Slashdot Mirror
SCO Claims Kernel Contains UnixWare Code
ergo98 writes "SCO has increased the intensity of the lawsuit with IBM by claiming to hold indisputable proof that copyrighted UnixWare code found its way into Linux, violating the rules of both camps. Whether this is true or not remains to be seen: SCO refuses to divulge the code in question, however they promise to reveal it in court shortly."
As already stated on LKML here, it's far more likely that they saw something that had been stolen from Linux or other GNU code in SCO, and thought is was the other way around.
It also isn't clear if SCO is referring specifically to Redhat userland, redhat kernel patches or what. It's only clear that they don't mean specifically the Linux kernal as found on kernel.org.
-If you wish to make a complaint, press 1. If you wish to wish upon a star, makes no difference who you are, press -- what else? -- the star key.
Compared to war, all other forms of human endeavor shrink to insignificance. God, how I love it. - Gen. George Patton
Can they build code to be added to the OS without keeping it protected by the GPL?
If they want to have that info as evidence then they have to provide Big Blue's lawyers with the goods BEFORE the trial or it'll be inadmisssable.
I went to battle MC Escher but drew a blank
If in case SCO clamis are true... would the linux kernel itself, as it stand become non-gpl'ed? After all if some GPL code makes its way its something else... its is GPLed... seems kinda fair to me.
Why are we wasting valuable time? Couldn't this time be better spent innovating? If Microsoft gets wind of this method of screwing opensource, there will be no more innovation.
Come on, everyone knows SCO is no longer innovating, but rather using lawyers to gain revenue... This reminds me of another company, Research in motion, recently renamed to Lawsuits in motion, as they no longer create new products, they just sue people for copying their generic designs...
I'll be real interested to find out what code IBM stole. Look! They push their stack parameters the same way during a task switch!!! OMG!
---
Programming is like sex... Make one mistake and support it the rest of your life.
And if you ask alot of former SCO employees, there are many rumors of Linux code in the SCO kernel!
So, it's a fair trade!
"Can of worms? The can is open... the worms are everywhere."
Wouldn't it be interesting if someone managed to slip in copyrighted code intentionally, with the knowledge that it would eventually be found -- causing quite a bit of damage to the Linux movement...
Adjust your tinfoil hat, people.
You know, if everything he says is actually true, there must be lots of copyright violations in commercial software too; the only difference is that we can't see the code to prove they are there.
In this article, they clearly refer to the kernel: "We're finding...cases where there is line-by-line code in the Linux kernel that is matching up to our UnixWare code," McBride said in an interview" How do they possibly expect to win a lawsuit when they can't even agree amongst themselves about where the UnixWare code appears in GNU/Linux? And what the hell is "the periphery of the Linux kernel"? Modutils? Fileutils? Util-linux?
The real "Libtards" are the Libertarians!
This seems quite reminiscent of the USL v. U.C. Regents case over the BSD release. USL maintained that the BSD code was tainted, but never cited any specific lines of code. USL decided to settle after the U.C. regents pointed out that USL was in violation of the license terms for the BSD code they were using in System V. At that point, USL probably realized that U.C. could force them to withdraw System V from the market and recall all existing copies in order to strip out the BSD code. Anyhow, as part of the settlement, CSRG did remove a few files that were said to be tainted, but since USL didn't indicate which files to remove, CSRG picked out a few of the files that were crufty and in need of replacement anyhow, and removed those.
Does anyone remember the letter that SCO sent out to customers back in the late 1990s, suggesting that customers would be better off with a professionally written and maintained operating system, rather than an amateur effort by a few hackers? It has a lot of other ridiculous comparisons like that. Someone (ESR?) wrote a parody letter refuting every one of their points.
I used to have the two letters posted outside my cube at a previous place of employment. I just tried to find them using Google, but I must not be using the right search terms.
This means that they have unclean hands, as they are supposed to try and mitigate the damage in order to receive compensation.
You can't knowlingly add to the damage and then ask for compensation incl Punitive damages based on same.
Any suit against Linux vendor in the future can site this as an Affirmative Defense" and pretty much get the suit tossed on that account alone.
Help fight continental drift.
Show me one that isnt.
Linux is a "free" unix. Gnome/KDE are "free" desktops. MySQL is a "free" relational database. Open Office is a "free" office suite. All are clones of existing, proprietary code.
And there are many contributing authors who either dont care about IP, whether out of their own beliefs, or maybe they're in a country that doesnt respect it. Or maybe they just dont understand or are ignorant of existing patents or copyrights.
This "our shit dont stink" attitude in the OSS world will be it's biggest obstacle in the years to come.
I think RH, UnitedLinux(minus SCO, of course), any other commercialized distro, and Linus should sue SCO when they make claims that Linux source code is contaminated with their intellectual property.
This is a blatant attempt to scare potential customers of the distros, and/or impugns the reputations of the distros and Linus.
Even if SCO decides to settle with IBM (i.e. get bought out or bribed), they have opened themselves up to a case of libel, unless they can back it up with examples and proof. Their CEO alluded to exact code duplication and semi-obfuscted replicas of code.
Ok, np, show the code in question, and then we'll check some verifiable (repeat VERIFIABLE) code submittal logs of Linux and SCO. If by some miracle their logs, show an earlier submission...then the lkml community would probably yank the code immediately, and probably improve on it just to make a point.
Second of all, by not coughing up the examples, there might be a case for "failure to mitigate damages". Basic speak for "You cant say I did something to hurt you, wait forever, then tell me what I did wrong to wrack up increased "economic damages", when you could have told me sooner, and I would have cleaned up the issue and reduced your potential losses further.
(IANAL^2)
Let's assume for the moment that some IBM engineer took some code from SCO and added it to Linux. What is the consequence for the Linux kernel and other distros who did not intend to violate their copyright? I'm assuming that the GPL would cause all the legal liability to fall on the shoulders of the people who added the code, but then somebody still has to go and scour that code out of the kernel right?
This is messy, but then it gets even worse when you consider the notion of code forks, etc. What if Linus removes it, but for whatever reason a fork over at SUSE doesn't get removed? What if they don't bother, can SCO get a court order to force removal?
This sig has been temporarily disconnected or is no longer in service
They did sue Microsoft. And settled for an undisclosed ammount (probably in the $500M range).
LedgerSMB: Open source Accounting/ERP
Depends if you're talking about GUI apps and desktops, if so then I would agree there are many clones.
If you're talking command line and server apps then I disagree.
Apache isn't a clone of IIS.
MySQL isn't a clone of Oracle, SQL Server.
Sendmail isn't a clone of Exchange server.
OpenOffice is and isn't a clone of MS Office, it provides similar features but uses XML for its file format, something that Microsoft have chickened out of using.
Anyway, you can run things like GIMP on Windows if you want. Without Linux and the Open Source community there would be very few decent free apps for Windows.
Actually it is Muhammed Saeed al-Sahaf. Tariq Aziz was the deputy prime minister. Both were mouthpieces for Saddam's politcal machine, but Muhammed is much more fun to listen to. Check out all his quotes on the above website.
If I recall correctly, companies must make an effort to minimize their damages under all circumstances if they want to be able to collect compensation for damages. For instance, if I am IBM, and my supplier of screws never delivers me my shipment of screws for my mainframes, I am responsible to find another supplier. I can't wait a year and not ship any mainframes and then try to collect damages of Billions of dollars of lost revenue. Such a claim would be absurd since I didn't do anything to minimize my damages.
Isn't this true for SCO? They were supplying source code to companies like IBM. Apparently, according to their claim, they were also losing great amounts of revenue to Linux due to the unauthorized use of this code in Linux. It seems like they could have minimized the damage by doing a "diff" command between the Linux sourcecode (which was always available) and their own code and found out immediately that there was tainted code in there.
By being open source, it seems that Linux should be the most compliant OS out their because anyone with such claims as SCO should immediately be able to check the source. For them to wait this long to check (as they are losing over a BILLION dollars) seems to be a gross incompetence of SCO management. What else could contributors to Linux do to ensure the compliance of Linux wihout access to SCO's code? It seems that by being open source, the community has already done everything in its power to comply to IP law. SCO losses are a result of its failure to do its own part ($diff file1 file2).
Besides, the fall of SCO did not happen overnight, why must IBM take disproportionate responsbility (assuming they are at fault, which is unsubstantiated at this time) for what appears to be very poor efforts on the part SCO to protect their own IP (especially since they are also a Linux distr.!!!).
Also, if I were an investor I would be very upset. SCO has basically changed their business model without proper disclosure to the SEC. It is pretty well known that after they made their claim, it would be impossible for them to continue as a software company. Yet they seem to be continuing to waste money on new releases of Linux products that nobody will buy. What is the logic of releasing products for an OS that you are trying to slow the development of? What kind of business strategy is that?
Finally, the fact of SCO is a Linux distro is really ironic.
I mean, if even they are openly distributing their own IP through Linux under the GPL, what right to they have to sue other companies for doing the same!? If they couldn't even ensure that they were not dilluting their own IP themselves (with a simple "diff" command), how can they require other entities to do so?
I really believe that SCO has not put enough thought behind this and some of upper management is going to be directly liable to the stock holders for some blatant acts of poor judgement.
Sdelat' Ameriku velikoy Snova!
[Clarification: I am posting it at the danger of being attacked, but my puny brain cannot comprehend it as it is. Please help.]
If their code is secret, it means they could put whatever they want in there now and claim that it was there from the very beginning. Who knows when that particular piece of code was placed there. 20 years ago? Yesterday? Or just before they go to court to present the evidence?
I am not saying that they are lying, but how can one be sure. If there are ways to make sure that it is, please enlighten us.
Thank you.
GrimReality
2003-05-02 20:25:51 UTC (2003-05-02 16:25:51 EDT)
"The Linux community would have me publish it now, (so they can have it) laundered by the time we can get to a court hearing. That's not the way we're going to go."
Now, admitting that anything is possible, I must ask, is McBride insane? Here is how to "clean" the code out of the Linux kernel:
Step 1: Log into kernel.org.
Step 2: Remove or patch the offending code in every version of the kernel ever posted to that site.
Step 3: Run complete tests on every patched kernel to make sure it builds and runs on all supported architectures.
Step 4: Contact RedHat, SCO (Caldera), IBM, debian.org, Suse, Slackware, and anyone who has ever distributed a Linux kernel and have them do the same.
Step 5: Contact every Linux user in the world and have them patch their kernels.
Laundering, indeed. I predict that this evidence will turn out to be shit.
Did anyone notice the stock charts at the bottom of the article?? SCO down, with IBM, Red Hat and Microsoft all up.
The market knows which way this is going to go.
I still haven't seen any evidence of WMDs, have you?
Pestisides do not count.
This allegation really underscores a primary issue of closed source software - it's not out for public review, and hence, it would be VERY difficult to validate these claims. For all we know, SCO's code is a rip-off of Linux or some prior open-source code that Linux was a beneficiary of. SCO never published their source and there's nothing outside of SCO (or maybe IBM, if there was some kind of agreement) to validate the claims. The trouble is, we can trust neither of those parties to present untainted copies of the relevant code as both could have altered timestamps or copied in code. There's also the fact that some processes in software can just really be done in one optimum way.
This is a good reason software should not be considered "published", hence copyrightable, unless the source code exists in some human-readable means in some organization outside of the "software publisher" (who truly publishes nothing), a place the courts could seriously look at as proof of the existance.
A way that might serve as a valid stopgap would be the generation of an MD5 hash of each source file and submitting that to some trusted agency (Library of congress?) for another digital signature and timestamp to be added, proving the date of creation to some legal standard so that these allegations could be backed with proof. We'd know the plaintext was validly signed by the LOC and that it existed at the time alleged to.
I find this statement has more merit than anything from SCO. Corporate driven programming is much different from Open Source. With OSS, there's really no pressure to get stuff done and out the door, or at least far less than in the corporate world. This idea is based on Linus's many comments about when such and such release will be shipped : "when it's done".
Now contrast that with UnixWare version whatever, with a crackpot like McBride at the helm whipping up the team to get the code out the door. You can imagine the chaos: see the Mythical Man Month about OS/360, and I believe there's a book about Dave Cutler's team at M$. This is not Extreme Programming, it's the death march.
To conclude, which programmer is more likely to grab some peice of code that just works?
Here's another point: From my experience, OSS code is revised and rewritten constantly. Look at Ingo's work with the scheduler, or the recent work by several folks on the VM. Or Apache Xerces (XML4J). I've been using that for a few years, since it had jp (originally written by some IBMers at one of IBM's Japan labs I think), and that has been rewritten from scratch at least once. One last example - Mozilla was rewritten entirely, sidelining it for several years. That was a questionable move, but I say they did a good job - Mozilla is awesome.
Again contrast that with corporate software - how often do you rewrite working code from scratch? You do if business rules change, but I'd argue that with corporate software (think COBOL) it's more if it ain't broke don't fix it. Case in point: at the organization I work at, we have a database (well, more of a filesystem) written in assembler that is basically 25 year old code. Why? It works, it is very fast, it runs mission-critical systems, and it's very hard to modify, let alone maintain it. (Yes it is being replaced, so they say).
So, Unix code in Linux, copied line by line? Doubtful, I side with Perens.
To conclude, Perens has a good point. But as can be seen by the Sun/Netscape vs. Microsoft lawsuit, anything can happen in the courts. They'll have fun figuring out the "obfuscated" code.
Way back in the day (1999?), slashdot ran one of its most successful april fools stories. It was an ask slashdot:
/. was biased, blah blah blah.
/.'s find feature and google to no avail.
Since MS Windows is closed source, isn't it possible that there's GPL code in there that they're using illegally? What should we do about this?
Of course, everyone responded that the questioner was an idiot,
Maybe SCO didn't get the joke either. Can anyone find a link to that article? I tried
There are no trails. There are no trees out here.
I wish SCO would just go ahead and announce what parts of the Linux kernel have their code so that we can get started on replacing it with something that works.
:P
What are they waiting for.... a bug-finder's fee?
from a great article http://www.corante.com/openmind/20030501.shtml "Finally, there's another gotcha as far as this suit goes. SCO is claiming that IBM, Red Hat and SuSE are somehow violating SCO's IP with code that they're shipping with their Linux offerings. If this is true, is SCO shipping it as well? Under the terms of the GNU General Public License, even if IBM and the rest are shipping stuff wrongly (which, again, I very strongly doubt), once it makes it out the door in SCO's Linux offerings as GPL'ed code then the company as the legitimate copyright holder (if they are) has given carte blanche to the rest of the world to use that code. From the GPL, section 6: Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. It would seem to me that one quick way to debunk SCO's claims would be to examine the source from SCO Linux and the source from what IBM is shipping. If, in fact, there are no significant differences (and I suspect there are not) then SCO has no leg to stand on. "
You remind me, does anyone know of a website with Ari Fliescher's quotes?
But I took it in a different direction. This would not just be a libel suit involving just Linus or the distromakers, this is defamation/libel of an entire community of developers. Thus a multi-plaintiff suit, or perhaps even a class-action suit might be more worthwhile. Second, my understanding of libel torts is that you while have to even prove intent to mislead/lie/etc, blatent negligence to the facts of your assertions can constitute this intent. If IBM isn't going to counter-sue, WE SHOULD.
...and IN SOVIET RUSSIA, beowulf clusters imagine 1, 2, 3 profit!!!! jokes made out of YOU!!!
I don't disagree with the accuracy of what you're saying.
If what you are saying is that you "can't undo" a piece of code that has been "GPL'd" by an unauthorized third party, your disagreement is not pertinent, because you'd simply be mistaken. A broad, but very powerful principle of law basically says that, sans authorization, no third party can create a contract between two parties.
In court, an offender may be able to testify that they had every reason to believe that their possession of some copyrighted item was lawful. Such a claim might even hold up, assuming, of course, they *CEASED* violation of copyright upon being informed of the unlawful possession. If not, then the interim would most likely be actionable.
Note that I know nothing about what was going on at SCO, whether or not it is right or wrong, or any of that. I'm *only* commenting on the asserted irreversability of GPL'ing something, which is not at all irreversible by any stretch of the imagination.
C//