Slashdot Mirror
Microsoft Takes Responsibility For GPL Violation
An anonymous reader writes with an update to the news we discussed last weekend that a Windows 7 utility seemed to contain GPL code:
"Microsoft has confirmed that the Windows 7 USB/DVD tool did, in fact, use GPL code, and they have agreed to release the tool's source code under the terms of GPLv2. In a statement, Microsoft said creation of the tool had been contracted out to a third party and apologized for not noticing the GPL code during a code review."
Awesome!
Microsoft 7 legally contains GPL code.
Patents Drive Free Software as Hurricanes Drive Construction Industry
I have to say, my opinion of MS gets better everyday...
IDEA:
When you're that big a company you should review all of your code as much as you think the patent office should review others patents.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
Hey folks, did you see that pig fly?? It was quite impressive. So fat, and trumped. Never thought it would get off the ground... But there it went...
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Give some credit, they did a code review, noticed the accusation was factual and did the right thing. As many times as microsoft has done the wrong thing, it's only right to credit them for doing the right thing this time.
The interesting question now is if they will retain this tool going forward, or replace it with another that is not GPL'd. It certainly sounds like an accident, so I am curious if good production code has any chance of trumping internal politics.
I predicted that they'd just need to make minor corrective action. Looks to me like that's exactly what happened. A replier to that post noted that as a prominent member of the Business Software Alliance, Microsoft would need to act above board and that this, if true, could be a serious problem. My take is that they just did that with this choice a mere week or so after the GPL code came to light.
So it appears to me that we're both right. Microsoft didn't need to fix much, but due to their leading position in an anti-piracy lobbying group, they needed to fix it quickly.
DUH! Easier to gain forgiveness than permission. We know Microsoft knows that well. There was always a chance nobody would notice. It makes me wonder how much other GPL code they've ripped off over the years without getting caught.
Hell yeah!, what an awesome third party contractor.
Ripping off free software and selling it to corporations as non-free,
closed source software for profit, these fuckers deserve a medal!
Same reasoning as Vista. Release a bad OS, so the next one looks WAY better.
If you set your expectations low, you can't possibly be disappointed.
I wouldn't want to be the consulting company that provided Microsoft with this code. They're in some deep doo-doo now. Unfortunately, a lot of engineers are so clueless about licensing, as are their managers, that it is really possible that the person who did this didn't know it was a problem.
But this is not anything new for Microsoft. Microsoft started contributing to GCC around 10 years ago, for the former Unix services product. And this really serves their purpose if they are trying to scare people away from the GPL. "Microsoft forced to give up source code."
Where they are really hurting us now is in government policy and patented technology in interoperability facilities. Like the European Interoperability Framework going proprietary, and the MS-patented filesystem in next-generation FLASH devices. Consider stuff like that before you decide they are a "good citizen".
Bruce Perens.
Wha wha what just happened?
Someone hold me, I'm scared.
Mod me down, my New Earth Global Warmingist friends!
If I recall correctly, MS at one point tried to say that, if something like this happened, you'd have to release all your source code. Now we find that MS knows that you only have to release the source code of the program in question. Big difference. (Of course, if this was in Windows itself, the difference would not matter much to MS...)
The main tool out there to do that is from Black Duck, and it's an unmitigated piece of trash that is designed for the sole purpose of scamming stupid CTOs and CEOs.
Their piece of crap database isn't even audited, so it attributes tons of code to people who stole it themselves and lists it under the wrong license. Then, if that wasn't enough, it produces so many false positives that anybody tasked with running it sets it up just enough to appease their incompetent boss while routing the results directly to /dev/null.
Vista probably cost them billions of dollars in revenue because, had they released a sooner, higher quality OS as their schedule initially dictated, their sales wouldn't have suffered. Not only that, but they'd have had two additional OS releases before Windows 7, or a global recession hurting their first decent OS release in nearly a decade.
Though if you think Microsoft executives seriously looked around the table and laughed at how they fooled everyone releasing a crappy product, I don't know if anything will convince you that you're wrong.
a USB/DVD burning tool could hardly be analogized to an accelerator system in a car.
It'd be more equivalent to... I don't know ... a cigarette lighter or something. This is just a utility that MS released to help people be able to burn a Windows 7 iso onto USB/DVD. Especially for use in netbooks and the like, I suppose.
How did they miss that?
They used Bing to search for the code, and when it found nothing they assumed the code was original.
"I'm going to take back some of the things I've said about you, Microsoft. You--you've earned it."
Depending on how much of their business depended on contracts from Microsoft, they may not have an HQ anymore.
So if this is the future...where's my jet pack?
I don't buy that excuse. I write code. I don't have to understand the intricate licensing law to know when I've included code that I didn't write. It doesn't take a genius level IQ to know that when I do that (use code I didn't write) I need to tell the person who hired me to write code. Once that happens, it is the responsibility of a manager to find out the licensing issues.
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
If you make a few music/movie downloads and they catch you, the first thing they do is send a letter to your ISP giving a warning to you. So yes, you would just delete it and apologize.
And yes, like the other person said, Microsoft isn't going around suing people for downloading music, movies, or pirated copies of Windows.
Besides, there was a whole article a few days ago about how GPL violations happen very frequently and that politely pointing it out usually solves the problem. It was an accident, not an "accident", and it's been fixed so get over it.
I'm sorry but this is just incredibly stupid. Are you telling me they purposely put GPL code into their code with the express intent of being caught?! Or that they wasted I don't know how many billions of dollars and took bad PR on Vista so that they could wow the world with Windows 7?! Then we have the troll-moderators going down the list looking for anything anti-Microsoft in the discussion to mod up. Lovely, you guys really do a lot for Slashdot's continued reputation.
The main reason (as I understand it) that Mayan code never really caught on is because it regularly sacrifices files based around SUN java and mayaSQL code.
Respect the Constitution
Burma Shave.
+1 Disagree
What if it WAS a mistake? What if Microsoft didn't check the code/programmer claimed it wasn't GPL/whatever?
Because if it was a mistake, they appeared to have been doing the right thing. Furthermore, they weren't even selling this, nor was anyone else. If anything, it was a violation of GPL not copyright stuff.
I had no idea GPL people were so like the RIAA that they would want to "crucify" a company for possibly accidentally using (stealing? slashdot will call using GPL code against GPL license [and giving the result away for free]"stealing" but slashdot won't call downloading songs/movies stealing?) open source code without releasing the resulting open source. Sounds ... very progressive. Encourages people to use GPL. "Hey, use our free software and code! It's great! Use it however you want! But if you don't follow the GPL you are a horrible, horrible company, even worse than people that illegally download copyrighted materials."
I like open source and GPL and all that. I also enjoy MS products. And I don't like double standards. If they knowingly took GPL code, that's bad. I don't like "guilty until proven innocent" nor comparisons of copyright to GPL...
What remedy does the GPL call for? As I understand it, it is to either release source or stop distributing. MS handled this error correctly. Calling for stronger sanctions would just drive more people away from GPL'd software.
"have agreed to release the tool's source code under the terms of GPLv2."
Anyone know where I can buy some new eyes? Mine just exploded.
The New Age spiritually aware around the world are running up against the end of the Mayan Long Count Calendar. Mayan date 12.19.19.17.19 will occur on December 20, 2012, followed by the start of the fourteenth cycle, 13.0.0.0.0, on December 21st.
The event was first flagged by megalith scientist Terence McKenna. The end of the thirteenth cycle would break many megalith calculations — which conventionally use only the last four numbers to save on standing stones — with fears of spiritual collapse, disruption of ley lines, Ben Goldacre driving the chiropractors back into the sea and the return of the great god Quetzalcoatl and the consequent destruction of all life on earth.
Megalith programmers from 4000 years ago are being dredged up from peat bogs and pressed into service to get the henges updated to handle the turnover in the date. “It could be worse,” said one. “I could still be programming COBOL.”
Sceptics may choose the Winter Solstice on December 22nd (13.0.0.0.1) to attack, to take advantage of weakened qi. In case vital services are temporarily cut off, spiritually aware persons should stock up on crystals, copies of Sun Signs, a duly blessed tarot deck and other essentials. “They should get as well a suitable selection of blessed Hopi ear candles,” said Y2012 consultant Ravenwoo Granola, DD, 31, Ph.D (Univ. P.T. Barnum Mail-Order), “unicorn posters, holistic medicines, Silver RavenWolf books, purple clothing, protective pentacles — earrings for the ladies, pendants for the gents — make sure the house is absolutely robust in feng shui, your energetic vibrations are aligned and your Eostre rituals are up to date and keep only homeopathic quantities of money around. I’ll be happy to take on the danger of handling the rest. Here’s a price list. Everyfink for the spiritual survivalist.”
Others dismiss the problem. Sandra Noble of the Foundation for the Advancement of Mesoamerican Studies considers the Y2012 problem “a complete fabrication and a chance for a lot of people to cash in.” However, Y2012 consultants deride “2012-deniers” for having their heads in the sand as to the vast and overwhelming spiritual importance to humanity of keeping their consultancies rolling.
http://rocknerd.co.uk
Except the whole point of the GPL is to make source open, not to bring in cash. Usually, people in favor of the GPL prefer having the source code and settle on that than settling on money. As someone mentionned already, if you start sueing people who use the GPL by accident, and ask for money instead of source code, you'll just prove that people who called the GPL a "virus" were right.
Yes. But you'd be shocked at the testimony I read, as an expert witness, from engineers and their managers. Incompetence is rampant. Unfortunately, the cases are settled and sealed, so I can't show you.
Bruce Perens.
Nope. All that heat has to go somewhere. As hell freezes, Earth burns. Thermodynamics, woo. Unless hell is adiabatic. In which case I'm royally screwed. As is the first law.
I had no idea people whose Slashdot ID numbers ended in 5 engaged in gross logical fallacy by generalizing the actions of a single member of a group to the entirety of a group without the slightest reasonable basis for doing so. And yes, breaking news, stop the presses, people who use the GPL for their code have a problem with you taking it and incorporating it into yours and closing it up. If they didn't they'd be using the BSD license or something like that and not the GPL. That is the whole point.
The GPL is a copyright license. It gets all of its force from copyright law. Gee, I wonder why people would be talking about copyright when it's a GPL violation?
I've done my share of expert witness work (usually on the security side) so no, not surprised. But usually pleading ignorance doesn't necessarily mean there was actual ignorance.
A programmer knows when he didn't write the code.
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
That's all that need be said. Microsoft realised it was in the wrong, and took steps to correct it. They didn't stonewall, they didn't hide. I must admit to being pleasantly surprised. Microsoft themselves place great importance on respecting software licenses/copyright, and it's nice to see them practice when it comes to other people's copyrights.
So there I was, scribbling down some notes off the PC screen by hand, when I reached for the keyboard and Ctrl-S'd.
Why is Microsoft farming out the programming of a relatively simple tool when they have 10s of thousands of programmers and consultants on their payroll? Issues like this are exactly why you shouldn't outsource work when you already have employees that could do the job.
More to the point, as a software engineer, or code monkey, or code master, whatever, you should be well aware that if it's code you didn't write, don't use it until you're clear as to the ramifications.
I avoid using any example code I see unless I can understand it and there's a clear statement of "Hey, this is example code, by writing this tutorial, we kind of expect you'll be making a derivative of it."
Treating GPL-licensed code (or some open source license) under the same regard is poor thinking. Passing it off that some manager will catch it is worse.
That strikes a little too close to "Sure, I plagiarized my college essays, but I didn't get caught, so I must've done the right thing." Unfortunately, fair use has not been well-defined with source code (or, anything, really), so where you could poke a hole in that analogy with "But I made appropriate reference!" (i.e., telling the person that paid you to do the work), becomes very fuzzy, very fast.
Hi,
In general terms I'm curious to learn a little more about this.
How long ago did you stop working for Microsoft? For how long were you working for that corporation? And in general terms why did you decide to stop working for Microsoft?
The reason why I am asking is so that I can get a feel for the validity of your statement about the coding culture amongst people working for Microsoft.
No, Hell is simply expanding faster than the rate at which the volume of souls is increasing.
Global warming could still very well be hokum.
Let q be a radix > 1. I am in ur base-q, killing 10 d00ds.
The reason why I am asking is so that I can get a feel for the validity of your statement about the coding culture amongst people working for Microsoft.
There are very few things you need to know here. Programmers for Microsoft:
Whether your interest is as a prospective buyer of their output of a prospective employer of a former Microsoft programmer, the choice is clear. Microsoft carefully selects their programmers from the brightest and the best because they can. They filter for the folks who can coexist with them because they must. They drive them with the processes that they have. The programmers deliver what they can in this context and accept the limitations of the context as a condition of employment. Having survived this experience a programmer must necessarily have certain properties which, depending on your point of view, mark him "desirable" or "undesirable".
Help stamp out iliturcy.
Since it's used to set up a USB flash drive, does the tool happen to contain code to read/write to a FAT filesystem? Would be interesting to see that particular arrow removed from their patent quiver...