Home > Windows > Windows Source Code Seller Pleads Guilty Windows Source Code Seller Pleads Guilty Andrew Youll 2005-08-31 Windows 54 Comments A sentence of roughly one to three years’ jail is expected for a man who sold source code for Windows NT 4.0 and Windows 2000. A Connecticut man has pleaded guilty in a US federal court to selling Microsoft source code over the Internet. About The Author 54 Comments 2005-08-31 4:29 pm Who would buy it? 2005-08-31 4:35 pm ROFL. I thought this was a hoax. 2005-08-31 4:51 pm It’s not funny. This man is losing 1 to 3 years of his life for doing what you’re encouraged to do with open source software. (Disclaimer: I’m not trying to start a flame war. I merely want to point out that breaking proprietary software licenses have very real penalties.) 2005-08-31 5:06 pm Theft is theft, and if the owners of the item didn’t give it to someone, their rights were violated, regardless of what others think their item is worth. If it is illegal/immoral for people to use GPL’d code in something proprietary in violation of the license and is considered theft, it’d be hypocrasy to not also go after those that distribute and sell someone’s proprietary source code. Of course, I’d be amazed if some zealot doesn’t pounce on this and whine… 2005-08-31 5:43 pm The difference is (and it is a pretty substantial difference) … GPL’d code is not a “trade secret” by it’s very nature. I think that you would have a case of copyright (copyleft?) infrigement if someone used GPL software in a closed source project without permission. 2005-09-01 6:09 am rm6990 I think that you would have a case of copyright (copyleft?) infrigement if someone used GPL software in a closed source project without permission. Copyleft is not actually a legal concept recognized by courts. It is a term coined (by I believe RMS) and it uses copyright law for enforcement. It is simply a description of a form of license. Breaching the GPL can result in a lawsuit for copyright infringement, but there is no such thing as copyleft infringement. This is why IBM is sueing SCO for copyright infringement for SCO’s unlawful distribution of Linux (against the terms of the GPL). 2005-09-01 11:58 am MadDwarf True, Theft is theft. Also, copyright infringement is copyright infringement. And to add another, Disclosure of trade secrets is disclosure of trade secrets. And they are all different things. 2005-08-31 5:07 pm To be fair the guy tried to sell it to a select group of people (even MS lets it’s friends have a peak). That’s not really what the OSS movement is about. 2005-08-31 5:25 pm You should be able to get the same penalty for breaking any software licenses. But I doubt we’ll ever see anyone serving time for not releasing their changes to GPL source. Because we’re just hypocritical like that. If you’re not a monopoly, only doing it for the money, you can’t have people locked up… But I doubt most GPL projects would want to have people locked up for breaking the license. They just want access to the source. Money and jail time are somewhat irrelevant compared to access to intellectual property. That’s simply access to thoughts and ideas, something that’s very valuable for big business and when its licensed in a way that makes it free, something that’s very freightening as it is a source of competition that can’t be bought. What stupid games we play… dancing around all these little details and restrictions instead of making our stupid intellectual property. That is why commercial software will lose, inevitably. Just like all forms of life. Entropy will wear everything down to dust in the end, except those lil organized and somewhat intelligent replicating systems. 2005-08-31 5:38 pm He was charged with unlawfully distributing a trade secret. Not with violating any software license. The government is not (and should not) be in the business of enforcing software licenses, as it’s entirely a civil matter. 2005-09-01 9:12 am And of course not Theft. 2005-09-01 5:10 am Celerate “If you’re not a monopoly, only doing it for the money, you can’t have people locked up… “ Not entirely true, but sadly close. I still remember on the news when people convicted of murder would sometimes get no more than 5 years in jail while in the meantime anyone comitting internet or business related crimes would get anywhere between one and three decades in jail. We have a real crazy legal system, and just like the governments of Canada and the U.S. it does favor the businesses. 2005-09-01 1:17 pm I still remember on the news when people convicted of murder would sometimes get no more than 5 years in jail while in the meantime anyone comitting internet or business related crimes would get anywhere between one and three decades in jail. That’s because the internet is an unknown and crimes on it are hard to gauge, while murderers are easy to understand and there is plenty of case law. That doesn’t make it right, though. 2005-09-01 12:13 pm progster “But I doubt we’ll ever see anyone serving time for not releasing their changes to GPL source.” You don’t have to release your changes, if I would change gpl software and sell it the license only requires me to make the adjusted source available on demand! 2005-08-31 4:59 pm post it on usenet 2005-08-31 4:59 pm What surprises me is that people actually paid for that. It was floating around in several p2p networks and I actually had a look at it. Nothing really interesting. Some of the code looked pretty crappy actually. But that’s hardly surprising when you consider that many people’s first exposure to programming is with jokes like java. 2005-08-31 5:56 pm Java isn’t bad and I don’t think using it or learning it as a first language leads to bad programmers, what leads to bad programmers is the one programming language mindset. There are lots of people that don’t go into programming because they are interested in it or like computers but because they like the pay. They would be just as bad if they learned any other language firs. 2005-08-31 6:54 pm Sad that so many people think this about java. These kind of sentiments will probably result in its downfall, despite the fact that most people who say it a) don’t know how to write efficient java code, b) haven’t used java at all, or c) haven’t written any java since years ago, when the JVM/JDK still sucked. For all its (very accurate) history of being pokey and crippled, it’s matured into a solid language with a gentle learning curve for beginners. It’s performance penalty for most things is now hardly noticable, and its list of capabilities is rapidly filling in. The problem for beginning java programmers is that most aren’t taught about the numerous performance pitfalls. Yes, it’s possible to code in java with no notion of memory management… but hardly optimally, which is no different than any other language. 2005-08-31 7:16 pm “What surprises me is that people actually paid for that.” As far as I know the only people that paid for it were FBI agents trying to bust him. 2005-08-31 7:41 pm sappyvcv I looked at the code as well, and everything I saw was actually pretty well done. Pretty well commented and organized, very few hacks (the ones I saw were hacks to keep compatibility with popular windows software, which you can’t blame them for). 2005-08-31 8:42 pm corentin I agree, most of the code was quite good. Not nearly as good as Solaris code, though 2005-08-31 5:07 pm > Genovese was charged with one count of unlawfully > distributing a trade secret. He is expected to be > sentenced this autumn. > > Although US law allows a maximum sentence of up to 10 > years in federal prison and a fine of up to $250,000 > (£139,000) for this type of crime, the US Attorney > General’s office is recommending a sentence of between > 10 to 30 months, said Sean Hecker, Genovese’s attorney. Would one get the same sentence for distributing the trade secrets of some small shop, or maybe a restaurant? This can be equally devastating for the owners, if not more, as leaking the Windows source code is for MS. Or is this simply wiping out a man by throwing money around? – Morin 2005-08-31 7:08 pm Ressev Actually, irrespective of whose code it was, if the relase of it could jeapordize the computing safety of hundreds of thousands of users, yeah, losing 1-3 years of his life seems a good way to make a point. Either way, he did not have a right to sell it (it was not his ‘property’) let alone release it to anybody (again, it was not his ‘property’). 2005-08-31 5:17 pm Tyr. Cyber-fencing ? iFencing ? Virtual fencing ? podFencing ? 2005-09-01 3:21 am DigitalAxis Corporate espionage? IP Theft? Illegal Filesharing? Sourcesnatching? I like Sourcesnatching. 2005-09-01 12:01 pm MadDwarf unlawfully distributing a trade secret? or, to fit with todays fashions: “unlawfully distributing a trade secret OVER THE INTERNET”. 2005-08-31 5:51 pm I’m asking myself, who is dumber? The guy selling or the guy buying. 2005-08-31 5:55 pm I had the source ( what little there really is..) within a day of it being “leaked”.. I’m staring at a CD with with both sets on it in zip files. just another bit of stuff for my collection 2005-08-31 6:07 pm Shannara According to that and various other articles on this case, this criminal is only getting a slap on the hands and not life in prison or even death by fire like he deserves. 2005-08-31 6:29 pm I always thought NT4 and 2000 where a crime. How about reckless endangerment of a Personal Computer and invitation to Identity Theft. It is the Microsoft EXEC that should be going down for selling this software in binary form. 2005-08-31 7:34 pm “I always thought NT4 and 2000 where a crime. How about reckless endangerment of a Personal Computer and invitation to Identity Theft. It is the Microsoft EXEC that should be going down for selling this software in binary form.” I am still hoping someone tries to sue MS fo this. I will then have the precedent to sue every Linux distro and get rich for every flaw in the system. Sweet! 2005-09-01 6:26 am rm6990 I am still hoping someone tries to sue MS fo this. I will then have the precedent to sue every Linux distro and get rich for every flaw in the system. Sweet! I am a Linux user, but I modded you up. You make a very good point. Most Linux promoters on this site are both hypocrites and ridiculous. Why should MS be sued for their flaws but Novell or Red Hat shouldn’t be? Or does everyone here think a RHEL server has never been compromised simply because their Fedora Core system on their desktop, which runs no server processes, hasn’t been yet. Red Hat releases security patches too. I still think MS’ security isn’t as good as Linux’s, but software is not like a physical product. It is math. It is much harder to notice a flaw in software than it is to notice a faulty design in a piece of hardware (whether it be a bike, car, etc). So I think everyone who thinks MS should be sued for their security really needs to rethink this, mainly to make themselves look less stupid. 2005-09-01 1:25 pm So I think everyone who thinks MS should be sued for their security really needs to rethink this, mainly to make themselves look less stupid. The difference is that… * When security problems with Linux et.al. are discovered, they are addressed quickly even if a workaround is required. * With MS, they are often slow to resistant to fixing issues and intentionally introduce features that are by design not secure. That said, part of the EULA for Windows and other MS products says that the software is not sutible for sensitive work and that they are not liable it blows up. Sun says something similar with Java as do most other companies. Suing any of them would require very very deep pockets. Look how long it takes to prosecute cigarette companies — who now in the USA use the federal warnings on packets of cigarettes as disclaimers to any responsibility for use of their products as directed. Windows is such a bear to secure that very few people secure it. Instead, they layer on more and more programs to fix problems with the default configuration. (It’s not impossible, just exceedingly difficult.) Linux is largely secure by default and takes effort to make it insecure. 2005-09-01 6:12 am rm6990 I always thought NT4 and 2000 where a crime. How about reckless endangerment of a Personal Computer and invitation to Identity Theft. It is the Microsoft EXEC that should be going down for selling this software in binary form. Ah, so copyrighting crappy works does nullify the effects of copyright law!!! Thx for clearing that up for me. I always thought copyright law protected all works, irregardless of their quality, but what do I know? Apparently I was wrong. [/sarcasm] 2005-08-31 6:47 pm “death by fire like he deserves” If I am not mistaken, there are some laws that prevent “cruel and unusual punishment”; in the US. Why would he deserve a fatal punishment? Just curious. 2005-09-01 8:29 pm Shannara As you can tell, this site is riddled with Trolls who love rating negatives for the fun of it. It would be nice if OSNews had someone who moderate the votes … Anyways, I dont consider that cruel and unusual since this person blatenly broken the law for fun and as a joke. Thus have no sense of right and wrong. This is a concious choice of this person. Therefore I believe he should be either banned from the US or killed. 2005-08-31 7:02 pm If they’d tried this guy in Germany he’d have gotten a suspended sentence, 30 seconds of community service and a pat on the head, just like the kid who wrote the Sasser worm. So how come the Sasser worm author goes practically scot free after bringing down countless computers and doing millions of dollars of damage, while this guy has to do jail time and didn’t even damage one single computer? 2005-09-01 6:20 am rm6990 So how come the Sasser worm author goes practically scot free after bringing down countless computers and doing millions of dollars of damage, while this guy has to do jail time and didn’t even damage one single computer? Simple. The Sasser author is an example of someone who is going to open the market for MS’ new antivirus and antispyware products, and also is one of the reasons customers are encouraged to stick with supported versions of Windows. Thus, despite making MS’ products look worse, he is indirectly giving them more money. Of course they have to go after the Sasser author. If they didn’t they would be a joke. This guy, on the other hand, is selling their copyrighted works that they guard like a mother does her child. Also, you answered that question with your first paragraph. German courts and American courts are completely different. For example, LinuxTag had SCO bitch-slapped in a German court within weeks. It is 2 years and counting in the American courts for IBM’s counterclaims and Red Hat’s claims against SCO. Now granted, the IBM litigation is more complicated than the LinuxTag litigation. But Red Hat’s litigation is just as simple, show the code or shut up. This is a prime example of the differences between the two court systems. 2005-09-01 12:30 pm If they’d tried this guy in Germany he’d have gotten a suspended sentence, 30 seconds of community service and a pat on the head, just like the kid who wrote the Sasser worm. That’s not quite true. True is that Germany has not a stupid, inhuman law as the USA has. There’s no place for “revenge” here. The live of people does not get destroyed (neither materially nor physically), just because someone did something wrong. Nevertheless: He’s plead guilty (criminal youth law) for three years suspended sentence and 200 hours community service and everyone who got damaged can sue him (civil law) to get the lost money back. 2005-08-31 8:33 pm sbenitezb I think the FBI made a criminal act just by buying the code. It’s like buying stolen property knowing that fact, but unlike when they offer money to buy some stolen merchandise but actually to make the arrest. If they transferred the money, they are no more than criminals. But i’m not a lawyer, so maybe i’m plain wrong. 2005-08-31 8:49 pm “I think the FBI made a criminal act just by buying the code.” You don’t have much of a clue do you? It’s the criminal (the man selling) who hasn’t actually committed a crime until the transaction has taken place. It’s the same with drug busts. Until a transaction happens, they have no reason to arrest him. Maybe you are just mad that someone actually enforces laws? Guilty conscience? 2005-09-01 6:28 am rm6990 I think the FBI made a criminal act just by buying the code. It’s like buying stolen property knowing that fact, but unlike when they offer money to buy some stolen merchandise but actually to make the arrest. If they transferred the money, they are no more than criminals. But i’m not a lawyer, so maybe i’m plain wrong. Lol, great, now every moron is going to be sueing the FBI for buying stolen property to make an arrest. I have an even better idea, the police force should arrest their own officers who pose as hookers for soliciting prostitution!!! See how stupid you sound? 2005-08-31 8:41 pm And admitting it in a public forum, I wouldn’t be surprised if some guys in black suits and ties show up at your bedside at 3am wanting to ask you a few questions. 2005-08-31 8:50 pm corentin Everybody has the source code. But nobody except a few have a real use for it, anyway. 2005-09-01 5:58 am Celerate “Everybody has the source code.” I don’t; I have been just a little curious every time someone says the code looks awful, but I’ve never downloaded the source code to anything that isn’t under an open source license, and I don’t intend to. Unfortunately good computer ethics are not tought in any school I’ve seen, I learnt them the same time I started learning how to program when I was finally faced with both sides of the coin for once. Piracy is a bad problem among teens, and if they never have to realize how serious it really is while they still fall under the young offenders act then there’s a good chance they’ll keep it up and get in a lot more trouble later. If kids don’t care what happens to the victims of piracy, maybe they’ll care about what’ll happen to them if/when they get caught. 2005-09-01 8:21 am There is a big problem in teaching kids “computer ethics”. The first of it being, that by pirating some software those kids do not actually steal something. Stealing in the real sense means taking it away from someone. If you copy software, the original owner still has his CD. It is not easy to grasp the concept of intellectual property, because nothing physical can be associated with it, and “taking away” does not happen. Second, the kids usally do not have the money to buy that much software anyway. They have the choice between not using it, or copying it illegaly. In both cases the software vendor does not get money. This leads many to think they do not do the software companies harm. Third, pirated software may even be a benefit for the company that gets pirated, because a wide usage of that software gives the company the means to create “DE-FACTO standards”. Microsoft Office is a good example for that. Microsoft’s sales tactics in some far-east countries are also a good example (MS wanted them to not sell PCs without operating systems, but when they switched to Linux, MS suddenly offered a crippled version for very low prices). So it is not easy for anyone to decide wether his pirating really causes loss for the company. The equation “pirated software = lost income” some software vendors prefer is as wrong as the assumption from software pirates that they do not “really hurt” anyone. 2005-08-31 11:47 pm Now that we got the guy who sells it online, we should not stop but continue and get everyone involved. For starters, the Police should arrest the developer. Come to think, possessing Windows source code could be considered a criminal offense, too… 😛 dò_ób (formerly Lee Nooks) 2005-09-01 2:00 am heh. can it really be considered a trade secret considering that so many people have seen it? (and probably have it lying around on their hard drive?) perhaps microsoft is just frightening people in an attempt to keep it from being known that their trade secret really isn’t a secret. 2005-09-01 2:24 am [21:10] –> You have joined channel #2600. (~email@example.com) [21:10] *** The channel topic is “http://www.aculei.net/~sj/Saunter!.mp3 | http://www.stonedcoder.org/bpp.txt“. [21:10] *** Topic was set by firstname.lastname@example.org.COM on 08/31/2005 07:51:18 PM. [21:10] *** End of NAMES list. [21:10] *** Channel modes: topic protection, no messages from outside [21:10] *** This channel was created on 02/23/2005 06:27:05 AM. [21:11] <r0d3nt> [ill]will, dude [21:11] <[ill]will> hot shit right? [21:11] <r0d3nt> nope. [21:11] <r0d3nt> totally wrong. [21:12] <[ill]will> fluids get stuck to it [21:12] <r0d3nt> huh ?? [21:12] <static> “The defendant, who went under the alias of “illwill” and “email@example.com”, then posted the code to his site and offered it for sale.” [21:12] <static> any relation? [21:13] <static> http://news.zdnet.co.uk/software/windows/0,39020396,39215754,00.htm [21:14] <krys> hahah [21:14] <krys> YOU HAVE GROUPIES! [21:15] <[ill]will> LOVE ME! [21:15] <r0d3nt> static, yes.. dipshit. [21:15] <r0d3nt> static, welcome to about 6 months ago [21:15] <r0d3nt> maybe longer [21:15] * static shrugs [21:15] <[ill]will> 1yr [21:16] <krys> heh [21:16] <krys> static: he likes it when you touch his butt [21:16] <[ill]will> dont give out our bedroom behavior [21:17] <krys> [ill]will: i didnt even get to tell him about the nair tho! [21:17] <r0d3nt> yucky. [21:17] <[ill]will> i wanna nair my ass [21:17] * r0d3nt holds back the vomit. [21:17] <krys> hahah [21:17] * r0d3nt swallows. [21:17] <[ill]will> prolly easier to wipe 2005-09-01 9:52 am What’s with the apostrophe? 2005-09-01 4:48 pm StephenBeDoper <Wow> “Hrm, lookie here, something that is technically illegal for me to possess, what should I do with it? I know, try to make a profit by selling it on the good ‘ol publically-accessible Intertron!” </Wow> 2005-09-01 8:09 pm M$ is protected by the law it breaks every day. Look at all the companies M$ have driven under by illegal, anticompetitive and frankly IMMATURE and CHILDISH behaviour. They get what is effectively a paltry fine and a ticking off for walking all over other people. Meanwhile they are defended by the full force of the law when someone breaches the rights to their property. I guess that is the way it has to be. It is still illegal to rob a thief. Justice is another issue altogether. 2005-09-02 10:20 am Searching the web for his e-mail address reveals various hacking programs by him. One had the particularly “benign” name: trILLian rape 1.0 http://www.megasecurity.org/trojans/t/trillianrape/Trillianrape1.0…. The article says “He … is eager to be a productive member of society”. I really want this to be true, but I think the chance is small if the punishment is too little and he gets too little or bad quality counseling. 2005-09-02 7:09 pm And you should be locked up for inciting violence. Enjoy your the warped legal world you live in!