How to Deal With Stolen Code?

greenrom writes "I work for a small company as a software developer. While investigating a bug in one of our products, I found source code on a website that was nearly identical to code used in our product. Even the comments were the same. It's obvious that a developer at our company found some useful code on the web and copied it. The original author didn't attach any particular license to the code. It's just 200 lines of code the author posted in a forum. Is it legitimate to use source code that's publicly available but doesn't fall under any particular license? If not, what's the best way to deal with this kind of situation? Since I'm now the only person working on this code, there's no practical way to report the situation confidentially. I'm new to the company, and the developer who copied the code is the project lead. Reporting him to management doesn't seem like a good career move. I could rewrite the copied code without reporting him, but since the product is very close to release it would be difficult to make a significant change without providing some justification."

I can help

[by Anonymous Coward]

I'm a lawyer. Please contact me about suing some people for lots of money.

Well...

[by Anonymous Coward]

No license == normal copyright rules apply. You can't do anything with it unless the author gives you permission (licenses do this). What you need to do is either 1) Replace the offending code or 2) Contact the author and find out what the terms on the code are / negotiate a deal.

You could ask politely

[davidwr (791652)]

To the original poster:

If your company want to be completely honest and above-board and legal, it must ask if it's okay to use the code. If the author says no or demand$ too much, you must not use it.

Unless you are fortunate enough to get a fast "sure, go ahead and use it" you will miss your deadline. Sometimes a little cash - maybe as little as the amount of man-hours it would take you to rewrite and test it - will be enough to expedite getting permission.

By the way, for all you know, the tech lead did ask permission, or the tech lead knows the code is already been dedicated to the public domain.

If it were me, I'd talk to the tech lead. If the tech lead doesn't have permission already and isn't willing to go to management and do The Right Thing (TM), I'd start circulating your resume and talk to management about it. When you do talk to management, present them with options that are likely to 1) be acceptable to management and 2) get the product out the door as soon as possible.

It's common sense

[Fierythrasher (777913)]

When I was in grad school for programming my instructor taught us how to search for the code we needed on the web.

Moreover in my professional career as a programmer I ran into several stumbling blocks where I couldn't figure something out. I'd google for code, or use helper sites like Tek-Tips where people could either correct my code or provide me new code.

I'm paid for results, not for originality. If people provide code on the web as tutorial purposes or just as a friendly piece of help then I would be going against my job to not use it.

Moreover, I ask: If you bought a book on, say, ASP and it had sample code that did exactly what you wanted, would you then rewrite that code so it was not what was in the book? Of course you wouldn't!

Re:It's common sense

[Merk (25521)]

If you buy a book on ASP, generally the sample code in there has a license that allows everybody (or at least people who bought the book) to use the code in any way they want. The same can't be said for virtually any code you find out on the web. The default for any new work is for it to be copyrighted and with no license. Unless your use of the copyrighted material falls under Fair Use, you're not allowed to use it; copying the entirety of a code snippet for use in a commercial application is not Fair Use.

You'll probably never get in trouble for doing this, because probably most people (90%+) would say their posts are in the public domain if asked about it -- but until you've asked them, you have to assume that it's "look but don't touch".

Re:It's common sense

[samkass (174571)]

You're saying there's an implicit copyright in every web post, then? So this post I'm typing now, if someone put it in a newsletter, I could then sue them for taking my post which is my copyright?

Yes! Now you're catching on! There *is* an implicit Copyright (at least in the United States) on *everything*. Unless the author has agreed to some other license, you need to ask their permission to reproduce it in its entirety (or any use that goes beyond "Fair Use"). Some sites have blanket licenses to everything posted on them that implicitly assigns copyrights of all contributions-- Wikipedia, for example. But if the site hasn't made such arrangements, and the author hasn't made such arrangements, and the "borrower" hasn't made such arrangements, Copyright has been violated.

As for books, some books grant a license for all sample code in the book to be used by the purchaser of the book in any way. Some don't (Numerical Recipies is the most commonly cited example-- it's an entire book of stuff you're not allowed to use. It's a very annoying book that way, needless to say).

It sounds like you seriously need to learn a little bit about Copyrights before you get yourself and your employer in serious trouble.

Small potatoes

[crunzh (1082841)]

If the author doesn't attach any license and it's "just" some code from a forum posting I don't see a problem with it. I have several times posted code samples in forums to help people, I would not mind that they where used in someones commercial program, if I minded I would have attached some for of license. If its posted on a forum to help somebody, the poster must know that it will be used.

Dunno; good question.

[w3woody (44457)]

Generally whenever I post code on an open forum in response to an answer, I assume the code will be used by other people and so I generally treat my own code as if I just put it into the public domain unless I've explicitly said otherwise.

However, that's not the law. I believe that the code an author publishes on an open forum is copyrighted by the author by default.

Me; I'd probably drop the guy a brief informal note asking permission to reuse the code and see what he does. More often than not if he's like me he'll probably say "sure, I don't mind."

But how do you know

[GIL_Dude (850471)]

How do you actually know that this happened? From what you posted it seems just as likely that the author of the code worked for your company and saw some question in a web forum, took some code that was the companies' property (developed on their time and their equipment) and posted it to the web forum to answer someone's question. Do you have any way to be sure that that isn't your own companies' code out there?

Spilling the beans

[OctoberSky (888619)]

If you really want to spill the beans on this guy and get people to notice that he "stole" the code, then play stupid and show the forum to your boss and say "Look this guy took our code and posted it on this website" They will put one and one together and see that it was your office that actually copied it. Then it's in their hands and you we attempting to protect the company.

Don't worry about the fact that the forum post was 4 months before you guys even started work on your project. In your haste to protect your companies IP you didn't realize you were the ones doing the copying.

Re:Spilling the beans

[syousef (465911)]

Don't worry about the fact that the forum post was 4 months before you guys even started work on your project. In your haste to protect your companies IP you didn't realize you were the ones doing the copying.

Then you take a hit for looking incompetent. No one in their right mind wants to trust mission critical stuff to a guy that's proven they're sloppy. Playing "stupid" as you put it makes you look stupid. Plus it's gutless. Think about this: Who wants to promote someone that's gutless and stupid? No. With this kind of thing you either decide to front up with what you've found (and be discrete about it) or discuss it with no one (much less post on /.)

Also if you approach the company don't jump to any conclusions. Just present the facts. For all you know someone at your company asked permission from the author (and though unlikely since there was no attribution, you shouldn't presume the coder's guilt). If you're using a code repository correctly it shouldn't be hard to track down the developer that wrote the code and enquire about it. Make sure you report the problem to the correct person if your company has formal reporting guidelines, but do so informally if possible at first. How things proceed from there is up to your company as laid out by their policies.

I'm guessing that if you're asking on /. you don't feel compelled to become a whistleblower and sacrifice your career, but if you report up the chain a couple of levels and they do nothing you have to decide if it's worth doing just that. You have to pick your battles and live with the consequences of what decisions you make.

If the code's easy to replace (and most 200 line snippets posted on a forum are), there shouldn't be an issue getting someone to write the replacement without seeing the original, the work to do so is not a huge liability to the company. However if your company has publicly released the code in one of their products it could be a much bigger issue because it potentially exposes the company to liability.

Re:Spilling the beans

[Perl-Pusher (555592)]

God I'm glad I don't work with you. Here is a novel idea. Why not discuss it with the guy who your trying to screw? Voice your concerns and maybe, just maybe, he will contact the original author and get permission. He might even be the original author. That way you don't have to worry the guy finds out who stabbed him and come to your house and get revenge. At least be man enough to let your boss know what kind of person you really are.

Don't sweat it

[GlobalEcho (26240)]

Don't sweat it. When I post code in a forum, I generally do so with the hope that other folks will find it useful, and the expectation that, if they do find it useful, they'll go ahead and copy it. If I want to make something available with a license and everything, I'll either put it on Sourceforge, or post a license in the comments. It's a safe bet the original author feels the same way.

Legally, it's not necessarily safe to copy long snippets from forums, but from practical and social points of view, I think this is much ado about nothing.

Use it

[fhic (214533)]

I do this all the time. My feeling is that code snippets posted in a public forum are meant to be be used by others unless it says not to. Yes, I recognize that this is at least theoretically contrary to US copyright laws. But if you don't want someone to use it, why post it? To show your brilliant code?

Since this specific case apparently bothers you, I think you should try to contact the author through some back-channel and get an explicit okay to use it. But I bet more than likely your request will be ignored or you'll get a "why the fsck are you asking such a dumb thing?" That's generally how I reply when someone asks me about code I've posted.

Comment it with the URL

[BMonger (68213)]

Usually if it's a complicated section of code I'll include the URL in a comment above. If it's just a line or two I won't. Often times if it's from a forum I stay with that forum for a few weeks and try to contribute back in some way.

If the code explicitly has a license attached to it I follow that of course. But I've not had to do that yet. I don't pull code from other project bases unless it's a library or such (in which case I follow the license). Only code that is meant to be viewed and used (such as forums/tutorials).

Appropriate Quote

[Rob Riggs (6418)]

This just popped up at the bottom of this article's page:

Immature artists imitate, mature artists steal. -- Lionel Trilling

I wouldn't worry.

[jellomizer (103300)]

Technically it is a copywrite violation but so is most anything now adays.

If the person posted code on a forum then normally they do so expecting people to use it. Hense Posting it on a forum. Most forums go like this.

First Post
How do I do this?

There is a reply
Try this code.

They usually replay with two options
Sorry it didn't work or It worked thanks.

You are probably just out of college were even looking at someone elses code is considered a great moral sin against humanity, where just the though of this could bar you away from higher education forcing you to live your life without being able to obtain a higher degree. In business if it works they use it even if it is a copy and paist. If it was something more problematic like say Using the source from an other companies code who had a strong license on it... Or using GPL code for non GPL reasons then there would be some consern. But for posting giving help to some one who wants to know how to do something it is basicly a non-issue.

Quick Points

[cleetus (123553)]

IAALBTINLA (I am a lawyer but this is *not* legal advice)

1. The original write owns the copyright to the code.
2. By posting it to the BB, he might have agreed to license it under whatever terms by which the board operates. This might mean you have some license to use it (either implied or actual).
3. The code copied by the developer might not be enough of the work as a whole to considered infringement.
4. One test for determining whether computer code infringes copyright, in the USA at least, is the classic, yet ambiguous "abstraction, filtration, comparison" test. (If the copying was complete with comments, then that's not so good for the copier, but if the code accomplishes a trivial function, then not so much.)
5. Speaking generally, it's important to be on the lookout for situations like this. For instance, if code is copied from an open-source project, then significant consequences can follow (c.f. the Asus story below this one.)
6. If you are concerned, talk with your company's legal counsel.

Hmm, Let's see...

[aminorex (141494)]

Gee, it's a dilemma: You could (1) talk to the guy about it, or (2) wave it over the global press under a pseudonym pretending that no one will guess who you are.

Let me think about this for a minute...

IANAL

[Greyfox (87712)]

But I bet your company has one. Wait, I'm getting an idea... yes... yes... no, lost it. I'm sure it would have been the best legal advice ever posted on Slashdot, though...

Use your head.

[SatanicPuppy (611928)]

Just for me personally, if I put some code I wrote out in a forum, I expect someone to use it other than myself. Someone asks a question, I throw out a chunk of code, we're done. I don't care where it ends up. Likewise if I find an example that someone has put on the web when I was searching for something to do that exact thing, I'll grab it and adapt it to my use on the principle that that's what it's there for.

Forums can be kind of a greyer area. I once had a guy who was maintaining a system I wrote put a decent chunk of my code in a forum; source code, mind you, not just a script. It was a whole program, and while I never sold that particular piece to do anything by itself, it was a part of a product I did make a decent bit of money on, and a pretty clear-cut breach of my IP for some joker to just post it (they'd signed a contract dealing with redistribution, so it was in writing).

I called them, they apologized, disciplined the guy, and hired me to do the change he'd been trying to do (he'd posted the code trying to get someone to tell him what it did), and paid me at a higher rate. I let it slide because it wasn't a big deal (non-critical code), and they dealt with it to my satisfaction.

If, at some later date, I'd found that code verbatim in someone else's system, I might have mentioned it to them, as an aside, but I wouldn't have tried to claim damages or make them remove it. At that point it is WAY too difficult to trace provenance, and hard to prove any sort of knowing violation. It had been released, I'd taken it up from the people who released it, it was done.

In short: If someone releases code with no license attached and you use it and it turns out later it was licensed you're going to have to deal with the consequences of that. If it turns out it wasn't licensed (or was BSD licensed) you're in the clear, even if it was a case like mine where the code was released by a party that wasn't authorized to release it.

The internet is a nice tool to keep from re-inventing the wheel, but if you take anything more than a little subroutine, you better know what rights you have with regards to it because it can seriously bite you in the ass.

You already know the answer

[Weaselmancer (533834)]

I'm new to the company, and the developer who copied the code is the project lead.

You married? Got any kids? A mortgage?

If the answer to any of the above is yes, then shut the hell up about it and get on with your day.

If the answer to all of the above is no and you're in the mood for an ethics experiment - mention it to someone. Have your resume ready first. You're about to learn what the business world is really like.

Re:You already know the answer

[petes_PoV (912422)]

You're about to learn what the business world is really like.

Or, depending on how the project lead is viewed in the company, this could be the fastest promotion you'll ever get.

Before you talk to anyone about this, do some discrete research about who might be sympathetic to your situation, who the lead's enemies are and think about just how much politics you want to get involved in

Talk to the guy who copied it?

[merreborn (853723)]

Since I'm now the only person working on this code, there's no practical way to report the situation confidentially. I'm new to the company, and the developer who copied the code is the project lead. Reporting him to management doesn't seem like a good career move. I could rewrite the copied code without reporting him, but since the product is very close to release it would be difficult to make a significant change without providing some justification

Hopefully you're working for a decent guy, and you can just say "Hey, dude, I was researching this bug, and in the process, found this code on this forum. You think we should be worried about copyright issues?"

He may, like several slashdotters in this thread, be completely unaware of the fact that code is automatically copyrighted in the US.
He may have been aware, but just lazy, and say "Yeah, we should do something about that".
He may say "Who cares? No one will ever find out!". In that case, *then* you may consider going over his head and raising the issue with his superiors.

If he's a decent guy at all, he'll appreciate your coming to him politely with your concerns. But even if he's the type of vindictive halfwit likely to take offense at your discovery, he'd probably be hard pressed to come up with an excuse for taking action against you. And really, if you're working for someone like that, you should strongly consider looking for a new position elsewhere.

Re:Uhhhhh

[caerwyn (38056)]

Ahh... technically speaking, this could be very bad advice in the business arena. While I'm not a lawyer, AFAIK code is copyrighted at the act of creation, and simply by making it available for viewing the author is not automatically giving up those rights. While it is highly unlikely that such a code snippet would cause problems down the road, it is not impossible that it could.

Rewriting simply because it was written external to the company isn't a good thing. Rewriting because it was written external to the company and you're not certain of your company's license to legally make use of the code is an *entirely* different thing.

The author not attaching a particular license to the code is not a blanket license to do with as you will. The author may have intended that, but I don't believe it's true in the legal sense.

It might make more sense to go as you're suggesting, but given the mess that is current copyright law, a business ought to tread more carefully.

Re:Uhhhhh

[iamacat (583406)]

Thanks, I always did want to make a buck from Cmdr Taco. The following code is implicitly copyrighted by me and I am not giving slashdot any permission to reproduce it:

(BOOL)loginWithUsername: userName password: passwd {
    struct pam_conv pam_conv;
    pam_handle_t *pamh;
 
    pam_conv.conv = null_conv;
    pam_conv.appdata_ptr = (void *)[passwd UTF8String];
 
    int r = pam_start("sshd", [userName UTF8String], &pam_conv, &pamh);
    if (r != PAM_SUCCESS) {
        fputs("Unable to initialize PAM\n", stderr);
        return 1;
    }
    r = pam_authenticate(pamh, PAM_SILENT);
    pam_end(pamh, 0);
    return r == PAM_SUCCESS;
}

Re:Uhhhhh

[richie2000 (159732)]

I thought that although a work is automatically copyrighted at creation, the copyright is lost if the author chooses to publish the work without registering the copyright.

That is not correct. If you put patents (even own publication can be prior art) and trademarks (needs to be defended, or they can be lost) in a blender, you might wind up with that situation. Copyright? No way. In fact, in most Berne-signatory states, it's more or less impossible to get rid of a copyright completely without first dying and then waiting 70 years. In some countries, even that isn't enough.

Re:Uhhhhh

[andphi (899406)]

If first dying and then waiting 70 years won't do it, will silver stakes or holy water?

Or should we just start making Xerox copies of the zombie survival guide?

Re:Uhhhhh

[andphi (899406)]

Step One: Get in Taxi
Step Two: Do not bite driver
Step Three: Tell Final Destination to Driver
Step Four: Do not nibble on driver
Step Four 1/2: Go to Bookstore
Step Five: Exit Vehicle after biting driver (Zombies don't pay)
Step Six: Find book in bookstore
Step Six 4/5: Take book without paying. See Step Five.
Step Seven: Bite other patrons as desired, being careful to avoid anyone with a knife or anyone standing in the Military History section. Such patrons may already know how to kill Zombies and should be avoided.
Step Eight: Shamble home, avoiding law enforcement officers and other armed humans.

Re:Uhhhhh

[msslc3 (846991)]

I am a lawyer, and while this is not legal advice to anyone I would personally contact the poster and ask to buy a license to reuse the code in a commercial product. Sure you could rewrite the code but the time saved in not having to do that could be worth a reasonable price for a license. If you bought a license you could also ask for proof of authorship and ownership.

If you instead rewrite the code, you face the possible claim that your new code is a derivative work which is also covered by the original author's copyright. The "cleanroom" approach is sometimes used to avoid this. Have someone who has seen the original code spec the functions, and give the spec but not the original code to a programmer who has never seen the original. Document carefully what you have done and why. If the programmer who writes the code has no access to the original, he can't copy it. Then you only have to worry about software patents -- but that's a separate issue.

Re:Uhhhhh

[HiThere (15173)]

I believe that you are a lawyer.

Your advice is, indeed, a legal way to proceed. It is also impossible for the poster. That's not one of his choices.

Were I him, I would not admit to having noticed anything. Possibly, depending on personality factors, I might get into a discussion with the other code about copyrights, laws, and ethics, but I would be very careful to not admit having noticed that he might have done anything improper.

You are talking here of a new hire. The low man on the totem pole. And this is a case where the proprietaries aren't entirely clear. (E.g., this person should definitely not attempt to acquire a commercial license, as he wouldn't have the right to comit his company to anything.)

FWIW, I consider there to be a fair chance that the example is from a standard text on algorithms. I certainly have no proof that this is true, but it might well be. If so, the PURPOSE of the book was to share how to do various things, say Shell sorts. (Probably not, as that's now commonly built into languages.)

That which you are suggesting is probably something that even the lead programmer wouldn't be able to get the department to do. Yes, it's the legal approach. And it's total impracticality is a small part of what's wrong with the legal approach, and why essentially nobody uses it.

Personally, my favored way of avoiding this problem is to use GPL software...but it doesn't totally get around the problems that the legal approach has saddled us with. We weren't told what license the issued product would be under, and it might BE under GPL. This wouldn't solve any of the problems in this case...this case where there shouldn't BE any problems.

Text published in a public forum without an attached license should BE public domain, with all liability resting on the person or entity who published it. (I'll grant that this would make the GPL a lot more like the BSD license, but in an ideal world those two would be identical in effect. It's the imperfections that cause me to adhere to the GPL.)

Re:Uhhhhh

[morgan_greywolf (835522)]

Um, no. If you want to be technical, if there's no license attached to the code, then you can't use it. Copyright happens on an original work from the time it's published. There are no notice requirements. Without a license, you don't have permission to use the work.

Now, in reality, the author posted it to a forum, probably with the intention of giving away the code. It would be entirely up to the author to sue and whether the author would sue or not -- well, I kinda doubt it.

But, if I were you, OP, I'd check with your company's legal department and/or an attorney. Asking questions like this on Slashdot is likely to result in you getting a lot of misinformation.

Re:Uhhhhh

[TheWanderingHermit (513872)]

I'd also consider the possibility that you don't know the whole story. I found a version of some well known C code for Java and wanted to be sure, before I included it in a FOSS project, that even though it's based on a mathematical algorithm and that the code for that function in other languages has been published in many FOSS programs, that I could include the code in a FOSS project. In the long run, I tracked it down through several people and basically nobody cared what it was included in and I don't think anyone even wanted to bother to license it. In the long run I kept all the emails and notified the project owner. We did make mention of it in the comments, but didn't feel it appropriate to include any guess at licensing info.

It's possible the project head already has permission to use it or may even know the programmer who posted the code to the forum. There could be any number of legit reasons why nothing was said about it in the code comments. It's even possible that post was made my the project leader under a different name.

To me, this sounds like the OP is a quite young programmer who is looking for a chance to lead a moral crusade rather than get the job done. In my experience I avoid taking on employees like that because they seem more focused on making sure everyone else follows their ethics than in doing a good job on the task at hand.

Re:Uhhhhh

[king-manic (409855)]

To me, this sounds like the OP is a quite young programmer who is looking for a chance to lead a moral crusade rather than get the job done. In my experience I avoid taking on employees like that because they seem more focused on making sure everyone else follows their ethics than in doing a good job on the task at hand.

Or he's a young programmer who is afraid he's the scapegoat.

Re:Uhhhhh

[danlyke (149938)]

If there's a question on the license, then I think it's totally reasonable for ScuttleMonkey to go to his project lead and say "I'm uncomfortable that we don't have an explicit license for this code, we need to contact the original author and obtain a license or an acknowledgement of a release to the public domain".

I don't attach a license or explicit release to every piece of code I've posted to forums or newsgroups or what-have-you over the years, and I have had every expectation that many of those would get copied and pasted into applications without attribution. I'd prefer it if, when that stuff ended up inside an app, there were a note saying "here's the original source" because when I've stumbled across such code it's sometimes made it easier to figure out what it's supposed to be doing, but I don't expect it.

If ScuttleMonkey has an indication that the original license is not something that allows incorporation into the code, then it's totally reasonable to escalate this one over the lead's head early on, but it sounds like this was something picked up off a site like CodeProject.com, where it's completely reasonable to assume that the intent of the poster was that this code be incorporated and adapted without further license terms.

Re:Uhhhhh

[IceCreamGuy (904648)]

The guy is asking a question because he's apparently new to the business and wants some sage advice from people like you who know what they're doing. People aren't born with this information, the only way to get it is either to screw up or ask somebody, and he decided that it was a good idea to ask first. Frankly (if that is your real name), however, I wouldn't put much weight into your vague response even if it wasn't condescending and derisive.

Re:Uhhhhh

[Selfbain (624722)]

Is your hairstyle distinctively pointy by any chance?

Re:Uhhhhh

[Jherico (39763)]

>> Is it legitimate to use source code that's publicly available but doesn't fall under any particular license?

>Of course it is. This kind of thing happens all the time.

This may be completely commonplace, but it is certainly not legal. Simply posting something in a public place does NOT put it in the public domain, and contrary to what many people in this forum are saying, failing to attach a copyright notification to something does NOT place it in the public domain either. Assuming the author posted the information after 1976 and is covered by american law, then the copyright act of 1976 provides for automatic copyright protections, unless there is some notification which explicitly puts it under a license which permits it use.

The original poster will probably never be called out if he leaves the situation as it stands he is still breaking the law. His options for avoiding this are to either find another copy of the code which is listed under a license, contact the author and ask for a license, or to rewrite the code.

Re:Uhhhhh

[SheldonYoung (25077)]

> Is it legitimate to use source code that's publicly available but doesn't fall under any particular license?

Of course it is. This kind of thing happens all the time.

So does fraud, burglery and worse but it doesn't mean it's legal.

Frankly, I'm glad you don't work for us. The fact that you would consider "rewriting" code that works well just because it was written by someone external to your company doesn't speak well for your sense of business priorities or usage of time.

Nobody in their right mind would ever purchase your services or products again. They would not rewrite the code because it was created externally, they would rewrite it because legally and ethically they have not been given rights to use the code. I would not do business with anybody who would knowingly use code of dubious license.

> The original author didn't attach any particular license to the code.

I think that says it all. Yes, that means they have no license to the code and must ask for one. End of story.

Re:Uhhhhh

[mce (509)]

>> The original author didn't attach any particular license to the code.
> I think that says it all.

Yes, but it does not say what you seem to imply. If the original author did not grant permission, you can not use the code (but you can implement the same algorithm yourself, at least as long as there is no patent preventing that). Note that the author does not have to include such a permission in every piece of code. It can be in an accompanying file, or it can even be in the Terms of Use of whatever bulletin board or website he used to publish it. But you have to check that.

Granted, as long as you do not distribute the source, nobody will spot a 200 line piece of code and this kind of copying indeed happens all the time, but that does not make it legal in the strict sense of the word. I once wanted to use a small library that is floating about out there without any license/copyright statement. As it would have been possible for our customers to spot the use, I checked with our legal department and they were very firm: if I could get the author to explicitly approve it, it was OK, otherwise not. He did not reply, so I had to scrap the idea.

Re:Uhhhhh

[show me altoids (1183399)]

If the author of the code posted it in a forum, I would personally call that implicit permission to use the code. Otherwise, why even post it? To show off his great coding ability? Every programmer (myself included) does this all the time and I have never heard of "Forum police" going after them. As to the legality of downloading it, if it is showing in your browser window, you have already downloaded it.

Re:Uhhhhh

[by Anonymous Coward]

You don't know that the poster had permission to post the code in the first place.

Re:Uhhhhh

[show me altoids (1183399)]

That's true, of course, but there is only so much you can do. Should the submitter do a search for all other code in the application and see if any of it is stolen? I do get your point, though, but this is such a common practice that I think most developers don't even think twice about doing it, which, I concede, doesn't make it automatically legal.

Re:Uhhhhh

[Catskul (323619)]

You *never* know if someone has permission to distribute code, even if they sell it to you.

Re:Uhhhhh

[duffbeer703 (177751)]

The only issue is that if the author wrote the code at work, it's not his to give away.

Personally, I'd forget that that I found it.

Reverse it.. act niave... and inform management...

[tempest69 (572798)]

Explain that somehow the source code got onto the internet from your company.. Then let a higher up know, the some of their code got leaked.

Then let them figure out the truth, and get indignant with your boss.

A sleazy thing to do to a sleazy guy

Storm

p.s. The correct answer is to get your boss and his in a room, and explain the situation. And more than likely you'll be stuck re-coding it. And your boss will hate your guts, his boss will be cranky with both of you. But it would be the right way to handle the situation.

OT: Burning money

[Bloater (12932)]

Burning a $20 bill makes everybody (except you) richer. With a reduced money supply everybody else's dollar becomes more valuable. It takes a while to filter through to the labour market, but it does. That bill represent the wealth that you brought to everybody else so that one of them will give you something if you bring it to them. If you burn it instead, they still benefit from the work you did to earn that money, but now you won't be able to get them to give you stuff so they also get to keep the stuff and sell it to somebody else.

Re:Uhhhhh

[SnoopJeDi (859765)]

I don't see any particular license on the mp3 files either.

You don't see a license attached to a bootlegged DVD or game, either. Because the license was attached to the ORIGINAL material, and violated in the distribution of the mp3. As several people have brought up, there's a possibility that this code was taken from something that was licensed, and given away as implicitly free.

Regarding the OP, I'm siding with the "forget it and leave it be" camp. If you don't make a fuss, the only person that could get in potential trouble if it turned out to be rotten would be the guy who wrote it. There's no assumed responsibility on you to check everybody else's code for licensing issues, and nobody could prove that you'd made this discovery, so you could feign ignorance. Well, unless a vigilante Slashdotter tracks you down and brings the law down on you. You might want to consider hiding.

Unless you've got some ENORMOUS ethical battle to fight on this particular issue, ignore it. Or rewrite the code on your own time to keep the project on-schedule.

Re:Due dilligence and move on

[Nevo (690791)]

If there is no copyright claim by the original author then I don't see what the problem is. AFAIK that means it's in the public domain....

You'd be wrong. (At least in the United States you would.)

From http://www.copyright.gov/circs/circ1.html [copyright.gov]: "Copyright protection subsists from the time the work is created in fixed form. The copyright in the work of authorship immediately becomes the property of the author who created the work" and "The use of a copyright notice is no longer required under U.S. law...."

Re:Due dilligence and move on

[Chuckstar (799005)]

I like the idea of commenting the code and moving on.

Note, though, that posting code on a forum with no copyright notice does not put it in the public domain. IIRC, the lack of copyright notice means that the first move of the copyright owner can not be to sue you, they must first notify you of the violation and give you a chance to fix it. In other words, the law takes into consideration that without a copyright notice you might accidentally copy something you shouldn't and allows for the violator to fix the problem once notified.

So the worst case is that the copyright owner makes your company change the code at some point in the future. If you put the recommended comment in, your company will know (i) its not your fault and (ii) you were heads-up enough to look into the issue a little further when you noticed it.