There has been a lot of talk about possible tainted code in ReactOS
and or developers that had access to leaked Microsoft source code.
This has caused a lot of speculation about the future of the ReactOS
Project. I'm going to try to put those fears to rest and explain what
has been going on and where we are going to go from here.
There was one issue that started this discussion and it related to
clean-room reverse engineering of certain code in ReactOS. Due to the
fact we have developers in many different countries the term reverse
engineering can mean many things to many different people. For us in
the US when you speak of clean-room reverse engineering it means that
one person tears apart the implementation of a device, writes
documentation and another reads that documentation and implements.
Other countries do not require this invisible great wall of
development and allow the same person that disassembles the interface
to also write the replacement implementation.
Because of the confusion this has caused and the possible legal issues
this could lead to we have decided to do the following.
1) Amend our Intellectual Property Policy Statement to reflect
clean-room reverse engineering as meaning the US standard method for
reverse engineering and make that the project requirement
2) Audit the entire source tree and rewrite all code found to have
been implemented not using the US method for reverse Engineering
3) Require all developers contributing major code to accept the terms
of our IP Policy Document via signature.
Now as for the issue of leaked source code, I want to try to put all
fears to rest. We don't know what the legal ramifications are for
someone downloading and having leaked code, as the party that
maintains copyright ownership of that code might still try to claim
Trade Secrecy on information contained in the sources in a court of
law. It is our point of view that the source code leaks of Windows
have been spread to a broad enough audience that it would be
impossible to claim the product is still under Trade Secrecy. Because
of this we are not banning any developer who might have had access to
leaked sources from contributing to ReactOS, however they are being
limited as to what area they can contribute. Copyright law still
applies to all leaked Windows sources and no one in ReactOS may copy
code from a Windows source leak and try to apply it to code in the
We know of four developers who have had access to leaked sources prior
to working on ReactOS and while they no longer have copies of the
source code in question, each of the developers have told us in
private which sections of the sources they were exposed to. As such
the project has amending the IP document as a fourth step of
4) any developer that had access to leaked sources is baned from
contributing code to the project for any of the modules that are the
same as leaked sources they examined.
So to clarify that, lets say someone saw some of the leaked Windows
source code in version.dll, then they would be unable to contribute
code to the ReactOS project for that dll.
It is our hope that a court case will arise and declare Microsoft's
Windows code is no longer under Trade Secret protection so these
developers who did have access to some of the leaked sources will be
free to contribute again to all sections of the project.
One final note, this audit of the code is going to take a long time.
It could take years, but it will happen, this project will come out
better than it was before. I don't believe anything anyone has done
while working on this project was really wrong. Every decision has
three possibilities, being moral, ethical and or legal. Sometimes the
law in itself is unethical and immoral. If people made mistakes and
there was a violation of the law, I question the justice of the law
and or anyone that would try to prosecute any of the developers who
just want the freedom to learn and create a more free system.
Steven Edwards - ReactOS and Wine developer