Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Showmypc.com an Open Source Pretender?

Posted by ryuzaki0 on from the show-us-the-source dept.

shaitand writes "When looking for a remote support application that penetrates firewalls and can be initiated by my clients with a couple of clicks, I came across Showmypc.com. It was a standalone executable but looked like it would work and best of all it was open source. The only thing I didn't like was the interface, so I went to check out the Sourceforge page. I noticed a substantial problem: CVS is empty and the source on the download page is for the 2.6 version. The version of the executable is 3.53. I mailed the developers that they needed to distribute their modified SSH client and VNC source to be in compliance with the GPL license. They said they didn't modify those programs and ignored my request for the current source code. So I ask again, if this is a GPL'ed application; where is the source?"

18 of 323 comments (clear)

  1. Why not? by Frosty+Piss · · Score: 5, Insightful

    CVS is empty and the source on the download page is for the 2.6 version. The version of the executable is 3.53

    If it's original work, can't the copyright holder decide to close the source? If it doesn't contain anyone else's work that happens to be GPLd, I don't see a problem here.

    Need more info...

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Why not? by Skreems · · Score: 3, Insightful

      If it's original work, can't the copyright holder decide to close the source? If it doesn't contain anyone else's work that happens to be GPLd, I don't see a problem here.
      True. But Sourceforge only provides hosting for OSS projects. If they're hosting their binary downloads for the new version on their own site with their own non-Sourceforge hosting, they're fine.
      --
      Slashdot needs a "-1, Wrong" moderation option.
      The Urban Hippie
    2. Re:Why not? by courtarro · · Score: 5, Insightful

      That would be true if the code were unmodified versions of GPL'd code, but glancing through the two helper EXEs (spcplink.exe and spcwinv.exe) reveals quite a few references that look like they might be directly pulled from VNC or OpenSSH. Interestingly enough, these two helper apps are written in Visual C++, while the main app is written in VB6.

      Now that I look closer, I notice that spcwinv.exe is actually referred to as "VNC Server Free Edition for Win32", and the copyright is "Copyright © RealVNC Ltd. 2002-2005", yet the strings within the file have been modified to refer to it as a ShowMyPC product. I'd say that's a dead giveaway.

  2. Use this without source code? by courtarro · · Score: 5, Insightful

    Whereas GotoMyPC is a serious business with a vested interest in keeping users' machines secure, this site has no such commitments, and as such it seems like a pretty bad idea to use it without being able to check the source code. Potential GPL violations aside, a significant reason that we need the source is to confirm that it does what they say it does. Without it, who knows what backdoors they could be offering; it's especially concerning since it's specifically designed to penetrate firewalls. Beware!

    1. Re:Use this without source code? by shaitand · · Score: 3, Insightful

      'The same thing can be said about any piece of software. At some point you have to take the risk that your machine might be exposed.'

      Or... you could just use open source software.

    2. Re:Use this without source code? by root-a-begger · · Score: 3, Insightful

      GoToMyPC did not start as a closed source product from Citrix. It started as a closed source product from Expertcity. Expertcity was an unknown and yet people found reasons to trust it and the company grew enough that Citrix acquired it.

      In short, The parent comments are pure FUD which can be applied to just about any closed source start-up...And this assumes you automatically trust closed-source software from a large company. This also assumes if it were open source that people have reviewed it in enough detail to be trusted...or that you would completely review the open source and its mods before using the product...highly doubtful.

      There may be reasons not to trust any new product. However, broad based FUD slams are counter productive.

      In an earlier post on this article, I reference my new product http://www.shellshadow.com/ which is different tech from ShowMyPc, but may suffer from similar FUD attacks. I don't worry too much about these attacks. I'll just do my best to host a trustworthy service and build from there. I have to assume ShowMyPc intends to do the same.

      trust is a big topic...
      Jon

  3. They may be fully compliant... by BobandMax · · Score: 4, Insightful

    ...because the GPL only requires that an offer of source code be distributed along with the application. Have you purchased a copy of their commercial offering?

    Please read the following from gnu.org's FAQ:

    QUOTE

    If I distribute GPL'd software for a fee, am I required to also make it available to the public without a charge?

    No. However, if someone pays your fee and gets a copy, the GPL gives them the freedom to release it to the public, with or without a fee. For example, someone could pay your fee, and then put her copy on a web site for the general public.

    UNQUOTE

    --

    "Computers are useless. They can only give you answers."
    -- Pablo Picasso
  4. /. isn't where you report this by UbuntuDupe · · Score: 5, Insightful

    I'm *pretty* sure there's an established procedure for reporting GPL violations, and I'm *pretty* sure submitting a /. story griping about your experience with that software ain't it.

    --
    Apology to Ubuntu forum.
  5. Why is this front page news? by Retalin · · Score: 3, Insightful

    This is flame bait... this is not news and it's definately not the proper way to report a GPL violation. Are we really hurting for news submissions?

    --
    Regards, Ryan McAdams
  6. Re:Who are you? by shaitand · · Score: 2, Insightful

    'In other words, he is demanding something when he does not have the right to do so.'

    Nonsense, everyone who they distribute a binary to has the right to demand the source. They just don't any teeth to back up the demands.

  7. Re:Uuuuu... by Marcos+Eliziario · · Score: 2, Insightful

    If I fscking release my fscking work under a GPL license, what in hell gave you the idea that it's fair if you take my code, modify it, and then start selling my fscking code with your fscking code modifications without contributing your changes back to the community.
    If you don't want to release your code, the remedy is simple: Don't base your fscking stinking work upon someone else's GPL'd work, start it from scratch, then, if you start it from scratch, you can keep it closed as much as you want.
    (And given your attitude and dumbness I think it's a great idea if you really keep your code CLOSED)

    --
    Your ad could be here!
  8. The main page has been updated... by shaitand · · Score: 4, Insightful

    They removed the link to the sourceforge page.

  9. Re:Off-topic, but... by Jugalator · · Score: 3, Insightful

    Ah, another piece of commercial, proprietary software derived from VNC.

    Commercial. Proprietary. Yes, the magic words that get some people's blood to boil. You wield them well.

    Here's a serious question: has Fog Creek ever given anything back to the open source community?

    My question would be why you care? In case their VNC core comes from licensed software allowing a commercial derivate as a binary, there is no problem. I believe AT&T's core was GPL'ed so that would raise some questions, but it's possible that by "VNC core" they mean some VNC-compatible derivate with a compatible license. In that case, the devs of that core also specifically intended use of it like this, being more open than just for OSS devs to use. Yes, there is a "more open" than that. And those developers don't have an issue with this, and maybe just you not wanting to see a 100% free use of their code. And if it doesn't follow the license, there's a breach of license, and then that would indeed be bad.

    But this is clearly an issue of whether licenses are followed, not about a company doing "good" or "bad". If they follow the license of the developers -- that is using the software like they specifically intended others to use it -- they are per definition doing good. At least unless if you disagree with how their VNC core devs chose their license.

    If there's something I get annoyed about, it's not about companies properly using licenses, but people like you who try to impose a personal code of ethics on companies who only use the code the way the original devs intended it to.
    --
    Beware: In C++, your friends can see your privates!
  10. Re:Off-topic, but... by Anonymous Coward · · Score: 3, Insightful

    Don't you dare complain about doing the minimum. If you want more than that, write your own license and start to use it instead of the GPL.

  11. Re:You missed the obvious joke... by Mr2cents · · Score: 3, Insightful

    OpenSSH is not GPL but BSD licensed so there is no problem IMO. I haven't checked for VNC (sorry, I'm just too lazy). And besides, GPL is all about distribution, not about modification; if I modify a GPL program and keep it to myself, there is no problem. There is no way you can force me to give up the changes. But if I distribute it, I have to supply the source code with my modifications.

    So did the guy receive binaries of GPL-based software? If that's the case, he can demand the source. If not, he just wasted our precious time.

    --
    "It's too bad that stupidity isn't painful." - Anton LaVey
  12. Re:Off-topic, but... by Anonymous Coward · · Score: 2, Insightful

    I mailed the developers that they needed to distribute their modified SSH client and VNC source to be in compliance with the GPL license. They said they didn't modify those programs and ignored my request for the current source code. So I ask again, if this is a GPL'ed application; where is the source? That seems awfully like you are claiming a violation of the license. Like others have said, the source code to OpenSSH and RealVNC are not GPL or GPL-only. I would love to know why you think open source means GPL.
  13. Re:Off-topic, but... by orclevegam · · Score: 2, Insightful

    I actually bought the DVD that was created to document the experience the interns had while working on that project. They all seemed very happy to be there, and honestly it was a very nice work environment, particularly compared to some places. Could have been worse, they could have signed on at one of EA's sweatshops. As an added bonus, most Universities require some sort of internship in order to receive your degree, and the sort of work experience they acquired working for Joel not only looks good on a resume, but better prepares them for a professional job as a software developer.

    --
    Curiosity was framed, Ignorance killed the cat.
  14. Re:FOSSie outrage machine by budgenator · · Score: 2, Insightful

    Bill Gates and wife isn't Microsoft and they aren't the Bill & Melinda Gates Foundation.

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds