Slashdot Mirror


The Open-Source Detector

McDutchie writes "With open-source related lawsuits on the rise, a market is developing for automated tools that detect the presence of open-source code within larger application development environments. Palamida Inc. stepped in with IP Amplifier 3.0, essentially a search tool and a database that consists of more than 38 million of the most commonly used open-source files. Something Google-inspired called CodeRank is claimed to match code against the database. Hmm... maybe someone should run it on this, or even this." Of course, some open source code is perfectly welcome in commercial software, even if that software's code is not itself open; it's no secret or surprise that Microsoft, for instance, has taken advantage in some products of BSD-licensed code.

3 of 340 comments (clear)

  1. I wonder... by 0x461FAB0BD7D2 · · Score: 4, Interesting

    Could this tool be used in reverse?

    For example, one could write a bug-filled line of code, perhaps something with a buffer-overflow. This could then be matched with open-source projects and projects with buffer overflows are found. Of course, this could also be used to find vulnerabilities and so on.

  2. The BSD license argument by marcovje · · Score: 5, Interesting


    >Of course, some open source code is perfectly >welcome in commercial software, even if that >software's code is not itself open; it's no secret >or surprise that Microsoft, for instance, has taken >advantage in some products of BSD-licensed code.

    This example (socket code) often pops up, and is often used in GPL advocacy.

    Note however that the TCP/IP work was done under a DARPA grant, paid for by the US government, so it is not only legal, but even moral right for Microsoft to use this code.

  3. Will probably find many blatant violators. by putko · · Score: 4, Interesting

    I worked at a ruthless company. Part of the culture was to get results as fast as possible and completely ignore things like licenses, rules and laws, if it helped to make money.

    We certainly would have violated the GPL in a second, given that one couldn't really prove damage to the other party (aging idealist hippies with beards who were naive enough to give away software with a silly "license").

    The ripoff of commercial software was driving me nuts though -- it seemed quite wrong, esp. given that we were raking in the dough and were not paying just because we could easily avoid it through technical measures.

    However, part of the "culture" was that we were so busy that we were sloppy about the misdeeds. We wouldn't have had time to cover our tracks.

    Such tools would have caught us, so I'm guessing such tools will lead to finding many similar violators.

    --
    http://www.thebricktestament.com/the_law/when_to_s tone_your_children/dt21_18a.html