Slashdot Mirror
Sothink Violated the FlashGot GPL and Stole Code
ShineTheLight sends in news of two Firefox plug-ins: FlashGot, the original, and Sothink, the GPL-violating come-lately. "People at Sothink decided to violate the GPL by stealing a piece of core code from FlashGot and using it without even the decency of covering their tracks. It is an exact copy of a previous version of FlashGot. This deception came to light when users reported to the FlashGot support forum that their software was not working right. Some digging led to the discovery that the older module that Sothink stole and used verbatim was overriding the more recent engine on the machines of those who had both installed and it was causing the issue. It has been reported to AMO and the FlashGot developer is aware of it. The Sothink people have completely ignored and been silent on the subject. This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences." The three most recent reviews of Sothink point out this plug-in's dishonest nature. A number of earlier, one-line, 5-star reviews — expressed in a similar style — sound suspiciously like astroturfing.
It's not like firefox extensions are compiled.
This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences.
[citation needed]
I really don't agree with that sentiment. I mean, there have been a few recent cases (BusyBox) where the company is making money off of it but I don't think SoThink is making a ton of cash off of their plugin. I am not defending SoThink in any way and hope that FlashGot takes action but instead of opting to sue SoThink, I hope he first tries to force them to open up their own tool under the GPL if it is tangled into his code or at least realease all the modifications they have done to his code. He could always turn it over to the EFF for help if he really wants to prosecute to the fullest extent. I doubt that lawsuits are going to help this situation or deter others. They'll just get more crafty about it if they feel the need to.
My work here is dung.
"People at Sothink decided to violate the GPL by stealing a piece of core code from FlashGot and using it without even the decency of covering their tracks."
Stealing? A digital artifact?
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
If my code gets 'stolen', used without my permission, breaking the terms of the license; what difference does it make as to the license I chose to release it under.
"better ways of doing things eventually just replace the inferior things" - Linus Torvalds 09-08-07
It's not theft, it's copyright infringement and plagiarism. It's not theft when the RIAA are the victim, and it's not theft when programmers are the victim. Two completely different illegal actions. It's also not a number of other offences - it's not murder, it's not speeding, it's not jaywalking, and it's not theft. Different names for different offences. Get it?
This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences.
This is not a bad thing. It's a good thing. It's a good thing that code can be borrowed from one program and used in another. Why re-invent the wheel after all? I thought that's why we wrote open source software - not to receive credit, but because we want to share our work with the world.
The crime here is not that one programmer "stole" the work of another. The crime is that one programmer took advantage of an open resource, but kept their modifications closed.
This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences
It's not stealing, it's a copyright violation :P
You're obviously new here...
Piracy and GPL violations both hurt workers in the field of computing/entertainment/etc. However, there's a big difference between a random Joe copying an mp3 and a corporate entity stealing a product and re-marketing it as their own.
Yet we live in a society where surveillance is a double-edged sword. It's more favorable to our freedoms to let someone get away with copying a Miley Cyrus song rather than letting bureaucrats crush us and turn daily life into red-tape + TSA-like conditions.
Does this shift everything in favor of the little guys? Sure. Life isn't fair, but we hope to improve society (even if it's a slow process). Given the proclivity of human nature, it's FAR safer for smaller crimes to go unpunished than grant corporations overwhelming powers and let LARGE crimes go unpunished. Case in point: Recent housing & banking economic scandals.
Ok here is the correct URL to slashdot Sothink. Don't bother the Mozilla server linkeded above.
Inquiringmindswanttoknow !!
If it's okay to download movies and CDs and herpes, what is all the hoopla about gpl ?? Either it's okay to STEAL or it's not okay. If you want it both ways, just say you're BI and get on with the rest of your life.
Fact is, NO CODE WAS STOLEN !! It still exists right where it was before. Only, maybe, somebody has a COPY of this. NOTHING WAS LOST !! IP is a figment if COPYRIGHT HOLDERS imaginations !! NOTHING TO SEE HERE !! Move along !!
There are all kinds of unscrupulous people who will happily take other people's work and pass it as their own. For example, there's an entire bunch of websites devoted to bundling free Wii homebrew utilities with warez-loading apps and a torrent client and selling it as the ultimate Wii softmod get-all-your-games-for-free package. Examples: homebreware.com, playbreware.com, homebrewinstaller.com, mywiidownloads.com... the list goes on. They have sales numbers that are a sizable chunk of total homebrew users and mainly cater to the clueless, earning large amounts of cash for basically nothing.
Our "core" software (specifically, the Twilight Hack, Homebrew Channel, DVDX, BootMii, HackMii Installer, etc) is mostly distributed under a closed-source restrictive "download it from our site and use it, don't redistribute it" license precisely due to these kinds of websites. For example, ordinarily we wouldn't care at all about people mirroring these apps, but one of the favorite excuses from the aforementioned scamsites is that "they're just linking to some third-party mirror". the I've tried to get some of them taken down but it's damn near impossible and their payment processors (Plimus and ClickBank typically) move very slowly and do nothing at all (which is not surprising; after all, they get a cut of the profits). These sites tend to work on affiliate programs and therefore there are dozens of "affiliates" happily buying Google Ads and setting up spam blogs just to promote the scams.
What's even worse is that the warez utilities work backwards too - they let the scammers "pirate" our freeware and sell it for money. For example, our installer includes a large full-screen "if you paid for this you were scammed" warning, but the scammers have now used tools for Wii Channel piracy to distribute the Homebrew Channel without the installer, bypassing that screen. Every time this happens they get a nice 3-6 months until Nintendo puts out another update that would force them to use updated hacks and tools.
This is one of the reasons why I gave up on Wii development. And I don't have plans to touch any console or system where piracy might become a big incentive to run homebrew. Piracy brings in hordes of clueless idiots who just want free games, generally poisons the homebrew community, divides it due to the differing opinions on it, and also comes with dollar-eyed scammers who want to make a quick buck of it all.
I wonder what the copyright abolitionist would say when copyright is abolished and the GPL stops to be enforceable... Oh well.
If copyright were abolished, we would be free to copy and modify software without legal repercussions, so we wouldn't need to rely so much on the GPL. Of course, no modifying could be done unless programmers voluntarily published their source code. But in a theoretical world without copyright, there would be no reason not to publish your source code - because you wouldn't be able to profit off of software sales in a world where anyone could legally copy your program for free. It would be advantageous to publish the source code, to ensure quality and make bugs and security holes visible.
In short, if copyright were abolished, we would have no use for the GPL.
That's rather a bold statement. It might even be true if there were no possible redress. But publicizing the wrongdoing and ousting the offenders is quite a powerful part of the community. Of course any similarly-wronged author, proprietary or open-source, also has the law on their side. Hardly an abject situation.
Anybody want a peanut?
Why would you even download this? Their web page and blog looks like it was created from an SEO program for selling viagra.
And I noticed all of the 5-star reviews I've read are all in broken English. All of the 1-Star negative reviews are in perfect English. It's only a correlation, but it (the positive reviews) is an indicator of spam.
Mod parent up. You're absolutely right. No code was "stolen". Code can't be stolen. This is just a small license violation. Not a big deal. The perpetrators are at best ignorant, and at worst, selfish, yet the summary paints them out to be the scum of the earth.
No, the perpetrators committed a crime much worse than theft -- plagiarism. Don't believe me? Go ask any tenured professor at your nearest university.
Steal something from a lab where you work, you'll probably lose your chance at tenure and the job. Commit plagiarism and you'd best start looking for a new career.
Over the last few years a lot of companies have sprang up using ffmpeg as a backend while shoving some putrid gui over the top which somehow justifies the pricetag (in this case "Video Encoder Engine for Adobe Flash" costs $600!).
They tend to fall into two camps, those who attempt to use the lgpl parts of ffmpeg and publish the license; and those who outright ignore the gpl or pretend they've followed it.
ffmpeg keeps a "Hall of shame" for these violaters but sothinkmedia have not yet been added.
I downloaded their videoconverter and ran it through wine. It gave me a eula with some non-gpl/lgpl terms which I duly said yes to "You may not make or distribute copies of the Software, or electronically transfer the Software from one computer to another or over a network. You may not recompile, reverse engineer, disassemble, or otherwise reduce the Software to a human-perceivable form".
Program installed what's this, avcodec.dll oh dear. Compiled in with x264, xvid etc. so GPL rather than LGPL. For a token gesture it created a folder called xvid with the GPL placed in there even though they violate most of it.
Stealing code from flashgot is a minor issue compared to that of ffmpeg.
You're right, it's not exactly the same as other forms of stealing. But the general term for this is stealing. Presumably this would be listed as another definition in a dictionary.
If you can steal someone's heart, if you can steal a kiss, if you can steal cable, if you can steal an identity, there's no reason this cannot be stealing also.
It has been this way a long time too, stealing cable started in the 70s.
http://lkml.org/lkml/2005/8/20/95
If copyright were abolished, we would be free to copy and modify software without legal repercussions, so we wouldn't need to rely so much on the GPL.
That's a bit like saying that a person without arms wouldn't rely so much on gloves.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
Fifty comments in this thread and no one has mentioned the Software Freedom Law Center? Amateurs!
The lead developer for FlashGot needs to contact the SFLC. Right. Now. The SFLC has lawyers on staff who eat companies like this for breakfast. Or at least, you know, they'll give them a very stern talking-to.
He shouldn't contact the supposed violators (that could cause legal murkiness), he should not go fishing around for evidence of the violation (again, more lawyerly problems), he should not pass Go, and in no way shape or form should he try to collect $200 from anyone.
Once he talks to the lawyers then he'll know what steps he should take to document the violation and then to approach the violators. By putting his ducks in a row first and by communicating with a lawyer, he'll have a much easier time approaching the Sothink company and getting the violation resolved.
Pro tip: The last time I emailed the SFLC it took 13 days for them to respond, so in order to get the ball rolling on resolving this problem I'd suggest picking up the phone and calling them.
coding is life
The difference is, arms are useful.To the copyright abolitionist, copyright stopped being useful when computers empowered individuals to copy and distribute information as many times as they wanted at no cost.
Nobody wants to lose their arms. Copyright abolitionists want to lose copyright. Thats the point.
In a kind of a way, you're correct. Unfortunately, the way that you're correct doesn't help your argument any.
The way that you're correct is that it requires a finer analysis to actually determine which is better for society. Unfortunately, after the final analysis...well, the RIAA paid to have laws passed which favored them and which many consider to be blatantly unconstitutional. (I know, the courts agree with them that the laws are constitutional. This doesn't convince me.)
Since the RIAA & it's member companies wrote and paid for the laws that benefit them, I don't believe that there's any justice in anyone else being obliged to obey them. As a practical matter, I'll agree that it's dangerous to act on that belief, under the presumption that we live in a just world.
To my mind this puts the RIAA & it's member companies in the same category as other criminal conspiracies.
OTOH, neither the FSF nor any other Free Software organization has successfully lobbied for laws supporting it's stance. So if it takes advantage of existing laws, they can't be blamed if someone else finds the laws unjust.
I'm sure that better arguments could be made, but this one suffices for me, so I've never felt obligated to dig deeper.
I think we've pushed this "anyone can grow up to be president" thing too far.
In a world without copyright, all commercial software money would be made off support contracts. That's not necessarily a bad thing, but it means the exact opposite of what you intend will happen in a lot of cases. Developers will clamp down as tight as they can on their source, protecting it as a trade secret. As long as they are the only ones with the source, they have a huge advantage in giving support. It is a hundred times easier to patch a bug, or add a requested feature, when you have the source. Currently you can make the source available if you so choose, without licensing it like the GPL. In fact, Microsoft does just that for Windows. If copyright ended today, do you think they would just shrug their shoulders and gpl everything? No, they would do everything in their power to consolidate as much knowledge of of Windows and it's source with them, so competitors can not quickly create their own windows distro (for lack of a better term) and claim a piece of the support contract pie.
One of the reasons I've never been a fan of the GPL -- you can use GPL code and get in trouble over it; software isn't truly free until anyone can use it freely, without worrying about legal trouble. The forced reciprocation, IMHO, has hurt the open source movement severely. Companies actually have good reason to fear "free" GPL software, because unlike speech, GPL comes with strings attached.
"Sorrow is better than laughter, for by sadness of face the heart is made glad." [Ecclesiastes 7:3]
$80,000 per line.
Le français vous intéresse?
> But if it incorporates GPL code, it automatically falls under the GPL.
No it doesn't. If it incorporates GPL code without itself being under the GPL it infringes the copyright on the incorporated code.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Problem is, you really can't make money by making software and hiding it from everyone.
Well... I thought that was what I was discussing. Obviously you can't make money by selling the application directly, but you can grant access to the service or sit on it and exploit the fact that you have a *tool* (i.e. a means to an end) that no-one else has.
And "carrying out a service on behalf of others"? Not sure what you mean by this. Do you mean someone would write a program, hide it from everyone, but offer to run the software for them on their behalf?
I wouldn't put it like that. If (say) Pixar were the only people who had halfway-decent 3D software that no-one else did- or had the prospect of developing in the forseeable future- then they could either exploit that to make their own animations miles better than anyone else's.
Or (in response to your question), they could provide services on others' behalf. That might be the form of them finding out what the client wants and doing pretty much all the work themselves; models, rendering, characters, design etc. Or at the other extreme they might provide a rendering service.
As I acknowledged, this wouldn't work in all cases; it certainly wouldn't work for a web browser, as you implied.
I would hope in a hypothetical copyrightless future, good people would create free software alternatives to software-as-service.
Quite possibly. Nothing I said would contradict that; it was a rebuttal of one specific assertion you made- paraphrasing- that in a copyright-free world there could *never* be any benefit in not giving one's software away. Which- IMHO- is wrong as a blanket statement, and flawed as an argument against copyright in general. But in some circumstances it could still be beneficial to do so, and- as you said- some altruistic people might release their work freely anyway- nothing stopping that.
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
I think that if copyright were abolished, the sale of software would still continue, albeit in a more limited way, paticularly in the business world, even if everything were open-sourced.
Think of this: if you are an IT manager, are you going to trust the OS of all your production machines to some random Joe Schmo's distribution of "Free OS" downloaded from freebies.com? No way, you are still going to get it from a reputable source, and if you have to pay for it, all the better. The sale is in fact a sort of support contract in itself, because the exchange of funds for software thus gives you the right to go after the seller, if not legally, at least create bad press, if there is a failure.
A similar thing would happen with entertainment media. Even though I can get just about any movie in digital form off of Pirate Bay practically the day it is released, I will still pay money to see it in the theater. Why? Because of the experience, and because I know the picture and sound quality are going to meet certain standards (e.g. THX). Just like I will still go to a concert even if I have downloaded the album.
The physical design of many hardware devices, such as automobiles, is pretty much open-source, hence the existence of Chilton's service manuals and the like. But would I theoretically trust my life to a car built from open specs by Larry down the street? Again, no way.
Yes, among hackers (of all stripes), no one would pay for anything anymore. But if I want to take the girlfriend to a movie, or acquire software for work that works as expected the first time, or trust my life to a car, I will gladly pay a fair price for the assurance that it will "just work."
The good news is that overtly crappy software (e.g. Windows ME & Vist) would never see the light of day. But good quality products will still be profitable, and will command a price.
I love the double-standard so much. Piracy is fine but GPL violations ? OH GOD STOP THE PRESSES.
You write as if Slashdot would be one single person. Do I really have to explain that there are thousands of people commenting on Slashdot, with wildly varying opinions on different subjects. It could very well be that different subsets of the Slashdot populace are attracted to the articles on piracy and GPL violations, but apparently, your simple mind cannot fathom this. Unless you get down to individuals, you cannot claim that the entire Slashdot populace has a double standard and still expect to be taken seriously.
Several GPL lawsuits have been filed in the United States (Cisco and Verizon/Busybox off the top of my head). So far all have been settled before reaching court. However, the GPL has been upheld by a German court: http://arstechnica.com/open-source/news/2007/07/skype-loses-gpl-lawsuit-in-germany.ars
Are we being politicians now?
Nice straw man
Yes, they stole , hours or perhaps days/months of work.
If nothing went missing, it isn't theft or stealing. Logic dictates that. Emotions do not.
is stealing. They stole a digital artifact, they stole "information", "knowledge".
You can't just repeat "it is, it is, it is." You have to prove it, especially since the burden of proof is on you. Data, knowledge, information is non-tangible, it can't be stolen. You REALLY like stretching definitions to rediculous lengths, don't you?
hey took something without doing something required or giving something required
That is a dangerously BROAD definition that nobody in their right mind would accept (and is why the legal codes internationally require deprival of something - property - they had.
It is not a movie, don't go into "but it is not stealing" mode immediately.
Same concepts still apply - same differences still exist.
It is 2009 already and you people have issues with understanding the difference between "virtual" and "real" things
Obviously "we" are the ones who are trying to give data, and abstract ideas the properties of physical objects, obviously we have the issues. /s
oh yes, pirating a Hollywood movie is stealing too... Like I explained above. I don't really care if producer is Satan himself.
Actually, it still isn't, thanks for showing you are incapable of backing up your assertions with anything other than "it is" though.
If you believe in privacy, and believe you have "nothing to hide" at the same time, you're a goddammed idiot
GPL requires that you ship code with the delivery, and that the package is licensed under a GPL acceptable license. That's _it_. It does not require you to perform any advertising, nor acknowledge where the code came from. You want attribution? Use the old BSD license, or the new Apache one, not the GPL.
I would say that plugin address spaces aren't kept separate (thus avoiding the issue entirely) is a Firefox _bug_ (or perhaps it's designed that way on purpose), rather than any GPL violation.
So far, nothing in the summary (nor any of the articles) points out the GPL violation.
Additionally, if you're saying that plugins that are GPL'ed can't coexist with plugins that aren't GPL'ed, that's an interesting statement. If that were true, I would hope that the GPL is _banned_ as an acceptable plugin license in order to prevent all Firefox users from being copyright violators.
"we wouldn't need to rely so much on the GPL"
With no copyright, you cannot rely on the GPL at all because it's unenforceable. Much like a person without arms wouldn't rely on gloves so much because they're unwearable.
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
No it doesn't. It requires that you ship the offer of code with the binary.
Please actually read the thing before making ADAMANT BUT COMPLETELY WRONG CLAIMS IN ALL CAPS.
That goes for moderators too, at least those sucked in by posters relying on authoritative sounding claims.
No, that it is licensed under the GPL license. (or if >=, then >=)
Section 2a. of the GPL2 is 4 lines long. The entire license file is 339 lines long. i.e. that's not just _it_ at all.
Sure it does. You must both advertise to the downstream user their rights under the license, and in some circumstances the No Warranty text should be shown. This is Term 1, it's not exactly buried in the text.
The original copyright statements must remain intact. (Term 1.)
An interesting commentary on the goals of the licenses and motivations of authors can be taken from this.
maybe that is a Firefox bug.
WTF are you talking about?? Please explain why it can not be both these unrelated things?
Once again, WTF are you talking about?? Except the part in the summary which says they incorporated the code of a GPL project without licensing their plugin as GPL nor letting their users know their rights under that license.
Technically a customer has to request the code and be denied it, but probably the failure to advertise that the code is available to end users under the terms of the GPL is enough to get them legally in the poop and get slapped with an injunction.
Where does this strawman come from? The problem here is not that 2 plugins of differing license sit side by side, it is that GPL code is being mixed with non-GPL code into a non-GPL product and redistributed as non-GPL. The fact that it is a for-profit company doing this doesn't change much beyond kill any innocent-mistake excuses.
All Firefox users are absolutely fine to use a mix of GPL and non GPL plugins at run time. What they can't do is redistribute the things together as a single monolithic program to others without relicensing the entire package as GPL. The GPL has to do with redistribution, not use. (ie the "copy" in "copyright")
Please RTF License! It's really not that hard.
~.~
I'm a peripheral visionary.