Tag Archives: litigation

From correlation to copying

You have the source code from two different programs. You run them through CodeMatch and find high correlation numbers. Have you proven copying? Not yet. There are still a few steps to go through first. Finding a correlation between the source code files for two different programs doesn’t necessarily mean that illicit behavior occurred. At SAFE we’ve determined that there are exactly six reasons for correlation between two different programs. These reasons can be summarized as follows.

  • Third-Party Source Code. Both programs use open source
    code or purchased libraries.
  • Code Generation Tools. Automatic code generation tools,
    such as Microsoft Visual Basic or Adobe Dreamweaver, generate
    software source code that looks very similar.
  • Common Identifier Names. Certain identifier names are
    commonly taught in schools or commonly used by programmers in
    certain industries.
  • Common Algorithms. There may be an easy or well-understood
    way of writing a particular algorithm that most programmers use,
    or one that was taught in school or in textbooks.
  • Common Author. One programmer, or “author,”
    will create two programs that have correlation simply because
    that programmer tends to write code in a certain way.
  • Copied Code. Code was copied from one program to another.
    If the copying was not authorized by the original owner, then
    it comprises plagiarism.

It’s important when using CodeMatch to understand these rules. Especially in litigation. Before there can be proof of copyright infringement, all of the other 5 reasons for correlation need to be eliminated. CodeSuite offers some sophisticated filtering functions that allow you to filter out aspects of the code that are correlated due to the other 5 reasons. What’s left, after filtering, is correlation due to copying.

You can read more about this in the article in IP Today entitled, What, Exactly, Is Software Plagiarism?

Just how bad is IP theft, part 2

Last month I talked about a report from McAfee, Inc. that discussed the huge amount of intellectual property that gets stolen from companies. A new report from the Ponemon Institute confirms this data. According to this report, more than half of workers that are let go from their employers take confidential data and intellectual property with them as they head out the door.

Here are some interesting statistics from the report (we all love statistics):

  • 945 individuals who were laid off, fired or quit their jobs in the past 12 months were surveyed.
  • 59% admitted to stealing company data.
  • 67% used their former company’s confidential information to help get a new job.
  • 61% of respondents who disliked their company took data.
  • 26% of those who liked their company still took data.
  • 79% of those who took data rationalized it rather than call it wrong.
  • 24% claimed to still have access to their former employer’s computers after they left.

For more information you can read the Network World article.

Just how bad is IP theft?

Pretty bad according to a research report just released from McAfee,
Inc. According to the report:

Companies surveyed estimated that they lost an average of $4.6 million worth of intellectual property in 2008. Forty-two percent said laid-off employees were the single biggest threat to their intellectual property and other sensitive data they faced in the current economic climate.

The report also states four key findings:

  1. Increasing amounts of IP and sensitive customer data are being sent around the world and a percentage is being lost.
  2. The worsening economy is creating a “perfect information security risk storm” because laid off employees stealing IP now constitutes the largest risk.
  3. The countries of China, Pakistan, and Russia are particularly bad risks of IP loss.
  4. Cyberthieves have grown more sophisticated. Now rather than steal credit card numbers, why not steal the IP for creating the
    credit card processing programs?

To download the report, go to McAfee Unsecured Economy Report.

CodeCross tool just released for detecting software IP theft and infringement

SAFE has just released a new tool for comparing computer code to detect copyright infringement and trade secret theft. CodeCross™ finds traces of nonfunctional source code that have been copied from one program to another.

According to Nikolaus Baer at Zeidman Consulting, a SAFE Corporation customer, “I suggested the concept of CodeCross after working on cases where stolen code had nonfunctional remnants in another party’s code. SAFE developed the tool quickly and it works great. In one case I found traces of copied code that had previously gone undetected.”

CodeCross is available with CodeSuite 3.2.0 and can be downloaded for free from the SAFE Corporation website.