Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

SAP Admits to 'Inappropriate' Downloading of Oracle Code

Zonk posted more than 7 years ago | from the think-then-do-think-then-do dept.

Oracle 149

netbuzz writes "SAP's CEO Henning Kagermann uses the undoubtedly lawyered term 'inappropriate download' to describe the company's questionable actions. Henning blames a rogue business unit, but there can be no mistaking the fact that Oracle caught SAP with its hand in the IP jar on this one. The legal proceedings that will follow should prove interesting. 'The admission hurts SAP's reputation in the battle with Larry Ellison's Oracle in the $56 billion market for software that manages tasks such as payroll. The rivalry between SAP and Oracle escalated when Oracle filed its March 22 lawsuit claiming SAP workers hacked into a Web site and stole software codes on a grand scale.'"

cancel ×

149 comments

Sorry! There are no comments related to the filter you selected.

Sound familiar? (5, Funny)

EveryNickIsTaken (1054794) | more than 7 years ago | (#19732047)

I did not have inappropriate downloads with that source code!

More like (-1)

Anonymous Coward | more than 7 years ago | (#19732139)

I am not a crook
or
I did not tell him about her. I have not committed treason.

Slashdot Is a Turd Swirling the Toilet Bowl (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19732365)

Yet another inane reply to an inane story. Why not visit instead of hanging out in this lame chat room [nicolebrazzlexxx.com] ?

I CAN'T BELIEVE IT'S NOT HORSECOCK! (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19732437)

Important Stuff

        * Please try to keep posts on topic.
        * Try to reply to other people's comments instead of starting new threads.
        * Read other people's messages before posting your own to avoid simply duplicating what has already been said.
        * Use a clear subject that describes what your message is about.
        * Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated. (You can read everything, even moderated posts, by adjusting your threshold on the User Preferences Page)
        * If you want replies to your comments sent to you, consider logging in or creating an account.

Problems regarding accounts or comment posting should be sent to CowboyNeal.

Re:Sound familiar? (0, Redundant)

antdude (79039) | more than 7 years ago | (#19733705)

Is that you, Bill Clinton? :)

First LOL (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19732055)

I lol'd. I really did.

Also, another funny:

Q. What do you do after raping a deaf, blind and dumb girl?
A. Break her fingers so she can't tell anyone!

Re:First LOL (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19732311)

You really need a hobby... or a girlfriend. Then again, the girlfriend would be a bad idea, so go for a hobby.

Alternate answer... (0, Troll)

StressGuy (472374) | more than 7 years ago | (#19732429)

Q. What do you do after raping a deaf, blind and dumb girl?
A. Go to prison

And the follow up (this is really funny)

Q. What do you do when your fellow inmates discover you assaulted a Handicapped woman?
A. They all make you their "deaf, blind, and dumb girl".

Not funny? oh well, I guess you had to have been there.

Re:Alternate answer... (0)

Anonymous Coward | more than 7 years ago | (#19733483)

That's even funnier, well done

Who would have guessed (1)

Timesprout (579035) | more than 7 years ago | (#19732065)

Oracle has pr0n embedded in it's downloads.

Codes plural? (5, Funny)

Random BedHead Ed (602081) | more than 7 years ago | (#19732071)

and stole software codes on a grand scale

They stoles codes? Oh noes!

Re:Codes plural? (0, Offtopic)

L7_ (645377) | more than 7 years ago | (#19732163)

they have stolen the codes!

one of my pet peeves is pluralizing codes. its like broadcasting to the world "i do not know what i am talking about!". unless you are talking abuot the interwebnet codes.

Re:Codes plural? (2, Funny)

$RANDOMLUSER (804576) | more than 7 years ago | (#19732169)

...software codes...
<blink> <blink>
(checks again)
developers.slashdot.org
(pounds head on desk)

Re:Codes plural? (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19732215)

developers.developers.developers.slashdot.org/thro w.chair?

[abort][continue][cancel]

Re:Codes plural? (1, Funny)

Dachannien (617929) | more than 7 years ago | (#19732181)

Yep, they downloaded one code over each internet.

Re:Codes plural? (1)

utopianfiat (774016) | more than 7 years ago | (#19733937)

They had to get the internet first: so their other office emailed it to them and it took nearly a day- damn tubes...

Re:Codes plural? (1, Interesting)

Anonymous Coward | more than 7 years ago | (#19733193)

most people do not use the term in this light, but "codes" is actually common jargon in high-end supercomuting. It does in fact refer to "code", but as it is being run distributed across thousands of processors. I suspect that the term is derived from the pluralisation actually. It's usage has been falling out of favor though due to confusion with poor english.

Re:Codes plural? (1)

Yvanhoe (564877) | more than 7 years ago | (#19733785)

What makes me raise eyebrows is the verb "steal" more than the pluralization of "code". No doubt that this action is illegal but the use of "steal" is just inaccurate. Why can't we stick to "illegal download" ?

Bah (2, Insightful)

Richard McBeef (1092673) | more than 7 years ago | (#19732087)

Just a little harmless copyright infringement. There shouldn't be a problem here.

Re:Bah (0)

Anonymous Coward | more than 7 years ago | (#19732695)

Actually, if Oracle is smart this becomes trade secrets and that is a big deal.

Can I get a consensus opinion? (4, Insightful)

shark72 (702619) | more than 7 years ago | (#19732109)

I believe that the Slashdot zeitgeist is that the word "stole" is used incorrectly here -- many Slashdotters believe that the term "to steal" should only be applied to an instance where a physical item is moved from one place to another, and should not be applied to instances of copyright infringement or unauthorized duplication -- although I presume that exceptions can be made for "theft of service," "identity theft," "you stole my thunder," "stolen kisses" and the like.

So -- was the code really stolen?

Re:Can I get a consensus opinion? (2, Informative)

johnw (3725) | more than 7 years ago | (#19732151)

It's not a question of belief - the term "theft" has a very precise definition, and it doesn't include making unauthorised copies of someone else's software or films, despite what F.A.C.T. and F.A.S.T. would want you to believe.

That doesn't mean that copyright infringement isn't wrong or illegal - it just isn't theft.

Re:Can I get a consensus opinion? (3, Interesting)

Brian Gordon (987471) | more than 7 years ago | (#19732387)

But it is illegal- we'll have to see whether SAP shields its hacker team behind the veil of corporate responsibility or exposes them to be criminally prosecuted individually.

Re:Can I get a consensus opinion? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#19732189)

> Was the code stolen?

No. Theft is the removal of property with the intent to deprive the rightful owner of it. This is not removal of property, it is the illegal copying of IP. Therefore, illegal, but not theft. "Stole", "Stealing", etc. seem to have a less theft-y connotation than "theft", in general use, and tend to pass in these cases without much argument, but that needs to stop. Theft is theft, and infringement is not.

Re:Can I get a consensus opinion? (2, Insightful)

abigor (540274) | more than 7 years ago | (#19732409)

So what you're saying is, if I break into your house and write down the combination for your safe, I haven't stolen the combination? I think the popular use of the word "theft" would cover such a case. I've stolen the secrecy, which is the value in a secret combination.

Re:Can I get a consensus opinion? (2, Insightful)

The-Ixian (168184) | more than 7 years ago | (#19732549)

However, you have not deprived the owner of the combination and he/she is able to change it.

Re:Can I get a consensus opinion? (1)

hardburn (141468) | more than 7 years ago | (#19732571)

The US has different laws to cover ideas that are publicly known (copyright) and held privately (trade secrets). One can steal a trade secret (by making it un-secret), but not a copyrighted work.

Re:Can I get a consensus opinion? (1)

MBGMorden (803437) | more than 7 years ago | (#19732593)

No, you HAVEN'T stolen anything. You're guilty of breaking and entering. If you use that code to his safe to take anything out of it THEN you'll be guilty of theft.

Just knowing his safe code is not a crime; obtaining it through illegal means (the aforementioned breaking and entering) is the part that is against the law.

Re:Can I get a consensus opinion? (2, Insightful)

Anonymous Coward | more than 7 years ago | (#19732681)

> So what you're saying is, if I break into your house and write down the combination for your safe, I haven't stolen the combination?

YES, I AM SAYING EXACTLY THAT!

Pretend now that my safe is on display at the end of my driveway, and you, passing by, happen to see the combination written on the front of it. Have you stolen it? No. The only thing you've done illegally in your example is Break and Enter.

Pretend I leave my wallet open on a table, and you read my credit card number. Have you 'stolen' the 'secrecy' of my number? No. You haven't 'stolen' ANYTHING! However, should you choose to use my credit card number, you'd be charged with Identity Fraud and theft (since at that point, you would be stealing my money).

Re:Can I get a consensus opinion? (1)

misleb (129952) | more than 7 years ago | (#19732735)

I'm pretty sure "secrecy" is not something that can be stolen. I can't sue (or press charges against) someone just because they found out something about me that I didn't want them to know. Breaking and entering is the only crime in this particular hypothetical case.

-matthew

Re:Can I get a consensus opinion? (2, Interesting)

UncleTogie (1004853) | more than 7 years ago | (#19733389)

I'm pretty sure "secrecy" is not something that can be stolen.

Tell that to the Rosenbergs... [wikipedia.org]

Re:Can I get a consensus opinion? (5, Funny)

kevin_conaway (585204) | more than 7 years ago | (#19732765)

So what you're saying is, if I break into your house and write down the combination for your safe, I haven't stolen the combination? I think the popular use of the word "theft" would cover such a case. I've stolen the secrecy, which is the value in a secret combination.

I don't follow you. Can you try again with a car analogy?

Re:Can I get a consensus opinion? (1)

KarmaMB84 (743001) | more than 7 years ago | (#19733993)

Well, it would be akin to breaking into your house and taking high detail photos of your car keys.

Re:Can I get a consensus opinion? (1)

dattaway (3088) | more than 7 years ago | (#19732207)

So -- was the code really stolen?

They should have used Bill Gates' precident: removing code from a dumpster. That went unchallenged for years and now that method is not enforceable.

When you take something that doesn't belong to you (2, Insightful)

geoffrobinson (109879) | more than 7 years ago | (#19732251)

...that's stealing. People may try to justify stealing because the laws are bad (and the laws may need to be changed) but that doesn't change the fact that we steal things that don't belong to us.

We are stone-cold thieves. That's the human condition.

Re:When you take something that doesn't belong to (-1)

Anonymous Coward | more than 7 years ago | (#19732321)

You're avoiding the point. This isn't stealing or theft. You aren't physically removing the property from the owner, and depriving them of its use. It's copyright infringement. That doesn't make it any less wrong, it just makes you technically incorrect. Get your facts straight. By the same logic, exceeding the speed limit is theft, since it is also illegal.

Re:When you take something that doesn't belong to (1)

kryten_nl (863119) | more than 7 years ago | (#19733475)

I'm just glad that we (the human race) invented the wheel _before_ we invented copyright.

Re:Can I get a consensus opinion? (1)

javilon (99157) | more than 7 years ago | (#19732397)

Well, you can even get the consensus opinion from SAP lawyers. They said "innapropiate download" as opposed to "stealing of code" so there you go.

Re:Can I get a consensus opinion? (5, Informative)

bobcat7677 (561727) | more than 7 years ago | (#19732403)

Oh for pete's sake! The article writer obviously had no clue what they were talking about. No "Code" or "codes" were "stolen" or otherwise questionably acquired by SAP. Some guys in a support center used logins that weren't theirs (but they were given permission to use) to gain access to software patches and support documents that Oracle was too stingy to give them access to in the first place. They were just trying to do their job and help out customers. At worst it could be considered trespassing...but "stealing code"??? Thats really stretching the definitions of both the term "code" and the term "stealing".

Re:Can I get a consensus opinion? (5, Informative)

Red Flayer (890720) | more than 7 years ago | (#19732831)

SAP & Oracle both provide support for Oracle systems. So, it goes a little deeper than you would suggest, since the patches etc were then further distributed. Furthermore, the code in question went beyond the scope of the support being provided to the client.

The issue here is that SAP used underhanded (and illegal, likely) tactics to derive an advantage over a direct competitor in the support space -- they "stole" trade secrets.

Sure, it doesn't seem like a big deal, but remember that Oracle paid developers to write and test that code -- and SAP got an easy hand up in building similar patches / support mechanisms for what they address.

Re:Can I get a consensus opinion? (1)

bobcat7677 (561727) | more than 7 years ago | (#19733309)

I don't know about you, but I would feel really betrayed and cheated if I found out my software vendor was purposely withholding patches and support documents for their own gain. Especially patches. If the software is broken then the maker should have a responsibility to make any existing fixes freely available to all clients/users (implied warranty). You shouldn't have to pay a company to release a patch to you that they are holding for ransom. Oracle's anti-competitive practices are hurting their customers and I hope they rot for it.

Re:Can I get a consensus opinion? (2, Insightful)

Red Flayer (890720) | more than 7 years ago | (#19733473)

You shouldn't have to pay a company to release a patch to you that they are holding for ransom.
Well, there are differences between essential patches and non-essential ones. Security holes, operating flaws, sure -- I agree with you. But a lot of other patches are to introduce more functionality or to improve efficiency, and if you choose to buy software as-is, and then go elsewhere for support -- well, then, why should you have access to those patches? You certainly aren't contributing financially to the development of them.

This is not abnormal for software companies -- if you want access to upgrades & non-essential patches, you pay for support of that software from the developer, or from authorized resellers. Pretty much an industry standard from my experience.

Re:Can I get a consensus opinion? (1)

HomelessInLaJolla (1026842) | more than 7 years ago | (#19732949)

Some guys in a support center used logins that weren't theirs (but they were given permission to use) to gain access to software patches and support documents
I don't know if I should be thankful that someone finally put all that into perspective or disgusted that so many other people run with the spin ("they stole code" as if they made off with an entire codebase repository and turned it into a multi-billion dollar OS after chaning the --version string) and try to make it stick as hard as possible.

Parent needs to be +5 and reindexed to the top of the page.

Re:Can I get a consensus opinion? (1)

rolfwind (528248) | more than 7 years ago | (#19732511)

"identity theft,"


Well, as dictionary.com defines it:
1. the act of stealing; the wrongful taking and carrying away of the personal goods or property of another

With identity theft, you are taking someone else's reputation/credit and depriving them of it (by ruining it)

Re:Can I get a consensus opinion? (2, Insightful)

kebes (861706) | more than 7 years ago | (#19732537)

Yes, you're quite right. This is not "theft" in any useful sense. Certainly in regards to the law, "theft" has a specific meaning. The present actions, if true, are probably illegal, but are not theft.

Similarly, the other examples you gave: "theft of service," "identity theft," "you stole my thunder," "stolen kisses". None of those are "theft" in the legal sense (in fact half are not even illegal). Moreover, if you were trying to have a refined argument about any one of those topics, I believe most rational debaters would agree that none of them are "theft" in the strict sense of the word. The word "theft" is being applied in those cases to make the term catchy and easy to remember.

In regards to copyright infringement being inappropriately called "theft" (which is what you were indirectly referring to), similar arguments apply. It is not "theft" in the legal sense of the word, and I believe in a critical argument of the subject, using the term "theft" is imprecise and essentially an appeal to emotion rather than logic. The reason why many people in the copyright debate request that the terms "theft" and "piracy" be expunged from the debate is that, while they are catchy and easy-to-use terms, they muddy the debate by injecting moral preconceptions into the debate. (Thus, by using the terms one is implicitly already supporting a certain moral position, making impartial debate more difficult.)

Similarly, I think if there was a serious debate about the morality of giving one's lover a quick kiss, it would be a weak argument from the anti-kiss debaters if they said "stealing a kiss is, like all forms of stealing, immoral since theft is wrong." The pro-kiss debaters would be well within their debating rights to request that the term "stealing kisses" not be used, and the more neutral term "quick kiss" be used instead.

Re:Can I get a consensus opinion? (1)

KeepQuiet (992584) | more than 7 years ago | (#19732539)

Sure it is stealing. Check dictionary "Steal: To take (the property of another) without right or permission." It doesn't have to be physical. Besides if they print the code on a paper, there you go, it is physical now :)

Re:Can I get a consensus opinion? (1)

Znork (31774) | more than 7 years ago | (#19733239)

Intellectual 'property' is an intentionally applied misnomer, with the exact purpose of confusing people to think exactly as you appear to do. Copyright and other such legal constructs arent 'property' as such, but government granted temporary monopolies.

As it isnt property, that dictionary definition obviously does not apply.

Perhaps you could come up with some other word to define 'to violate someones government granted monopoly without right or permission'. Stealing, however, just isnt it.

Re:Can I get a consensus opinion? (1)

KeepQuiet (992584) | more than 7 years ago | (#19733667)

Nope I am not confused, I know what I am saying. If some guys spent hours to create a software (or any intellectual property), of course it should be protected and using it without their permission is indeed stealing. No need to play with words. After all, we are not talking about patenting 'one click shopping' or such silly things. A full system of code must be protected if the author wants so.

Identity theft (1)

HalAtWork (926717) | more than 7 years ago | (#19732551)

You can't have your identity stolen, because according to the government, your identity is not within you, it's some intangible record. It can be misappropriated though, in the sense that someone other than you can use it. It's a flaw that criminals take advantage of to view private information, take your stuff, or take actions on behalf of you, and THAT is the actual problem.

As for stealing code, I think the problem is not actually that the code is stolen but that the copyright and license have been violated, and in addition they have made money from someone else's work without them knowing. If SAP is getting Oracle's customers when they would have otherwise gone to Oracle if SAP had not used Oracle's code, then SAP is altering the course of revenue that Oracle would otherwise have, and that is a crime.

Re:Can I get a consensus opinion? (1)

misleb (129952) | more than 7 years ago | (#19732633)

It doesn't sound like it was "code" at all. The TFA mentioned "fixes and support documents." Perhaps Oracle was not providing good enough support so SAP took it upon themselves to get the information they needed? Who knows.

Re:Can I get a consensus opinion? (1)

Opportunist (166417) | more than 7 years ago | (#19732899)

Does that mean I can point my "hacking tools" at Redmond now to finally get something resembling a sensible documentation for functions like LdrGetDllHandle?

Re:Can I get a consensus opinion? (1)

kryten_nl (863119) | more than 7 years ago | (#19733519)

I'd try www.winehq.org first :)

Stolen Code (1)

nurb432 (527695) | more than 7 years ago | (#19732795)

Well, did they "remove" the code from all of oracles servers and backups or in anyway harm the original code? If so, it wasn't stolen.

If they merely copied, then no, nothing was stolen.

Why does the press refer to IP infringement as theft? It gets the common folk riled up. Remember the press is tied directly to the 'media' which desperately needs this to move their agenda along.

Re:Can I get a consensus opinion? (0)

Anonymous Coward | more than 7 years ago | (#19732859)

Smooth trolling.

Re:Can I get a consensus opinion? (1)

Opportunist (166417) | more than 7 years ago | (#19732869)

Huh? Of course it's not. And now we got even the seal of approval from the industry. Taking content that doesn't belong to you is not stealing. It's "inappropriate downloading".

Copyright != Trade Secret (1)

SydShamino (547793) | more than 7 years ago | (#19733159)

should not be applied to instances of copyright infringement or unauthorized duplication

While the term "intellectual property" has little collective meaning, there are four types of government protection that is generally classified as "IP":

Copyright
Patent
Trademark
Trade Secret

Slashdot seems unable to grasp the existence of the fourth one. When a copyright is infringed on, it is ... copyright infringement. However, when a trade secret is stolen it is ... theft. The two different types of protection have completely different laws. Copyright infringement would only apply if Oracle was distributing the code already (to people not covered by an NDA contract!), and SAP acquired its copy through participatory infringement. This is a clear-cut case of theft of trade secret.

Other recent examples of trade secret cases:
  - The early release of the final episode of 24. (I would readily argue that unreleased creative works can be classified as trade secrets, since a publisher doesn't want his novel/unique ending recreated in a soap opera before his publication.)
  - The Coca-Cola theft case. The secretary and others that stole the formulas and tried to sell them to Pepsi weren't convicted of copyright infringement; they were convicted of theft of trade secret, as the law applies.

(Yo! IANAL and probably used a few terms slightly wrong.)

Re:Can I get a consensus opinion? (1)

Kjella (173770) | more than 7 years ago | (#19733269)

Note: This isn't about law, but about what's natural to say. In general, making copies is copyright infringement either if it's your own or your buddy's CD you're copying. But I think there's a rather long-standing history for using the word "steal" when you break into someone else's property to find that first copy. E.g. "stealing the manuscript to the latest Harry Potter movie", "stealing trade secrets" or "stealing customer databases", "stealing social security numbers" etc. Note that this isn't the same as infringing on copyright of unpublished works. To take Harry Potter since that is the easiest, only the first person "stole" it, in my opinion. Then the rest were infringing on the copyright of that unpublished work until it is published. I'm not sure if that one person is singled out in a separate crime, but he's certainly going to be punished for being the "origin" of all the copies.

Definitely not "stolen" (0)

Anonymous Coward | more than 7 years ago | (#19733463)

Because they didn't delete what they downloaded from Oracle's servers, it was not "stolen." Improperly downloaded, sure. I'm not quite even convinced it was copyright infringement (these were support documents they make available to anyone with a support account, after all). So at worst, they misused support accounts they shouldn't have. Unless that deprived other people of the use of the support accounts (in which case the accounts could've been "stolen") I can't see how anything was stolen here. Just someone making a lot of fuss over nothing.

And to the other fellow below saying that you can "steal" a combination to a safe, unless taking it deprived you of the use of it, I wouldn't say that the combination had been "stolen." That's just not what the word means, however loosely it's used. That's not to say that it's right or good to do that, but still, I don't see "secrecy" as something that can be stolen. Now, you can steal credit (plagiarism) for something, but secrecy is a lack of information, not a positive entity, like credit for a work, or say light (when you compare it to its negative entity, shadow).

So it might still be wrong, especially if you used it to steal things from the safe. I just don't see it as properly being called "theft" because nothing has been removed except an absence of information. I also have some question as to whether that example would be universally wrong. What if you overheard it, or stumbled across the combination by accident? I have a hard time believing that would be wrong, let alone illegal. Conversely, installing a key logger or hidden camera or something to copy down passwords or combinations is very wrong, so it depends on context. Not theft in either case, but quite possibly both wrong and illegal for other reasons.

There are lots and lots of crimes that aren't theft, after all.

Honeypot? (2, Interesting)

CastrTroy (595695) | more than 7 years ago | (#19732111)

How likely is it that Oracle left a honeypot for SAP, MS, MySQL, or any other competitor to walk into, so that they could get rid of that competitor, or at least ruin their reputation and get some money? The fact that their was code on a website accessible to the outside world seems a little suspicious to me. Who leaves code on a publicly accessible server? I think that Oracle would at least be security savvy enough not to let their code be stolen. Anyway, not to start any conspiracy theories or anything, but I just find it a little odd.

Re:Honeypot? (2, Informative)

Vancorps (746090) | more than 7 years ago | (#19732197)

This is pretty common practice with Oracle, this is why people pay good money for Metalink access. It's a very valuable tool if you have to work with Oracle products. We used it extensively to get our in-house application working flawlessly with Oracle 10g. There is tons of sample code up there. I doubt they found any actual DBMS code.

Re:Honeypot? (1)

CastrTroy (595695) | more than 7 years ago | (#19732309)

If it's pretty common practice for them to give out this code to their users, then why was SAP in the wrong with downloading it. Are they complaining that SAP downloaded some code off of Oracle's website that was right out in the open for their customers to download? The article seems to be a little light on the details, so what did SAP actually download, and how hard was it for them to "hack" in to the Oracle website containing the code?

Re:Honeypot? (1)

Fox_1 (128616) | more than 7 years ago | (#19732469)

Both Companies, SAP and Oracle make money supporting each others products for their customers, kind of a 1 Support solution even though there is more then 1 Vendor involved. SAP was able to download product patches and updates that allowed them to provide support for Oracle products, but they were downloading files meant for Oracle customers who had paid Oracle for Support. SAP was able to use those files to support customers who had not paid Oracle for support, but had chosen SAP for Support. It's just dirty, SAP agreed to provide support but they are just stealing the solutions from Oracle.

Re:Honeypot? (0)

Anonymous Coward | more than 7 years ago | (#19733855)

Posting as AC for obvious reasons.

There is no source code to any Oracle product on MetaLink, nor is it possible to access source code from the outside without special software and internal access granted to certain servers etc.

What you can find on MetaLink are patches (bug fixes), notes on how to solve various issues, SQL scripts for many tasks and sample code used to demonstrate certain features, access to bugs and the bugtext if published etc.

Re:Honeypot? (0)

MightyMartian (840721) | more than 7 years ago | (#19732295)

I think it's the more likely explanation. What company with a major product like Oracle would allow code to be available for a website hacker? I can tell you that all my developmental stuff is not on a machine that one could just hack into via the web server to grab the code.

Re:Honeypot? (2, Interesting)

OG (15008) | more than 7 years ago | (#19732379)

From a quick perusal of news stories, that doesn't seem be the case. It looks like some TomorrowNow employees used credentials from their clients to access information from Oracle's website that they would not otherwise have access to. As to what the did with it...the only concrete thing I've seen so far is republishing Oracle info for some fix with the TomorrowNow logo and representing it as their own work.

Re:Honeypot? (1)

evilviper (135110) | more than 7 years ago | (#19733275)

As to what the did with it...

Since the evidence that they stole the code is overwhelming, they've admitted to that. But, of course, after going through the trouble of stealing their biggest competitor's code, they didn't actually do anything with it that could be illegal... No.

In other words, they didn't inhale.

Re:Honeypot? (1)

mhwelsh (969682) | more than 7 years ago | (#19733273)

Read the article please. They didn't download source code to Oracle Products. Its sample code that is available to their customers. Most large software packages have similar websites. Oracle's happens to be the best I've used. However, the code and examples give a lot of insight into the nitty gritty workings of the Oracle products. This is a trade secret, that is useful to both customers and competitors, and they have a reasonable expectation that SAP will stay out. Most large companies with any sort of Business Conduct rules would fire these employees immediately. Its unethical even if its easy.

Confused (2, Interesting)

Reason58 (775044) | more than 7 years ago | (#19732175)

SAP workers hacked into a Web site and stole software codes
Am I the only one confused as to why Oracle would be keeping source code on a production web server?

Re:Confused (1, Funny)

Anonymous Coward | more than 7 years ago | (#19732289)

Probably. Makes perfect sense to me. As a Windows Vista developer in Redmond I always post the full OS source code to developer.microsoft.com. I like it better than the local store because the password is "msrulez" and I find that easier to remember than the long passwords they make us use on the internal systems. (Mine currently is "Dev0944438766****" - annoying, isn't it? I had to throw my social security number in there to get it to the length the admins required.)

Re:Confused (1, Informative)

Anonymous Coward | more than 7 years ago | (#19732317)

Am I the only one confused as to why Oracle would be keeping source code on a production web server?

That is how Oracle sends out updates to it's ERP software. The customer uses a user ID and password to log into a secure site and then the customer is free to download any patch necessary.

Re:Confused (1)

OG (15008) | more than 7 years ago | (#19732433)

As someone else stated, the code that was downloaded probably wasn't Oracle DBMS code. Rather, it was coding examples like people would usually find on a developer network site, such as MSDN.

Most inappropriate use of the word "inappropriate" (3, Interesting)

Trails (629752) | more than 7 years ago | (#19732183)

Inappropriate? Inappropriate is when my boss caught me photoshopping my buddy's head onto a screen cap of the Pamela and Tommy video (It was for his bachelor party, I swear it).

This is illegal and perhaps fradulent (ie they claimed they were customers seeking service). But what gets me the most about this is how blisteringly stupid it is. "There's no way they could know it's us! Well, there's no way, apart from the webserver logs, that they could know it's us!".

From the article:

Oracle said TomorrowNet used identities of Oracle customers and phony users to gain access to its systems. Customers for whom SAP allegedly conducted illegal downloads include Merck & Co. and Bear Stearns & Co., according to the March 22 lawsuit.
So not only are they picking a legal fight with Oracle, pissing of the DOJ, and destroying their reputation, but they've basically shown they're not above pretending to be their customers. I bet the SAP CEO is turfed before the end of the next quarter.

Re:Most inappropriate use of the word "inappropria (2, Interesting)

Red Flayer (890720) | more than 7 years ago | (#19732499)

None of that matters in the long run.

FTA (emphasis mine):

``Although many will see the legal teams as the cavalry in this battle, the troops that really matter are the PR special forces contingent,'' Ovum Plc analyst David Mitchell said. ``PR is where this battle will be won or lost.''
That is most certainly the case.

And now for the snark. Wtf? PR special forces? What kind of training does that require? Going seven days without using buzzspeak or powerpoint? Writing press releases and giving presentations under hostile fire?

And, most importantly, what color are their berets?

Re:Most inappropriate use of the word "inappropria (1)

Qrlx (258924) | more than 7 years ago | (#19732713)

And, most importantly, what color are their berets?

Blackberry.

Re:Most inappropriate use of the word "inappropria (1)

Opportunist (166417) | more than 7 years ago | (#19732973)

When you now refer to their work as RIMjobs, I'm SO out of here...

Re:Most inappropriate use of the word "inappropria (1)

Dogtanian (588974) | more than 7 years ago | (#19732625)

Inappropriate? Inappropriate is when my boss caught me photoshopping my buddy's head onto a screen cap of the Pamela and Tommy video (It was for his bachelor party, I swear it).
Would have less inappropriate if it hadn't been *Pamela's* body you chose to paste his head onto...

Re:Most inappropriate use of the word "inappropria (2, Interesting)

Asic Eng (193332) | more than 7 years ago | (#19733261)

It's not terribly clear to me why that should be inappropriate at all. It seems their services company (TomorrowNet) would download patches from Oracle servers for Oracle customers. So if I understand this correctly, the customer (e.g. Merck) would call TomorrowNet (who they have a support contract with) and ask them to help them with some problem on their Oracle installation (which they bought and have the right to receive patches for). So now the TomorrowNet employee using Merck's login downloads the patch for them and (using the documentation which comes with the patch) explain to the Merck employee what they have to do to get the patch installed.

I presume somewhere in the contract between Oracle and Merck there is something which says "only your employess may use this account", and there is probably a notice on the website which states that you can only access the account with your own login. The whole setup would be used to prevent other companies from supporting Oracle installations, I guess.

It's all about preventing competition and replacing innovation with lawsuits, in my opinion.

Too bad... (2, Funny)

rootology (905480) | more than 7 years ago | (#19732195)

Just think how many problems like this could be solved if someone went and invented some sort of free software licensing system, and everyone adopted it...

Re:Too bad... (1)

heinousjay (683506) | more than 7 years ago | (#19732325)

Yes! Yes! The best way to ensure that people's rights aren't violated is to take those rights away!

Re:Too bad... (1)

rootology (905480) | more than 7 years ago | (#19732413)

Yes, because releasing code under something like the GFDL is obviously a release of your own rights to profit off your code.

Re:Too bad... (1)

kinglink (195330) | more than 7 years ago | (#19732467)

As long as the license creator didn't throw a fit when someone tried to make money off of the license in a way he didn't think of, and feels the need to write a new license that locks out those people. Oh yeah and basically acts like a spoiled baby.

I'm all for free software licensing. I just don't think the people at the forefront of the free software licensing are the people who should have any control over it at all.

what if it was a setup (0)

b17bmbr (608864) | more than 7 years ago | (#19732229)

not that I'm a tin foil hat guy, but what if oracle paid someone in SAP to hack the site, opened up the hole for the purpose, and then let the whole thing go down? what's a few mil when then there's billions to grab.

Re:what if it was a setup (1)

Trails (629752) | more than 7 years ago | (#19732373)

Then, if that ever came out, the reputational and legal implications for Oracle would be disastrous.

While it's feasible someone with "pull" at Oracle is dumb enough to try something like that, it's not within the realm of reasonable probability. Courtesy of Sorbannes-Oxley, companies have checks and balances built in to prevent just these types of things (audits and reviews), meaning that the collusive elements required to pull this off would be fairly distributed, and difficult to contain.

Re:what if it was a setup (1)

Aladrin (926209) | more than 7 years ago | (#19732529)

I think you qualify for a tinfoil hat license now.

Seriously, though. If they HAD paid someone to do that... Would that person not be sitting on a ton of blackmail? Oracle could never get away with it.

Linus is right (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19732305)

I am with Linus on this one.

stole software codes on a grand scale (0, Offtopic)

Threni (635302) | more than 7 years ago | (#19732359)

I wonder how many codes they stole? For a Slashdot story, this is pretty poor.

Not Source Code (5, Informative)

Anonymous Coward | more than 7 years ago | (#19732393)

There was no source code on the website!
It was Technical Support documents and patches that SAP was downloading. The only "theft" here is that SAP did not have support contracts to download the patches and documents.

Re:Not Source Code (3, Interesting)

OG (15008) | more than 7 years ago | (#19732471)

And, according to one news article I saw, republished one of the support documents with their own logo, passing it off as their own work.

Re: SAP Admits to 'Inappropriate' Downloading (1)

zakeria (1031430) | more than 7 years ago | (#19732401)

but they uploaded better code in return!

Re: SAP Admits to 'Inappropriate' Downloading (4, Funny)

Is0m0rph (819726) | more than 7 years ago | (#19733743)

Umm this is SAP we're talking about. If you've ever used SAP you'd know there's no possible way they improved anybody else's code ;)

Heh (3, Funny)

glwtta (532858) | more than 7 years ago | (#19732431)

"Unbreakable", my ass.

Re:Heh (1)

Fex303 (557896) | more than 7 years ago | (#19733575)

"Unbreakable", my ass.

That's what she said.

Sorry. Had to be done.

Re:Heh (1, Insightful)

Shuntros (1059306) | more than 7 years ago | (#19733917)

Greetings! American unit who didn't bother to RTFA, or the comments. Them, up there ^^^

How exactly is entering a valid username/password (albeit that weren't theirs) breaking the unbreakable? It's not, is it. So you're not funny. STFU.

Obligatory (0)

Anonymous Coward | more than 7 years ago | (#19732807)

I'm in your serverz stealing your codez!!

Summary is slanted - no "hacking" involved... (4, Informative)

Marcika (1003625) | more than 7 years ago | (#19732909)

The article summary by "netbuzz" is plain flamebait. As TFA says, SAP was authorized to download materials from Oracle's Web site on behalf of customers. The SAP support people made "inappropriate downloads" of fixes and support documents without direct customer need, but they don't state anywhere that there was any hacking or any "stolen" code or "intellectual property" beyond what Oracle specifically made available for support purposes!

EULA vololation, NDA volation or infringement? (0)

Anonymous Coward | more than 7 years ago | (#19733641)


So, I can't tell what they are talking about. Oracle has tons of "free-ish"
developer licensed stuff that is not usable IIRC when downloaded on
behalf of client as opposed to _by a client_ ... So, is that what they
are talking about (EULA volation) ... or did they disclose confidental
info given as a result of a partnership agreement? (NDA / Contract volation)
Or make illegal copies of stuff not avialable w/ developer terms and distribute to
cleint (infringement)? .. Or did the actually _hack_ and copy ... I don't believe that they would. I
mean that would be crazy ..

Garick

Who cares? (1)

mi (197448) | more than 7 years ago | (#19733157)

Information wants to be free. Does not it?

Embarrassing (1)

jmors (682994) | more than 7 years ago | (#19733629)

It seems to me that this is as much an embarrassment for Oracle as it is for SAP. Don't they have that "unbreakable" os and software there? :) I guess no matter how secure your software is, if your human personel place your intellectual property on a web server or connect it into your network to the same subnet as the web server you still have huge security holes!

HAD TO POST (-1, Offtopic)

stanchion7 (1123477) | more than 7 years ago | (#19733799)

Long time reader of Slashdot.. haven't bothered to renew my account since my original

But who does this help? (0)

pseudorand (603231) | more than 7 years ago | (#19733999)

So, Oracle managed to have their systems (presumably running Oracle software) hacked while SAP is programmed by hackers capable of breaking in to a major corporate sites... Maybe it's just me, but I think I might be more inclined to trust my business's data to SAP (assuming they're on my side, of course).
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?