither
`
`Browne (“Location-Independent Naming for Virtual Distributed Software Repositories”, Dkt. 96-19)
`
`nor U.S. Patent No. 5,835,777 (Staelin) discloses “hashing a file together with the fetched components”
`
`as required by the claim, and Staelin does not even use the word “hash”. Browne failed to disclose
`
`fetching referenced software components and hashing the file together with the fetched component
`
`within the meaning of the claim. More importantly, unlike the ’780 Patent, neither reference addresses
`
`7
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 9 of 22
`
`
`
`the issues caused by software components (e.g., dynamic scripts such as JavaScript scripts or iframes)
`
`referenced or included in a Downloadable.
`26.
`
`Furthermore, although I disagree with Dr. Rubin that Browne and Staelin disclose the
`
`hashing element of the ‘780 patent as claimed, for reasons mentioned earlier, I also note that Dr. Rubin
`
`has not shown that the element as claimed was well-understood, routine, and conventional. As one
`
`example, I note that the Staelin patent appears to be published in November 1998 which is after the
`
`priority date of the ’780 Patent, and thus Dr. Rubin failed to show that the concept in Staelin is well-
`
`known before the invention of the ’780 Patent.
`27.
`
`I note that Dr. Rubin’s analysis appears to break claim 9 into individual elements and
`
`allege each individual elements are well-known in various contexts not related to the claim language
`
`and ’780 Patent. He failed to consider the benefits of the claim 9 in view of the elements in
`
`combination. In fact, none of the alleged prior art references in Section V of Dr. Rubin’s Declaration
`
`discloses all elements of claim 9.
`V.
`
`CLAIM CONSTRUCTION FOR CLAIM 9 OF THE ‘780 PATENT
`28.
`
`I have been informed that claim construction is a legal issue for the Court to decide.
`
`Other than the terms specified below, I have applied the plain and ordinary meaning of the claim terms.
`A.
`29.
`
`I understand that Juniper does not dispute that the word “Downloadable” should be
`
`“Downloadable”
`
`construed as “an executable application program downloaded from a source computer and run on the
`
`destination computer.” Rubin Decl. at ¶ 31. Dr. Rubin, however, appears to re-interpret this agreed-
`
`upon definition by requiring an “executable application program” to have an entry point and executable
`
`code. Ex. 1, Rubin (2019/03/09) Tr. at 27:5-9. I note, however, Dr. Rubin’s definition is divorced
`
`from the specification of the ’780 Patent which does not impose these limitations. Even Dr. Rubin
`
`himself admits that “I am going off the top of my head here. Executable wasn’t one of the terms that I
`
`was asked to construe in this case. . . .” Ex. 1, Rubin (2019/03/09) Tr. at 25:16-18.
`B. “performing a hashing function on the Downloadable and the fetched software
`components”
`
`30.
`
`I also understand that the Court has issued an Order (Dkt. 177) on Claim 9 of the ‘780
`
`8
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 10 of 22
`
`
`
`Patent and construed the term “performing a hashing function on the Downloadable and the fetched
`
`software components” to mean “performing a hashing function on the Downloadable together with its
`
`fetched software components to generate a single hash value that identifies the contents of both the
`
`Downloadable and the fetched components”. Dkt. 177 at 10. I have applied the Court’s construction in
`
`this declaration.
`C.
`31.
`
`“fetching at least one software component identified by the one or more references”
`
`I understand that the parties dispute the meaning of the phrase “fetching at least one
`
`software component identified by the one or more references.” The parties’ positions are summarized
`
`in the chart below.
`Finjan’s Construction
`Plain and ordinary meaning, which is “retrieving
`at least one software component identified by the
`one or more references.”
`
`
`Juniper’s Construction
`“retrieving at least one software component that
`is referenced but not included in the content of
`the Downloadable”
`
`32.
`
`It is my opinion that a POSITA would understand this phrase with its plain and ordinary
`
`meaning. i.e. “retrieving at least one software component identified by the one or more references” as a
`
`POSITA would not find plain and ordinary meaning of the claimed phrase to be ambiguous. I
`
`understand that Dr. Rubin believes that this term should be construed as “retrieving at least one
`
`software component that is referenced but not included in the content of the Downloadable.” Rubin
`
`Decl. at ¶ 33. I note that Dr. Rubin’s opinion imported additional requirement that the software
`
`component must “not be included in the content of the Downloadable.” This interpretation is not
`
`supported by the claim language because it improperly substituted the phrase “identified by the one or
`
`more references” to be limited to references to content not included in the Downloadable. The claim
`
`language itself, however, imposes no requirements on the types of references.
`33.
`
`This interpretation by Dr. Rubin is not supported by the specification of the ’780 Patent,
`
`either. Indeed, the ‘780 Patent discloses that “fetching” can be performed on components internally or
`
`externally to Downloadable, and does not require one component to always be external. ‘780 Patent,
`
`Col. 4, ll. 56-58. One of the examples provided in the ‘780 Patent explicitly describes an example
`
`“Downloadable” as a “Java Applet.” ‘780 Patent at Col. 1, ll. 55-56. As is known to those of skill in
`
`the art, in a JAR archive file for a java applet, multiple components can be included, as listed in a
`9
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 11 of 22
`
`
`
`manifest file. Dkt. 129-12, Java in a Nutshell at FINJAN-JN 358557 (“all (or many) of the files an
`
`applet needs can be combined into a single JAR file, which an applet viewer or Web browser can
`
`download with a single HTTP request”). For this JAR file, “fetching” can be achieved through
`
`retrieving its software components (such as JAR classes) within the JAR file.
`34.
`
`The prosecution history does not provide a clear disavowal that supports Dr. Rubin’s
`
`claim construction. Specifically, I disagree with Dr. Rubin that the statements made in the prosecution
`
`history would dictate that the software components must be those pieces of the Downloadable that were
`
`not included in the contents of the Downloadable (Rubin Decl. at ¶ 35). The portion of the prosecution
`
`history cited by Dr. Rubin (Rubin Decl. at ¶ 28) states that the ’780 Patent “fetches Java classes
`identified by the applet bytecode” and “for an ActiveXTM control, the present invention fetches
`components listed in its .INF file.” Id. These examples only state that the fetching is for components
`
`identified for Java bytecode or .INF file. They do not limit the referenced components to be external to
`
`a Downloadable .
`35.
`
`In addition, the ability to recognize “the ‘same’ Downloadable regardless of how the
`
`Downloadable is subdivided and/or downloaded” (Rubin Decl. at ¶ 35) would not prevent the
`
`referenced components from being part of a Downloadable. I also note in a subsequent amendment in
`the prosecution history, the applicant clarified that “in some embodiments, the Downloadable ID may
`
`be used to recognize the ‘same’ Downloadable regardless of how the Downloadable is subdivided
`
`and/or downloaded before and/or during execution.” Dkt. 371-6 (Ex. 2 to Carson Decl.) Office Action
`
`Resp. at 5. The prosecution history does not limit the software components to be internal or external to
`
`the Downloadable. It only states that the benefits can be derived for being able to identify a
`
`Downloadable with the same Downloadable ID.
`36.
`
`To the extent that Dr. Rubin takes the position that missing components must be
`
`retrieved from the Internet, I disagree. Ex. 1, Rubin (2019/03/09) Tr. at 48:21-25. I note that the claim
`
`language and the specification do not have such a requirement. In addition, the specification describes
`
`fetching components for Java applet (see, e.g., ’780 Patent at 4:53-66) where the Java applet can be
`
`distributed with multiple classes aggregated into one file for distribution. As one example, when this
`
`JAR file is first used it is “extracted,” thereby causing multiple class files to be exposed from a single
`
`10
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`1 2 3 4 5 6 7 8 9
`
`10
`
`11
`
`12
`
`13
`
`14
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`25
`
`26
`
`27
`
`28
`
`

`

`Case 3:17-cv-05659-WHA Document 393-1 Filed 03/14/19 Page 12 of 22
`
`
`
`file so that they can be retrieved to build the Java Applet. Dkt. 129-12, Java in a Nutshell at FINJAN-
`
`JN 358556-57. Similar functionality can be utilized with ActiveX, with a CAB file and the .INF file
`
`playing the role of the manifest. Therefore, the ‘780 Patent includes a specific example where the
`
`fetching does not have to use external components.
`37.
`
`Dr. Rubin opined that “[a] POSITA would understand that one would only ‘include’
`
`components ‘in’ the code if they were part of the same file, not disparate files.” Rubin Decl. at ¶ 36. I
`
`disagree, because, as Dr. Rubin acknowledges, code often consists of and can consist of multiple files.
`
`Ex. 26, Rubin (2018/06/12) Tr. at 36:20-39:7. For example, Java Applet code can include references to
`
`components such as Java classes. These cases can be in different class files where one class can refer to
`
`another class.
`38.
`
`I also disagree with Dr. Rubin’s conclusion in ¶ 36 of his Declaration where he stated
`
`that “[t]he specification therefore makes clear that the software components to be fetched are the
`
`missing components that are ‘referenced’ but not included in the content of the Downloadable.” Rubin
`
`Decl. at ¶ 36. Dr. Rubin only relied on one figure (i.e. Fig. 8) in reaching his conclusion and ignored
`
`other portions of the specification which does not limit the software components to be those not
`
`included in the content of the Downloadable. See, e.g., ’780 Patent, 4:50-63. As one example, the ‘780
`
`Patent uses the term “embodied in” to describe certificates that are included with or in the received
`
`Downloadable and can be scanned to determine if the Downloadable was “signed” by a trusted
`
`authority. ‘780 Patent at 2:22-24 (“(4) a comparison of a certificate embodied in the Downloadable
`
`against trusted certificates”); id., 6:39-43 (“In path 3, the certificate scanner 340 determines whether the
`
`received Downloadable was signed by a certificate authority, such as VeriSign, Inc., and scans for a
`
`certificate embodied in the Downloadable. The certificate scanner 340 forwards the found certificate to
`
`the certificate comparator 345”). A person of ordinary skill in the art would understand that these
`
`certificates that are “embodied” in the Downloadable in a sense that they are attached to or included in
`
`the Downloadables that were signed.
`39.
`
`For similar reasons, I also disagree with ¶¶ 39-40 of Dr. Rubin’s Declaration.
`
`Specifically, I disagree with Dr. Rubin’s statement that “[g]iven the relevant context, it does not make
`
`sense to ‘fetch’ a software component that is already included within a Downloadable.” Rubin Decl. at
`
`11
`MITZENMACHER DECL. ISO OPP. TO JUNIPER’S 2ND MSJ CASE NO. 3:17-cv-05659-WHA
`
`