Ros-dev January 2006

ros-dev@reactos.org

69 participants
136 discussions

Start a nNew thread

RE: [ros-diffs] [frik85] 4: import reactos.org directory

by Casper Hornstrup

This is wrong. Bugzilla is 3rd party software and needs to go to /vendor/bugzilla/current. Casper

18 years, 7 months

My thoughts

by Andrew "Silver Blade" Greenwood

Personally, my main area of interest regarding the recent discussions has been that of reverse-engineering. But what I'm about to say could probably be applied to the leaked sources, too (this isn't what I'm here to discuss, however.) We all know that some bits of Windows' internals are hidden, often intentionally, and that some product may make use of certain hidden API function calls, or may interact with the system components in a way other than that described in the API reference documentation. Other times, parameters to API function calls are not clear, or not documented at all. As a result, to make something that is compatible with Windows (or at least MORE compatible), it is necessary to use alternative methods (eg: reverse engineering) to determine what an undocumented function works, how it behaves, or to investigate undocumented flags, etc. For the sake of the project, any reverse-engineering should be done as a 2-man job. It seems the case that people often take it upon themselves to do both jobs - that of the person looking at the disassembly, and that of the person writing the code. This is how I wrote most of WDMAUD.DRV. I was skeptical about the morals/legality of it at the time, but was told that it doesn't matter. As this is all now out in the open, and I've exmained the disassembly of WDMAUD.DRV, it's probably best that I continue to examine it, and document my findings, for another developer to implement later. For other modules, it depends who's comfortable doing disassembling. I'm happy to write code, and would like to do so. But I haven't the first clue about kernel-mode debugging so things like the Kernel Streaming API, I'd probably struggle with. As for the rest of the project, the impression I get is that, rather than going through the existing code and auditing it, it might be best to start over. This has disgruntled a lot of the major developers. But don't forget, when the project was in its early days it was focusing on NT4 compatibility... Not a lot worked, and there was no clear-cut development policy... Then there was an explosion of activity and we've been racing forward ever since. Some may claim we're reinventing the wheel again, but we already *have* a working kernel and this time round it shouldn't be as difficult as it was previously, provided we can use our original sources as a reference. There's all sorts of things that can be implemented from the start rather than being added on later (maybe translations? - I don't know how this works but AFAIK this was something that was discussed further along the development line.) We can focus on the current technology and not aim low (NT4.) I just think we need to have people who are good at deciphering disassembly and producing documentation, and people who can code from that documentation (or other documentation, of course.) Anyway, those are my thoughts. If any of it doesn't make sense it's because I'm tired!

18 years, 7 months

Re: [ros-diffs] [ion] 8: - Update directory change in rbuild/xml files too.

by Filip Navara

18 years, 7 months

New repository?

by Reuben Perelman

What's the location of the new ReactOS SVN repository? I tried 'svn co svn://svn.reactos.org', and I got an error saying that no repository existed at that address, so I'm guessing the location of the repository has moved.

18 years, 7 months

Re: [ros-svn] [chorns] 1: Standard repository layout

by TwoTailedFox

... I assume SVN is starting from Scratch? On 1/27/06, chorns(a)svn.reactos.org <chorns(a)svn.reactos.org> wrote: > Standard repository layout > > > Added files: > branches/ > tags/ > trunk/ > vendor/ > > _______________________________________________ > Ros-svn mailing list > Ros-svn(a)reactos.org > http://www.reactos.org/mailman/listinfo/ros-svn > -- "I had a handle on life, but then it broke"

18 years, 7 months

some more informations

by Hartmut Birr

This message has been removed. If you need to access to it please contact gvg(a)reactos.org

18 years, 7 months

Big document

by David Eckert

This message has been removed. If you need to access to it please contact gvg(a)reactos.org

18 years, 7 months

Reset, Reboot, Restart, legal issues and the long road to 0.3

by Steven Edwards

Hello, There has been a lot of talk about possible tainted code in ReactOS and or developers that had access to leaked Microsoft source code. This has caused a lot of speculation about the future of the ReactOS Project. I'm going to try to put those fears to rest and explain what has been going on and where we are going to go from here. There was one issue that started this discussion and it related to clean-room reverse engineering of certain code in ReactOS. Due to the fact we have developers in many different countries the term reverse engineering can mean many things to many different people. For us in the US when you speak of clean-room reverse engineering it means that one person tears apart the implementation of a device, writes documentation and another reads that documentation and implements. Other countries do not require this invisible great wall of development and allow the same person that disassembles the interface to also write the replacement implementation. Because of the confusion this has caused and the possible legal issues this could lead to we have decided to do the following. 1) Amend our Intellectual Property Policy Statement to reflect clean-room reverse engineering as meaning the US standard method for reverse engineering and make that the project requirement 2) Audit the entire source tree and rewrite all code found to have been implemented not using the US method for reverse Engineering 3) Require all developers contributing major code to accept the terms of our IP Policy Document via signature. Now as for the issue of leaked source code, I want to try to put all fears to rest. We don't know what the legal ramifications are for someone downloading and having leaked code, as the party that maintains copyright ownership of that code might still try to claim Trade Secrecy on information contained in the sources in a court of law. It is our point of view that the source code leaks of Windows have been spread to a broad enough audience that it would be impossible to claim the product is still under Trade Secrecy. Because of this we are not banning any developer who might have had access to leaked sources from contributing to ReactOS, however they are being limited as to what area they can contribute. Copyright law still applies to all leaked Windows sources and no one in ReactOS may copy code from a Windows source leak and try to apply it to code in the ReactOS tree. We know of four developers who have had access to leaked sources prior to working on ReactOS and while they no longer have copies of the source code in question, each of the developers have told us in private which sections of the sources they were exposed to. As such the project has amending the IP document as a fourth step of protection 4) any developer that had access to leaked sources is baned from contributing code to the project for any of the modules that are the same as leaked sources they examined. So to clarify that, lets say someone saw some of the leaked Windows source code in version.dll, then they would be unable to contribute code to the ReactOS project for that dll. It is our hope that a court case will arise and declare Microsoft's Windows code is no longer under Trade Secret protection so these developers who did have access to some of the leaked sources will be free to contribute again to all sections of the project. One final note, this audit of the code is going to take a long time. It could take years, but it will happen, this project will come out better than it was before. I don't believe anything anyone has done while working on this project was really wrong. Every decision has three possibilities, being moral, ethical and or legal. Sometimes the law in itself is unethical and immoral. If people made mistakes and there was a violation of the law, I question the justice of the law and or anyone that would try to prosecute any of the developers who just want the freedom to learn and create a more free system. -- Steven Edwards - ReactOS and Wine developer "There is one thing stronger than all the armies in the world, and that is an idea whose time has come." - Victor Hugo

18 years, 7 months

ReactOS Project Status

by Steven Edwards

Hello, Sorry for this general email. I have gotten many personal emails about the current situation and cannot reply to all of them. In short here is the deal: There have been allegations about possible copyright and trade secret violations in the ReactOS Project. Pending a discussion with legal council, those members with SVN access who were part of private discussion and online on IRC on Tuesday Jan 24th 2006 decided by majority vote to suspend operations of public SVN, forum, discussion and email archive. Anyone with SVN write access who might have missed any of the discussion is asked to try to be on IRC today at 3PM EST (-5GMT). We are going to discuss the matter further and decide how to proceed. What started out as a question about development methods mushroomed in to a much larger issue. The question the looms before us is a simple one. If one or more developers had at any leaked source code in the past, does it taint us and the entire project in the future? It is my point of view based on the AT&T Unix case that it does not however IANAL. It is my hope the matter can be solved via a simple set of changes in our IP Policy as well as sworn affidavits by major contributors stating they do not have access to leaked sources and if they ever did, no longer possess them. Rest assured that the project will live on. Every developer I have spoken with wants the project to survive and be a success. In the meantime we are filtering email discussion on this matter because we do not want rumor and hearsay to be spread. When the time comes and we have proper legal advice we will move forward. No one is trying to hide the truth, but law regarding Copyright, Trade Secret, Patent, etc differ from one country to another and we are currently exploring what US law says regarding the situation. One final note, no one is denying that mistakes could have been made and or trying to hide it forever and pretend there is nothing going on. We just simply do not want people to be accused of breaking the law if they really did not. There is clearly some violation of our current IP policy, however depending on what the legal council suggests we will see how we move forward. Many of the core developers at some point have either violated small sections of it by mistake or prior to its ratification. -- Steven Edwards - ReactOS and Wine developer "There is one thing stronger than all the armies in the world, and that is an idea whose time has come." - Victor Hugo

18 years, 7 months

RE: [ros-dev] Reset, Reboot, Restart, legal issues and the long road to 0.3

by jonwil＠tpgi.com.au

IANAL but from what I understand, there are 2 issues with using the leaked source code. The first is that it is (C) Microsoft. This can be handled like any other copyrighted material. The second is that it could be considered a trade secret. I dont know that much about trade secret law but AFAIK once something is widely distributed (like the MS 2000 & NT4 source leaks are), it cant be considered a trade secret anymore. I think that what the ReactOS team needs need is for a lawyer skilled in the area of trade secret law to answer the question as to whether the leaked MS source code is still a trade secret or not. (although unless an actual lawsuit happens that provides a usable precedent either with the leaked MS source code or a similar leak elsewhere, getting clear usable advice one way or the other might not be possible) If it is not, there is no problem with people who have seen it contributing to any part of ReactOS (as long as there is no copyright violation). If it is, then there is need to be more careful about people who have seen it contributing. -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ .

18 years, 7 months

← Newer
1
2
3
4
5
6
7
...
14
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Ros-dev January 2006