Forgot your password?
typodupeerror
GNU is Not Unix Software Your Rights Online

Maui X-Stream: GPL Violations, Lies, and Damn Lies 444

Posted by timothy
from the how-not-to-make-friends dept.
Jeremy writes "Drunkenbatman is at it again. This time he takes apart Maui X-Stream and all the who and whats that go along with it. Deconstructing Maui X-Stream has GPL Violations with reproducable proof (not done this myself), chat logs, and double talk from the CEO's and supposed authors of the software."
This discussion has been archived. No new comments can be posted.

Maui X-Stream: GPL Violations, Lies, and Damn Lies

Comments Filter:
  • by Anonymous Coward on Wednesday May 11, 2005 @08:21AM (#12497655)
    I thought it turned out that they were following the GPL by providing source.

    The source may have been provided in a locked filing cabinet inside a disused toilet with a sign on the door saying "beward of the leopard", but it was made available.
  • Coral Cache (Score:5, Informative)

    by dagnabit (89294) on Wednesday May 11, 2005 @08:21AM (#12497657) Homepage
  • interesting read (Score:4, Interesting)

    by justforaday (560408) on Wednesday May 11, 2005 @08:23AM (#12497666)
    I believe Arben. He just seems like such a trustworthy, honest person.

    Just kidding obviously. I read through this last night (skipped a few parts here and there), but wow, talk about talking out your asshole! I can't wait to see if Maui X-Stream launches any lawsuits against drunkenbatman (or anyone else). Should be entertainment on the level of the SCO fiasco if it happens.
    • by PeeweeJD (623974)
      I also read it at lunch time yesterday (actually during and after lunch time but don't tell my boss).

      I hope like hell this guy doesnt get his ass sued off. If what he says is true, he didn't do anything wrong. I like reading his blog so it would be a shame for him to be sued into oblivion.

      And I also hope that something good comes out of it for him and all the projects these maui xtream guy ripped off. If that video streaming crap is true and they are selling it for $10,000 a pop, maybe there is some mo
  • by Oscar_Wilde (170568) on Wednesday May 11, 2005 @08:24AM (#12497671) Homepage
    Is it just me or do articles starting with copies of letters from lawyers always turn out to be good?
    • Perhaps you're onto something. I wonder if I could hire a lawyer to pretend to sue me for every article that I begin to write?
    • Re:Legal threats. (Score:3, Interesting)

      by eventhorizon5 (533026)
      Well I got legal threats from MXS too for my research (I was the main tech analyst behind drunkenbatman's article). I'm going to scan the letters and post them somewhere hehe ;)

      -eventhorizon
      • Re:Legal threats. (Score:4, Informative)

        by eventhorizon5 (533026) <ryan AT tliquest DOT net> on Wednesday May 11, 2005 @12:00PM (#12499580) Homepage
        "Well I got legal threats from MXS too for my research (I was the main tech analyst behind drunkenbatman's article). I'm going to scan the letters and post them somewhere hehe ;)"

        Let me add a little info to my post - do you know what they were complaining about? Jpeg images. Of a hex editor viewing strings in their binaries. Wow that's pretty illegal isn't it? lol - I almost fell out of my chair laughing when I got that. Just like MXS's lawyer said, "these links represent illegal activity" and earlier Jim Kartes told me that what I was doing was "extremely illegal". hehe ;)

        -eventhorizon
    • Thats funny, for me the article started out with "The attempt to contact drunkenblog.com timed out"
  • What do you expect? (Score:4, Interesting)

    by gmaestro (316742) <jason...guidry@@@gmail...com> on Wednesday May 11, 2005 @08:25AM (#12497680)
    This smacks of that Phantom/HardOCP thing. As long as their lawsuit is "pending" or they're persuing "legal options," their customers (are there any? ok, fine, potential customers) will think this guy is lying. They're just trying to put off the unavoidable death of their pathetic company.
  • by xiando (770382) on Wednesday May 11, 2005 @08:31AM (#12497714) Homepage Journal
    This was a unusually well written, well-based article with a lot of good facts. The proof is overwhelming and is clearly accurate. Maui X-Stream, Inc. really got their pants pulled down like they deserve.
    • True, but it takes a judge to administer the paddle once your pants are down.

      The people in charge of the groups that own the code should get together and give permission for something like FSF to pursue this case in court (FSF has a few lawyers, I believe), and FSF gets to keep any money won in the suit. This appears to be an open-and-shut case. X-Stream gets shut down, FSF can try to get a lot of money from them, and the general public gets the source code to this nice (if stolen) software. Sounds like a win-win proposition to me.
    • Very nice job on his part. And people say blogs aren't journalists? This is one of the best cases of investigative reporting that I've ever seen. Just because you don't have the degree or work at the paper doesn't mean you can't do the job.
      • by SQLz (564901) on Wednesday May 11, 2005 @11:46AM (#12499424) Homepage Journal
        Now a days, some bloggers are more real journalists than journalists. (in USA at least) Just checking facts and understanding the issue makes a blogger more qualfied than most of the press in this country.

        Journalists/Press people have their job because they have the right face, hair, and name to be on TV. Other thant that, they are pretty much brain dead.

        Haven't you noticed a lot of the big name news channels are actually reading news right from blogs now. CNN,MSNBC,etc have spots where they actually show the website and read the words off it. Its actually lame as shit. I think MSNBC has hot chicks that do it.
    • As any prisoner will tell you, pulling their pants down is only the first step.
  • by Weaselmancer (533834) on Wednesday May 11, 2005 @08:32AM (#12497719)

    That's why this keeps happening.

    If I do this, and get caught...so what? What's the penalty? Exactly who is going to prosecute?

    What if this CEO came right out and said "Yup, copied the whole damn thing from Sourceforge. What are you going to do about it?" What happens next?

    PS: Not trolling, genuinely curious. All the focus seems to be on "Is the GPL enforcable", not "Who shall enforce it". And IMHO, both are important.

    • Nothing but the GPL allows usage or distribution of a GPL'ed program, so a GPL violation is a standard copyright violation - exactly like one concerning proprietary software.

    • by /ASCII (86998) on Wednesday May 11, 2005 @08:47AM (#12497784) Homepage
      This has happened multiple times, and the infringing company usually ends up posting the source.

      The original MPlayer devellopers wanted to dual license MPlayer because they felt exactly the way you do after the MPlayer vs Kiss debacle. When it was discovered that Kiss had stolen GPL'ed code from MPlayer, they first flat out denied it, they even went as far as to imply that MPlayer had somehow stolen code from a KISS DVD-player. But in the end Kiss where forced to comply [kiss-technology.com] with the GPL and offer source downloads.
    • by hacker (14635) <hacker@gnu-designs.com> on Wednesday May 11, 2005 @09:02AM (#12497840)
      "PS: Not trolling, genuinely curious. All the focus seems to be on "Is the GPL enforcable", not "Who shall enforce it". And IMHO, both are important."

      Its simple. Once violated, your rights to continue to use the GPL are revoked. This means every copy you allow to be downloaded, sold, or given away is now a US Copyright Violation, subject to $20k to $200k in penalties per-copy. Its easier to enforce if they filed their copyright with the US Copyright office (we did to fight just the same thing).

      Most GPL violations settle out of court because the costs associated with going to court are enormous. Its hard to assess "damages" against a GPL project where the code is given away, copied, shared, downloaded, etc. for free.

      In some cases, if the project taken by a commercial entity is used to "compete" with the free version (i.e. they claim they wrote it), it is also a "Lanhan Act" violation, or "False designation of origin".

      It gets really ugly when the GPL is violated, but the good thing is that once violated, the GPL is no longer even an issue, its a clear-cut US Copyright violation.

      • Most GPL violations settle out of court because the costs associated with going to court are enormous. Its hard to assess "damages" against a GPL project where the code is given away, copied, shared, downloaded, etc. for free.

        I agree with your post (and I'm still not trolling, honest) but I have to point out that you've answered the "what" very completely... but not the "who". If someone is in violation, you've outlined the laws involved and the penalties to face. Only thing missing is someone to brin

  • by Anonymous Coward on Wednesday May 11, 2005 @08:33AM (#12497726)
    GPL violations seem to be getting more and more common. Take for instance eMule, where an eMule+ developer is knowingly breaking the GPL while working for a proprietary company called MetaCafe:
    http://forum.emule-project.net/index.php?showtopic =72668 [emule-project.net] (login probably required)
    http://forums.metacafe.com/viewtopic.php?t=139 [metacafe.com]

    The worst part is probably that the eMule+ folks, who forked the eMule codebase and should be well aware of how the GPL works, are directly contributing to this violation.
  • Wow, These cherryOS guys have no shame. They turn up everywhere with their GPL violatons and lawyer threats.

    I hope trghat a big party, say FSF, gets involved and sues them bad once and for all.

  • by Anonymous Coward
    Have a look at:

    http://www.cherryos.com/ [cherryos.com]

    Now they are saying: :: CHERRYOS IS NO MORE ::

    and they are linking to:

    http://emaculation.com/ [emaculation.com]

    What they hell are these guys doing now?!?!?
  • If they want to sue this man for slander , well then they can also sue me for libel. From what i have just read it is fairly aparent that the *cough* makers*cough*/gpl-violaters of chery OS have done it again and are trying to abuse the gpl once more .

    To MXS
    To me your company (MXS) is nothing but a bunch of liers and plagerists .Anyone buying your products should realise this and realise that they are funding an organisation with no ethics and a dubious reputation .
    If i am wrong and your honest(which i doubt) then i apoligise but from what ive seen today just shows more evidence that you should be taken to court for this .

    Your Sincerly
    Fidel-catsro(A.K.A G.T.K) .....
    If they want to take Drunkenbatman to court then i say we all join in and acuse them and see who far they get trying to take us all to court .
    I havn't had time to fully read overevery last bit of his findings (fairly lengthy read and rather well done) but from what i have seen it looks like they didn't learn the first time.
  • by scum-e-bag (211846) on Wednesday May 11, 2005 @08:38AM (#12497752) Homepage Journal
    Got him, yes, piss off, you're out!
  • by rakolam (138019) on Wednesday May 11, 2005 @08:39AM (#12497756) Homepage
    Dear drunkenbatman:

    It has come to my attention that you have acknowledged the giant pink elephant in the room. As you neither asked for nor received permission to acknowledge my client's said pink elephant nor to publish any information describing or defining said pink elephant, I believe you have willfully infringed my client's rights under 17 B.S. Section 1 and could be liable for statutory damages as high as $99,(many zeros) as set forth in Section 1234 therein.

    I demand that you immediately cease acknowledging the pink elephant and that you deliver to me, if applicable all pictures, descriptions, and big steaming turds you have unlawfully made notice of.

    If I have not received an affirmative response from you by 1 second prior to you reading this, indicating that you have fully complied with these requirements, I shall take further action against you.

    Very truly yours,
    Arden & Jim
  • MXS = Stupid (Score:4, Insightful)

    by Chanc_Gorkon (94133) <gorkon&gmail,com> on Wednesday May 11, 2005 @08:41AM (#12497762)
    This whole subterfuge around CherryOS never was needed. If MXS understood the GPL, they CAN sell the code along with some NON-GPL'd code. That's perfectly legal. What isn't is what they did. They DID not distribute the code. They completely did where they got it from (and not that well) and never acknowledged the PearPC project at all. The fact that he's closing down proves he just doesn't understand. All he had to do was release source. THAT'S IT! End of story. He had to release the PearPC code and any modifications he made to the GPL'd parts. He could have still had his front end be closed.
    • You are right in that they could have sold the product releasing the source code and giving credit.

      However, from a marketing point of view it is probably not that clever to go out and say; "Buy our great product for a lot of money. By the way, it is almost identical to this other thing that you can download for absolutely free from another website."

      • If you can't market it, its not the fault of the original author -- it just means you have no business plan.

        I'm tired of hearing about these "poor companies" who can't market their software legally. If you can't sell it, don't cry to me, move on and write something you *can* sell.

        If you can't figure out how to make money selling software, change industries.

        Besides, all they have to do is provide download links for the sources they used from their own site to those customers they sell the binaries to.

        Th
  • by canuck57 (662392) on Wednesday May 11, 2005 @08:47AM (#12497785)

    Open source is so good so many companies claim it as their own in their products without credit. How tough is it to say "Built on Open Source with credits to...."? I know of dozens of "appliance like" devices that are like this. When you ask the vendor they say "we wrote it all" and just by the look and field you know Squid/BSD/OpenSSL/SSH are at minimum inside.

    Make no mistake, the commercial software industry is the biggest pirate of code there is on the face of this planet. All developers routinely use google to search for code snipits and these programmers are from big companies like Oracle and IBM to little startups of all kinds. At least IBM acknowledges it's involvement and contributes to many like Linux.

    Most companies should not be embarrassed, to me it is a selling point as no one company can do it all.

    One un-named company actually had the gall to tell one of my managers they "Invented Spam Assassin". Needless to say I sufficiently set management straight by a few select web pages and suggested if they lie to us now what will the support be like?

    Don't deal with companies that lie about the origins of their product.

  • by hacker (14635) <hacker@gnu-designs.com> on Wednesday May 11, 2005 @08:58AM (#12497822)

    GPL violations are a lot more common than most people think.

    Just because it doesn't hit the mainstream media doesn't mean that thousands (yes, thousands of OSS projects out there are being actively violated by commercial enterprises). A few years ago I caught Sony doing this [gnu-designs.com] and reported about it (picked up by Slashdot here [slashdot.org] based on my account).

    But that was relatively small potatoes to another GPL violation we've had to deal with. The CEO of a mobile company (who shall remain nameless, thousands know who he is) took our code [plkr.org], stripped our names and attribution out, removed the COPYING file (our copy of the GPL license), put his name all over it, and claimed he wrote it. He also waffled and lied over the years about which parts of our project he was and was not using. His stories changed back and forth (and I have all of the emails confirming these wishy-washy statements).

    When we started seeing companies giving away binary versions of an application that looked suspisciously like ours (and I mean pixel-for-pixel identical) without any source, attribution or links back to the GPL, we started calling those companies and requesting the source for compliance. Since these companies had no idea who we were, they referred us back to the company they bought it from.. the original one who took our code from us outside of compliance with the GPL.

    Then the threats started coming in... from the CEO of the company that originally took our source. My favorite quote from him:

    "...if we end up in court, I'll bankrupt these guys..."

    We were appointed an amazing attorney [harvard.edu] by the FSF, and she represented us well. I even went to NYC to meet with this CEO with Wendy to discuss how they could bring themselves into compliance. The CEO insisted that "..the GPL is not a license, its subject to interpretation... it was never reviewed by real attorneys or tested in court", and then proceeded to tell me to fire my attorney, right in front of her, because he said she wasn't giving me correct information about the law. Yeah ok, except she TEACHES law, and this CEO does what again? Oh yeah, steals other people's products for his own profitous gain.

    He continued to threaten us for contacting his "partners" (who were also not transferred the GPL when he sold them "his" product [using our code]). Of course his threats fell on deaf ears, since it is our duty to require compliance with our code no matter who uses it.

    The case goes on now, 4+ years later, but some interesting facts have come to light and we may have some official corporate backing from someone he believes is a partner of his... this is FAR from over, and he has absolutely no idea what mountain of legal stress is heading his way.

    Wendy has moved on to the EFF now, and we have some new legal contacts at the FSF to try persue this further, but they're busy with lots of other cases.

    If anyone is interested in hearing more details, feel free to contact me. If you want to support our case against companies like this, please visit our donation page [plkr.org] and contribute to help us fund more legal support (or just because your appreciate our work: Don't forget to check out our Plucker eye-candy page [plkr.org]).

    • A few years ago I caught Sony doing this [gnu-designs.com] and reported about it

      That was interesting. I spent the first half of reading your account thinking what a smug annoying dick you were (mainly due to the "No, you're not one of me. You could never be one of me." comment). Then I got to the bit where the Sony guy said "We don't really care about that. Go ahead, sue us and see how far you get..." and I was deeply impressed with your restraint.

      I think I might have politely asked to see his Cli

    • I used to provide an HTTP mirror of your work to ease your bandwidth pain upon releases. The rsync updates have long since stopped working - are you still interested in mirrors?
    • Wendy Seltzer is amazing. She's a true asset to the EFF.
    • um, so the point of your story is that you haven't been able to enforce the GPL? Great.
    • I am very curious about why you should have trouble moving this case forward and/or obtaining representation. It looks to me like a shark would pick up this case and bloody this company for a big, juicy paycheck in a hearbeat, with no upfront costs to you. If you have reasonable evidence of infringement and Lanham Act violation, get consultation from the most expensive ambulance chasers in town. They should be able to kick this CEO in the balls for a few mil plus compliance. They'll take 40-60%, but who cares?

      • by hacker (14635) <hacker@gnu-designs.com> on Wednesday May 11, 2005 @12:31PM (#12499984)
        "I am very curious about why you should have trouble moving this case forward and/or obtaining representation. It looks to me like a shark would pick up this case and bloody this company for a big, juicy paycheck in a hearbeat, with no upfront costs to you."

        Mostly because Wendy moved on to work for the EFF and all attempts to get a replacement pro-bono attorney from the FSF (with as much clue as Wendy) were unsuccessful.

        And since we are wholly self-funded, putting up the retainer costs to talk to an attorney for 3-4 hours at his dime is not something we can just do, even if he decides to take the case as a "Slam Dunk" on his own merit.

        Also, we're giving the company who is infringing some time to hang themselves while we gather more information. They're now selling "Their Solution(tm)" to a pretty serious mobile vendor who is incorporating it into ROM on their upcoming devices. If this is true, a lot of companies and partners are in a world of hurt.

        It'll happen, it just takes time.

        • And since we are wholly self-funded, putting up the retainer costs to talk to an attorney for 3-4 hours at his dime is not something we can just do, even if he decides to take the case as a "Slam Dunk" on his own merit.

          Seems to me there is a market for some enterprising attorneys to seek out GPL violators and sue their asses off (on behalf of the violatee of course). I don't mean on a pro-bono basis either. I mean as a business (they would keep a % of the settlement)

          Instead of "ambulance chasers", they
          • "Seems to me there is a market for some enterprising attorneys to seek out GPL violators and sue their asses off (on behalf of the violatee of course). I don't mean on a pro-bono basis either. I mean as a business (they would keep a % of the settlement)"

            Ironic you should bring that up... about an hour after my post, I received an email from an attorney in Atlanta, GA. who specifically deals with this problem, from a commercial perspective. He wanted to hear the details of my story and some background

  • The outsourcing angle piqued my curiosity. What if, and this is a very big if, MXS had no knowledge of the violations.... what if all of the code theft was performed by shady outsourced coders?
    • According to the article, the outsourcing company was supplied with the PearPC source by Arben. The fact that they did not question its use is a much larger issue that needs to be addressed.
  • What a sec... (Score:2, Interesting)

    by Anonymous Coward
    I'm sure this will probably be labeled Troll, but I really want to know the answer to this. I've thought about this a long time, and I haven't come up with an answer:

    Why is it that people get upset at Gnu Public License violations, but think that downloading Music and Movies is OK? Shouldn't they either come down on one side or the other (GPL violations ok, music and movie downloading OK; vs GPL violations bad, music and movie downloading bad), but not both sides as seems so often the case?
    • by adzoox (615327) * on Wednesday May 11, 2005 @09:19AM (#12497947) Journal
      Stealing code and claiming it's yours is quite different from downloading a song and listening to it.

      By downloading the song and listening to it you are not claiming you wrote it, sang it, or even bought it.

      Now, if you go out and sell said song at ANY price - there is the violation of the download.

      Most people who feel filesharing of songs is ok - also feel as if it's promotion for the artist. I download rather infrequently - but MANY MANY of my friends buy music based on what they hear in my car and I also go to concerts and promote iTunes downloads on my website!

    • by homerito (591887) on Wednesday May 11, 2005 @09:36AM (#12498088)
      You are assuming that the people that writes GPL code and defend it also illegaly downloads music and movies.

      How can you support that?
    • perhaps they are not the same persons!
    • From my viewpoint (Score:4, Insightful)

      by phorm (591458) on Wednesday May 11, 2005 @11:27AM (#12499208) Journal
      OK, let's ignore the GPL thing completely... say I make a product which I put months/years/etc of work into. Now, if some people copy my product without permission for personal use I might be annoyed. If businesses start using it without permission I'd be more annoyed.

      However, if somebody copies my program, removes my name from it, and claims that they made it without giving me any credit whatsoever, I'd be royally pissed off.

      I'm don't really support movie/music downloading (neither do I support *AA political lobbying though), but the downloaders aren't taking the latest N-Sync CD and trying to resell it while claiming that they produced it under the band name "Synced Up"
    • Every time someone posts a GPL-violation story here, there's always an AC making this same comment with almost exactly the same wording, despite the fact that every time he makes it a bunch of people (1) point out that they are pro-GPL but don't engage in or promote violating music or video copyrights, (2) explain why there are legitimate reasons to oppose DRM that have nothing to do with the inconvenience it adds to playing illicitly acquired media, and (3) point to examples of successful online vendors t
  • Uh oh (Score:4, Funny)

    by jalefkowit (101585) <jason@@@jasonlefkowitz...net> on Wednesday May 11, 2005 @09:15AM (#12497921) Homepage
    Drunkenbatman is at it again...

    Well, that would explain why Robin's been in the shower all day muttering "won't come off... so dirty..."

  • by Anonymous Coward
    There are even more LGPL violations than GPL violations.

    This is because people using LGPL falsely assume they don't have obligations if they merely link to the libraries.

    LGPL Section 5 Paragraph 3 states that if you use material from the header files, your binaries become subject to LGPL even if your source files do not contain any LGPL code.

    This means companies that link to c runtime libraries on Linux should be living up to LGPL requirements such as allowing modifications to the binaries, explicitely a

    • If that is accurate, then there's no reason to have the LGPL at all as it functions exactly like the GPL. How do you use a library without the headers? Do you have to write your own headers for the library? Without peeking?

      When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without th

  • I thought libel/slander required knowingly making false statements about someone. If you have good reason to believe your statements are true, then it's not libel/slanderous. Can anyone comment on this?
    • In the UK at least, you have to be able to prove every single statement to the standard required in a court of law - i.e. beyond all reasonable doubt. You can have some pretty good evidence - but if it isn't good enough to convict someone on (think OJ), then you're still libelling.
  • My stuff (Score:3, Interesting)

    by eventhorizon5 (533026) <ryan AT tliquest DOT net> on Wednesday May 11, 2005 @09:31AM (#12498047) Homepage
    I was the main analyst behind the application/binary analysis in the article - about 1/5 of the way down you'll see my first credit:
    "Ryan Thoryk (aka EventHorizon), a Unix and Network Specialist in Illinois, is the one who put all of the hard work into peeking around the original VX30 binaries"

    Yay - finally my hard work is getting mindshare :)

    -eventhorizon
  • by supabeast! (84658) on Wednesday May 11, 2005 @09:46AM (#12498162)
    Here's a tip to businesses trying to silence authors and journalists with legal threats: if you're going to make legal threats [i]personally[/i], and not actually have them sent by a lawyer, it makes it pretty clear that:
    1. You're full of shit and have no intention of pursuing legal action, because if you really did, you would have run the situation past your attorney before sending the letter.
    2. You're not even a decent businessman, because any businessman with a clue knows that legal matters are best left to attorneys.
  • by strider44 (650833) on Wednesday May 11, 2005 @09:48AM (#12498181)
    again, great article and all, but wouldn't it have been just quicker to list the open source projects that haven't been ripped off by MXS?

Arithmetic is being able to count up to twenty without taking off your shoes. -- Mickey Mouse

Working...