Slashdot Mirror
Did Microsoft Borrow GPL Code For a Windows 7 Utility?
Goatbert writes "Rafael Rivera over at WithinWindows.com has found evidence that Microsoft has potentially stolen code from an open source/GPL'd project (ImageMaster) for a utility made available on the Microsoft Store to allow download customers to copy the Windows 7 setup files to a DVD or USB Flash Drive. If Rivera's evidence holds up, this could be some serious egg in the face for Microsoft at a time when they're getting mostly good press from the tech media."
And it's poking through my pants.
for some reason it would not surprise me if microsft stole that and a bunch of other code... idk just a feeling
epic sig..... ya i got nothing
The code in question seems to be called into scrutiny because the two areas of code bear the same name (ReadBytes) and operate similarly.
The longer you work in the development of software, the less magical it all becomes. The first time you plugged some code into a terminal and it worked, it seemed like an amazing amount of wizardry and behind-the-scenes stuff that you could never fully fathom. Compilers, binary code, arcane source languages, electronic signals. It's amazing to a neophyte just how much stuff is going on.
But the longer you plug away at it, the more you realize that it's just code. Nothing special is really going on. You're mostly moving data from one area of memory to another. It's almost a form of Nirvana once you reach this point.
So when someone comes along and says "OMG YOUR READBYTES METHOD IS JUST LIKE THIS ONE IN SOME GPL CODE!!!!11", it kind of pegs that person as someone who doesn't really have much experience with real programming. Sure, they may use a lot of tools, and know how to recompile their kernel, but they really don't have a firm grasp of what and why they are doing what they are doing.
So the evidence is a ReadBytes snippet?
I'll wait till there's evidence before even commenting about the ramifications of something like this. This is just wild speculation at this point.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
really? they "stole" readbytes? can we have some different "damning evidence" please.
Stop being insecure about Windows' successes. It's fucking embarassing. Linux has it's place, and that place is nowhere near the average consumer's home computer.
Microsoft has had open source code earlier also. But it's been licenced with bsd kind of licence. The problem is that if there are gpl-licenced code taken (doesn't need permission of project owners) microsoft has to give all changes they made to public. Gpl can also touch so depends what they've done with/to that they might also need to distribute more code of theirs. There is also organisation who's trying to track down and sue corporations violating OS licences (can't remember name), maybe they get some job to do.
...who the FUCK cares?!?
I can't stand about Microsoft? Even though we don't have the source and can't prove it, Windows likely uses GPL code.
The GPL requires any company using GPL software to release their additions to the source. Everybody storm Redmond! Get it! Get the code!
It's .NET code. It's already "Open Source" by virtue of tools like Reflector existing.
in the worst case, they could publish the full source of the application in order to comply with the gpl... I mean, it is just a tool to copy files from a to b, right? so it is kind of a silly article.
If Pandora's box is destined to be opened, *I* want to be the one to open it.
Come on people, you can't have it both ways. If you can't "steal" music, you can't "steal" code. MS "stealing" this code didn't deprive the Open Source community from using the code (i.e. stealing my car), or at least that's the argument /.er use whenever the word is used in conjunction with music and movies. Eat your own dog food.
I, for one, welcome our newest open source project to the community - Windows 7.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
Goatbert engages in anal stretching. My evidence: the names are very similar.
Wait, you mean similarities DON'T mean that they are the same thing? Damn. I thought I was on to something.
But then I realized the cable was blue, so I only gave it one star. I hate blue.
Seriously, what he shows to be evidence looks like code that was written straight from reading the ISO disk image specification. Next up, school math class accused of mass cheating for solving math problems in similar ways.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
I've written subroutines called "ReadByte" several times, so obviously both the Microsoft code and the GPL code is in violation of my company's copyright! (BTW, if the ReadBytes routine doesn't have a buffer size parameter and return the actual number of bytes read, it is bad code.)
I've abandoned my search for truth; now I'm just looking for some useful delusions.
Even if true, surely Microsoft would just need to perform minor corrective action (replace the code promptly and discipline or fire those responsible for inserting the stolen code). The software isn't a significant part of the system. Nor does it seem to be a difficult bit of code. So you can't really claim that Microsoft is making boatloads off of or even just saving money by stealing the code. And I think MS probably could make a good argument for saying that either they had a rogue developer or someone made a terrible mistake in inserting the code. It just doesn't look like "egg on face" to me unless the replacement of the code results in some high publicity drama like a recall of the OS.
With the amount of "evidence" in the article, the same accusation could be made against the GPL project. Perhaps the author of that project illegally gained access to Microsoft code and used it as a starting point for ImageMaster.
I don't think everyone here believes you can't steal music, first off.
Speak for yourself. I do believe you can't steal music.
You could steal the original copies. You could steal a famous painting. But "stealing" music? For instance, what IS music? It's nothing but a mathematical concept involving harmonics and sound.
What are words? You can't "steal" what I said. This isn't like the little mermaid where you could steal someone's voice and leave him/her mute.
Non-physical works CANNOT be stolen. Unless you're talking about a PHYSICAL COPY, you cannot steal it by definition. Copying a work? That's completely different. But if it's a non-destructive process, you're not stealing it. You're just COPYING it.
If you want to use an appropriate term for what Microsoft supposedly did with this GPL code, it's called plagiarism. Sure, it's called "stealing" nowadays, but using this word is oversimplifying.
Did Microsoft Borrow...
Microsoft borrows, everyone else steals?
I wonder if I can try that with the RIAA/BSA?
I work for the Department of Redundancy Department.
You may not ... reverse engineer, decompile or disassemble the software, except and only to the extent that applicable law expressly permits, despite this limitation;
Which seems to be exactly what the Author has done. Sucks to be him, or anyone else trying to find out if M$ has stolen your code and violated your license, since the only way to find out, is to violate M$'s license agreement. Have fun in court.
So based on a fragment of pretty basic code doing a very basic task that most people would write off the top of their head the assumption that it has been stolen from OSS.
This is like the old SCO claim around the Knuth code. There really are some basic bits that date back to the pre-history of IT. This is a long way from evidence and doesn't make the OSS world look any better than SCO did with their claims.
Evidence folks needs to be a bit bigger than a method.
An Eye for an Eye will make the whole world blind - Gandhi
FTA: A simple search of some method names and properties, gleaned from Reflector's output, revealed the source code was obviously lifted from the CodePlex-hosted (yikes) GPLv2-licensed ImageMaster project.
Give me a break! That's just enough evidence to go and dig more deeply. It's hardly proof of anything, but the author's bias.
No, they did not. Borrow is the completely wrong word here. Maybe they stole the code, but they certainly didn't borrow it.
It hardly matters though. It is perfectly OK when Microsoft does this, as seen from a long lime of past actions. When you copy their code it is a felony, but when they take something that they want it's just business as usual.
I'm an American. I love this country and the freedoms that we used to have.
This is Microsoft. The company that tries to step on as many other companies as possible. Do you honestly think that Microsoft doesn't look at GPL'd code and add it? Hahhaah I wouldn't be surprised if a good 50%+ was GPL'd. It'd be a great day of defeat for Microsucks if this got confirmed. Considering their piece of crap Windows 7 it'd only be the final nail in the coffin. :)
I don't think slashdot is correct place to handle issues like this.
"If Rivera's evidence holds up, this could be some serious egg in the face for Microsoft at a time when they're buying mostly good press from the tech media".
Knowing how things happen in media today - hint: in economical downturn even serious press are easy to buy - this is only a half joke.
user@ubuntubox:~$ stfu This server is going down for shutdown NOW!
Well, they do get -some- bad press occasionally but in general the mainstream media faun over MSFT constantly. The freakin BBC aired an interview with Ballmer recently where they asked him all sorts of questions about the world economy! WTF? Does Ballmer have a degree in economics? Does he have a crystal ball? And if he did know something we don't about the economy, would he really share it freely? Really?
Damping absorbs vibrations. Dampening is caused by moisture.
The half ass coders are in Windows land. Obviously the better coders jump to OSS
We have a society where a huge proportion of people violate copyright and feel okay doing it. Why would anybody give a crap when Microsoft does a little of the same? People will start taking the GPL seriously when they start taking copyright in general seriously. That is, never.
Element109 wrote on: http://social.msdn.microsoft.com/Forums/en-US/windowsopticalplatform/thread/421f3137-c9aa-45fb-8c5a-ec5dd6860036
The iso and udf parsing portions were ported from the 7-zip project. The credits.txt file contains all the sources used in creating my project.
7z
by Igor Pavlov
7-Zip is a file archiver with a high compression ratio.
http://www.7-zip.org
There are links to his source on his homepage. 7-zip is hosted on the SourceForge website.
If you checkout my initial upload there is a file in the reader directory that is a very early stage of the initial udf port. I had excluded it from the VS environment and forgot about it. It is the file I deleted in the latest changeset.
Why? I don't get it. Sure, Windows 7 is about 100x better than Vista, but it's still buggy, unstable, a late copy cat of other superior OSes that have been out for a while (Mac/Ubuntu), and worst of all: Horribly prone to viruses.
In the last two months I've done 20 reformats and OS installs. Of the 20, 10 were Windows 7 installs, and 7 were Linux Mint installs, and the other 3 were stock Ubuntu. Of the 7 Mint installs, I have gotten NO tech support calls. Not one. Every customer is happy and going about their business happily watching YouTube, making docs in Open Office, and IMing in Pidgin. Literally, not ONE tech support call. I got one tech support call for Ubuntu, the client didn't know how to install flash. I should've done that before I "finished" the job. Kind of my fault.
No less than 5 of the Windows 7 installs have had to be REDONE. 5 of the clients got viruses within the first week, and needed a reformat. I switched 3 of them to Ubuntu 9.10. The other 2 I gave extremely stern lectures about Firefox, and bookmarked redtube on the bookmarks toolbar.
I don't understand why everyone is all over MS in a good way for Windows 7. It is still under-featured, bloated, prone to viruses, slow to boot, and lacking in stability compared to almost every Linux distro out these days. The ONLY reason I install Windows is for gamers. And even for some of them I setup dual boot with Ubuntu or Mint and try to make them boot to Linux for everything BUT gaming.
I hold very few opinions. I hold information based on observation and fact. If you wish to disagree, please use facts.
Copyright infringement isn't theft, as the pirates always tells us on Slashdot, so nothing was "stolen."
I troll Slashdot because it has become a mockery of itself. Why the fuck should I take it seriously when it can't take itself seriously.
So go fuck yourselves up your faggot asses. Slashdot is for faggot bitches just like open sores is for faggot bitches.
get aids and die.
overloard something or other
cmdrdildo
Now everyone can have a great time bashing Microsoft again like they have for the last 15 years.
Grow up people... even IF they're guilty it's a tiny piece of code probably stolen by a single employee without anyones knowledge or consent.
Sorry, I'm just so-effing-tired of people bitching and whining about the smallest of things.
7-Zip is LGPL. They still have to release all their source mods, but they don't have to open whatever they link with.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
I wish you were here so I could take a dump on your head.
doesn't anyone know about...
c:\windows\system32\drivers\etc\hosts
?
microsoft is famous for stealing code.
It's that time again. Before anyone comments on GPL lifting, please take the GPL quiz:
The GPL Quiz
Anyone who gets a perfect score may comment in this thread, all others please keep uninformed conclusions out.
The Right Reverend K. Reid Wightman,
Look, when you take to functions that do essentially the same thing, and you compile them, to optimized code, there is a good chance, if the compiler is doing its job that the compiled byte code looks a lot a like. This code HAS to act the same, its reading the same data format. Its no surprised that when you decompile different versions that they look the a like, I would be concerned if they didn't.
Go ahead and decompile it, so you aren't seeing the original source, you're seeing a decompilers version of the optimized code.
I could probably write that function 100 different ways in one day and get the exact same thing out after compiling it to optimized byte code and then decompiling it. Its a rather specific process at that point for dealing with a standard. You almost HAVE to do things in that function that way in order for your code to actually work. There are a few changes that could be made, some branches could be done in different orders, but once you throw the optimizer at it, those branches are likely going to be reordered the same way to reuse registers and such rather than wasting extra ones.
The author of the article is a newbie at best. Its fairly clear that he doesnt' actually understand what has happened in this process and has provided no evidence other than 'the end result looks the same!'. It could have went both ways, neither project was the first to write a UDF reader. My guess would be the first C# UDF code was actually a port of some C code to do it anyway.
Finally if you read the comments section of the article, the ImageMaster credits.txt contains a link to MS source, while I haven't bothered to download the linked SDK, its a safe bet that the reason the code looks the same is because it probably is, ImageMaster PROBABLY pulled that function from an MS example. It happens ALL THE TIME.
There is no MS conspiracy, just some douche bag blogger wanting to get posted on the front page of slashdot to increase his ad revenue.
The proper thing to do is to remove this story from the front page to deny that traffic to him.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Yes, after reading the original letter I have one: how does that letter prove that Microsoft is evil? The only thing Gates is saying is that he and his company has invested around $40000 in building and supporting the software, and the return was so small, it was just enough to break even.
Um Microsoft hasn't exactly done so badly has it now? You could only claim to have just barely broken even founding and running Microsoft with some VERY creative accounting. Like writing off hookers, beer and multi-million dollar mansions and cars as business expenses. I suppose we should all feel very sorry for the CEOs who after all only pay themselves $1 a year in salary. Would YOU work for just $1 a year (and a few hundred billion in stock)?
These posts express my own personal views, not those of my employer
So all MS should do is publish the source code as an Automatic Update, and then they've complied with the GPL, yes ?
If they played it right, they could win some kudos ... maybe not here of course, thise is /.
Patents on the other hand dont protect the implementation, they protect the idea/process that is being implemented.
Patent do protect specific implementations of ideas, not the ideas themselves.
Falcon
Should there be a Law?
Copyright protects a particular expression of an idea, not the idea itself. You're thinking of patents, which are completely different.
And you misunderstand patents. Look at my reply to the post above yours. Especially see what Findlaw says about patents.
Falcon
Should there be a Law?
either. No free redistribution, derived works, or anything. Just because the source code is available doesn't make something open source.
And only OSI can define what open source is?
While the term "open source" was coined by the Open Source Initiative source code was open, visible to see, study, and modify as early as the 1960s. The hackers of the Tech Model Railroad Club at MIT in the '60s was posting their source code on boards for anyone to improve and optimize.
But then again that was before "hackers" was used as a negative word.
Falcon
Should there be a Law?
Can we disable MS's internet access?
It looks like Microsoft's defence will be that the EULA says ""You may not reverse engineer, decompile or disassemble the software". They'll probably charge the guy with a DMCA violation...
Legally speaking, what does it mean to disassemble a program? Is it to convert its machine representation into a more readable format? Every processor in every computer does this, it just disassembles to a language that is not composed of English words and numbers. \
If someone owns Visual Studio and another program on their system crashes, what happens? A little dialog box asks the user if they want to debug. If they say yes, Visual Studio fires up with a disassembly view of the program that crashed!
Isn't the entire Wine project basically reverse engineering the Windows APIs?
If you really wanted to see if the code was the same without having the original source code, wouldn't the smart thing be to use the same decompiler on the compiled versions of both?
Otherwise, you're comparing apples to applesauce... they may both be forms of spple, but they don't look the same.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
You're calling me an idiot and I'm the one displaying irrational hating behaviors?
Calling names is irrational.
Falcon
Should there be a Law?
It's not hypocritical "from a certain point of view".
And you know *why* that is? Because *IT'S NOT THE SAME*
Copyright infringement was being denounced as piracy while the Black Flag still flew over the Caribbean.
The NET act [No Electronic Theft] - passed and signed into law in 1997-98 - is a contemporary example of why the geek cannot hope to win this war on words.
In the American federal system ordinary criminal jurisdiction is state and local.
You'd have to dig quite deep into the federal criminal code to find any mention of theft at all.
If it comforts the geek that he hasn't been charged with theft -
conviction on the felony charge still reduces his horizons to a 6x8 cinder block cell and a bunk mate named Big Mike.
You think IBM touting Linux on some of their servers is reform? I see you've never dealt with their storage, mainframe, or global services business units.
i mean like 500 different listing exists for windows on the pirates bay.......
Microsoft is evil. Always has been. Always will be.
the Corporation of Microsoft behaves in an aberrant, selfish fashion. If there is GPL code that is being misused, it is not because "Microsoft is Evil', but more likely because they hired a contractor who lifted some open source code and though it would not get noticed. MS may be sociopathic and short sighted, but they are not going to as a official policy do something like this.
I have said it before here, Microsoft does some really stupid shit. Don't just assume that everything that looks bad is their fault though. That is just being lazy.
HA! I just wasted some of your bandwidth with a frivolous sig!
I hereby copyright this article and all comments under the -99999 PCL (pedantic comments license) all comments and or random crazy speculation is property (c) Anonymous Coward 2009 (c)
investors
Find something complex. This is just too simple to claim copying. Sadly the OP has lost all credibility by making the claim.
Can you imagine the amount of code theft that will be discovered if this ever gets to court?
Almost every part of Windows has some amount of stolen code.
I am the unwilling control for my Origin.
Foredecker, per my subject-line above - Please answer on these following points, thanks (I would like answers on what you folks @ MS plan to do, in regards to points 1- 2 a & b):
Per -> http://slashdot.org/comments.pl?sid=1429510&threshold=-1&commentsort=0&mode=thread&cid=29967174
----
1.) TELL US WHY ROOTKIT.COM SAID THIS BELOW (who published code that shows how to EASILY "unhook" the new NDIS6 firewall in VISTA, Windows Server 2008, & Windows 7 no less) & why they said this:
http://www.rootkit.com/newsread.php?newsid=952
PERTINENT EXCERPT/QUOTE:
"BTW, the firewalls based on NDIS v6, which was introduced in Windows Vista, are much easier to unhook and bypass."
(AND, more importantly, since you claim to be a senior development mgr. @ Microsoft, what you plan to do about it (or, if you plan to @ least investigate their claims @ least - because this is only to POINT THIS OUT TO YOU PEOPLE @ MS, & up to you to @ least "check it out", as to the veracity of it... thanks!))
I am pointing this out to you, based on their claims @ ROOTKIT.COM and for the fact the seemingly provide actual exploit code for "unhooking" (making useless) the firewall(s) designed based from NDIS6... please, look into it, or @ least give us an idea of your intent in regards to this. Thanks.
&
2.) Give us a SOLID answer to why 0 was removed in HOSTS then, because in HOSTS files:
a. 127.0.0.1 or even 0.0.0.0 HOSTS files only, vs. 0 blocking "IP" based ones, only makes for larger slower HOSTS file loads into memory (be that the local DNS client, or diskcache even) & using hosts thus, speeds you up online as well as a bonus for speed (see Mr. Oliver Day below as well as myself on THIS note) , not only yielding one more safety online (by blocking adbanners which have been shown to harbor malware, or isn't this indicative of that -> Anti-malvertising.com? and in doing so, you also gain speed by not downloading or calling out to said adbanner servers also) and, HOSTS also provide another option for more speed, by allowing a user to optionally also speed ones' self up online as well, by allowing one to hardcode in one's favorites to avoid potentially compromised DNS servers (ala Dan Kaminsky proof thereof!) or, even allows a user to avoid being logged on a DNS request log theoretically @ least I would think
(AND, sure: An ISP/BSP can check where you went, & so can anyone because of the top-level domain that maintains the reverse DNS request lookup tables, & a ping or traceroute does the rest of the job, but this makes it harder to do by "the infamous they" is all, in hardcodes of favs & avoiding DNS server request logs potentially).
AND
b. HOSTS also make you SAFER online, not as much CPU + other forms of I/O burning use needed, vs. things like local DNS servers, or other forms of OS level/IP stack level filtering &/or caching solutions do...
(As seen in more complicated filter like iptables in Linux for example: Yes, no cpu burned there either, but that's just more complex than editing a text file like HOSTS is)
Nor does using a HOSTS file with favorites/bookmarks hardcoded involve communicating with a potentially compromiseable DNS server that definitely use more RAM in a local DNS program being used by a user, vs. a HOSTS file, as well as other forms of IO + CPU usage (as much, or more, than a HOSTS in a local diskcache or DNS local client cache would).
Using HOSTS files, YOU can also, for safety, EASILY "Block out" known bad servers using HOSTS files, for security!
(From RELIABLE lists, that are easily found from Dancho Danchev of ZDNet, stopbadware.org, or even Spybot Search & Destroy + WIKIPEDIA even)
This could really spoil the image of Microsoft. http://www.cypress.com/
I didn't think they actually meant that they were _taking_ ideas from folks...well I guess there's the truth in marketing.
Reflector shows what the code output by the compiler looks like. It does not show what the code looks like in source control or before compiling. It is possible to write a section of code in numerous ways, yet still get the same compiler optimized code.
Then there is the simple fact that for basic methods, there is a high likely hood that a similar method has been written at some point. There are only so many ways to write a buffer read operation for example.
Instead of pointing out a potential oversight, MS is accused of "stealing" right out of the gate. Good job folks. Way to encourage vendor participation in your projects. Keep it up and you will ensure OSS remains in the dark corners of IS - appliances, the occasional web server. It will never see critical mass unless people learn to work with vendors whose employees may not be completely familiar with all of the rules yet.
You cannot steal code.
You can steal the book the code is written in.
Or the disk the code is on.
Or you can make a copy of it.
You can even make a binary conversion of the code (which is a kind of copy).
But it is not stealing
It is copying
I've said as much myself.
http://perens.com/SCO/SCOSlideShow.html
This link does not say SCO showed code from System V they owned in Linux. One peace of code they showed is in the Berkeley Packet Filter which has a BSD license. Other code mentioned was copyrighted by ATT then released by Caldera, what SCO formerly was called, with a BSD license.
http://www.lemis.com/grog/SCO/code-comparison.html
So far there's "This point is crucial to the reason that I initially came to the wrong conclusion. As it stands, the code is not System V code. In fact, as we'll see below, it is derived from System V in exactly the way I describe."..."SCO is incorrect in claiming that the code in question has been lifted from System V.4 without changes, but that doesn't change the fact that it obviously comes from System V.4."
The author, Greg Lehey, goes through SCO's claims and disputes each one. Now that's a short page so Greg Lehey probably didn't cover every SCO claim. So SCO may of disclosed some code, but do they step up to the light of day?
And that's disregarding the fact that Novell not SCO owns the System V code.
Falcon
Should there be a Law?
Your accusation is ridiculous. You don't offer who/what/when/where/why the ac apk's warnings and proofs from reputable sources and a test that anyone who can code can perform easily enough. His proofs aren't ridiculous as you said they were. If anyone replying here looks ridiculous, it is you.