Not true at all. Cryptography Research has patented most of the implementation techniques required to do hardware crypto without being susceptible to differential power analysis (btw: that? My favorite business model ever!). That was almost pure systems research.
Strong disagree. They found the vulnerability. It is a remarkably interesting attack. Without their work, we'd just be silently vulnerable to the problem. I think (for instance) the DPA patents are a decent example of good-faith patents.
RSA was patent-encumbered for a long time too. You can formulate a similar argument about that. "RSA makes systems safer [ed: no it doesn't, but continuing...], so it's wrong to allow it to be patented".
I think there are some steps missing in your argument. It seems to go something like this: (1) CR found the issue, spotted a business model, patented all the best solutions, and told the world. (2) Without patents, CR wouldn't have done this. (3) So without patents, no one would have done it. (4) So without patents, we'd all be silently vulnerable to a very general, very clever side-channel attack.
The step from (1) to (2) seems doubtful. If the CR people hadn't been able to patent a bunch of ways to deal with DPAs, they might none the less have published about them. It's not as if no one ever tells the world about a security vulnerability without a patent-based incentive.
The step from (2) to (3) seems doubtful. It seems more likely that without CR, sooner or later someone else would have thought of differential power attacks and published about them. Unless CR are just much much smarter than everyone else -- in which case, the guys in black hats would have been just as much worse off as the guys in white hats.
The step from (3) to (4) is OK, with the proviso I just mentioned: it seems that the obvious way for (3) to be true would tend to make the vulnerability matter much less.
Something as arcane as DES is not a "natural law". Crypto algorithms aren't pre-existing (show me a naturally occuring physical process that can be described by a crypto alogrithm), they're not obvious to even experts in the field, and people spend a lot of time trying to get them right. That's the very definition of patentable.
[I know DES isn't patented, and there's plenty of good reasons why you don't want a patented crypto algorithm, but I think they certainly qualify.]