Microsoft Takes Responsibility For GPL Violation 364
An anonymous reader writes with an update to the news we discussed last weekend that a Windows 7 utility seemed to contain GPL code:
"Microsoft has confirmed that the Windows 7 USB/DVD tool did, in fact, use GPL code, and they have agreed to release the tool's source code under the terms of GPLv2. In a statement, Microsoft said creation of the tool had been contracted out to a third party and apologized for not noticing the GPL code during a code review."
obvious! (Score:3, Interesting)
DUH! Easier to gain forgiveness than permission. We know Microsoft knows that well. There was always a chance nobody would notice. It makes me wonder how much other GPL code they've ripped off over the years without getting caught.
Death of one old bag of baloney? (Score:3, Interesting)
Re:cluess about licensing... (Score:5, Interesting)
Re:Good on MS (Score:5, Interesting)
It's the integrity of how they handled the situation... someone pointed out the possible GPL violation... they pull the tool and let everyone know they're looking into it... then they announce they've looked into it and as a result, they're going to release the source code in accordance with the GPL, something MS would rather not do, to honor the licence, and the community need for the tool.
Integrity = Awesome, in my humble opinion...
Fair Play (Score:2, Interesting)
That's all that need be said. Microsoft realised it was in the wrong, and took steps to correct it. They didn't stonewall, they didn't hide. I must admit to being pleasantly surprised. Microsoft themselves place great importance on respecting software licenses/copyright, and it's nice to see them practice when it comes to other people's copyrights.
Re:Good on MS (Score:2, Interesting)
Except 2012 was a miscalculation [slashdot.org] and the real year is supposedly 2220.
Re:Code Review (Score:2, Interesting)
Re:"When I worked at Microsoft..." (Score:2, Interesting)
Not the OP, but I work at Microsoft and can vouch for his/her statements. As a company we're paranoid beyond belief about intentionally or accidentally including someone else's code. We aren't even supposed to read patents, for fear that we might become "tainted".
Sorry for posting AC, but I'd like to /remain/ employed at Microsoft for the time being.
Re:Code Review (Score:3, Interesting)
Question: how can you tell GPL code is GPL code unless you know that it's GPL code? My point is that code reviews are cool, but they cannot catch things that the reviewers don't know to look for. And it's impossible for anyone to be familiar with every piece of GPL'd code out there, and it's impossible to build a database of such code. The best way to handle it was the way that they handled it. Someone found the error, told MS, and MS became compliant by releasing the code.
It's called MOSS [stanford.edu]. Free for educational use, though a company like Microsoft would need a site license, but it would probably pay for itself when you factor in the money paid to PR firms to compensate for blunders like this.
I mean, I don't think anyone seriously thinks MS intended to steal GPL code. But if you have subcontractors writing shitty code, and you're forced to acknowledge this publicly, that have a very real cost - it undermimes your image as a respectable software company.
Re:Good on MS (Score:4, Interesting)
Well exactly. In this case Microsoft paid for what they believed was closed source code, it was a third party vendor that broke the GPL, but because Microsoft released the executable, well they're responsible.
Which raises a question - how do you check these things? If the vendor cut and pasted code in, and removed comments that identified its source and the source's licensing agreement how do you spot this? It's not feasible to download every single open source project and start a diff against every single file they contain, so how do you do it?
FAT filesystem? (Score:2, Interesting)
Re:Code Review (Score:1, Interesting)
Full Ack. We did a review of our code base and had some people checking all the flagged positives and (fortunataly) only some checked-in GNU tools for internal usage were real positives. But it took two month to go though the list (the management at the time was really paranoid about GNU code).
Re:Good on MS (Score:1, Interesting)
It's not feasible to download every single open source project and start a diff against every single file they contain, so how do you do it?
You cannot do it. What you do is to sue the vendor for what might even justifiably be an astronomical amount and make sure everybody knows who that vendor is. Especially if the vendor goes bankrupt, it might not cover all your financial losses, if you believe that publishing source is a loss, but it will make every other vendor you use now or in the future to think twice before attempting something like this. Now, I dislike MS as much as the next slashdotter and hope that one day Windows will have a smaller market share than all but the most niche Linux distros. However, in this case they've done nothing wrong.
Re:"When I worked at Microsoft..." (Score:1, Interesting)
The massive volume of code produced by both in-house and 3rd party devs makes it hard to get through everything with a fine-toothed comb. However, there seem to be an inordinate amount of time spent saying to not use open source, and a focus on the value of originality. This is simply a case of something slipping through the cracks.
I'm sure it has happened before and it will happen again. Shit happens. This time they got caught, that's all. At least they are appearing to play nice and follow the rules.
Nothing to see here, please move along.