Microsoft yanks Windows 7 tool over open-source code swipe
Blogger Rafael Rivera accuses Microsoft of lifting open-source code for netbook upgrade utility
November 10, 2009 04:09 PM ETWindows 7
- Microsoft denies it built 'backdoor' in Windows 7
- NSA helped with Windows 7 development
- Hackers outwit Windows 7 activation
- Microsoft confirms first Windows 7 zero-day bug
- Microsoft sells Windows 7 desktop to advertisers
- Windows 7 tricks: 20 top tips and tweaks
- Windows 7 may be secure, but are Windows users safe?
- Microsoft yanks Windows 7 tool over open-source code swipe
- Windows 7 early adoption rate outpaces Vista's
- Dell, HP customers rage at Windows 7 upgrade delays
Computerworld - Microsoft has yanked a tool it touted as a way for netbook owners to install Windows 7 without a DVD drive after a prominent blogger accused the company of using open-source code without acknowledging where it originated.
The free utility, Windows 7 USB/DVD Download Tool (WUDT), has been pulled from Microsoft's site, as has the page of instructions on how it was to be used.
Microsoft released the Download Tool last month, and at the time trumpeted the utility as a workaround that would let netbook owners create a bootable flash drive from a downloaded .iso file, or disk image, of Windows 7 purchased from Microsoft's online store.
"We are currently looking into this issue and are taking down WUDT from the Microsoft Store site until our investigations are complete," a Microsoft spokeswoman said in an instant message reply to questions Tuesday. "We apologize to our customers for any inconvenience."
Microsoft's move was prompted by Rafael Rivera's claim last Friday that WUDT included code gleaned from a GPLv2-licensed open-source project. Rivera, who writes the Within Windows blog, said Microsoft had "obviously lifted" code from the ImageMaster project, and had then compounded the problem by not sharing the source code for its modifications, or the tool itself, to the project, as required by the terms of GPL (GNU General Public License).
GPL is a widely-used free software license that was originally drafted by Richard Stallman of the GNU project.
Microsoft has previously released several code modules under GPL, including the Live Services Plug-in for Moodle last July.
Today, Microsoft declined to answer questions about the future of WUDT, including whether it would re-release the tool at some point, and whether the utility had been removed from its site because of the GPL brouhaha that Rivera instigated.
Rivera said he was "99.9999% sure" that Microsoft used the open-source code within WUDT, and provided code examples to prove his point.
"I'm not a GPL expert -- the thing reads like Latin -- but it is my understanding that the tool would have to be open-sourced, as required by GPL," Rivera said today in an interview conducted via instant messaging.
Actually, the algorithm in question originated with the open-source file archiving software, 7zip, which is licensed under the LGPL, or GNU Lesser General Public License, a software license published by the Free Software Foundation, said Rivera. Microsoft's tool grabbed code from the GPL-protected ImageMaster project, however.
As to Microsoft's next step, the company was mum, although Rivera took a stab at its alternatives. "Ultimately, I believe one of two things will happen: The tool will either be rewritten or open-sourced," said Rivera. "I suppose the third option would be [to make it] no longer available."
This isn't the first time that Rivera has called Microsoft on the carpet. Last January, he and fellow blogger Long Zheng, who writes I Started Something, argued that a change to User Account Control (UAC) in Windows 7 could be exploited by attackers to secretly disable the feature.
Microsoft first denied that it was a bug, saying instead that it was by design, but then backpedaled and promised to fix the problem several days later.
Microsoft open-source
Additional Resources



White Papers & Webcasts
e-Book: The Shortcut Guide to Business Security Measures Using SSL
This 45-page e-Book gives you the tools you need to detect security vulnerabilities, build an information security strategy, and plan your investment in...
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
10 things you really wished you had known about PDF Security, but they didn't tell you!
Access this resource, compliments of LockLizard, for a limited time only!
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Information Leakage - the enemy is within
Access this white paper, courtesy of LockLizard, for a limited time only!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Adobe Acrobat PDF Security - a brief history of development
Access this resource, compliments of LockLizard, for a limited time only!
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
Southern Company
Download Now
The Commercialization of ITIL: Lessons Learned
Register for this event today!

