The history of the computer industry is filled with fascinating tales of sudden riches and lost opportunities. Take that of Ronald Wayne, who cofounded Apple Computer with Steve Wozniak and Steve Jobs but sold his shares for just US $2,300. And John Atanasoff, who proudly showed his digital computer design to John Mauchly who later codesigned the Eniac, typically recognized as the first electronic computer, without credit to Atanasoff. Perhaps the most famous story of missed fame and fortune is that of Gary Kildall. A pioneer in computer operating systems, Kildall started the company Digital Research and wrote Control Program for Microcomputers (CP/M), the operating system used on many of the early hobbyist personal computers, such as the MITS Altair 8800, the IMSAI 8080, and the Osborne 1, before IBM introduced its own PC. Kildall could have been the king of personal computer software, but instead that title went to his small-time rival Bill Gates. For years, rumors have circulated that the code for the original DOS operating system sold by Microsoft is actually copied from the CP/M operating system developed by Digital Research.
A couple years ago we took it upon ourselves to search out the original code and use CodeSuite to determine the truth once and for all. Our research was summarized in a popular (and not-so-popular) article in IEEE Spectrum entitled Did Bill Gates Steal the Heart of DOS? If you haven’t read it, you should. It’s a fun read but it only summarizes our exhaustive results using our tools and procedures for finding copied code. The article generated a lot of controversy and we always intended to publish the full technical details of our analysis, but it’s surprising how many people don’t like our conclusion and wouldn’t publish my paper. But now the full academic paper entitled A Code Correlation Comparison of the DOS and CP/M Operating Systems is available online in the Journal of Software Engineering and Applications. If you want to know the details, and you want to know the truth, it’s in the article and the details are in the paper.
Zeidman Consulting, a leading research and development company (and sister company to SAFE Corporation), is looking to hire a full-time software forensic engineer. Acting as a high-tech sleuth, this person will analyze and reverse-engineer software using CodeSuite® and other state-of-the-art software tools, helping to resolve lawsuits involving hundreds of millions or billions of dollars. The employee will also work on one of several ongoing cutting edge research projects. These projects often lead to publication in academic journals, presentations at conferences, patents, and new product spinoffs. Past and ongoing projects include:
- CodeMatch®, a program for comparing and measuring the similarity of different programs.
- CodeGrid®, a computer grid-enabled version of CodeMatch®.
- RPG, a tool for automatically generating expert reports for copyright, trade secret, and patent litigation.
A successful candidate will need the following attributes:
- At least a bachelor’s degree in computer science or equivalent. Advanced degree is preferred.
- Excellent programming skills in one or more programming languages.
- Ability to work independently on projects that are not well-defined.
- Excellent verbal and writing skills for creating detailed specifications and reports.
- Ability to work on multiple projects simultaneously and to switch projects suddenly as the need arises.
- Enjoys working long hours on interesting projects, including weekends when projects hit critical periods.
- Enjoys free time when projects are not in critical periods.
Zeidman Consulting pays above average salaries with profit-sharing and provides health insurance and paid time off for holidays, vacation, and illness. To apply, please email a resume to Info@ZeidmanConsulting.com.
I hope you’re all aware of my book The Software IP Detective’s Handbook: Measurement, Comparison, and Infringement Detection. It’s the first book on Software Forensics, a field that I pioneered at Software Analysis and Forensic Engineering and Zeidman Consulting. Whereas Digital Forensics deals with bits and files, without any detailed knowledge of the meaning of the data, Software Forensics deals with analysis of software using detailed knowledge of its syntax and functionality to perform analysis to find stolen code and stolen trade secrets. The algorithms described in the book have been used in many court cases. The book also describes algorithms for measuring software evolution, particularly as it relates to IP changes.
If you are a teacher, this is a great time to incorporate the materials in the book into your courses on software development, intellectual property law, business management, and computer science. There’s something for everyone in the various chapters of the book. Your students and you will be at the forefront of an important and very new field of study.
If you’re interested, please contact me.
S.A.F.E. recently released version 4.4 of CodeSuite and version 1.1 of CodeSuite-LT. The most important new feature of this version is that these programs now recognizes many different text encoding formats including ASCII, UTF-8, UTF-16, and UTF-32. Characters in alphabets other than the Latin alphabet used for English are now supported. For example, code with comments or strings in Japanese, Korean, Chinese, or Russian can be compared correctly.
The most significant change is to BitMatch. When examining binary object code to find text strings, you can now specify the encoding format of the file. If you’re not sure about the encoding, you can choose multiple formats.
As demand for our products increase outside the United States, we realized a need to support languages in those countries also.
My book on software intellectual property, a labor of love (and hate) for the last two years, has just been published by Prentice-Hall. The book is intended for several different audiences including computer scientists, computer programmers, business managers, lawyers, engineering consultants, expert witnesses, and high-tech entrepreneurs. Some chapters give easy-to-understand explanations of intellectual property concepts including copyrights, patents, and trade secrets. Other chapters are highly mathematical treatments describing quantitative ways of comparing and measuring software and software IP. The first chapter of the book outlines which chapters are most important for the different audiences.
Overall the book covers the following topics:
- Key concepts of software intellectual property
- Comparing and correlating source code for signs of theft or infringement
- Uncovering signs of copying in object code when source code is inaccessible
- Tracking malware and third-party code in applications
- Using software clean rooms to avoid IP infringement
- Understanding IP issues associated with patents, open source, and DMCA
You can purchase your copy from Amazon.com here.
In the past few years I’ve been interviewing students for job openings at my companies. Some students came from large, well-known universities while other came from small colleges. Some students had bachelor’s degrees in computer science while others had master’s degrees. One thing that many of these recent graduates had in common was that they couldn’t program competently.
I found that these graduating students were adept at finding code on the Internet. When I gave assignments to code a particular algorithm, I was seriously impressed with how quickly they were able to find the code online. When I asked them to modify the algorithm, they struggled. Also, testing and debugging code often seemed beyond their abilities. Many of them were unaware of debugging techniques that allow them to focus in on the problem, such as using breakpoints to isolate chunks of code or forcing conditions that cause certain code paths to be executed.
The art of commenting also seems to have been ignored in most computer science education programs as well as in many companies. In my companies, our coding standard requires that every routine, no matter how small, must have a header comment that describes the functionality of the routine, all input parameters, the output of the routine, and any other information that someone using the routine would need. Yet most programmers out of school, and many working in the industry, produce uncommented code that is difficult to understand, difficult to debug, and very difficult to maintain.
Can you imagine a medical program that didn’t teach how to stitch up a patient after surgery or use the latest CT scanner? University computer science departments need to take a serious look at the skills they’re teaching. At my companies, I now require prospective employees to sit down at a computer and write a program that works correctly according to a written specification, is fully commented, and is completely their own code. I hope that the percentage of graduates passing this test increases in future years.