Did Microsoft Borrow GPL Code For a Windows 7 Utility?

Goatbert writes "Rafael Rivera over at WithinWindows.com has found evidence that Microsoft has potentially stolen code from an open source/GPL'd project (ImageMaster) for a utility made available on the Microsoft Store to allow download customers to copy the Windows 7 setup files to a DVD or USB Flash Drive. If Rivera's evidence holds up, this could be some serious egg in the face for Microsoft at a time when they're getting mostly good press from the tech media."

"Obviously lifted" not so obvious

[BadAnalogyGuy]

The code in question seems to be called into scrutiny because the two areas of code bear the same name (ReadBytes) and operate similarly.

The longer you work in the development of software, the less magical it all becomes. The first time you plugged some code into a terminal and it worked, it seemed like an amazing amount of wizardry and behind-the-scenes stuff that you could never fully fathom. Compilers, binary code, arcane source languages, electronic signals. It's amazing to a neophyte just how much stuff is going on.

But the longer you plug away at it, the more you realize that it's just code. Nothing special is really going on. You're mostly moving data from one area of memory to another. It's almost a form of Nirvana once you reach this point.

So when someone comes along and says "OMG YOUR READBYTES METHOD IS JUST LIKE THIS ONE IN SOME GPL CODE!!!!11", it kind of pegs that person as someone who doesn't really have much experience with real programming. Sure, they may use a lot of tools, and know how to recompile their kernel, but they really don't have a firm grasp of what and why they are doing what they are doing.

Re:"Obviously lifted" not so obvious

[caffeinemessiah]

The code in question seems to be called into scrutiny because the two areas of code bear the same name (ReadBytes) and operate similarly.

(bold mine)

Actually, if the function is just something called "ReadBytes(char *buf)" or similar, then that's a bit strange. If it was truly Microsoft-written, it would be:
WINAPI DWORD ReadBytesW(LPCSTRWRAAXA szCharBufW_x, struct READBYTESINFO *srbinfArgs).

Re:"Obviously lifted" not so obvious

[jdkane]

Except that a truly Microsoft-written ReadBytes method on the .NET Framework can be that simple, for example one int parameter http://msdn.microsoft.com/en-us/library/system.io.binaryreader.readbytes.aspx
So I wouldn't even jump to conclusions based on the signature of the method in question as to who it might have come from.

Re:"Obviously lifted" not so obvious

[caffeinemessiah]

Except that a truly Microsoft-written ReadBytes method on the .NET Framework can be that simple, for example one int parameter http://msdn.microsoft.com/en-us/library/system.io.binaryreader.readbytes.aspx [microsoft.com]

There's a difference between a calling a method, where the object has internal state, and a C Win32 API function call, i.e., sans objects. I absolutely guarantee that you won't see many pretty signatures in the Win32 API. I'd bet that 99% of the Win32 API function SIGNATURES won't make it through a standards-compliant compiler without Windows.h. Anyway, my comment was supposed to be funny, but on second thought, it might actually deserve that informative mod.

Don't even get me started on the dual-version ANSI and Unicode functions, although given the mess that the Win32 API is, it's probably an elegant solution.

Re:"Obviously lifted" not so obvious

[ozmanjusri]

The code in question seems to be called into scrutiny because the two areas of code bear the same name (ReadBytes) and operate similarly.

The ReadBytes code was just one example

If you read TFA (yeah, I know...) you'll see the author has updated that original example with others.

It looks like Microsoft's defence will be that the EULA says "“You may not reverse engineer, decompile or disassemble the software". They'll probably charge the guy with a DMCA violation...

Re:"Obviously lifted" not so obvious

[noidentity]

I've just written my first program, and I licensed it under the GPL. Guess what? A bunch of people have already ripped me off! So I can understand this guy's situation. Here's the source, BTW:

#include <stdio.h>

int main()
{
printf( "Hello, world!\n" );
return 0;
}

Re:"Obviously lifted" not so obvious

[kjart]

If you read TFA (yeah, I know...) you'll see the author has updated that original example with others [withinwindows.com].

OP clearly did read TFA since he was criticizing the specifics provided. I'm not sure why you're taking a shot at that since the update was clearly made after the comment was posted.

It looks like Microsoft's defence will be that the EULA says "“You may not reverse engineer, decompile or disassemble the software". They'll probably charge the guy with a DMCA violation...

Why does it look like that exactly? Are you getting this from anywhere or just pulling it out of your ass?

Re:"Obviously lifted" not so obvious

[petermgreen]

Don't even get me started on the dual-version ANSI and Unicode functions,
Transitioning from a system where strings were assumed to be in the local legacy encoding to a unicode based system (a transition all operating systems relavent today have had to go through) is a difficult problem with essentially no good soloution.

The way unix-like systems went for is to use UTF-8 and treat it as if it was just another legacy encoding. The problem with this approach is that it means that systems configured for unicode and systems configured for legacy use different encodings which tends to break stuff.

The way windows went for is to introduce duplicate APIs for unicode, this has the advantage that nothing that worked before breaks but requires all apps that want unicode support to be updated.

Can you think of any better soloutions?

Knee jerk

[Romancer]

So the evidence is a ReadBytes snippet?

I'll wait till there's evidence before even commenting about the ramifications of something like this. This is just wild speculation at this point.

Re:Knee jerk

[Timothy+Brownawell]

Moderated 'Flamebait.' 0 points left.

Seriously, whoever decided that we just get one dropdown and no 'confirm' button needs to be taken out back and shot. And I'd just used my other points on some actual trolls upthread, too. :(

Re:Knee jerk

[Dr.+Evil]

Oh no. Evidence is not required in this case. This failure to comply with the GPL means that Microsoft is governed by Copyright law in this matter.

Their Internet service provider must be notified so that their Internet connection can be terminated.

Re:Knee jerk

[megabunny]

The new example is much clearer. Basic structure follows well. All the magic numbers in the code that I looked at matched too, and there are quite a few. Looks like it was massaged at least a bit, probably just to fit in with the local code environment not to obscure it.

But ...
The article points out only two weaknesses in this code borrowing. MS did not feed back any (unknown at this point) enhancements to the source. And they did not offer the source under the right license.

It is a real but very minor issue. If it wasn't MS it would not even be interesting.

MB

Re:Knee jerk

[KarmaMB84]

The magic numbers are from a file format specification. You're not going to change those magic numbers if you want the tool to work.

Re:not sureprised

[WED+Fan]

How many developers took code they wrote for their company and used it in a GPL project afterwards?

It's not "stealing"...right?

[Tankko]

Come on people, you can't have it both ways. If you can't "steal" music, you can't "steal" code. MS "stealing" this code didn't deprive the Open Source community from using the code (i.e. stealing my car), or at least that's the argument /.er use whenever the word is used in conjunction with music and movies. Eat your own dog food.

Re:It's not "stealing"...right?

[liquiddark]

I don't think everyone here believes you can't steal music, first off. I believe you can steal music, books, printed art, all kinds of artwork. I come from a fairly serious artist background, and I know folks personally who have been scraping by for years on the meagre earnings of an average artist. It's not a fun life.

I believe large record syndicates are creeptastic and digital media is equation-changing, but that doesn't mean there's no evil in stealing non-physical works. Artists, unless they happen to be the pretty-close-to-literally one in a million shot, make almost nothing and they make a huge difference in how livable a society is. That's not changed by the fact that they can deliver media via digital channels; only people's expectations of the cost involved is changed. The number of consumers shrinks, but so does their expected price point. It's one of the reasons why there are still a lot of physical-media artists (the others including nobody's come up with good, cheap 3 dimensional sound, graphics, or texture delivery systems, physical media still work in some contexts, and art is large a physical act).

And if you can steal art, you can certainly steal code. Of course, in this case it's probably going to have no repercussions because you'd have to educate people on the struggle of open source in terms that wouldn't make a lawyer cry before you could really even get into it, but those of us who've self-selected have at least a notion of the violation and its meaning. And, happily, the irony - if MS really is using open source in its first "better" product in a long time, that's a fun little fact to know.

Re:It's not "stealing"...right?

[Junior+J.+Junior+III]

This is the correct argument, but you have it backward. If it's OK for MS to "steal" (by the definition that MS accepts for the word) then MS should allow people to "steal" Windows, and stop complaining about, trying to stop, prosecuting, software piracy. They should amend their EULA to allow users to decompile, reverse engineer, and modify their binaries.

Besides, it's not as though GPL code is anti-copyright.

Re:It's not "stealing"...right?

[Timothy+Brownawell]

I'm fairly sure that by accepting money for someone else's property, you are stealing money from that person, whether you deprived that person of the property or not.

The actual code isn't anyone's property, only the copyright on the code is.

Re:not sureprised

[BrokenHalo]

Microsoft is evil. Always has been. Always will be.

Maybe you're very young, but I seem to recall that Microsoft was at one time held as a sort of liberator from IBM's hegemony. I guess it's all a matter of perspective...

Re:not sureprised

[McGiraf]

Copyright infringement is not stealing. No mater who does it.

That's his evidence?

[Ironsides]

Seriously, what he shows to be evidence looks like code that was written straight from reading the ISO disk image specification. Next up, school math class accused of mass cheating for solving math problems in similar ways.

Re:That's his evidence?

[Ironsides]

Actually, it does suggest class and type names. Start here Now, show me more than 15 lines and I'll start to believe it was copied. Say, show me what called RealLogicalDescriptor (and all of RealLogicalDescriptor too) in combination with all of UdfReader.cs. Preferably in text and not in an image. Actually, just give me the MS code and I'll line it up to the ImageMaster code myself.

Re:not sureprised

[Abreu]

Ok, then... If MS used GPL code, then they did not "Borrow" it either

They used it in violation of copyright

Re:not sureprised

[Abreu]

Probably those who get paid to work on GPL software...

Your point is? Do you have an accusation to make?

Did a GPL project steal code from Microsoft?

[Manfre]

With the amount of "evidence" in the article, the same accusation could be made against the GPL project. Perhaps the author of that project illegally gained access to Microsoft code and used it as a starting point for ImageMaster.

Re:not sureprised

[Spy+der+Mann]

Microsoft is evil. Always has been. Always will be.

Maybe you're very young, but I seem to recall that Microsoft was at one time held as a sort of liberator from IBM's hegemony. I guess it's all a matter of perspective...

Bill Gates' open letter to hobbyists. Any questions?

Re:It's .NET code

[Timothy+Brownawell]

It's .NET code. It's already "Open Source" by virtue of tools like Reflector existing.

I do not think that that is what "Open Source" is generally taken to mean.

Re:not sureprised

>> Microsoft is evil. Always has been. Always will be.

> Maybe you're very young, but I seem to recall that Microsoft was at one time held as a sort of liberator from IBM's hegemony. I guess it's all a matter of perspective...

Maybe YOU are very young. IBM was taking a beating and didn't manage to get their own PC done.

So they assembled a task force and said go and get us an IBM PC.

They did it -- without IBM parts!

The processor was from Intel and the OS from a small company who had to buy it from someone else, because they couldn't do it in time (little did we know then what these guys were up to).

In summary, there were a lot of good computers with other OSes, the main ones being CP/M and AppleDOS (not necessarily the better ones).

So:

1) M$ actually helped IBM (for money, of course) and
2) M$ is known to innovate after others innovated first.

I could cite sources, but this way we can argue longer. 8-)

Not that anyone reads ACs here anymore...

Plagiarizing != stealing != copying.

[Spy+der+Mann]

I don't think everyone here believes you can't steal music, first off.

Speak for yourself. I do believe you can't steal music.

You could steal the original copies. You could steal a famous painting. But "stealing" music? For instance, what IS music? It's nothing but a mathematical concept involving harmonics and sound.

What are words? You can't "steal" what I said. This isn't like the little mermaid where you could steal someone's voice and leave him/her mute.

Non-physical works CANNOT be stolen. Unless you're talking about a PHYSICAL COPY, you cannot steal it by definition. Copying a work? That's completely different. But if it's a non-destructive process, you're not stealing it. You're just COPYING it.

If you want to use an appropriate term for what Microsoft supposedly did with this GPL code, it's called plagiarism. Sure, it's called "stealing" nowadays, but using this word is oversimplifying.

Re:not sureprised

[schon]

Copyright infringement IS stealing

No, it isn't. Here is a handy guide illustrating the difference.

it just has a different legal definition.

And you know *why* that is? Because *IT'S NOT THE SAME*. If copyright infringement *WAS* the same as theft, we wouldn't need a special law dealing with it - it could be covered by theft laws. The fact that it isn't should tell you something.

It literally fits the non-legal definition.

No, it doesn't. It fits the propaganda term. Just because some media trade groups misapply a term as an act of propaganda does not make it so.

Re:not sureprised

[DAldredge]

Why is it that the only copyright violations that upset the /. masses are those involving code under the GPL?

Re:not sureprised

[Blakey+Rat]

I think most people think Outlook is pretty bad, until they actually have to *use* Notes... believe me, if you believe Outlook sets a low bar, Notes' bar is underground.

I'm certainly not going to suggest Outlook is perfect, or even good. But compared to the alternative, it's incredible.

Re:not sureprised

[lordtoran]

You make it sound like the evilness (read: utter lack of ethics) were a funny meme, not a plain, cold fact.