Editing ReactOS (section)

===Internal audit===
In order to avoid copyright prosecution, ReactOS had to be expressly completely distinct and non-[[derivative work|derivative]] from Windows, a goal that needed very careful work.<ref name="ExecutableCopyright">{{Cite web |last=Hancock |first=Terry |date=2008-08-29 |title=What if copyright didn't apply to binary executables? |url=https://freesoftwaremagazine.com/articles/what_if_copyright_didnt_apply_binary_executables/ |access-date=2020-11-01 |publisher=[[Free Software Magazine]] |language=en |quote=(…) ReactOS aims to run actual Windows binary executable programs.&emsp;This means that ReactOS must implement the entire Windows environment.&emsp;Functions must do exactly what their Windows counterparts would do.&emsp;In other words, like our notional parallel stew recipes, ReactOS and Windows should be functionally identical.&emsp;In order to avoid copyright prosecution, though, ReactOS must be expressly completely distinct and non-derivative from Windows.&emsp;This is a careful tightrope walk!&emsp;ReactOS is a free, clean room re-implemented drop-in replacement for Windows.&emsp;So, consider this, especially regarding extremely simple library calls:&ensp;''is it legal for ReactOS to produce identical binary code to Windows?''}}</ref> A claim was made on 17 January 2006 by developer Hartmut Birr on the ReactOS developers [[mailing list]] (ros-dev) that ReactOS contained code derived from [[disassembler|disassembling]] Microsoft Windows.<ref name="byebye">{{cite mailing list |last=Birr |first=Hartmut |title=Bye bye |mailing-list=ros-dev |date=2006-01-18 |url=https://marc.info/?l=ros-dev&m=118775346131642&w=2 |access-date=2009-01-03}}</ref> The code that Birr disputed involved the function BadStack in syscall.S,<ref>{{cite web |url=https://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/syscall.S?revision=20935&view=markup&pathrev=20935#l43 |title=BadStack in syscall.S |publisher=ReactOS |date=2006-01-17 |access-date=2018-08-04 |archive-url=https://web.archive.org/web/20170904111000/https://svn.reactos.org/svn/reactos/trunk/reactos/ntoskrnl/ke/i386/syscall.S?revision=20935&view=markup&pathrev=20935#l43 |archive-date=4 September 2017 |url-status=dead |df=dmy-all}}</ref> as well as other unspecified items.<ref>{{cite mailing list |first=Hartmut |last=Birr |url=http://marc.info/?l=ros-dev&m=118775346131646&w=2 |title=Bye bye |date=2006-01-18 |mailing-list=ros-dev |access-date=2009-11-16}}</ref> Comparing this function to disassembled binaries from [[Windows XP]], Birr argued that the BadStack function was simply [[Cut, copy, and paste|copy-pasted]] from Windows XP, given that they were identical. Alex Ionescu, the author of the code, asserted that while the Windows XP binary in question was indeed disassembled and studied, the code was not merely copy-pasted, but reimplemented; the reason why the functions were identical, Ionescu claimed, was because there was only one possible way to implement the function.<ref>{{cite mailing list |last=Ionescu |first=Alex |title=Bye bye |mailing-list=ros-dev |date=2006-01-18 |url=https://marc.info/?l=ros-dev&m=118775346131654&w=2 |access-date=2009-11-16}}</ref>

On 27 January 2006, the developers responsible for maintaining the ReactOS code repository disabled access after a meeting was held to discuss the allegations. When approached by [[Geeknet|NewsForge]], Microsoft declined to comment on the incident. Since ReactOS is a [[free and open-source software]] development project, the claim triggered a negative reaction from the [[Free software movement|free software community]]: in particular, Wine barred several inactive developers from providing contributions{{Citation needed|date=August 2018}}<!-- wrong citation:<ref>{{cite web |url=http://www.winehq.org/interview/14 |title=Interview with Steven Edwards |access-date=2013-06-23 |first=Brian |last=Vincent |publisher=winehq.com |date=2004-05-25 |quote=''BV: You guys have certainly contributed a lot of your work back to Wine, including some of the utilities you've written. For instance, the task manager was recently ported from ReactOS.''}}</ref> --> and formal high level cooperation between the two projects remained difficult {{As of|2006|lc=y}}.<ref name=suspend>{{cite web |url=https://www.linux.com/news/reactos-suspends-development-source-code-review/ |first=Stephen |last=Feller |title=ReactOS suspends development for source code review |publisher=[[Linux.com]] |date=2006-02-01 |access-date=2009-12-10}}</ref>

In a statement on its website, ReactOS cited differing legal definitions of what constitutes [[Chinese wall#Reverse engineering|clean-room reverse engineering]] as a cause for the conflict.<ref>[https://www.reactos.org/reset-reboot-restart-legal-issues-and-long-road-03 Reset, Reboot, Restart, legal issues and the long road to 0.3] on reactos.org by Steven Edwards (27 January 2006)</ref> To avoid potential litigation, companies sometimes enact a policy where reimplementation based on disassembled code must be written by someone other than the person having disassembled and examined the original code.<ref name="cleanroom">{{cite web |last=Schwartz |first=Mathew |date=2001-11-12 |title=Reverse-Engineering |url=https://www.computerworld.com/s/article/65532/Reverse_Engineering?pageNumber=1 |access-date=2013-06-23 |publisher=[[Computerworld]].com |quote=''To protect against charges of having simply (and illegally) copied IBM's BIOS, Phoenix reverse-engineered it using what's called a "clean room," or "Chinese wall", approach. First, a team of engineers studied the IBM BIOS&nbsp;— about 8KB of code&nbsp;— and described everything it did as completely as possible without using or referencing any actual code. Then Phoenix brought in a second team of programmers who had no prior knowledge of the IBM BIOS and had never seen its code. Working only from the first team's functional specifications, the second team wrote a new BIOS that operated as specified.''}}</ref><ref>{{cite web |last=Hogle |first=Sean |date=2008-10-23 |title=Clean Room Defeats Software Infringement Claim in US Federal Court |url=https://hoviblog.blogspot.de/2008/10/clean-room-defeats-software.html |access-date=2013-05-23 |quote=[...] dirty room reverse engineering should be done in conjunction with clean room development by using two physically and electronically isolated teams where one team does dirty room reverse engineering and the other does clean room development. If a dirty room team exists, the clean room engineers can write a description of the portion of the specification that needs elaboration or clarification. The dirty room engineers then use that request to create additional functional specifications or tests.}}</ref> ReactOS clarified its Intellectual Property Policy Statement requirements on clean room reverse engineering to avoid potential infringement of United States law. An internal source code [[audit]] was conducted to ensure that only clean room reverse engineering was used, and all developers were made to sign an agreement committing them to comply with the project's policies on reverse engineering.<ref name=suspend /> Contributors to its development were not affected by these events and all access to the software development tools was restored shortly afterward. In September 2007, with the audit nearing completion, the audit status was removed from the ReactOS homepage. Though the audit was completed, specific details were not made public, as it was only an internal effort to ensure compliance with the project's own policies.<ref name=audit>{{cite mailing list |first=Aleksey |last=Bragin |url=http://marc.info/?l=ros-dev&m=119018479822866&w=2 |title=Audit |mailing-list=ros-dev |date=2007-09-18 |access-date=2009-01-03}}</ref>

Also, the 2004 [[Internet leak#Source code leaks|leaked]] Windows source code<ref>{{cite web |last=Evers |first=Joris |date=12 February 2004 |title=Windows Code May Be Stolen |url=https://www.pcworld.com/article/114771/article.html |url-status=dead |archive-url=https://web.archive.org/web/20130731034443/http://www.pcworld.com/article/114771/article.html |archive-date=31 July 2013 |access-date=20 November 2021 |publisher=[[PC World]]}}</ref> was not seen as legal risk for ReactOS, as the [[trade secret]] was considered indefensible in court due to broad spread.<ref name=tradesecret>[https://www.reactos.org/reset-reboot-restart-legal-issues-and-long-road-03 Reset, Reboot, Restart, legal issues and the long road to 0.3] "''Now as for the issue of leaked source code, I want to try to put all fears to rest. We don't know what the legal ramifications are for someone downloading and having leaked code, as the party that maintains copyright ownership of that code might still try to claim Trade Secrecy on information contained in the sources in a court of law. It is our point of view that the source code leaks of Windows have been spread to a broad enough audience that it would be impossible to claim the product is still under Trade Secrecy.''" on reactos.org by Steven Edwards (27 January 2006)</ref>

Axel Rietschin, who is a kernel engineer at Microsoft, claimed that he recognized some specific bits in the ReactOS kernel that are unlikely to result from a clean room reimplementation. He suggests that the project took source code from the Windows Research Kernel, which was licensed to universities and has been leaked multiple times. Internal data structures and variable names have the exact same name in both ReactOS and the research kernel.<ref>{{cite web |last1=Anderson |first1=Tim |title=ReactOS 'a ripoff of the Windows Research Kernel', claims Microsoft kernel engineer |url=https://www.theregister.com/2019/07/03/reactos_windows_research_kernel_claim/ |date=3 Jul 2019 |website=[[The Register]] |language=en}}</ref>