Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 1 of 162 PageID #: 64236
`
`902
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE EASTERN DISTRICT OF TEXAS
`TYLER DIVISION
`
`VIRNETX INC., ET AL,
`
`PLAINTIFFS,
`
`VS.
`
`APPLE INC.,
`
`DEFENDANTS.
`
`
`
`CIVIL ACTION NO.
`6:12-CV-855-RWS
`
`
`)(
`)(
`)(
`)(
`)(
`TYLER, TEXAS
`)(
`)( OCTOBER 29, 2020
`)(
`1:18 P.M.
`)(
`
`TRANSCRIPT OF JURY TRIAL
`AFTERNOON SESSION
`BEFORE THE HONORABLE JUDGE ROBERT W. SCHROEDER, III
`UNITED STATES DISTRICT JUDGE
`
`APPEARANCES:
`
`FOR THE PLAINTIFF:
`BRADLEY W. CALDWELL
`JASON D. CASSADY
`JOHN AUSTIN CURRY
`CALDWELL CASSADY & CURRY
`2121 N. Pearl St., Suite 1200
`Dallas, Texas 75201
`T. JOHN WARD, JR.
`WARD, SMITH & HILL PLLC
`1507 Bill Owens Parkway
`Longview, Texas 75604
`R. CHRISTOPHER BUNT
`PARKER BUNT & AINSWORTH
`100 East Ferguson, Suite 418
`Tyler, Texas 75702
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`902
`
`IN THE UNITED STATES DISTRICT COURT
`FOR THE EASTERN DISTRICT OF TEXAS
`TYLER DIVISION
`
`VIRNETX INC., ET AL,
`
`PLAINTIFFS,
`
`VS.
`
`APPLE INC.,
`
`DEFENDANTS.
`
`
`
`CIVIL ACTION NO.
`6:12-CV-855-RWS
`
`
`)(
`)(
`)(
`)(
`)(
`TYLER, TEXAS
`)(
`)( OCTOBER 29, 2020
`)(
`1:18 P.M.
`)(
`
`TRANSCRIPT OF JURY TRIAL
`AFTERNOON SESSION
`BEFORE THE HONORABLE JUDGE ROBERT W. SCHROEDER, III
`UNITED STATES DISTRICT JUDGE
`
`APPEARANCES:
`
`FOR THE PLAINTIFF:
`BRADLEY W. CALDWELL
`JASON D. CASSADY
`JOHN AUSTIN CURRY
`CALDWELL CASSADY & CURRY
`2121 N. Pearl St., Suite 1200
`Dallas, Texas 75201
`T. JOHN WARD, JR.
`WARD, SMITH & HILL PLLC
`1507 Bill Owens Parkway
`Longview, Texas 75604
`R. CHRISTOPHER BUNT
`PARKER BUNT & AINSWORTH
`100 East Ferguson, Suite 418
`Tyler, Texas 75702
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 2 of 162 PageID #: 64237
`
`903
`
`FOR THE PLAINTIFFS:
`
`ANDY TINDEL
`MT2 LAW GROUP
`MANN TINDEL THOMPSON
`112 E. Line Street
`Suite 304
`Tyler, Texas 75702
`
`FOR THE DEFENDANT:
`GREGORY S. AROVAS
`ROBERT A. APPLEBY
`JEANNE M. HEFFERNAN
`JOSEPH A. LOY
`LESLIE M. SCHMIDT
`AARON D. RESETARITS
`KIRKLAND & ELLIS LLP
`601 Lexington Avenue
`New York, New York 10022
`AKSHAY S. DEORAS
`KIRKLAND & ELLIS LLP
`555 California Street
`San Francisco, California 94104
`MICHAEL E. JONES
`POTTER MINTON
`110 North College Avenue, Suite 500
`Tyler, Texas 75702
`
`COURT REPORTER:
`
`Ms. Shelly Holmes, CSR, TCRR
`Official Court Reporter
`United States District Court
`Eastern District of Texas
`Marshall Division
`100 E. Houston
`Marshall, Texas 75670
` (903) 923-7464
`
`(Proceedings recorded by mechanical stenography, transcript
`produced on a CAT system.)
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 3 of 162 PageID #: 64238
`
`904
`
`P R O C E E D I N G S
`(Jury out.)
`COURT SECURITY OFFICER: All rise.
`THE COURT: Okay. Are we ready to have the jury
`brought in? Any issues we need to discuss?
`MR. CASSADY: Yes, Your Honor. I was just going
`to let you know that I was going to enter some PDXs before
`they went to the next witness.
`THE COURT: After the jury comes down?
`MR. CASSADY: Yes.
`THE COURT: That's fine. And then are y'all going
`to officially rest after that?
`MR. CALDWELL: Yes.
`THE COURT: That's fine. I think the remote
`witness is ready and all systems seem to be go.
`So let's have the jury brought in, please.
`COURT SECURITY OFFICER: Yes, Your Honor.
`(Jury in.)
`THE COURT: Please be seated.
`All right. Mr. Cassady, you wish to move some
`exhibits into evidence?
`MR. CASSADY: Yes, Your Honor. I'm going to try
`this one more time.
`We have just demonstrative exhibits, Your Honor.
`The Kendall Larsen slides are PDX-3.1 to 3.2. The
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`12:46:15
`12:46:15
`
`12:46:15
`
`01:18:07
`
`01:18:10
`
`01:18:15
`
`01:18:18
`
`01:18:22
`
`01:18:22
`
`01:18:22
`
`01:18:24
`
`01:18:28
`
`01:18:28
`
`01:18:31
`
`01:18:35
`
`01:18:39
`
`01:20:03
`
`01:20:03
`
`01:20:04
`
`01:20:06
`
`01:20:08
`
`01:20:10
`
`01:20:11
`
`01:20:15
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 4 of 162 PageID #: 64239
`
`905
`
`Weinstein -- Roy Weinstein slides are PDX-5.1 to 5.43, and
`5.45 to 5.48.
`And in addition, we've had other PDXs marked,
`PDX-5, which is the Apple list of products or features with
`the green circling on them. PDX-6 is the assumptions
`related to the hypothetical negotiation bar chart. PDX-7
`is the Skype downloads and iOS. And then PDX-8 is the
`Aastra per unit. And the PDX-9 is the who, what, how much
`and how badly Apple needs it document. And we move those
`to be admitted as demonstratives.
`THE COURT: All right. All of those as
`demonstratives, is that correct?
`MR. CASSADY: Yes.
`THE COURT: Any objection on Apple's part?
`MR. AROVAS: Not as demonstratives, Your Honor.
`THE COURT: All right. Very well. Those will be
`received, Mr. Cassady.
`MR. CALDWELL: Your Honor, Plaintiff rests.
`THE COURT: All right. Thank you very much.
`Mr. Caldwell. At this time, Apple may call its
`next witness.
`MR. APPLEBY: Thank you, Your Honor.
`Apple calls Dr. Matthew Blaze.
`THE COURT: Dr. Blaze, if you could, raise your
`right hand for me, please, and be sworn.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:20:20
`
`01:20:26
`
`01:20:29
`
`01:20:35
`
`01:20:40
`
`01:20:47
`
`01:20:52
`
`01:20:59
`
`01:21:04
`
`01:21:08
`
`01:21:09
`
`01:21:11
`
`01:21:12
`
`01:21:14
`
`01:21:16
`
`01:21:18
`
`01:21:19
`
`01:21:20
`
`01:21:22
`
`01:21:24
`
`01:21:29
`
`01:21:30
`
`01:21:44
`
`01:21:50
`
`01:21:52
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 5 of 162 PageID #: 64240
`
`906
`
`(Witness sworn.)
`
`MATTHEW BLAZE, Ph.D., DEFENDANT'S WITNESS, SWORN
`TESTIFYING BY REMOTE VIDEO
`DIRECT EXAMINATION
`
`BY MR. APPLEBY:
`Q. Good afternoon, Dr. Blaze.
`A. Good afternoon.
`Q. Would you please introduce yourself to the jury?
`A. Sure. I'm Matthew Blaze. I'm a professor of computer
`science and law at Georgetown University in Washington.
`Q. What is your area of expertise as a professor at
`Georgetown University?
`A. So I study and do research in computer security,
`network security, cryptography, large-scale systems,
`privacy, the implications of some of this technology on
`public policy issues, and related areas.
`Q. And by large-scale systems, you mean large computer
`networks?
`A. That's right. Things like the -- the Internet and very
`large-scale systems where everybody might not trust
`everyone else.
`Q. Now, Dr. Blaze, are you appearing today as an expert
`witness?
`A. I am.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:21:58
`
`01:22:09
`
`01:22:09
`
`01:22:11
`
`01:22:12
`
`01:22:15
`
`01:22:19
`
`01:22:23
`
`01:22:27
`
`01:22:28
`
`01:22:36
`
`01:22:42
`
`01:22:48
`
`01:22:50
`
`01:22:54
`
`01:22:54
`
`01:22:58
`
`01:23:02
`
`01:23:02
`
`01:23:07
`
`01:23:07
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 6 of 162 PageID #: 64241
`
`907
`
`Q. And what were you asked to do?
`A. So I was asked to look at the patents at issue in this
`case, the Apple technology that has been found to use these
`patents, the other technologies that VirnetX has licensed
`its patents to, and understand what the technology is, how
`the patents apply to it, and how it fits in broadly.
`Q. So, Dr. Blaze, I'm going to come back to those topics a
`bit later. For now, I'd like to step back and review your
`background.
`Could you describe for me your education after
`high school?
`A. Yes. So I -- after high school, I attended the City
`University of New York where I got my Bachelor's degree in
`computer science. And then I moved on to Columbia
`University for my Master's degree, also in computer
`science. And then finally completed my studies at
`Princeton University where I completed my Ph.D. in computer
`science, specializing in large-scale systems.
`Q. Now, did you take a job after receiving your Ph.D.?
`A. I did. I went to work at AT&T Bell Laboratories, which
`was the research arm of AT&T and then, prior to that, the
`old Bell Telephone System.
`Q. And why did you choose to join Bell Laboratories at
`that time?
`A. Well, at the time, which was 1993, this was an
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:23:07
`
`01:23:09
`
`01:23:17
`
`01:23:25
`
`01:23:32
`
`01:23:39
`
`01:23:44
`
`01:23:49
`
`01:23:52
`
`01:23:52
`
`01:23:55
`
`01:23:55
`
`01:24:03
`
`01:24:08
`
`01:24:14
`
`01:24:18
`
`01:24:25
`
`01:24:28
`
`01:24:32
`
`01:24:35
`
`01:24:43
`
`01:24:48
`
`01:24:50
`
`01:24:57
`
`01:24:57
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 7 of 162 PageID #: 64242
`
`908
`
`unbelievably good opportunity for me. Bell Labs was really
`the primary premiere research laboratory for
`telecommunications, large-scale systems, and the
`technologies that surround it. And it had some of really
`the -- the top researchers in a wide range of fields.
`So the opportunity to join a lab and -- and be
`able to work with people I really only read about in -- in
`books and -- and papers was incredibly exciting to me.
`Q. Now, what became the focus of your own research at Bell
`Laboratories?
`A. So I -- again, I'm very interested in large-scale
`systems and computing and communication technology that
`supports that. And it was very clear in the early 1990s
`that, as the Internet grows and is used for more important
`things, a central problem to -- to growing and being useful
`is security and trustworthiness.
`So my research focused more and more on the
`security aspects of systems, using technologies like
`cryptography and other things to make systems trustworthy
`and resist abuse by -- by bad people.
`Q. Now, did there come a time when you left Bell Labs?
`A. I did. In -- at the end of 2003, I took a job to join
`the faculty at the University of Pennsylvania where, as a
`professor, I -- I continued the kind of work that I had
`been doing but also had the -- the privilege of teaching
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:25:02
`
`01:25:08
`
`01:25:16
`
`01:25:19
`
`01:25:26
`
`01:25:33
`
`01:25:35
`
`01:25:42
`
`01:25:45
`
`01:25:49
`
`01:25:49
`
`01:25:55
`
`01:25:57
`
`01:26:02
`
`01:26:09
`
`01:26:13
`
`01:26:16
`
`01:26:22
`
`01:26:26
`
`01:26:31
`
`01:26:37
`
`01:26:41
`
`01:26:50
`
`01:26:54
`
`01:26:58
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 8 of 162 PageID #: 64243
`
`909
`
`and advising graduate students.
`Q. And you were a professor of computer science at the
`University of Pennsylvania?
`A. That's right.
`Q. And how long did you spend at that university?
`A. So I stayed there until two years ago. The end of 2008
`[sic], I joined the faculty at Georgetown University where
`I am currently a professor of computer science as well as,
`in parallel, a professor in the law school.
`Q. And why did you choose to -- to take those positions at
`Georgetown?
`A. So the work that I do often has an impact on larger
`public policy issues and -- and -- and legal questions.
`Things like privacy and surveillance often come up not just
`as technical matters where they're quite complicated but
`also interact with society at large.
`And so the opportunity to spend some of my time
`working with legal and public policy specialists as well as
`law students has been very exciting and invigorating for
`me.
`Q. Now, Dr. Blaze, are you a lawyer?
`A. I'm not.
`Q. So what kind of courses do you teach at Georgetown?
`A. The same kinds of courses that I -- I taught at -- at
`Penn, computer security, computer operating systems,
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:27:01
`
`01:27:04
`
`01:27:10
`
`01:27:10
`
`01:27:11
`
`01:27:13
`
`01:27:19
`
`01:27:24
`
`01:27:32
`
`01:27:35
`
`01:27:38
`
`01:27:39
`
`01:27:46
`
`01:27:50
`
`01:27:56
`
`01:28:01
`
`01:28:04
`
`01:28:10
`
`01:28:15
`
`01:28:19
`
`01:28:19
`
`01:28:21
`
`01:28:22
`
`01:28:26
`
`01:28:33
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 9 of 162 PageID #: 64244
`
`910
`
`networks, privacy. And at Georgetown, I'm also teaching
`some courses that are aimed specifically at second- and
`third-year law students.
`Q. Now, do you also conduct research?
`A. I do. I -- I continue the same kind of research that I
`have been doing for my career on computer security,
`cryptography, privacy-related areas.
`Q. Now, something that we've talked a lot about in this
`case are virtual private networks, or VPNs. Have you had
`any experience conducting research related to VPNs?
`A. Yes, I do. Actually, with my colleague, John Ioannidis
`in the early 1990s, we developed a protocol, algorithms
`and -- and -- and communication techniques called swIPe,
`which encrypts and authenticates Internet packets
`between -- between computers on the Internet.
`And that protocol ended up being one of the
`predecessors for what we now call the IPSec system, which
`is used for VPNs today.
`Q. Now, Dr. Blaze, have you authored any articles or
`publications related to computer and communication
`security?
`A. Yes. I'm afraid as a professor and -- and researcher,
`that's a big part of my job.
`I've written a little over a hundred articles and
`papers and so on throughout my career. Some of those are
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:28:37
`
`01:28:43
`
`01:28:49
`
`01:28:50
`
`01:28:52
`
`01:28:57
`
`01:29:02
`
`01:29:05
`
`01:29:08
`
`01:29:13
`
`01:29:16
`
`01:29:23
`
`01:29:30
`
`01:29:35
`
`01:29:41
`
`01:29:43
`
`01:29:48
`
`01:29:53
`
`01:29:56
`
`01:30:00
`
`01:30:02
`
`01:30:02
`
`01:30:07
`
`01:30:09
`
`01:30:14
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 10 of 162 PageID #: 64245
`911
`
`academic research papers that are intended for other
`researchers to -- to read and -- and understand or
`criticize or build on.
`Others are more general interest. Articles,
`newspaper op-eds and technical reports, as well as, you
`know, written testimony for various, you know, legislative
`bodies.
`Q. Have you given any speeches or presentations on
`computer security issues?
`A. That's also a big part of my job. I, for example, have
`had the -- the great privilege of being asked about 10
`times now to testify before Congress on technical matters
`that affect legislation that's under consideration, and I
`also give, you know, talks and conference presentations as
`part of my general research.
`MR. APPLEBY: Your Honor, I offer Dr. Matthew
`Blaze as an expert in computer networks and computer and
`communication security.
`THE COURT: Any objection?
`MR. CALDWELL: No, sir.
`THE COURT: Very well.
`MR. APPLEBY: So why don't we bring up the slides
`
`now.
`Q. (By Mr. Appleby) And, Dr. Blaze, you said earlier that
`you've been asked to look at a number of different topics
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:30:19
`
`01:30:24
`
`01:30:32
`
`01:30:33
`
`01:30:38
`
`01:30:47
`
`01:30:50
`
`01:30:51
`
`01:30:57
`
`01:31:00
`
`01:31:04
`
`01:31:08
`
`01:31:13
`
`01:31:18
`
`01:31:23
`
`01:31:25
`
`01:31:28
`
`01:31:31
`
`01:31:32
`
`01:31:33
`
`01:31:34
`
`01:31:38
`
`01:31:40
`
`01:31:45
`
`01:31:47
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 11 of 162 PageID #: 64246
`912
`
`for this case. What topics will your testimony cover
`today?
`A. So I'll be talking about computer security broadly and
`in particular how that relates to the security features of
`Apple's iOS operating systems. I'll be talking about
`VirnetX's patents and what they actually mean technically.
`I'll be talking about Apple's VPN on Demand feature in
`particular. And I'll also be talking about the products
`made by other vendors that have been licensed to use
`VirnetX's Voice over IP patents.
`Q. Now, how does your testimony relate to the issues the
`jury will be deciding in this case?
`A. So the -- I'm providing the context that the patents
`and the technology exist in. So to understand how the
`patents and Apple's features fit in broadly to computer
`security as a whole and to the other features in iOS.
`Q. Now, what materials, if any, did you review in your
`analysis?
`A. So I looked at quite a bit of material. Of course, I
`looked at the VirnetX patents and the court filings related
`to those patents. I looked at the -- the prior art, the
`previous inventions that those patents built on. And I
`looked at the technical documents that describe Apple's
`products, VirnetX, and VirnetX's licensees, as well as
`quite a bit of other material.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:31:50
`
`01:31:53
`
`01:31:54
`
`01:31:59
`
`01:32:05
`
`01:32:11
`
`01:32:17
`
`01:32:23
`
`01:32:28
`
`01:32:32
`
`01:32:37
`
`01:32:41
`
`01:32:43
`
`01:32:48
`
`01:32:54
`
`01:32:59
`
`01:33:03
`
`01:33:08
`
`01:33:09
`
`01:33:13
`
`01:33:19
`
`01:33:23
`
`01:33:26
`
`01:33:33
`
`01:33:37
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 12 of 162 PageID #: 64247
`913
`
`Q. Thank you, Dr. Blaze.
`So I'd like to start with Apple's products at
`issue in this case.
`What Apple products are involved in this case,
`Dr. Blaze?
`A. So the Apple products are the devices that run what's
`called the iOS operating system Version 7 and later. And
`that includes the iPhone smartphone, the iPad tablet, as
`well as the iPod music player.
`Q. Now, you mentioned something called iOS. What is that?
`A. So iOS is the -- the software that runs the computer's
`operating system, which is the main software that controls
`the device, the apps running on it, and its interaction
`with the rest of the world.
`Q. So I'd like to talk about the security features that
`the Apple iOS products provide.
`What are we looking at here, Dr. Blaze?
`A. So this is an excerpt from an Apple presentation
`intended to describe the security features of iOS to
`potential customers and others who are interested in the
`technical details.
`MR. APPLEBY: And for the record, this is
`DTX-1199.
`Q. (By Mr. Appleby) So I'd like to focus on this in a
`little more detail.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:33:40
`
`01:33:43
`
`01:33:46
`
`01:33:48
`
`01:33:54
`
`01:33:55
`
`01:34:00
`
`01:34:08
`
`01:34:13
`
`01:34:17
`
`01:34:19
`
`01:34:27
`
`01:34:34
`
`01:34:39
`
`01:34:40
`
`01:34:44
`
`01:34:46
`
`01:34:51
`
`01:34:58
`
`01:35:04
`
`01:35:10
`
`01:35:13
`
`01:35:15
`
`01:35:15
`
`01:35:20
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 13 of 162 PageID #: 64248
`914
`
`What are we looking at here, Dr. Blaze?
`A. So we can see that in this presentation, Apple divides
`the security features of iOS into four major categories,
`and that's a -- I think they've broken it down in a fairly
`sensible way for understanding what those features are.
`So one category is what we call Data in transit,
`and that's just data that's sent between the phone and
`somewhere else that needs to be protected.
`Another category is Data at rest, and that refers
`to the data that's stored on the phone itself, things like
`photographs and lists of -- of contacts and any other files
`that are stored on the device that you might not want just
`anybody to be able to see.
`And then the third category is the Apps, the
`applications. That's the programs that you get from
`others, usually through the Apple App Store, that also can
`run on the phone and that might not be completely
`trustworthy in their behavior because they came from a
`third-party source.
`And so it's important to protect the apps from
`misbehaving in ways that could affect other apps on the
`phone or the security of the -- the data stored on it.
`And then, finally, the fourth category is the iOS
`system itself which secures the phone itself. If it's lost
`or stolen, it makes sure that only the -- the owner of the
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:35:21
`
`01:35:23
`
`01:35:28
`
`01:35:35
`
`01:35:39
`
`01:35:41
`
`01:35:46
`
`01:35:49
`
`01:35:53
`
`01:35:57
`
`01:36:03
`
`01:36:08
`
`01:36:14
`
`01:36:16
`
`01:36:23
`
`01:36:26
`
`01:36:32
`
`01:36:35
`
`01:36:40
`
`01:36:42
`
`01:36:48
`
`01:36:54
`
`01:36:56
`
`01:37:00
`
`01:37:05
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 14 of 162 PageID #: 64249
`915
`
`phone can unlock it and -- and protects data that's stored
`on the phone using some special encryption hardware.
`Q. Okay. So you gave us a lot of information there, so I
`just want to make sure we understand each of these
`categories.
`So I'd like to start with the Data in transit
`category. What types of security issues is this category
`designed to address?
`A. So, again, Data in transit is just data that's sent out
`over the network, on the Internet, or when you use the
`phone, 4G or -- or 5G connection. And there are a number
`of security features that iOS has to protect data sent out
`over the network. I've listed three of them here, but
`there are others.
`One is called transport layer security, which is
`the encryption protocol that's used to protect individual
`network connections, for example, between a web browser and
`a website that you go to like Amazon, where you might type
`in things like credit card numbers that you don't want
`anyone to be able to see.
`There's support for virtual private networks and
`starting virtual private networks, and that's actually the
`thing I'll be talking quite a bit about a little later.
`And then there is -- there are techniques for
`securing the WiFi connections that you use, the wireless
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:37:09
`
`01:37:14
`
`01:37:18
`
`01:37:21
`
`01:37:23
`
`01:37:26
`
`01:37:29
`
`01:37:34
`
`01:37:36
`
`01:37:40
`
`01:37:45
`
`01:37:50
`
`01:37:55
`
`01:38:00
`
`01:38:01
`
`01:38:06
`
`01:38:12
`
`01:38:18
`
`01:38:22
`
`01:38:25
`
`01:38:26
`
`01:38:31
`
`01:38:35
`
`01:38:39
`
`01:38:43
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 15 of 162 PageID #: 64250
`916
`
`connections between -- that your -- your home Internet
`connection or a coffee shop or -- or an office.
`Q. Let's move to the Data at rest category. Could you
`tell us what type of security threats this is designed to
`address?
`A. Sure. So Data at rest, again, refers to the data
`that's stored on the phone itself. And that includes
`things like photographs and lists of your contacts and
`messages that you've exchanged with other people. And all
`of those can -- can often be very sensitive, particularly
`if you lose a phone.
`So there are a number of -- a number of security
`mechanisms -- I've listed three of them here -- that
`protect the data that's stored on the phone itself.
`There's encryption hardware, an encryption chip
`embedded in the phone that can encrypt data in a very, very
`secure way. There are access control restrictions on
`sensitive data that you might store on the phone so that
`other applications that don't need to get access to it,
`even if they misbehave, won't be able to, unless you've
`authorized it.
`And there's the -- there are special tools for
`protecting passwords that you use to log into other
`computers so that those won't be revealed to people who
`shouldn't see them.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:38:47
`
`01:38:52
`
`01:38:55
`
`01:39:00
`
`01:39:04
`
`01:39:08
`
`01:39:14
`
`01:39:18
`
`01:39:21
`
`01:39:24
`
`01:39:27
`
`01:39:29
`
`01:39:33
`
`01:39:39
`
`01:39:45
`
`01:39:49
`
`01:39:53
`
`01:40:01
`
`01:40:04
`
`01:40:07
`
`01:40:13
`
`01:40:14
`
`01:40:18
`
`01:40:25
`
`01:40:28
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 16 of 162 PageID #: 64251
`917
`
`Q. Now, Dr. Blaze, what types of security issues is the
`app security category designed to address?
`A. So the app security is -- refers to protecting
`applications from -- from each other. So when you load
`a -- a program off of the App Store, it was actually
`written by someone other than Apple, in general. And so
`it's possible that somebody malicious could write an app
`that tries to steal data or -- or cause damage to your
`phone.
`
`And -- and to protect against that, there are a
`number of different features that control apps. I've
`listed the three big ones here.
`One is that the code has to be signed by -- in a
`digital way to ensure that it really is authentic and came
`from where it purports to have come from.
`There are things called entitlements that restrict
`what an app is allowed to do, and they basically allow the
`system to say that certain apps should never see your
`contacts or your photos. You know, for example, a weather
`app, and they can be prevented from doing that.
`And then, finally, there's something called
`sandboxing, which is a way of -- of running apps in a
`controlled environment that gives them access to less than
`the full set of features that the phone has so that, if
`they do misbehave, they can't suddenly start taking
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:40:28
`
`01:40:32
`
`01:40:36
`
`01:40:43
`
`01:40:51
`
`01:40:55
`
`01:40:58
`
`01:41:03
`
`01:41:09
`
`01:41:10
`
`01:41:12
`
`01:41:18
`
`01:41:21
`
`01:41:24
`
`01:41:28
`
`01:41:31
`
`01:41:35
`
`01:41:42
`
`01:41:46
`
`01:41:49
`
`01:41:53
`
`01:41:56
`
`01:41:59
`
`01:42:05
`
`01:42:08
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 17 of 162 PageID #: 64252
`918
`
`pictures with the camera or doing something like that.
`Q. And, finally, Dr. Blaze, what does system security
`address?
`A. So system security refers to the -- to the -- the
`system protects itself from everything else and
`authenticates the user to the phone. There are a number of
`features that -- that do that. Again, I've listed three of
`them here.
`One is called biometric authentication, and that's
`things like fingerprint sensors and facial recognition that
`can recognize the human being who owns the phone and unlock
`only for that person.
`There's something called the secure boot chain,
`which is a way of ensuring that the phone is really running
`the authentic iOS operating system when it starts up and
`hasn't been replaced with some kind of malicious version.
`And then there's security hardware that protects
`all of the biometric information, encryption keys, and
`other sensitive data that is used to -- to do this.
`But if a phone is stolen, someone who tries to
`take it apart will have a lot of difficulty extracting
`sensitive data from it.
`Q. Let's go back to the summary slide.
`Now, which of these features, if any, includes the
`technology that uses VirnetX's '135 and '151 patents?
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:42:13
`
`01:42:16
`
`01:42:19
`
`01:42:19
`
`01:42:28
`
`01:42:30
`
`01:42:35
`
`01:42:39
`
`01:42:40
`
`01:42:44
`
`01:42:50
`
`01:42:56
`
`01:42:58
`
`01:43:00
`
`01:43:04
`
`01:43:07
`
`01:43:14
`
`01:43:18
`
`01:43:23
`
`01:43:26
`
`01:43:30
`
`01:43:33
`
`01:43:34
`
`01:43:37
`
`01:43:41
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 18 of 162 PageID #: 64253
`919
`
`A. Well, it's -- it's all in the data in transit category,
`that first category. And specifically it's the VPN on
`Demand feature.
`Q. Now, have any of the other security technologies been
`determined to use the VirnetX patents?
`A. No.
`Q. And so why have we spent time discussing the security
`features that do not use VirnetX's patents?
`A. Well, I think that it's important in understanding VPN
`on Demand and -- and the VirnetX patents to understand how
`that fits in with the security of the devices generally.
`So knowing how these features fit in is really
`helpful for understanding what they are and -- and how they
`work, and when they're used.
`Q. So we'll get into VPN on Demand in more detail, but
`first, I'd like to just briefly talk about what a VPN is.
`Could you tell us what you've shown on the
`right-hand side of this slide?
`A. Yes. So on the right-hand side I've shown, you know,
`my not -- not really very imaginative or realistic picture
`of a company net -- or a computer network. So you have a
`company building, and in it are offices with computers.
`And those computers are -- are -- and computer servers are
`connected to each other with a -- a network.
`Now, the -- that network is likely to have very
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:43:46
`
`01:43:49
`
`01:43:57
`
`01:43:58
`
`01:44:02
`
`01:44:04
`
`01:44:04
`
`01:44:08
`
`01:44:11
`
`01:44:17
`
`01:44:20
`
`01:44:30
`
`01:44:33
`
`01:44:37
`
`01:44:38
`
`01:44:41
`
`01:44:45
`
`01:44:49
`
`01:44:51
`
`01:44:55
`
`01:45:01
`
`01:45:05
`
`01:45:07
`
`01:45:11
`
`01:45:14
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 19 of 162 PageID #: 64254
`920
`
`sensitive information on it. The servers might store, you
`know, company secrets. The communication between the
`computers might have, you know, email that you don't want
`anyone to see.
`And so what companies typically do when they
`connect their private network to the Internet is use
`something called a firewall. And the purpose of a firewall
`is to prevent people outside the company from connecting
`inside the network itself and getting access to those
`secrets, but still letting the people inside the company
`connect out to websites like -- like Google and Amazon and
`so on.
`Q. Now, how does a virtual private network or a VPN relate
`to this firewall concept, if at all?
`A. So the firewalls are, you know, a fairly effective way
`of preventing incoming connections. And, unfortunately,
`they're -- they're too good at what they do because a
`company's employee who wants to work at home, as many
`people are doing now, or is traveling on a business trip or
`what have you, needs access to the company's network won't
`be able to get to it if the company just has a firewall.
`So what VPNs do is allow that authorized user to
`create something called a VPN tunnel through the firewall
`that's basically a way of authenticating that this is data
`not just from anyone but from an authorized person who's
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:45:25
`
`01:45:28
`
`01:45:32
`
`01:45:34
`
`01:45:35
`
`01:45:40
`
`01:45:43
`
`01:45:45
`
`01:45:51
`
`01:45:56
`
`01:46:01
`
`01:46:04
`
`01:46:05
`
`01:46:08
`
`01:46:11
`
`01:46:19
`
`01:46:25
`
`01:46:27
`
`01:46:30
`
`01:46:35
`
`01:46:41
`
`01:46:46
`
`01:46:53
`
`01:46:59
`
`01:47:05
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 20 of 162 PageID #: 64255
`921
`
`allowed to get into the network and letting them in --
`letting their -- their network traffic in, even though it
`came from outside on the Internet.
`Q. Now, I see something labeled VPN tunnel. What is that?
`A. So a VPN tunnel is the way in which that data is
`encrypted and authenticated when it is sent over the
`Internet between the user's phone and the -- the company's
`network.
`Q. And that tunnel on -- on the right goes into something
`called a VPN server. What is that?
`A. So a VPN server is the device -- you know, typically, a
`box, a computer box, maybe the same box as the firewall or
`it might be another separate computer that's connected both
`to the Internet, as well as the private network on the
`inside. And its job is to authenticate VPN connections
`when they come in and when they're authorized, pass the
`messages between the outside network and the private
`network.
`Q. Now, did VirnetX invent VPNs?
`A. No.
`Q. So let's talk about what VirnetX actually invented.
`What are we looking at here, Dr. Blaze?
`A. So what we see here is the cover sheets of the two
`patents at issue -- at issue in this case, the '151 patent
`and the '135 patent.
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:47:10
`
`01:47:12
`
`01:47:15
`
`01:47:19
`
`01:47:23
`
`01:47:33
`
`01:47:36
`
`01:47:43
`
`01:47:44
`
`01:47:46
`
`01:47:48
`
`01:47:55
`
`01:48:00
`
`01:48:02
`
`01:48:08
`
`01:48:11
`
`01:48:19
`
`01:48:21
`
`01:48:22
`
`01:48:26
`
`01:48:29
`
`01:48:32
`
`01:48:37
`
`01:48:46
`
`01:48:53
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 21 of 162 PageID #: 64256
`922
`
`And what we can see, you know, just -- even just
`from their title, they're concerned with establishing
`secure communication links based on something called a
`Domain Name Service request or a DNS request.
`Q. I'd like to explore that a little bit. Moving to the
`next slide, what are we looking at here, Dr. Blaze?
`A. So this is part of the specification, a description of
`the invention in the '151 patent, although the same -- same
`text appears in the '135 patent.
`This tells us some more detail. It says that the
`second improvement concerns the automatic creation of a
`virtual private network, a VPN, in response to a domain
`name server lookup function.
`Q. So what is a domain name server lookup function,
`Dr. Blaze?
`A. So when your computer or when you as a user of your
`computer want to go to a website like Amazon.com, you're
`likely to know that you want to go to Amazon.com, that it's
`got a name, and that's the -- the name that you want to
`reach.
`
`But the Internet doesn't actually use names like
`Amazon.com to reach other computers on the network.
`Instead, it uses something called an IP address, which is
`this numerical four-part number that the Internet uses to
`route your data to the right place, to the Amazon.com
`
`1 2 3 4 5 6 7 8 9
`
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`01:48:55
`
`01:48:56
`
`01:48:58
`
`01:49:05
`
`01:49:10
`
`01:49:13
`
`01:49:19
`
`01:49:23
`
`01:49:27
`
`01:49:32
`
`01:49:36
`
`01:49:40
`
`01:49:45
`
`01:49:49
`
`01:49:56
`
`01:49:56
`
`01:50:00
`
`01:50:08
`
`01:50:12
`
`01:50:14
`
`01:50:15
`
`01:50:23
`
`01:50:26
`
`01:50:30
`
`01:50:39
`
`
`
`Case 6:12-cv-00855-RWS Document 994 Filed 11/02/20 Page 22 of 162 PageID #: 64257
`923
`
`server.
`
`In this case, you know, every -- every computer on
`the Internet has to have one of these addresses. In this
`case, I'm imagining that the user of this computer has the
`address 121.23.54.23 and Amazon has the address
`54.239.25.200.
`So one of the first things that your computer has
`to do when you want to go to
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
