Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Legal Issues of Opening Up Proprietary Standards?

Cliff posted more than 8 years ago | from the consequences-of-reverse-engineering dept.

269

mrjb asks: "The Alesis HD24 is a 24-track, hard disk audio recorder with a built-in 10 megabit FTP server. To improve on file transfer speed, Alesis offers an external Firewire drive with a program called FST/Connect which reads the disks under Windows. I've contacted Alesis about a Linux solution, but none is planned. Also, they are (understandably) not very eager to reveal the file system specs. After a few days of staring at hex codes, I now know enough about the FS to read HD24 IDE disks under Linux (no Firewire required). As I know I benefit from the efforts of the Samba and OpenOffice teams, I'd love to share this info. I'm not, however, the least bit interested in Alesis suing me (in fact, I might want to send them my CV at some point). What would your advice be in such a delicate situation of conflicting interests?"

cancel ×

269 comments

Sorry! There are no comments related to the filter you selected.

Proof? (4, Funny)

guyfromindia (812078) | more than 8 years ago | (#14859104)

BTW, the article doesnt have a link for some of us lazy folks...
Here is a link to the product (Alesis HD24)... [alesis.com]
Just curious... how can you prove that you didnt have any inside information on the specs and that you decoded it all by yourself?

Re:Proof? (0)

Anonymous Coward | more than 8 years ago | (#14859166)

Why should he have to prove his innocence, especially to some random Slashdot reader? Where is the "proof" that he would be divulging internal information?

Re:Proof? (1)

guyfromindia (812078) | more than 8 years ago | (#14859219)

No, I dont want him to reveal any proof to me... I was just curious (from the legal point of view) as to how he would prove that he didnt have internal help...

Re:Proof? (0)

Anonymous Coward | more than 8 years ago | (#14859265)

The point is that the burden of proof is to prove that he did.

Re:Proof? (4, Interesting)

Dashing Leech (688077) | more than 8 years ago | (#14859440)

"The point is that the burden of proof is to prove that he did."

That's correct. Though keep in mind that the burdon of proof in civil matters is a lot easier than in criminal. In civil matters it is only necessary to prove it is likely he had inside info ("balance of probabilities"), not "beyond a reasonable doubt". So, although he wouldn't have to prove his innocence, it might be necessary to at least demonstrate he has the capability to reverse engineer such a system on his own. For instance, if Alesis engineers claimed it'd be impossible to reverse engineer it without inside information, that might be enough to make it likely unless he could convincingly demonstrate otherwise.

That being said, I'm not exactly sure why "inside information" makes a difference here. Has anybody identified what law he could be sued under if he open-sourced this? Haven't a lot of open source projects been done by reverse engineering hardware without the manufacturer's consent? I don't think trade secret would work here; that's a very specific type of secret. If he didn't bypass some security mechanisms it wouldn't be DMCA. If he didn't copy and re-use their code, no copyright violations. If he didn't implement a technique patented by them, no patent violation.

Sounds like a standard "after market" type modification which is perfectly legal AFAIK.

Re:Proof? (1)

parkrrrr (30782) | more than 8 years ago | (#14859643)

Has anybody identified what law he could be sued under if he open-sourced this?
Probably contract law. Lots of EULAs have that nasty reverse-engineering clause.

ANOTHER LEVEE BREAKS (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14859389)

Sonoma Levee Break Floods Calif. Highway

http://www.forbes.com/home/feeds/ap/2006/03/06/ap2 573236.html [forbes.com]

You know what this means, right?

George Bush doesn't care about white people.

Re:ANOTHER LEVEE BREAKS (0, Offtopic)

charlesnw (843045) | more than 8 years ago | (#14859593)

Normally I don't feed trolls but this cracked me up. First he doesn't care bout blacks. Then he doesn't care bout whites. I needed a good laugh. Thanks.

Re:Proof? (1, Insightful)

ajs318 (655362) | more than 8 years ago | (#14859298)

Just curious... how can you prove that you didnt have any inside information on the specs and that you decoded it all by yourself?
Last I checked, the onus of proof was upon the prosecution.

Re:Proof? (1)

/dev/trash (182850) | more than 8 years ago | (#14859358)

I'm sure that they posted a description of some of there API calls on a website for some short period of time some time ago.

Re:Proof? (0)

Anonymous Coward | more than 8 years ago | (#14859381)

Simple, he'll prove it in the same way that you prove that you are not a {troll, childmolestor, terrorist}. Can you prove that?

Normally it's damn hard (impossible) to prove a negative. Eg. it did not rain today or yesterday, does that mean that it never rains? I did not get the secret protocoll yesterday, does that mean that i never got it?

Not the point. (5, Insightful)

TheSpoom (715771) | more than 8 years ago | (#14859396)

Even if the onus of proof is on the prosecution, that won't stop them from creating a long, drawn-out trial that will bankrupt the defendant before the case even gets close to providing justice. So yes, in an idealistic world where lawyers don't require money and time is not an issue, the onus is on the prosecution. However, we don't live in that world, and unless he can prove very quickly that the case has no merit, he's going to get the legal crap beat out of him, regardless of whether or not he's done anything wrong.

Re:Not the point. (0)

Anonymous Coward | more than 8 years ago | (#14859606)

So... why not leak it through Canadian servers or the like? Release it under a pseudonym or somesuch.

Re:Not the point. (1)

TheSpoom (715771) | more than 8 years ago | (#14859640)

Yeah, that's what I'd do. Release it to certain anonymous FTP servers where it's likely to be noticed, and do so through one or many (preferably many, a la Tor) anonymizing proxies, so even if they track it back to the source FTP server, they wouldn't be able to trace it back to you.

Re:Not the point. (2, Insightful)

Pharmboy (216950) | more than 8 years ago | (#14859687)

So... why not leak it through Canadian servers or the like? Release it under a pseudonym or somesuch.

Good idea! Surely that will prove he had no inside information and legally reversed engineered it....

Re:Proof? (3, Informative)

DaveV1.0 (203135) | more than 8 years ago | (#14859515)

In criminal proceedings, yes. In civil proceedings, no.

Mr.JB can be sued in civil court for any number of reasons. In civil court, there is no presumption of innocence and no "beyond a reasonable doubt". It is basically a contest to see who can sway the judge and/or jury the farthest.

Re:Proof? (4, Insightful)

Alex P Keaton in da (882660) | more than 8 years ago | (#14859815)

Not be an ass, but why not consult a lawyer? Or ask your question where the people have legal degrees, or have spent 5 or 10 or 20 years studying and practicing law, rather than a board where people have spent 5 or 10 or 50 yearss studying tech.
Would you ask a group of doctors how to rebuild you car engine? I would hope you would ask an auto mechanic.

Sameway as it has always been done (3, Interesting)

Anonymous Coward | more than 8 years ago | (#14859142)

Find an anonymous ftp site that accepts this kind of information for this area, which in turn will be let loose into the wild.

Re:Sameway as it has always been done (1)

fred911 (83970) | more than 8 years ago | (#14859248)

release a torrent.

Put a layer of indirection (5, Informative)

Krach42 (227798) | more than 8 years ago | (#14859148)

Reverse Engineering is generally not illegal.

But, to CYA, your best bet is to just write up the specs as you understand them, then have someone else write the driver for the community.

You don't even have to share those specs. Give the author the specs, have him write the driver, then publish it, without your specs. Now, anyone who wants to reverse engineer the driver you wrote, is investigating a full layer of indirection from you. They're not even looking at the specs you wrote, but rather the code that was written upon those specs.

Re:Put a layer of indirection (0)

Anonymous Coward | more than 8 years ago | (#14859175)

Didn't one of the early IBM BIOS clones get produced this way?

How about... (5, Insightful)

sterno (16320) | more than 8 years ago | (#14859249)

Before he does that, what he really ought to be doing is talking to an attorney. An attorney can give you advice on what measures you can take to minimize your legal exposure here. That advice may include what you need to do to assure that you've done this in a clean manner. Having specs you hand off to somebody else may not provide the kind of validation that is needed.

In the end though you can do this 100% on the up and up and still get sued. A good lawyer will tell you that. Will they win the lawsuit? Not if you do this right, but then how many thousands of dollars will you blow defending the lawsuit, whether you win or not.

Whatever you decide to do an attorney can give you a clear perspective on what the ramifications are.

Re:How about... (0, Troll)

NamShubCMX (595740) | more than 8 years ago | (#14859617)

This is a good idea...

However, he bought a piece of hardware. Figured out a way to interface with that hardware, coded it.

Needing an attorney for something like that is a scary thought...

Re:Put a layer of indirection (2, Informative)

Daniel_Staal (609844) | more than 8 years ago | (#14859435)

Yes, this sounds completely legal. That's not the point. He wants to have the manufacturer still like him as well.

My advice: Get a lawyer now. Someone who's informed on this topic of law. Tell the lawyer what you have got, and what you want from the company. Have the lawyer call the company and get some form of assurance that you haven't killed the company. In writing. Make it clear to the lawyer that you don't want to issue threats, you just want to cover your ass.

Play by companies rules, which include lawyers and contracts.

IANAL -- YADAI (1)

fm6 (162816) | more than 8 years ago | (#14859483)

Reverse Engineering is generally not illegal.
Unless it's forbidden by the agreement under which you licensed the technology — which it almost always is.

Cliff, for the last time: stop accepting Ask Slashdots that want legal advice. Or else you'll be consulting a lawyer yourself!

reverse engineering for compatibility (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14859149)

I believe that even in the US with the DMCA you're still protected here - reverse engineering for reasons of compatibility is nearly always legal and is subject to special protections.

Fair use? (2, Insightful)

nexxuz (895394) | more than 8 years ago | (#14859152)

Wouldn't this fall into the fair use catagory? I mean if you purchase the equipment then don't you have the right to be able to use it?

Re:Fair use? (1)

Firehed (942385) | more than 8 years ago | (#14859645)

If that theory held any water, CRAP not only wouldn't exist but wouldn't legally be allowed to.

Maybe a few years ago, yes, but not anymore.

Fair use applies to copyright (1)

Jonner (189691) | more than 8 years ago | (#14859657)

The fair use principle applies to copyright, not reverse engineering.

Anonymous release (0)

Anonymous Coward | more than 8 years ago | (#14859155)

That's all.

Re:Anonymous release (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#14859176)

in your ass. Faggot.

Re:Anonymous release (0)

Anonymous Coward | more than 8 years ago | (#14859652)

Well, that's no longer an option, now is it? :-)

Similar Software? (1)

laundrynerd (868194) | more than 8 years ago | (#14859161)

I think there's a pretty large precedent in play. While it might not be *exactly* defensible legally, there are plenty of examples. Off the top of my head, there's the iPod Linux project, plus the large majority of hardware drivers for Linux itself.

I think that is ok (1)

Austerity Empowers (669817) | more than 8 years ago | (#14859184)

IANAL, don't do anything based on slashdot. But if you determined all that stuff without access to any proprietary documents, then you are free to do release it. Reverse engineering is still legal. If you had access to someones proprietary information, however, then you'd better not or talk to a real live lawyer who can give you legal advice.

I think the only sticky part may revolve around the DMCA if by releasing this info you are enabling piracy. It doesn't look like it, but someone may try to wrap it that way. The law probably says this is always wrong. If you aren't afraid to get drug through the mud, and if your intentions are truly honest, that law could be knocked down as illegal. It's untested and unfair, hence it's not likely to stay. But if your intentions aren't pure they'll fry you on other counts and you'll wish you stayed quiet.

Re:I think that is ok (0)

tgd (2822) | more than 8 years ago | (#14859250)

YANAL, and YDKWYTA.

(That would be "you don't know what you're talking about".

Reverse engineering is borderline at the best of times, particularly with the DMCA these days, and without a clean room reverse engineering, its blatently illegal.

So its good you prefaced that with "IANAL" but you should include in the future that its a "WAG" so people don't take your authoritative statement as being correct, as both your take on the DMCA and reverse engineering are incorrect.

Re:I think that is ok (5, Insightful)

Austerity Empowers (669817) | more than 8 years ago | (#14859591)

So first off, anyone who "asks slashdot" about legal issues is asking for public opinion, not legal fact. I did not need to preface this with "IANAL", but I did so to call attention to the fact that slashdot is the wrong forum. You can't get legal advice from anyone but a lawyer you have arragements with. It's stupid even to go to somewhere like groklaw and ask for advice. Pay a lawyer or take your chances.

Second, reverse engineering IS legal. Your cynicism is masking that fact. Yes, it is dangerous, but the question sounded like some frustrated guy who figured out a file format all by himself. There are dozens of things he could have done to make his particular reverse illegal, but I suspect he did so honestly or he wouldn't be asking. Lawyers could clarify the subject, all us geeks are going to say is "if you didn't cheat, it's OK".

Third, the DMCA makes reverse engineering copy protection methods illegal. This particular part of the DMCA has not been tested, ever, on purpose. It probably would get thrown out. It is unlikely that someone would crack copy protection on purpose, without intent to enable piracy. But it has been done, and no charges filed on that issue. That is why I made the statement about "being willing to get drug through the mud".

Fourth, you don't need to be a lawyer to make statements about what is right. Most of law is what society thinks is right vs. wrong turned in to words that can then be applied equally and fairly. Very often the written law is well behind public opinion, and one way that changes is by forcing it.

Finally, Engineering 101. When in doubt, shout it out.

Re:I think that is ok (4, Insightful)

Dashing Leech (688077) | more than 8 years ago | (#14859634)

"...without a clean room reverse engineering, its blatently illegal"

Could you provide a reference to the particular law and section? It is my understanding that reverse engineering is not only legal in most cases, it is even protected. It's only a few rare exceptions that are illegal such as (potentially) EULA [infoworld.com] restrictions and creating software that bypasses copyright [aspfree.com] protections, thanks to the DMCA.

Unless this guys is violating his EULA, I'm not sure where the violation is. Still, it is good to check with a lawyer.

Re:I think that is ok (2, Insightful)

Jussi K. Kojootti (646145) | more than 8 years ago | (#14859742)

Reverse engineering is borderline at the best of times
You could at least state your arguments for your claims, especially when you're chiding others...

Re:I think that is ok (1)

MadEE (784327) | more than 8 years ago | (#14859375)

I don't really see how DMCA would have much to do with it, even if Alexis claimed it as a content protection measure, it would be your own work in which you would be accessing. It's really hard to pull copyright into this when the disks you are attempting interoperability with stock contain nothing. IANAL of course.

Re:I think that is ok (1)

Austerity Empowers (669817) | more than 8 years ago | (#14859650)

I agree 100%, except that they COULD try to pull that, and it'll end up costing him some money to defend. I'd bet he wins, but it might be more hassle than he's willing to endure.

Re:I think that is ok (1)

MadEE (784327) | more than 8 years ago | (#14859788)

...or if he is masochist a and wants to sue himself. ;)

Write Specs, Publish Anonymously (4, Insightful)

dsanfte (443781) | more than 8 years ago | (#14859185)

Write up a spec sheet, get onto an anonymizer service, and e-mail the specs to either someone interested in writing a driver, or a hobbyist e-mail list. Or write the driver yourself and publish the source in the same manner. Either way, just use an anonymizer service.

If you're looking to take credit for it, well, (possibly) getting sued is the price you pay for fame.

Re:Write Specs, Publish Anonymously (2, Interesting)

ecloud (3022) | more than 8 years ago | (#14859236)

I agree.

To open up this question a bit more, which are the best guaranteed-anonymous ways to publish stuff like this? Freenet obviously. What about Usenet? Somebody at least is logging your IP address in that case right? Would you have to post from a university or something to avoid this?

What other choices are there? Is there an anonymizing bittorrent service in some nice laissez-faire country?

Re:Write Specs, Publish Anonymously (0)

Anonymous Coward | more than 8 years ago | (#14859793)

Post it to a web accessible wiki through Tor [eff.org] or host it yourself as a location hidden service on Tor.

Re:Write Specs, Publish Anonymously (3, Insightful)

Bogtha (906264) | more than 8 years ago | (#14859390)

Either way, just use an anonymizer service.

Yes, because I'm sure they'd have great difficulty in tracking down a Mr J. B. who has contacted them asking for Linux support and specifications.

Difference (4, Interesting)

jeffs72 (711141) | more than 8 years ago | (#14859186)

The problem I see here is that you aren't developing something new and giving back to the OS community with this, you are reverse engineering a (presumably) patented product and wanting to release that knowledge into the OS community.

If I were you I'd be awfully careful with what you are doing. Maybe you could just release some sort of closed source linux tool to allow access to this device so your needs are met, and even send it to them so they can release a linux client if they want.

No matter what your feelings are on patent and IP, you still need to tread lightly with their stuff. Esp since you probably contacted them with email so they have documented proof that you went and asked 1st, knew they didnt want to release one, so then set out to reverse engineer it anyway.

But, kudos to you. I'd go the honest route with them, send them your source, say here ya go, I did this cause I LOVE your product and want to use it with Linux, I hope you can appreciate that, and make this available to your customers like me.

Re: Work with the company? (5, Interesting)

Nevynxxx (932175) | more than 8 years ago | (#14859251)

Why not get your working driver, and email the company asking if they would release a driver written by you in any form. Then negotiate either payment, or open-ness.

Re: Work with the company? (2, Insightful)

JohnFluxx (413620) | more than 8 years ago | (#14859512)

That might work against him, and I would say check with a lawyer first. They might say he was blackmailing him or something.

Re:Difference (2, Insightful)

ratboy666 (104074) | more than 8 years ago | (#14859387)

From the post -

The vendor didn't want to release the fs info. The post author is NOT the vendor.

Since it was reversed, this implies others can reverse it.

Why not release the results? The vendor is simply unwilling to support Linux (implied, BSD) OS. This way, they AREN'T supporting it.

Will the author get sued? If the author lives in the USA, maybe, otherwise almost certainly not. The author wants to work for the company? So, go ahead and publish -- it will get their attention. And if its not in a positive way, *I* wouldn't want to work for them.

Ratboy.

Re:Difference (1)

croddy (659025) | more than 8 years ago | (#14859448)

I think it's highly doubtful that their filesystem is patented (see how quickly it was reverse engineered) -- and that's all his software deals with. Their chance for dictating terms to him was when he requested documentation on the system; they've declined to provide it to him, so he reverse-engineered it. If he can get legal advice indicating that the risk from releasing his software is permissible, then I don't see any reason for him to offer Alesis another chance at determining how *his* software will be used.

The "honest route" was exactly the route he took (at least, based on his submission) -- writing the driver without using any NDA-restricted documentation. The fact that the driver is used for reading their filesystem is next to irrelevant. The driver is his, and his decision should be based upon his level of commitment to Free software, and on the legal risks, as determined by someone qualified to give such advice.

Re:Difference (1)

jeffs72 (711141) | more than 8 years ago | (#14859633)

I think it's highly doubtful that their filesystem is patented (see how quickly it was reverse engineered) -- and that's all his software deals with. Their chance for dictating terms to him was when he requested documentation on the system; they've declined to provide it to him, so he reverse-engineered it. If he can get legal advice indicating that the risk from releasing his software is permissible, then I don't see any reason for him to offer Alesis another chance at determining how *his* software will be used.

The "honest route" was exactly the route he took (at least, based on his submission) -- writing the driver without using any NDA-restricted documentation. The fact that the driver is used for reading their filesystem is next to irrelevant. The driver is his, and his decision should be based upon his level of commitment to Free software, and on the legal risks, as determined by someone qualified to give such advice.

Because something was easy to reverse engineer does not mean it isn't patented. Do you think a safety pin or a hair net or screw driver with detachable heads is complicated?

No? Didn't think so.

Re:Difference (1)

croddy (659025) | more than 8 years ago | (#14859781)

I think it's highly doubtful that their filesystem is patented.

Re:Difference (2, Insightful)

GigsVT (208848) | more than 8 years ago | (#14859485)

aren't developing something new and giving back to the OS community with this, you are reverse engineering a (presumably) patented product and wanting to release that knowledge into the OS community.

You claim there's a difference, but this is exactly what OpenOffice and Samba did.

Re:Difference (1)

jeffs72 (711141) | more than 8 years ago | (#14859599)

Your point being?

Re:Difference (1)

GigsVT (208848) | more than 8 years ago | (#14859729)

Did you even read the summary?

Re:Difference (1)

jeffs72 (711141) | more than 8 years ago | (#14859776)

Yes I read the summary.

k thx

Patent schmatent (1)

markdowling (448297) | more than 8 years ago | (#14859682)

Just tell RIM it's a blackberry competitor. bye bye patent.

Re:Patent schmatent (1)

jeffs72 (711141) | more than 8 years ago | (#14859721)

You are sorely ill-informed on the patent issues between NTP and RIM. I guess it doesn't matter to you that the US patent office has revoked all of NTPs patents?

Re:Difference (3, Informative)

aprilsound (412645) | more than 8 years ago | (#14859713)

you are reverse engineering a (presumably) patented product
If the product was patented, then the spec would be available via the patent office, therefore, no reverse engineering would be needed. If it was patented, it wouldnt matter if it was reverse engineered because the spec would still be under patent.

The issue here is more one of trade-secret. If the company has taken resonable measures to protect the spec, then they could claim that you stole a trade secret, which is a crime.

I don't think trade secret can apply here though, unless they used some sort of encryption or something to obfuscate things.

Depends (4, Insightful)

Sycraft-fu (314770) | more than 8 years ago | (#14859195)

As always, this is not legal advice, if you get legal advice on Slashdot, get your head checked.

If you reverse engineered their disk standard by yourself, you are fine legally, There's nothing illegal about reverse engineering (exception copy restriction technology per the DMCA). Now if you used some of their developer docs or something to do it you could be on the hook if they made you agree not to use them for reverse engineering before giving them to you. However if this was all on your own, then there's no worries.

Now, this doesn't mean they can't sue you it just means they won't win if you are competently represented. They could still file a suit and it probably would get past inital hearings, so you'd actually have to fight it in court.

As for employment, well if you release this and it pisses them off then you can expect they won't employ you, and they'll be within their rights to do so. So if you are seriously thinking about getting a job with them, you might want to reconsider.

Something else I will point out, though I am not advocating, is that the Internet is large, spans international borders, and is not well monitored. If you don't care about credit and don't do things to draw attention to yourself (like posting on Slashdot) there's no reason you couldn't do an anonymous release on a website in a country that doesn't much care, like Russia.

Depends is right (2, Interesting)

hey! (33014) | more than 8 years ago | (#14859315)

Depends on all kinds of circumstances. The number one is whether or not there are patents involved. How you obtained the information needed to create compatible drivers is important too, as what you may have done up to that point. For example, if you accepted a EULA under windows before poking around the device using Linux, then a lot may depend on the circumstances of the EULA.

Asking /. folks advice on this is like finding a bomb in a movie theater, then defusing it, taking and audience poll as to whether, according to their memories of old movies with UXBs in them, you should cut the red wire or the blue wire first.

It seems to me common sense dictates one of three approaches:

(1) Walk away.

(2) Cover your tracks. (e.g., release specs through an elaborate process of anonyization)

(3) Cover your ass. (i.e., talk to a lawyer who at least knows the right question to ask; getting permission also falls into this category, but makes approach 2 harder).

Speaking of the last, some smart lawyer might drum up business by doing an IP question of the month feature, suitably whitewashed the way psychologists' case studies are.

Dish Network Hackers do this exact thing (1)

SydShamino (547793) | more than 8 years ago | (#14859583)

The folks who hack Dish Network DVR receivers to let you read and retrieve the data from them do this exact same thing. They analyzed the hard drives, figured out the file system, figured out the video formatting, and wrote tools to extract, decipher, and transfer to a PC. See the DishRip Yahoo forum for more information.

All of this is absolutely 100% legal because they only touch those Dish Network DVRs that have no data encryption . They are (rightfully so) ruthlessly intollerant of anyone trying to hack the encrypted boxes (i.e. most all of the newer ones), as it could get their forum shut down.

In the case with this article, reverse engineering for compatibility reasons is supposed to be legal. But, if the company is encrypting the data on the disk, you could run into DMCA trouble, even if the "encryption" is very very simple.

(Alternatively, if it is your data that is encrypted, i.e. audio recordings that you created, you might have a legal case for decrypting them. The wording of the DMCA IMO seems to make it pretty clear that the copyright-protection-circumventing laws only apply when the materials being encrypted are protected by copyright. Release your audio into the public domain and crack away.)

Huh? (1)

Otter (3800) | more than 8 years ago | (#14859198)

I don't understand what your concern is. You're not under an NDA, presumably, so I don't see where there's any legal issue at all. The part about maybe wanting a job there is another matter, obviously. (IANAL, also obviously...)

Re:Huh? (4, Insightful)

replicant108 (690832) | more than 8 years ago | (#14859343)

What's remarkable is that the IP lobbyists have managed to generate such a level of paranoia that people are frightened to use their God-given gifts to advance technology and the interests of the community.

If reverse-engineering is outlawed, then technological progress is at risk.

Re:Huh? (4, Informative)

Otter (3800) | more than 8 years ago | (#14859401)

Well, that's half of the problem, but the idiots yelling "IT'S A VIOLATION OF TEH DMCA!!! YUO NEED TO MOVE TO RUSSIA!!!" on every case of perfectly legitimate reverse engineering are the other half. That's why it's important to explain that this guy is (unless he signed an NDA or the like) on perfectly safe ground, instead of feeding the persecution fantasies of the mob.

Re:Huh? (2, Insightful)

fossa (212602) | more than 8 years ago | (#14859632)

But there are two questions: Is it legal? and, Will there be a lawsuit? It seems that releasing the code would be completely legal. Even so, nobody wants to invite a lawsuit, particularly given the legal environment in the US. Win, lose, or settle, a lawsuit will end up costing time and money. This is truly depressing and unjust. What can we do about it? And on top of all that, the author wants to remain on good terms with the corporation for a possible job application.

Ask the Samba people (4, Insightful)

digidave (259925) | more than 8 years ago | (#14859221)

Try emailing a public contact at Samba and see if they can give you any advice. They obviously had to figure this out a long time ago.

You could also contact a lawyer.

Just let the info out anonymously (0)

Anonymous Coward | more than 8 years ago | (#14859235)

Post the info anonymously to a few NGs, Forums etc. with a request for it to be passed to anyone interested - let someone else take the risk..!

Post in another country (1, Interesting)

Anonymous Coward | more than 8 years ago | (#14859237)

Give the info to a friend in another country that is not bound by that silly DMCA thing.

Nothing personal (1, Insightful)

Anonymous Coward | more than 8 years ago | (#14859272)

...but they'd be unlikely to offer you a job if you have publically denied them of revenue.

It's your call - and totally separate from the legal argument.

Re:Nothing personal (4, Insightful)

Dashing Leech (688077) | more than 8 years ago | (#14859697)

"... if you have publically denied them of revenue"

While I agree if he's interested in a job he should be careful that they don't mind what he's doing, I don't see where this would deny them revenue. They sell a piece of hardware (HD24), and an extension piece of software on Windows that works through firewire. (It's not clear if they charge extra for the Windows software.) They were very clear they're not building drivers for Linux presumably because the cost to develop, maintain, and support Linux wouldn't cover the small market gains. This guy figured out how to make it work in Linux. He basically just opened up a market for them by effectively developing a Linux driver for free, with no required commitment from them for support or maintenance. Now they can potentially sell more hardware at no extra cost.

Where exactly is the denied revenue?

Seperate the specs and the implementation (4, Interesting)

TTimo (253584) | more than 8 years ago | (#14859327)

You might want to investigate how the people writing Linux drivers for the Broadcom bcm43xx ( Airport Express ) went about it. One team sticking to write the specs, and a seperate one working from the specs into a working driver.

http://linux-bcom4301.sourceforge.net/go/progress [sourceforge.net]

Use someone's wireless network (2, Funny)

necro2607 (771790) | more than 8 years ago | (#14859347)

Easy, dude. Write up the specs, hop onto someone's open wireless network, and post the file online from there. ;)

This has certainly been done before.... (5, Interesting)

King_TJ (85913) | more than 8 years ago | (#14859374)

The music industry is notoriously "closed mouthed" about letting anyone know how their electronic products work at a technical level. Ever since the mid 80's or so though, companies have been reverse-engineering these instruments and devices, and *selling* commercial products that work with them, not to mention work on freeware projects along the same lines.

For example, I used to own a Roland S-50 sampling synthesizer. It saved its sample data on 720K 3.5" floppy disks. But people with PCs quickly realized it would be much more useful if you could take standard WAV sound files and dump them into the synth via MIDI. Many other makes and models of sampling synths and rack-mounted samplers were in the same boat. The manufacturers (like Roland) had poor documentation for the MIDI "system exclusive" commands that would be required to upload or download the sample data, so a few people worked at reverse engineering all of this on their own. Eventually, prodcuts were sold like "SampleVision" which knew how to do this for many dozens of samplers on the market.

Rather than being sued, it seemed like the synth makers actually ended up endorsing the products, providing links to them from their own web sites - because they learned it made their products more desirable to purchase.

Re:This has certainly been done before.... (0)

Anonymous Coward | more than 8 years ago | (#14859600)

And don't forget Apogee with their ProTools-compatible A/D D/A convertors, without any support from ProTools-manufacturer Digidesign. In fact, Digidesign is trying to break compatibility with non-Digi-hardware all the time by changing the protocols every now and Apogee in their turn promising their users to be compatible again within 1 day.

It's a jungle out there.

Re:This has certainly been done before.... (2, Informative)

DaveV1.0 (203135) | more than 8 years ago | (#14859630)

What you say is true, but there is a difference here. The products you mention are, presumably, closed source products. MrJB is talking about releasing an open source product. The closed source product did not reveal the "trade secrets" of Roland and other companies.

Releasing an open source product could be considered revealing the trade secrets of the company and MrJB could quite easily be sued for it.

Now, a possible solution for MrJB MIGHT BE(IANAL) to release a binary only kernel module, assuming he can do that without running afoul of the GPL. But, even then, he may have legal exposure.

Easy solution (1)

ajs318 (655362) | more than 8 years ago | (#14859413)

What you have done is to exercise what in most countries would be considered a protected statutory right. If you asked them for the information {which you are entitled to by law: if you own the device, then you are privy to any secret it may embody} and they refused, then that might even be considered estoppel authorising the use of reasonable force. So publish the information on a server located outside the USA. Get your code tried out on other OSes, including the BSDs. Have someone else, preferably also located outside the USA, publish a review of the device in question and specifically mention your code by way of Linux compatibility.

Of course, if you have the balls, just send a copy of your work to the manufacturers and ask them to include it for download on their website and with future revisions of the driver CD.

So, (0)

Anonymous Coward | more than 8 years ago | (#14859425)

Publish and be damned.

You need an attorney (2, Insightful)

wetfeetl33t (935949) | more than 8 years ago | (#14859426)

I understand the value of this question as a conversation topic, but..
Honestly, the best thing you can do is talk to a professional that actually knows something about this, rather than a whole bunch geeks who have nothing better to do than post stuff on Slashdot that is highly apocryphal, or at least wildly inaccurate, especially considering that a lot is at stake here for you.

Reverse engineering (0)

Anonymous Coward | more than 8 years ago | (#14859432)

If you really did a clean room reverse engineering, you have nothing to worry about; although if you're concerned, post the info somewhere anon. On the other hand, if you used privledged documentation to help you understand the FS, you now know not to do that next time: never taint a reverse engineering attempt by looking at things you shouldn't.

Send the CV now (1)

inerte (452992) | more than 8 years ago | (#14859439)

And if they don't offer you a 300k salary, hold the source as a hostage^H^H^H^H^H^H^H negotiation tool.

Chapter 12 of the DMCA (5, Informative)

Orrin Bloquy (898571) | more than 8 years ago | (#14859458)

Chapter 12's permission vis-a-vis reverse engineering for compatibility purposes refers to copy protection and issues pertaining to copyright, not generic protocols:

http://www.copyright.gov/title17/92chap12.html#120 1 [copyright.gov]

Scroll down to "(f) Reverse Engineering." This section has to do with permitting one vendor to reverse engineer protected/encrypted content.

The notion of reverse engineering a driver for a pipeline which does not encrypt or otherwise disguise its content is theoretically outside the aegis of the DMCA.

Apple used (or misused, depending on your perspective) the DMCA against the OSx86 website because it infringed on protection measures Apple specifically set in place to prevent OSX from installing on whiteboxes. Real told its board members that they might be DMCAed over Fairplay because it unlocks copy protection on iTMS purchases.

If the submitter did not discover any authentication methods or trust related protocols in his reverse engineering, and his driver does not have code which specifically spoofs a platform or other form of identification, it sounds to this non-lawyer like a non-issue.

There may be other legal issues at hand, but AFAIK the DMCA is chiefly concerned with those who circumvent deliberate measures to protect copyright, and simply refusing to publicly document a protocol isn't the same thing.

Now, if the driver somehow replicates code that the vendor had to *license* from Microsoft, Microsoft may have an issue with you. Again, check with a competent IP attorney.

Please, forget about it (1)

XPitrM (919507) | more than 8 years ago | (#14859462)

Please, ho, please, forget about this. Unless you're ready to provide support for all those dummy Knoppix users, keep the thing Windows-only, unless, of cours, you really wish to be damned by the poor Bobs.

Pitch it back to the manufacturer (2, Insightful)

stroudie (173480) | more than 8 years ago | (#14859467)

Why don't you write it anyway (strictly for your own use, to start with), and then once it is working well (and you are happy with it), pitch it back to the manufacturer?

If you look at it from their perspective: through reverse-engineering, you have created a driver for their product which potentially extends the market of that product for no up-front cost to them. What's more, assuming you don't release it into the wild without their consent, you have given them a chance to decide how they want to proceed with it -- you are playing fair with them.

Worst case, they get all legal about it, and cease/desist/wash-your-mouth-out-with-soap-and-wat er, but assuming you find someone with some imagination, they might actually help you with it (or indeed, if you are really lucky, employ you...)

Hmmmm (0)

Anonymous Coward | more than 8 years ago | (#14859486)

Send your code to DVD Jon and let him loose it upon the world.

What should you do? (0)

Anonymous Coward | more than 8 years ago | (#14859516)

Fuck 'em!
Fuck 'em right in the BUNGHOLE!

Alesis loves lawsuits (4, Insightful)

the arbiter (696473) | more than 8 years ago | (#14859521)

To give you a little bit of perspective, I've worked for several Alesis dealers, the first back in 1985 when they were just getting off the ground.

The company loves to sue. LOVES to.

And they don't particularly care about the consequences, even if it hurts them. I've watched them pull product from major accounts because they'd gotten into some tiff with the store over policy.

I'd keep your discovery under wraps.

And, for what it's worth, I'd avoid working there.

Re:Alesis loves lawsuits (1)

mmkkbb (816035) | more than 8 years ago | (#14859684)

I agree. Cumberland is a boring town. I grew up there :)

solution (2, Funny)

gigel (817544) | more than 8 years ago | (#14859529)

remove your name from the source code
zip the source code
rename it pamela anderson new video (2006)
share it on kazaa, dc++, bittorrent, etc, etc, etc

Product link that works better (1)

sboyko (537649) | more than 8 years ago | (#14859622)

http://www.alesis.com/product.php?id=1 [alesis.com]

The previous link provided has broken menus at the top.

I love these questions.... (1)

GeneralEmergency (240687) | more than 8 years ago | (#14859648)



Mining /. for legal advice is like owning a radio in the 1800s.

The signal to noise ratio makes it pretty useless.

I am not a lawyer, and you shouldn't be one either!

some things ARE still legal. (1)

Stumbles (602007) | more than 8 years ago | (#14859661)

IANAL so advise you to either talk with the Samba team and their reverse engineering attempts and more appropriately to contact a lawyer. Having said the above though. Your efforts at reverse engineering sounds similar in the methods used by Samba, which is a look at what goes across the wire kind of thing. If you did not disassemble any of their code and similar things I don't see how anyone can come after you.

So you want to have your cake and eat it too? (1)

analog_line (465182) | more than 8 years ago | (#14859672)

Don't be a whiny brat. Be an adult and make some choices about your priorities. Which is more important to you, avoiding possible lawsuits and possibly working for the company, or helping an open source project or two.

You can't have both. Grow up.

Careful here. (1)

galenoftheshadows (828940) | more than 8 years ago | (#14859674)

Copyrights are one thing, but the words "patent pending" are a totally different world. Depending on which parts of this system they're shooting for patents on, the idea of reverse engineering could be totally moot.

If the mechanism for storing the infomation on disk is patented, reversing the data on the disk could or could not be against patent. There won't be any DMCA violation, but they could sue you for licensing at any price they felt agreeable.

The problem with current patents is this: A patent, if not reverse engineered properly, can end up being reengineered too closely to the original patent. And these days, the application process for patents has fallen into disrepair so far that patents can be quite vague intentionally, which makes things even worse for a reverser.

Be careful, and good luck. Best case, you're dealing with something that the company doesn't really even care about. Worst case, they've patented a specific PLC that encodes the data some special way and then bursts it to the disk. Hopefully, it's best case, but we wary of the worst.

HE = Teh Idiot (1)

jnadke (907188) | more than 8 years ago | (#14859695)

Slashdot has just been trolled.

His first mistake is posting is publicizing his indecision. This tells me this guy is just trying to establish a reputation, and has no intention of sharing his work.

If I were him, I would have posted the code to newsgroups anonymously. Then sent an anonymous e-mail to the relevant linux maintainer/developer. They can't catch you if you don't leave any cookie crumbs to follow.

Answering your own question (1)

BarryNorton (778694) | more than 8 years ago | (#14859723)

Despite reply after reply saying 'IANAL but... screw the corporations!!!1', you're answering your own question - wouldn't you be annoyed if someone did this to you? Would you employ them?

There's no law against farting, but letting one out at the end of an otherwise-succesful job interview's not going to get you far...

Ok Rule #1, DO NOT TRUST legal Advice on Slashdot (1)

TheNetAvenger (624455) | more than 8 years ago | (#14859725)

Ok Rule #1, DO NOT TRUST legal Advice on Slashdot...

This is a good place for the debate of such a topic, but don't screw with your life based on the post of other Slashdotters, even myself.

#1 Seek legal advice
#2 Then proceed by probably making 'reasonable' inquires to the company expressing that if they don't support linux would they be willing to support 3rd party work that does. (After getting legal advice to help with the inquiry.)

See, here is the problem, many have correctly stated things like certain types of reverse engineering is 'acceptable', but there are reasons most products EULAs and such prohibit reverse engineering.

Lets take your senerio for example, maybe there are 'other' reason the company doesn't support Linux, it could be something they deem a secuirty risk, or other threat, or even a threat to their intellectual property.

Don't get fooled by any post here telling you it is ok or benign, they don't know enough and you don't even know enough.

Protect yourself, and you might find you could talk the company into supporting or paying you for your time in developing a reasonable Linux solution for their product. But have legal advice along the way.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?