Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Open-Source Detector

Posted by timothy on from the lie-detection dept.

McDutchie writes "With open-source related lawsuits on the rise, a market is developing for automated tools that detect the presence of open-source code within larger application development environments. Palamida Inc. stepped in with IP Amplifier 3.0, essentially a search tool and a database that consists of more than 38 million of the most commonly used open-source files. Something Google-inspired called CodeRank is claimed to match code against the database. Hmm... maybe someone should run it on this, or even this." Of course, some open source code is perfectly welcome in commercial software, even if that software's code is not itself open; it's no secret or surprise that Microsoft, for instance, has taken advantage in some products of BSD-licensed code.

3 of 340 comments (clear)

  1. Re:No Gurantee Against reimplentation by Speare · · Score: 4, Informative
    This tool can't possibly ensure that some binary wasn't made by someone who looked at the open source version, and just reimplemented the same ideas.

    Um, last time I checked, this is a quite reasonable approach. You can paraphrase your book report in school, you can paraphrase your predecessor's speech, you can take photographs from famous vistas, and you can rewrite your own closed code inspired from Open Source algorithms.

    Source code is protected by copyright-- that is, literal or near-literal copies containing the essence of expression. Open Source code doesn't require that reverse engineering must be done in a clinical clean-room black-box methodology. That's kinda the POINT of Open Source: show people how it's done.

    --
    [ .sig file not found ]
  2. Re:I wonder... by McDutchie · · Score: 4, Informative
    My employer already uses an internally-developed GPL-scanner tool which is required to be run across all sources before we release a new product version. The company also requires all developers to take yearly training on the issues of OSS and GPL. We do support the ideas of OSS and GPL, and put out OSS offerings of our own, but it would be financially devastating to us if our commercial products were forced to be open-sourced.

    It's a widespread and unfortuate myth that your product automatically becomes subject to the GPL if you (accidentally or otherwise) violate the GPL by including GPL'ed code. In such a case, a copyright violation has been committed and you have to remove the code in question, and possibly pay damages -- but your product will not become open source (unless, of course, you choose to make it open source as a way of remedying the license violation).

  3. Re:Ouch. by GigsVT · · Score: 4, Informative

    They can demand you open-source any application that contains GPL'd code.

    No, they can't. Stop spreading this myth.

    --
    I've had enough abrasive sigs. Kittens are cute and fuzzy.