return to table of content

Nvidia sued for stealing trade secrets: blunder showed rival company's code

pritambaral
49 replies
21h3m

TFA makes it sound as if the entirety of the blame can be placed on one employee. Sure, his actions do seem to support that view, but then again, Nvidia did hire him precisely for his previous experience at this rival company, on the very same project that the two companies were partnered on, which is the same project that Nvidia hired him for.

There is no argument to be made that Nvidia wasn't aware he'd be coming with secrets. The argument that that's precisely why he was hired, OTOH, is looking very strong.

juunpp
27 replies
20h58m

Nvidia did hire him precisely for his previous experience at this rival company, on the very same project that the two companies were partnered on, which is the same project that Nvidia hired him for.

Yes, this happens all the time.

There is no argument to be made that Nvidia wasn't aware he'd be coming with secrets.

This is not a logical conclusion from the above. Hiring for the exp is fine. Hiring for the trade secrets obviously is not. No serious company would do the latter, esp a company the size of Nvidia.

winocm
18 replies
20h25m

A thought that came to me recently in the shower: Isn't all knowledge effectively based on previous knowledge, and by extension, experience?

i.e: A programmer knows how to do X, leaves a company to do Y, where Y is in the same field of work as X. Doesn't X still affect the programmer on a subconscious level and henceforth, their thoughts indirectly?

FirmwareBurner
8 replies
20h6m

Bringing knowledge is one thing, which is legal, but stealing source code and design files from your employer to copy it to the systems of their competitor where you now work is a completely different thing which is illegal.

Companies want your knowledge, not you bringing proprietary IP from their competitor to work, as they know that's a very expensive lawsuit waiting to happen.

wombatpm
7 replies
19h16m

But what if I have an idemic memory?

FirmwareBurner
2 replies
19h11m

Then you'd be able to draw and type out everything from scratch directly on your employer's PC and not have to download it via USB drives or email, like this guy did.

chii
1 replies
16h1m

So if you obtained an idemic memory via installing a camera, flash drive and io ports into your brain?

How or why is the mere transport method of information the distinction between infringement of IP vs not?

FirmwareBurner
0 replies
6h42m

Probably because very few people have idetic memory to store 6GB of data in their brains with the utmost fidelity and unless you can also install a printer to your brain, it would take you a long time to reproduce 6GB of data by hand from your brain.

Transport method it is because it means there's hard proof and a paper trail of the IP theft that you can prove in court. Memorizing something has no paper trail and also leads to a clean room deisgn. That's why companies want to hire people or entire teams, to do clean room deign, without any of the original data.

If I go watch a movie and then tell people what I saw it's fine. If I record the movie with a camera and show it on screen that's the IP theft.

unethical_ban
0 replies
18h22m

Then congratulations, you're able to ~~excel~~ exfil more data.

We live in an imperfect world and solve problems as best we can.

themoonisachees
0 replies
17h50m

Idemic or "photographic" memory as depicted in popular culture does not exist. most of the people who can remember a lot of information very quickly are actually on some level of deliberately using mnemotechnique methods, such as nursery ryhming (like that one released soldier in vietnam) or graph traversal. it's preposterous to assume that anyone could recite fragmented data such as source code simply by being exposed to it (ie not by purposefully memorizing it)

hobs
0 replies
15h7m

Then it's fine in the United States at least - all the laws are about copying data/files/assets not about using your mind.

anonymouskimmer
0 replies
18h19m

Then copyright comes in to play. You should have been taught how to avoid plagiarism in school. Use those techniques to reimplement. These techniques involve more than just using synonyms and rephrasing.

kmeisthax
6 replies
19h46m

This is the "inevitable disclosure" argument - AKA the idea that the experience is the secret, and thus nobody should ever be allowed to switch employers ever again.

For various reasons (notably, the fact that slavery is illegal), we don't accept this in general. You have to show that secrets were copied in full. Employees cannot memorize millions of lines of source, they can only memorize vague architectural details that would be easily reverse engineered by competitors. If you want to own those vague details, get a patent, or shut up.

throwaway914
4 replies
19h2m

In theory, one can memorize a great deal.. I do agree with you, though.

whatshisface
3 replies
18h32m

Memorizing a sizable fraction of Windows source code so you can take it to Apple sounds like the most pointless and difficult heist imaginable!

zer00eyz
2 replies
17h2m

This sounds like the plot to a Netflix movie...

jzombie
0 replies
7h23m

"Windowed Gardens: The Source Code Heist" featuring Rainman

juunpp
0 replies
14h54m

https://wiki.winehq.org/Developer_FAQ#Who_can.27t_contribute...

Wine does not allow people who have worked on Windows to contribute precisely for this reason, with some nuances as noted in the link above.

denton-scratch
0 replies
3h50m

nobody should ever be allowed to switch employers ever again

Venetian glassmakers were banned from leaving Venice with their technical know-how. The Venetian government employed assassins to take them down if they tried to defect.

jfim
0 replies
20h15m

You can bring your expertise in X without the source code that does X. The former is legal, the latter is not.

SoftTalker
0 replies
14h1m

This is why companies want employees to sign noncompete agreements (in jurisdictions where they are not illegal).

beardedwizard
4 replies
18h26m

This proves individual employees routinely steal trade secrets; yes, they do. It does not prove that the companies they join (US public companies in the United States anyway) willfully use it.

Think about the large scale conspiracy required to keep something like that secret from an entire company.

mcpackieh
2 replies
17h54m

There's no need to rope conspiracies into this. The structure of incentives in corporate environments have people in the company not looking for something they don't want to find. Managers would rather not know about violations and be able to tell their boss that their team are pros who got the job done fast, than investigate their reports for violations and quite possibly find a big mess that needs to be cleaned up.

Point is, shit that shouldn't happen routinely does happen anyway. "That wouldn't happen because it would be illegal" is generally bullshit.

juunpp
1 replies
15h3m

Companies of this size have routine code audits that would find copyright infringements of this sort. If the employee literally brought in source code files and not even change the name of the directory like it was highlighted here, it'd have been caught. The audit is also not conducted by the manager, but a third party. There is no possible way this would fly unless the individual intentionally stripped the source of copyright notices (the individual's fault), or the source code was just sitting on their laptop and never acted upon, etc.

So I think the question (and I'm not a lawyer...) is whether Nvidia conducted such audit and to what extent (if any) the other company's source code was merged into theirs (versus just sitting on the laptop).

KeplerBoy
0 replies
6h5m

Seems hard to catch at an audit. Surely he just used the stolen code as reference and didn't re-use entire files containing "Copyright by Valeo".

If he would have been any smarter, he would have kept the stolen files on a private computer and he would have gotten away with it.

swores
0 replies
3h54m

"This proves individual employees routinely steal trade secrets; yes, they do. It does not prove that the companies they join (US public companies in the United States anyway) willfully use it."

Why do you think that either the ethics or the willingness to risk breaking the law would be different between people being hired by a company vs. people working at a company?

A company's decisions are the decisions made by people who work there, and who once were being hired there. For a company to be complicit in encouraging a new hire bringing illegal IP with them requires one or more people at the company to make the same ethical/risk decision as the person joining. It doesn't require an announcement at an all-hands followed by a long slack conversation with the legal department, it doesn't need to be a huge scale conspiracy.

And it's no harder for a person who said "hey come bring your old employer's IP to my team" to keep it a secret from the entire company than it is for the person who joined doing that to do so.

In fact it's a bit easier, as long as they weren't stupid enough to discuss in a way that gets logged, the person or people encouraging it from inside the company are less likely to get caught, as a comparison of IP may be enough to prove wrongdoing on the part of the person who brought it, while anyone in the company who encouraged it couldn't be caught unless somebody ratted them out.

fnord77
1 replies
17h18m

And nobody at NVDA noticed when the employee pushed several GB of code into NVDA's repos?

juunpp
0 replies
14h52m

Where is the proof that the source code was merged? The article only mentions that former employees caught an eye of the source on the individual's computer; it does not mean the source code was merged or acted upon.

takinola
15 replies
20h46m

I don't have direct knowledge of this company or the parties involved but I would be highly doubtful that Nvidia would want to have an employee steal the secrets of a competitor/partner. In my experience, companies of this size would aggressively not want tainted IP inside their companies. He would need to be bringing across something as valuable as AGI, cure for cancer, etc for it to be even worth considering. There are numerous examples of companies being offered trade secrets of their competitors and reporting it back to the FBI just so they can avoid even the suspicion of stealing corporate secrets.

If you think about it for a second, it is kind of obvious. Pretty much every technology is reproducible with the right amount of talent, funding and time. Why commit a crime when you can simply throw money (of which you have a lot) at the problem? Responsible corporate officers know this and act accordingly.

ChrisMarshallNY
8 replies
20h27m

The company I worked for, was paranoid as hell about IP in the code. They hired some source scanning firm, for a lot of money, to continually scan our codebase.

They were mostly looking for GPL (nasty, naasssssty GPL!) code, but they also scanned for code that couldn't be accounted for in our "clean" repos. Not exactly sure how that worked (or even, if it worked at all. I think they brought smoke[0]).

[0] https://www.tell-a-tale.com/nasreddin-hodja-story-smoke-sell...

andy99
5 replies
19h37m

nasty, naasssssty GPL!

What does that mean? Why would scanning for gpl code be looked at badly? It presumably means a company is proactively abiding by gpl licensing. The only thing better would be to use gpl and share their source as well. But of course it's a legit choice to just not use any gpl'd code.

It's probably more common to just turn a blind eye to gpl code, so it's good to see companies making sure they're on the right side of it.

ChrisMarshallNY
4 replies
19h19m

It was a joke.

I'm not a fan of "viral" licenses, and agree that, if a company doesn't want to abide by the license, they should not include them, but I am also not a fan of trying to force others to force others, to force others, etc., ad nauseam.

I tend to use MIT, which isn't always everyone's cup of tea, but means that you can use my code, and it would be nice to be credited, but I won't cry myself to sleep, if you don't.

Thorrez
3 replies
17h20m

The MIT license requires giving credit. The difference between MIT and GPL is that GPL requires sharing the modified source code and licensing it the same.

ChrisMarshallNY
2 replies
16h21m

Yeaaahhh... I'm not going to argue about this. It's basically "Religion and politics," in this crowd, and discussions don't end well.

I apologize for my joke.

Thorrez
1 replies
11h46m

Huh, I wasn't trying to argue one license is better than the other. I was just trying to clarify what the licenses require. I didn't want someone to see your comment and think that it would be ok to use someone else's MIT-licensed code in a product without giving credit.

xigency
0 replies
6h29m

I take the MIT license and excise the credit clause for publishing my least important personal projects. I feel it gives me just enough cover (no warranty etc.) and avoids requiring people to stick my name into whichever unaffiliated project.

For work, I’ve definitely had to bury the fineprint MIT credits on some random help screen. It’s easy enough to do.

Re TFA: it’s kind of nice doing a bit of open source work on the job when you can reference or use random utility code later. There’s only so many times I want to write code for walking a dictionary in JavaScript or whatever.

As with anything, there are shades of gray and certainly more or less scrupulous ways to behave. Stealing GB’s of code is a bit much.

mangamadaiyan
1 replies
16h13m

Funny, I too worked for a company that did exactly this. The scanner was called "Black Duck" or some such.

ChrisMarshallNY
0 replies
16h3m

I don’t remember the name of the company, but it was a single word that began with “P,” (I think).

aaomidi
3 replies
20h44m

Why commit a crime when you can simply throw money (of which you have a lot) at the problem?

Indeed. But the stupidity of committing a crime does not actually stop companies from doing so. Mainly because the penalties for it are never harsh enough.

szundi
2 replies
20h20m

Stupidity in this case probably means low level employees cheating for benefits and career

Nvidia can get out of this fairly low cost then

Who knows

FirmwareBurner
1 replies
19h36m

>Stupidity in this case probably means low level employees cheating for benefits and career

That's most likely the case here. FFS, the guy stole 6GB of proprietary data and police found the stolen design files pinned on his wall at home, so the guy was fully committed to his scammer role, and not just an accidental "oopsie I walked out with some proprietary IP by mistake, better discard it and keep this low key so nobody finds out".

By the looks of it, this guy, most likely a Bluecard(German equivalent of H1B) was just cheating and stealing his way up the career chain through the revolving door of the blue-chip automotive sector, until he got caught.

Companies both big and small, never ever encourage you to bring to work proprietary files and data from your previous workplaces, since that's a guaranteed lawsuit as these things always get out eventually.

jampekka
0 replies
17h5m

Why do you deem the guy is most likely a Bluecard and how is it relevant?

MertsA
1 replies
19h38m

Would Nvidia the company want to engage in this? No. Would some middle manager involved in poaching this guy from the competitor want to do it? I have my suspicions. It takes two to tango and Nvidia didn't catch this themselves which raises some red flags. How was he hired? What kind of compensation was he able to negotiate? Was it well above the compensation Nvidia would ordinarily pay for an engineer of his level? How did he introduce the code into Nvidia's version control? Were there obvious red flags about the "development" pace that should have raised eyebrows during peer review?

I work at a big tech company and if I tried something similar, I'm pretty sure it would be caught internally. Even if I managed to pull it off, all it could realistically give me is a foot in the door. Some sketchy hiring manager isn't going to be able to just sweep some $500,000 signing bonus under the rug and $100k isn't unheard of for regular engineers here anyways. As far as compensation and promotion opportunities afterwards it stands little chance of mattering for that either. For the first few months nothing I did was even used performance reviews and it's a peer driven process to rate/promote engineers.

Combined that means that even if I wanted to do this, and I found a corrupt hiring manager that wanted to play ball, I'd have to sit on that IP for a few months after being hired, slowly introduce it into the codebase, alter it in response to peer review and to fit the new code base's coding styles, etc. In the end, that would prove useful for a grand total of one peer review cycle and then it's sink or swim on my own merits from that point forward.

All that to say, yes Nvidia doesn't want this kind of thing as a company, but there are still individuals who potentially stand to benefit and there's a lot of opportunities for Nvidia to catch this before it's accidentally shown on screen to the competitor it was stolen from this far down the line. I don't know much about Nvidia's corporate structure but it kinda seems like they're trying to avoid finding out about it rather than trying to actually prevent it.

FirmwareBurner
0 replies
17h40m

>Would some middle manager involved in poaching this guy from the competitor want to do it? I have my suspicions.

No company or manager I ever worked at, at both good and bad companies, would even think you'd be bringing stolen proprietary IP from your old job let alone allow something like this to happen under their nose with their knowledge.

They're far too afraid of IP lawsuits, as knowledge of the use of stolen IP can easily leak, and you then rating out that manager making them an accomplice, for anyone to allow for something like this to happen with their blessing. And plus, you never want to hire IP thieves, if they stole source code from their old job they'll steal from you as well.

>How was he hired?

Most likely Nvidia poached the guy on the premise he's gonna build form them something very similar to what he was working on at Valeo. The guy probably sold himself well to get the senior job at Nvidia but most likely knew he overpromised and would underdeliver, so to make his life easy at his new job, he took all the sourcecode and documents from his old job to use at is next job.

>How did he introduce the code into Nvidia's version control?

Well it's not like he was dumb enough to just dump in git all the stolen source code from Valeo with all the headers, variable names and copyright notices and nobody would notice. Most likely he kept the code on the laptop as an offline copy and only used it as inspiration for the code he wrote for Nvidia or maybe he even bluntly took Valeo's source code then pruned, redacted or renamed any and all references to Valeo and checked it in as Nvidia's project so nobody was the wiser that the code was not originally written by him.

AshamedCaptain
3 replies
20h3m

A problem here is that while the companies will generally make very clear that they don't want you to have any single line of code, any schematic, any drawing, anything at all from your previous company; they may also expect you to bring "experience" from the previous company, thereby pressuring more junior employees into doing exactly that - bringing some docs from the previous company - but not telling about it. Through my career I have been to several meetings where everyone was, notebook in hand, expecting to hear the "experience" from the new guy. That is obviously as legal as it gets, but the pressure for the junior employee to have kept a couple of notes is there, and you'd never know.

i.e. I suppose no one was aware that he had this code, and it's unlikely it went into nvidia's codebases or that nvidia wanted it; but it also doesn't mean nvidia did not pressure the guy into doing that.

FirmwareBurner
1 replies
17h11m

That sounds wrong in so many ways. Do you live in China or something where this is expected?

I've worked at about 10 or so companies in 3 countries and it was never expected for the juniors to ever "bring documents from previous workplaces as knowledge and not tell about it".

Bringing your "experience" means only the experience and problem solving skills that are in your head as we're in the knowledge work business. Bringing documents to regurgitate just means IP theft, not knowledge work and is no guarantee to make you a productive employee, and no company would ever touch you for ever doing that.

chii
0 replies
15h57m

Bringing your "experience" means only the experience and problem solving skills that are in your head

it's hard to differentiate experience with IP. For example, there might be a tricky problem (say, in manufacturing), and the solution is a trade secret. The "experience" from said employee is really just relaying that trade secret.

userbinator
0 replies
13h53m

Some people have very, very good memories and can bring all of that in their brain. Does that make it legal or not, just because it's in someone's brain and can be easily regurgigated at will? It's a subtle question.

tedunangst
0 replies
16h26m

So... noncompetes, except for the hiring company?

crazygringo
42 replies
16h35m

I seriously do not understand why any employee would steal their previous employers' code to use at a new employer.

There's little-to-no personal upside, and only horrible downside if you get caught.

I mean, this guy:

Moniruzzaman allegedly gave his personal email unauthorized access to Valeo's systems to steal "tens of thousands of files" and 6GB of source code shortly after that development... Valeo said its former employee admitted to stealing its software and that German police found its documentation and hardware pinned on Moniruzzaman's walls when his home was raided.

And while Nvidia presumably hired him for his expertise, they certainly didn't expect him to be stealing code, not even wink-wink-nudge-nudge. Corporate lawyers at trillion-dollar-companies take this stuff super seriously.

So this guy puts himself at massive legal risk... for what? So he can slack off for a few months while he pretends to write code that's already been written -- and gets to browse Reddit? Or so he can deliver code extra-fast in hopes of a quicker promotion -- that may or may not come? Is that really worth it?

It's crazy to me. Why would you risk that?

feelandcoffee
24 replies
16h23m

I wonder if this would become more common with things like ChatGPT.

Let's say you've been working in place A, you show your code to an LLM service (like the dozen or so Copilot-like services) and tell them to refactor. And for the sake of argument, let's say the LLM uses your code and questions for its next training dataset.

A few years pass, then you go to work at Place B, and ask a question that happens to be related to the problem that Place A's code solved, and they give you Place A's code as is.

sircastor
20 replies
15h38m

For this reason, and a few others, my workplace simply put a blanket ban on these kinds of tools. If our code is never exposed to the learning tool, it’s never in danger of being showing up somewhere else.

Incidental to that, I feel like these tools expose the reality behind “copyrighting code/math” and how fallacious it is. If the tool can generate the efficient methods of achieving a result, I think it becomes obvious that one shouldn’t be able to protect it via IP law.

thfuran
6 replies
10h55m

If the tool can generate the efficient methods of achieving a result, I think it becomes obvious that one shouldn’t be able to protect it via IP law.

Why does that only hold when the result in question is in software? Machines are just tools for achieving results.

nvy
5 replies
10h52m

Because you can patent a machine. The argument is that software is "just math" (because it literally is just doing binary arithmetic) and mathematics cannot be patented.

bad_user
3 replies
10h2m

Math should be patentable, too. I see no reason for why not.

The old argument that it's discovered rather than invented is bullshit. Multiple people can always have the same idea for an invention because we think alike and live in the same environment.

Or just ban patents altogether. Of course, this may discourage companies from investing in R&D and that's the real problem: how expensive is it to invent something, and does it justify a 20-year monopoly? But there are no good answers here, and trying to draw a line between math and non-math is bollocks.

zarzavat
2 replies
9h27m

There’s just something obscene about patenting mathematics. The universe gifts us these truths and our first instinct is that it should be the property of a human.

Patents exist to incentivize invention. As long as mathematicians are content to do mathematics for the love of it, and they certainly are, there’s no need for mathematical patents.

Practically speaking, mathematical ideas are building blocks not products. Patents on mathematical ideas discourage invention rather than encouraging it because they prevent use of that idea in new products - an idea that would have been discovered anyway. For example the parents of elliptic curve cryptography and arithmetic coding were hugely damaging to invention overall. Patenting a new kind of cork screw doesn’t have this problem, it’s a destination, not an intermediate.

thfuran
0 replies
9h15m

Practically speaking, mathematical ideas are building blocks

So are technological ones.

bad_user
0 replies
8h12m

The universe is not based on math, says math.

Math can be viewed as a product of how our minds work. We use abstractions to understand and predict the universe, but it's always imperfect, and the theories always incomplete.

E g., you'd think 1+1=2 is some universal truth, except integers don't exist in nature, being just another abstraction that we came up with. And of course, people can rediscover integers repeatedly, but that just says more about how our mind works.

And yes, math is a building block, but so is software. If math theories aren't patentable, that should happen based on them being trivial or perhaps being too useful to society, and not due to some romantic notions of discovery and the universe. Software, too.

thfuran
0 replies
10h42m

But a machine can also be mathematically described. Should that render it unpatentable, or will that have to wait until the grand unified theory of everything is sorted out?

treprinum
3 replies
14h42m

If you use GitHub, you feed OpenAI with your code as training data already, with GitLab you do the same for Google.

shkkmo
1 replies
6h34m

If you use GitHub, you feed OpenAI with your code as training data already, with GitLab you do the same for Google.

Do you have some evidence that github trained copilot on private repositories? They've been pretty clear about claiming they only used public repos.

Also, gitlab is not owned by Google AFAICT but is instead a publicly traded company.

treprinum
0 replies
1h16m

Some people complained that CoPilot outputted their rare code almost verbatim so I have no reason to trust whatever GitHub/Microsoft state.

galangalalgol
0 replies
13h17m

If you use on-prem gitlab, presumably that is not the case.

Silhouette
3 replies
15h16m

If the tool can generate the efficient methods of achieving a result, I think it becomes obvious that one shouldn’t be able to protect it via IP law.

But these kinds of tools can only do that because someone else already put in the work to write the solutions that are used to train their models. Isn't this exactly the kind of situation when copyright is supposed to apply?

kaliqt
2 replies
15h10m

But with enough training data, it's not generating it because it remembers the exact code line for line, it does it because it knows that to be a good method. Especially if you ask it to refactor it, that's a whole new creation even if it's been done before by some engineer somewhere.

bad_user
1 replies
11h26m

It's still parroting what other people did, it's not doing any math reasoning, and it's not any different to LLMs seemingly able to compose prose or poetry.

If you want to make an argument that math or software shouldn't be copyrighted, LLMs actually make the case for stronger copyright protections.

generic92034
0 replies
6h11m

If you want to make an argument that math or software shouldn't be copyrighted, LLMs actually make the case for stronger copyright protections.

Maybe, but as long as managers and shareholders all over the world are excited about the upside of the new technology, this is very unlikely to happen. ;)

LLMs would be dead in the water legally, if their owners had to account for every bit of IP the LLMs have been trained with.

dylan604
2 replies
11h15m

Just like with social media, all it takes is one person to not honor that request, and boom! your shit is out there. Sure, you can fire the offending party, but you can't just ask Co-pilot to not use your contributions. That's like asking the internet to give those pictures back. It ain't gonna happen.

ludston
1 replies
7h43m

It's quite a different from the analogy you suggest, as copilot is controlled by a single organisation and we know the address.

dylan604
0 replies
3h1m

I’m assuming you’re implying that a firewall rule can be applied to block access from the corp network. However, this is clearly ignoring the fact that work from home exists where the corp network can be bypassed.

ekianjo
0 replies
13h58m

You can self host LLMs you know

bennyg
0 replies
15h15m

Self-hosted LLM is really the only way to do this.

two_in_one
2 replies
11h32m

for this ChatGPT has a 'private' mode in which your conversation exists only while you keep it open. It's not used for training, an no human see it (presumably). The negative side is it disappears with no history, so you can't continue next day. That was introduced after complains similar to yours. Some companies put a total ban.

sillysaurusx
1 replies
11h25m

.

sillysaurusx
0 replies
52m

Whoops. I posted a comment, then changed my mind and disagreed with my premise. So I went to delete it, but somehow didn't. Sorry for the noise.

tremere
5 replies
16h22m

There is tremendous upside. You can look like a rockstar at the new company and propel yourself upwards with that momentum.

Blammar
3 replies
16h17m

More like a shooting star once your perfidy is discovered.

justrealist
1 replies
14h16m

You could easily milk it for 4-5 years and then transition into management before you have to pull your own weight as an IC.

Cacti
0 replies
9h57m

haha god it’s so true it hurts

TeMPOraL
0 replies
16h12m

As with any other crime, the trick is to not get caught!

jakobson14
0 replies
15h27m

Pure mythology.

blt
2 replies
13h40m

Maybe he was offered the job at Nvidia on the condition that he arrives with Valeo's code.

gbin
0 replies
5h56m

This seems so so extremely unlikely for an auto parking feature vs the huge legal risk and the certainty of getting caught: at any time Valeo can see that an algorithm is tuned similarly, sue and find their source code at Nvidia. The AV department at Nvidia is huge and it is not like they don't know what they are doing.

dylan604
0 replies
11h13m

Prove that conversation didn't happen. Of course it's not going to be in writing. Of course they are denying it now. Otherwise, there's literally no defense. So you either fall on the sword, or blame someone else.

dylan604
1 replies
11h19m

Is printing out and pinning the prints to the wall still a thing done IRL and not just a movie thing? We had to do prints to green-bar back in school days when we only had shared time at the school's computer lab. But I haven't considered printing code out since the early 90s. It seems so out of place in today's time

nvy
0 replies
10h53m

But I haven't considered printing code out since the early 90s.

TFA says he had documentation printouts, not code listings. That I can relate to; when learning something new or unfamiliar it's nice to be able to flip back and forth through the physical copy, make annotations, etc.

yumraj
0 replies
15h13m

You’re assuming all/large portion of the stolen code was developed by him and he could have even written all of it at the NVIDIA.

Maybe he needed all that to actually perform in the new job.

missedthecue
0 replies
16h7m

You can be lazy and get lots of promotions and bonuses. That's why. People risk major felonies to steal $5k from a bank. Getting fired on the (let's be real) low risk you get caught is nothing

krsdcbl
0 replies
3h31m

Rationally seen, you'd at least have to assume to get caught at some point, and you'd have to assume the company will do anything to hold you alone accountable for damages, therefore making any possible upside a terrible risk reward scenario for you - so far true.

Also if it was your own code, stealing it to "kickstart" your position at your new employer also feels like a rather bad deal: just bringing your knowledge and spend a good part of your time recreating something you already know how to do sounds like low effort for big money, a much better deal for you if your aim was to get better comp and job security.

The one thing that might skew this equation, and can only be theorized about with the knowledge we have here would be if your new employer DID collude with you and proposed tremendous returns for giving them access - eg a kind of off-the-record deal where you'll engage in corporate espionage & theft of ip for big cash following through some hidden compensation construct.

Assuming the latter would border on conspiracy theories and i don't want to suggest this would have been the case here. Just a play of thoughts to add to the reasoning that YOU doing it on your own for ill-guided hypothetical benefits might not be the sole factor leading to such theft at all.

fbdab103
0 replies
10h46m

If nothing else, it seems pretty silly to have the stolen source accessible from the new work computer. That's just asking for the ruse to be detected too easily (automated backups, virus scanning, etc which could fingerprint the data). Keep the illicit goods on an air-gapped, encrypted, personal computer that you can reference as required.

As far as I know, they were never able to find the Waymo files that Anthony Levandowski stole, because he was at least crafty enough to not load everything directly onto Uber hardware.

choppaface
0 replies
8h27m

Here's a good example of an ex-Uber employee who stole / took his excel-in-browser to his next employer: https://basta.substack.com/p/no-sacred-masterpieces

"but I took the code and shoved it into my back pocket for a rainy day."

Discussion: https://news.ycombinator.com/item?id=37527720

YetAnotherNick
0 replies
15h52m

There's little-to-no personal upside, and only horrible downside if you get caught.

Here you just mention upsides with very small chance of small downside. See the case for Anthony Levandowski which was much more serious crime as he knowingly created and sold a company with only moat being Wyamo docs and everything bad that could happen to him did happen. He spent 6 months in jail and now he rejoined as CEO in Pronto. The much more probable case is he got to enjoy $680M that Uber gave him and not have to worry about money again.

Symmetry
41 replies
20h36m

One of the generally accepted reasons why its hard to get graphics companies to open source their drives has always been that everybody is violating everybody else's patents. And while everybody knows this making it too obvious is a legal disadvantage. But I hadn't expected it was also true of copyright.

FirmwareBurner
22 replies
20h9m

> everybody is violating everybody else's patents

Violating patents is one thing, as you're only violating the concept/idea, but the implementation is still up to you meaning it will still be clean room design, whereas this guy also blatantly copied the source code and design files which is a slam dunk lawsuit, hence why no company ever wants to have competitors' IP on their systems.

throwaway54_56
21 replies
19h30m

Violating patents is one thing, as you're only violating the concept/idea, but the implementation is still up to you

The concept/idea is not what is patented. The patent is (or should be) for the specific execution of the idea. Competitors are free to implement their feature using methods other that what is covered by the patent, even if the end result gives the exact same functionality.

FirmwareBurner
9 replies
19h27m

>The concept/idea is not what is patented. The patent is (or should be) for the specific execution of the idea.

Have you ever seen patents? They rarely cover the implementation details, or at most they're intentionally super vague about that, most of the time it's just the general idea on how the widget would work and what it does, but not how to implement it technically.

throwaway54_56
7 replies
19h16m

I have seen patents. The whole point is to share a method of doing something, in return for exclusive use of that method for a period of time. That's the theory, anyway.

anon373839
5 replies
19h7m

I’m sure we’ll all be glad one day that Apple shared this research breakthrough:

https://www.theverge.com/2017/11/6/16614038/apple-samsung-sl...

criddell
2 replies
17h58m

A good example of a patent that was challenged in court and wasn’t totally invalidated is Amazon’s 1-click ordering. They patented storing customer shipping and payment details in a database so they could purchase something with a single click.

It expired in 2017 but for the period it was in force, Amazon collected millions in licensing fees.

SoftTalker
1 replies
14h5m

Patents really shouldn't be granted when any competent junior engineer could have designed and implemented the feature. This method is doesn't pass the "nonobvious" test.

User23
0 replies
13h2m

Batteries used to have cardboard instead of metal shells. Because of this batteries used to leak prolifically. Then an inventor patented the modern metal shelled battery. His competitors all started infringing so he sued. They claimed that the invention was "obvious." The judge ruled that it clearly wasn't obvious, because if it had been they wouldn't have been making the obnoxiously stupid cardboard batteries for so many years.

objclxt
1 replies
18h10m

You realize the patent you’re referring to was a design patent, not a utility patent? They are very different, the former only covers look and feel, not method.

anon373839
0 replies
16h12m

I wasn’t aware of that. But it’s even more baffling: how did they qualify for a patent on the design of a basic sliding latch?

FirmwareBurner
0 replies
19h10m

Then you misunderstood or saw too few patents.

BaculumMeumEst
0 replies
16h24m

They rarely cover the implementation details

if you can’t figure out how its implemented you’re looking at an invalid patent or an application

they're intentionally super vague about that

yes that’s how claims work

most of the time it's just the general idea on how the widget would work and what it does, but not how to implement it technically

you’re looking at an invalid patent or an application

dctoedt
8 replies
19h7m

The concept/idea is not what is patented. The patent is (or should be) for the specific execution of the idea. Competitors are free to implement their feature using methods other that what is covered by the patent, even if the end result gives the exact same functionality.

IP lawyer here (EDIT: not yours, of course): That's a considerable (and potentially-dangerous) oversimplification. What matters is whether what you do comes within the claims of the patent.

(For a more-detailed explanation, written in pseudocode-like terms, see a 2010 post I did: https://www.oncontracts.com/how-patent-claims-work-a-variety....)

david-gpu
4 replies
17h37m

At some point I was told to never ever look at a competitor's patents, because doing so would worsen the penalties if it turned out that our design infringed upon them. Can you confirm that's true?

Doesn't that mean that in general it is also a really bad idea to ask an engineer questions about a particular piece of tech that they patented at a previous employer, even though the specific information is a matter of public record by virtue of being explained in the patent?

toast0
1 replies
17h26m

Willful infringement allows for up to triple damages. The expectation is you can't do willful infringement if you're not aware of competitor's patents, and you can't be aware of them if your policy is to never look at patent documents. Or that's the idea anyway.

dctoedt
0 replies
14h10m

The expectation is you can't do willful infringement if you're not aware of competitor's patents, and you can't be aware of them if your policy is to never look at patent documents. Or that's the idea anyway.

"Willful blindness" can be a danger (according to the Supreme Court, albeit in a different context).

Possibly a bigger danger: Your product gets kicked out of the market by an injunction (a court order to stop making, using, selling, etc.)

pierat
1 replies
17h6m

Just search it in Yandex with a VPN, and in a Tails VM just for paranoid-icity.

I did similar for medical self-symptom before ACA prevented "pre-existing condition" scam.

teddyh
0 replies
13h51m

That stuff is exactly what the Tor Browser is for: <https://www.torproject.org/download/>. No need for any of that other stuff.

IG_Semmelweiss
1 replies
16h6m

Question, in this case, is it a violation of patents + trade secrets, or just the patents?

dmoy
0 replies
13h34m

The case in the original article is not patents at all. Closer to copyright? Idk if it's actually copyright or some other trade secret law (? sorry, don't know much about non-patent IP law)

dmoy
0 replies
17h48m

Yea, this is a more correct explanation. Not a patent lawyer, but raised by one lol.

Tangentially, it gets difficult in software because a lot of patents are .... maybe overbroad in their wording of claims. Lot of ambiguous looking landmines.

This is somewhat similar to business method patents (which were curtailed a little by the SC a decade ago, but were already known to be kinda sketchy for decade+ before that). Can't patent a pure algorithm, for example.

conradev
0 replies
18h58m

The specific execution of an idea is also an idea, though

I feel like the granularity of patents is defined more so by where the frontier of knowledge is for a given domain than the patent office (i.e. what is hard but also valuable). But, I also haven’t spent a lot of time with patents

atq2119
0 replies
19h20m

Idea is a pretty general term. I have a bunch of patents and I would describe them all as patenting an idea (for how to achieve some goal).

The implementation or execution of the idea usually takes the form of some Verilog or some C++. That is covered by copyright.

The patent is for the idea. Which is part of why I'm so opposed to patents, not just in software. In other fields, like medicine, patents are perhaps for discoveries, which are IMHO similarly valuable as the execution. But ideas aren't that valuable, or shouldn't be.

justinclift
8 replies
16h16m

For Nvidia, the most likely reason they've strongly avoided Open Sourcing their drivers isn't anything like that.

It's simply a function of their history. They used to have professional level graphics cards ("Nvidia Quadro") using exactly the same chips as their consumer graphics cards.

The BIOS of the cards was different, enabling different features. So people wanting those features cheaply would buy the consumer graphics cards and flash the matching Quadro BIOS to them. Worked perfectly fine.

Nvidia naturally wasn't happy about those "lost sales", so began a game of whack-a-mole to stop BIOS flashing from working. They did stuff like adding resistors to the boards to tell the card whether it was a Geforce or Quadro card, and when that was promptly reverse engineered they started getting creative in other ways.

Meanwhile, they couldn't really Open Source their drivers because then people could see what the "Geforce vs Quadro" software checks were. That would open up software countermeasures being developed.

---

In the most recent few years the professional cards and gaming cards now use different chips. So the BIOS tricks are no longer relevant.

Which means Nvidia can "safely" Open Source their drivers now, and they've begun doing so.

chii
2 replies
16h5m

Customers really, really hate segmentation of product [1], esp. if the product end up being exactly the same!

I think companies should stop trying to segment customers. It's a long term loss, despite a short term gain.

[1] https://www.joelonsoftware.com/2004/12/15/camels-and-rubber-...

user_7832
0 replies
4h58m

Thanks, that was an excellent read. If that article hasn't been posted to HN recently, I think it deserves to be posted.

justinclift
0 replies
13h42m

It's a long term loss, despite a short term gain.

While I dislike market segmentation as much as anyone, it seems like it worked out ok for Nvidia.

It let them keep a (very) profitable segment of the business, which in turn financed other developments and let them become the GPU leader for a very long time.

No idea how it'll play out in the end of course, but we're definite past the whole "short term" time frame.

KeplerBoy
2 replies
6h10m

Nvidia still sells Quadro cards with the same chips as their gaming counterparts but much more VRAM. They are mainly used for workstations (CAD stuff, VFX, some CFD, maybe also some AI for small scale testing).

justinclift
1 replies
3h48m

Didn't they rename things a while ago?

I'm remembering this, though it's possible some things might have escaped the rename:

https://www.nvidia.com/en-us/design-visualization/quadro/

KeplerBoy
0 replies
1h20m

Ah yes, seems they did. I'm still on a Quadro RTX 4000 (Turing) so I thought they just slapped RTX on there after Quadro.

blagie
0 replies
16h2m

I suspect there are a few issues:

1) NVidia drivers had a lot of secret sauce to give high performance.

2) NVidia for machine learning still has a lot of platform lock-in (although fading gradually), and cross-compatibility doesn't help them

3) Quite often, if you've licensed something from a third-party, you can't legally open-source. Proprietary codebases sometimes get... messy.

I'm jumping ship as soon as Intel drivers are good enough. I don't trust AMD to have anything working -- too many bad experiences -- but Intel has a good track record. Arc A770 gives 16gb for <$300. That's as much as I have on my >$1000 NVidia card. I don't need maximum FLOPS. So long as deep learning models run, and 3d apps are accelerated, I'm happy.

Already__Taken
0 replies
6h43m

it's possibly even less evil, may be to remove flashing the bios at all for support simplicity. I flashed a 7800gt to a gtx for use in sli with a gtx I bought much later. weirdly I expected to flash the gtx down to the older GT but that wouldn't boot.

ip26
4 replies
19h54m

Given independent invention is apparently not a defense against infringement, that makes a lot of sense. I can’t even imagine trying to screen the codebase for that.

sokoloff
1 replies
19h39m

"Infringement" is not specific enough there. Independent invention is not a defense against patent infringement, but is a defense against copyright infringement.

chii
0 replies
16h4m

It's not easy to prove independent invention as a defense, because you have to have set it up to do so in the first place, not after the fact.

kahnclusions
1 replies
19h16m

No, but a patent can be invalidated if you can show that the idea is obvious to practitioners of the trade, i.e. given the same problem most software engineers would arrive at the same solution.

randombits0
0 replies
15h31m

Same with the copyright. Purely functional code is not creative expression and cannot be copyrighted.

ric2b
2 replies
16h30m

AMD has open source drivers so it's basically just NVIDIA that doesn't.

Unless you already want to count intel, not sure if they count as actual products or are still in early access.

skavi
0 replies
16h26m

Intel’s Linux drivers are also open source IIRC.

cyanydeez
0 replies
19h7m

and now we have AI violating everything.

gremlinsinc
16 replies
20h35m

German police found its documentation and hardware pinned on Moniruzzaman's walls when his home was raided

WTF actually prints out documentation? Let alone pins it to their walls? I mean....seriously does anybody actually do this?

AndroTux
10 replies
19h50m

Germans. We love printing, faxing and scanning stuff.

FirmwareBurner
9 replies
19h35m

>Germans.

Mohammad Moniruzzaman

Very German.

anthk
5 replies
17h41m

By that name it could be a modern Spaniard, French or German fully assimilated to the culture. Specially if he was born there.

FirmwareBurner
4 replies
17h35m

>fully assimilated to the culture

The culture of stealing IP from your employer?

jampekka
3 replies
17h1m

Would be relatively tame compared to what kinds of actions the German culture is quite easy to associate with.

FirmwareBurner
1 replies
16h58m

Like? Socks in sandals?

jampekka
0 replies
16h43m

Sauerkraut and such of course.

anthk
0 replies
7h25m

Wolkswagen's data mangling?

krmboya
1 replies
17h34m

I hope you don't write software that flags people by their name

FirmwareBurner
0 replies
17h25m

FYI, a lot of other nationalities besides German work in Germany. It's natural to find immigrants in almost every company, especially the big international ones.

jampekka
0 replies
16h57m

Adolf would be more German indeed.

rightbyte
1 replies
20h26m

I do. I can't read any length of text on a screen. I pin stuff to the wall too, of quick sheet character. Like Emacs hotkeys, C operator precedence, pinouts, general specs etc.

filchermcurr
0 replies
20h17m

Same. I recently bought a Kindle Scribe (would have preferred Kobo, but enh) to see if that would make it easier than constant printing and shuffling papers. It's alright. Better than a monitor, slightly less good than paper.

jbverschoor
1 replies
20h21m

I'd love to have a 100 inch hidpi eink wall.

WalterBright
0 replies
19h44m

So would I. But I settle for an extra monitor in portrait mode, and will stick the pdf documentation in it when I'm following a spec.

FirmwareBurner
0 replies
20h15m

>WTF actually prints out documentation?

Probably easier to exfiltrate confidential documents when printed, rather than digitally through the company internet which is logged and points straight to you.

If I print something confidential and take it home there's only the printer logs as proof that I printed it, but no proof that I also took it home (unless there's surveillance footage).

>Let alone pins it to their walls?

The man is proud of his work, wants to see it daily for motivation.

clnq
16 replies
20h48m

This often happens ingenuously, not out of calculated ill intent. Coders will keep code snippets and thoughts in personal knowledge tools like Notion, and then reuse them in different companies. Or contractors will straight up copy and paste code from source files of projects they worked on for different companies, thinking "I wrote it, so I could write it again, but why bother?", or something along those lines. People don't usually brag about these things, but they do come to light in random conversations.

This is exactly what happened here:

According to Valeo's complaint, Mohammad Moniruzzaman, an engineer for NVIDIA who used to work for its company, had mistakenly showed its source code files on his computer as he was sharing his screen during a meeting with both firms in 2022

In most cases, these people are asked to remove all such code from the codebase and never do it again, but news about this rarely reaches the executive level. Usually, there aren't clear rules that it's supposed to be reported, so low level managers handle it the best they can. Of course, this guy got caught in very unusual circumstances.

It is also very unfortunate to be the software engineer who notices others doing this, because it puts you in a whistleblower's dilemma. The upper management does not want to be implicated in this and they do not want to know. Besides, informing them would definitely lead to the coder's firing. What is worse, many programmers see liberal use of IP as "not a big deal". So you would be perceived as causing problems for upper management, and getting people fired for "petty" reasons. It can sink your career in most companies if you witness this and it gets out. There are laws that protect whistleblowers from being let go sometimes, but it's not conducive to anyone's career growth to remain in the company because they cannot be fired.

kuroguro
7 replies
20h27m

paste code from source files of projects they worked on for different companies

I wonder what would happen if legal action started between two companies and it turned out a coder pasted code from personal projects that predates both.

jandrewrogers
3 replies
15h55m

You can easily add terms to employment contracts that grant non-exclusive license to code you own that you use in the course of employment. I've done it many times. The only issue that has come up out of this is when someone wants a warrant of exclusivity downstream of that, but that has never been a showstopper.

clnq
2 replies
4h31m

Isn’t it almost always much better in acquisitions that the acquired company owns all of their code? I have been told so many times. Apparently the valuation is significantly impacted if they do not.

jandrewrogers
0 replies
53m

Companies use tons of open source code, it isn’t any different than that. And in many cases, these were huge companies, not startups. It was a shortcut to reimplementing the same code. No valuation impact.

denton-scratch
0 replies
3h35m

My Director of Development once explained to me that our company rented all its offices; that its only assets (other than people) was its code; and people can leave. He was scrupulous about keeping GPL out of the codebase.

__turbobrew__
0 replies
19h54m

For most contractual agreements you assign copy-write of your work to your employer. So if you used your personal project in work for your employer the copy-write becomes theirs.

My guess is that in your hypothetical scenario the first company would own the IP and could sue the worker or other company for infringement.

FirmwareBurner
0 replies
19h51m

>I wonder what would happen if legal action started between two companies and it turned out a coder pasted code from personal projects that predates both.

Highly unlikely. This was no FOSS web library he was working on, but some relatively cutting edge embedded automotive stuff, which few people do in their free time as a side project to put on github.

And anyway, according to most industry contracts and work laws, whatever code you check in your employer's systems during work hours and using work equipment, automatically now becomes your employer's code which you now can't share anymore.

Crosseye_Jack
0 replies
19h55m

INAL (so take this with the pinch of salt that it comes from someone just thinking out loud), but I think it would depend on a number of factors such as how novel the code was, and how integral the code is (just to name two factors)

If the code was something as simple as let’s say leftpad for a simple example, it could be argued that it’s not the “meat” of the application so those few lines can not by themselves be copyrighted but the whole work (or even larger portions of it) can be.

If it was some special sauce algorithm, it could be argued under their work contract that the employee assigned copyright of the code of the personal project to the first employer they did the work for.

It also depends on the status of the employee, the contract of the employee, and the jurisdiction of both employee/employee.

A “full fledged” employee work is often deemed as the companies property if done under the course of their employment. A contractor in the US is about the same, however in the UK a contractor by default can retain the copyright of the “work product” unless stipulated otherwise in the work contract (so most contracts will state that you as a contractor are assigning copyright for the work you do to the company).

So in that last case it could be argued that the coder still owns the copyright but licenses the use to both parties. It would then be a case of the two companies maybe suing the coder for selling code they may have represented as given them an exclusive license to it, but obv didn’t because it was licensed to multiple companies.

ohyes
3 replies
19h55m

Or worse, they may just remember how they coded it last time and code it the same, or only remember subconsciously and code it the same without knowing.

Someday there will be technology to erase all memory of work you did in service of your corporate overlords and you’ll be able to start with a true clean slate at every job.

kennethrc
2 replies
19h47m

Someday there will be technology to erase all memory of work you did in service of your corporate overlords and you’ll be able to start with a true clean slate at every job.

https://www.imdb.com/title/tt11280740

muhehe
1 replies
19h41m
teddyh
0 replies
13h33m

Based on a Philip K. Dick short story, available here:

<https://web.archive.org/web/20150419135441/http://american-b...>.

edgyquant
1 replies
16h57m

Coders will keep code snippets and thoughts in personal knowledge tools like Notion,

Do they? I’ve never personally done such a thing, though I may keep some code in public GitHub repos. I’ve rewritten quite a bit of the same logic at most places I’ve worked over the years.

dbattaglia
0 replies
5h28m

I’ve seen it happen, including other employees telling me I should make sure to zip up my code before I left (which I would never do). It’s only been at the earlier companies I worked for with many devs of questionable skill level. I’m not sure what’s behind the mentality, I assumed the act of writing decent code was challenging to them or it was perhaps something they were proud of, but maybe it’s also some misplaced sense of ownership. At one company I’ve experienced a dev asking back printouts of a design for a CRM at the end of a presentation, I assumed it was “borrowed” from their last job (thankfully we went a different direction). But regardless it definitely is a thing.

I’ve rewritten quite a bit of the same logic at most places I’ve worked over the years.

Same here. I’ve learned to enjoy it, like perfecting a craft.

mkl
0 replies
17h53m

The screen sharing incident is not the important thing that happened here. From the article:

Moniruzzaman allegedly gave his personal email unauthorized access to Valeo's systems to steal "tens of thousands of files" and 6GB of source code shortly after that development. He then left Valeo a few months later and took the stolen information with him when he was given a senior position at NVIDIA, the complaint reads.
asddubs
0 replies
20h29m

what about this:

Valeo said its former employee admitted to stealing its software and that German police found its documentation and hardware pinned on Moniruzzaman's walls when his home was raided. According to Bloomberg, he was already convicted of infringement of business secrets in a German court and was ordered to pay €14,400 ($15,750) in September.
UberFly
8 replies
21h17m

One of the employees had his previous employers' code. There will have to be proof that Nvidia even knew about it for this to go anywhere beyond the employee.

mcpackieh
5 replies
20h37m

What does it mean for "Nvidia to know" something? Does it never count as a "corporation knowing" unless the executives are aware of it? Obviously this cannot be the standard by which companies are held accountable.

IshKebab
4 replies
20h17m

It's pretty clear what he means. He means that the managers and executives are ok with stealing code.

mcpackieh
3 replies
20h9m

How many managers need to be in-the-loop with the theft before we can fairly say "the corporation knows"? As far as I'm concerned, even if no managers are aware of it, they should have been aware of it (it's their job to know what their reports are doing) so the corporation should be liable for the theft. Otherwise it's trivial for everybody to play dumb and turn a blind eye to what's going on.

ohyes
0 replies
19h52m

The magic number is 1 manager.

Xelynega
0 replies
19h52m

Yea "they were too big to know something illegal was going on" is a narrative that benefits these large companies while ensuring any individuals or small companies that do the same see the full force of the law.

IshKebab
0 replies
18h52m

2

juunpp
1 replies
21h9m

I am positive Nvidia has no part in this. A corporation of this size is severely allergic to foreign proprietary code and would not risk the lawsuit. Sounds more like this individual forgot to read the memo on IP, and the article says he was already sued by the German courts for prior misconduct anyway.

Kind of reminds me of the guys who do personal stuff on their work laptop and then get the entire company pwned. Do people not read the fucking manual anymore?

alistairSH
0 replies
20h50m

Anymore? People have never RTFM.

steponlego
3 replies
20h56m

I just avoid NVIDIA because they hate Free Software, not for any other reason.

kkielhofner
2 replies
18h26m

400 GH repos:

https://github.com/orgs/NVIDIA/repositories

Not to mention tons of other projects that live outside of the main org, contributions to other projects all over the place, etc.

So much hate for free software.

The “I hate Nvidia because all I know is their driver is proprietary” schtick is old.

They crossed the $1T mark in value solely because of the almost completely open source ecosystem (a large portion of which they directly develop and contribute to) that runs on top of their hardware and (yes, proprietary) driver.

They’re not angels but this position is something out of Slashdot circa 2005.

anthk
1 replies
17h42m

CUDA. Non-free firmware. Still bad. And Radeon the same, propietary firmware run by the kernel is needed sometimes to even boot the GPU, it just happens Linux-Libre patches it and the Modesetting driver will work fine until you call 3D accelerated calls, when that happens the system may either panic or crash X entirely. That can be fixed by setting RenderAccel to none in the X.org config file.

kkielhofner
0 replies
17h15m

These plus Raspberry Pi firmware, Intel ME, the list goes on and on.

RISC-V is so exciting and interesting because it’s practically the first time in modern history 100% open source meets reality.

People that act as though Nvidia is the exception here should just say they hate Nvidia for personal reasons - and that’s fair and fine.

Again, they’re not angels and they do all kinds of shady things but to single them out vs practically every company in history is just bizarre.

happytiger
3 replies
16h5m

Tertiary point but one that been on my mind…

What’s the difference between one person doing it individually and a company doing it to train an AI? I mean isn’t this exactly what a lot of LLm training data is built on as well?

I get there might be different legalities, but morally isn’t it all basically merely degrees of theft? Like this is trade secret theft, but training an AI on the code isn’t?

You can download a car…

mattnewton
2 replies
15h59m

How is this morally theft anymore than hiring someone who has experience solving the problem to solve the problem again? As long as they aren’t reproducing the solution verbatim it’s already morally acceptable to hire experts for their experience. Why would “hiring” software for its “experience” be different?

happytiger
1 replies
14h41m

Because he copied the source code or at least had it for reference all over the room he was coding in?

mattnewton
0 replies
11h17m

Right, and if you do that, it’s theft under the law because we want to reward people for doing novel work. In the same way if I could get GitHub to send me a copy of your private proprietary repository without your consent, that would be called theft by the law, because it removes the incentive to invest in proprietary software. If I hire one of the engineers who worked in that repository and spent years on the problem so she could code solutions to it in their sleep that’s not theft in the law, because we value labor rights, the free exchange of ideas, and want to incentivize building up human capital. Even as it creates a new risk people investing in proprietary software have to deal with now.

If I hire “software” that learned from a copy written source, but doesn’t reproduce the copywritten code directly, why is that different from hiring someone who worked on that project before?

I think morality isn’t a useful compass here, it isn’t a moral problem. It’s a problem of what kinds of rules you want for society to increase utility for everyone around these tools. If you restrict learning from each other too much you stifle progress. If you make it too easy to copy the leader in a field you disincentivize anyone doing novel research first.

siva7
1 replies
19h46m

Never share your screen, only a window!

RadixDLT
0 replies
17h56m

never steal

redder23
1 replies
20h57m

And they will get a slap on the wrist at best. They made billions this is just peanuts.

tmtvl
0 replies
18h39m

Should just give the board of directors 100 lashes. Except of course if it turns out they didn't know about it, then they should get 200 lashes, have their genitals chopped off, and their immediate family be given 10 lashes. Just like the good old days.

mnd999
1 replies
20h45m

Nvidia definitely don’t have form for stealing trade secrets. They never stole anything from SGI.

mcpackieh
0 replies
20h44m

How can you know that?

lsllc
1 replies
15h4m

Compare Moniruzzaman with Sergey Aleynikov [0] who allegedly "stole" [open source] Erlang code from Goldman Sachs, was arrested by the FBI at Newark airport, found guilty in Federal court and was initially sentenced to 8 years in jail although it was overturned on appeal. He was then tried again on the same charges this time in NY state courts and again the conviction was overturned but then reinstated on appeal by the NYC DA, he was ultimately sentenced to time served (1 year) while waiting for the federal trial as he was deemed a "flight risk".

So I think with "only" a €14,400 fine, Moniruzzaman did better than Sergey despite apparently committing an actual crime.

[0] https://en.wikipedia.org/wiki/Sergey_Aleynikov

slow_numbnut
0 replies
7h51m

Judges and prosecutors should lose their immunity and be held accountable for their negligent and reckless actions. Legal systems can never be just until bad actors face repercussions, irrespective of what role they serve.

latchkey
1 replies
21h4m
gremlinsinc
0 replies
20h34m

it is... but there's apparently a lot more discussion on this thread so maybe that one should be rolled into this one...

dontupvoteme
1 replies
20h36m

_always_ refactor, rename and relib when you reuse !

gumballindie
0 replies
16h57m

Or simply use procedural generators, such as llms. Those will rinse ip like it’s nothing.

smallstepforman
0 replies
11h30m

Most professional software engineers develop a coding style, with consistant function headers, names, case, variable naming etc. Rewriting a feature from scratch may look very similar to your previous work in a screenshot.

Not only do engineers face this problem, but so do hair dressers, architects, pizza masters, soccer players, etc when they switch employers.

mediumsmart
0 replies
6h29m

He is actually working for AMD and this is his retirement package.

jonplackett
0 replies
19h38m

Was hoping they stolen CUDA from AMD

aunty_helen
0 replies
19h31m

Too many requests -- error 999.

Did engadget get the hug of death???

almost_usual
0 replies
21h5m

Moniruzzaman allegedly gave his personal email unauthorized access to Valeo's systems to steal "tens of thousands of files" and 6GB of source code shortly after that development.