MS Pulls Windows 7 Tool After GPL Violation Claim

Sam notes an Ars story on Microsoft pulling the Windows 7 USB/DVD Download Tool from the Microsoft Store website after a report indicating that the tool incorporated open source code in a way that violated the GNU's General Public License. Whether the software giant is actually violating the GPL, a widely used (including by the Linux kernel) free software license, is not confirmed. "We are currently taking down the Windows USB/DVD Tool from the Microsoft Store site until our review of the tool is complete," a Microsoft spokesperson told Ars. The fact the company pulled the tool doesn't bode well, so we'll have to watch closely to see what the company puts back on its servers.

So, this is about as damning as you get, isn't it?

[rekenner]

MS is practically saying, "Oops, we violated the GPL!"
Oooopsies.

Re:So, this is about as damning as you get, isn't

[Sasayaki]

Now now, calm down a moment. Imagine what would happen if they *didn't* pull the code- there would be a veritable shitstorm in the Free Software community. This is the smart, rational thing to do.

On a side note, this really acknowledges the power of the GPL- if even a single report says that there is a GPL violation and this causes Microsoft (its 'arch nemesis) to pull a tool for their newly launched apple-of-their-eye.

Re:So, this is about as damning as you get, isn't

[Sasayaki]

Replying to my own post here, but also remember that this is exactly what ReactOS did when there was a similar allegation by Microsoft- and were largely applauded for it. Again, it's the sane, rational thing to do and in my eyes doesn't admit any guilt whatsoever. That doesn't mean a GPL violation isn't there, mind, but it means that if there is one this is exactly how it should be handled.

Re:So, this is about as damning as you get, isn't

[sopssa]

Dear Sir or Madam,

The responsible Anti-Microsoft Troll that should have replied to this post by now is on sick leave and was unable to prepare a custom flaming reply to this particular post. In lieu of that, attached is our generic template which we use to write all our flaming responses.

1. Make a general anti-Microsoft jab
2. Blame Microsoft for it's stance against Free Software (and also for lack of network neutrality, the current state of patent laws, the Iraq war, and the extinction of the dinosaurs)
3. Accuse the poster who wrote something positive about Microsoft of being either a fanboy or a Microsoft employee. If the poster in question made a comment about Microsoft's actual support of Free Software in a particular instance, accuse the poster of being an oblivious idiot unable to see through their Embrace-Extend-Extinguish approach
4. State that the Linux revolution is inevitable
5. Finish off with another outpour of flames

We hope you will be able to infer the potential content of the post that should have been done by the respective Troll. Please accept our apologies.

Sincerely,

Assistant Secretary,
Anti-Microsoft Trolling Association, Ltd.

Re:

[StuartHankins]

It was funny the first time I saw this, and a little less the next time I saw it.

That was many moons ago. Time for something fresh?

Re:So, this is about as damning as you get, isn't

[Dahan]

And no it's not enough to pull the application, if you've distributed the binary and you've used GPL code you're obligated to release that code.

No, you're not automatically obligated to do any such thing. What happens is that you may be infringing on the copyrights on the GPL'd code, so it's up to the copyright holders to decide what to do: ignore it, negotiate a (presumably non-GPL) license agreement with you, or take you to court. And if the latter, the judge will decide what the punishment should be--most likely it'll be "stop distributing the software and pay the copyright holder $$$$$". It's unlikely that the punishment would be "publish the source code to your app that used GPLed code."

Re:

[Anonymous Coward]

The copyright holder only has grounds to go after the infringing user of the GPL'd code if they don't release their modifications under the GPL, i.e. in this case, MS - if they are using code from ImageMaster - can make the whole issue go away by relicensing WUDT under the GPL (and providing the source) *to those people who have already downloaded it* if these end users ask for the code. That's all, folks.

Re:

[Richard_at_work]

Yes you are obligated to do such a thing, and if you don't comply you can be dragged to court where you could be sentenced to pay for copyright infringement.

You are wrong, in the case of unwilfull infringement, positive action to cease infringement is enough - you are not obligated to release the code, and you are not bound by the licence. The copyright holder can still persue damages for prior infringement, but thats it.

Re:

[Alex Belits]

WTF is this "unwilfull infringement" and how is it supposed to apply to software that is always distributed with a copy of GPL attached to it and prominently shown in comments and executables? What is this defense, "I thought, it was in public domain"?

Re:

[Richard_at_work]

Firstly I suggest you read up on legal cases - wilfull infringement is where it can be proven that the infringer knew at the time of infringement of said infringement, and did nothing to rectify their position.

In this case, Microsoft removed the tool in question from distribution pending an investigation, and there is no evidence to suggest that Microsoft as an entity knew of the infringement at the time of distribution.

Secondly there was no copy of the GPL involved here - the persons who received the

Re:

[Alex Belits]

Secondly there was no copy of the GPL involved here - the persons who received the potentially infringing code did not receive it under the GPL, they received it under a potential violation of copyright law.

Then whoever they received is from, had to violate the GPL. Software does not get distributed to developers automagically.

Re:

[noundi]

Yes you are obligated to do such a thing, and if you don't comply you can be dragged to court where you could be sentenced to pay for copyright infringement.

You are wrong, in the case of unwilfull infringement, positive action to cease infringement is enough - you are not obligated to release the code, and you are not bound by the licence. The copyright holder can still persue damages for prior infringement, but thats it.

Unwilfull? You see that's where our difference is. You seem to be so naive to think that Microsoft developers are unaware of the GPL. And also, of course one can refuse to release the code, but then one would get fined. What did you think I meant? Somebody will force you to release the code with a gun pointed at your head?

Re:

[Richard_at_work]

Ahh, I'm naive am I, just because I disagree with you?

Or rather I understand that the actions of a lower level employee or related third party does not necessarily equate to corporate policy, and the former can be considered unwilfull distribution, while the latter can be considered wilfull.

Microsoft removed the tool, thats all they have to do by law.

Re:

[donaggie03]

Unwilfull? You see that's where our difference is. You seem to be so naive to think that Microsoft developers are unaware of the GPL.

It isn't very nice to call people naive before thinking the argument through. Perhaps GP never suggested that random Microsoft code monkeys were unaware of the GPL, but instead suggested that Microsoft executives were unaware that their software infringed on GPL licensed code. Perhaps the GP, with the US legal system in mind, understands that all that will matter is what Microsoft executives knew.

And also, of course one can refuse to release the code, but then one would get fined.

Maybe Microsoft will get fined, but first they will have to be sued, and then they would have to lose the

Re:

[noundi]

Ahh, I'm naive am I, just because I disagree with you?

Nope, because you're trying to imply that Microsoft would be unaware of the GPL. And we're not even talking about the GPL in detail, we're talking about the fundamental point of the GPL. That which most teenagers even know.

Or rather I understand that the actions of a lower level employee or related third party does not necessarily equate to corporate policy, and the former can be considered unwilfull distribution, while the latter can be considered wilfull.

That's very easy to say. Not that we would ever be able to prove this, but I'm willing to bet you that if you ask any Microsoft developer about the fundamental meaning of the GPL they would give it to you without hesitating for one second. The GPL isn't some "underground" phenomena.

Re:

[noundi]

Bah, sorry I must have clicked the wrong button. Here's my reply. [slashdot.org]

Re:So, this is about as damning as you get, isn't

[man_of_mr_e]

Uhh.. Your logic is at best... strange.

Being aware of the GPL does not mean you are aware that any given piece of software is licensed under it, much less a few snippets of code from said application.

There are three possible scenarios I can think of off the top of my head that are all highly likely here, none of which would make Microsoft aware of the fact they were violating the GPL (if that is even the case, which isn't even proven yet).

1) Microsoft hired a contractor or 3rd party to produce the code. The 3rd party used GPL code, but did not tell them. Yes, Microsoft is still liable, but they're not willfully liable.

2) Microsoft produced the tool for internal use. This is a valid use of the GPL'd code and doesn't require source to be distributed with it. Some other department, unaware that GPL'd code was used, got ahold of the tool and decided to use it externally. The original developers are unaware of the new use. Again, Microsoft is not willfully infringing.

3) An employee decides to take a shortcut and use GPL'd code without telling his bosses, takes credit for the code, and thinks nobody will ever find out. Microsoft is unwillful because even thought the employee wilfully infringed, the company had no knowledge. Yes, they're still liable, just not willfully so.

There are probably many other possible scenarios too... but I can't be bothered to spend more than a couple minutes thinking about it.

So perhaps you should think your arguments through before jumping to the conclusion of "it must be willful".

Re:

[RML]

Yes you are obligated to do such a thing, and if you don't comply you can be dragged to court where you could be sentenced to pay for copyright infringement.

Exactly: not complying, getting dragged to court, and paying is an option. You're not obligated to open the source, you can just suffer the consequences of copyright violation instead.

Re:

[noundi]

Yes you are obligated to do such a thing, and if you don't comply you can be dragged to court where you could be sentenced to pay for copyright infringement.

Exactly: not complying, getting dragged to court, and paying is an option. You're not obligated to open the source, you can just suffer the consequences of copyright violation instead.

I'm not sure if you're agreeing with me or not, but if you aren't, then how does this not mean that you're obliged to open the source? You're obliged to follow the law, and if you don't you'll get punished for it. Am I misinterpreting the word obliged? Because that to me is a perfect usage of the word obliged. Correct me if I'm wrong but is everybody thinking I'm saying forced? Because I'm not. http://www.thefreedictionary.com/obliged [thefreedictionary.com]

Re:

[Abcd1234]

I'm not sure if you're agreeing with me or not, but if you aren't, then how does this not mean that you're obliged to open the source?

Because the punishment in a copyright infringement case isn't to be forced to follow the terms of the license agreement for the work that was unlawfully distributed. It's to pay a fine and/or damages to the owner of the copyright of the work.

Am I misinterpreting the word obliged?

Not at all. You're just misinterpreting the law, and more specifically, the consequences of viol

Re:

[Dahan]

No, you're not automatically obligated to do any such thing. What happens is that you may be infringing on the copyrights on the GPL'd code, so it's up to the copyright holders to decide what to do: ignore it, negotiate a (presumably non-GPL) license agreement with you, or take you to court. And if the latter, the judge will decide what the punishment should be--most likely it'll be "stop distributing the software and pay the copyright holder $$$$$". It's unlikely that the punishment would be "publish the source code to your app that used GPLed code."

Yes you are obligated to do such a thing, and if you don't comply you can be dragged to court where you could be sentenced to pay for copyright infringement.

If one of the options is to not comply and pay for copyright infringement, how is that being obligated to release the source code? As I said, you're not obligated to release the source code. You're only obligated to do that if you want to license the code under the GPL--that text you quoted is from the GPL. However, you're not obligated to license the code under the GPL: you can ask the copyright holder to license it to you under some other license, or you can violate the GPL and accept the punishment for t

Re:

[donaggie03]

Comingled code is irrelevant. If Microsoft got GPL code from a third party, then they had the right to do certain things with it, as long as they abide by the GPL. There would be no violations against the third party. Now if it turns out that Microsoft used some unGPL code from the third party, then yeah, they could have also violated their copyright, but that is a different issue altogether. I think it is more likely that this third party broke GPL and was using the code in an infringing way, so it was

Re:

[aussie_a]

What do you want MS to do? Scour the interwebs for every licensed software to compare it with what Microsoft's coders produce? I'm by no means a fan of Microsoft, but this is the one time where the company appears to be acting in good faith. And yet people like you criticise them still! You're creating a "damned if you do, damned if you don't" atmosphere, which only encourages MS to do every illegal thing it thinks it can get away with.

Re:

[noundi]

What do you want MS to do? Scour the interwebs for every licensed software to compare it with what Microsoft's coders produce?

What? I don't understand your question. Why would this be relevant to the topic at hand?

Re:

[selven]

At least 3 moderators disagree with you.

Re:

[Xest]

"if you've distributed the binary and you've used GPL code you're obligated to release that code. Your mistake, your mess. MS wouldn't be so forgiving, why should the GNU community be? You'd think that the worlds largest software producer, in 2009, would have a better understanding regarding the GPL."

If only the world was that simple. The fact is, in a large software corporation there is absolutely no way to ensure that some incompetent developer hasn't just gone on the net and copied some code no matter ho

Re:

[david_thornley]

The GPL is not a signed contract, and the source code distribution is not a penalty clause. The GPL is a license, allowing the modification, copying, and distribution of code under certain circumstances. If Microsoft has distributed without complying with the requirements, then Microsoft has infringed on somebody's copyright, that's all.

The legal remedies are therefore the ones for copyright infringement, which are basically an injunction against further reproduction and monetary damages. There is no

Re:

[noundi]

You mean those that stretch back an incredible 5 days? [slashdot.org] That's some nice invesigative background checking there Sherlock.

Re:

[icannotthinkofaname]

No need, I've filled it in. How am I doing?

(Score:0, Troll)

I'd say you hit the nail on the head.

MOD ME +1 OBSERVANT, PLEASE!

No, it isn't

[jotaeleemeese]

The rational thing to do is to check first the licensing of any software you are not writing yourself.

Of course the most rational thing would be to use GPLed software as needed and comply with the requirements, but it is Microsoft we are talking about here.

Re:

[Runaway1956]

What AC says. MS's "open source" license is the viral license.

And, as GP said, all MS had to do was COMPLY WITH THE LICENSE. Tell me, WTF did MS have to lose by complying with a wide spread, commonly used license?

I haven't lost anything. I just go to any Linux box and convert DVD or CD to a USB anytime I need to. Did it three nights ago when I couldn't find a CD to burn Karmic. Phhht.

Re:

[msormune]

Actually, the arch enemy of GPL, especially GPL v3, is Google. You just haven't figured it out yet...

Re:

[man_of_mr_e]

No, the "smart, rational thing to do" would be to validate your code and status of it in whole before you post it for the world to take..

Ok.... so tell me how you would do that. Anyone? Beuler?

How can anyone, say you, determine that any given snippet of code is not Licensed under the GPL somewhere.

Re:So, this is about as damning as you get, isn't

[RightSaidFred99]

Right... or they are being smart, pulling the tool, and investigating whether they are violating the GPL. Like they said.

It was a "Jump to Conclusions" mat. You see, it would be this mat that you would put on the floor... and would have different CONCLUSIONS written on it that you could JUMP TO.

Seriously, preview your own posting editors!

[Anonymous Coward]

Seriously, preview your story summaries editors!

"...so we'll have to watch closely to see what the company puts it back on its servers."

Who thinks that "it" makes sense?

Re:

[dgatwood]

Or the "what". Substitute "when" or "whether" and "it" makes sense, too.

Re:

[dkleinsc]

Ahh, you said the word the Knights who say Ni cannot hear!

more info

[Anonymous Coward]

A friend of mine works at the borg. He's a penguin at heart and generally a good guy. This is what he told me. I believe him, but you can make up your own mind. There is/was a GPL violation, but MS didn't do it directly. They licensed some code from a third party. The third party was responsible for the GPL violation (they licensed the GPL code under a non-GPL license).

Re:more info

[Malc]

If this is a GPL violation, I'm sure it wasn't deliberate by Microsoft. People around here no doubt think differently. I'd be interested to know what processes they have in place - at our company, any use of third party code (whatever license) has to be sign-off by the CTO, and the details get put away in a file somewhere. There's more to it than that, but in theory, something like this would be a screw-up by somebody or a break-down in the process.

Re:

[jkrise]

If this is a GPL violation, I'm sure it wasn't deliberate by Microsoft.

That doesn't reduce their guilt however. If they got something written by a 3rd party, they need to have strict auditing practices in place. The responsibility solely vests with Microsoft.

Re:more info

[black3d]

They do have strict auditing practices in place, specifically regarding interoperability, buffer overflows (and the like), and checking to ensure the code hasn't been wholesale copy/pasted from public libraries.

However, they cannot ensure that someone hasn't copied a dozen lines of code from some other obscure program. They don't have the worlds entire source-code archive sitting in a database waiting to do comparison searches.

Furthermore, i find the ENTIRE situation very, very unlikely. It's almost as if it was all orchestrated. The story that we're supposed to buy is that:
1. Some random pundit was rooting through Microsoft functions because he "felt there was too much code there".
2. Pundit noticed some code that, despite it not having any reference to ImageReader, and despite this individual having nothing to do with ImageReader, immediately recognised that a dozen-line ReadBytes method was "obviously lifted from the CodePlex-hosted (yikes) GPLv2-licensed ImageMaster project".
3. No evidence is ever produced that there are any references to ImageReader, CodePlex, or anything else in the source. The researcher simply magically recognised the source code from a project that he'd had nothing to do with and never seen before.

I'm not buying it at all. This feels intentional.

Re:

[donaggie03]

It is my understanding that random pundit didn't even have the source code for the MS portion, only variable names and such.

Re:

[makomk]

Furthermore, i find the ENTIRE situation very, very unlikely. It's almost as if it was all orchestrated.

Not really that unlikely.

1. Some random pundit was rooting through Microsoft functions because he "felt there was too much code there".

It was .Net code. People often seem to rummage through Microsoft's .Net-based code for no real reason, mostly because it's so easy to do. (In this case, though, it appears he was looking at the code because it had an annoying bug [withinwindows.com].)

Pundit noticed some code that, despite it not having any reference to ImageReader, and despite this individual having nothing to do with ImageReader, immediately recognised that a dozen-line ReadBytes method was "obviously lifted from the CodePlex-hosted (yikes) GPLv2-licensed ImageMaster project".

There are these things called code search engines. They search publicly-available code for stuff. The code has all its identifiers intact, so it's not exactly hard to find. Since other code was copied - not just the ReadBytes method, which was just given a

Re:

[sjames]

If it was a 3rd party, It does reduce their culpability. Even there, they have taken the appropriate action thus far.

Re:

[QuestorTapes]

> If this is a GPL violation, I'm sure it wasn't deliberate by Microsoft.
> People around here no doubt think differently.

Yes and no.

> I'd be interested to know what processes they have in place...in theory,
> something like this would be a...break-down in the process.

Microsoft doesn't have a great history with "process", of whatever sort, being followed by all business units. This is true with security, and using "other people's code", not specifically open source.

They don't seem to be that organ

why blame malice?

[140Mandak262Jamuna]

If this is a GPL violation, I'm sure it wasn't deliberate by Microsoft.

Precisely.Why blame malice when plain incompetence would suffice?

Re:

[Bacon Bits]

Because malice from Microsoft creates a lot more SlashDot nerd rage.

Re:

[jedidiah]

No. Incompetence from Microsoft creates as much nerd rage and always has.

Re:

[donaggie03]

When you mix in big business with the U.S. court system, there most certainly is.

Re:

[Anonymous Coward]

I worked once for a company where I was ask for a common stack implementation that would be ready to be used, I recomended to modify a BSD implementation instead of developing it ourselves from scratch or to buy one from a third party.
Answer was "no no no, no free code in our software". I tried to explain the various free licenses policy that are currently used and to describe avantages of the BSD one, but finally my employer of that time decided to buy the stack it needed from a third party.

So we received

What if it IS a violation?

[mwvdlee]

What if it IS a GPL violation?

Will they release the source code?
And if not, if they just replace the GPL parts and release a new version, will people who downloaded the first version be legally able to demand the source code? Will the mere tainting of the code with GPL code cast a shadow on any future releases; "did they really replace the GPL parts or did they just refactor it"?

Re:What if it IS a violation?

[msimm]

If it is a violate they'll remove the code and put the application back up. The same thing that usually happens in a GPL violation, I don't see any reason to treat Microsoft differently.

Re:

[heffrey]

So which other repeat GPL violators have been cut off the internet?

My guess

[jonaskoelker]

And if not, if they just replace the GPL parts and release a new version, will people who downloaded the first version be legally able to demand the source code?

Here's my guess, but I'm only a lawyer in the armchair sense (i.e. not at all, but I try picking up an understanding of the law).

If it's found to be a GPL violation, Microsoft has violated the law regarding copyrights.

It'll be up to the party (or parties) who can sue Microsoft (only the copyright holder? Only the people who have lost something by MS breaking the (C) law?) to either settle the matter between themselves, or to take it to court and have the matters settled by a judge.

The FSF's position is tha

Re:

[XaXXon]

you can't demand the source code. It was never offered to you.

The only thing that can be done is that the copyright holder of the original software could sue. However, you can't sue for the software to be released, you can only recover monetary damages.

That's a big thing that people think that you can be forced to release your source code. The only thing you'll be forced to do is pay money to the copyright holder.

Re:

[Registered Coward v2]

What if it IS a GPL violation?

Will they release the source code? And if not, if they just replace the GPL parts and release a new version, will people who downloaded the first version be legally able to demand the source code?

I doubt that. Replacing the GPL'd code ought to be enough; especially if the incorporation was accidental or the result of a third party's actions (as another poster pointed out it may be code they licensed from another company who claimed ownership of the rights.) I would not want someone to be forced to relseas code for such violations.

Why? Because it would be a bad precedent - what if someone used copyrighted code without permission in a GPL'd project? Should everyone who subsequently uses the code be

Re:

[mwvdlee]

If somebody has an illegal copy of a music CD, would it be enough to simple destroy the copy after you've been caught in order to comply to copyright law?
Why would destroying the illegally copied code (e.g. rewriting the GPL code bits) be sufficient? It's the same copyright law that's being broken, shouldn't the same rules apply?

I'm not talking about what would be morally correct, but what would be legally correct.

Defining GPL?

[Korin43]

the GPL, a widely used (including by the Linux kernel) free software license

Good thing they cleared that up. I never would've known what the GPL is without this explanation.

Re:

[vlm]

the GPL, a widely used (including by the Linux kernel) free software license

Good thing they cleared that up. I never would've known what the GPL is without this explanation.

I wonder if its time to stop referring to the GPL as a "widely used free software license" and refer to it as "THE most widely used software license".

A combination of

http://www.dwheeler.com/sloc/ [dwheeler.com]

and

http://en.wikipedia.org/wiki/Source_lines_of_code [wikipedia.org]

would seem to indicate "around 180 million LOC in Debian" vs maybe 50 MLOC for windows. Not everything is in Debian (believe it or not) and not everything MS is in Windows, but everything else that is MS licensed probably doesn't add up to more than 3 times the si

!doesn't bode well

[jamesh]

I think taking the software down is a very boding/bodeable/bodeful/whatever thing to do. I wouldn't expect anything else unless they had concrete proof that there was absolutely no chance at all that there was even the remote possibility of a GPL violation, and unless the software was developed completely in house and the claim of GPL violation was made with no evidence at all they can't be sure of that.

Re:

[Spudley]

I think taking the software down is a very boding/bodeable/bodeful/whatever thing to do.

I completely agree. The guy who posted the original story was just wrong to say it "doesn't bode well".

By saying that, he was basically condemning Microsoft's actions before they'd even done then. I dislike MS as much as the next guy here, but - please! - what have they done in this case to warrant not boding well? As soon as they found out there was a potential problem, they pulled the software so they could investigate

There's also an additonal possibility

[Sycraft-fu]

What happens if there is code in there that was in fact original, but happened to be the same as GPL'd code? What I mean is that for a few lines of a simple function, it is completely possible for two programmers to come up with the exact same solution, or at least near enough. Doesn't happen often, but it can happen. This is especially true if you are working from a spec. You have an open standard you are implementing (like the ISO spec) and it may even have sample code.

So this leads to the question of wha

hey beavis...

[crocodill]

they pulled their tool

huhuhhuh

Re:

[Per Wigren]

ROFLMAO [skippy.net]

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[InsertWittyNameHere]

Hell something that simple...why would they need to steal GPL code,unless they got themselves a seriously lazy programmer/contractor?

The real question is why waste your time reinventing the wheel when you can take GPL code for *FREE*?? All you have to do is give credit and release your modifications (if any). Especially when you're trying to make the world believe that you are a friend to the open source community.

Re:

[account_deleted]

Comment removed based on user account deletion

DO NOTHING (for now)

[cenc]

I say everyone should stay quiet. Little by little open source code will leak in to all MS applications. Then in a few years from now, we can all file thousands of massive class action law suit that force MS to either go out of business or open source their entire OS and everything on run on it. The only problem with this plan that I see is that if they steel sufficient amount of quality open source code, their software might actually start working in a respectable manner and we will all end up back using w

Re:

[man_of_mr_e]

And you wonder why Microsoft considers the GPL a "viral" license....

Re:

[cenc]

One of the most successful development systems on the planet earth for millions of years.

Re:Excellent example of why MS hates GPL.

[kjart]

This is actually a good example of why Microsoft (and others) may dislike the GPL - how precisely do you determine that it is not a GPL violation? Clearly people like the parent will not be convinced no matter what Microsoft says (yeah, that post was pretty insightful...), so how can they possibly win here, other than by releasing the code, something they do not typically want to do? Even if they do that, they still get a black eye (i.e. that recent kernel code fiasco).

Re:

[cjfs]

how precisely do you determine that it is not a GPL violation?

Lawyers. Lots of Lawyers.

I doubt it even cracks their top 20 complicated legal issues.

Re:

[man_of_mr_e]

The problem is significantly more complex than you seem to have considered.

Consider this. Nobody has access to all GPL'd code that's out there. The GPL does not require that you make source code available to everyone. It only requires that you make source code available to those you give the binary to.

Think about this. There is likely a lot of GPL'd code out there that isn't easily findable on the web. How exactly is one supposed to prove tha any given piece of code was not copied from GPL'd code? It'

Re:Excellent example of why MS hates GPL.

[the_womble]

The same problem applies to any license? Suppose MS accuses someone of using their code, how can that be determined? If an author or musician accuses someone of copying them how can that be determined? It is an intrinsic problem of copyright, not a problem with the GPL.

Re:

[msimm]

Well, if it became a problem they could have someone sign an NDA and allow them to review the code. But it probably won't need to come to that.

Re:

[GumphMaster]

... how precisely do you determine that it is not a GPL violation?

Exactly the same way you determine that your code does not violate a software patent held by any of the big players. You cannot do it with certainty. You do your basic checks and then act in good faith should something be identified.

Re:

[mixmatch]

How much success has there been comparing object code to determine whether source code copying has occurred?

Re:

[Chatterton]

Because object code contain a lot of debugging informations and the functions names in clear if not stripped (and it is rarely done). If an object code contain lot of function names equal to a well know library, then there is a very good probability that it use the library.

Re:Excellent example of why MS hates GPL.

[wrook]

When I was working in an MS technology shop I found many cases of our programmers cutting and pasting code from other sources on the internet. Quite a lot of it came from MS itself and explicitly said that it could not be used. What do you do now? Rip the code out? But we've already shipped the code. Should we demand that the customers give it back until we can rip the code out? What if we still want to use the code? Should we approach MS and try to negotiate a different license? What if they say no?

There's no difference here. The GPL is quite easy to understand as licensing documents go. I think we can all agree that if code licensed only under the GPL was in the application, it would be a breach of the licensing terms; just like when various people in my company appropriated MS code. The resolution is exactly the same.

The moral of the story is: don't use code whose licensing terms are unacceptable to you. It doesn't matter what the license is. It doesn't matter what political forces caused the terms of the license to be created. If you don't agree to it, don't use it. This is the one thing that is the same for all licenses.

You could say that about any software

[syousef]

This is actually a good example of why Microsoft (and others) may dislike the GPL - how precisely do you determine that it is not a GPL violation?

You could say that about any software, not just GPL and not just FOSS. Sure it's easier to pass off publicly available source as someone else's code because it's much easier to get hold of, but that doesn't mean it can't be done with leaked or stolen code.

This isn't a "reason" for any company not to like open source. "Lame excuse" would be a better discription.

Re:

[Belial6]

Exactly. If anything, FOSS makes it so that you can hide your copyright violations better. Unlike when MS just slapped in Stacker Inc.'s compression tools into DOS 6. At least with this, there is some question as to whether MS is currently 'Pirating' software. With DOS 6, anyone could do a dump of the executable and actually find Stacker's copyright notice.

Re:

[dbIII]

how precisely do you determine that it is not a GPL violation

How? By reading the complaint and checking that the evidence given in the complaint matches what is in the code. Then if there is any grounds for complaint it's a matter of talking to whoever was responsible for the code - all this should be blatantly obvious. If there is nothing I really can't see baseless conspiracy theories being a problem as it will fizzle out without evidence. The SCO fiasco required expenditure of money for PR to get the

Re:

[Rockoon]

How? By reading the complaint and checking that the evidence given in the complaint matches what is in the code. Then if there is any grounds for complaint it's a matter of talking to whoever was responsible for the code - all this should be blatantly obvious.

Sounds good when you say it fast.

The evidence seems to be that some symbol names are the same. There are many reasons for this to happen, including but not limited to

o They are common names for a common technique.
o They are names used in the official specification.
o The code which is claimed to be GPL is actually the code that is in violation of a license.
o The code was really public domain but got lumped into a GPL'd project (this happens a lot, really.)


Hand waving and declaring "blatantly obvio

Re:

[jedidiah]

How do you determine that ANY 3rd party bit of software wasn't created in bad faith?

How do you determine that you aren't "receiving stolen goods".

This is a general problem not just limited to the GPL. The open nature of the GPL just means that violations might be easier to spot and more people will have the tools to make such a determination.

IOW, the GPL just makes it easier to get caught.

Re:

[Just Some Guy]

how precisely do you determine that it is not a GPL violation?

Bring the GPL code's author in under an NDA and show him your code, thus killing two birds with one stone: you've demonstrated your innocence to the only person who legally matters, and poisoned him from being able to develop it any more.

Re:

[Will.Woodhull]

The short summary of Microsoft's vision of software licenses:

What is mine is mine, and what is yours is negotiable.

Re:

[icydog]

Microsofts version of open source is that i develop and they take the code, the credit and the ownership.

Yes, because Microsoft's mode of operation is to steal GPL code and try to claim it's theirs until they get caught, at which point they fess up and pretend it was a mistake. Right... I mean, just look at all the other times they stole GPL code!

If in fact that tool used GPL code, it was just some lazy or dishonest developer who used a bunch of code from the Internet and pretended it was his. No propr

Re:

[miffo.swe]

Have you actually read the Codeplex bylaws and what types of licenses they want? Microsoft is hard at work trying to redefine open source into something completely different than it is today.

Re:

[Anonymous Coward]

Widely used claim is laughable

Pft. Clearly even MS are using GPL software. Doesn't get much more mainstream than that.

Re:

[jedidiah]

Ever heard of Oracle?

They use and even create L/GPL software.

The GNU toolchain has been widely used on Unix systems since before the creation of Linux.

This is about more than the "desktop marketshare of Linux".

Re:

[mixmatch]

That would be the Free Software Foundation ( http://www.fsf.org/licensing [fsf.org] ).

The Compliance Lab has been an informal activity of the FSF since 1992 and was formalized in December 2001. We handle all licensing-related issues for FSF. We serve the free software community by providing the public with a "knowledge infrastructure" surrounding the GNU GPL and free software licensing, and enforcing the license on FSF-copyrighted software.

Re:What if it IS a GPL violation part II?

[Tim C]

No - the copyright holder has to sue. The FSF recommends that you assign the copyright of anything you release under the GPL to them, so they can go after any violations, but if you don't then you're on your own. You can't sue for copyright violation on behalf of someone else, they have to do it themselves.

Re:

[mixmatch]

Obviously the FSF cannot sue over someone else's copyright without their consent. The quote I provided clearly stated:

enforcing the license on FSF-copyrighted software

They do, however accept reports of suspected GPL violations and assist GPL developers in upholding their rights.

Re:What if it IS a GPL violation part II?

[lordandmaker]

Who, exactly, sues them in this case?

In theory, the author(s) of the code. In practice, they'd likely hand it over to the FSF who exist partly for the protection of GPL'd code.

Re:This might be a double-edged sword

[ledow]

What you forget is that GPL code is owned by the author, not some magical GPL entity. One author might well want to kick up a fuss, while another may want to deal with it quietly. Others might go to the SFLC, whose policy *is* discretion first (and that's what I believe the earlier articles were referring to).

Whether or not to kick up a stink, demand compensation/removal of the tool, prosecution etc. is in the hands of the copyright holder, not the SFLC (although the holder may choose to hand it over to them for the purposes of dealing with the case).

Re:

[selven]

A lot of code is voluntarily handed over to some magical GPL entity since the author doesn't have the time/resources to enforce it himself. My magical GPL entity, I of course mean the FSF.

Re:Not a bad move

[blowdart]

Indeed. The summary assertion that "The fact the company pulled the tool doesn't bode well" is really daft. Of course they'd pull it, there's been a claim made against it - if they keep distributing it whilst they investigate the potential for damages rises with every download. Pulling the tool is not an admission of anything other than the fact that an accusation has been made and they're investitaging it.

Re:

[wjsteele]

One question, potential damages to who?

Bill

Re:

[Arielholic]

Actually, it wasn't. It was created by RMS.

Re:

[donaggie03]

"Woe, woe, woe!" That's the 17th century version.