

Microsoft sends GitHub DMCA shutdown for Skype open source project - ecaron
https://github.com/github/dmca/commit/db9b442f0ac68512d0ca83fe7b25a7f9bf766e63

======
Xuzz
Please note: this is not an attempt to clean-room reverse engineer Skype, or
even to reverse engineer and create an open-source replacement. As shown with
things like WINE, Microsoft does not (and probably cannot) take them down.

No, that's not what "Skype Open Source" project is. This is a confusingly
misnamed attempt to attach code to patched copies of copyrighted official
Skype clients.

Microsoft is not overreaching here; this is what anyone would expect with a
lame project like this. I'd love if someone really created an open-source
Skype client, but this is not a project to do that.

~~~
Iv
How exactly is one supposed to make a clean-room reverse engineering in the
absence of any documentation and sophisticated obfuscation on Skype's part ?

~~~
recoiledsnake
Maybe then you're not "supposed" to do it?

For example, there is no reverse engineered libraries for Facetime and iOS
API. If you use Apple's libraries, they can come after you for copyright
infringement.

~~~
Tloewald
Cappuccino is exactly such a reverse engineered library, as is gnu step. For
that matter Linux is a reverse engineered drop in replacement for the unix
kernel.

~~~
nl
I'm not familiar enough with Cappuccino to comment, but GNU Step was an
independent implementation of the published OpenStep interfaces. That isn't
reverse engineering.

Linux is an independent implementation of the Posix interfaces.

------
snarkinatree
How about "Skype: The Missing Technical Manual"?

MS will contribute nothing to the state of the art of free voice and video
calls over the internet. As is so often the case, what they purchased with the
Skype deal was a user base. One that they could never obtain with the own
products.

There is a way to do this without violating copyright.

Do not waste time duplicating the P2P element of Skype (the P2P protocol). P2P
protocols have been done, several ways, some of them are easily good enough,
maybe even smarter than Skype's (e.g., avoiding the exposure of your IP to the
entire internet) and enough of the code is GPL'd or BSD licensed to keep
things open. We have ample solutions for P2P. View that as the "open
platform".

Now you need "apps" to run on it. First one is a softphone, but with Skype's
codecs.

Focus on creating a standalone softphone using Skype's codecs.

Does MS have exclusive rights (patent rights) on Skype's codecs? Not even
close. They did not develop them. The patent license could fit on a single
page; it's as simple as they come: build stuff, pay nothing.

<http://developer.skype.com/silk>

~~~
danbmil99
If you don't want to be compatible with Skype, you don't need their codecs.
There are plenty of good voice codecs around, freely licensable.

The issue is how to tap into the existing Skype userbase -- receive and make
calls to Skype clients -- from an open-source client.

~~~
snarkinatree
I agree tapping into the existing userbase is enticing. And that's no doubt
what some people are trying to do (e.g. the Russians).

But all VOIP codecs are not created equal. Skype's success is not due to NAT
piercing. Even though Skype easy to use, maybe easier than previous SIP
alternatives, if calls sounded terrible, people would not use it. Skype's
success is due to being usable and having decent sound quality. They did not
use the decades old codecs other softphones used. They wrote new ones. And
anyone can use them.

Using the same codec as Skype uses should not in any way bind you to their
network. It has nothing to do with compatibility. It has to due with getting
Skype-level sound quality. Quality that the older codecs have failed to
deliver.

It's easy to get people to sign up for free voice and video calls. The key
word is "free". You do not have to find inroads into the "Skype user base".
Skype spread by word of mouth. If people learn about another client that works
as well or better (same sound quality), and it's easy to use, they will almost
certainly try it.

Forgive me if I have misunderstood what you were trying to say in your
comment. But I do not understand your reasoning.

------
mseebach
Better link:
[https://github.com/github/dmca/blob/db9b442f0ac68512d0ca83fe...](https://github.com/github/dmca/blob/db9b442f0ac68512d0ca83fe7b25a7f9bf766e63/2012-05-01-microsoft.markdown)

~~~
cies
even better link:

[https://github.com/github/dmca/blob/db9b442f0ac68512d0ca83fe...](https://github.com/github/dmca/blob/db9b442f0ac68512d0ca83fe7b25a7f9bf766e63/2012-05-01-microsoft.markdown)

(rendered into human readable)

~~~
mseebach
That is the _exact_ link I posted?

~~~
cies
funny, because i got to a page showing the diff, and i thought i linked to the
rendered page.

anyway, my apologies, no disrespect, have a nice day.

------
jimueller
This seems legitimate and they are well within their right to do this as the
copyright holder.

------
PuercoPop
The authors website is <http://skype-open-source.blogspot.com/>

Apparently he had already been served with DCMA takedown requests. And talks
about deofuscation. Doesn't sound like a cleanroom implementación.

~~~
skypeopensource
Now, we are working on stage1, make working code and do specification.
Takedown was because of patched binary which reversers used as black box for
make specifications.

------
ecaron
This project was recently discussed on HN at
<http://news.ycombinator.com/item?id=3899829>

~~~
martey
You linked to a discussion of a tool that lets you lookup the IP addresses of
Skype users (which seems like it might have been developed with this tool),
but I think you meant to link to
<https://news.ycombinator.com/item?id=3753155>

------
getsat
Was the code mirrored anywhere offshore before the takedown? Could someone re-
host it?

~~~
skypeopensource
Rehosted to <https://github.com/skypeopensource/epycs>

------
ajasmin
Can someone explain why Microsoft would go to such length obfuscating the
Skype code and taking down derivative work?

Is their IP worth the trouble? Do they see interoperability as a threat? Are
they afraid of misbehaving clients?

Surely it's not just a case of a lawyer having too much time on his hands.

------
skypeopensource
We are appreciate you help on working on Epycs - reverse engineer skype
project.

Feel free to study current implementation stage here -
<https://github.com/skypeopensource/epycs>

~~~
skypeopensource
This is first stage of 'clean room' reversing process - writing specification.

------
ldng
If I am not mistaken it's not the first time Skype send a DMCA to this
project. But given where the autor lives, the DMCA does not apply so it
doesn't go anywhere.

~~~
seldo
AFAIK the DMCA takedown applies to Github, who are in the US, regardless of
where the author of the project lives.

------
xnm
This probably has something to do with this exploit:
<http://pastebin.com/yhcrRSVh>

------
Canuteson
So I guess they should rename it Skipe open source.

~~~
uxp
"Skype: patched and recompiled to do other stuff" is a better title.
Decompiling a proprietary product, changing a few lines of code, and then
releasing that code doesn't make it "open source", it makes it stolen code
(semantics of "piracy is not theft" aside, it's still not his code to be
releasing in it's entirety.).

~~~
skypeopensource
You are wrong. Decompiling is just allowing research deeper in skype-black-
box. Project itself is here <https://github.com/skypeopensource/epycs>

~~~
grimboy
If you want to stay within the law my understanding is that you need to
distribute patches against decompiled Skype rather than decompiled Skype with
patches applied, otherwise you're distributing a derivative work. This may
still be a legal grey area though. IANAL, you ANAL, we all ANAL and that.

------
nextparadigms
So much for Microsoft loving the open-source movement.

~~~
kcbanner
heh, did you look at the project? It's not open source, it's a decompiled
Skype binary.

~~~
skypeopensource
No, its not. Decompiled binary just need for reversing. Open source clone of
skype is Epycs(reverse enginered skype).
<https://github.com/skypeopensource/epycs>

~~~
gtirloni
I think you'll have some trouble fighting MS to prove that your open source
version isn't directly based on code you got from the decompiled binary.

As other have said, it's better to follow the clean-room process and define
the specification. Then someone else can implement it in a legally safe
manner.

The specification by itself would be an enormous contribution.

------
tonycoco
MS can't catch a break... They defend their copyrights and get slammed on
Hacker News for not being "cool" with the OSS community infringing on their
properties. Weak sauce, Hacker News.

~~~
eli
Where do you see people slamming Microsoft in this thread?

~~~
tonycoco
The post of this just implied, to me, that Microsoft is evil for putting in a
take-down request. Why else post this? There are literally hundreds of take-
down notices on GitHub. Why post this one?

~~~
calloc
Flag the post and move on. I don't see any Microsoft hating here, most of the
posts are about Microsoft being in their right to take down a project that
uses their copyrighted binaries and is distributing them wholesale after
adding some extra code...

