Slashdot Mirror
Finding the Pits In CherryOS
An anonymous reader writes "DrunkenBlog is carrying a story with piles of gathered evidence (including screenshots of code diffs) exposing the speed claims of CherryOS, and that the company behind it (Maui X-Stream) is not only stealing code from the open source project PearPC but at least several other OSS projects too. There are some choice quotes from PearPC developers on how it is harming their project. They appear to have a strong case, but enforcing the GPL could take help."
Looks like they had their cherry popped ;)
In all seriousness though, this looks like a perfect time to test the GPL in cou rt (if they make it that far.)
Does their use of OSS without complying with GPL violate copyright laws or justlicensing laws?
I'm a virgo and on Slashdot. Coincidence? Yes.
According to this thread on PearPC.net, he is using a warez'd copy of several programs as well.
WASTE - The Secure P2P
Stealing code? I though they were wrongfully copying it, or did we completely throw away the concept of copying alltogether?
The sad truth is that the GPL has no real teeth, because most of the people writing GPL'd code do not have the resources or time to do anything about "code theft".
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
The DrunkenBlog site is very slow, so here's a MirrorDot mirror of it.
Who gets the compensation? Do they split it between the developers? How they decide who the developers are and what part each of them gets? What if PearPC is based on other open source projects? This is going to be interesting...
1's and 0's should be free.
...if after all that noise from SCO the first court case to test the GPL involves some little dorky scammer trying to sell code he didn't write.
REM Old programmers don't die. They just GOSUB without RETURN.
Though the article is /.'ed, I have to wonder, why does CherryOS even bother? Everyone already knows that their project was a ripoff of PearPC and they've already lost the trust of everyone.
Article through coral
Article through mirrordot
Im sure these two organizations would be glad to take this matter up.
if I was a PearPC developer, I would.
this is blatant theft.
...at the sheer cheek of putting up a "performance comparison table" on the CherryOS website between CherryOS and PearPC...
I mean, even the name itself smacks of copyright infringement...
It is copyright infringement, just like the subject says.
It does not matter who's copyright is being infringed or who is claiming it, it is STILL NOT THEFT.
I'll bet I'll be modded down now, since this sort of thing is only accepable on an anti *AA thread.
SJW n. One who posts facts.
I doubt that the FSF or the EFF are willing or able to get involved; but that doesn't mean that users and people who have a vested interest in keeping the integrity of the GNU license can't raise the funds needed to sue the CherryOS fools.
"Your admirers in the street
Got to hoot and stamp their feet
in the heat from your physique" -King Crimson
It seems like every couple of months or so we hear about some company violating the GPL. When are the OSS programmers going to do something about it? IMO it's not even close to enough for a violating company to say "Oops, we're sorry, here is the code" It's called commertial copyright infringement and the true copyright holders aught to sue the companies for every dime they can get. Companies violate the GPL because they feel its good for their bottom line. Someone should prove it isn't.
"Troll"??? It's not a troll. And it's not a condemnation of GPL either. It's a truthful statement that most FOSS developers can't afford to sue people.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Is now the time to test the legality of the GPL?
It seems like this might be a good case if the evidence is really so strong.
Now PearPC is going to have to write it all over again! If only the CherryOS people knew how much damage their code theft has done!
Can we just call it breach of license and stop being all dramatic about it?
If persons are going to take GPL'd software and claim it as their own, then the work of many talented programmers can be passed off like cheap tracings of the Sunday comics. Pull together. Agree on this - blatent copying for no reason can't be allowed. Lest when those that take GPL'd software use it and fark it up, the first thing reported is that the software had an 'open source' base, further alienating the mainstream computer users.
They infringed the copyright and/or violated the GPL. I've said that copyright infringment isnt' stealing in many a P2P story, so I'll say it here too.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
in like less then a month random people have compiled more evidence supporting the idea that CherryOS is a complete and blatent ripoff of PearPC, then I ever saw come from the well funded SCO Group supporting their idea that Linux infringed on some of their code.
The rock, the vulture, and the chain
Why are people here up in arms when GPL code is stolen, but not when copyrighted music or movies are illegally downloaded or swapped?
Serious question? It's because most people here identify themselves more with the open source movement than with the music industry.
If you steal from my house I will be "up in arms", if you steal from my neighbours house I will be almost as outraged. If you steal from a bank I have no connection with on another continent then I may be interested in the news report, or maybe not.
The real Ralph Yarro posts as Anonymous Coward. Anyone else is an impostor.
Cherry-OS is a PPC emulator. If someone runs Mac OS X in "violation" of some EULA, that's the user's problem. Many have used it to, for example, test out PPC Linux distros.
Furthermore, no one with half a brain would say that software someone bought and then used on something other than the exact hardware someone else wanted them to is "stealing." That's just daft double-speak.
I just don't understand. A regular rumor/hype/unsubstantiated-claim is made and the general tendency is not to give them the benefit of the doubt - they get flamed and hen-pecked to hell before they even have a chance to prove their claims. Then CherryPC comes along, which is SO MANY WAYS is such an obvious rip-off that IT'S ALMOST AMUSING, and people act so damned civilized, presenting balanced views, structured evidence, etc. Why bother with the niceties in this case? Just call Hawaii5-0 and bust a cap in his ass already.
....legally take apart cherry (ie, decompile, hex edit, reverse engineer) the cherry exe to compare it to pear? IF they did this and found it to be the same, could pear counter-sue for reverse engineering? Would it hold up in court?
ItWasFree.com - Take the mystery
An anonymous reader writes ...
Gee. I wonder who that could be.
It's more than that. It's the difference between the goals of the RIAA vs. the Free Software movement.
The Free Software movement's goal is to increase the availability of software. Free Software advocates want to give control to the end-users. The GPL is designed to prevent people from hoarding it and reducing the availability. It basically uses copyright law against itself*, because if there were no copyright then all software would be Free.
In contrast, the RIAA's goal is to decrease the availability of music. They want to control it themselves. Their use of copyright is designed to augment their ability to control and hoard the music.
Even though both organizations use copyright as a tool, they use it for opposite goals. And that's why we believe copyright infringment is moral in one case and not in the other.
*when I say the GPL uses copyright against itself, I mean the modern (e.g. RIAA's) interpretation of copyright. Originally, the goals of copyright were more aligned with the goals of the GPL, to increase and spread knowledge. It could be argued that the modern interpretation is a corruption of copyright, and the GPL is a device to try to restore its original meaning.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
PearPC can be used for more than just running MacOS X, you can run PPC Linux on it and various PPC BSD's, aswell as Darwin.
I don't think Apples EULA statement about running it only on apple hardware is legal anyways, it sounds like illegal tieing, but what the hell do I know? IANAL.
On the Trial Download page, there are 5 checkboxes you "have" to agree to. If you don't check them, and click Download, it still lets you download with agreeing!
Tired of free iPod sigs? Subscribe to my blacklist
I am, and always will be, an idiot. Karma: Coma (mostly effected by
This goes beyond mere redistribution though, they're claiming to have written the code. Which I think fits into the conventional definition of stealing. You couldn't say "He stole my theory" if someone sold a copy of a paper you'd written, but if they claimed to have written the paper, saying "He stole my theory" would probably be acceptable. So I think calling the code stolen in this case makes sense.
I am trolling
For the compensetory damages, a judge would likely just force Cherry to release all source code changes and enhancements. After all, that is what they where supposed to do from the start. Additionaly they may require the defendant to pay some or all of the plaintiffs cost of the law suit.
Punitive damages are different. It means the judge takes money from the defendant just because he was a naughty boy, it's a punishment. Typically it's awarded to the plaintiff but IIRC a judge can award punitive damages to a third party as well (this may vary by state). In this case an organization like the EFF would be a good candidate.
Arbitrary sig
People are asking, how is sueing CherryOS different than becoming the RIAA and sueing music downloaders?
Answer: Neither is theft. The latter is considered copyright infringement. The former is copyleft infringement.
Think about it -- I was to understand the idea behind the GPL was specifically so that people COULD take the source, hack at it, and release something -- but that you had to continue to make the source available if you did. Compare to copyright, where the idea of sharing source at all is non-existant.
Maui-X-Stream (the people behind CherryOS, and a stupid name IMO) should not be sued to cease-and-desist. They should be sued to open up their source.
By all means, let this team of no-talent assclowns keep playing with the source -- they're allowed to anyway. And, in fact, let these dicks sell a distro -- so long as people have the choice between source code bases, even Joe Schmo's CVS build of the CherryOS "fork", that's fine.
But the biggest thing is that MXS is a bunch of stupid lying ass-grabbing money-grubbing bastards. I like how they used the term "never ever" when asked if they stole PearPC code. Sounds like they "never ever" grew out of elementary school.
Why don't we all send a nice letter to the makers of CherryOS? Here are some email addresses:
mail@cherryos.com; press@cherryos.com; info@mxsinc.com; arben@vx30.com; vx30@mauionline.com
I was thinking of posting this anonymously, but I didn't. Feel free to mod me as troll or anything else you want, but before that just think - how would you react if they were doing this to your own software project?
A nice letter is not as much as those guys deserve... They are scammers and deserve to be trusted as such.
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
"CherryOS surfaced as a PowerPC emulator for x86-compatible systems, specifically geared, and sold, to allow Windows users to use Apple's Mac OS X. This is actually kinda cool. Even though Apple Computer could sue your ass off because they have a clause in their EULA disallowing it, it's a really stupid clause and there are a whole host of reasons why someone might want to do this."
I agree, it is not OK for CherryOS to take code from PearPC under the terms of the GPL.
But it is also not OK for PearPC to write software to explicitly violate Apples EULA.
Its suicidal for PearPC to press the case on CherryOS because the nature of both is to violate the EULA of a 300lb gorilla. This legal copyright, liscencing thing is a two way street. If you want the GPL enforced then you're going to have to stop bitching when the EULA of any other software is enforced.
I may get modded down for this (I know, it's a cliched phrase), but I'm getting incredibly sick and tired of these CherryOS articles and their "stolen code" discussions.
Slashdot and its readership are quite happy to demonize the RIAA when it goes after infringers of its copyright. Posters will go so far to defend piracy that they will even initiate pointless discussions about how copyright infringement isn't theft (it is, because you are depriving them of revenue they would otherwise be receiving), and that it's just a cultural movement to take intellectual property. There are entire belief systems and mindsets invented to justify this piracy.
But since the very first CherryOS article, everyone has been discussing "stolen GPL code." People have even suggested legal action. Note that when I refer to Slashdot's opinion, I'm talking about the majority opinion as filtered through the upmods and discussion threads.
So, let's break it down:
I'm sorry, but I find this highly amusing. Four years of non-stop demonization of *AA and pro-piracy articles, and every time there's an incident of possible GPL infringement, suddenly everyone is on the side of intellectual property and the law. Look at all this talk of testing the GPL in court! Since when was everyone a fan of intellectual property all the sudden? Oh, that's right, when it didn't have to do with protecting the piracy you've grown accustomed to the convenience of all these years. It makes the pro-piracy opinions around here appear even more self-serving than they already were.
Note to those preparing to reply with "That's not everyone on Slashdot" replies, I know. If none of the above applies to you, congratulations. But it applies to the majority, and the nature of Slashdot's posting system tends to encourage groupthink. And so, you get these ridiculous double standards that people haven't full thought through.
They're not code diffs, and they haven't released any code - they're diffs of hex dumps of libraries and executables - a lot of strings remain human readable - play around with a hex editor a bit, or use 'strings' in unix.
From their website:
"Jim Kartes is the president of Maui-X Stream... He later worked as a news and documentary cameraman for CBS News in New York." (emphasis mine)
I guess we should have seen the writing on the wall.
What if Digg added local news and a Slashdot inspired comment karma system? ---
http://houndwire.com
"enforcing the GPL could take help"
the average man may not be able to help in a court of law, but the best way for the average person to ensure the GPL is upheld is to boycot software that violates it.
lose != loose
That's the issue. Not everybody knows. I saw a post on the local Mac user group list (I support macs at work so I need to keep track) about CherryOS. They had no idea of the issues involved and the article they referred to did not mention them.
It's worth making some noise even about something this blatant.
Your points would be valid if they weren't so automatically cynical.
No, Slashdot is for the freedom to do things without big corporations having the means or possible means down to breathe down everyone's back, or against laws that are contrary to fair use. Many slashdotters don't practice what they preach, but to treat all slashdotters as equally hypocritical is itself hypocritical, unless you yourself are hypocritical. In either case you are a hypocrite. Slashdot *would* be okay with the RIAA pursuing legal infringement if they weren't trying to sue for $150,000 per song (or something). Do you think that the PearPC would claim millions in damages to Maui X-Stream? Duh, no. P2P copyright infringement is not theft. Selling copyrighted materials is. Taking GPL code is not theft. Selling GPLed materials is.
You take three extreme examples and apply stereotypes to all three. BTW, saying "but it applies to the majority" and then talking about "ridiculous double standards" is also a double standard. Congrats on hanging yourself with your own rope, hypocrite.
Sometimes, I think it's quite fine for the company to repair the situation and be done with it. If the wronged developers are OK with that, and think it's a reasonable option, that's just fine.
... but attempt to find out what's going on and why before flying off the handle.
One one hand there's the desire to "send a message" but on the flip-side, some OSS developers feel that it's important not to totally alienate the commercial devel world, and understand that sometimes screwups and misunderstandings happen. Especially in a world of cheap contractors, offshoring, MCSEs who think they're developers, and limited knowledge of OSS and its licensing.
You may have guessed that I fall on the side of playing things cautiously. If someone stole my code, I'd either (a) laugh at them and tell them how utterly stupid they are for actually bothering to steal code that bad, or (b) get rather pissed off
I'm not at all convinced that much tolerance would be extended to really blatant offenders who deny it and continue to offend. Unfortunately, I'm not aware of any cases like that that've come to court.
It may be true that no GPL cases have come to court (although I'm not sure about that either). But there has been a very large number of infringement claims that never made it to court, becuase the guilty party gave in. In summary, to win against the GPL, you cannot argue that it is invalid: if it were invalid then normal copyright law would mean that any copying or distribution was illegal - so that approach would be the lawyer equivalent of shooting yourself in the foot. Instead you would need to convince the judge that it is both valid but allows more than it appears to allow. But that is a difficult case to argue ;)
CherryOS -> CheeryOS -> Cheerios
*Splort*
It's obvious this sort of thing is an outrage, and we should stand up and do something better than preaching to the choir on Slashdot.
1 08675 . I'm sure if enough donations piled up, PearPC's authors would go after CherryOS in court.
This story made me decide to donate to the PearPC project http://sourceforge.net/donate/index.php?group_id=
Hey, you're not supposed to actually read or to even understand the GPL here. You're just supposed to bludgeon people with it when they disagree with you. You're not new here; you should be ashamed! =)
The saddest truth is that I'll probably be modded funny (at best) or troll, instead of insightful. =)
It's not offtopic, dumbass. It's orthogonal.
In addition, on this page, they don't acknowledge Motorola's trademark on "AltiVec". It sounds like these guys really have their IP knowledge down.
When you look at the state of the world, how can you not become a radical, liberal anarchist?
This is an obvious troll from a known hypocrite and copyright infringer
Please mod him down.
Mod the parent up. If 1% of Slashdotters kicked in $5 or $10, the PearPC group would be very well funded. Think of it as supporting the GPL. :)
"The newly born animals are then whisked off for a quick run through a giant baking oven." --heard on Food Network
"In contrast, the RIAA's goal is to decrease the availability of music."
Not 100% correct (or badly phrased): the RIAA's goal is to restrict the number of competing sources of music and control the distribution of music (even exclusive distribution is quite different from hoarding). The record industry relies on having a large, clearly demographically defined market and exclusive control over promotional channels. P2P threatens to fragment that market by making more styles of music readily available and responding to changes in styles more rapidly than major media outlets.
Illegal P2P usage plays right into their hands, as it gives them the legal basis they need to shut down or absorb any potential competition and continue the status quo. So instead of P2P becoming a great new way to spread ideas and promote culture from a grass roots level with everyone on an equal footing (the true egalitarian utopia the 'net was supposed to be), we'll just have a continuation of the existing cycle of a brief blaze of protocol glory followed by a flurry of lawsuits, with big media still in the driver's seat. It's ridiculous to complain about media oligopolies, then effectively swamp the only truly uncontrolled distribution channels with exactly the same material in a pretense of being an electric Robin Hood. We don't need more sources of the same, we need alternatives. That's what real competition is about; currently, the majority content of P2P networks simply confirms that people want the **AA's products as is (at worse quality, even), so what incentive do they have to work harder?
I would like to see a day where the only things on P2P networks are GPL, creative commons, or public domain. Sure, you won't be able to download Generic Pop Diva #437's latest single, but which is better: a forum where anyone can express themselves to the world with an equal voice, or 3 minutes of ear-candy and a billion good ideas lost forever?
There is no moral high ground since both groups insist on forcing their moral values on the everyone else. At the heart of the issue is the right of the creator of a work to do with it as they see fit, whether it's release it free, ask a fee, or shove it up their nose. That's part of free speech: the right to limit who you're speaking to on a totally arbitrary basis, even the right to remain silent. Does Scoop Dogg Doody (or whatever that rapper's name is today) have the right to come round to your house and demand you perform a few songs for him? No, you have the right to tell him to sod off. Reverse the places: just because he's a rich bastard who can afford to record himself, does that mean you now have the right to demand his performances? At what level of wealth do we start repealing constitutional rights? I'm just curious, since you seem to be trampling the rights of others in the quest to assert your own, what makes you believe you deserve rights and others don't, and how exactly does this make your position more moral? And as far as protest and civil disobedience goes: six years, zero improvement; in fact, thaks to knee-jerk reaction legislation like DMCA and PIRATE, things are now considerably worse. Might be time to re-think the strategy perhaps?
I believe there's no reason the laws of supply and demand shouldn't apply when ever people's time and effort are involved (in fact I think OSS and public domain work should be subsidised by tax deductions*; it would be more than worth it for the economy). And if that doesn't suit you, there should be a legitimate alternative. Which might be there, but it's really hard to tell with all the illegal warez clutter.
*On a per-title/stable release basis would probably work the best.
Blank until
I think we need a better form & delivery of licensing, not to mention what the license reads.
This has nothing to do with licenses, since they are not following the terms of the license (GNU GPL) offered to them by the copyright holders.
This is copyright infringment, plain and simple.
1) They copied copyrighted works and claim it as their own, in some cases without even removing the orignal author's name and GNU GPL license notice.
2) The only way they can legally use the copyrighted works is by honouring the license under which they authors have released it with
3) They have not honoured the terms of the GNU GPL (Unless they are simultaneously denying the use of GNU GPL'd code and are also providing downloads to said source code).
4) Now we fall back to good old-fashioned copyright law. If you don't have permission, you can't copy it.
Considering the complete lack of evidence of there being even a sliver of their own code in the PPC emulation, apart from doing a "search and replace" for "PearPC"->"CherryOS", then this does in fact need to be taken very seriously.
Ok, so if they follow the gpl, so what?
So what? They wouldn't be breaching international copyright law, that's what.
Contributors to PearPC don't want to work 40hrs a week at their real job and come home to find their pride and joy/hobby being ripped off to profit some wanker who just slapped together a nice VB frontend over a couple of weekends.
And his "right" to make a profit through copyright isn't a constitutional Right at all, so that can't be what you're talking about. If the choice is between his "right" to profit, and the public's Right to freedom of information (i.e., culture), the public wins. That's the stated purpose of copyright, donchaknow.Now, that really is a legitimate argument -- the idea that copyright infringment via P2P is counterproductive. Honestly, I don't really have an answer for you on that one, because it's hard to say "this is morally righteous blah blah blah... and by the way, don't do it." For what it's worth, I personally don't download all that much music anyway, and it's usually old stuff (like the Beatles et al. where the artists are dead).
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Bruce
Bruce Perens.