Slashdot Log In
IP Theft in the Linux Kernel
from the we-feel-so-betrayed dept.
"They just took my code and filed off the copyright" said Søren. "This is clearest with the two header files hptraid.h and pdcraid.h. Compare these with FreeBSD's ata-raid.h, and just look at the similarities." And it's true that these two header files certainly look like a chopped up copy of the FreeBSD header, after a quick search-and-replace. "The reading of the RAID config from the disks is their own code, but is clearly "inspired" from our code," said Søren, "but that's encouraged by the license. It's the verbatim use of the other code without retaining the copyright that's the problem."
ata-raid.h, and the other files, are copyright Søren, and released under the three clause BSD license, which includes the restriction "Redistributions of source code must retain the above copyright notice". So using these files, or significant portions of them, in your own code, without retaining the copyright information, as has happened here, is prohibited.
You may be thinking "This is only a couple of header files, what's the big deal?". As Søren says "The problem here is that the structures in the headers is the whole story. That info tells how you read the proprietary struct off the disks, and was reverse engineered and documented by me after a lot of effort." Søren's intellectual property is tied up in those files.
Right now, Søren is in discussions with the authors of the Linux ATA drivers (employed by RedHat) to ensure that his copyright notice is returned to these and other files, and to ensure that this situation does not recur. And it is hoped that an amicable solution can be reached.
wow, this is a shame (Score:3, Insightful)
E.
And yet... (Score:4, Informative)
Seriously, though, if someone used the code, it must be used under the correct license. Same as if someone uses the linux kernel. They gotta use the GPL.
Again, copyright (and licensing) is a double-edged sword.
Re:And yet... (Score:5, Informative)
Don't try to reflect this onto Microsoft. Clearly the Linux developers fucked up here.
Re:And yet... (Score:5, Insightful)
Does your boss see all the code you write, and if s/he did would s/he recognize BSD ATA code? Mine sure wouldn't.
Re:And yet... (Score:5, Insightful)
I don't know about Windows 2000, but I've got RTM Windows XP here. On the CD in the root directory is a README file. Here's some of it...
Re:And yet... (Score:4, Insightful)
"I'm speechless. THis sort of thing shouldn't happen. Give the guy his due credit. Now let's move on."
If it really *had* been done in Windows, and someone found out, I bet people here would be screaming for blood, waving the evil empire flag, and talking about how only an MS employee would do such a thing.
I think the main difference here is that we actually have confidence that this problem will be fixed, which is a confidence that we would not have if Microsoft had been the perpetrator. If Microsoft had done it, we'd be out for blood because we'd HAVE to be out for blood in order to get a result. We'd have to be screaming to the heavens to get any form of popular media possible to listen to us, in order to convince Microsoft to do the right thing. Conversely, we trust Linux developers, and we're confident that they'll do the right thing in the end, so we really have no reason to be out for blood.
Re:Licensing Problems? (Score:4, Informative)
Since the license is so short, might as well include it right here for people too lazy to click:
Here is the license template:
Copyright (c) ,
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Neither the name of the nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Er... (Score:4, Insightful)
-Legion
Re:Er... (Score:4, Funny)
Re:Er... (Score:4, Funny)
It's pronounced... (Score:4, Informative)
æ ø å
"æ" is like the "ea" in "dead"
"å" is close to the "o" in "holy",
but the "ø" is a bit tricky to pronounce. It's kinda like the "ou" in "mourn", but with more bass.
So Sørens name is pronounced:
S + mourn + honest + n
= Søren! On top of that there is an expression in Danish, which goes "av for Søren", which means "auch for Søren" and you say that when you hurt. And there's another one "Det var Sørens!" which means "I'll be damned!".
It's a common name.... and I need to get a life.
Re:It's pronounced... (Score:4, Funny)
Re:Er... (Score:5, Insightful)
I think it was more of a matter of lazy programming than evil intentions. The header files define structures, a few constants, etc. They encode a bit of knowledge, such as data formats and the meaning of that data, but some people wouldn't consider it code. More of an interface description. Of course, if it was a document describing an interface, then most people would automatically consider the copyright to hold...
It's a bit like other forms of online "theft". Some folks think that if you download the html for a popular site, remove all the text and images, and use the layout on their own site, then it's not theft, because the copyrightable parts (images, text) were removed, and only the framework retained. But, like HTML framework, headers are the work of the programmer, and any desired copyright should be respected.
Again, I'm in the "simple mistake, fix it, move on" camp, and would like to add that Red Hat and the rest should add a line to their policy about reusing "open source" code, to retain copyrights.
If Microsoft did it, I'd expect them to do the same, but Microsoft would probably do it to force the issue, make the EFF take them to trial to define the limits of open source, the BSD liscence , and the GPL liscense. That's the difference - this will be taken care of by peers, while Microsoft conflicts almost always involve lawyers. It's the difference between getting rear-ended by an honest citizen (with or without the insurance companies getting involved), vs. an asshole celebrity who thinks the little people should take their licks and not annoy the "important people" with trivial matters like car bills and possible medical expenses.
Won't be the last time. (Score:4, Interesting)
It was mentioned that the authors of the Linux kernel code worked for Red Hat. We can't be certain but I speculate that they didn't want to appear "lazy" by "stealing" anyone elses code, regardless that it was completely free. Perhaps it was just an oversight. I hope we see an update in a slashback in the future.
Good for him! (Score:4, Informative)
Sets a good example (Score:5, Insightful)
Of course, I wouldn't propose that we allow violations of open source liscenses to continue unchecked, just that the opportunity for good faith resolutions be allowed before crying "Boycott!".
Another argument for free software? (Score:5, Insightful)
Case in point: there is every reason to think that this author's name will be included with his code in the next release of the Linux kernel source. Think how vastly different this situation would be if this were about theft of proprietary code. Here, nobody's company is at stake, and nobody stands to lose by doing the right thing -- so there are no stupid lawsuits and no hard feelings. At least, I hope it plays out this way
Forget all this paranoia about the venemous GPL. Proprietary code has a really, really high cost of ownership; at a certain point, it's just not worth it. Free is just so
Credit must be for the right reasons (Score:4, Insightful)
I would like to point out though that there is a strong argument that it was precisely that hard work rather than intellectual property that was stolen. Bear with me, and no knee-jerk mods please:
(1) A structure is just that: a structure. If there is intellectual property there it is in the original designer of the structure.
If this was a structure in nature (such as the human genome or what have you) then there are plenty of people who disagree with it being anyone's IP at all. Unfortunately, in the wisdom of capitalist democracy some people think that they *own* all of our tomatoes.
But this isn't nature, and someone did plan and write these structures and deserves credit. And Soren deserves plenty too for figuring it out and giving it to the world.
(2) You could say that his comments are IP, and that's a pretty strong argument. So perhaps there is more than just good old hard work here. However, it's possible these are just titles of the data structure elements, and titles aren't exactly covered by the same IP standards as other IP.
Oh well. I don't want to take away from the important work, and certainly nothing from Soren's credit. Just some food for thought.
Structures *do* have IP! (Score:4, Insightful)
Au contraire. Compare the following two snippets of code, taken arbitrarily from one of the other raid header files in the kernel:
struct m {
int a;
int b;
kdev_t c;
int d;
* State bits:
*/
int e;
int f;
int g;
int h;
};
And:
struct mirror_info {
int number;
int raid_disk;
kdev_t dev;
int head_position;
* State bits:
*/
int operational;
int write_only;
int spare;
int used_slot;
};
Those are the same exact structure, no? Exact same data types and everything. I even left in the comments. Now, which of those would you rather have to program with? A structure is *not* just a structure; different source codes for the same structure can be of radically different usefulness. There's definitely intellectual property there.
Yeah, that's right. (Score:4, Flamebait)
Where are the backups to your statements?
This reminds me of when there was the large Exodus outage, and in the explanaion story an AC claimed to be some chick who was abuse my Taco (funny since Taco is in Michigan, Exodus cage is very not in Michigan, etc).
Moderators: don't mod up stuff unless there is PROOF or this person has put a real name behind their statements. Posts like this are just trolls meant no spread disinformation.
Slashdot License Enforcement Bureau (Score:3, Insightful)
complain about license and copyright violations?
"Oh my god, its a license violation! Get
Slashdot on the phone IMMEDIATELY!"
Surprised I havent seen a "do , or we'll post
about you on slashdot" yet.
In this case, I agree with the author of the
code about getting proper credit for his work
since it was reused - but all of these GPL/
license/embedded linux stories lately are
getting tiring.
BRING BACK THE QUICKIES!
Hope it was an oversight... (Score:4, Insightful)
IP is important. Copyright is important. Licensing is important. Unfortuantely defenders of all these things are often cast in a bad light because of a perceived association with other groups who misuse these tools.
Just my 2c
One question (Score:4, Troll)
Stop the flames. Of course he wasn't. What got lost in this story is one of the best aspects of open source programs: complete transparency. Microsoft may be using pieces of the Linux kernel inside its own programs and we'll never know. Ever.
If it was really a copy (we're talking about device drivers and it's very difficult to create original software to describe the same struct) then notice will be given that it was his software.
And another good aspect: this guys is a programmer that has created open source device drivers for FreeBSD. And he was looking into the Linux kernel sources. Probably looking for his own code (which would make him proud) or looking for the chance to help out fellow programmers or just to compare solutions and learn with it.
I'm sorry it happened but we should focus on what's good about this story:
Truth shall set you free.
Red Hat source - who is "Arjanv" ? (Score:5, Informative)
Re:Red Hat source - who is "Arjanv" ? (Score:5, Informative)
Arjan van de Ven
Notice also that it appears that the code has been updated to include the proper copyright and notices on the site. Read the diff, and the source all of the stuff has been added. It appears that it should be in compliance with the BSD license now.Stripping off copyrights sadly common (Score:4, Interesting)
I write and run the Idocs Guide to HTML [idocs.com] which contains a lot of JavaScript. I give away the JavaScripts for free, asking only that the copyright notice be kept in place. The copyright notices are in the JavaScript comments, so there's no effect on the user-interface. Nevertheless, I have seen many places where my scripts are used but the copyright gone.
One person even asked for help on using a script while blatantly refering me to a page where the copyright was gone. Sheesh.
Er, I thought the BSD license permitted this... (Score:3, Interesting)
If so, then nothing wrong has occured. It can also be recopyrighted under GPL. Don't like it, just copy and make use of the original BSD one that doesn't have that restriction.
I don't see Microsoft making the source for BSD bits they lift available for others, nor do they have to. BSD allows you to do whatever you want with the code, including sell it, right?
This isn't meant as a troll, if I'm mistaken, let me know. I'm just interpreting the numerous open-source vs free-source, BSD-vs-GPL flame wars that have been going on here forever...
Shocked and Surprised Linux couldn't be more orig (Score:3, Funny)
I mean when it came to defining the variables for the cylinders for the drive they just used the name 'cylinders'! EXACTLY what BSD used!!! and for the number of disks on the raid0 they used raid0_disks!!!
I mean they should have defined it as num_of_boxed_platters_of_magneticly_coated_disks_
The only benifit of naming this the exact same way BSD did would be that it would be clearer and more easily understood for people who program many different unix based disk interfaces.
But who really benifits from that? Escpecially when someone doesn't get credit for making the second variable in a struct, 'disk_number'.
That's not paticularly smart... (Score:3, Interesting)
Am I the only one who found this strange? The idea that by reverse engineering a piece of hardware, you are suddenly the IP holder? I could see the hardware manufacturers making such a claim, but a third party driver writer? I did some engineering to make a fast video routine for modeX, and I hardly think that I can claim IP rights over the modeX architecture...
On the other hand, if the person who wrote it wants some credit, give him some credit. That's all I ask for when I give code away, so I can see why that could be annoying. It probably was an honest mistake on the part of the kernel developer though, I know that a couple times I've released a program and forgotten to put some copyright or some such in it. Incidently, that's why I usually just write my own code from scratch now.
Hypothetical question (Score:4, Insightful)
Suppose Bob writes an open source program. Then along comes John and examines Bob's program, and learns crucial things from it. Such as how the frobulator encoder works. John then writes his own program which has a frobulator encoder, whose concepts are influenced heavily from what he learned by studying Bob's work.
At what point is John stealing Bob's work?
This is a loaded question. (Just like: When does life begin, at conception or birth, or where inbetween.) Except our question here isn't quite as emotionally charged. (Well, maybe it is for us.)
Back in 1979, I would help other students with their programs. Sometimes after making sure they understood the algorithm, and were writing the code, we would end up with what basically amounts to my design. Should I just make sure that I use different variable names? Should I introduce frivolous structural changes to the program so the instructor doesn't think someone is cheating? (Of course, I became so notorious with my instructors that this problem never came up -- they knew me well enough.) And the other student did end up actually accomplishing the learning.
Returning to my above example. Should John make sure to rename the members of the structure? Alter it stylistically? After all, Bob did the hard gruntwork. In some sense Bob should get credit. What if Bob doesn't want to license or give any permission? Can Bob withhold the know how of how the frobulator encoder works -- especially if it is embedded within open source?
Cearly, the ideal thing would be for John to contact Bob. But this takes time and effort. If John had simply renamed identifiers and altered the style, would an issue ever be raised on Slashdot in the future? (Even if Bob someday examined John's code and noticed the similarity, of concepts, if not actual cut&paste lines?)
And as I first stated, I haven't examined the sources, and this may be a very clear case of cut&past without any credit given. These questions are intended to be hypothetical. Any resemblance to actual persons or events is purely cooincidental and unintentional.
How it started... (Score:5, Informative)
> I've read everything that I can find regarding support of the Highpoint
> controllers RAID functionality under Linux, and I understand what the issues
> have been. The one promising bit of information that I dug up in this process is
> that the 'pseudo' RAID functionality of the Highpoint and Promise IDE RAID
> controllers is now supported in FreeBSD (4.2-RELEASE and 5.0-CURRENT). My
> question is, can the new BSD code be leveraged to add support for these
> controllers to the Linux kernel, and could we reasonably expect to see such
> support in the near future?
>
> (I think that most all of the relevant/important bits are in ata-raid.c and/or
> ata-raid.h. In
> any event, the IDE/ATA guy over on the FreeBSD side is Soren Schmidt
> (sos@freebsd.org), and he
> wrote all of the stuff for this.
This issue was resolved already (Score:4, Redundant)
Not creative work == not copyrightable (Score:4, Insightful)
It seems likely to be that header file structure definitions are a functional description of how a piece of hardware works. And if that's the case, that information is no more copyrightable than the telephone book. And if it's not copyrightable, it's perfectly legal to remove the credits and license and redistribute however you want. Not right, mind you, but legal.
Looks to me like he's screaming about copyright infringement and/or license violations without understanding the limited scope of copyright.
Porting code, copying req'd header info... (Score:4, Insightful)
After a few grim moments of comtemplating actually buying and installing Visual C++, it occured to me that these things are probably defined somewhere in the mingw stuff. Sure enough, I found them all in various headers within the mingw package. I copied all these (and a bunch of other little win32 kludges) into a win32stuff.h file that I started including in the various .cpp files.
So did I cross the line? I copied a few dozen lines from various header files in the mingw package (I didn't mention in the file that I got them from the mingw project, but I probably should before I release the port to anyone). Did the the mingw guys copy this stuff from somewhere in all the stuff included by #include <windows.h> ??
Ok, I'll admit that a bit struct that represents the on-disk format of something that was reverse engineered is a bit more substantial than a bunch of constants... but calling it "IP Theft" seems to be leaping to some strong conclusions. Even if both programmers did their reverse engineering independently, aside from using different names, there's not a lot of different ways the struct could look. Even if the linux developer did look at the BSD header file to learn the data formats, how different could one expect his code to possibly be ?? If it's an algorithm with some creative implementation, I can see the accusation, but over a header file that simply documents simple facts seems a bit much. Sure, it can be hard work to get those facts by reverse engineering, but still, the "IP Theft" is simple facts (not really protected by copyright, in my limited understanding of copyright law... IANAL).
And finally, if Søren really does hope "an amicable solution can be reached", why's he turning this into a bunch of bad PR for linux and redhat ?? It's sounds to me like a case of getting mad and posting flames instead of cooling off for a day and thinking it through more carefully.
As far as my porting work for Nullsoft's really cool (SuperPiMP) installer, I hit a big block of very win32 specific code, CEXEBuild::do_add_file at the end of script.cpp. Unlike many of the other bits that I ifdef'd out, this is the one that actually puts the files into the install image, so I can't just chop it off. I will need to completely rewrite this using unix/posix APIs, probably using C library regex patterns instead of whatever wildcard matching win32's FindFirstFile does. I'll probably get back to porting NSIS in a week or two... I might even try rebooting and running it in windows a few times! And, I'm not going to lose any sleep over copying a few dozen constants out of someone else's header files.
Blame emacs (Score:4, Funny)
Happens to me all the time. Or was it diff --remove-copyright-header.
Mr Kettle, meet Mr Pot! (Score:4, Flamebait)
patch-to-2.4.10 (Score:4, Informative)
check out patch-to-2.4.10 [redhat.com]
Try these few lines:
+++ linux2410/drivers/ide/hptraid.h Mon Sep 24 10:35:39 2001
@@ -1,4 +1,32 @@
-
+/*-
+ * Copyright (c) 2000,2001 Søren Schmidt
+ * All rights reserved.
...and also...
+++ linux2410/drivers/ide/pdcraid.c Mon Sep 24 10:37:13 2001
@@ -12,9 +12,7 @@
Authors: Arjan van de Ven
-
-
-
+ Based on work done by Søren Schmidt for FreeBSD
That's good enough for me, plus, the timestamp on the patch file is Sept 24.
Does anyone read patch files anymore?
TiFox
Andre's mail on lkml - "BSD-Linux FlameWar over .. (Score:3, Informative)
It is clear that BSD is going off the deep end.
Linux ATA Development has a Legal signed NDA for the proper development of
the complete and correct FastTrak(tm) open sources driver.
I will soon publish the complete header codes in a original header w/
a Linux ATA Development Copyright and Promise Technologies Copyright.
The driver will have a GPL statement be issued in the headers and source
files to prevent the usage in BSDish environments. I have not tolerance
for being labled a thief.
I will prove the point that Linux does not "STEAL IP", then watch BSD
"borrow" from Linux. Just like we will watch 48-BIT Addressing be
borrowed without credit. Just like we will watch the new Ultra133 drivers
be borrowed without credit. BSD has no legal documentation to develop
these changes or access to hardware. We will watch and prove where IP
comes from in the world of storage.
Ever noticed how Linux had Ultra100 support 10 minutes after the release
of public information on June 5, 2000 8:00am PDT?
For now the Linux Open Source drivers for SoftRAID need to go away.
Not to worry they will return in full swing.
Date: Wed, 10 Nov 1999 11:32:52 -0800
From: ---deleted---
To: Andre Hedrick
Subject: RE: Research FastTrak66 Ultra ATA/66
Hi Andre,
Very interesting work, I can't guess how you did it. Here is our beta
driver for the Fasttrak. This is the one I told you about. It uses our Raid
engine (engine3.a). Sorry, but as I mentioned there is no possibility of us
releasing the source code for this. However you can get a good idea of how
the engine works by viewing our driver source. Please do not distribute
this driver or the engine binary to anyone. I've included some quick
documentation too, I remember there is one step missing but it is obvious.
begin 600 FT03.TGZ
<BIG SNIP>
end
Here is the proof that I could have done this long before the BSD folks
had a clue about soft raid engines wrt addon cards.
Regards,
Andre Hedrick
Re:Jumping to conclusions.. (Score:4, Funny)
I think you may be over-reacting (Score:3, Insightful)
I for one hope they pull the kernel down now and rework it without the offending code, or not put it back up until sorenson is satisfied with the result.
Ctimes2
Re:The Pot Calling the kettle black (Score:3, Insightful)
With a name spelled like that, it is quite possible that Søren lives/works outside of the US, and nobody gives two farts about the DMCA where he is.
Also, I believe that the DMCA only outlawed the breaking of protection or encryption or some such.
Reverse engineering, plagiarism, and theft (Score:5, Informative)
Okay, so Søren reverse engineers the proprietary data structures developed at great cost by corporations, and then bitches when his work is ripped off by one of his fellow Open Source travelers. Give me a break!
First, what Soren did was not plagiarism (claiming another's work as his own) nor theft (stealing another's property). He just made a part that works as a replacement for a factory part, much like the thriving parts industry in the auto world.
What Red Hat's developers did wasn't "theft", since they were not required to have permission to use or modify and re-release the code. It was plagiarism -- essentially they took some of Soren's parts (which were free for the taking), filed off the serial numbers, then stamped their own on.
It's not illegal to sell someone else's parts if you acquired them legally, but it is illegal to claim them as your own make without permission, regardless of how they were acquired.
The only place Soren might have problems is if the driver algorithms were patented, and even there drivers exist in a world of murky law apart from applications. I seem to remember some abortive efforts by sound and video card manufacturers to squash third-party open-source drivers that got such negative press reaction that they were abandoned.
Re:Jumping to conclusions.. (Score:4, Insightful)
I just said that we don't know the full story.
Any number of things could have happened that led the developer to ultimately violate the BSD license without being aware of it.
Ruling out the possibility is completely naive. Somehow I don't think stealing BSD code to include into Linux is all that foolproof of a devious plan -- leading me to believe that it's much more likely an accident. What possible motive could he have had?
Do you really think the developer said to himself "It is clearly worth risking my reputation by violating the easy-to-comply-with BSD license for my own personal gain of giving code away for free!"?
So yes, 10:1 that this was an accident. I'm not ruling out the possibility of malice, just that it's a lot less plausible.