Feeds

Microsoft cops to webcode theft

Blames 'Chinese vendor'

  • alert
  • submit to reddit

3 Big data security analytics techniques

Microsoft has admitted that its new Chinese microblogging service used webcode pilfered from a similar service popular elsewhere in Asia.

On Monday, as reported by The Reg, Asian microblogging site Plurk accused Microsoft China of pilfering its code for a new social-networking feature known as Juku on the Chinese MSN site.

Monday night, Microsoft announced that it had removed the offending feature as it investigated the charges, and now, Microsoft has admitted that the code was indeed lifted from Plurk.

That said, Microsoft puts the blame on an unnamed partner:

On Monday, December 14, questions arose over a beta application called Juku developed by a Chinese vendor for our MSN China joint venture. We immediately worked with our MSN China joint venture to investigate the situation.
The vendor has now acknowledged that a portion of the code they provided was indeed copied. This was in clear violation of the vendor's contract with the MSN China joint venture, and equally inconsistent with Microsoft’s policies respecting intellectual property.

Microsoft's statement also notes that it would suspend its new social-networking feature "indefinitely."

But Plurk isn't entirely mollified. "Microsoft has used this 'independent vendor' strategy to try and absolve itself of responsibility for deliberate actions undertaken by them as recently as last month," a company spokesman tells The Reg. That would be the ImageMaker incident, when Microsoft was forced to remove a Windows 7 media and administration tool from the Microsoft Store site after a violation of the GPL. Microsoft did indeed blame a third party, and it later open sourced the tool.

Speaking with The Reg, Plurk questions whether today's statement from Microsoft is just more spin. "It just appears to be a stop-gap measure, damage-control measure, and we have a very hard time believing, given the size and scope of the undertaking, that there was no active involvement or development taking place directly within Microsoft itself on this service," the company said.

"While they have temporarily shut the site down, it appears some of the lifted code still appears to be on the club.msn.cn site", citing this chunk of code as "just one example."

Clearly, some wrinkles still need to be ironed out in the resolution of the Plurk/Microsoft dust-up. As Microsoft said in its statement: "We are obviously very disappointed, but we assume responsibility for this situation. We apologize to Plurk and we will be reaching out to them directly to explain what happened and the steps we have taken to resolve the situation." ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.