Login/New-Account | Search | Submit a Story! | Greplaw!??
- About
- Discussions
- Messages
- Topics
- Authors

- Preferences
- Older Stuff
- Past Polls
- Submit Story

This site is a production of the Berkman Center for Internet & Society. Please email if you have questions, contributions, or ideas about improving this site.

F & F


Code theft, License Agreements
posted by scubacuda on Wednesday June 08, @12:01AM
from the dept.
Open Source Halvar Flake writes "Hey all,the company I work for has recently run into a little bit of a legal issue and I'd be interested in hearing your opinions on the matter. (click READ MORE to read the rest of the Flake's post)

We've built some technology that allows the comparison of executable objects -- meaning we can compare two pieces of software and see which functions are the same, even though the compiler might have reordered/replaced instructions etc. The primary application for this so far was malware analysis and security patch analysis.

Now we've been approached by members of the open-source community regarding a commercial company that was shown to have "stolen" GPL code previously and is suspected of having included GPL code into other closed-source products it sells. Now, we'd love to use our technology to show that they have in fact improperly included GPL code (it would be helping uncover fraud, assisting the open-source community _and_ be good publicity for us), but in doing so we'd violate the license agreement which prohibits disassembly of the software. The question is: Is it legal to disassemble a program for which you've rightfully purchased a license in order to check if the person selling you the license is not infringing on third party's rights ? It appears to me that a company could steal GPL code and then sue everybody who dares peek into the executable for violating the license agreement. For those interested in how we do the comparison, check this paper (math warning) or this paper (math warning, but less than the previous one). Cheers, Halvar Flake SABRE Security GmbH

Deleting Spyware: A Criminal Act? | GNU compiling on Mac OS X legal issues?  >


GrepLaw Login


[ Create a new account ]

Related Links
  • this
  • this
  • Halvar Flake
  • More on Open Source
  • Also by scubacuda
  • This discussion has been archived. No new comments can be posted.
    Code theft, License Agreements | Login/Create an Account | Top | 3 comments | Search Discussion
    The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
    Does your code actually disassemble? (Score:1)
    by darkonc on Saturday June 11, @05:39PM (#1684)
    User #463 Info
    If a copyright owner has reason to believe that their code is being stolen, then I'd say that there is probably some law that would allow reasonable investigation. If nothing else, You could file suit over the already proven GPL violations, suggest other possible violations and get the rights to examine the other questionable code thru the disclosure process.

    If the code in question is proven to be 'stolen' GPL code then the seller of the code would probably be stopped from suing you over it via the prospect of 'unclean hands' -- in other words, they can't properly license code that they don't have the rights to.

    Getting back to my original question: If you're simply doing comparisons between a GPL author's code and the impugned code, it might not even classify properly as disassembly under the terms of a contract, anyways. Also: depending on the venue, it's often not even legal to proscribe reverse-engineering, so it might just be a case of choosing the proper venue for prosecution of the case to avoid even having to answer that issue.

    Come On! (Score:0)
    by Anonymous Coward on Wednesday August 10, @11:34AM (#1697)
    You can't be serious - it will never be seen that way.
    Online Auctions [tooboring.com]
    You create a Copy... (Score:0)
    by Anonymous Coward on Tuesday August 23, @04:54PM (#1698)
    I have no formal training in legal issues, so this might not be worth much...

    By disassembling the code you create an intermediary copy of the code. Courts have found this to be illegal (MAI Systems v. Peak Computers)!

    On the other hand, courts have excused intermediate copies for certain reverse engineering purposes on the grounds of fair use, for example to to reverse engineer an interface (Nintendo v. Atari and Sega v. Accolade).

    So I guess it's a question of wether what you do constitues fair use. (To reverse engineer an interface has been basically established by the courts as fair use. The DMCA gives other exceptions but I guess your case is not covered.)

    But maybe there is another area of law that "overrides" IP law (Online Policy Group v. Diebold).

    Boy, you need good legal advice...not mine...;-)

    Humanity has the stars in its future, and that future is too important to be lost under the burden of juvenile folly and ignorant superstition. - Isaac Asimov

    [ home | contribute story | older articles | past polls | faq | authors | preferences ]