By their very nature, Free and Open Source Software (F/OSS) are particularly vulnerable to code theft. Virtually anybody can download a F/OSS project, compile it, and sell the opaque binaries without advertising its origins. So far, work on clone detection has mostly focused on source code only, but here we want to detect plagiarism by comparing open-source code (and/or a compiled version of it) against a suspicious binary executable file. In my talk, I will sketch how the VSDG, a SSA-implicit form, can help, and what problems remain to be addressed.