MS Pulls Windows 7 Tool After GPL Violation Claim

Sam notes an Ars story on Microsoft pulling the Windows 7 USB/DVD Download Tool from the Microsoft Store website after a report indicating that the tool incorporated open source code in a way that violated the GNU's General Public License. Whether the software giant is actually violating the GPL, a widely used (including by the Linux kernel) free software license, is not confirmed. "We are currently taking down the Windows USB/DVD Tool from the Microsoft Store site until our review of the tool is complete," a Microsoft spokesperson told Ars. The fact the company pulled the tool doesn't bode well, so we'll have to watch closely to see what the company puts back on its servers.

Seriously, preview your own posting editors!

Seriously, preview your story summaries editors!

"...so we'll have to watch closely to see what the company puts it back on its servers."

Who thinks that "it" makes sense?

Re:So, this is about as damning as you get, isn't

[Sasayaki]

Now now, calm down a moment. Imagine what would happen if they *didn't* pull the code- there would be a veritable shitstorm in the Free Software community. This is the smart, rational thing to do.

On a side note, this really acknowledges the power of the GPL- if even a single report says that there is a GPL violation and this causes Microsoft (its 'arch nemesis) to pull a tool for their newly launched apple-of-their-eye.

Re:So, this is about as damning as you get, isn't

[Sasayaki]

Replying to my own post here, but also remember that this is exactly what ReactOS did when there was a similar allegation by Microsoft- and were largely applauded for it. Again, it's the sane, rational thing to do and in my eyes doesn't admit any guilt whatsoever. That doesn't mean a GPL violation isn't there, mind, but it means that if there is one this is exactly how it should be handled.

Re:So, this is about as damning as you get, isn't

[RightSaidFred99]

Right... or they are being smart, pulling the tool, and investigating whether they are violating the GPL. Like they said.

It was a "Jump to Conclusions" mat. You see, it would be this mat that you would put on the floor... and would have different CONCLUSIONS written on it that you could JUMP TO.

more info

A friend of mine works at the borg. He's a penguin at heart and generally a good guy. This is what he told me. I believe him, but you can make up your own mind. There is/was a GPL violation, but MS didn't do it directly. They licensed some code from a third party. The third party was responsible for the GPL violation (they licensed the GPL code under a non-GPL license).

Re:more info

[Malc]

If this is a GPL violation, I'm sure it wasn't deliberate by Microsoft. People around here no doubt think differently. I'd be interested to know what processes they have in place - at our company, any use of third party code (whatever license) has to be sign-off by the CTO, and the details get put away in a file somewhere. There's more to it than that, but in theory, something like this would be a screw-up by somebody or a break-down in the process.

Re:more info

[black3d]

They do have strict auditing practices in place, specifically regarding interoperability, buffer overflows (and the like), and checking to ensure the code hasn't been wholesale copy/pasted from public libraries.

However, they cannot ensure that someone hasn't copied a dozen lines of code from some other obscure program. They don't have the worlds entire source-code archive sitting in a database waiting to do comparison searches.

Furthermore, i find the ENTIRE situation very, very unlikely. It's almost as if it was all orchestrated. The story that we're supposed to buy is that:
1. Some random pundit was rooting through Microsoft functions because he "felt there was too much code there".
2. Pundit noticed some code that, despite it not having any reference to ImageReader, and despite this individual having nothing to do with ImageReader, immediately recognised that a dozen-line ReadBytes method was "obviously lifted from the CodePlex-hosted (yikes) GPLv2-licensed ImageMaster project".
3. No evidence is ever produced that there are any references to ImageReader, CodePlex, or anything else in the source. The researcher simply magically recognised the source code from a project that he'd had nothing to do with and never seen before.

I'm not buying it at all. This feels intentional.

Re:So, this is about as damning as you get, isn't

[sopssa]

Dear Sir or Madam,

The responsible Anti-Microsoft Troll that should have replied to this post by now is on sick leave and was unable to prepare a custom flaming reply to this particular post. In lieu of that, attached is our generic template which we use to write all our flaming responses.

1. Make a general anti-Microsoft jab
2. Blame Microsoft for it's stance against Free Software (and also for lack of network neutrality, the current state of patent laws, the Iraq war, and the extinction of the dinosaurs)
3. Accuse the poster who wrote something positive about Microsoft of being either a fanboy or a Microsoft employee. If the poster in question made a comment about Microsoft's actual support of Free Software in a particular instance, accuse the poster of being an oblivious idiot unable to see through their Embrace-Extend-Extinguish approach
4. State that the Linux revolution is inevitable
5. Finish off with another outpour of flames

We hope you will be able to infer the potential content of the post that should have been done by the respective Troll. Please accept our apologies.

Sincerely,

Assistant Secretary,
Anti-Microsoft Trolling Association, Ltd.

Re:Excellent example of why MS hates GPL.

[the_womble]

The same problem applies to any license? Suppose MS accuses someone of using their code, how can that be determined? If an author or musician accuses someone of copying them how can that be determined? It is an intrinsic problem of copyright, not a problem with the GPL.

Re:What if it IS a violation?

[msimm]

If it is a violate they'll remove the code and put the application back up. The same thing that usually happens in a GPL violation, I don't see any reason to treat Microsoft differently.

Re:Excellent example of why MS hates GPL.

[wrook]

When I was working in an MS technology shop I found many cases of our programmers cutting and pasting code from other sources on the internet. Quite a lot of it came from MS itself and explicitly said that it could not be used. What do you do now? Rip the code out? But we've already shipped the code. Should we demand that the customers give it back until we can rip the code out? What if we still want to use the code? Should we approach MS and try to negotiate a different license? What if they say no?

There's no difference here. The GPL is quite easy to understand as licensing documents go. I think we can all agree that if code licensed only under the GPL was in the application, it would be a breach of the licensing terms; just like when various people in my company appropriated MS code. The resolution is exactly the same.

The moral of the story is: don't use code whose licensing terms are unacceptable to you. It doesn't matter what the license is. It doesn't matter what political forces caused the terms of the license to be created. If you don't agree to it, don't use it. This is the one thing that is the same for all licenses.

hey beavis...

[crocodill]

they pulled their tool

huhuhhuh

Re:What if it IS a GPL violation part II?

[lordandmaker]

Who, exactly, sues them in this case?

In theory, the author(s) of the code. In practice, they'd likely hand it over to the FSF who exist partly for the protection of GPL'd code.

Re:So, this is about as damning as you get, isn't

[Dahan]

And no it's not enough to pull the application, if you've distributed the binary and you've used GPL code you're obligated to release that code.

No, you're not automatically obligated to do any such thing. What happens is that you may be infringing on the copyrights on the GPL'd code, so it's up to the copyright holders to decide what to do: ignore it, negotiate a (presumably non-GPL) license agreement with you, or take you to court. And if the latter, the judge will decide what the punishment should be--most likely it'll be "stop distributing the software and pay the copyright holder $$$$$". It's unlikely that the punishment would be "publish the source code to your app that used GPLed code."

Re:Not a bad move

[blowdart]

Indeed. The summary assertion that "The fact the company pulled the tool doesn't bode well" is really daft. Of course they'd pull it, there's been a claim made against it - if they keep distributing it whilst they investigate the potential for damages rises with every download. Pulling the tool is not an admission of anything other than the fact that an accusation has been made and they're investitaging it.

If anybody wants it before it is gone

[hairyfeet]

It is currently on Major Geeks, but who knows for how long. From the sound of it all it does is make a USB drive bootable like the HP format tool and then copy the ISO files to the drive.

Hell something that simple...why would they need to steal GPL code,unless they got themselves a seriously lazy programmer/contractor?