Beyond the Code

Over on ZDNet.com, Mary Jo Foley is reporting that Microsoft has pulled a Windows migration tool from its site after evidence was found that it used code released under the GNU General Public License without complying with its terms.

The Windows 7 USB/DVD Download Tool, designed to help upgrade netbooks from Windows XP to Windows 7, appeared to contain code from ImageMaster, an open source Windows application hosted on Microsoft's own forge, CodePlex. ImageMaster is released under the GPL, and so Microsoft would have to make its own source code available to comply with the licence if it has used code from ImageMaster.

The evidence was found by Rafael Rivera and published on his Within Windows blog. Rivera found the suspect code by using reflection on the Microsoft code and comparing it to the ImageMaster code.

What's quite sad about this is that the tool in question wasn't being sold for money, and was just there to help people upgrade to a new Microsoft operating system. Were Microsoft to release the source code of the tool under the GPL, it wouldn't lose any money, since it's not asking for any. It might even gain some new Windows 7 users, as people hack the code to make it support a wider range of hardware. Dogma is preventing everyone from gaining in this situation.

Subversion, the open source version control system, is now an Apache Software Foundation incubator project. Subversion was previously sponsored by software lifecycle tools vendor CollabNet, and hosted at tigris.org, CollabNet's own forge site concentrating on collaboration tools. Both the Apache Software Foundation and CollabNet were founded by Brian Behlendorf, the main developer of the Apache HTTP server in its early days.

Subversion largely replaced its predecessor, CVS, soon after it was released in 2001. One of the design goals of Subversion, or SVN, was to be "a better CVS", and overcome many of the earlier package's limitations. Subversion is also licensed differently to CVS, using the Apache licence instead of the GNU GPL. Subversion itself has since lost ground to other, more recent version control systems like Mercurial and Git, which have a distributed architecture, as opposed to SVN's centralised repository. This latter style of source control has found more favour with community-based open source projects.

The move is a natural fit for both projects, since the ASF uses Subversion for its own version control, and Subversion already uses the Apache licence, and relies on several other ASF projects like the HTTP server and the Apache Portable Runtime.

The Apache Incubator is an initial stage that all projects go through before they're accepted as full projects. While in the Incubator, projects are examined to ensure they meet the ASF's licensing standards, and to build a development community around the project.

Patch, the US local news site bought by AOL earlier this year has switched its maps to ones based on OpenStreetMap. The maps went live today, but there's been no official announcement, quite possibly because Patch's previous mapping supplier, MapQuest, is also an AOL subsidiary.

What's even more interesting is that Patch appears to have built its own map infrastructure, including designing, rendering and hosting its own tiles. While there have been some high-profile sites using OSM-based maps in the past, most notably Whitehouse.gov, they've usually used an outside company with experience of the OSM toolset to do the work. This appears to be the first time a company has done it for themselves.

Speculation about commercial adoption of OpenStreetMap has increased since Google's announcement that Android 2.0 would include free turn-by-turn navigation, causing shares in Garmin and Navteq to drop.

Disclosure: I'm a contributor to OpenStreetMap and a member of the OpenStreetMap Foundation.

Skype has confirmed it is developing an open source client for Linux. However, it seems that only the user interface portions of the client will be open source, and the library for the communication protocols will be a binary-only distribution.

This isn't ideal either for Skype or its users: If you're using a combination of architecture that Skype doesn't have a binary library for, your ported front end is useless, and by keeping that library closed Skype passes up the opportunity to get the communications protocols ported to platforms they don't have expertise in.

Needless to say opinions expressed on various web sites aren't positive. Some people are disappointed, and some think Skype shouldn't have bothered. While I think Skype is missing a massive opportunity, the move isn't without its merits.

What will be a real test of Skype's commitment to open source is whether the company is willing to allow its binary-only library to be used in third-party clients. There's no reason not to, since Skype doesn't make any money from its clients, only their use. Allowing people to access Skype from an integrated client will increase the number of prospective users of its service. More customers, especially when you don't have to do anything to get them, makes sense, doesn't it?

If all Skype allows is some tweaking of its own client, and not wholesale code reuse, they will shoot themselves in the foot. Let's hope their aim improves before they pull the trigger.

Here's something I didn't know: Facebook keeps track of where you normally log in from, and uses this information to increase the security of your account. If you try to log in from an unusual location (for you), you're asked to provide extra information, such as your birth date.

This was discovered by Ed Parsons, Google's Geospatial Technologist on a recent business trip to Uganda.

This is the same method as credit card companies use to detect fraudulent use for cards, and it's not a bad idea.