Goldman Sachs case; can open-source software be stolen?

Report: Programmer says he took mostly open source software that's available to all

Arrested last month for stealing cutting-edge trading software from his former employer, Goldman Sachs Group Inc., programmer Sergey Aleynikov offered up an interesting defense: he was only trying to download open-source software.

According to a report published Sunday in the New York Times, Aleynikov told FBI investigators that he had inadvertently taken about 32 MB of proprietary Goldman Sachs while taking open source code that can be used freely by anyone.

Aleynikov, a high-level developer for Goldman Sachs, was arrested by the FBI on July 3 on charges of stealing computer code that automates the firm's high-volume trading on stock and commodities markets.

Aleynikov, who is now free on bail, told the FBI he had not used the code at his new job nor given it to anyone else, according to the Times story. The complaint does not include such charges.

The case raises many intriguing questions, such as what exactly is the 'secret sauce' behind the high-speed trading software that some experts told the Times is used by Wall Street firms to generate huge revenues -- some $8 billion this year.

Experts also say the software could be giving the large trading firms an unfair advantage over regular investors.

Observers also wonder why Aleynikov didn't simply download the unnamed open-source code from any of its free repositories rather than from Goldman Sachs systems. And programmers and open-source users are left wondering whether Aleynikov can be found guilty of stealing the code that belongs to the programming community.

Actually, he can, according to legal and open-source experts who cite the terms and conditions of the General Public License (GPL), which is used to govern the use of about two-thirds of open-source software..

"This is a common misconception," said Brett Smith, license compliance engineer at the Free Software Foundation (FSF), which oversees use of the GPL.

Though the FSF has long argued that all software and source code should be free -- just today, it launched a campaign against the "sins" of Microsoft's proprietary Windows 7 operating system -- the terms of the GPL does include some restrictions.

For example, the GPL states that companies that modify open-source software for internal use aren't required to share code changes with the open source world, said Smith.

"You never have to provide the source code to an upstream developer or the general public if you don't want to," he said.

The GPL does require the sharing of source code if the developer or his or her employer plans to distribute the software, either by giving it away for free or even selling it, Smith said.

"People get the impression that you're not allowed to distribute GPL-licensed software for a fee," he said. "We're pretty happy for you to make money on it."

Nonetheless, Smith did contend that the GPL is the strictest open-source license when it comes to code-sharing requirements.

The MIT and BSD licenses, for example, "have no ongoing obligations," according to Andy Updegrove, a Boston lawyer who represents several open-source organizations.

"So if the [Goldman Sachs] code in question was under these, then this guy would not have had any right to the code nor would he be likely to have had a public repository to turn to find Goldman Sach's altered version."

So Goldman Sachs likely was not required to share any of its modified open-source code, and thus its aggressive moves to make sure none of it comes to light is unsurprising. "I've never heard of" a Wall Street firm donating source code back to a project, Smith said.

And having worked in a highly-competitive industry that depends of the top-secret software to generate billions in profits, Aleynikov probably should have known better, says Daren Orzechowski, a New York-based intellectual property lawyer with White & Case LLP.

"I've worked with a lot of financial institutions and large corporations," he said. "I'm sure that a person with this type of position (Aleynikov was a Goldman Sachs vice-president earning some $400,000 a year who left to make $1.2 million at his next job, according to the Times) would have signed a number of agreements that would have made it very clear that everything that he works on and touches while working for the bank is the property of the bank. The IP laws in the U.S. would back that up."

Updegrove added: "To the extent that the identical code was available elsewhere, he used poor judgment taking the code from a Goldman Sachs server. To the extent he took any altered code based on open-source code that Goldman Sachs had not already contributed back to the project, I see no reason why this would not run afoul of his contractual obligations to Goldman Sachs, just as would normal proprietary code."

On the other hand, the downloading of the code has not yet damaged Goldman Sachs' business. And Securities Industry News reported earlier this month that the bank is likely to settle with Aleynikov to make sure that it can minimize the amount of information they would have to reveal about their trading platform.

Orzechowski recommends that programmers in highly-competitive industries like securities trading talk to their company's lawyers about how to use and document their use of open-source software.

"There are ways to develop apps that are isolated modules so that you won't trigger the viral [code-sharing] provisions of open-source software," he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securityopen sourcelegalgoldman sachs

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Eric Lai

Computerworld (US)
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?