Sothink Violated the FlashGot GPL and Stole Code

ShineTheLight sends in news of two Firefox plug-ins: FlashGot, the original, and Sothink, the GPL-violating come-lately. "People at Sothink decided to violate the GPL by stealing a piece of core code from FlashGot and using it without even the decency of covering their tracks. It is an exact copy of a previous version of FlashGot. This deception came to light when users reported to the FlashGot support forum that their software was not working right. Some digging led to the discovery that the older module that Sothink stole and used verbatim was overriding the more recent engine on the machines of those who had both installed and it was causing the issue. It has been reported to AMO and the FlashGot developer is aware of it. The Sothink people have completely ignored and been silent on the subject. This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences." The three most recent reviews of Sothink point out this plug-in's dishonest nature. A number of earlier, one-line, 5-star reviews — expressed in a similar style — sound suspiciously like astroturfing.

Firefox extension source?

[phantomcircuit]

It's not like firefox extensions are compiled.

Proof of that Statement?

[eldavojohn]

This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences.

[citation needed]

I really don't agree with that sentiment. I mean, there have been a few recent cases (BusyBox) where the company is making money off of it but I don't think SoThink is making a ton of cash off of their plugin. I am not defending SoThink in any way and hope that FlashGot takes action but instead of opting to sue SoThink, I hope he first tries to force them to open up their own tool under the GPL if it is tangled into his code or at least realease all the modifications they have done to his code. He could always turn it over to the EFF for help if he really wants to prosecute to the fullest extent. I doubt that lawsuits are going to help this situation or deter others. They'll just get more crafty about it if they feel the need to.

Re:Proof of that Statement?

From my personal experience, most of the really good programmers that I know don't contribute to open source for one main reason:

They don't have the time to.

Re:Proof of that Statement?

[Ethanol-fueled]

From the summary:

This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences."

THIS IS WHY WE CAN'T HAVE NICE THINGS.

Re:Proof of that Statement?

[dstar]

That's funny. From my personal experience, most of the really good programmers that I know _do_ contribute to open source. That's how they got to be really good programmers, in fact. They had the chance to do things right, rather than being pushed to meet some arbitrary marketing deadline, or simply being too busy fighting fires to spend time improving their skill.

At $employer[-1], we had a suite of software which put any commercial SRM suite to shame (not just my opinion -- we evaluated all the ones we could find, as we were being pushed to use a vendor-supported system), but it could have been much better if we'd had time to go in and clean up parts of it that had been written over a decade ago. On the open-source stuff I write, I don't _have_ that problem. I can do it right. (I also have that luxury at my current job, at least so far, which is _really_ nice.)

If all you're doing is writing the same sort of code the same way, you aren't going to improve your skills, at least not in a reasonable timeframe. You have to stretch yourself, _and_ you have to be exposed to better (or at least different) practices. You have to have people pointing out not just where you've done things wrong, but where you could have done them better, and even -- no, especially -- where you could have done things 'better', even though 'better' is a matter of opinion and theirs differs; having to defend _why_ you think your opinion is right makes you think about it. It certainly does me, anyway. Heck, sometimes I even change my mind!

I've found that the best way to get that sort of exposure and criticism is by contributing to open source software. At work, I'm being paid to get things done, not to sit and argue the merits of one approach over another if either is 'good enough'; a little of that is reasonable, because it helps make sure they _are_ both 'good enough', but at the end of the day, I'm being paid to produce, not study. I'm being paid to write software to get things done, in a manner that other people on the team can maintain, not learn Erlang or Haskell to broaden my understanding of programming.

And I think that's perfectly reasonable. Improving my programming skill benefits _me_ primarily, and my employer secondarily, just as exercise benefits me primarily (by improving my health) and my employer secondarily (by reducing the number of days missed to illness). They don't pay me to exercise, and they don't pay me to improve my programming skill. They pay me to get things done.

Illegal Copyleft Infringement.

[Ostracus]

"People at Sothink decided to violate the GPL by stealing a piece of core code from FlashGot and using it without even the decency of covering their tracks."

Stealing? A digital artifact?

Speaking of Astroturfing

[Filter]

If my code gets 'stolen', used without my permission, breaking the terms of the license; what difference does it make as to the license I chose to release it under.

Sigh

People at Sothink decided to violate the GPL by stealing a piece of core code from FlashGot

It's not theft, it's copyright infringement and plagiarism. It's not theft when the RIAA are the victim, and it's not theft when programmers are the victim. Two completely different illegal actions. It's also not a number of other offences - it's not murder, it's not speeding, it's not jaywalking, and it's not theft. Different names for different offences. Get it?

Wrong crowd for this

[dissy]

This is why most good programmers will stop contributing to the global community because there are those who will steal their work, pass it off as their own, never acknowledge or give credit, and then shamefully stick their head in the sand and ignore the consequences

It's not stealing, it's a copyright violation :P

Re:heh, there web page looks like a parked domain

[unlametheweak]

Why would you even download this? Their web page and blog looks like it was created from an SEO program for selling viagra.

And I noticed all of the 5-star reviews I've read are all in broken English. All of the 1-Star negative reviews are in perfect English. It's only a correlation, but it (the positive reviews) is an indicator of spam.

Re:And how is th different from the RIAA and MPAA

[dstar]

No, the perpetrators committed a crime much worse than theft -- plagiarism. Don't believe me? Go ask any tenured professor at your nearest university.

Steal something from a lab where you work, you'll probably lose your chance at tenure and the job. Commit plagiarism and you'd best start looking for a new career.

Lots of ffmpeg gpl violations

[BeardedChimp]

Over the last few years a lot of companies have sprang up using ffmpeg as a backend while shoving some putrid gui over the top which somehow justifies the pricetag (in this case "Video Encoder Engine for Adobe Flash" costs $600!).

They tend to fall into two camps, those who attempt to use the lgpl parts of ffmpeg and publish the license; and those who outright ignore the gpl or pretend they've followed it.
ffmpeg keeps a "Hall of shame" for these violaters but sothinkmedia have not yet been added.

I downloaded their videoconverter and ran it through wine. It gave me a eula with some non-gpl/lgpl terms which I duly said yes to "You may not make or distribute copies of the Software, or electronically transfer the Software from one computer to another or over a network. You may not recompile, reverse engineer, disassemble, or otherwise reduce the Software to a human-perceivable form".

Program installed what's this, avcodec.dll oh dear. Compiled in with x264, xvid etc. so GPL rather than LGPL. For a token gesture it created a folder called xvid with the GPL placed in there even though they violate most of it.

Stealing code from flashgot is a minor issue compared to that of ffmpeg.

Re:This IS A GPL VIOLATION.

[nadaou]

GPL requires that you ship code with the delivery,

No it doesn't. It requires that you ship the offer of code with the binary.

Please actually read the thing before making ADAMANT BUT COMPLETELY WRONG CLAIMS IN ALL CAPS.
That goes for moderators too, at least those sucked in by posters relying on authoritative sounding claims.

and that the package is licensed under a GPL acceptable license.

No, that it is licensed under the GPL license. (or if >=, then >=)

That's _it_.

Section 2a. of the GPL2 is 4 lines long. The entire license file is 339 lines long. i.e. that's not just _it_ at all.

It does not require you to perform any advertising,

Sure it does. You must both advertise to the downstream user their rights under the license, and in some circumstances the No Warranty text should be shown. This is Term 1, it's not exactly buried in the text.

nor acknowledge where the code came from.

The original copyright statements must remain intact. (Term 1.)

You want attribution? Use the old BSD license, or the new Apache one, not the GPL.

An interesting commentary on the goals of the licenses and motivations of authors can be taken from this.

I would say that plugin address spaces aren't kept separate (thus avoiding the issue entirely) is a Firefox _bug_ (or perhaps it's designed that way on purpose),

maybe that is a Firefox bug.

rather than any GPL violation.

WTF are you talking about?? Please explain why it can not be both these unrelated things?

So far, nothing in the summary (nor any of the articles) points out the GPL violation.

Once again, WTF are you talking about?? Except the part in the summary which says they incorporated the code of a GPL project without licensing their plugin as GPL nor letting their users know their rights under that license.

Technically a customer has to request the code and be denied it, but probably the failure to advertise that the code is available to end users under the terms of the GPL is enough to get them legally in the poop and get slapped with an injunction.

Additionally, if you're saying that plugins that are GPL'ed can't coexist with plugins that aren't GPL'ed, that's an interesting statement.

Where does this strawman come from? The problem here is not that 2 plugins of differing license sit side by side, it is that GPL code is being mixed with non-GPL code into a non-GPL product and redistributed as non-GPL. The fact that it is a for-profit company doing this doesn't change much beyond kill any innocent-mistake excuses.

If that were true, I would hope that the GPL is _banned_ as an acceptable plugin license in order to prevent all Firefox users from being copyright violators.

All Firefox users are absolutely fine to use a mix of GPL and non GPL plugins at run time. What they can't do is redistribute the things together as a single monolithic program to others without relicensing the entire package as GPL. The GPL has to do with redistribution, not use. (ie the "copy" in "copyright")

Please RTF License! It's really not that hard.