Say "No, Thanks" to Offers of Illegal MS Source Code
The Wall Street Journal reported today [October 27, 2000 -- Ed.] that Microsoft and the FBI are investigating an intrusion in which unknown attackers had access to Microsoft source code for three months. Although nothing purporting to be Microsoft source code copied in the intrusion has surfaced yet, any such code poses a legal risk to people who read it and to any free software project that accepts contributions from those people.
"Anybody who wishes to be involved in free software should have nothing to do with anything claiming to be Microsoft source code released without license or in any informal way," said Eben Moglen, general counsel of the Free Software Foundation and professor of law and legal history at Columbia University. Microsoft, he said, would be in a position to seek damages from anyone trafficking in misappropriated trade secrets, which can include merely reading the Microsoft code and then contributing to a free project.
If offered any code that implements Microsoft-like APIs, or uses Microsoft's file formats or protocols, the FSF will go beyond its normal legal paperwork to make sure that the contributor has not had contact with Microsoft's proprietary information. "We would certainly take additional measures to prove the absence of any relationship between developers and Microsoft's trade secrets," Moglen said.
Free software developers are already careful to keep themselves insulated from any contact with proprietary information. Jeremy Allison, one of the lead developers on the Samba project, said that his response to one anonymous offer of Windows NT source code was, "You're offering to end my career. Thanks but no thanks." And the Samba team, he said, will refuse to work with anyone who has seen Microsoft's proprietary code. "Anything we do has to be completely legal," he said. "There are plenty of people who can work on it who haven't seen Microsoft source code." His advice to anyone planning to write free software in the future is, "Stay away from [proprietary Microsoft source code] at all costs."
News reports blamed the Microsoft intrusion on aTrojan Horse program that installs when a Windows user opens an e-mail attachment in Microsoft Outlook.
Webinar: 8 Signs You’re Beyond Cron
11am CDT, April 29th
|Android Candy: Intercoms||Apr 23, 2015|
|"No Reboot" Kernel Patching - And Why You Should Care||Apr 22, 2015|
|Return of the Mac||Apr 20, 2015|
|DevOps: Better Than the Sum of Its Parts||Apr 20, 2015|
|Play for Me, Jarvis||Apr 16, 2015|
|Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites||Apr 15, 2015|
- DevOps: Better Than the Sum of Its Parts
- "No Reboot" Kernel Patching - And Why You Should Care
- Return of the Mac
- Android Candy: Intercoms
- Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites
- Designing Foils with XFLR5
- Non-Linux FOSS: .NET?
- Play for Me, Jarvis
- Consent That Goes Both Ways