Beware of "Backspaceware"

SubLevel writes "Since conception in 2004, Paint.NET has been generously been offering the software community the taste of successful freeware, by allowing anyone to download and decipher the entire working of their extremely popular photo editing program. As posted in the Official Paint.NET blog by Rick Brewster, "Backspaceware" as he has so coined has become a tremendous issue. "Paint.NET's license is very generous, and I even release the source code. All free of charge. Unfortunately it gets taken advantage of every once in awhile by scum who are trying to profit from the work of others. I like to call this backspaceware*. They download the source code for something, load it up in to Visual Studio (or whatever), hit the backspace key over the software's name and credits, type in a new name and author, and re-release it. They send it to all the download mirror sites, and don't always do a good job covering up their tracks.""

Proofreading

[kmac06 (608921)]

I been have been good at proofreading.

Let me introduce you

[0xdeadbeef (28836)]

to the solution [gnu.org] to your problems.

Not all GPL violations get handled as smoothly

[tepples (727027)]

to the solution [gnu.org] to your problems.

Years ago, I dealt with somebody who backspaced my freepuzzlearena [pineight.com] package, which was distributed under GNU GPL version 2 [fsf.org] or later. Specifically, he did not "includ[e] an appropriate copyright notice" on the title screen. We cleared it up amicably: he agreed to stop distributing the backspaced version. But not all GPL violations get handled as smoothly as this one was.

Re:Not all GPL violations get handled as smoothly

[j-pimp (177072)]

You can sign over your copyright to the EFF (correct me if I'm wrong) and they will defend your code vigorously.

I know the FSF provides this service. I did not know the EFF did.

Re:Let me introduce you

[JesterXXV (680142)]

If you RTFA, you'll see that this guy violated Paint.NET's current license, so putting a different license in there would solve absolutely nothing.

Re:Let me introduce you

[TopherC (412335)]

If you RTFA, you'll see that this guy violated Paint.NET's current license, so putting a different license in there would solve absolutely nothing.

But the GPL has been "tested" in court, while Paint.NET's current license has, I assume, not been yet. Also there are organizations that will help you in court if it's a GPL violation. So in part it's a matter of practicality, not principle.

Also Paint.NET should consider exactly how they want legitimately derived works to happen. If the GPL prevents certain kinds of derived works that they might like to see others create, then it's not the right license on principle.

Hmm, currently they're using the MIT license [opensource.org], which is extremely permissive. I don't even see a prohibition against re-branding and re-crediting in the license. So it's not obvious to me that the current license is being violated. Perhaps it is and I'm just not seeing it because IANAL. Anyway, consider that the current license provides next to nothing in terms of protection, and that's what the authors chose. The GPL provides substantial protection against abuses, and if paint.net wants to whine, they should "sublicense" (which is explicitly permissible under the MIT license) first to demonstrate that they really don't want this stuff to happen. The MIT license looks to me like a big "kick me" sign.

Obfuscated C

[Bios_Hakr (68586)]

This is a good reason to implement obfuscated C for things like the program name and author.

Source code defined

[tepples (727027)]

This is a good reason to implement obfuscated C for things like the program name and author.

But obfuscated code is arguably not "source code" as many common copyleft licenses define it. For example, the source code for a work under the GNU General Public License is "the preferred form of the work for making modifications to it". GNU manuals are distributed under the GNU Free Documentation License, which addresses obfuscation more directly: A "Transparent" copy of a document "is suitable for revising the document straightforwardly with generic" software, and "A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent."

Closing the source?

[Richard W.M. Jones (591125)]

His "solution" to this seems to be to close the source for parts of the program, which is a major overreaction to this joker.

I don't think he should be worried - as long as his (the "genuine") program appears higher up in Google for the name and the important search terms, people will ignore the plagiarist.

Rich.

Re:Closing the source?

[bcrowell (177657)]

Yeah. I think this is an interesting example of how underdeveloped and pathetic the OSS scene on Windows is. It's like going back in a time machine to 1988, when nobody had ever heard of the Gnu Project, nobody had ever heard of copyleft, and "free" software meant a mixture of illegally copied closed-source software and legally downloaded closed-source nagware, tipware, and crippleware. I sympathize with the author of Paint.NET, but he's fighting against a culture where most people have no idea what OSS is, and where all the social mechanisms the Linux/BSD community has developed don't exist. It's as though some British banker showed up in the Trobriand Islands in 1880 and announced that he was going to build a stock exchange. This whole thing would be a nonissue if this was Linux rather than Windows. Paint.NET is apparently a very popular piece of software with an active user community, so if it was Linux software, it would certainly have been packaged for Debian by now. People would be getting the latest version by doing an "apt-get install paint-dot-net." Imagine if someone made a backspaceware version of The Gimp -- obviously it just wouldn't work.

I used to be interested in the idea of spreading the word about OSS by making cross-platform apps available on both Windows and Linux -- the kind of thing that theopencd.org used to do. I had a a GUI app I'd written for my own use on Linux, and while I was at it, I made sure it ran on Windows. On the one hand, it was surprisingly successful. Judging by the emails I was getting, the vast majority of my users were on Windows. On the other hand, it was a huge amount of work to support those Windows users, and I started to question whether I was really accomplishing anything useful. When you write OSS that runs on Linux, you get that warm fuzzy feeling of belonging to a community and building something big and exciting. When you write OSS that runs on Windows, the users are not a community that has the same philosophical goals and is working toward the same ends; the users are people who typically couldn't care less about OSS (that's why they run Windows) but who simply want something for free. I ended up putting a notice on the web site saying that I would no longer provide support for Windows users; the source is still open, and they're welcome to try running it, but if it doesn't work, I don't have any motivation anymore to put in time helping a community that doesn't care about the things I care about. I don't think I'm alone in having this kind of experience. For instance, theopencd.org's site now says they're no longer actively developing the CD, and just has links to ubuntu, etc.

What's sad about the Paint.NET story is that the author seems genuinely pained and bewildered by the situation he's in, and since he doesn't seem to care about free information per se, it's like he doesn't have a compass to guide him. He runs up against this issue, and his reaction is, "oh well, I'll take the software closed-source." That's what the whole Windows OSS scene is like -- a bunch of people wandering around without any common vision of what they're trying to accompish. It's like watching the Israelites wandering around in the desert without Moses.

Shady business practices

[drspliff (652992)]

I've seen this a number of times, shady people who only want to make a quick buck or have entirely unrealistic expectations of what software development costs or how it's done. At the root of this problem are either the shady people trying to make a quick buck, or the shady freelancers trying to meet the requirements on a non-existant budget.

Lets take the average scenario:
- Shady person sees a piece of software and thinks they can make some money if they made their own.
- Shady person has no programming knowledge, so posts on rentacoder or similar.
- Because they have no idea of what software development entails, or in order to make money it must cost next to nothing.
- Shady freelancer or outsourcing business wins the bid.
- Shady freelancer re-brands an existing piece of software in a day and the job's complete.

Quite a few times this is down to freelancers knowing they can just re-brand an existing open-source project, or even the shady business knowing they can get it cheap if freelancers do that.

Some times they get lucky and their "product" gets more success than the original project, but it's origins are now hidden and will be forever because you can't just come clean 6-12 months down the line when it's making money.

I've long called this pump and dump software, companies or individuals trying to build up a large portfolio of software under a common brand covering the widest market possible in the remote hope that they'll profit from some.

Perception of copyright

[michaelmalak (91262)]

This is of course no different than what can be done with a hex editor on a binary. Somehow, being able to see the source code gives a lot of people the sense that they can do whatever they want with it. There has always been that mistaken notion that source code is the keys to the kingdom; for example, companies take great pains from letting their source code leak out, especially to their competitors. There are rarely secrets contained in source code (except for Microsoft's NSA backdoors), and if a competitor got it, more power to them wasting their time trying to reverse engineer it.

But there's something new contributing to this perception, which is the general disdain for copyrights these days. It's the record companies' fault, of course, for withholding sales of digital audio during the entire dot-com boom. Now they're struggling to sell singles for a fourth the price they were selling for 25 years ago, adjusting for inflation.

People think they have an entitlement to commercial music, and they think catching a glimpse of the source code gives them full rights.

Re:Perception of copyright

[doshell (757915)]

There has always been that mistaken notion that source code is the keys to the kingdom; for example, companies take great pains from letting their source code leak out, especially to their competitors. There are rarely secrets contained in source code (except for Microsoft's NSA backdoors), and if a competitor got it, more power to them wasting their time trying to reverse engineer it.

It is orders of magnitude easier to reverse-engineer source code in a high-level language than it is to reverse-engineer machine code or even assembly code (especially when you have software at your disposal that can obfuscate the compiled machine code). That's why leaaking out source code is much more dangerous from the point of view of the proprietary software company.

CentOS = backspaceware?

[MeanMF (631837)]

Better not give that prominent North American Enterprise Linux vendor any ideas. They might try to put CentOS out of business.

this happened to me

[drtsystems (775462)]

I spend a lot of time writing a PHP script for myself and decided to release it to the public. I think I threw a GPL notice on it but the source was included either way due to it being PHP. Well I put it up on my website and a few months later go back to update it. I search online and find someone selling it for $50. He refused to take it down when I asked him to which really added insult to injury. (He claimed he downloaded it from limewire therefore its fair game? wtf?) Considering he was actively advertised "his program" (mine with my name and stuff backspaced) he got a lot more people to download it then I did even though mine was free. I eventually got him to take it down by sending a cease and desist notice. (Thanks for the template RIAA)

It's copyright infringement

[tepples (727027)]

The majority of copyright licenses used for popular free software applications require people who redistribute the software to preserve the original author's copyright notice. Failure to do so is plagiarism, and the license treats plagiarism as copyright infringement.

Re:It's copyright infringement

[pipatron (966506)]

but the real question is, did you lose any money or users that would contribute and such

Fortunately, for most people, money is not everything, nor even that important. A big reason for working on free software is simply to get your name out there. To be recognized. This is exactly what the person robs you of, doing this.

Re:Statutory damages

[kryptkpr (180196)]

I've had this happen to projects I lead. Adware/spyware is almost always bundled (it's distribution is the primary motivation for Backspaceware), and this definitely causes harm. Fortunately, sites like download.com have a review process and they found my email address buried in the 'about' dialog, I guess the backspacers missed one...

Re:Statutory damages

[zakkie (170306)]

Sometimes there is a direct loss when work is plagiarised. Also, Google has odd algorithms for determining how high one should place in their rankings. I release all my data under the GPL and often legitimate copies and absolute ripoffs both rank higher than I do for most search terms I would expect people to find my site with. Monetary loss aside, the fact that someone is trying to pass off another's hard work as their own is simply despicable.

Re:Statutory damages

[Xaositecte (897197)]

Here's the thing:

1. Various people in this thread cannot see the harm in distributing software without giving credit for it.

2. The Author of the software sees this practice as harmful, whether as a material loss, a potential to lose copyright by not defending it, The principle of the thing or any number of other reasons. The only thing that matters is the author believes he has been harmed by this copyright infringement.

3. These are contradictory viewpoints, and amount to little more than opinion when placed in a vacuum. The rational, logical discussion you think you're looking for is impossible. We are forced to look at how disputes like this have been settled in the past, an appeal to the majority in the form of looking at established laws.

Therefore, the law IS relevant, and is pretty clear cut in this circumstance. Society judges harm has occured.

If you want to make an arguement without considering established law, all you're doing is intellectual masturbation. If you want to make an arguement about how the law should be changed, by all means, make it.

Re:It's copyright infringement

[rucs_hack (784150)]

It certainly didn't hurt Microsoft when they ripped off FreeBSD's TCP/IP networking stack and called it their own, no? /sigh

Here we go again.

Microsoft did not rip off the BSC TCP/IP stack. They, and every other OS vendor were *expected* (almost required I think) to use it, AND they left the copyright notices in, as required. The idea was that everyone would be on the same page, as it were. OK Microsoft buggered it a bit with their darn silly extensions, but even these did not stop network connections from other OS's from working properly.

Re:So, whats the big deal?

[by Anonymous Coward]

As a freeware author, reputation is all you can expect to get in return for your work. It's bad enough that so many ad-laden download sites exist which make users jump through hoops to get the actual file or find a link to the homepage, all the while bombarding them with banners and popups. Never mind that the file is usually available from the well-sorted homepage without a hitch. But now some people even rip you off for the attribution. Quite frankly, be thankful for every piece of freeware that is still out there, because most authors wouldn't take that kind of shit if they got paid for it.

Re:Operation as normal

[BlueParrot (965239)]

Welcome to capitalism. If one can get away with it, one can make as much money as they want

That isn't a feature of capitalism, it's a feature of human nature. Yes, it does mean you can't blindly trust a capitalist system from sorting everything out, but it is the very same principles which causes communist countries to go corrupt, and it is also why extreme liberalism will be taken advantage of by those who have the power/influence/money whatever to game the system.

Corruption isn't a matter of how governance is organised or how you set prices in your economy, it is a matter of transparency, openness and people being held responsible for their actions. If that does not apply it matters fuck all what economic system you use, you will just get different people screwing you over.

Now before people start suggesting direct democracy or some far-fetched ideal about having every company democratically controlled by the workers, you need to take into consideration that for democracy to work you need a transparent electoral system you can trust. Thus it still boils down to government transparency and people being slapped when they break the rules. There is no way around that.

Re:Operation as normal

[by Anonymous Coward]

WRONG! The MARKET solves ALL problems! Communist!

Re:And why do I care?

[Mr2001 (90979)]

I am a Slashdot participant. Information wants to be free. I can download other people's music and movies, and share them with millions of my friends via the Internet. Why can't somebody else do the same with software?

You're trolling, of course, but here's an answer anyway. The objection is not that the software is being shared -- Paint.NET is freeware anyway, it's supposed to be shared -- but that someone else is taking credit for the real author's work.

That's fraud: the "backspacer" is lying to every person who downloads the modified software from him (and probably infecting them with spyware too). Many Slashdot participants, like myself, believe that copying and redistribution should be legal with or without the author's permission, but that doesn't mean we approve of fraud. Sharing copies of Star Wars is not the same as telling everyone you're George Lucas.