Slashdot Mirror

← Back to Stories (view on slashdot.org)

SAP Admits to 'Inappropriate' Downloading of Oracle Code

Posted by Zonk on from the think-then-do-think-then-do dept.

netbuzz writes "SAP's CEO Henning Kagermann uses the undoubtedly lawyered term 'inappropriate download' to describe the company's questionable actions. Henning blames a rogue business unit, but there can be no mistaking the fact that Oracle caught SAP with its hand in the IP jar on this one. The legal proceedings that will follow should prove interesting. 'The admission hurts SAP's reputation in the battle with Larry Ellison's Oracle in the $56 billion market for software that manages tasks such as payroll. The rivalry between SAP and Oracle escalated when Oracle filed its March 22 lawsuit claiming SAP workers hacked into a Web site and stole software codes on a grand scale.'"

11 of 149 comments (clear)

  1. Honeypot? by CastrTroy · · Score: 2, Interesting

    How likely is it that Oracle left a honeypot for SAP, MS, MySQL, or any other competitor to walk into, so that they could get rid of that competitor, or at least ruin their reputation and get some money? The fact that their was code on a website accessible to the outside world seems a little suspicious to me. Who leaves code on a publicly accessible server? I think that Oracle would at least be security savvy enough not to let their code be stolen. Anyway, not to start any conspiracy theories or anything, but I just find it a little odd.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    1. Re:Honeypot? by OG · · Score: 2, Interesting

      From a quick perusal of news stories, that doesn't seem be the case. It looks like some TomorrowNow employees used credentials from their clients to access information from Oracle's website that they would not otherwise have access to. As to what the did with it...the only concrete thing I've seen so far is republishing Oracle info for some fix with the TomorrowNow logo and representing it as their own work.

  2. Confused by Reason58 · · Score: 2, Interesting

    SAP workers hacked into a Web site and stole software codes Am I the only one confused as to why Oracle would be keeping source code on a production web server?
  3. Most inappropriate use of the word "inappropriate" by Trails · · Score: 3, Interesting
    Inappropriate? Inappropriate is when my boss caught me photoshopping my buddy's head onto a screen cap of the Pamela and Tommy video (It was for his bachelor party, I swear it).

    This is illegal and perhaps fradulent (ie they claimed they were customers seeking service). But what gets me the most about this is how blisteringly stupid it is. "There's no way they could know it's us! Well, there's no way, apart from the webserver logs, that they could know it's us!".

    From the article:

    Oracle said TomorrowNet used identities of Oracle customers and phony users to gain access to its systems. Customers for whom SAP allegedly conducted illegal downloads include Merck & Co. and Bear Stearns & Co., according to the March 22 lawsuit.
    So not only are they picking a legal fight with Oracle, pissing of the DOJ, and destroying their reputation, but they've basically shown they're not above pretending to be their customers. I bet the SAP CEO is turfed before the end of the next quarter.
  4. Re:Can I get a consensus opinion? by Brian+Gordon · · Score: 3, Interesting

    But it is illegal- we'll have to see whether SAP shields its hacker team behind the veil of corporate responsibility or exposes them to be criminally prosecuted individually.

  5. Re:Not Source Code by OG · · Score: 3, Interesting

    And, according to one news article I saw, republished one of the support documents with their own logo, passing it off as their own work.

  6. Re:Most inappropriate use of the word "inappropria by Red+Flayer · · Score: 2, Interesting
    None of that matters in the long run.

    FTA (emphasis mine):

    ``Although many will see the legal teams as the cavalry in this battle, the troops that really matter are the PR special forces contingent,'' Ovum Plc analyst David Mitchell said. ``PR is where this battle will be won or lost.''
    That is most certainly the case.

    And now for the snark. Wtf? PR special forces? What kind of training does that require? Going seven days without using buzzspeak or powerpoint? Writing press releases and giving presentations under hostile fire?

    And, most importantly, what color are their berets?
    --
    "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  7. Re:Codes plural? by Anonymous Coward · · Score: 1, Interesting

    most people do not use the term in this light, but "codes" is actually common jargon in high-end supercomuting. It does in fact refer to "code", but as it is being run distributed across thousands of processors. I suspect that the term is derived from the pluralisation actually. It's usage has been falling out of favor though due to confusion with poor english.

  8. Re:Most inappropriate use of the word "inappropria by Asic+Eng · · Score: 2, Interesting
    It's not terribly clear to me why that should be inappropriate at all. It seems their services company (TomorrowNet) would download patches from Oracle servers for Oracle customers. So if I understand this correctly, the customer (e.g. Merck) would call TomorrowNet (who they have a support contract with) and ask them to help them with some problem on their Oracle installation (which they bought and have the right to receive patches for). So now the TomorrowNet employee using Merck's login downloads the patch for them and (using the documentation which comes with the patch) explain to the Merck employee what they have to do to get the patch installed.

    I presume somewhere in the contract between Oracle and Merck there is something which says "only your employess may use this account", and there is probably a notice on the website which states that you can only access the account with your own login. The whole setup would be used to prevent other companies from supporting Oracle installations, I guess.

    It's all about preventing competition and replacing innovation with lawsuits, in my opinion.

  9. Re:Can I get a consensus opinion? by UncleTogie · · Score: 2, Interesting

    I'm pretty sure "secrecy" is not something that can be stolen.
    Tell that to the Rosenbergs...
    --
    Don't tell me to get a life. I'm a gamer; I have LOTS of lives!
  10. Keep in mind that this wasn't a customer... by Anonymous Coward · · Score: 1, Interesting

    All of the download activity in question was performed by TomorrowNow... a competitor to Oracle, who sells support services to Oracle application customers.

    In essence, this was a competitor, stealing a company's information (IP) in order to resell it back to Oracle customers as their own brand of support, and at a lower rate. Regardless of your stance on Oracle, it's just a dirty practice, and something that SAP deserves to get hell over.

    If you haven't done it yet, check out the legal filing.. it's pretty decent read.