Feeds

Lawsuit says Oracle pilfered source code from competitor

Tables turned on Ellison

Security for virtualized datacentres

Oracle – which recently won $1.3 billion in court damages for the theft of its trade secrets by an SAP subsidiary – faces a $100 million lawsuit alleging it engaged in similar behavior.

The complaint (PDF), filed in late December by Texas software company 2FA Technology, claims Oracle executives turned a blind eye when security company Passlogix stole source code for strong authentication and credential management software. Oracle went on to acquire Passlogix in November for $42 million and continues to sell rebranded Passlogix software containing the misappropriated code, the lawsuit alleges.

“Oracle's actions were done with the deliberate intent to injure 2FA's business, impede 2FA's recovery of its stolen property, and improve its own commercial advantage,” the complaint states. “By reason of the foregoing, 2FA has been damaged as a result of Oracle's illegal actions in amounts that will be determined at trial, but believed to be more than $10,000,000, plus interest.”

Including punitive damages, 2FA is seeking more than $100 million.

According to the 31-page complaint, Passlogix stole thousands of pages of trade secrets and hundreds of thousands of lines of source code after licensing 2FA's technology for credential management systems. Passlogix eventually used the code in its v-GO UAM product line, “in direct violation of the license agreement's non-compete and exclusive source provisions.” Oracle in turn folded it into its Oracle Enterprise Single Sign-on offerings.

According to 2FA, the license agreement expressly barred Passlogix from marketing its own credential management system. 2FA made the technology available to Passlogix under tightly restricted conditions, including provisions that allowed only programmers to see the code and secured servers that logged each person who accessed it. Despite the prohibitions, Passlogix Product Manager Gregory Simeone in July 2006 sent an email to many employees who had no required to access the source code. The material contained almost 100,000 pages worth of intellectual property and “hundreds of thousands of lines of source code.”

In April 2007, Passlogix presented its own credential management solution to a third-party prospect. In March of last year, the company released v-GO UAM and granted more than 10 million free licenses to a related product. In October, when Oracle announced its intention to acquire Passlogix, it cited customers' need to “provide stronger authentication mechanisms while reducing the number of passwords required." On the day of the announcement, Oracle's market capitalization spiked by more than $1 billion.

2FA's allegations in many ways resemble a case Oracle brought against SAP subsidiary TomorrowNow three years ago. In November, around the same time it was acquiring Passlogix, Oracle won a $1.3 billion jury verdict in the case and since pursued interest on that amount. ®

Website security in corporate America

More from The Register

next story
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
'People have forgotten just how late the first iPhone arrived ...'
Plus: 'Google's IDEALISM is an injudicious justification for inappropriate biz practices'
Mathematica hits the Web
Wolfram embraces the cloud, promies private cloud cut of its number-cruncher
Mozilla shutters Labs, tells nobody it's been dead for five months
Staffer's blog reveals all as projects languish on GitHub
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
iOS 8 Healthkit gets a bug SO Apple KILLS it. That's real healthcare!
Not fit for purpose on day of launch, says Cupertino
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.