Code Thieves Strike Again

[InfoSec News <isn () c4i org>]

http://www.pcmag.com/article2/0,4149,1361952,00.asp

By Sebastian Rupley
PC Magazine 
October 23, 2003 

Theft of source code is back in the spotlight. Alibre, a software 
company based in Richardson, Texas, alleged this week that a former 
employee - after being terminated—has begun illegally distributing a 
product called "RaceCAD," which Alibre says is actually its product, 
Alibre Design. Alibre's claim comes on the heels of the theft of 
source code for the video game Half Life.

"The program is being distributed on a Russian Web site," says J. Paul 
Grayson, CEO of Alibre. The alleged thief of Alibre's source code has 
moved to Russia, following his termination, according to Grayson. "We 
have had direct contact with the individual involved, who has admitted 
to stealing the product," he says. "Amazingly, he offered to 'settle' 
with us and discontinue the English version if we gave him the Russian 
version. Clearly, the only thing he is going to get is a stiff penalty 
and likely jail time. Our message to those who have unknowingly used 
RaceCAD is that they must remove it from their systems immediately. 
We're offering a general amnesty to those in Russia who unwittingly 
downloaded the illegal product and will allow them to use a legal 
version of Alibre Design for a period of time." Alibre is not 
releasing the name of the alleged code thief.

According to Grayson, the alleged thief made "some minor 
modifications" to the product before distributing it. Grayson also 
says that currently the software is being distributed for free, but 
that messages from the individual in question have suggested that 
RaceCAD may soon go on sale for $200. "We are in contact with the 
local police and with the FBI," Grayson says. "But to tell you the 
truth, it's very hard to take any action in cases like this. Above 
all, we would like people not to go get the product." Alibre has 
contacted the ISP hosting the Russian Web site distributing the 
software. Alibre has also posted Google advertisements in both English 
and Russian to warn those who use the search term RaceCAD, that the 
software is being illegally distributed.

Alibre also claims that part of the illegal distribution is source 
code from partners Spatial Corporation, a US company that is a 
division of Dassault Systemes SA, which is based in France; UK firm 
D-Cubed Ltd.; and the OpenDWG Alliance, based in the US.

Dassault Systemes makes a modeling kernel called ACIS. "RaceCAD is not 
an ACIS licensee, yet their application is based on the ACIS modeling 
kernel," said Michael Payne, CEO of Spatial. "Clearly RaceCAD's use of 
ACIS is illegal, not to mention the blatant theft of Alibre Design, 
and [those responsible for the theft] can be sure we will be working 
with Alibre to pursue them to the full extent of the law."

Alibre's Grayson also says that the alleged code thief was sloppy 
about modifying the original programming and left key signatures of 
Alibre Design in the code, which at least one analyst agrees with. "It 
appears the 'developers' were in such a hurry to complete their 
piracy, [that] even though RaceCAD was purported to be originally 
developed in Russian, a few English words are still scattered 
about - the same ones used in Alibre Design," says Joe Greco, a CAD 
industry expert and author. "It's obvious with even a cursory review 
that RaceCAD is essentially an unauthorized version of Alibre Design, 
down to every menu command, icon, and dialog box."

"A quick visual inspection of the user interface shows that every 
element in RaceCAD is identical to that in Alibre Design, down to a 
pixel-for-pixel match for every icon," says a release from Alibre.

The problem Alibre faces is not the only one of its kind to crop up 
recently. The source code for the video game Half Life was recently 
stolen by hackers and distributed on the Internet.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.