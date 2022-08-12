Some time ago we told you the story of Josh Wardle, the programmer who created the popular word game Wordle for his girlfriend and launched it as a website because he’s terrible at developing apps for Android. But Turns out Josh isn’t the only programmer in the family…or the only one making headlines..

Turns out his cousin Patrick Wardle, a former NSA and NASA employee, is also a macOS malware specialist. And his code is so good that, according to complaints, three software development companies copied it without permission for commercial useviolating the free software license under which he wrote it.

As he has exposed in a talk during the Black Hat security conference, these companies have made use of his code without attribution or remuneration. Cases like this are usually difficult to prove, because it is not ruled out that the parallelisms are only due to similar implementations attributable to mere chance.

This is a good example of the lack of protection to which many open source projects are subjected

Fortunately, Wardle, in addition to being a developer, he is also an expert in reverse engineeringso you can show that it is your code, and not another very similar one, that is used by the companies you denounce in your talk.

What did the three companies steal?

The code in question corresponds to OverSight, a software released by Wardle in 2016 in order to perform a function that there was no easy way to perform in a Mac environment: monitor and warn the user when an application tried to surreptitiously access the recording hardware equipment (microphone and webcam).

According to our protagonist, it is precisely the complexity of this task that forced him to use an unusual combination of analysis techniques that turned out to be quite unique. And therefore the logic behind it was quite recognizable.

Oversight was very useful not only to detect the presence of malware in macOS, but also to show that legitimate applications such as Shazam were always listening in the background.

So when he looked at the applications he was suspicious of and found that not only was the logic the same as OverSight’s, but the reproduced the errors in Ward’s original code.

He does not mention any of the three companies involved in his talk, for two reasons:

Suspected code theft was due to the initiative of individual programmersnot because it was something decided by the company. All companies reacted positively when the issue was brought to their attention, and they compensated either by paying him directly or by donating to the Objective-See Foundation (a non-profit entity that creates free security tools for macOS and was founded by Wardle himself).

