Loading
Say "No, Thanks" to Offers of Illegal MS Source Code
As a reminder to our readers, we are repeating the same advice we published in 2000, the last time Microsoft's source code was compromised. Don't look at it or you could contaminate yourself legally.
The Wall Street Journal reported today [October 27, 2000 -- Ed.] that Microsoft and the FBI are investigating an intrusion in which unknown attackers had access to Microsoft source code for three months. Although nothing purporting to be Microsoft source code copied in the intrusion has surfaced yet, any such code poses a legal risk to people who read it and to any free software project that accepts contributions from those people.
"Anybody who wishes to be involved in free software should have nothing to do with anything claiming to be Microsoft source code released without license or in any informal way," said Eben Moglen, general counsel of the Free Software Foundation and professor of law and legal history at Columbia University. Microsoft, he said, would be in a position to seek damages from anyone trafficking in misappropriated trade secrets, which can include merely reading the Microsoft code and then contributing to a free project.
If offered any code that implements Microsoft-like APIs, or uses Microsoft's file formats or protocols, the FSF will go beyond its normal legal paperwork to make sure that the contributor has not had contact with Microsoft's proprietary information. "We would certainly take additional measures to prove the absence of any relationship between developers and Microsoft's trade secrets," Moglen said.
Free software developers are already careful to keep themselves insulated from any contact with proprietary information. Jeremy Allison, one of the lead developers on the Samba project, said that his response to one anonymous offer of Windows NT source code was, "You're offering to end my career. Thanks but no thanks." And the Samba team, he said, will refuse to work with anyone who has seen Microsoft's proprietary code. "Anything we do has to be completely legal," he said. "There are plenty of people who can work on it who haven't seen Microsoft source code." His advice to anyone planning to write free software in the future is, "Stay away from [proprietary Microsoft source code] at all costs."
News reports blamed the Microsoft intrusion on aTrojan Horse program that installs when a Windows user opens an e-mail attachment in Microsoft Outlook.
______________________
White Paper
Fabric-Based Computing Enables Optimized Hyperscale Data Centers
Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- RSS Feeds
- New Products
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Home, My Backup Data Center
- New Products
- Developer Poll
- Trying to Tame the Tablet
- Validate an E-Mail Address with PHP, the Right Way
- Deceptive Advertising and
7 min 25 sec ago - Let\'s declare that you have
8 min 22 sec ago - Alterations in Contest Due
9 min 28 sec ago - At a numbers mindset, your
10 min 39 sec ago - Do not get Just Almost any
14 min 8 sec ago - A fantastic rule-of-thumb to
15 min 31 sec ago - Keren mastah..
Penting,
1 hour 13 min ago - mini tablet compare
2 hours 32 min ago - Looking Good
6 hours 5 min ago - Hey God - You may not be
10 hours 18 min ago
Enter to Win an Adafruit Prototyping Pi Plate Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Prototyping Pi Plate Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- Next winner announced on 5-21-13!
Free Webinar: Linux Backup and Recovery
Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.
In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.
Developer Poll
Comments
Another good reason to steer clear
Besides... why introduce bad code into good projects? ;-) Please do us all a favour and keep Linux free of BSOD code.
Re: Say
This could be a Microsoft invention, with the sole purpose of
having an excuse to sue the " Free software movement' and
possibly stop it, because it is a threat to microsoft monopoly!!
Think about it !!!!
Great advice
Thanks for publishing such great advice. This is clearly the responsible approach that needs to be well understood by members of our community. Personally, I would not be surprised to learn that this "leak" was done intentionally in order to serve as "bait" to those that would risk compromising (knowingly or not) the integrity of some very important Free Software projects which deal with Windows compatibility. We shall see how this plays out....
Btw: that "News Reports" link doesn't actually resolve to anything useful.
Best
Adam Kosmin
WindowsRefund.net
Re: Great advice
my gut reaction to this advice is to cry "tinfoil hat". after all, even if the leaked source is viewed by an oss developer, redmond will still have to prove sufficient similarity in the source to get any satisfaction in court.
however... it's well known that microsoft forbids its developers from viewing any open code, most notably that which is under the gpl. maybe "the beast" has the right idea.
Re: Great advice
I personally agree, as a programer and as a FOSS fun.
For more info I suggest reading GROKLAW.
Does not give permanest answers, but its definetly worth reading (especially ppls comments).