Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×

Beware of "Backspaceware" 257

SubLevel writes "Since conception in 2004, Paint.NET has been generously been offering the software community the taste of successful freeware, by allowing anyone to download and decipher the entire working of their extremely popular photo editing program. As posted in the Official Paint.NET blog by Rick Brewster, "Backspaceware" as he has so coined has become a tremendous issue. "Paint.NET's license is very generous, and I even release the source code. All free of charge. Unfortunately it gets taken advantage of every once in awhile by scum who are trying to profit from the work of others. I like to call this backspaceware*. They download the source code for something, load it up in to Visual Studio (or whatever), hit the backspace key over the software's name and credits, type in a new name and author, and re-release it. They send it to all the download mirror sites, and don't always do a good job covering up their tracks.""
This discussion has been archived. No new comments can be posted.

Beware of "Backspaceware"

Comments Filter:
  • by kmac06 ( 608921 ) on Saturday December 15, 2007 @10:03AM (#21708368)
    I been have been good at proofreading.
  • by 0xdeadbeef ( 28836 ) on Saturday December 15, 2007 @10:04AM (#21708376) Homepage Journal
    to the solution [gnu.org] to your problems.
    • by tepples ( 727027 ) <tepplesNO@SPAMgmail.com> on Saturday December 15, 2007 @10:16AM (#21708476) Homepage Journal

      to the solution [gnu.org] to your problems.
      Years ago, I dealt with somebody who backspaced my freepuzzlearena [pineight.com] package, which was distributed under GNU GPL version 2 [fsf.org] or later. Specifically, he did not "includ[e] an appropriate copyright notice" on the title screen. We cleared it up amicably: he agreed to stop distributing the backspaced version. But not all GPL violations get handled as smoothly as this one was.
    • by pkadd ( 1203286 ) on Saturday December 15, 2007 @11:00AM (#21708796) Homepage
      Regardless of the lisence, people still breach it by making backspacewar eof it. I've seen it happend to alot of my work, which is why i avoid making it opensource unless people ask for it, or when it's a project i don't really care about. I don't make much commercial software, although i like to keep my name on my work to receive credit where credit is due.
      • The solutions easy (Score:3, Insightful)

        by rucs_hack ( 784150 )
        Just have a project so obscure or specialised that no bugger's going to think its worthwhile nicking in the first place. Like mine for instance /sob.

        Actually licensing is the way to go. True no license will stop someone stealing it, but it will give you the right to send 'cease and desist' notices to any site hosting the offending code. Its very hard to spread a usurped version of a program if reputable download locations won't host it.
    • by JesterXXV ( 680142 ) <jtradke&gmail,com> on Saturday December 15, 2007 @11:03AM (#21708820)
      If you RTFA, you'll see that this guy violated Paint.NET's current license, so putting a different license in there would solve absolutely nothing.
      • Re: (Score:3, Informative)

        by ucblockhead ( 63650 )
        If he were to GPL it, he could assign the rights to the FSF, which has things like lawyers and such whose job it is to go sue people for violating licenses.
      • by TopherC ( 412335 ) on Saturday December 15, 2007 @12:15PM (#21709346)

        If you RTFA, you'll see that this guy violated Paint.NET's current license, so putting a different license in there would solve absolutely nothing.

        But the GPL has been "tested" in court, while Paint.NET's current license has, I assume, not been yet. Also there are organizations that will help you in court if it's a GPL violation. So in part it's a matter of practicality, not principle.

        Also Paint.NET should consider exactly how they want legitimately derived works to happen. If the GPL prevents certain kinds of derived works that they might like to see others create, then it's not the right license on principle.

        Hmm, currently they're using the MIT license [opensource.org], which is extremely permissive. I don't even see a prohibition against re-branding and re-crediting in the license. So it's not obvious to me that the current license is being violated. Perhaps it is and I'm just not seeing it because IANAL. Anyway, consider that the current license provides next to nothing in terms of protection, and that's what the authors chose. The GPL provides substantial protection against abuses, and if paint.net wants to whine, they should "sublicense" (which is explicitly permissible under the MIT license) first to demonstrate that they really don't want this stuff to happen. The MIT license looks to me like a big "kick me" sign.

        • Re: (Score:2, Informative)

          by man_of_mr_e ( 217855 )
          Umm.. no. The GPL has not been tested in court. At least, not in the way you are implying. It's true that there have been a number of lawsuits against violators of the GPL, but every one of these has resulted in a settlement out of court. There has never been any decision by a court that explicitly upholds the GPL.

          There is a lot of weight to the argument that a large number of settlements effectively make it "tested", but that's only really a probability, not a fact. Until such time as a decision is ha
          • Re: (Score:3, Interesting)

            by Albanach ( 527650 )

            Umm.. no. The GPL has not been tested in court. At least, not in the way you are implying
            I'm sure some courts would disagree, as would those who have won compensation [www.jbb.de] in court for GPL violations.
          • IMHO it doesnt matter that its untested.
            Its pretty damn rock solid and it would be incredibly unlikely that a court would side with the defendant.
          • Re: (Score:3, Informative)

            by AJWM ( 19027 )
            The reason for that is that the GPL is a license which lets you make copies.

            If somebody infringes it, the copyright holder sues the copier, and the copier's only defense is the license granted by the GPL, otherwise he has no license to copy and is in violation of copyright laws. The GPL hasn't been "tested in court" because if the case goes to court, it is in the defendant's interest to show that the GPL is valid and that he's been following it. (The only other option would be to somehow try to prove th
        • Re: (Score:3, Insightful)

          by moosesocks ( 264553 )

          But the GPL has been "tested" in court, while Paint.NET's current license has, I assume, not been yet. Also there are organizations that will help you in court if it's a GPL violation. So in part it's a matter of practicality, not principle.

          That, my friend, is FUD. Even though it's a tactic generally condemned by the Free Software, RMS and his FSF cronies occasionally drag it out to promote their cause.

          Free and Open-Source software is fantastic, although too-liberal licenses can often leave developers wit

      • Re: (Score:3, Insightful)

        by 0xdeadbeef ( 28836 )
        Except the GPL has a posse, and GPL violations generate far more publicity than just some guy getting ripped off. Corporations are scared of it for a reason.

        Copyright clauses are hardly a license. If he cares so much about plagiarism that he's now crippling the source, maybe community ownership is preferable to controlling a string with his name in it.
    • Sugar Public License (Score:3, Interesting)

      by lullabud ( 679893 )
      Incidentally, this is exactly why SugarCRM left GPL v2 to move to a proprietary license called the Sugar Public License which had an attribution clause in it. The community gave Sugar mad shit because they weren't "true" open source, but low and behold GPL v3 included that type of protection and all the sudden Sugar is back within the good graces of "true" open source software.
  • by Bios_Hakr ( 68586 ) <xptical.gmail@com> on Saturday December 15, 2007 @10:09AM (#21708408)
    This is a good reason to implement obfuscated C for things like the program name and author.
    • Source code defined (Score:5, Informative)

      by tepples ( 727027 ) <tepplesNO@SPAMgmail.com> on Saturday December 15, 2007 @10:30AM (#21708582) Homepage Journal

      This is a good reason to implement obfuscated C for things like the program name and author.
      But obfuscated code is arguably not "source code" as many common copyleft licenses define it. For example, the source code for a work under the GNU General Public License is "the preferred form of the work for making modifications to it". GNU manuals are distributed under the GNU Free Documentation License, which addresses obfuscation more directly: A "Transparent" copy of a document "is suitable for revising the document straightforwardly with generic" software, and "A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent."
      • Re: (Score:3, Funny)

        by QuantumFTL ( 197300 )

        "A copy made in an otherwise Transparent file format whose markup, or absence of markup, has been arranged to thwart or discourage subsequent modification by readers is not Transparent."
        If that's the case, why hasn't the EFF sued Larry Wall and his followers long ago?
      • by firewood ( 41230 )
        But obfuscated code is arguably not "source code" as many common copyleft licenses define it.

        Remember that the GPL only applies to distributors of the software, not to the copyright holder, who needs no license to distribute any original works.

  • The merging of Creative Commons Non-Commercial licenses for resource files with GPL or MIT style licenses for the code is going to get interesting. Basically, it says "yo can do anything you want with this code, except this part right here, and the whole thing will fail to work without this part right here." At least, that's what I get out of the text...
  • by Richard W.M. Jones ( 591125 ) <rich@@@annexia...org> on Saturday December 15, 2007 @10:13AM (#21708440) Homepage

    His "solution" to this seems to be to close the source for parts of the program, which is a major overreaction to this joker.

    I don't think he should be worried - as long as his (the "genuine") program appears higher up in Google for the name and the important search terms, people will ignore the plagiarist.

    Rich.

    • by GoofyBoy ( 44399 )
      >I don't think he should be worried - as long as his (the "genuine") program appears higher up in Google for the name and the important search terms, people will ignore the plagiarist.

      Then definitely he should be worried.
    • Re: (Score:2, Insightful)

      by Threni ( 635302 )
      > His "solution" to this seems to be to close the source for parts of the program, which is a major overreaction to this joker.

      Exactly. It's a free program. Why should anyone care? Is this an ego thing?
    • by mysticgoat ( 582871 ) on Saturday December 15, 2007 @11:49AM (#21709106) Homepage Journal

      OTOH, his behavior is consistent with having first decided to close the source, and then coming up with this as an acceptable excuse to lay out before his user base.

      Perhaps the people at his day job, at Microsoft, have offered to buy his copyright. There would be a need to close the source in a way that would not offend potential purchasers of any Microsoft product that would be marketed as a follow-on to the users of his original work.

      Either the author of TFA is incredibly naive about the software community, or he is attempting to do something clever in the way of marketdroid spin. I doubt very much that he could have gained sufficient experience to write a major piece of software without losing his naivety along the way. OTOH, he works in an environment that values cleverness in exploiting markets and marks above honesty, ethics, or legalities.

      Just saying.

    • by bcrowell ( 177657 ) on Saturday December 15, 2007 @12:15PM (#21709356) Homepage

      Yeah. I think this is an interesting example of how underdeveloped and pathetic the OSS scene on Windows is. It's like going back in a time machine to 1988, when nobody had ever heard of the Gnu Project, nobody had ever heard of copyleft, and "free" software meant a mixture of illegally copied closed-source software and legally downloaded closed-source nagware, tipware, and crippleware. I sympathize with the author of Paint.NET, but he's fighting against a culture where most people have no idea what OSS is, and where all the social mechanisms the Linux/BSD community has developed don't exist. It's as though some British banker showed up in the Trobriand Islands in 1880 and announced that he was going to build a stock exchange. This whole thing would be a nonissue if this was Linux rather than Windows. Paint.NET is apparently a very popular piece of software with an active user community, so if it was Linux software, it would certainly have been packaged for Debian by now. People would be getting the latest version by doing an "apt-get install paint-dot-net." Imagine if someone made a backspaceware version of The Gimp -- obviously it just wouldn't work.

      I used to be interested in the idea of spreading the word about OSS by making cross-platform apps available on both Windows and Linux -- the kind of thing that theopencd.org used to do. I had a a GUI app I'd written for my own use on Linux, and while I was at it, I made sure it ran on Windows. On the one hand, it was surprisingly successful. Judging by the emails I was getting, the vast majority of my users were on Windows. On the other hand, it was a huge amount of work to support those Windows users, and I started to question whether I was really accomplishing anything useful. When you write OSS that runs on Linux, you get that warm fuzzy feeling of belonging to a community and building something big and exciting. When you write OSS that runs on Windows, the users are not a community that has the same philosophical goals and is working toward the same ends; the users are people who typically couldn't care less about OSS (that's why they run Windows) but who simply want something for free. I ended up putting a notice on the web site saying that I would no longer provide support for Windows users; the source is still open, and they're welcome to try running it, but if it doesn't work, I don't have any motivation anymore to put in time helping a community that doesn't care about the things I care about. I don't think I'm alone in having this kind of experience. For instance, theopencd.org's site now says they're no longer actively developing the CD, and just has links to ubuntu, etc.

      What's sad about the Paint.NET story is that the author seems genuinely pained and bewildered by the situation he's in, and since he doesn't seem to care about free information per se, it's like he doesn't have a compass to guide him. He runs up against this issue, and his reaction is, "oh well, I'll take the software closed-source." That's what the whole Windows OSS scene is like -- a bunch of people wandering around without any common vision of what they're trying to accompish. It's like watching the Israelites wandering around in the desert without Moses.

      • I don't know why this post was marked 'flamebait'. To me it seemed spot on.

        Rich.

      • Re: (Score:3, Interesting)

        by a_nonamiss ( 743253 )
        As a Windows IT professional, I am offended by your comment. I love the open-source community. I support it as much as I can as often as I can. I'm becoming more and more proficient at Linux, too, but there's an element of snobbery in the Linux community that drives intelligent people away. It's unfortunate, too, because I think that those elitists are in the minority.
    • Seriously... people are going to rip stuff off no matter what you do. If you want to write software that anyone can look over, learn from and use... who cares if some mope out there is trying to run a scam? Best you can ever do is try to make everyone aware of the scam artists.

      It's not like someone doing this is going to make a much better version, close the source, and make a hyper-mega-global-corp out of scamming Paint.Net source without attribution. They just want the quick buck.

    • His "solution" to this seems to be to close the source for parts of the program, which is a major overreaction to this joker.

      It's possible to rebrand a program without having the source. Six years ago I used a commercial modeling front-end to prepare a demo of a research project my company was doing. I hacked our back-end code, which was a middleware product that as yet had no GUI (and no apparent need for one) to emit data that the front end used to display pretty pictures showing our product in action.

      T

      • If your boss can hack a binary then, although one may question his ethics, at least he isn't a PHB.

  • by drspliff ( 652992 ) on Saturday December 15, 2007 @10:14AM (#21708456)
    I've seen this a number of times, shady people who only want to make a quick buck or have entirely unrealistic expectations of what software development costs or how it's done. At the root of this problem are either the shady people trying to make a quick buck, or the shady freelancers trying to meet the requirements on a non-existant budget.

    Lets take the average scenario:
    - Shady person sees a piece of software and thinks they can make some money if they made their own.
    - Shady person has no programming knowledge, so posts on rentacoder or similar.
    - Because they have no idea of what software development entails, or in order to make money it must cost next to nothing.
    - Shady freelancer or outsourcing business wins the bid.
    - Shady freelancer re-brands an existing piece of software in a day and the job's complete.

    Quite a few times this is down to freelancers knowing they can just re-brand an existing open-source project, or even the shady business knowing they can get it cheap if freelancers do that.

    Some times they get lucky and their "product" gets more success than the original project, but it's origins are now hidden and will be forever because you can't just come clean 6-12 months down the line when it's making money.

    I've long called this pump and dump software, companies or individuals trying to build up a large portfolio of software under a common brand covering the widest market possible in the remote hope that they'll profit from some.
  • by michaelmalak ( 91262 ) <michael@michaelmalak.com> on Saturday December 15, 2007 @10:28AM (#21708568) Homepage
    This is of course no different than what can be done with a hex editor on a binary. Somehow, being able to see the source code gives a lot of people the sense that they can do whatever they want with it. There has always been that mistaken notion that source code is the keys to the kingdom; for example, companies take great pains from letting their source code leak out, especially to their competitors. There are rarely secrets contained in source code (except for Microsoft's NSA backdoors), and if a competitor got it, more power to them wasting their time trying to reverse engineer it.

    But there's something new contributing to this perception, which is the general disdain for copyrights these days. It's the record companies' fault, of course, for withholding sales of digital audio during the entire dot-com boom. Now they're struggling to sell singles for a fourth the price they were selling for 25 years ago, adjusting for inflation.

    People think they have an entitlement to commercial music, and they think catching a glimpse of the source code gives them full rights.
    • by doshell ( 757915 ) on Saturday December 15, 2007 @10:43AM (#21708662)

      There has always been that mistaken notion that source code is the keys to the kingdom; for example, companies take great pains from letting their source code leak out, especially to their competitors. There are rarely secrets contained in source code (except for Microsoft's NSA backdoors), and if a competitor got it, more power to them wasting their time trying to reverse engineer it.

      It is orders of magnitude easier to reverse-engineer source code in a high-level language than it is to reverse-engineer machine code or even assembly code (especially when you have software at your disposal that can obfuscate the compiled machine code). That's why leaaking out source code is much more dangerous from the point of view of the proprietary software company.

  • Do you still have all of your source files? Yes. Has anything been stolen? No. They're only 1s and 0s. None of those users were going to pay for support anyway. No harm, no foul.

    Right?
  • Tell me about it. I post some really insightful comment in slashdot and somescum cut and paste it and post it as their own insight in other fora and blogs.

    Certified that this comment is not a cut and paste of another poster's comment. Well, as far as I know. And I don't know much.

    • Tell me about it. I post some really insightful comment in slashdot and somescum cut and paste it and post it as their own insight in other fora and blogs.

      Certified that this comment is not a cut and paste of another poster's comment. Well, as far as I know. And I don't know much.
  • by MeanMF ( 631837 ) on Saturday December 15, 2007 @10:46AM (#21708694) Homepage
    Better not give that prominent North American Enterprise Linux vendor any ideas. They might try to put CentOS out of business.
    • by caseih ( 160668 ) on Saturday December 15, 2007 @11:35AM (#21709042)
      Glad to see the moderators correctly marking your post as funny. On a serious note, though, this "prominent North American Enterprice Linux vendor" doesn't own the copyright on most of the software they distribute to begin with. Both they and CentOS properly attribute the copyright owners. And despite the removal of trademarks (done at this "prominent North American Enterprice Linux" vendor's request), they do still attribute copyright to RedHat on programs and scripts that RH created.
  • If you feel someone hasn't complied with your license, then enforce your rights.

    Going closed source because of a license abuse of a single individual just shows Brewster wasn't serious about open source in the first place.
  • by Waffle Iron ( 339739 ) on Saturday December 15, 2007 @10:52AM (#21708740)
    He's entitled to statutory damages of something like $150,000 per copy. He hit the jackpot.
  • this happened to me (Score:5, Interesting)

    by drtsystems ( 775462 ) on Saturday December 15, 2007 @11:00AM (#21708788)
    I spend a lot of time writing a PHP script for myself and decided to release it to the public. I think I threw a GPL notice on it but the source was included either way due to it being PHP. Well I put it up on my website and a few months later go back to update it. I search online and find someone selling it for $50. He refused to take it down when I asked him to which really added insult to injury. (He claimed he downloaded it from limewire therefore its fair game? wtf?) Considering he was actively advertised "his program" (mine with my name and stuff backspaced) he got a lot more people to download it then I did even though mine was free. I eventually got him to take it down by sending a cease and desist notice. (Thanks for the template RIAA)
    • Re: (Score:3, Funny)

      by Anonymous Coward

      I eventually got him to take it down by sending a cease and desist notice. (Thanks for the template RIAA)
      "This is RIAA. It has come to our notion that you used our copyrighted cease and desist notice text without our permission..."
  • A liberal is just a conservative who hasn't been mugged?
  • Moral rights (Score:2, Informative)

    This discussion makes me wonder if there is such a thing as "moral rights" in the US law. Let me explain : in France, the law gives you two sets of rights to protect your works. One is the "author rights" (droits d'auteur) and is the equivalent to US copyright law, ie, it expires some time after your death. The other set of rights is the "moral rights" (droits moraux), which are _inalienable_, and state that YOU are the sole author of the work and should be credited for it. So basically if you put your work
    • IANAL, but I don't think there's anything like "moral rights" in US law. That's left up to terms of work (in the case of work for hire) and licenses. All software licenses that I'm aware of have something like the "moral rights" in them. In many, you can do anything you like with it with the sole exception of claiming authorship.

      If I put my work in the public domain, anybody can claim it as their own. If I put any software license I've ever seen on a work, then people can't claim it as their own. Di

    • In general "moral rights" do not exist in the US because they conflict with the tradition of exclusive rights in Anglo-American law. (If one person owns a painting and therefore the copyright in the painting, while the moral rights remain with the artist, the rights to the painting are split between two owners.) The Visual Artists Rights Act [wikipedia.org] confers some moral rights, but only on visual art.

  • People have done the same thing with both free and commercial software that has been released without source code. In some cases it's easier to "rebrand" the product with a bitmap editor and debugger than by putting together the needed compiler toolchain and recompiling it.

    The recourse is the same, whether it's released in source code or not: you use the legal system. The problem with that is the same either way, too... and that is that the law is designed to make it easy for big companies to destroy indivi
  • Someone named Mario wrote:

    Once the genie is out of the bottle it's hard to put it back in. It took 5 minutes to hunt down an alternate source for the 3.10 source code release you decided to pull. If you opt to engage in crippleware source code releases, you will ultimately find yourself competing against your own work as others will take over where you left off.

    Playing catch up to one's own efforts can become a daunting task when faced with a team of capable and motivated developers. It's far less damagin

  • I somehow always knew ctrl + h would be the death of us.
  • I have a better term for this, "plagiarism".

I judge a religion as being good or bad based on whether its adherents become better people as a result of practicing it. - Joe Mullally, computer salesman

Working...