[ros-dev] very confused

Murphy, Ged (Bolton) MurphyG at cmpbatteries.co.uk
Fri Feb 17 16:11:40 CET 2006


theUser BL wrote:

> I am now very confused.

I'll try and clear some other areas up for you.
I don't have web access at the moment, so I am only going off what you have
pasted under the links.


> On 27.1.2006 Steven Edwards wrote "Reset, Reboot, Restart, 
> legal issues and 
> the long road to 0.3"
> http://www.reactos.org/xhtml/de/news_page_14.html
> 
> In this text there is no word about leaked Windows-code. So 
> it seems, that 
> the main problem is revers engineering, which is not clean 
> room rev. eng.

Correct.

> One day later a developer says in the forum
> http://www.reactos.org/forum/viewtopic.php?p=13239&highlight=#13239
> "The biggest problem isn't disassembled code. The fact is 
> that 4 of the 
> developers have had a copy of the leaked Windows source."
> 
> So, the biggest problem is, that some ROS-developer have 
> looked in leaked 
> code.

This isn't much of a problem, the problem is the integrity / validity of our
code. 
i.e. how was the information to write the code obtained.
See above.


> But at
> http://www.reactos.org/archives/public/ros-dev/2006-February/0
> 07832.html
> a developer says to me
> "The leaked source code was never an issue here, that was an 
> escalation of
> the mail which was posted on the public list. The rumours 
> which materialized
> from that were unfounded and untrue."

Correct.

> In an other mail, I don't find it at the moment, anybody 
> says, that there is 
> still no Microsoft-Code found in ROS. All is clean.

Define 'MS code'. If we're talking about leaked source code, then that is
true.
If we're talking about small chunks of assembly from dissasembled MS
binaries, then that is what the audit hopes to uncover and remove. Once the
audit is complete, we can also say we know this to be true, at the moment we
don't know.

> On the following
> http://www.reactos.org/pipermail/ros-dev/2006-February/007717.html
> a developer says
> "I am told that the sources for FreeLdr are all okay, except for the
> some of the bootsectors having been pretty much just disassembled from
> MS's. Is this true?"
> The answer comes from an other developer
> http://www.reactos.org/pipermail/ros-dev/2006-February/007722.html
> "crashfourit has posted a patch here:"
> 
> That means, that it is possible, that MS-bootsector-code have 
> found the way 
> in ROS, if I understood it right.

This code hasn't been audited yet. It's possible that parts of the
bootsector have been derrived from an MS dissasembly. The audit will reveal
the answer, and it will be rewritten if nessesary.


> And at
> http://www.reactos.org/archives/public/ros-general/2006-Februa
> ry/002128.html
> somebody cite something where a Codewaever chef says, that in 
> ROS is stolen 
> code.

Incorrect. There is no stolen code in ROS and more than there is stolen code
in Wine.
 

> And then ReactOS gives for me more questions then answers.
> 
> What does the Audit-process mean?

It means all suspect code will be proof-read and documentation must be made
available to prove it's validity.
If not, the will be either rewritten, docs written or removed dependant on
the circumstances.

> You have - as somebody says - already seen, that no 
> Windows-Code is in 
> ReactOS.
> But you want with the audit look for code, which are 
> integrated by (not 
> clean room) reverse engineering.
> But how do you want to find it?

Any code that is questionable. i.e. a reason cannot be found as to why it is
included.
I agree it's difficult to tell what is clean room and what it not. 
As KJK said, if we don't question it's validity as all appears well, then it
would be up to a 3rd party to proove otherwise.

> Steve Edwars have written "and the long road to 0.3". Is it 
> still true, that 
> it needs now longer, until 0.3 comes out? The tree will 
> already be opend. 
> Does it mean, that 0.3 comes only after the end of the 
> audit-progess out? If 
> this is true, comes then before the end of the audit other 
> releases out 
> (0.2.10, 0.2.11, .... etc) ?

Decisions on new policies havn't been reached yet.  
It's true that it is still a long road. The audit is still going to happen,
it's just that we're doing it in a slightly different way now. 
It is hoped that this new method will ensure the project stays alive during
the audit.

> You see. I am very confused.

I hope that cleared some things up for you.

> http://www.reactos.org/archives/public/ros-dev/2006-February/007832.html
> Murphy have written "The whole tree will be reopened in the state it was
in 
> before it closed.
> More details will follow when this happens.", will really clarify all. So 
> that no longer confuseness for anyone exists.


The current vote will decide the outcome of that. There are currently 2
options.
Read the mail entitled 'Vote: Code Auditing' for more details.

Regards,
Ged.


************************************************************************
The information contained in this message or any of its
attachments is confidential and is intended for the exclusive
use of the addressee. The information may also be legally
privileged. The views expressed may not be company policy,
but the personal views of the originator. If you are not the
addressee, any disclosure, reproduction, distribution or other
dissemination or use of this communication is strictly prohibited.
If you have received this message in error, please contact
postmaster at exideuk.co.uk 
<mailto:postmaster at exideuk.co.uk> and then delete this message. 

Exide Technologies is an industrial and transportation battery
producer and recycler with operations in 89 countries.
Further information can be found at www.exide.com




More information about the Ros-dev mailing list