Feeds

Microsoft yanks Windows code on GPL violation claim

Third time's the charm

SANS - Survey on application security programs

Microsoft has pulled a Windows 7 media and administration tool from the Microsoft Store site for apparently violating the GPL.

The company yanked ImageMaster after Within Windows blogger Rafael Rivera spotted the disc reading and burning tool was a CodePlex project licensed under GPLv2.

Microsoft appears to have violated the Free-Software Foundation's license in two ways: by modifying and then distributing the ImageMaster code without making its source-code available, and by actually bolting on its own, restricted licensing terms to the code.

A Microsoft spokesperson told The Reg: "We are currently looking into this issue and are taking down the Windows USB/DVD Tool (WUDT) from the Microsoft Store site until our review of this matter is complete."

This is not the first time Microsoft's landed in hot water for violating the GPL or for blurring the lines on CodePlex.

This summer, Microsoft apparently violated the GPL in Linux drivers for its Hyper-V code that it released under the GPL with a splash. The driver had been statically linked to binary parts, which was a problem because the GPL does not permit the mixing of closed and open-source elements.

Microsoft denied it had violated the GPL and released the drivers to remain in compliance.

Prior to that, a year ago, Microsoft was caught posting code to its CodePlex open-source project-hosting site under licenses that went against the principle of open-source.

The company posted projects under Microsoft licenses that stopped you from running CodePlex projects on non-Windows platforms or restrict access to code. CodePlex, though, was described by Microsoft as an open-source project community, meaning there should be no platform or code-access restrictions.

Microsoft never fully explained why this happened, but promised changes to add "clarity" around what projects are hosed on CodePlex. Since then, Microsoft announced the CodePlex Foundation that it said would help open source work with commercial software organizations. ®

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.