Goldman Sachs case; can open-source software be stolen?

Report: Programmer says he took mostly open source software that's available to all

Arrested last month for stealing cutting-edge trading software from his former employer, Goldman Sachs Group Inc., programmer Sergey Aleynikov offered up an interesting defense: he was only trying to download open-source software.

According to a report published Sunday in the New York Times, Aleynikov told FBI investigators that he had inadvertently taken about 32 MB of proprietary Goldman Sachs while taking open source code that can be used freely by anyone.

Aleynikov, a high-level developer for Goldman Sachs, was arrested by the FBI on July 3 on charges of stealing computer code that automates the firm's high-volume trading on stock and commodities markets.

Aleynikov, who is now free on bail, told the FBI he had not used the code at his new job nor given it to anyone else, according to the Times story. The complaint does not include such charges.

The case raises many intriguing questions, such as what exactly is the 'secret sauce' behind the high-speed trading software that some experts told the Times is used by Wall Street firms to generate huge revenues -- some $8 billion this year.

Experts also say the software could be giving the large trading firms an unfair advantage over regular investors.

Observers also wonder why Aleynikov didn't simply download the unnamed open-source code from any of its free repositories rather than from Goldman Sachs systems. And programmers and open-source users are left wondering whether Aleynikov can be found guilty of stealing the code that belongs to the programming community.

Actually, he can, according to legal and open-source experts who cite the terms and conditions of the General Public License (GPL), which is used to govern the use of about two-thirds of open-source software..

"This is a common misconception," said Brett Smith, license compliance engineer at the Free Software Foundation (FSF), which oversees use of the GPL.

Though the FSF has long argued that all software and source code should be free -- just today, it launched a campaign against the "sins" of Microsoft's proprietary Windows 7 operating system -- the terms of the GPL does include some restrictions.

For example, the GPL states that companies that modify open-source software for internal use aren't required to share code changes with the open source world, said Smith.

"You never have to provide the source code to an upstream developer or the general public if you don't want to," he said.

The GPL does require the sharing of source code if the developer or his or her employer plans to distribute the software, either by giving it away for free or even selling it, Smith said.

"People get the impression that you're not allowed to distribute GPL-licensed software for a fee," he said. "We're pretty happy for you to make money on it."

Nonetheless, Smith did contend that the GPL is the strictest open-source license when it comes to code-sharing requirements.

The MIT and BSD licenses, for example, "have no ongoing obligations," according to Andy Updegrove, a Boston lawyer who represents several open-source organizations.

"So if the [Goldman Sachs] code in question was under these, then this guy would not have had any right to the code nor would he be likely to have had a public repository to turn to find Goldman Sach's altered version."

So Goldman Sachs likely was not required to share any of its modified open-source code, and thus its aggressive moves to make sure none of it comes to light is unsurprising. "I've never heard of" a Wall Street firm donating source code back to a project, Smith said.

And having worked in a highly-competitive industry that depends of the top-secret software to generate billions in profits, Aleynikov probably should have known better, says Daren Orzechowski, a New York-based intellectual property lawyer with White & Case LLP.

"I've worked with a lot of financial institutions and large corporations," he said. "I'm sure that a person with this type of position (Aleynikov was a Goldman Sachs vice-president earning some $400,000 a year who left to make $1.2 million at his next job, according to the Times) would have signed a number of agreements that would have made it very clear that everything that he works on and touches while working for the bank is the property of the bank. The IP laws in the U.S. would back that up."

Updegrove added: "To the extent that the identical code was available elsewhere, he used poor judgment taking the code from a Goldman Sachs server. To the extent he took any altered code based on open-source code that Goldman Sachs had not already contributed back to the project, I see no reason why this would not run afoul of his contractual obligations to Goldman Sachs, just as would normal proprietary code."

On the other hand, the downloading of the code has not yet damaged Goldman Sachs' business. And Securities Industry News reported earlier this month that the bank is likely to settle with Aleynikov to make sure that it can minimize the amount of information they would have to reveal about their trading platform.

Orzechowski recommends that programmers in highly-competitive industries like securities trading talk to their company's lawyers about how to use and document their use of open-source software.

"There are ways to develop apps that are isolated modules so that you won't trigger the viral [code-sharing] provisions of open-source software," he said.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags open sourcesecuritygoldman sachslegal

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Eric Lai

Computerworld (US)
Show Comments

Cool Tech

Crucial Ballistix Elite 32GB Kit (4 x 8GB) DDR4-3000 UDIMM

Learn more >

Gadgets & Things

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

Lexar® JumpDrive® S57 USB 3.0 flash drive 

Learn more >

Stocking Stuffer

Plox Star Wars Death Star Levitating Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?