One day we (the ReactOS developers) stumbled upon a website where someone claimed to be writing a Windows NT clone - this was http://www.akshor.com.
After looking at the screenshots of their bootmanager (Todo: put links to images here) some of us suspected them to have used our FreeLdr bootloader.
Some day around 2004-11-09 Ekush has released binaries of "their" first version which looked very much like ReactOS. Ge van Geldorp (a ReactOS developer, aka GvG) has then uncovered what Ekush was trying to hide:
By looking at the strings in their ntoskrnl.exe it was clear that this was indeed (at least based on) ReactOS.
$ strings -a ntoskrnl.exe | grep Ros CcRosInternalFreeCacheSegment failed, status = %x CcRosUnmapCacheSegment failed, status = %x CCRosUnmapCacheSegment failed, status = %x CcRosInitializeFileCache CcRosReleaseFileCache KeRosDumpStackFrames KeRosPrintAddress $ strings -a ver.dll | grep ReactOS OS2 Images not supported under ReactOS at this time.Original Email: http://reactos.com:8080/archives/public/ros-dev/2004-November/000513.html
Shortly after this mail was sent (2004-11-09) the Ekush site went down for "maintainance".
On 2004-11-10 the Ekush website was back up with a modified set of binaries which was again checked by GvG. He found that all strings which he reported in his first email have gone (except CcRosInitializeFileCache and CcRosReleaseFileCache from ntoskrnl.exe)
Original Email: http://reactos.com:8080/archives/public/ros-dev/2004-November/000528.html
I suspect that they have also violated Microsoft's copyright by using their floppy driver and replacing the string "Microsoft" by "Lianasoft" (which both happen to have the same count of characters - that means it is easy to edit a binary file and replace "Microsoft" by "Lianasoft")
Once this is approved we will not hesitate to inform Microsoft.
Note: For those who think that in Bangladesh you do not have to care about copyright, like the Ekush people seem to do, look at http://news.bbc.co.uk/1/hi/world/south_asia/826331.stm!
The owner of the Ekush domains is named "Shamsuddoha Ranju" and works for Siemens - one would assume they know about copyright law - so he has been emailed by Filip Navara about the violation of copyright and asked him to remove the binaries.
In the afternoon of 2004-11-10 the Ekush website went down again and Shamsuddoha Ranju has not yet replied to Filip Navaras email - we think the website provider has taken down the site.
Since their only intention seems to be to sell ReactOS, WINE, Qemu and Freetype as their own work and violate international copyright laws I decided to take a look at their ntoskrnl.exe (as of 2004-11-10) and dig up another evidence that this is our code.
What I found was our taskswitching code which was clearly copy & pasted from ReactOS source code.
ReactOS source code | Ekush OS ntoskrnl.exe (MD5SUM: 4a695772c19a13d15c2a004a695e16b9, date: 10.11.2004) |
---|---|
.globl _Ki386ContextSwitch _Ki386ContextSwitch: /* * FUNCTIONS: Switches to another thread's context * ARGUMENTS: * Thread = Thread to switch to * OldThread = Thread to switch from */ pushl %ebp movl %esp, %ebp |
c0003020: 55 push %ebp c0003021: 89 e5 mov %esp,%ebp |
/* * Save callee save registers. */ pushl %ebx pushl %esi pushl %edi |
c0003023: 53 push %ebx c0003024: 56 push %esi c0003025: 57 push %edi |
/* * This is a critical section for this processor. */ cli |
c0003026: fa cli |
/* * Get the pointer to the new thread. */ movl 8(%ebp), %ebx |
c0003027: 8b 5d 08 mov 0x8(%ebp),%ebx |
/* * Set the base of the TEB selector to the base of the TEB for * this thread. */ pushl %ebx pushl KTHREAD_TEB(%ebx) pushl $TEB_SELECTOR call _KeSetBaseGdtSelector addl $8, %esp popl %ebx |
c000302a: 53 push %ebx c000302b: ff 73 20 pushl 0x20(%ebx) c000302e: 6a 3b push $0x3b c0003030: e8 eb 10 00 00 call 0xc0004120 c0003035: 83 c4 08 add $0x8,%esp c0003038: 5b pop %ebx |
/* * Load the PCR selector. */ movl $PCR_SELECTOR, %eax movl %eax, %fs |
c0003039: b8 30 00 00 00 mov $0x30,%eax c000303e: 8e e0 mov %eax,%fs |
/* * Set the current thread information in the PCR. */ movl %ebx, %fs:KPCR_CURRENT_THREAD |
c0003040: 64 89 1d 24 01 00 00 mov %ebx,%fs:0x124 |
/* * Set the current LDT */ xorl %eax, %eax movl KTHREAD_APCSTATE_PROCESS(%ebx), %edi testw $0xFFFF, KPROCESS_LDT_DESCRIPTOR0(%edi) jz .L4 pushl KPROCESS_LDT_DESCRIPTOR1(%edi) pushl KPROCESS_LDT_DESCRIPTOR0(%edi) pushl $LDT_SELECTOR call _KeSetGdtSelector addl $12, %esp movl $LDT_SELECTOR, %eax .L4: lldtw %ax |
c0003047: 31 c0 xor %eax,%eax c0003049: 8b 7b 44 mov 0x44(%ebx),%edi c000304c: 66 f7 47 20 ff ff testw $0xffff,0x20(%edi) c0003052: 74 15 je 0xc0003069 c0003054: ff 77 24 pushl 0x24(%edi) c0003057: ff 77 20 pushl 0x20(%edi) c000305a: 6a 48 push $0x48 c000305c: e8 1f 11 00 00 call 0xc0004180 c0003061: 83 c4 0c add $0xc,%esp c0003064: b8 48 00 00 00 mov $0x48,%eax c0003069: 0f 00 d0 lldt %ax |
/* * Load up the iomap offset for this thread in * preparation for setting it below. */ movl KPROCESS_IOPM_OFFSET(%edi), %eax /* * FIXME: Save debugging state. */ /* * FIXME: Save floating point state. */ |
c000306c: 8b 47 30 mov 0x30(%edi),%eax |
/* * Switch stacks */ movl 12(%ebp), %ebx movl %esp, KTHREAD_KERNEL_STACK(%ebx) movl 8(%ebp), %ebx movl KTHREAD_KERNEL_STACK(%ebx), %esp movl KTHREAD_STACK_LIMIT(%ebx), %edi |
c000306f: 8b 5d 0c mov 0xc(%ebp),%ebx c0003072: 89 63 28 mov %esp,0x28(%ebx) c0003075: 8b 5d 08 mov 0x8(%ebp),%ebx c0003078: 8b 63 28 mov 0x28(%ebx),%esp c000307b: 8b 7b 1c mov 0x1c(%ebx),%edi |
/* * Set the stack pointer in this processors TSS */ movl %fs:KPCR_TSS, %esi |
c000307e: 64 8b 35 3c 00 00 00 mov %fs:0x3c,%esi |
/* * Set current IOPM offset in the TSS */ movw %ax, KTSS_IOMAPBASE(%esi) movl KTHREAD_INITIAL_STACK(%ebx), %eax movl %eax, KTSS_ESP0(%esi) |
c0003085: 66 89 46 66 mov %ax,0x66(%esi) c0003089: 8b 43 18 mov 0x18(%ebx),%eax c000308c: 89 46 04 mov %eax,0x4(%esi) |
/* * Change the address space */ movl KTHREAD_APCSTATE_PROCESS(%ebx), %ebx movl KPROCESS_DIRECTORY_TABLE_BASE(%ebx), %eax movl %eax, %cr3 /* * FIXME: Restore floating point state */ /* * FIXME: Restore debugging state */ |
c000308f: 8b 5b 44 mov 0x44(%ebx),%ebx c0003092: 8b 43 18 mov 0x18(%ebx),%eax c0003095: 0f 22 d8 mov %eax,%cr3 |
/* * Exit the critical section */ sti push $_PiThreadLock call _KeReleaseSpinLockFromDpcLevel@4 cmpl $0, _PiNrThreadsAwaitingReaping je .L3 call _PiWakeupReaperThread@0 .L3: |
c0003098: fb sti c0003099: 68 00 95 0a c0 push $0xc00a9500 c000309e: e8 dd 8f 00 00 call 0xc000c080 c00030a3: 83 3d 5c 90 0a c0 00 cmpl $0x0,0xc00a905c c00030aa: 74 05 je 0xc00030b1 c00030ac: e8 1f 46 05 00 call 0xc00576d0 |
/* * Restore the saved register and exit */ popl %edi popl %esi popl %ebx popl %ebp ret |
c00030b1: 5f pop %edi c00030b2: 5e pop %esi c00030b3: 5b pop %ebx c00030b4: 5d pop %ebp c00030b5: c3 ret |