Goldman Sachs case; can open-source software be stolen?

Report: Programmer says he took mostly open source software that's available to all

Arrested last month for stealing cutting-edge trading software from his former employer, Goldman Sachs Group Inc., programmer Sergey Aleynikov offered up an interesting defense: he was only trying to download open-source software.

According to a report published Sunday in the New York Times, Aleynikov told FBI investigators that he had inadvertently taken about 32 MB of proprietary Goldman Sachs while taking open source code that can be used freely by anyone.

Aleynikov, a high-level developer for Goldman Sachs, was arrested by the FBI on July 3 on charges of stealing computer code that automates the firm's high-volume trading on stock and commodities markets.

Aleynikov, who is now free on bail, told the FBI he had not used the code at his new job nor given it to anyone else, according to the Times story. The complaint does not include such charges.

The case raises many intriguing questions, such as what exactly is the 'secret sauce' behind the high-speed trading software that some experts told the Times is used by Wall Street firms to generate huge revenues -- some $8 billion this year.

Experts also say the software could be giving the large trading firms an unfair advantage over regular investors.

Observers also wonder why Aleynikov didn't simply download the unnamed open-source code from any of its free repositories rather than from Goldman Sachs systems. And programmers and open-source users are left wondering whether Aleynikov can be found guilty of stealing the code that belongs to the programming community.

Actually, he can, according to legal and open-source experts who cite the terms and conditions of the General Public License (GPL), which is used to govern the use of about two-thirds of open-source software..

"This is a common misconception," said Brett Smith, license compliance engineer at the Free Software Foundation (FSF), which oversees use of the GPL.

Though the FSF has long argued that all software and source code should be free -- just today, it launched a campaign against the "sins" of Microsoft's proprietary Windows 7 operating system -- the terms of the GPL does include some restrictions.

For example, the GPL states that companies that modify open-source software for internal use aren't required to share code changes with the open source world, said Smith.

"You never have to provide the source code to an upstream developer or the general public if you don't want to," he said.

The GPL does require the sharing of source code if the developer or his or her employer plans to distribute the software, either by giving it away for free or even selling it, Smith said.

"People get the impression that you're not allowed to distribute GPL-licensed software for a fee," he said. "We're pretty happy for you to make money on it."

Nonetheless, Smith did contend that the GPL is the strictest open-source license when it comes to code-sharing requirements.

The MIT and BSD licenses, for example, "have no ongoing obligations," according to Andy Updegrove, a Boston lawyer who represents several open-source organizations.

"So if the [Goldman Sachs] code in question was under these, then this guy would not have had any right to the code nor would he be likely to have had a public repository to turn to find Goldman Sach's altered version."

So Goldman Sachs likely was not required to share any of its modified open-source code, and thus its aggressive moves to make sure none of it comes to light is unsurprising. "I've never heard of" a Wall Street firm donating source code back to a project, Smith said.

And having worked in a highly-competitive industry that depends of the top-secret software to generate billions in profits, Aleynikov probably should have known better, says Daren Orzechowski, a New York-based intellectual property lawyer with White & Case LLP.

"I've worked with a lot of financial institutions and large corporations," he said. "I'm sure that a person with this type of position (Aleynikov was a Goldman Sachs vice-president earning some $400,000 a year who left to make $1.2 million at his next job, according to the Times) would have signed a number of agreements that would have made it very clear that everything that he works on and touches while working for the bank is the property of the bank. The IP laws in the U.S. would back that up."

Updegrove added: "To the extent that the identical code was available elsewhere, he used poor judgment taking the code from a Goldman Sachs server. To the extent he took any altered code based on open-source code that Goldman Sachs had not already contributed back to the project, I see no reason why this would not run afoul of his contractual obligations to Goldman Sachs, just as would normal proprietary code."

On the other hand, the downloading of the code has not yet damaged Goldman Sachs' business. And Securities Industry News reported earlier this month that the bank is likely to settle with Aleynikov to make sure that it can minimize the amount of information they would have to reveal about their trading platform.

Orzechowski recommends that programmers in highly-competitive industries like securities trading talk to their company's lawyers about how to use and document their use of open-source software.

"There are ways to develop apps that are isolated modules so that you won't trigger the viral [code-sharing] provisions of open-source software," he said.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags open sourcesecuritygoldman sachslegal

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Eric Lai

Computerworld (US)
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?