Slashdot Mirror
How to Deal With Stolen Code?
greenrom writes "I work for a small company as a software developer. While investigating a bug in one of our products, I found source code on a website that was nearly identical to code used in our product. Even the comments were the same. It's obvious that a developer at our company found some useful code on the web and copied it. The original author didn't attach any particular license to the code. It's just 200 lines of code the author posted in a forum. Is it legitimate to use source code that's publicly available but doesn't fall under any particular license? If not, what's the best way to deal with this kind of situation? Since I'm now the only person working on this code, there's no practical way to report the situation confidentially. I'm new to the company, and the developer who copied the code is the project lead. Reporting him to management doesn't seem like a good career move. I could rewrite the copied code without reporting him, but since the product is very close to release it would be difficult to make a significant change without providing some justification."
> Is it legitimate to use source code that's publicly available but doesn't fall under any particular license?
Of course it is. This kind of thing happens all the time.
Frankly, I'm glad you don't work for us. The fact that you would consider "rewriting" code that works well just because it was written by someone external to your company doesn't speak well for your sense of business priorities or usage of time.
> The original author didn't attach any particular license to the code.
I think that says it all.
I'm a lawyer. Please contact me about suing some people for lots of money.
n/t.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Lead: How does the code work?
Developer: I don't know.
No license == normal copyright rules apply. You can't do anything with it unless the author gives you permission (licenses do this). What you need to do is either 1) Replace the offending code or 2) Contact the author and find out what the terms on the code are / negotiate a deal.
Personally I'd attach a clear comment to that piece of code that reads something like Seems to be derived from [TheUrl]; no license issues as far as I can see. Original adaptation by [YourLeadNameGoesHere] - [YourNameGoesHere] ([Today'sDate])
At least you'd be doing some due dilligence and making sure no one thinks you're the one who did the copy&paste job. In the unlikely even that there's a problem, at least you'd have something to fall back on that can be audited off your source control repository.
Applications are full of snippet'ed code copied from all over teh internets, much of which is technically in the public domain since no copyright is claimed (or practically enforced). I don't think anyone cares. Hell, I've seen people copy code from sites that were ripping off original authors on other sites (i.e, codeproject.com). The problem is when you incorporate large swaths of functionality and don't bother to follow the original licenses.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
When I was in grad school for programming my instructor taught us how to search for the code we needed on the web.
Moreover in my professional career as a programmer I ran into several stumbling blocks where I couldn't figure something out. I'd google for code, or use helper sites like Tek-Tips where people could either correct my code or provide me new code.
I'm paid for results, not for originality. If people provide code on the web as tutorial purposes or just as a friendly piece of help then I would be going against my job to not use it.
Moreover, I ask: If you bought a book on, say, ASP and it had sample code that did exactly what you wanted, would you then rewrite that code so it was not what was in the book? Of course you wouldn't!
If the author doesn't attach any license and it's "just" some code from a forum posting I don't see a problem with it. I have several times posted code samples in forums to help people, I would not mind that they where used in someones commercial program, if I minded I would have attached some for of license. If its posted on a forum to help somebody, the poster must know that it will be used.
Visit http://www.crunzh.com/ for free software. Mac/Lin/Win
Generally whenever I post code on an open forum in response to an answer, I assume the code will be used by other people and so I generally treat my own code as if I just put it into the public domain unless I've explicitly said otherwise.
However, that's not the law. I believe that the code an author publishes on an open forum is copyrighted by the author by default.
Me; I'd probably drop the guy a brief informal note asking permission to reuse the code and see what he does. More often than not if he's like me he'll probably say "sure, I don't mind."
"Is it legitimate to use source code that's publicly available but doesn't fall under any particular license?"
Yes.
How do you actually know that this happened? From what you posted it seems just as likely that the author of the code worked for your company and saw some question in a web forum, took some code that was the companies' property (developed on their time and their equipment) and posted it to the web forum to answer someone's question. Do you have any way to be sure that that isn't your own companies' code out there?
That's called community driven development. There are only SO many ways to write something and sometimes a bit of community code works better than beating your head into the wall for weeks with a deadline looming.
Though, now it brings up a question of how they got to be a project lead.
Ask not what you can do for your country. Ask what your country did to you
If you really want to spill the beans on this guy and get people to notice that he "stole" the code, then play stupid and show the forum to your boss and say "Look this guy took our code and posted it on this website" They will put one and one together and see that it was your office that actually copied it. Then it's in their hands and you we attempting to protect the company.
Don't worry about the fact that the forum post was 4 months before you guys even started work on your project. In your haste to protect your companies IP you didn't realize you were the ones doing the copying.
"Immature artists imitate, mature artists steal. -- Lionel Trilling"
That's the cookie that slashdot displayed (at the bottom of the page) while reading this article.
Coincidence? I don't think so.
On the other hand, if you don't do something about it, it could become your problem. Decisions, decisions ...
Lacking <sarcasm> tags,
Don't sweat it. When I post code in a forum, I generally do so with the hope that other folks will find it useful, and the expectation that, if they do find it useful, they'll go ahead and copy it. If I want to make something available with a license and everything, I'll either put it on Sourceforge, or post a license in the comments. It's a safe bet the original author feels the same way.
Legally, it's not necessarily safe to copy long snippets from forums, but from practical and social points of view, I think this is much ado about nothing.
... it sounds like the author probably did intend that it be used.
... that's probably more important at this point.
If it's the lynchpin of your product, you should consider rewriting it just so that you can say you actually own it. And to do that, you'll need to involve the project lead directly. It doesn't sound like that's the case, though.
Additionally, if you know the source URL, consider attaching it to the code as a comment. That way, if someone in your group wants to know more about it (e.g., context, limitations, etc) they know where to find it. This type of knowledge accumulation comes in real handy.
In the meantime, focus on creating value for your company
Just write a memo, "We need a license for this code". It probably won't be very expensive.
Here's the policy on use of code snippets in O'Reilly books. They generally allow it, but require acknowledgement in the documentation.
IANAL.
The code was published under no license, but by default it is owned by the author. Thus the author has all rights to control the copying of his work. In short, no the company has no right to use the code. The GPL and other OSS licenses allow the author to grant other people _more_ rights than they would normally have. The same is true for Creative Commons licenses. However, if this forum is a place where people discuss and help people with programming, one could argue that there is implied consent to reuse whatever is found there.
I think you should report him. If the code really is stolen, it could be a serious liability for a company.
Help I'm a rock.
I'd cut the head off of his favorite Bobba Fett doll and leave it in his bed for him to wake up next to. Either that or wrap a dead curry in newspaper and leave it on his doorstep. "Luca Brazzi codes with the Indians." And if nothing else, you could always take him fishing...
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I do this all the time. My feeling is that code snippets posted in a public forum are meant to be be used by others unless it says not to. Yes, I recognize that this is at least theoretically contrary to US copyright laws. But if you don't want someone to use it, why post it? To show your brilliant code?
Since this specific case apparently bothers you, I think you should try to contact the author through some back-channel and get an explicit okay to use it. But I bet more than likely your request will be ignored or you'll get a "why the fsck are you asking such a dumb thing?" That's generally how I reply when someone asks me about code I've posted.
I've copied code from the Perl Cookbook and the PHP Cookbook. As far as I know, that code doesn't come with any license, and yet I would think the purpose of the code is to be copied and used as is or modified as needed. I would think the same would be true of code someone posted on a forum or mailing list. I'm surprised that anyone thinks copying the code would be a problem.
What a fool believes, he sees, no wise man has the power to reason away.
Mod the parent up. It is the correct answer.
Of course, in the real world, you always have Option 3) Ignore it, move on with life.
This is actually the incorrect answer, but as many people have pointed out it really isn't morally reprehensible and you'll probably get away with it.
Usually if it's a complicated section of code I'll include the URL in a comment above. If it's just a line or two I won't. Often times if it's from a forum I stay with that forum for a few weeks and try to contribute back in some way.
If the code explicitly has a license attached to it I follow that of course. But I've not had to do that yet. I don't pull code from other project bases unless it's a library or such (in which case I follow the license). Only code that is meant to be viewed and used (such as forums/tutorials).
At worst it's a licensing infringement and at best it's plagiarism.
You don't need to start a full on war unless the copying has been rampant, but it has to be addressed and not only for ethical reasons. If your company gets taken to court over copied code you can bet it will impact your employment situation.
I would suggest mention during the next meeting that the company as a whole needs to give credit for all code and remind them that an in intellectual property suit could made life difficult. As for the existing code, if you come across more code you aren't sure about the license for, ask the original author for permission to use it. If it is not granted bring it up with management that you attempted to resolve the issue but unfortunately the code will have to be replaced. It won't take many times of duplicating work already done before management starts making sure licenses are checked before incorporating code.
There is no need for finger pointing unless the copying continues in the future. If it does, then start raising your voice to protect both yourself and the company.
And YES, the code is copyrighted the instant it is created. And NO, because it's publicly viewable does not mean you are granted a license to do anything more than read it.
the growth in cynicism and rebellion has not been without cause
Utilitarian: The chances that this is going to be discovered and become an issue are practically nil. It seems like it was a (relatively) trivial piece of code floating around the web, and I doubt anyone will notice.
Legally: Depends on how it was added to the webpage. Especially if it was added under a pseudonym or the like, how can someone prove that they were the original author, and thus have the copyright, even if they wanted to?
Ethically: You should respect the copyright of someone else's work, and contact them. Also, talk to your supervisor.
Hopefully I didn't put any [] around my words.
The United States is, as far as I know, the only country in the world where your work is not automatically copyrighted when published. I know for a fact that any code, text, images etc are posted from a European country it is automatically copyrighted, "(c)"-symbols or not. In Sweden for example it is actually discouraged to write "Copyright xyz" in your documents/works because it has no legal meaning and it confuses intellectual property law for the layman. So while you are probably correct if the copied code originates from somewhere in USA, the original poster's company is most certainly in violation of some intellectual property law if the code is from abroad.
Technically it is a copywrite violation but so is most anything now adays.
If the person posted code on a forum then normally they do so expecting people to use it. Hense Posting it on a forum. Most forums go like this.
First Post
How do I do this?
There is a reply
Try this code.
They usually replay with two options
Sorry it didn't work or It worked thanks.
You are probably just out of college were even looking at someone elses code is considered a great moral sin against humanity, where just the though of this could bar you away from higher education forcing you to live your life without being able to obtain a higher degree. In business if it works they use it even if it is a copy and paist. If it was something more problematic like say Using the source from an other companies code who had a strong license on it... Or using GPL code for non GPL reasons then there would be some consern. But for posting giving help to some one who wants to know how to do something it is basicly a non-issue.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
If posted on a discussion forum, clearly the intent was to share the code, but without an explicit license, it's technically a copyright violation. (And no, it's sure not PD; ignore the people who are telling you that.) Also, if in a forum, then I imagine the amount of copied code is pretty small.
But the intent to share the code, suggests that there won't be any consequences to the technical violation. Regardless of the law, it sounds like the author just doesn't care. Forget about it.
If you do talk to somebody about it, the first person you talk to is the guy who copied. I don't mean confront; just communicate. So much bullshit happens because people don't talk to each other. See what he thinks. Get his opinion. That he's the project lead, makes it even better: you just covered your ass.
You'll find that, in Berne convention countries, copyright is automatic and does not require an explicit copyright notice.
This means copyright must be explicitly disclaimed if you really want to put something in the public domain. Simply posting it on a forum probably wouldn't do that, especially given the number of forum systems which say "Comments and postings are copyright by their authors" or something similar. (Lack of that message would not imply there is no copyright.)
However, unless 200 lines is a sizable percentage of the completed work, I wouldn't worry about it this close to shipping. It also depends on just what those 200 lines of code actually are; interface definitions aren't copyright-able, after all. So there might be fewer, perhaps many fewer, lines of actual creative work.
And the work itself may be based on something that is public domain....
And the author would be hard-pressed to claim a loss of revenue in this case, since he did post it publicly.
Copying code from random un-attributed sources without license agreements isn't a good idea. But for this one, I wouldn't try and fix it. Ignorance is bliss and you've lost that now, but you can always pretend and be happy.
Its always better to err on the side of caution with this stuff. You may want to notify your lead one on one that you found it. That way you're not going over his head, and you're being a man about stuff. The big concern for me wouldn't be the guy who posted it on a forum, it would be the question in my head about where he got the code before that. Was it his home brewed code? Maybe he swiped it from an O'Reilly cookbook? Maybe he was unscrupulous and swiped it from a website who had clearly noted that their code was not allowed for use. You don't know, making you assume one way or another. Sadly, assumption is the mother of all f*ckups. Now, another possibility is to post a response in the forum asking whether or not you can spoon in the code, or for a license clarification (if its a more recent post).
To the original poster:
If your company want to be completely honest and above-board and legal, it must ask if it's okay to use the code. If the author says no or demand$ too much, you must not use it.
Unless you are fortunate enough to get a fast "sure, go ahead and use it" you will miss your deadline. Sometimes a little cash - maybe as little as the amount of man-hours it would take you to rewrite and test it - will be enough to expedite getting permission.
By the way, for all you know, the tech lead did ask permission, or the tech lead knows the code is already been dedicated to the public domain.
If it were me, I'd talk to the tech lead. If the tech lead doesn't have permission already and isn't willing to go to management and do The Right Thing (TM), I'd start circulating your resume and talk to management about it. When you do talk to management, present them with options that are likely to 1) be acceptable to management and 2) get the product out the door as soon as possible.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
1. Write a small comment next to the comment mentioning the code was copied of the web.
2. Write a quick email to your boss telling them you did that.
Move on with more important things.
If not, what's the best way to deal with this kind of situation? Since I'm now the only person working on this code, there's no practical way to report the situation confidentially.
First, do your research. Is it possible the code on the web was stolen or leaked from your employer? You might want to show the lead developer the web page.
If you should determine that the code was lifted from the web, the best response might be to simply rewrite the code, since it is only about 200 lines. Look for bugs in the existing code, which you could use to justify the rewrite to management, should they become curious, or worse, be of the shady type.
It might be helpful - after the rewrite - to send an email to all of the developers, the lead developer, and possibly his boss, saying something similar to this:
It is important to highlight that you have just saved the company money and reduced their liability, and make sure to address no one individual in particular. Do not come across as accusing any one person, but rather, try to express a helpful attitude.
Now, understand that you are new here, and do not yet know the culture. If your employer has a culture of copyright infringement, it would probably be in your best interest to find another employer. Typically, when such companies are found out, they find a scapegoat on which to hang the guilt, and because you're the new guy, that would probably be you.
The society for a thought-free internet welcomes you.
How do you know that your predecessor copied the code from the website? Maybe someone leaked your company's code and the website is the copyright violator.
You might find that he or she is very appreciative of your efforts, and going to him or her was really great for your career. Unless there is a reason you don't feel safe going to this person--ie if they were sexually harassing you--they should be your very first stop.
The CB App. What's your 20?
Not attaching a license in no way affects the copyright ownership of the code. The original author has a copyright on the code in your product. I the parent poster of this thread has no idea how copyright works. It isn't like a patent, where disclosure prior to filing the patent puts it in the public domain. All works have an implicit copyright. It might be crazy, but it is true.
The legal liability of having stolen code in a released product should greatly outweigh the cost of rewriting a 200 line code segment (single digit hours of coding). Knowingly infringing on the copyright of the code is a huge risk.
In my opinion you'd be crazy to knowingly allow this code into your release.
Of course, there is also the big question of how much more infringing code is in your release that you don't already know about... how to deal with that seems like a much more difficult question.
IAALBTINLA (I am a lawyer but this is *not* legal advice)
1. The original write owns the copyright to the code.
2. By posting it to the BB, he might have agreed to license it under whatever terms by which the board operates. This might mean you have some license to use it (either implied or actual).
3. The code copied by the developer might not be enough of the work as a whole to considered infringement.
4. One test for determining whether computer code infringes copyright, in the USA at least, is the classic, yet ambiguous "abstraction, filtration, comparison" test. (If the copying was complete with comments, then that's not so good for the copier, but if the code accomplishes a trivial function, then not so much.)
5. Speaking generally, it's important to be on the lookout for situations like this. For instance, if code is copied from an open-source project, then significant consequences can follow (c.f. the Asus story below this one.)
6. If you are concerned, talk with your company's legal counsel.
I worked at a company 3 years ago on a project to create a secured web application, and a lot of js was used for functionality (think AJAX -- before AJAX was cool)... I came across a block of code submitted by the lead dev in a js file, that was copied EXACT, including the copyright commenting placed by the author of the code -- complete with the url to find said code on the web! Now, I felt this needed addressing, but upon doing so to the management of the company (a small outfit in the NE US, small enough I knew the CEO on first name basis), all I got was negative flack for pointing it out. Go figure.
Rule of Acquisition #19: Satisfaction is Not guaranteed.
no more text needed, right?
"People who are willing to sacrifice essential freedoms for security deserve neither freedom nor security."
B F
Just because it's on the web, even without any particular license, doesn't mean it's free for the taking.
It's kind of like the online magazine. Sure, you can view their web pages, but try republishing them and you'll find yourself in quite a bit of legal hot water.
The author might not think his code is worth that much, but as soon as it shows up in a commercial product, he might change his mind. Because he hasn't granted the company explicit permission to use it, he could sue for copyright infringement.
Granted, IANAL, but it seems like a rather foolish thing to expose yourself to a potential $150,000 in statutory damages for a mere 200 lines of code. Most competent coders could rewrite that in a week, if not a day.
The society for a thought-free internet welcomes you.
If something was stolen, the right thing to do would be to return it to its owner, no?
"Ask not what your country can do for you." --John F. Kennedy
Gee, it's a dilemma: You could (1) talk to the guy about it, or (2) wave it over the global press under a pseudonym pretending that no one will guess who you are.
Let me think about this for a minute...
-I like my women like I like my tea: green-
I wonder if your project lead reads /. ?
But I bet your company has one. Wait, I'm getting an idea... yes... yes... no, lost it. I'm sure it would have been the best legal advice ever posted on Slashdot, though...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I've seen my cide all over the NET!! I expect royalties from everyone who has ever used:
<script>
document.write("hello world!")
</script>
How do you know that he wasn't the one who posted the code in the forum in the first place? How do you know it wasn't his code to begin with?
My page.
Why do people post code on internet? Because they want to help other people. They like to help. As simple as that. I don't think you can explain the amount of useful code on the net any other way.
The best reward you could give him i probably to use his code. He would probably be glad if he knew that his code was used. I say, send him an email with "Thanks! You code was really useful. Nice work. Keep it coming..."
You mentioned that the person who copied the code is the lead developer. Why not discuss it with them directly before even considering talking to management or anyone else? See what their take on the situation is. If you can't establish a communicative relationship with the lead developer on a project that could be just as detrimental to your career as whistle-blowing.
Also, consider the timing. Has this code made it into a release yet? If not, and copyright is a real concern to others in your organization aside from yourself, now would be the time to act. If it's been in there for one or more releases, getting it out now won't put you in any better shape than getting it out of there for the next release.
Now, in reality, the author posted it to a forum, probably with the intention of giving away the code. It would be entirely up to the author to sue and whether the author would sue or not -- well, I kinda doubt it.
Umm..how do you know this guy is the original author and didn't himself lift it from another site?
That to me is the danger in not using in house code. You never know who the original author is it.
Skip ------ See the latest from http://www.anArchyFortWorth.com
Just for me personally, if I put some code I wrote out in a forum, I expect someone to use it other than myself. Someone asks a question, I throw out a chunk of code, we're done. I don't care where it ends up. Likewise if I find an example that someone has put on the web when I was searching for something to do that exact thing, I'll grab it and adapt it to my use on the principle that that's what it's there for.
Forums can be kind of a greyer area. I once had a guy who was maintaining a system I wrote put a decent chunk of my code in a forum; source code, mind you, not just a script. It was a whole program, and while I never sold that particular piece to do anything by itself, it was a part of a product I did make a decent bit of money on, and a pretty clear-cut breach of my IP for some joker to just post it (they'd signed a contract dealing with redistribution, so it was in writing).
I called them, they apologized, disciplined the guy, and hired me to do the change he'd been trying to do (he'd posted the code trying to get someone to tell him what it did), and paid me at a higher rate. I let it slide because it wasn't a big deal (non-critical code), and they dealt with it to my satisfaction.
If, at some later date, I'd found that code verbatim in someone else's system, I might have mentioned it to them, as an aside, but I wouldn't have tried to claim damages or make them remove it. At that point it is WAY too difficult to trace provenance, and hard to prove any sort of knowing violation. It had been released, I'd taken it up from the people who released it, it was done.
In short: If someone releases code with no license attached and you use it and it turns out later it was licensed you're going to have to deal with the consequences of that. If it turns out it wasn't licensed (or was BSD licensed) you're in the clear, even if it was a case like mine where the code was released by a party that wasn't authorized to release it.
The internet is a nice tool to keep from re-inventing the wheel, but if you take anything more than a little subroutine, you better know what rights you have with regards to it because it can seriously bite you in the ass.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Honestly, it's 200 locs. If someohe got seriously "arghhhh how do I solve this?", googled and found some code in a forum that solved that one annoying problem then I wouldn't hold it much against him. Now, if the whole product is like this with a lot of code or whole libraries lifted from other sources and he's actively using google as a source to avoid doing his job, then I'd consider acting on it. I know there are some quite honest people that are more discrete but essentially doing much the same if they find a piece of code that does exactly what they need. It's sorta hard to imagine an alternative way if you've already peeked at the solution.
Live today, because you never know what tomorrow brings
int i = 0;
hah you will all be theives from just reading this post!
Or maybe there is something more to a copyright issue than just any code snippet.
Hmm.
Not specific to this situation, but there almost certainly has to be a practical limit to how much code you need before something is under copyright. For example, the single line
(+ 1 1)
could not be reasonably subject to copyright (IMHO, IANAL, etc.) IIRC there is some rule about originality that this would not satisfy. OK, what about:
;Code to print out "hello world"
(defun hello-world () (format t "hello world"))
Exceedingly simple, entirely trivial, and arguably not creative or original, but more gray than the first example.
What about:
;Code to add two numbers and multiply by a third number
(defun calc-with-three-numbers (a b c) (* (+ a b) c))
Still trivial, but you get the idea - at what point do we cross the line into copyrightable material?
Also, let's assume (for the sake of argument) the last example above is copyrightable. If someone else independently working on the same problem does:
;(x+y)*z
(defun f1 (x y z) (* (+ x y) z))
Would that constitute a copyright violation of the above formula? They do precisely the same thing using exactly the same algorithm, but look very different. Is the second in violation of copyright of the first?
In practice, some problems have an "optimal" solution that most skilled programmers will eventually converge on (if they are good at their jobs). To my mind this might end with comments being (sometimes) copyrightable and code being defined as a mathematical algorithm, which (IMHO) is much closer to the true situation. But I don't know what the legal definitions are for this issue - anybody know if Groklaw has dug up any related material?
"I object to doing things that computers can do." -- Olin Shivers, lispers.org
What if the guy who posted it in the forum wasn't the real author and it's really copyrighted by somebody else?
No sig today...
It is NOT LEGAL to copy code just because it has no license!
Everything is automatically covered by copyright law, with "all rights reserved," even if no copyright notice or license is provided. This is a core fact of international copyright law. A license does NOT restrict your rights to use a work; the only thing a license is ever able to do is GRANT you rights that you, by default, DO NOT HAVE. "License" literally means "grant permission," you know. By default, you do not have the right to redistribute a work at all without explicit license (that is, permission) from the copyright holder. Again, it does NOT matter whether the original work had any copyright or license at all. If it has none, you are barred from reusing it, period.
(EULAs are tecnically contracts, not licenses, despite the name. Don't confuse them with a normal copyright license.)
If you literally cut and paste or copy something verbatum from somewhere, whether it be a poem or code, even in a public forum, technically it's implicitly copyrighted by the author.
However, in practice, if the intent of the author was to share the code with other developers as reciprocation for assistance in the forum, code masterbation, karma, whatever, the implicit copyright is weak. IANAL but I don't see how any court could ever find the copier at fault and really you shouldn't either.
200 lines of web code is not a significant part of your company's intellectual property. Be flattered, move on and keep hitting the pavement like everyone else.
Ben Hocking
Need a professional organizer?
To summarise your position: someone in your company found some information on a forum and too advantage of it (presumbly without the authors permission). You are asking for advice on a forum and are hoping to take advantage of it, too.
Are you planning to get the permission of whoever's advice you use, before you use it?
P.S. You have my permission to use this post in your considerations.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
from what I can tell from the original story, the guy found some code that developer in his company pulled off a message board. In my experience, no one just randomly puts a piece of code on a message board post and says "here's the source to this great piece of software I wrote. Don't any one use it." If you do go around doing that, congrats, you're very weird.
Most code posted on a bbs is code put in response to a question, i.e. "how do I make a database connection". At that point, its pretty much implied that I'm going to let you use the example code I posted however you please and, considering its a very public place I'm posting it in, anyone else is more than welcome to use it.
At the same time, I challenge any of you out there that has programmed to honestly deny (key word: honestly) that you have never EVER under any circumstances been stuck trying to figure out something, then go to a book or bbs, see the solution and just copied what you needed.
As far as I'm concerned, if you post it in a bbs (under about 98% of the situations), its fair game.
I'm new to the company, and the developer who copied the code is the project lead.
You married? Got any kids? A mortgage?
If the answer to any of the above is yes, then shut the hell up about it and get on with your day.
If the answer to all of the above is no and you're in the mood for an ethics experiment - mention it to someone. Have your resume ready first. You're about to learn what the business world is really like.
Weaselmancer
rediculous.
I guess it all depends on what the code does - if it's a collection of utility functions (like string manipulation) which anyone could write during a coffee break, then I guess you can forget about it and move on with your life.
If, on the other hand, the code is a complex algorithm which took months of research to develop AND is the main feature of your app - then I guess you should spend some time and try to figure out the license thing.
I guess one should be 'politically correct' up to a certain point - when the subject can, in theory, harm others. Beyond that it doesn't make sense and one should focus on more important aspects of reality, rather then examine everything under the microscope, even though there's very little to see there.
Normally, it's best to err on the side of caution write original code. In this case the code was 200 lines long. Now, I know length shouldn't be an issue, but how many different ways can/will you write your for-loops or AJAX code. The OP mentioned that the code was 200 lines long, which isn't very much. Even if the OP's group were to rewrite the code, it might not look very different from the original code (not counting stupid things like variable or function name changes). It's at these gray areas, that I, personally, tend to not care as much. Now, if it were an entire library of code, that would be different.
I'm totally fed up with this copyright paranoia.
Now you have to make sure your code is different than somebody else's or you'll be sued?
With ANY computer language being a LIMITED set of instructions, that leaves only so much options to do things, and some of them can ONLY be done with specific instructions in a specifc order.
Society have to grab greedy people/corporations by the balls and yell "Enough is enough!!".
How do we know the guy didn't invent it?
In other words, "the developer who copied the code" may have copied it from your project to the forum. Or maybe he already got permission from the poster. Or maybe he already got company clearance.
Why don't you talk to your project lead about it?
as is mentioned upthread, published works are owned by their authors by copyright in the USA,
I'd prefer an ethical behavior on the part of all of my employees; some do better jobs than others-- but ethics comes first. Our code is clean, was clean, will be clean, and adheres to the licensing and copyright strictures.
Dry-ripping/cutting&pasting code from any old website is beyond stupid, it's lax, possibly criminal, and well, you haven't vetted the code against standards and practices-- what if it blows up or creates a nice nugget of crap in otherwise vetted code.
I disagree with your practices. They put output over ethics, suggest unscrupulous use of code, violate standards practices, and create possible conflicts with other code. Swiping unknown code from a random website's bad practice.
---- Teach Peace. It's Cheaper Than War.
> how they got to be a project lead
Maybe by consistently delivering results? Just sayin'...
>> how they got to be a project lead
>Maybe by consistently delivering results? Just sayin'...
But are they their results or those of copy/pasted code.
Ask not what you can do for your country. Ask what your country did to you
If you didn't violate the copyright, and it's something short like this, why worry about it? If there is a bug, fix it. You're a programmer not a lawyer or an investigator right? How do you know the previous programmer didn't have explicit permission to use the code? Could it be that your lead programmer was enlightened enough to use other people's code, instead of hand coding everything?
Reporting him to management doesn't seem like a good career move.
Not only is is a bad career move, it's a quick and sure way to get a rep so everyone avoids you. Report to your boss, bring your concerns up the chain. Start by: Doing it in writing, honestly, privately and directly to the person responsible.
And this has got to change. I recently asked a client if he can pay me as a TEMP employee, and take all the taxes out and he perceived this as a threat not an actual question. Nobody cares what the licensing agreements are for open source projects, the line should definately be drawn at commercial custom software. I think you should definitely talk to a lawyer about it but be prepared to lose your job over it if necessary.... but the industry will thank you! Bad business is bad for everyone...
Note that short code segments have often been found to be uncopyrightable. It varies from jurisdiction to jurisdiction, but it's often difficult to claim copyright to less than ~ 10K LOC outside the USA.
Darn! I was going to copyright {i=0;} and sue everyone for a bazillion Euros!
Wait a minute, I could probably get a US patent for it: Muwha-ha-haaa... I'll be rich, steeking rich, I tell you!!
What if to join the forum something was buried in the agreement like "you agree that any code or comments that you post are released to the public domain for others to use and modify"?
I haven't checked for this sort of thing but if I was administrating one of these forums, I'd certainly have put something like this in the terms-of-use. After all, as many people have pointed out disallowing use of posted code runs counter to the purpose of the forum.
My question is whether a term like this in a use agreement can override the implicit copyright.
Comment removed based on user account deletion
The former situations sound more serious than the later. Not many people feel there is alot of value in code that initializes a video card. You could easily spend 200 lines getting to the point to just draw something, but the structure of that initialization is largely determined by the people who made the api. How do you even know that the code wasn't copied from some book, then posted to the forums with some extra comments added?
From the description there are two significant possibilities that haven't been ruled out: 1) the work was created by your team lead first and then made its way onto the website and 2) the work was created by someone outside your company under employment by another company in which case, regardless of the individual's perspective, the copyright belongs to that other company.
From what you saw on the website, do you know for sure that the code wasn't posted by your team lead?
Maybe the simple answer is to approach the lead, ask if he posted the code on that site and discuss what, if any, actions are necessary to remove risk from your company.
Hopefully you're working for a decent guy, and you can just say "Hey, dude, I was researching this bug, and in the process, found this code on this forum. You think we should be worried about copyright issues?"
He may, like several slashdotters in this thread, be completely unaware of the fact that code is automatically copyrighted in the US.
He may have been aware, but just lazy, and say "Yeah, we should do something about that".
He may say "Who cares? No one will ever find out!". In that case, *then* you may consider going over his head and raising the issue with his superiors.
If he's a decent guy at all, he'll appreciate your coming to him politely with your concerns. But even if he's the type of vindictive halfwit likely to take offense at your discovery, he'd probably be hard pressed to come up with an excuse for taking action against you. And really, if you're working for someone like that, you should strongly consider looking for a new position elsewhere.
I'm not a lawyer, but I act from time to time as an expert witness in computer source code copyright infringement cases. Here are my observations:
..bruce..
-- Bring it to the attention of in-house counsel (assuming you have any). They will want to know as soon as possible.
-- As mentioned previously, check the forum itself to see if there are explicit statements about source code postings being in the public domain; don't rely upon vague statements or assumptions.
-- If so directed by counsel, contact the original author and see if you can get a written release from him/her for use of the code.
-- If that goes nowhere (no response or refusal for release), then do a clean-room reverse engineering -- get someone who has never seen the copied code to write replacement code based on a set of specifications.
I have worked on cases that have ended up costing the defendant very large sums of money -- in litigation, settlement, and/or re-engineering -- because of some programmer 'borrowing' code that s/he had no rights to.
Bruce F. Webster (brucefwebster.com)
First, are you certain that your lead copied from the said web site? It could also be that they both copied from a common source, hopefully in public domain. Although you probably have other context information to judge that, your post itself does not address that possibility.
I recall a similar argument in the SCO case where the code they claimed infringed was available as public domain in a text book.
So Vista Service Pack 1 is about ready for release?
Very offtopic...
After the cartoon riots I expected left-leaning types to be the first and quickest to stand up and condemn theocratic thuggery and tyranny. Imagine my dismay at the tepid response.
general consensus of the slashdot: stealing code is OK as long as it's not under GPL
ObDisclaimer: IANAL But most forum software tends to carry a disclaimer to protect the forum host, which says something to the effect that anything posted on the forum becomes their property forever to redistribute in any manner they please to indemnify them. They may (or may not) pass along that indemnity to users of the forums. But to the point, this isn't really your problem. It's the plagiarist-dev's problem. He may have obtained permission from the source after seeing the code and deciding it would fit the bill. He may have just written it himself previously and recycled it on the forum and in the current project. Or he may just made some assumptions and figured nobody would be the wiser. The ultimate question is, would you be reasonably expected to discover this plagiarism, and held responsible for not telling anyone? If not, you might want to just keep on walking, in the remote chance anyone will ever notice or care, it's still on him or someone else on the team, and probably not you since you're the new guy. If you're terrified of it being pinned on you, only then open that can of worms. Makes you wonder if it's that bad code though that's causing problems, since it was lifted verbatim, possibly without enough changes to fit your application, or just has some dumb error.
Releasing code on a forum that made such a condition would constitute licensing, just like publishing it in a book called Code You Can Use would.
It doesn't make that much difference how the license comes into being, as long as the author explicitly agrees to it. (It is possible to argue "implicit consent" in certain circumstances, but IANAL and it's a pretty complex area of law.)
HAL.
Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
IANAL...
But is the code really that important?
Is it like "Oh noes! They used <html> <body> <etc.> inside their websites!"?
Seriously though, if it's just a few lines that can be adapted to general purpose stuff, a simple function or two, or a quick demonstration, I wouldn't sweat it.
Now if they're copying something akin to 300 lines of stuff that works as a specific application that's unique or novel, then you should have good reason to bother. You just have to figure out what the potential cost is (if any), and whether or not something is generic enough that you'd risk looking stupid for complaining about it.
That being said, REAL stolen code is a difficult matter. There are lots of common things that need to be done that don't necessitate a full library to be developed, but are important all the same. I'm thinking mainly of one-off kind of code, examples would be most regular expressions, a lot of parsing, some file i/o that is common but needs tweaking. Plus, there's always the "How do I use this object" kind of stuff.
Stolen code would be on the lines of the optimization technique for sorting and optimizing access to Russian->English translations, or an intelligent determination algorithm for fast and efficient calculation of road directions on a GIS based web application, or maybe a combination of CSS, javascript, xml, and some flash that imitates the behavior of the host windowed environment in a browser. That is stolen code, and is likely the product of many many hours of work and a serious investment in time and money. Usually, this doesn't find it's way into forum posts, though I'm sure there have been embarrassing exceptions.
Maybe I'm reading this wrong, but you seem to be a young developer, maybe this is even your first development gig. The very fact you labeled this "Stolen Code" means you are coming to conclusions way too fast. To use a common corporate phrase, "This kind of decision is a little above your pay grade". I suggest you report this 'finding' to management as a something you need guidance on. Don't use "stolen", don't use "copied", don't use any words that indicate a judgment on your part, simply state that you found company code on a forum website and you thought someone should know. That's CYA, and it's the responsible thing to do.
~Sticky
/Weenie.
I wouldn't worry about it. The chances of a.) the person finding out and b.) the person actually giving a shit are pretty slim. I definately wouldn't rat him out...especially if he's a lead. Although it may seem like the ethical thing to do, in reality being labled a 'rat' in a company is pretty detrimental to a person's political status. If shit hits the fan, management will deal with it accordingly (after all, isn't that what `svn blame' is for?).
So let's be honest, this is a pretty common occurrence. Often times when people post code online in a forum, it's expected by the author that people will lift the code... in fact, that's why it's being posted to the forum! I understand that without an explicit license or authorization from the original author that this is not legal... good, fine, whatever - not trying to debate the legalities of it.
What bothers me here is that the original poster seems to be implying some act of malice on the part of his co-worker. Now, I don't know the full details of the situation, maybe there are valid reasons why he would feel that way. But he didn't even hint at that in his question to Slashdot but does mention his inclination to report him to managment. Really?? I mean... REALLY??? Could this not be an honest mistake stemming from a misunderstanding of the law? Perhaps the co-worker had private exchanges with the code author regarding using the code. Should portraying your co-worker as a criminal to management really even be considered as your first course of action?
I'll let others give their suggestions on how to deal with the situation, but the way the co-worker was portrayed here just rubbed me wrong. I've seen this same thing plenty of times, and it's never been anything but an innocent mistake... both on the part of the person copying and the person posting the code, because in my personal experiences the poster's intent was to make the code freely available but lacking knowledge of copyright law prevented them from expressly stating so in the forum. I'm guessing there's a good chance it can be resolved fairly easily without pissing anyone off or getting anyone fired.
Also, let's assume (for the sake of argument) the last example above is copyrightable. If someone else independently working on the same problem does:
;(x+y)*z
(defun f1 (x y z) (* (+ x y) z))
Whatever, bro. All new devs code in Java & stuff. Check out this code snippet I stole the other day while browsing from my Mac with the punk rock sticker on the lid:
newObj = objData.QuickSort();
wicked stuff. I heard it's a new way of moving things so they're in order of most coolness to least radness. I'm going to get so busted if my company finds out lol
--
(yes, possibly off topic, but very similar to a discussion I had with someone the other day)
Tickle my butt!
Why would you "report" him to your superiors? Do you honestly think people care? Weren't you taught that nobody likes snitches? You do not sound like a team player and have zero political intelligence.
What you do is this... send out an email to your lead saying that you happened to have found the code on the internet, and was wondering if it was safe to use it. Let him deal with it, not you. As long as you keep an email copy of the response, you are covering your ass, and that's all that matters.
Do you honestly believe that people are going to think you're a hero by revealing that some of the code is taken from somewhere else?
also, you need to have the wisdom to evaluate the code and see exactly how valuable it is... if it's just generic code, who the fuck cares? If it's Valve's code for Half-Life, I can understand, but cutting-and-pasting someone's implementating of a link list is almost useless.
Learn a little about the real world, it's not that big of a deal. Just because you read scores of article on slashdot doesn't make it a real world concern for 99.9% of the cases out there.
We have some third party code in our application from CodeProject. I just have to plug that site for what it's doing to teach especially Windows programmers in all disciplines, from offering useful UI controls and database API's down to assembly language stuff, and usually with licenses so little restrictive that they can often even be used commercially. For example, if you want a well provden library for managing configuration files, you don't need to spend hours reinventing the wheel -- it's most likely already there.
Beware: In C++, your friends can see your privates!
Have you not considered that your project lead may actually be the author of the posted code you found? Lots of people post on bulletin boards and forums under a pseudonym or handle. You could be digging yourself a big hole! In any case, you shouldn't go looking for trouble unnecessarily. The world is a complex place, and everyone has enough problems without you making a big deal out of a questionable violation which is not your responsibility, and where nobody is harmed.
It's just 200 lines of code the author posted in a forum.
Is it really that important of an algorithm to make a fuss over? If it makes cars run on water or the like, I can see why it would be an issue. However, if it just does something that any average programmer can recreate in a day or two, why care? Don't waste time fighting over a near commodity.
Table-ized A.I.
YANAL but I had some IPR trainings where this kind of stuff was discussed at length.
Technically copyright applies automatically in most countries. The act of creating something means copyright is granted to you on the form (i.e. not the idea like in patents). Licenses (free or otherwise) are designed to grant you rights and/or restrict rights. This can take the form of "do whatever you want" (e.g. MIT license); contracts specifying in legal terms your rights and obligations (e.g. most commercial licenses, apache and epl) or copyleft licenses (e.g. GPL) that try to negate copyright and turn its restrictions into freedoms.
In other word without a license normal copyright applies and you are legally required to get explicit permission to do things with the code (like using, copying, redistributing, etc.). Of course you could argue that such permissions are implied by posting it to a public forum. Legally it is a bit a grey area and you might wonder whether the person posting the code is actually the copyright owner. The nice thing to do is just try to contact the person who published it. More than likely they'll be happy to help you out.
Of course there is the practical side to things and it is pretty unlikely you'll ever be sued for this. Reusing small bits of code that people post on the net is pretty common. That's how the whole GNU thing started. The legal framework of the GPL and other licenses emerged as this practice became more widely spread because various people & companies were starting to apply copyright law and restricting people's rights.
Jilles
Even if code has a banner with terms you don't like, you can often ask the people to modify the terms for your use.
Engineering is the art of compromise.
That's a great point that I didn't think about, obviously. I think it's looking more and more like the magic 8-ball sez "yank and rewrite" here. Too many pitfalls.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
First, please stop repeating the meme that information can be "stolen". It's copyright infringement.
Having said that, there are a couple of things you should consider:
1) You are not a lawyer, so don't pretend to be. The less the developers think about copyright issues the more the company can claim unintentional infringement if there is in fact a copyright violation. This is what audits and highly paid IP lawyers are for.
2) Small companies (such as the one you work for) may not be able to afford code audits, full time lawyers, etc, so you may not have the luxury of ignoring it (assuming you care about the company).
3) You might be making a mistake. Your project lead may have permission to use the code in question. Perhaps the code posted on the forum isn't the original and is missing the license statement (it could be BSD). Perhaps your project lead is actually the poster who put the code on the forum. Perhaps the code actually originated at your company and was leaked out. There are a lot of possibilities.
4) Is auditing your Project Lead's code part of your job? Is this something the company hired you to spend time doing, or did you decide to do it on your own? Will the company see it as you trying to save them from potential lawsuits, or as exceeding your authority and spending time doing something they didn't ask you to do?
Ultimately if you feel responsible for ensuring the legality of using the code, follow some of the other advice here and tell your management you found some of the project source code on the web. Given that you don't *know* that a copyright violation is taking place, leave it at that. If you feel further moral responsibility, do whatever you need to do to ease your conscience, but be ready to find another job if you have to. A lot of companies probably won't see this as being a very big deal.
THE CODE ISN'T YOURS! (how does your implied licensing or IP beliefs matter?)
It is automatically protected by COPYRIGHT with likely no licensing.
So shut the hell up and all the 13 year old moderators stop giving them positive moderation.
This is a real and scary issue for business. This 'truthy' bullshit your posting is harmful and stupid.
1) To re-iterate some advice from above, talk to the original developer. Like someone else said, maybe it is his code and the forum post borrows code from your company, not the other way 'round.
2) To the folks saying, "code posted to a public forum is free game," it's not that simple. If this is an internal application, I agree. Use the code, enjoy, be healthy.
If this is a product your company sells externally, get thee (and your project lead) to your legal department. We've seen enough stories here about companies putting GPL code in their products and not keeping to the GPL to know you shouldn't just be selling OPC (other people's code) unless you know what you're doing.
3) You could always just put an attribution in the comments; that's what I often do.
Most code you'll come across in forums/usenet/et al is copyrighted in the sense that many things created are automatically copyrighted to the creator, but it's also mostly of the sort that given 10 coders of similar expertise, you'd get 10 very similar programs. The only way to claim exclusive ownership is to be the one person who paid the other 10 to write the code.
Unless there's explicit notice or license to the contrary, I make use of snippets found on the web in my work for my employer. If the example is sufficiently complex, I'll comment in a pointer to the original author and source.
Mostly it's for myself--if I ever need to maintian the code, I'll likely want to refer back to the sourse since obviously I wasn't able to figure it out the first time. And no one can claim I'm trying to pass off someone else's work as my own.
That said, I rarely find useful code I can cut and paste into my work. I may find (or get in response to a query) code that clarifies my thinking. But that is usually followed by some twisting and shaping of the code into the specifics of my need.
4) A lot of code looks alike. A lot of folks copy and paste from online help. Folks using the same IDE will end up with similar code--getters and setters in Java, events in Visual Studio, etc.
So...in the grand tradition of AskSlash...we can give no answer. If the original dev is still with company, that's your best place to start.
Most people seem to think that this isn't a real dilemma.
Just use it and be happy.
However, there are some things to consider.
1: Did the code REALLY originate from that forum? Or did the poster lift it from somewhere else as well?
2: Is the code safe/reliable? Obviously, you need to check your own code, but you should be twice as careful with foreign code.
3: Did the poster mean for it to be used publicly? I STILL find myself on private forums I shouldn't be able to get to (because of Google's cache). If you it's from a private (business/site development/etc) forum, you shouldn't use it. If it's a public forum, and someone is just helping out another person / getting help from others, go ahead and use it.
WE DO!!
The FOSS community and those of us who simply want do do things "The Right Way"(tm) do worry about this kinda thing. Even if it's just 200 lines of cheesy, insignificant crap scraped off a web site. It's the principal that counts!
Just cuz we're a buncha penguin enthusiasts don't mean we're non-principled. Bleats to the contrary simply foster the stereotype that the Penguinista are ignorant pimply faced youth trying to get a free lunch.
Either things count or they don't. You can't have it both ways "just because".
Senior NCO in the fight against entropy. I've seen things, man. Things no one should have to see.....
"Common sense isn't."
A fair amount of what many people refer to as "common sense" seems to be preconceptions and/or personal preferences propped up with the bare minimum of after-the-fact rationalizing.
That's so last century. These days, take him to a quail shoot.
Burning a $20 bill makes everybody (except you) richer. With a reduced money supply everybody else's dollar becomes more valuable. It takes a while to filter through to the labour market, but it does. That bill represent the wealth that you brought to everybody else so that one of them will give you something if you bring it to them. If you burn it instead, they still benefit from the work you did to earn that money, but now you won't be able to get them to give you stuff so they also get to keep the stuff and sell it to somebody else.
Just tell the project manager that you have discovered that someone on the team is leaking your source to the Internet. Show him the URL and say
"See? This is identical to the code that you wrote, including the comments."
Many years ago, I "sold" an application, with source code, that was less that 20 lines of assembler. Strictly speaking I got an extended warranty on a product my company had purchased, because I had written it to diagnose the problem with our purchase. When I asked my boss whether I could give it to the support guy, he asked me to get something for it. It was easy to negotiate extended support from the guy it had helped.
I was very proud of that hack, and agreeable to "selling" it, but my real motive was to show it off.
The whole copyright law situation as it stands irritates me because it seems to interfere with creation rather than serving the supposed intent of encouraging it. Laws need to be consistently enforceable to be meaningful, and detecting violations that invisibly use parts and pieces doesn't seem to be. A "whole" work in some sense, like a short story in an anthology or my little hack is relatively trackable. I can't propose an exact rewrite of the law, but there seems to be something wrong with it.
Do a search and replace for the variable/function names, reorder lines that can be swapped etc. Express things in a different way.
Copyright protects the form and not the idea(s). As long as the code you use is distinct, the original copyright no longer applies to it.
I think it would make sense to talk to the guy, which so happens to be your project lead. Tell him about your copyright concerns and give him a chance to fix it. You'll not only get an ally but someone who will apreciate your honesty and trust you. Since you're new you need to build up your networking circle within the company.
I myself ran into a similar situation, meaning I'm new to this team and someone with seniority checked in some questionable code. I could have by by passed him and talked to the big cheese of your department which would have destroyed him but I decided not to
and voiced my concerns with the person instead. Everything worked out. I now have a guy on my team that trusts me. This to me is more valuable.
My advice is simply to be a team player.
"If a show of teeth is not enough, bite
Was the source code found on Expert's Exchange? There they have thousands of code examples that subscribers can use. Yes in most cases credit should be mentioned in your own source.
Thanks,
Jim
I could use some free code.
If a baby duck is a "duckling," why would anyone want to eat "dumplings?"
No offence, but answers like this, and the first post for that matter, are exactly why posting questions like this to Slashdot is a bad idea.
In just about any jurisdiction, for many years now, works automatically fall under their creator's copyright unless there is another agreement. It does not enter the public domain until either the work is released to the public domain by the copyright holder or the copyright expires. The fact that the work is published on some web site makes absolutely no difference. The fact that it's not supplied with any explicit licence agreement makes absolutely no difference. If the code is ripped from someone else, and not for a fair use or whatever your jurisdiction calls the concept, then it is copyright infringement. There is no doubt about this, nor any need to weasel out saying call a lawyer. It is just basic copyright law.
As for the Bruce Perens thing, I haven't seen the talk in question, but I suspect it had more to do with patents than copyright. Rewriting the code in some significant way most certainly does make it a different beast from a copyright perspective, because copyright doesn't apply to the idea, it applies to the particular expression. You can't just rip someone's code and do an obvious search and replace or something similarly trivial, because then you would be creating a derived work using the original, which isn't allowed unless you qualify as fair use. But you can't copyright an algorithm (though in some places you can effectively patent one) so if you choose to completely rewrite the same algorithm in a different way then that's a new thing as far as copyright goes.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The code may not have come from the web site - they may both have a common source. Worse case would be if that common source code was, for example, protected by GPL and the version you found on the web site was in fact not legal itself. In that case there is no way you want to ship your product with this code in it as it would then be GPL'd itself. (Unless of course you are shipping under GPL already)
Also, don't just go in and rewrite it. You've read it now so any replacement you write could be a derivative work. The new code needs to be written by someone who has not seen the original code.
But the first step is to establish provenance for the existing code. Just because you found it on the web does not mean there is a problem here. Without knowing the provenance of the web code it does not tell you much at all.
Squirrel!
Give it back.
This used to be how copyright worked in the USA, but it has changed. I think most countries nowadays start copyright with creation, registration gives you proof of that (and in the US a chance for more $ in damages :) but the product is still copyrighted regardless. Of course, check your local laws, IANAL etc
...you really should give it back.
The western world's "Intellectual Property" rules are Fucked Up Beyond All Recognition. When you've got a couple free hours, watch, listen, or read what Lawrence Lessig says.
If I just set aside whatever I think the IP rules say, and just think about whether it's moral/ethical to utilize example code somebody posted in a public forum, I can't imagine this act hurting anybody at all.
Copying proven technology is what engineers are supposed to do. This copyright hogwash is just a lawyerly game.
Code is HOW to do something. Not really a work of art/print by itself. Code with no purpose is no more than jiberish. Therefore the way I see it, your code is how to do something. You can't copyright how to swing a hammer, but I suppose you can copyright instructions on how to swing a hammer. So just don't use the comments and your golden.
I'd go ahead and integrate the code as is, then sue the original author for stealing the code from your company. A good offense is the best defense.
I don't know what I would do in this sort of situation. But I know what I wouldn't do:
Publicly announce to thousands of people that my company may be acting in a unethical or illegal manner.
Abaddon: An Xbox 360 Indie game
If the original author posted the code to a forum as an example, without disclaiming any assumed or implied rights, then you are free to use it. The mere act of publicly posting the example is clearly an act that grants permission to use, however, you should look at the forum copyright policy as that may have further limitations.
Good grief kid, just let the code be used already. Don't assume the worst. If legal problems arise (big "if"), they can be worked out later with a payment or a rewrite or possibly even a demonstration that it's Fair Use or it's copyright has expired. And this can be done amicably, without "cruel and unusual" punishment.
I think a good faith effort has already been made. There was no notice of anything attached to the code. Look at the difficulties just trying to find out what is right. Both the license and authors are unknown. Maybe the code is an example, and intended for exactly this sort of reuse, does it need to be sprinkled with all kinds of assurances that it's OK to reuse? The code was obtained 3rd hand, making it doubly difficult to run down more info. Presumably this was tried, or the asker wouldn't even know of this issue? At the least, some distinctive phrases from the comments were tried in a search engine? What more is reasonable to expect? Even going as far as searching for the comments is asking a lot.
That these sort of questions are being asked at all, and that they sparked a big discussion, underscores how screwed up copyright law is. It's major chilling effects to conclude that when in doubt, it shouldn't be used. That copyright law can cause such fear as to distort the market because everyone is bending over backward to avoid even the hint of a violation suggests the due diligence is too onerous and the penalties are way too harsh. This is software code we're talking about here, not radioactive fuel where extreme paranoia and safety precautions are a Good Idea. This is using a copy of something, not clubbing of baby seals. Get a little perspective.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
Anyone who posts code to a forum like that has to just be giving it away, unless there's some clear license agreement somewhere close by.
Sounds like a non-issue to me.
I used to think the same way as the poster, before I knew much about programming but thought I did. I would read examples on Windows programming that would do the simplest of things and then try to put my own spin on it because I felt guilty copying it verbatim.
Trust me, at 200 lines the forum writer probably did not post their life's work or some masterpiece. Unless they've come up with some sort of mind-blowing new 200 line algorithm, in which case a forum seems like a poor place to debut it. My bet is it's a general example they wanted to share with the forum community.
I also agree with the comment about about writing a comment attributing it - if anything this will help you later in case you truly didn't know what the "pirated" code was doing and wanted to check the source.
On that note, I think it's pretty funny there's a large population at Slashdot (maybe just a minority, but still) who thinks all information should be free and glamorizes sites like Pirate Bay, and yet when a question comes up about having 200 lines of most likely trivial code non-nonchalantly posted to some forum used sans permission everyone is up in arms.
Give me a break. I've had the code I did not post publicly for entire projects stolen and then barely attributed only after I caught the person in the act. It sure makes this entire question seem a little petty.
Just because it's posted on a website doesn't mean the poster or blogger had permission to began with. Who made who, who really wrote the code?
There is a question of provenance of the code. Just because you found it on some web site doesn't mean THEY didn't copy it from somewhere else and remove the copyright notices - it happens. It's also possible that both got if from a public domain source (there isn't that much code in the public domain, but there is some). However, I strongly suggest you report it to your superiors within the company. If they decide not to do anything about it then don't worry.
Copyright infringement is one of those things where ignorance is not bliss. The longer it goes on, the higher your company's potential liability.
Did you read the forum's terms & conditions? It might have some section on author's & forum's rights over posted content.
Study the 200 lines of code, see what it does, write up a spec, hand the spec to someone else on your team that has never seen the original code, have them write up code to the given spec and you are 100% in the clear. This is the method originally used to create IBM clones.
I wonder if this is a cognitive dissonance. Ethical job and family support are both needed but can't be at the same time.
I don't think it's an either-or type of problem. You have to look at the relative merits of each solution path and pick the one that does the most good. In other words, moral relativism.
Squeal on the lead programmer? Possible good: Other coder gets paid a royalty, or at least the infringing code will be rewritten. Company avoids a one in a zillion chance of a lawsuit. Possible bad: You've offended the guy you're working for - have fun with that. Or worse yet, you're unemployed, and people who count on you are out of luck.
The bad is larger than the good, at least from the point of view of the person who found the code. Therefore - don't do it.
The business world probably is like that. That doesn't mean you should be.
If you're employed, you're in the business world and you have to play by their rules. Sucks, but it beats starvation. I hate to be so negative about things but that's the way things simply are. Job = money = food. No job = no money = starvation. Those are the stakes, and as much as I hate to say it, idealism has little place in any of it.
Weaselmancer
rediculous.
That should fix her up!
Remember that your goal is to assess and correct a possible error. It's not about "tattling;" it's just about heading off possible trouble. Make sure you're in the right frame of mind before you bring anyone else into it.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
You don't have to totally change every little part of the code. Let's face it, there are only three things that might link your code to the original author: Variable names, comments, and layout/indenting. Change all the variable/function names, rewrite the comments in your own words, and change the presentation of the code so that it doesn't resemble the original piece. It'll take about a minute, and you won't have to worry about some lawyer emailing your company in five years because somehow the original author of that code snippet worked out that you had used it.
I've asked coding questions in forums and used the coded provided to ME in projects. The responses to ME did not have any licensing instructions. Am I in some sort of violation because I used someone else's code in a project that they offered to me but didn't specifically grant some sort of licensing terms?
Also, would any of these scenarios be a violation of the law? I would think that at best it would only be a violation if after the fact the code's author decides that their code was being used against what they believed they authorized.
Ninjas don't carry tic tacs
Camp A people would fire someone for taking the time to worry about this because it happens all the time and you're never going to get caught, and the original author of the code probably meant it to be public anyway, even though its illegal.
Camp B people would fire someone for NOT taking the time to worry about this because its illegal, regardless of intent of the original author and if it came to light it would expose the company to bad press and possibly litigation.
Camp C people have no earthly clue how copyright law actually works and are speaking out of their collective asses. Sadly, these people would most likely reason along the same lines as Camp A out of ignorance rather than malice and simply behave the same way with the exception that they don't realize they're breaking the law.
The original poster can certainly decide what kind of person he is (probably B since he asked the question in the first place) and can probably make a guess about what kind of people his employers are (I'm guessing A, again since he had to ask). Then you have to decide what is more important, your job or your ethics. It is a slippery slope when you first start copying code. I had a friend who copied code once. Now he professionally eats babies. True story.
The fact is that all the commonsense notions about how copyright law works or should work don't take into account that copyright law is not written by individuals, but largely by companies like Disney and Warner Brothers (among others), companies that have a vested interest in maintaining control over a certain mouse and rabbit (among others), both of whom would now long since be in the public domain if not for the endless succession of copyright extensions lobbied for by said corporations. Originally (well, since 1909) copyright expired after 28 years, or 56 if you decided to renew it. And this was a copyright you had to explicitly register. In 1976, copyright became automatic and consisted of life plus 50 years after the authors death (or a static 75 years for 'work for hire'). In 1998 it became life + 70 and either 120 years after creation, or 95 years after publication, whichever is sooner. Its interesting to note the effect on Mickey Mouse. Created in 1928, MM would have left copyrighted status (though still been covered under trademark restrictions) in 1984. Because of the 1976 act, that was pushed to 2003. The 1998 act pushed that back to 2023 at the earliest. So look for another copyright law in 2018 or so.
Jherico
What can the average user can do to ensure his security? "Nothing, you're screwed"
I can only speak for myself of course, but I give away lots of code. Copyright issues bore the pants off me, and take up way too much time I'd rather be coding. All I really want from anyone using my code is recognition for whatever work I did - as long as you say somewhere "so-and-so wrote this bit" then use it with my blessing. Obviously plenty of licenses cover this - BSD, etc. but sometimes even dealing with that can be annoying.
Essentially, while the law doesn't necessarily agree with me, I think that if you publish code (and putting it anywhere on the net is an act of publishing) then as far as I'm concerned it's fair game. Use it freely, just remember to attribute it. If you don't want your code used on that basis, don't publish it.
as long as there is no patent preventing that
you had me at #!
HAHAHAHAHAHA!!! I laughed so much reading this I almost had a rectal prolapse! This is EXACTLY the sort of answer corporate crooks would give in my country. That sort of greedy illiterate morons that are all greed and no ethics, whose fortune depends on technically literate people to whom they pay slave wages. "If they don't catch you, it isn't illegal". HAHAHAHAHA!
Oh. I must go to the loo.
So, the short answer is you can use the code, and so can anyone else.
The caveat is that some other entity can also use it to hurt you in a court of law. Remember, it's law, not logic.
I grabbed code from a forum and used it in my code. We then shipped it out to customers. What I didn't wasn't stealing. I asked for help on a problem, and someone in a forum replied with a suggestion. I used it. Later on, when reading another forum, a different person asked for help with the same problem I had. I offered up the same solution that I was given.
Nobody stole anything from anyone. Bear in mind that free advice is often worth what you paid for it.
The place I currently work for wanted a new website. I used the NiftyCube (GiYF) template and tweaked it just a little to meet our requirements. (Yes, I know that's GPL.) That's not stealing either.
If the code has no license, that means you can use it. Technically, it also means you can put a license on it yourself and then sue the original poster. That's why licenses like the GPL were created - to prevent someone from locking down someone else's free work as their own, then suing users.
For example, if NiftyCube wasn't GPL, then any given web-code generator could put the code in their next release and sue anyone who tried to put it into their website. Or I could put a (c) on it and create a revenue stream for my company.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
Are you absolutely sure the project lead didn't get permission?
Dude, Get over yourself.
Or he's a young programmer who is afraid he's the scapegoat.
While I do not agree with it, code lifting is done routinely all the time in business. There is no moral high ground, simply a quiet acceptance that this is done. He has nothing to fear being the scapegoat. If he learns to do it he will likely be promoted. And the chances are very low the original author will ever find out if it is a small piece of code.
One of the reasons this is prevalent is that most programmers can't program worth a hoot. Another is management wants results and "overlooks" copy lift. So almost every product out there either internal or commercial is built using code from many authors that will never see credit for their works.
People ask for code samples and snippets all of the time. Have you been to vendor forums? Java, C#, C++, there's miles and miles of code offered up in good will by countless forum members. In fact, if you're doing anything reasonably common, do a search, it's probably posted somewhere. You're absolutely right. That code *may* be copyright. But if you took the time to search for every snippet of code in your project and then wrote every instance of code similar to something someone posted online? I'd say that falls a bit out of your job description. You aren't the code police. Now, of course if you happened to stumble across very similar code and what you've seen online is copyright and non-obvious then go ahead and make the change. I see no reason to go searching out copyrighted code and spending your employer's dollar to prove or disprove it's validity, unless that's what you were hired to do.
LilMikey.com... I'll stop doing it when you sto
I think this debate exposes a problem with the current copyright system. There is a difference between works that are informational and works that are functional. This code is functional; for the most part it's not something people are going to use to learn, but rather to do something. If nobody copies it, what was the purpose of it being published to begin with?
Maybe copyright should be updated so that publishing a functional work to a public location gives an implicit license to copy and use that work.
I think the most important matter at hand here is whether this code is going to be sold to others for money or just used internally. As far as I can say, the latter is ethically perfectly defendable (see 90% of the other posts about "I am so cool I posted code and I don't care"). Redistributing code from others without their explicit permission, however, is not. Legally as well as ethically. "Others do it too!" is an excuse that does not even work well in kindergarten.
To give a more realistic answer to the question, by the way; if you are not going to tell the project leader, stop whining. It is not like it is your responsibility if you were not the one that copy/pasted it.
for [name your deity]'s sake - grow up an get a clue, 200 lines of code that are publicly available?! would you feel the need to re-discover/implement quicksort? It seems to me that you have much to learn young padawan
Legally, the writer could see it and have an issue with it.
Realistically, how is he going to see your source code?
How do you know the person who posted the code on the web didn't take it from somewhere else?
If it is not specifically dedicated to the public domain, or licensed to you, then its just a copyright-protected work for which you have no specific permissions, and to which you have no rights to copy, make derivative works of, etc., other than whatever minimal rights are available under fair use and other generally-applicable exceptions to the exclusive rights of copyright.
you're right it wasn't stealing, but it IS COPYRIGHT infringement.
"If the code has no license, that means you can use it. "
NO NO NO NO NO and FUCK NO.
Not at all, not in a long time. Besides the fact that in the US all code, as well as anything you right, is AUTOMATICALLY covered under copyright. The GPL was a way to share code ownership among the people. IT is needed because it goes against the 'default' copyright laws.
"For example, if NiftyCube wasn't GPL, then any given web-code generator could put the code in their next release and sue anyone who tried to put it into their website."
Also wrong. So SO wrong. NiftyCube would automatically have the copyright, so if someone else used it then Nifty Cube could sue them. The GPL protects the person using the code as well as the developer.
(c) is not needed, although it should be used with your name for more protection.
(c) John Doe for example. The word "copyright" or the abbreviation "Copr."
may be used instead of (c)
The GPL flies in the face of the intent of the 1978 copyright change. This is why some people thought the GPL was worthless. You know who I'm talking about.
The Kruger Dunning explains most post on
Viking Raid.
Go in and take back your code.
They're using their grammar skills there.
A) Get Proof ;)
B) call the BSA
c) reap your reward.
The Kruger Dunning explains most post on
It should specify what happens to the ownership of material published on that forum.
Are you seriously losing sleep over the existence of 200 lines of publically available code in your application ?
What makes you think that code of any volume is so sacred that it needs to be guarded like the family jewels anyway ? If you are really asking yourself these questions in the first place, then hey - YOU ARE IN THE WRONG GAME BUDDY. You should have studied law or commerce or something else. Forget worrying about 'who should I tell' - start worrying about changing your perspective about what source code is in the first place.
Producing computer software falls under the category of science, art and engineering. You are always building on existing ideas to create new things, or improve existing processes. The day someone else builds on top of your ideas or improves your processes is the day that you have achieved your goal.
You probably measure your success (as a programmer) by your next pay cheque, and your primary goal seems to be being seen as a good 'company man', willing to cause whatever damage is neccessary to win a gold star from the boss.
You must be young - life is just not about that.
Take a holiday, and look at the amazing beauty and abundance of the world and people around you. Ask yourself what can YOU do to add to that beauty. What can YOU create and share that is going to make this amazing world even better ?
Then come back to your cubicle after your break, and look at your question again.
Just because a sentence contains a word often associated with asking questions -- how, why, guess, know, etc -- it does not make that sentence a question. 'How to deal with stolen code' is not the same as 'How do you deal with stolen code?'. See?
You didn't make the mess and aren't obliged to clean it.
You are obliged to inform the person who should clean it.
Write an e-mail to the lead developer.
Include the full body of the code, include the URL to the forum, and include the full text from the forum.
Explain your concern, leaving the final decision on what to do in the hands of the lead developer.
Print a copy of the e-mail for yourself.
Later, if/when any shit hits the fan, you've got proof that you did your part.
If your future employer decides to get nasty, then track down the original author and ask for a 20% "consulting fee" on a $100,000/per-violation proposition. With e-mail proof in hand that you make a good faith effort, no judge will fault you for wanting to keep your job. You just might get sweet revenge and very rich at the same time.
What type of code is this? If it's just html, js, css (basically anything that is downloaded and viewable anyways) I don't think there's much you can do. I recall awhile back on slashdot, a law firm that would sue users just for viewing their code and almost everyone on here laughed and that and posted their code.
Here's the url to that:
Law Firm Claims Copyright on View of HTML Source http://yro.slashdot.org/article.pl?sid=07/10/18/2123233
"During My Service In The United States Congress, I Took The Initiative In Creating The Internet." -Al Gore
IANAL; YMMV.
http://outcampaign.org/
playing dumb won't work because you posted the question on /. and now everyone knows that you know
The time in which you could have played dumb is over. What I would recommend doing is confronting the employee and telling him to contact the blog owner. Let him worry about it, not you.
Klingon Software is not released, it escapes, inflicting terrible damage onto the enemy as it does
Why not just keep your CV up to date at all times?
Could be a bit touchy in unhealthy work environments, I suppose, but for my part, I've found that maintaining an "it's no big thing" attitude about it and always keeping my CV up to date have never bothered any of my employers.
who posted it on the web?
Could it have been the same guy who built it into your product? Maybe he developed it for a separate project, then realised later that it would be useful at work as well.
Or maybe the guy who added it to your product *did* contact the original author and get permission, and just forgot to mention it in the comments.
Just a couple of things to think about before you start making accusations.
The honest, good-faith thing to do is to mention it to your team leader. Doesn't matter that he's the same guy - it's still up to you to treat him as if you believe in his honesty. If he takes it badly, then you have to decide whether you want to take it higher or not - that'll be your call, based on all kinds of things that no-one here can advise you about (how strong is his position in the company? how strongly do you personally feel about ethics? what's the job market like in your area?).
But there's also a good chance that he'll take it quite well. Make sure you're treating him as innocent until proven guilty.
You should ask your company's own lawyer. Failing that, you might go ask over on the Copyright forums at Expertlaw.com.
I know that the FSF considers patches of 10 lines or less as unlikely to be copyrightable because they're small enough that they're unlikely to contain anything truly creative. Probably doesn't work for 200 lines of code.
Take some time to audit all of this guy's commits.
If it's on a forum, chances are it's going to be some example code in response to a "what's wrong with this code?" or "how do I do such and such?" post, in which case I wouldn't worry. It's probably trivial code that the author doesn't care about, and intentionally shared under the assumption that it might be used elsewhere, regardless of whether there's any explicit permission, and even if there isn't clear legal permission, there might as well be. It might even be common sense enough that it isn't copyright-able.
Of course, if it's something particularly creative, it might be worth it to rewrite it, so you still don't technically have a license to use the code.
How does the OP know that the code on the forum was posted by the original author ?
For all you know, the code in the forum was copied and pasted from some other source.
...in every sense of the word.
If you have a better way to code that section, then do so, and tell your project leader the truth if he asks -- tell him you replaced it because you could improve it, and tell him you saw it on the web if you're so interested in the subject.
200 lines of code from the Internet, posted by their author, are free. Period. Nothing to worry about. Not everything needs a license to be used. Ever find a quarter on the ground? Somebody ever give you one? Did you require a deed to prove you had the right to the quarter?
No, you just used it. And that's what you do with code with no attached license which is posted on the Internet by it's author. Enjoy.
Man, this society has become ridiculously litigious when people are hung up about this stuff.
Law is settled by warfare, not logic - i.e., not who's right, but who's left standing when the dust settles. Which is why Krishna tells Arjuna that he MUST fight. Rather than fill bandwidth with pious libertarian dreck, why not contribute a few bucks to the EFF before our Fearless Leader has beaten the dollar down to peso parity?
``Tension, apprehension & dissension have begun!'' - Duffy Wyg&, in Alfred Bester's _The Demolished Man_
Why is it obvious someone at the company copied the code from a webpage. The inverse of that logic is that someone from you company used company code and helped someone else out on the forum. Just a thought, but I'm a devil's advocate sometimes. Code doesn't magically originate on the Internet. It's also possible the someone from your company developed it long before he worked at your company(maybe even in school), helped someone out on the Internet, and has been using his code in projects at home and at different companies he's worked for. Either way just redo it to insure you're not in violation, and I wouldn't recommend keeping it as if it's a blue chip in the big game of office politics. The company could just as easily come after you for not reporting a known/possible violation of copyright. Office managers don't like little guys with big chips in the game. ;) Fix it before you lose all of your chips(i.e. lose your job).
Then let them figure out the truth, and get indignant with your boss.
A sleazy thing to do to a sleazy guy
Storm
p.s. The correct answer is to get your boss and his in a room, and explain the situation. And more than likely you'll be stuck re-coding it. And your boss will hate your guts, his boss will be cranky with both of you. But it would be the right way to handle the situation.
Stealing: "is the illegal taking of another person's property without that person's freely-given consent" Copying: The above text was copied from Wikipedia, not stolen.
Its perfectly simple. If somebody creates an original work, under UK (where I live) law and US law and the law of lots of other countries it is illegal to copy it.
That is the default position. Legally, you cannot copy the author's work, full stop. However, the author may grant you a licence to copy his/her work under certain conditions. Essentially, a licence is just a declaration by the author that says "I promise not to sue you for breach of copyright as long as you adhere to these conditions...."
So the first observation is that "no particular licence" = "no licence". If you find a piece of code on the web with no licence, you cannot legally copy it.
The second observation is that there is quite often a licence. There might be an implied licence "hey guys, use this fantastic function to turn your knob blue". Or the forum itself might provide a licence "by posting here, you agree any code you post is public domain".
However, the ethical issue is what should guide your actions. Ask yourself how you would feel if your employer let you spend a month writing software and then fired you without paying you for that month. That's pretty much what you are doing if you use somebody else's code in breach of their copyright. And if your company doesn't respect this ethical position, find a new company.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
Hi, I just got a message from a guy in some big company offering to pay for some code that I posted in a newgroups a few years ago. This came as a surprise for me and now the guy asks me to come with an offer. The code is only ~200 rows - sorry, I cannot reveal more, because then they might identify me here - but how much should ask for? Also, what are my rights? If they don't like my offer they might screw me. If so, can I sue them and for how much? /SuperCoder
In the city of Ankh-Morpork the head of the Guild of Lawyers is in fact a zombie; he was executed but simply refuses to die until his firm's invoices for his defense at trial are paid by his descendants. His partners are vampires. Makes one wonder...
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
While investigating a bug in one of our products, I found source code on a website that was nearly identical to code used in our product.
Was the bug within the copied code? Sometimes copyright isn't an issue with copied code. Its product quality.
The three instances of copied code I've found in our commercial product caused major headaches because the code got past QA and failed in the field. It didn't scale, had timing issues, etc.
In all three cases when I confronted the programmers they could not explain how "their" code worked. In all three cases I didn't have them fired. I made them fix it and apologize to the boss (who had to apologize to our customers).
As a result, I now have two decent programmers who write their own code. They ask for help when its needed instead of copying off of the internet.
Enjoy,
It's just the normal noises in here.
First, I heartily agree with those who have advised to discuss this openly with the project lead - privately! - but openly.
Get the lay of the land. How much of this product that about's to be fielded has been Frankensteined this way? Was the adopted code so easy to understand? How much adopted code will there be in the distribution for which there are no orignal authors to work with when it comes time for doing maintenance? And will you be on the hook for that maintenance?
If you have a personal problem with the practice, assuming that you even got a {copyright | moral | public domain} acceptable answer - go ahead and quit. This won't be your last job, so if the corporate culture doesn't sit well with you personally, move on and find your right home.
There's plenty of drek software out there from compromising programmers - don't become one of them.
On the other hand, if the answer turns out ok, then you've learned a lot, and you might consider staying and learning more and contributing more.
Otherwise - speaking as a past developer and present employer of developers - my advice would be to ignore those who have been flaming you one way or another, regardless of how their posts were modded. Being a developer or employer empowers no one with any special insights whatsoever - being a good developer or good employer is only what counts.
You sound like you want to be a good developer. Find out if you have a good employer and make your choice. There is a karma outside of Slashdot, I shit you not - so be brave.
PS - Don't rewrite the code - the method is already known to you, and plagarism is plagarism whether you copy verbatim or move a few words about after the fact.
Pathological kinda promises Path + Logical - but instead, you get stuck with pathetic.
You would be hard pressed to be more wrong. All creative works are copyrighted and unless licensed are not free for anyone to use except under very specific conditions.
>Ever find a quarter on the ground? Somebody ever give you one? Did you require a deed to prove you had the right to the quarter?
That's an asinine comparison. A quarter isn't a creative work. Quarters are not covered under intellectual property law. The comparison you're looking for is finding a novel manuscript on the ground, picking it up, putting your name on it and selling it to a publisher.
Jherico
What can the average user can do to ensure his security? "Nothing, you're screwed"
I work for a small company that does a lot of business with that large software company we all know and love. (Hint: They have a monopoly on operating systems and office suites that run on PC's.) I'll call them Company X. Company X is absolutely paranoid that some viral (GPL'ed) code will be accidentally linked with their code. Every contract we sign has pages and pages that deal with this issue. If I went to our legal department and told them I found code that was copied off the internet and the licensing isn't clear, it would be a huge deal. They'd definitely hold up product release until the code could be replaced.
It happened to me just recently. I posted a snippet of code to my website because I thought others might find it useful. I guess someone did because about a month after I posted it I had a report that someone had sold my code, line by line, to someone else.
Now you have to understand the code did not work (I said this clearly in my posting, it needed to be modified for whatever specific use.) Furthermore apparently the person clearly plagiarizing and trying to monetize on my work didn't understand this and also couldn't read. The person they sold it to did a quick Google search and came up with my website and code, got their money back and then asked me a few simple questions to get it up and running.
Copyright is clear on the matter. My code on my website is just that.. MINE! While I put it up with the intention of helping out others, I didn't want someone to apply a formula of cut/paste/$$$. I certainly didn't want to spend time hunting down some scum and sending out nasty grams while debugging the mess he left behind.
The point is learn how to fucking code. I cut and paste all the time from code snippets. But I understand them, I change variables and often simplify the mathematics and logic. Sometimes I start with something and end up scrapping the entire thing because the original author was an idiot. Rarely do I come across a gem that actually works out of the box like it should. In those cases I give full attribution.
Heck the piece of code I posted was from a variety of sources on the internet. In the article and code I give URL's and attribution. That's the way it goes.
All this talk of "it was on the net so it's free to copy" is pure bullshit. Clearly someone posted it for a reason. And while it's free to UNDERSTAND, it's not free to COPY VERBATIM!
If code is posted on a forum, whether or not it has a license attached to it may not matter. Many forums used by programmers require that posters give the right to use the example code posted, etc. Please check with forums FAQ before panicking.
You should probably just mention it to him and offer to rewrite it. It would be wise to not act in an accusatory manner when bringing it up. Remember that there are a lot of sources out there that are meant to be used as example code, and that if permission to copy is given it isn't "cheating" to do so.
Hopefully you didn't find it here
[Insert pithy quote here]
>Personally, my favored way of avoiding this problem is to use GPL software...
This *causes* legal problems, it doesn't solve them and is bad advice. How you can use GPL code in conjunction with your proprietary software is highly legally constrained. If you use GPL libraries, the GPL license then applies to your code. Supposedly LGPL gets around this, but not really due to ambiguities in the license (the license uses the ambiguous term "derives from" which has a different meaning when used with object oriented software). Note that glibc has a special exception, and that it is generally ok to use.
>We weren't told what license the issued product would be under, and it might BE under GPL.
It doesn't matter whether the software he is releasing is under GPL. You can't just apply the GPL to someone else's non GPL code without their permission. You'd not only be opening up your company to lawsuit, but probably everyone who uses your code.
The GPL is not a magic license that you can invoke and use other people's software however you want. It is a useful license in many situations, but it clearly does nothing to help the OP.
Surely your first thought wasn't to report him to higher management. If it was, I hope you never work with me :) For all you know he might have asked the original author for permission to use it in an email or something.
Let me second the sibling poster's objections, and add a few other points of my own: code posted in a forum may have been written by the poster on the spot, but if it compiles and works, in all likelihood he copied it from somewhere else himself. Lots of code sitting around on the internet (and discussed in forums) is GPL'd, and including 200 lines of GPL'd code in a closed source product will have your company in for a world of hurt if anyone ever finds out. People who write GPL'd software are... passionate.
Secondly, 200 lines of Java may not do much, but 200 lines of a denser language (like Haskell, for example) could be decidedly non-trivial. xmonad, a fully-featured tiling window manager for X11, is under 500 lines of code. Even if it's 200 lines of a sparse language, it may do something non-trivial and a fair use argument would fall flat on its face in that situation.
While I agree with your general feeling that our societies have become far too litigious, your solution seems to be to put your head in the sand and pretend that they haven't. Unfortunately, whether we like it or not, you can (and will, if anyone ever finds out) get sued for things like this.
Regardless of whether this registers as right or wrong on your personal moral compass, CYA dictates that you rewrite the code as quickly as possible and hope no one ever finds out.
Dear guy-who-wrote-the-question,
If you and your company happen to reside in Sweden, please ignore the previous 100+
replies and and do what ever you want. Seriously. Go nuts.
Best wishes,
America
i'm a code monkey much as yourself. However, being a contractor it doesn't matter to me if the company i'm contracted through could get screwed because another developer stole some code. That was for full disclosure. also, if it's in a place such as a public forum (one you don't have to pay to be a part of, or must have ieee membership to participate in) if all you need to post is an email address and a password then it's in the public domain, and unless the person posting put some restriction on it it's free game. You may want to check that poster's profile maybe he put something in there that would umbrella all his posts under some kind of agreement. But again, it there's nothing then it's up for grabs. I wouldn't raise too much hell about it especially being a new hire. (calling out your boss isn't the best idea)
Okay, I'm putting myself in your position here. Looking around, find a couple hundred lines of code that were "written" by my boss, but aren't really. I don't wanna make trouble for my boss. I also don't wanna be blamed if it later turns out that somebody really cares about this.
So here's what I'd do. Find something wrong with the code. Something tiny. Find a minor flaw, or a way to slightly optimize it. Whatever, doesn't matter. Then comment your change, wording it in such a way as to indicate that this code existed before you found the "problem" and fixed it.
That way, if nobody cares, nobody needs to say anything. On the other hand, if the whatever hits the fan, your comment will indicate that you made a change to the "work" of somebody else.
--I'm so big, my sig has its own sig.
-- See?
Agreed. I see pointers and the address-of operator so it's some form of C or C++, but the first line makes no sense to me. I'm assuming it's a function declaration of return type BOOL, but there isn't an argument list, not even an empty one. And the square-bracket notation on line 6 is also completely foreign. It must be something like Microsoft's crazy extensions their IDE uses (or perhaps Apple, since this is apparently for OSX).
It sounds like something is missing from the summary. Why would someone be so "paranoid" to mention to management about this egregious act of lifted code from someplace that had no particular copyright terms attached or not obviously obviously implied? The tone in which the inquisitor implied is that the co-worker is a thief and going to land the company in major trouble when, in if there is nothing more to the story, then nothing is wrong and its better just to forget about it and move on. Perhaps the poster of the story has something against the lead programmer?
But I have a different theory: Perhaps all this fear about copyright violation this, intellectual property rights that, SCO v. Linux this, Microsoft v. world that... that the younger breed of programmers/individuals are naturally paranoid of things they don't need to live in fear of and we'll start seeing a lot more of this culture-of-fear. Perhaps not much longer we'll see a breed of younger individuals just as much afraid of copying music that they'll report their parents for ripping a tune from the CD or from Internet broadcast (I'm not saying either is right or wrong).
The tone and extreme reaction to wanting to report someone to management from lifting code from a source that appears to have not attributed copyright terms/intent seems to suggest to me that there's a generation of coders living in fear resulting from massive industry propaganda and slashdot knee-jerk reactions just waiting to creep out of the woodwork as they age into career maturity in the upcoming years. My theory is this: this is just the beginning. Or, there's more to the story than reported in the original summary. You decide.
Thanks,
Leabre
sooo many questions.
Is the person who posted the code the owner?
If not, did he have permission to give it away?
If so, did he mean to allow it to be used by anyone, anywhere?
Is there a license, somewhere out there, attached to this?
Who knows. I'd start by trying to contact the person who posted the code, ask him these questions, and a few more. Let him know what the situation is. If there's a problem, then he knows the situation and can take action. Contact him anonymously and if there is a problem then he can take appropriate action and you didn't do anything anyone knows about. That covers the legal aspects and keeps your job intact. If there isn't a problem, then nothing changes.
If you can't contact him then the situation gets more complicated. My suggestion is to read between the lines. A lot of people will post code to help someone out if they publicly request it on a forum, I've done that and I don't care if MS or Google want to use my lowly little code snippits, and in a major piece of software, 200 lines would be lowly. If it looks like someone threw up some code that they don't care about, then I'd say run with it. That's skirting the legal edge a bit (maybe more). I'd say it's legal to use if there's no copyright, author information, header, etc. in the comments or the post, but I'm no copyright attorney, and even if not, this may not be the most moral thing to do.
One option you might want to run with is taking it to the lead developer. I know he's the "bad guy" in this case, but he's also the only other person in the company you can talk to about it without reveling that the code is stolen. He should know that if the new guy can google a few lines or whatever and find the code that anyone else could too. Together you may be able to re-write it as you said you could, and with him as the lead dev. you wouldn't have to find excuses for making huge last minute changes.
All in all, not a position I'd want to be in, goodluck to you.
It's really hard for the group to help you if you don;t post the code.
This article is clearly trolling.
Please tell me you are kidding. Believe it or not, some languages have similar, but different syntax. Since some function calls seem to look like C and some seem to look like smalltalk, I will assume this is Objective C.
Or was that a whooshing sound I just heard?
Don't be such a boyscout.
This is only 200 lines of code from a random forum posting - leave it and don't worry about it.
Who decides that it's "clear"? If worse comes to worse, a jury would decide. But a statement like, "Here's how you can do it," or a forum where programmers exchange examples for each other, would make it pretty clear.
Of course it would make things simpler and cheaper if you had it in writing. I don't know if it's necessary to have it in writing, since some copyright rights have to be transferred in writing.
IANAL (I'm too logical to get through the law school admissions test), but I've dealt with lawyers extensively. At one company I worked at, we were typing an expensive industry directory into our own database, with the intention of modifying it and using it ourselves. We checked with the company's lawyers, and they told us that it was OK, because the directory was intended to be used that way (they didn't even get into Feith).
If I were a lawyer, and I had to defend a client for infringing on copyright in exactly such a case, I'd use the arguments here in Slashdot to support the idea that it's customary in the industry to share and use code under such circumstances, and I'd get a programmer to testify to that as an expert witness.
There might also be a defense of fair use.
Too bad there aren't more lawyers with nothing better to do than post on Slashdot.
You say the project lead is the one that put the code there? Ask them about it (in an "I just noticed this and want to make sure it's ok to still use this" way; not in a "What the hell is this?" way) -- and ask 'em if it's ok to leave it there. Your butt's covered, the "offense" has been noted, and it's time for a coffee break!
Why the hell is one of your first thoughts to "report him"? Report him to who, the C++ police? It's honourable you'd like to avoid potential law suits for the company, but your option to report your boss over something so lame is childish.
If the guy is the project lead, then why don't you just say "Hey, I found this code here is from this forum, would you like me to re-write it or change it so we don't end up with any legal problems?". He'll either say yeah, change it, or laugh his ass off and say leave it. You're now absolved of responsibility (ianal). Understand?
*sigh* This is an example of Objective-C.
The problem with copyright law is that if you don't explicitly allow use of your content then no use is allowed (except "fair" use that is not well defined).
So if you want the content you post to be freely and legally usable by everyone you have to license it. You don't have to bother with all kinds of FOSS licenses as you can just declare that it is in the public domain, which means that you are still the copyright holder but you license your work to everyone to do whatever they want with it.
So the OP raises a valid point: that code represents a risk to the organization he works for. Perhaps a small risk, but if later it is discovered it might cost money to the organization. If this was code used in a FOSS project and someone posted a comment about it I believe the issue would be immediately addressed by either locating the source and verifying that it is reusable (and documenting the fact in the source0 or replacing it. A closed source project might react differently (such as by making sure the code is not exposed to the outside world so that infringement can not be detected) but it still would want to reduce the risks involved in using unlicensed content.
This aspect of copyright law was perhaps good at the time when the mere fact that a work is published indicated that someone made an effort and investment in publishing it. It is very inappropriate today because no real effort and practically no investment is needed to publish content, and people do post lots of content with the intention that everybody could use it freely. This should be changed and this change would be good for everybody, and especially for those who don't want their works freely distributed, because one of the arguments available now is that there is no way to tell content that is freely distributable from content that is not, and most of the unmarked content out there was meant to be freely distributable by the autheor, despite the author's failure to explicitly attach a license (including a license that puts the content in the public domain).
IANAL-However, Code that is not created by someone who has signed a work for hire agreement could create a title defect. My IP lawyer (who probably reads this site) says they're like cockroaches, and give investors nightmares, because it can create SERIOUS issues. Well, I mean, only serious issues if you like owning your company, being able to raise capital, not getting your pants sued off (sin pantolones es no beuno!)
Again- IANAL
There is no freakin' way you U.S.A. coder types are going to retain any kind of dominant position in
software if you don't learn to share a little more freely. The most successful of you right now
are either open source contributors, or work for Google, a company that while not open source,
has lots of free interfaces and components that anyone can use, and Google's search function essentially
is a tool for enabling widesperead, indiscriminant, free in both senses sharing of information.
Both of these approaches build wealth by building a large community of shared work, which builds
value faster than any other approach can.
Code is like math, written out longhand. Can you imagine how useless a mathematician
is who keeps their work to themself.
Where are we going and why are we in a handbasket?
Have it ever occured to you that it's because of bad selection of languages/frameworks/tools, combined with very obviously bad design, that your 2 million lines "portion" of the codebase is so fscking large. Try rubycocoa and reduce your portion to 20,000 lines. Oh, you're on windows. Well, tough.
I remember when we outsourced some development to indonesia, the code came back with some very strange comments in it, some even in German.
A quick google for one of the lines of code with a suspicious comment, bingo, matched the code exactly, we even found files they had scraped off the internet and left in copyright notices, and notices not to copy the code.
But it was indonesia, so we just had them publicly lashed and all was fine.
A good solution would be make a post to Slashdot describing the issue, and hope that your boss confesses to you after reading it.
You have put your "precious" stuff on a server the sole purpose of which is to allow people
to click a hyperlink which will cause a copy of your stuff to be created (with them as the agent of the copying action.)
So we are left with: Either every hyperlink click on the web is a copyright violation, or
none of them are because web posting (unless somehow qualified by a stated license restriction)
indicates intent to allow copying, and since no stipulation of copying to where or where not has
been made, then copying it into my codebase is hunky dory too.
We have to face the fact that the whole web is in fact illegal under copyright law, so this just shows
that copyright law, as currently interpreted and applied, is an ass and deserves the general ignoring
that it gets.
Where are we going and why are we in a handbasket?
It's more a question about how to handle this particular situation in enterprise on professional level. Let's summarize: - you come across something that could harm the enterprise - person who could be considered liable is still here and has power - no one knows that you are aware and you don't have the obligation to check such thinks there are really only to options to you IMHO: 1) less moral but more secure: shut up and pretend you didn't notice anything (btw stop posting about it on public sites) if shit happen the one who stole the code will have to handle the situation. optionnaly you could "accidentally" collect evidence of the fact that you have nothing to do with this legacy code. 2) more moral but involves risk if the one who stole the code is an asshole: you talk to him and express your doubts about this situation. what you risk is that he could see you as a threat and try to mitigate this treat in a way you'd rather avoid I can't estimate which of the two options above is better for you. To make a decision you need to know what kind of person this person is.
You had better mean "novel" in the sense of "new." If you mean in the sense of "a novel," then for a stronger analogy, you should say "finding a scrap of paper with a poem on it." (sorry for nitpicking the analogy. Other than that, I can't contribute to the discussion.)
Assuming you retire your Windows install disk and never touch it again, this means there is a reduced supply, so everybody else's copy of Windows becomes more valuable.
Reduce, reuse, cycle
I find it amusing, though silly, that the outcome might very likely be something like this (in financial terms):
Poster's company buys a license: cost (say) $1,000.
Code author earns $1,000 (subject to tax), but has to draw up a suitable license and get involved in all sorts of other legal stuff.
Both parties have to hire lawyers to advise them, draw up legal documents, etc. Lawyers bill, say, 20 hours at $500/hour. Total cost of lawyers: $10,000.
Hmmmm.
I am sure that there are many other solipsists out there.
Relax about the forum code. If the author posted it in the forum, then (as pointed out) the implied consent is there, even when automatic copyright applies in favour of the author.
Technically the author could come back and say: "Hey, that's my copyright!". But then the author has contributed the forum entry knowing it might possibly be used or adapted for a real-world use. So this person has attempted to subvert YOUR code with copyrighted material? Seriously, that is questionnable use of a web forum.
And if the code belongs to a third party? Well the forum poster is a partially liable party to the copyright breach, since they have done the oringinal code lifting.
And for those of you who DON'T understand public domain:
If I wrote a poem and held it up behind the president being sworn into office, then there is NO doubt that I automatically own the copyright to the poem, but the video of the event can be freely copied and re-used by TV networks without asking to "re-publish" my poem. By waving it in the air at a public event I have placed the item in the public domain and fair use applies. But I still own the copyright. Copyright and public domain can coexist in this way. That is, I couldn't publish a book of poems and add yours in, but I COULD write a book about presidents and include a reference to the poem, since it has fallen into the public domain.
Here's a poem I've just thought of. I reserve all rights to its use. (Note: I have no such rights, I'm honestly just being a very silly pseudo-lawyer!) I call it "A hover, Text decoration? None!"
a:hover { text-decoration: none }
Get real.
Hey! I invented the phrase "I work for a small company as a software developer". So you have no right to use those words. That is from my English language program which performs an act of information transference.
Just for the record i just pattended the for next loop
For i = 1 to n
[.. your non patended code]
Next
Also included in my patend
for j = 1 to n
[.. your non patended code]
Next
As long as you wont use i, it's no problem; however if you did use my patended i or j or n as used in the patended "for next" then you wil have to re write your code. Patend nr #8972183001-2007 under EU and American copyright laws.
How long will it take to have 12 monkeys randomly typing and generate your source code, an is that a patent violation ?
I know you're out there. I can feel you now. I know that you're afraid. You're afraid of us. You're afraid of change.
By posting in most foruns, you have to agree that everything you post is in some type of license.
I think it's a difference in mindset. Many of us think of knowledge as belonging to society. We think of knowledge as a kind of library. We checkout some ideas and we publish some ideas. We realize that all of us can profit by sharing. Imagine if every scientific idea was copyrighted so if you wanted to do anything you had to either pay a license fee to every person that thought of some part of your invention.
For instance if you wanted to build an airplane you would first have to pay an idea license fee to: Leonardo da Vinci Idea Holdings, Galileo Gravity Institute, the Newton Center for Motion, the Entreprise de Rozier-d'Arlandes, Das Swedenborg Unternehmen, Cayley Corp, Penaud Inc, Wnk Works, the Royal Aeronautical Society, Otto Air, Percy's Planes, Chanute's Chutes, Mozhaysky's Motorplanes, Zeppelin Aeronautical, Langley Aircraft, Manly Motors, Wright Fliers, Curtis Aviation, Santos-Dumont Dirigibles, etc, etc, etc.
Unfortunately there are others that think ideas should be bought and sold like cattle. The cattle people have this bizarre idea that if you get a piece of paper that says you thought of something first, regardless of whether you did or not, you have some kind of exclusive right to that idea; no one is allowed to think the idea up after you.
That kind of thinking is evil.
10 print "hello world"
20 goto 10
Who owns this code? I just wrote it out of my head because I am sure I read it in a book somewhere. I couldn't tell you which one it was so long ago. Some logic is just obvious. I could complicate the above code in order to "re-write" it but it, would still be the same thing. It seems to me that as long as you don't take something that you have found in its entirety and use as your own and distribute it there is some fair use there. Where that line is, is blurry. Is every sampled sound in some "popular" music that is used without explicit permission a violation of copyright? Then if i sample the sample of the sampled sound from that music and use a bit of that then, who's copyright did I violate? This whole discussion is terribly confusing...
Been there, done that. My ass is still a little sore.
There are a lot of moral and ethical arguments here...
This is business, and your job.
1) Don't assume the person who did this is evil, bad, or incompetent.
2) Ask whoever you report to about the issue in writing. Bring it to their attention a a possibly copyright issue.
Then just let it go unless you are asked to do something else.
UNLESS
Unless you feel this particular issue is of grave risk to the company.. then you might want to go over a head and escalate it.. but be sure about what you are doing and aware of who you might piss off.
Don't start getting pissy about it just on principle.
IANAL but you understand so next to nothing of Copyright that even I can help you in legal matters when your employer inevitably gets sued for your violations and promptly passes the blame on you.
Pay by the hour okay? The visits to a law library take time and I need to find one first... (Lawyers, psst! Should I wear horn-rimmed fake glasses to court? What about at first meeting with client?)
Generally, if I am looking for a solution in a syntactical way, I may cut and paste a FOR LOOP (for example), then change the variable names to my own and move on.
If I actually lift a framework or process from the web, I make sure I link the website and author in the comment section.
If source code is on the web, it's free game. It's not realistic to think that, if you post your code and it's good, that it won't end up in the code repository of some large corporation.
I did run into a situation like this at my old work. A main routine we used was lifted from the web and, while it was probably legal, the person that lifted it replaced the author's name with his own.
After a couple of years I found the original on the web and lost respect for the person that did it. I think it's a great skill to be able to find and use things on the web and reduce the cost of your project, but if you didn't write it you have to give the credit to the author.
So it making some changes to only 200 lines of code normally considered a major change? Sounds like you could get away with rewriting this in under an hour and not affect much.. but what do I know. Good luck.
The whole issue of locking down code has never sat well with me. It stifles progress and encourages a constant re-invention of the wheel. If you are able to write code that is worthy of use by other programmers, kudos! And in that same token, you should be able to continue to write new and better code, instead of locking it down and sitting on your laurels. The whole point of the internet IMO is the free sharing of information and ideas. Unfortunately and in some aspects of convenience, commercialism has infiltrated the internet to a large degree. We need to stop thinking we need to hoard our code like a treasure heap, and realize the incredible wealth attained by sharing knowledge. Krap! Politicians seem to understand this notion also, you scratch my wealthy ass, I'll scratch yours Dog. my lil'nickle
There are a few things you would probably want to check on if this is a major concern to you. (It definitely sounds like it is) First is the forum open to public searching, or did you have to log in to view the information? If it's public, then I would just say read the Forum Policies to be sure that there are no hidden licensing added in there. The reason I say to do this is due to the fact that a couple of programming forums I am on have a few lines in their terms of use that states the poster has sole rights to the source code, and that before using any of said source you are to contact the poster for permission.
I hope this helps some. I don't have a problem using posted code, but I do check the forums public vs registered policies.
Under US Copyright law, anything you produce is automatically copyrighted to you, but you must mark the material as such. Employment contracts often require the employee to automatically assign the copyright to the employer or they define contract work. Posting material to a public forum (assuming the original poster wrote the code AND retains the copyright) without a copyright notice as to how that material may be used might be considered as permission to freely reuse the material because the author failed to even marginally protect the work. Note that the forum in which the material was posted might have a blanket policy covering all postings.
You can completely avoid this problem in the future by *learning* from such material and creating your own body of work from that *knowledge*. Nobody (in the US) can copyright an idea or concept (that is handled by patent law, trade secrets, etc.), only an implementation. Just comment your implementation indicating that you wrote the code from knowledge you accumulated from various sources (Internet sources will be assumed).
The original poster is justified in his concern in these litigious times. I would suggest that he take this issue to the person that inserted the code with a "is this going to be a problem for the company" frame of mind (i.e, through in a bunch of "dude"s when you talk to him). If that person is your "boss", you have fulfilled your obligation to the company, and possibly your liability, by bringing the issue to management's attention. If you are truly concerned, talk with a tech lawyer and ignore the idealistic opinions expressed in this thread.
I imagine this will get lost in the depths of "not in the top 3 on /." and won't get much attention as a result, but on the off chance that it'll still get read the appropriate person I'll suggest it as I haven't seen anything like it moderated '3' or higher.
Fist, document your findings. I'd save things like the URL of the forum post, the HTML of the page (read: file->save as). The next thing I'd do is try and get in touch with the original author of the code and ask something like, "Is it fair to assume this code should be acceptable for anyone to use freely?" I wouldn't mention that it's for a commercial product; people tend to see dollar signs when you mention something like that. Document the interaction with the individual. If the original programmer says its fine, document that as well and give everything you've gathered to the individual who put it in the code in the first place. If they say that it isn't okay to use the code, document that, call a meeting with the manager, project lead and anyone else you feel is appropriate and explain the whole situation in a no-fault kind of way: "I found this, I asked the author, here's the answer, this is how much time we have until we go live and/or test, here are my proposed changes."
I freely admit that I'm frequently criticized for this type of approach because it "takes longer" (which isn't true, it just takes people longer to hear anything about it so they THINK it takes longer) than taking it through traditional channels, but I like to have everything I can possibly have before I bring something out into the open. This way I know what does and does not need to be done and I can present facts without any ambiguity and in your present situation this approach will document that you were not the one to use someone else's code illegally while addressing the issue at hand.
Hello there.
So you foudn some code, taken from a web forum and apparently posted as an example, that some guy in *your* team took, applied, and made *your* stuff work. So he found something which answers his issues, apparently provided sot hat it can be used, and used it and made things work. You want to nitpick and report him for that?
You, sir,
* have no sense of propriety.
* no sense of common courtesy.
* no sense of loyalty to the place you work
* have an exaggarated sense of loyalty to copyrights and still no idea of its proper use.
All this hullaballoo over a bunch of code posted n an open forum, to be used by others.
Now, if the guy had stolen from some propretyary of een opensource software, it might be a big deal. As things stand, you are, from your employers perspective,
* wasting time over made up issues,
* nitpicking
* maybe looking for a way to get back at yout team lead for something,
* and unless something of a genius, a liability now or in near future.
I suggest you join RIAA or some similar concern where your talents can be put to good use. Otherwise, plan on living in the real world sometime soon. good luck at that.
Actually I wrote that. In the early 70's. It took me nearly two weeks of 20-hour days to get that right. I really resent it being re-posted without the original copyright. Some 'tard nicked it just as I was finished with it... removed the copyright and I've been hosed ever since. I had originally intended to use it as leverage to start my global business ("MicroSloth") and dominate the world. Unfortunately the 'tard that ripped it got the business plan too. (Shrug) What can you do?
If this bothers you, then you are seriously setting yourself up for a career full of grief and misery. If you report everyone you see doing this, 1) you'll be reporting everyone except yourself and 2) management will get tired of hearing it. There are other practical implications to this too. If you are a lily white purist about this, it is going to take you longer to write equivalent code from scratch than your peers and you will provide less value to any employer. I would even think you are probably going to worry that code you have written yourself with no outside aid may resemble other code made available on the Internet or in books.
The trouble with copyright on code is that copyright is meant to protect an author's original work, and an author will, say, write a story using a set of given words. You too may write a story and even use an entirely different set of words, but if your story ends up telling the same tale, you are in violation of the author's copyright. How I see that this applies to code is that it is a tool (set of words) to accomplish a task (tell a story) and the set of tasks which programmers accomplish is a lot more narrow in scope than all the possibilities that one could come up with when telling a story, so it greatly increases the odds that someone out there has written code that will appear similar to yours and if the whole point of copyright is to protect the story, then you already start out in hot water because to accomplish the task you necessarily will be telling the same story! Essentially, copyright does not lend itself well to computer code. And software trends also complicate matters because the big idea with OO programming (and top-down programming to a lesser extent) is code reuse!
My present employer places great emphasis on intellectual property, and I can't imagine a new hire (or anyone else) being penalized for bringing up the situation described with management. If anything, we'd give them a medal. And yes, we would discard code and rewrite it to resolve IP problems, if we found that the code was a copyright violation.
Other employers aren't like that, especially smaller employers producing products where the code won't be seen by many people, or people working on internal software that will never see the light of day.
//copyright 2007 by 'The Anonymous Coward'
System.out.println("test")
Copyright lawed is a tangled illogical mess, but I think you came here looking for practical advice rather than legal advice.
Downside for reusing code you don't have an explicit license to, and which was not written within your company =
probability of getting caught X probability that someone will care X consequences for getting caught by someone who cares.
I can't shed any real light on the third factors, but if you avoid using anything that has any kind of restrictive license in it, and avoid using anything from a competitor, I'd say the chance that anyone would care is very close to nil and because of that, I personally would have no qualms about using the code, especially since you said it was posted in a public forum.
That said, not every business feels the same way, hence the AC post. If you're in a business where they're really paranoid about such stuff, your mindset might be appreciated and your discovery rewarded... maybe. However, don't underestimate how much you'll be disliked by your peers, and not just the guy you identified. Legally correct or not, your degree of paranoia about whether this constitutes fair use is fantastically unproductive, and not going to be shared by your peers, who are rightly more interested in getting the job done as quickly and easily as possible. You will be seen by them primarily as a meddling bastard.
It doesn't have any license but by default it does have copyright and the original author could prove it with the forum post.
If the time is not enough to rewrite de code then let the code there and try to work on it in another time, plus, is not probably that the original author discover that his code was stolen.
ghostbar page.
Are you sure he found the code on the web and didn't actually post the code on the web? Does the block of code form a complete 'expression'? Or is it only something so small as to demonstrate how to do something?
If Economics is "The Dismal Science," copyright law should be called "The Dismal Jurisprudence." It is the most inexact, illogical, philosophically unfounded, and inevitably abused subject of law.
No one here is really sure what's legal, although everyone has an inkling that torts are pending. And this is despite the likelihood that there is nothing in the code which a typical coder could not come up with himself. On top of that, there is the morally repugnant proposition that my own work is somehow compromised by the fact that I might have noticed some code published errantly in a public forum.
Copyright law has veered far from its original intention: To encourage the useful Arts.
- He is automatically assuming the original coder, who's now the lead he's meant to report to, acted with malice.
- He has absolutely no proof that the guy deliberately did anything wrong.
- He has absolutely no proof that they guy wasn't simply given the code by another coder on the project and has no idea it comes with a license.
- He has absolutely no proof that the guy hasn't already attained a license and it's in his desk drawer.
- He has absolutely no way of knowing if the original coder actually worked at that company and the code on the web is the derivative.
If he goes with his suggested options of an unapproved recode or reporting the issue to more senior management, without going to the lead first:- He automatically demonstrates he's assumed the worst of his lead without even talking to him.
- He has no respect for the reporting structure of the organization.
- He's willing to waste senior management's time with things a more junior manager should have looked at first.
- He's willing to waste company time doing a recode that may prove to be totally unnecessary and he certainly hasn't checked the facts to find out either way.
The only real option in this situation is to send a brief, tactful email to the lead along the lines of, "Hey, I noted [this code] is similar to [this code]. Just confirming you're aware and have made whatever decision you feel appropriate in terms of licensing?" Then keep the email.The lead may have a good reason, may not have had a good reason but takes an appropriate response (securing the license, recoding), or may choose to bury it.
ONLY when there's proof the lead's actions are deliberately sketchy does it become appropriate to consider jumping him in the chain and reporting, to ensure more senior management know they're being exposed to a liability.
Pretty much every other option demonstrates the new coder has serious issues with respecting the people he works with. He may or may not be right. If he isn't, he's pretty much destroyed himself in the organization. If he is, he still has to prove malice on the lead's part or he risks the lead saying, "Wow, I never knew. I wish he'd come to me instead of thinking he was above playing with the team."
I said code posted by the author -- not code posted.
If it's of uncertain origin, obviously that's not kosher. (Or, technically, it is of uncertain kosher-ness.)
Therefore, I agree that CYA (whatever that is, but I'll go with you) dictates you re-write it.
But, again, if it's posted by the author, which was stated in the question, and the author notes no license, then there is no license. He is implicitly releasing the code without any license by posting it on the web without noting a license.
It's not asinine.
Code which is placed on the internet by its author, without any license or qualification as to what it may be used for, is free for anyone to use, at least in the US. Period.
If you aren't certain the "author" is really the author, or you aren't willing to risk being sued even though you've done nothing wrong, you shouldn't use the code -- just as you shouldn't pick a quarter up off the road unless you want to risk being accused, wrongly, of stealing it from someone who'd just set it down.
In either case, the law is on your side when you use the code or the quarter, but, of course, someone may still sue you. The relevant analogies all hold, and nothing about it was asinine.
The case of the manuscript, as you posted it, is an asinine comparison, though. A manuscript which is on the ground is nothing like code *posted by its author on the internet*, in a forum, point of posting in which is to allow other people to use the code.
A manuscript on the street is not free for use, as intellectual property, unless it is released for such use. It is not released for such use by merely being dropped on the street, by an unknown person, for unknown (or no) reasons. By relinquishing possession of a single copy of the manuscript, the author has not necessarily relinquished possession of the content of the manuscript.
On the other hand, a person who drops a quarter and walks away *has* relinquished possession of the quarter *and the right to use the quarter*. In the same way, an author who posts code on an internet programming forum without qualifying the post in anyway has released that code for use without a license. Yet, again, dropping a book on the ground, which may or may not be copyrighted, etc., does not mean relinquishing possession of the book, it only means relinquishing possession of the manuscript, not of rights to use the content of the book.
Therefore, a man who finds a quarter on the ground or code posted by its author on a forum without any qualifications has a right to use them. A person who finds a manuscript on the ground has no guarantee that the author hasn't copyrighted the book, etc. It wasn't "posted" by its author, and it isn't a finder's-keepers matter like a quarter, because it's intellectual property which exists outside of the physical manuscript.
So, rubber and glue, baby. Quarters and author-posted-no-license-code are for use when found, and manuscripts are not necessarily. Therefore, my quarter and code analogy was good, and your manuscript and code analogy reeks.
Its 200 lines of code. That really shouldn't take very long to rewrite - stay an hour or two late one day and re-write the 200 lines.
Problem solved.
CYA stands for "cover your ass".
IANAL and I have a hard time thinking like one. I may have lived a sheltered life, but all the coders I've known were quite happy to share their knowledge, they'd just like a little recognition now and then. If a chunk of code was ingenious or very time-consuming to produce, the author has the option to NOT post said code in a public forum. The original poster comes off a little paranoid and/or maybe a little self-righteous, worrying about 200 lines of code. We're talking about some small piece of functionality, not an entire application --and it's code the author didn't bother protecting or restricting in any way. Sounds analogous to an unopened six-pack left in a public park (free --as in beer). If you need to feel better about it, clean up the formatting, re-factor a little, and rename some objects. Voila, you've got "original" code! Works that way in all fields of academia.
Is the "stolen" code an example of how to use an API? A product that I work with uses the Capicom hashing DLL. The calls to Capicom look JUST like the web examples, but that's how you use the API. There's not much you can do except change variable names and put the URL of the source in a comment.
No, I will not work for your startup
Troll.
Jherico
What can the average user can do to ensure his security? "Nothing, you're screwed"
stop pretending beeing a good 'guy' you are just looking on the web for a free advise of how to scr3w your boss about ::Lol(200 lines of code); and disguise as legal whatever...
just remove the damn comments and change the variable names. problem solved.
I work for a large software company with much international business. In order to get an export license our code- source and libraries- undergoes an audit to make sure there isnt any deep encryption or other prohibited stuff. The audit is like the anti-plagarism searches used at schools. It turns up lots of other things like GPL and open source.
Some our customers demand zer third party code. This utter fantasy in modern programming, especially when enough of this leaks into the commercial compiler libraries. But maximal documentation and sudit trails is something we can offer.
I'm afraid that I can't give you good advice, as the law only works when someone makes a challenge. For example, if someone steals your car and vanishes, you don't automatically get it back unless you A) report it stolen, and B) press charges. Similiarly if someone hurts you. YOu don't get paid unless you sue them first. And companies like doing stuff like this all the time. People are inherently cheap, backstabbing, greedy bastards. The question is...do you want to risk your job by blowing the whistle? By all means, do whatever you believe is right. But remember, martyrs die because the establishment doesn't like them. If you want to do the right thing, you must be prepared to put up with the backlash from the evil that made it wrong to begin with.
I'd say, go to your boss, and point out the code you noticed. When he tells you he'll accept responsibility for it and decide what to do, drop the issue and don't mention it again. Its out of your hands. No one's life is at stake. Plagiarism of 100 lines of code is a civil case and you'll only be hurting yourself by pursuing it further. If you feel so strongly about the issue, seek employment elsewhere. If you notify the author of the code snippet in this case, right or wrong, expect to be under the microscope..with any misstep resulting in your employment termination.
My advice, go get a job with the RIAA or SCO...you'll fit right in there.