Slashdot Mirror
Do You Know UNIX Secrets?
ESR writes "You can help stop the SCO attack on IBM and the Linux community.
I'm looking for ways to prove that Unix trade secrets have been legally
nullified.
I want to know if you have ever had read access to proprietary Unix
source code (not just binaries and documentation) under circumstances
where either no non-disclosure agreement was required or whatever
non-disclosure agreement you had was not enforced. To help out, see my No Secrets page."
This is the book which shows the roots of Unix: Lion's Commentary on UNIX 6th Ed. with source code
When Sun gave away Solaris source code way back...did that maybe justify the cause?
-psy
The "who" might be IBM. According to an article on The Inquirer, he might be employed by IBM:
http://www.theinquirer.net/?article=9536
I also think that this might be the fastest way to win the case. Even while SCO's claims are ridiculous, they can pile up thousands of lines of code they would consider 'stolen' - answering those allegiations one by one can lead to a possibly endless debate (especially with their 'obsfucating to make it look like it wasn't stolen' line argument). What ESR does is to cut the roots of the problem.
It the difference between showing a signed petition with thousands of signatures, vs citing a poll that X% of the constituents is for or against somethng.
To run for office you need signed patitions not just a few pollsters saying you are popular.
Help fight continental drift.
The issue was contamination. If you had ever had access to the source, your work was potentially contaminated.
In the early-mid-late 80's, this was a very big deal (and partly why RMS is such a visionary). Even if it is hard to imagine in these daze of Linux..
If the claim is that the system needs to be stricken of all SCO *owned* code. Isn't the first argument: What code do you really own, what happened in the AT&T Case (open the court files) show us what needs to be changed BEFORE a lawsuit ever took place.
The technical community is VERY good at solving these sorts of problems. Even if we are talking 6-18 months time to rewrite all the sources they are claiming are in violation. That's much shorter than this court case with IBM is going to be.
Besides, even if they are not *really* in violation. And there are claims for both sides, if they were re-written, SCO loses their lawyer money, and we can go back to ragging on M$-Wintel-DMCA and the US court system.
Here
During the times I was involved with actual Unix source code (mid 1970's to mid 1980's) for three different employers (UCLA, SDC, Tektronix) there was nothing similar to a nda. The school or company just agreed to not give source code access to non-"employees", and "employees" agreed not to give access to others who hadn't agreed to the Bell license.
Within those terms, there was a lot of access. At the yearly conferences (which later became USENIX) there was a typically conference distribution tape. That tape was a mixture of "new" things, and modifications to the Unix kernel or Unix commands. To assure that everybody was "licensed", when you first became a member you submitted a copy of the signature page of the license.
During that time we went from V6 Unix, PWB Unix, V7 Unix, to 2BSD (pdp11) and 4BSD (vax).
Sharing went both ways of course. A number of changes/new cmds from other groups became part of the Official Bell release.
That sharing was a factor in the settlement of the USL vs UCBerkeley lawsuit, that ended in the free availability of the 386bsd work.
I was at Bell Labs for almost three years in the early 1980's, moving over to AT&T Information Systems after the court ordered breakup of AT&T in 1984 or so.
They were pretty laid back then; I may have signed an NDA but I certainly don't recall it. I do recall the usual W4 and Insurance BS but an NDA doesn't stick out.
And yes, I had almost full access to the source tree. IIRC, only some arcane kernel stuff wasn't available, being crafted in assembly. But given the corporate culture I have no doubt it was somehow accessable, but because it was processor / architecture specific, I never bothered looking for it. Plenty of stuff to look at and learn from at higher levels.
Source code was available to any member of technical staff and since it was my second job out of Uni I had a ball. I even dl'ed some source to my Osborne I so I could read it at my lesiure.
In fact I didn't realise how special it was at the time to have access to Unix source code until maybe five years later when I'd moved over to Wall Street.
The Street was ramping up sharply on tech in those days, and Unix (think Sun, NeXt and SGI workstations) was the only game in town since PCs were still pretty underpowered.
I remember someone asking me a question, and I told him to "grep for it". He looked at me cryptically, and then it hit me.
No way to grep Dude - they's binary distributions.
A message from our sponsor
Derivative works of public domain works are still elligible for copyright protection. West Side Story was a derivative work of Romeo and Julliet, does that make it any less copyright-able? What about the new translations of older books (Beowulf, etc.)?
Problem #1: Just because it wasn't enforced at one time, doesn't mean the NDA is null and void
No, it doesn't. But if you can prove that the Unix-company in charge of those NDAs actually did not protect their trade secrets, that is very nice. If they released it into the public by neglect of their own NDA, they are at fault. Now if the signer of that NDA did anything wrong (regardless of sloppy enforcement or not), that would be another matter...
Problem #2: Disproving "trade secret" status is pointless(not to mention, unlikely to happen). It's still copyright SOMEONE ELSE, and YOU CAN'T USE IT unless they let you!
No, but you can write your own implementation of anything copyrighted (it's not a patent), something you could not legally do with a trade secret you have knowledge of. Now if SCO is claiming that IBM went copy-paste, you would be right. But last I heard they were throwing around FUD like "stealing ideas from proprietary SCO code and incorporating into Linux". To gather all information that was, is and has been publicly available, you show that there was in fact not a trade secret and so, nothing could have been stolen.
Problem #3: It's been said time+time again, there is no proprietary code that belongs to SCO in the Linux kernel.
So you say. SCO says otherwise. Which is why we're going to court, isn't it? Where the hell do you get the divine knowledge to know that noone anywhere ever fell for the temptation to copy-paste a little? Oh, right you've been listening to 10,000 posts to slashdot on how that *can't* be the case. Nevermind...
By the way, why are people wasting time "helping" IBM? (...) and with legal "help" like this, who needs SCO? Dispute the claims intelligently, boycott SCO, whatever- just leave the legal arguments to the lawyers, or you just might end up helping SCO...and IBM won't be the only loser if that happens.
SCO has threatened to sue Everybody(tm) right down to your favorite Linux distro, and if you're a Linux user, you too. If you want to pretend IBM is the only one that could get hurt here, think again. The SCO execs and lawyers are going "Damn. They're calling our bluff. Again. Better send out a troll to slashdot to keep them from counting the cards."
Kjella
Live today, because you never know what tomorrow brings
The point is that if we knock out the possibility of a cogent trade secret argument being made against IBM/Linux, that forces SCO to prove copyright infringement and make a case around that. We don't think they can, because they refuse to explain where it happened and because there's really no evidence that anybody needed to copy lines of code from SCO to make Linux work. The fear is that they might try to swerve this into a trade secret violation case, which would make it easier to cast doubt over the IP heritage of Linux, because to make a logical argument they would only need to show that 1) Somebody at IBM who worked on AIX was subject to NDA with SCO, 2) Said person worked with people who contributed code to parts of Linux that gave it features it didn't previously have, and 3) Said features constituted the use of "trade secret" material from SCO/UnixWare.
Note that the vagueness of SCOs claims make this a rather founded fear IMO, since they keep mentioning "IP violations" more often than they specifically have mentioned copyright violations, though they have also mentioned those.
1) What is UNIX anyway? I thought it was trademarked by the open group, and a set of standards. If this is the case then can't ANYONE create their own UNIX, that abide by those standards?
2) X does not make up UNIX does it? I did not think the GNU tools did either, nor gcc. So this leaves out the GUI and anything attached to it. It also leaves out the 'UNIX-like' commands. So what is left? The kernel.
What parts or parts of the kernel does SCO think Linux is infringing? should be the first question. Then the second is where is the proof?
The same thing happened with BSD - USL/ATT/Novell years ago.
SCO's president and 85% shareholder is playing a dangerous game of winner takes all! His company is worth about the same price as a roll of toilet paper, and he knows it. It is going down. If he wins, and Linux is proved to be infringing, it may not be a case of just rewrite parts of the kernel, it may be a case of move all the drivers to the GNU Hurd or something. If he looses UNIX then may become an open standard that SCO losses all their license to. If IBM pays up then they are admitting that SCO is right and could loose AIX and SCO could get AIX AND Linux.
He has nothing to loose. I think the end result could be that people say screw UNIX like apple did and move to BSD.
Only 'flamers' flame!
Does slashdot hate my posts?
I just sent a note to Fred Cohen about this
I didn't realize I worked with such bigshots
I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
I'm not sure what you're trying to do here, and I'm even less sure that you can necessarily help IBM. Even if you're successful in finding some people who had 'unrestricted' access to SCO's so-called trade secrets, this may not be dispositive of SCO's claims against IBM. Reason: IBM may have agreed (i.e., promised) to treat certain matter as trade secret matter pursuant to some contract that it entered into with SCO (or its predecessor, etc.). In such case, if IBM failed to respect the confidential nature of the matter, SCO may still have claims against IBM irrespective of the prior disclosure of the matter to third parties. (This all would depend on said contract.) Of course, such a thing would be IBM's problem (not the OSS community at large). (Nothing in this comment is intended to support or validate any of SCO's positions, claims or FUD; on the contrary, I say that SCO has nothing and is nothing.) Linux Wins!
If you let us look at your stuff for free, and don't persecute us if we tell others about it, we will turn around and stab you in the back to get all your stuff turned into the public domain.
Yeah, I bet he will be the first to complain when YAMC [Yet another massive corporation] locks down their IP rights on ,
Not Meta-modding due to apathy.
And just because someone inserts some term into a contract doesn't mean it's legally binding. In many jurisdictions you cannot, for example, sign away your basic human rights, nor can you agree to do something which is illegal. Those parts of the contract will be null and void. A clause stating that "lack of enforcement does not nullify this agreement" may itself be nullified if the law unequivocally says that lack of enforcement nullifies this sort of agreement, no ifs, ands, or buts.
That depends on what the basis of SCO's lawsuit is. Have you read the plaintiff's claim in full? Do you know for sure that they're not suing on the basis of breach of trade secrets and not just copyright alone? Proving that SCO's source code is no longer secret may well prevent them from using that line of attack, to which they may very well resort (if they haven't already) if a simple breach of copyright can't be proven.
Popular though that opinion may be among the Slashdot crowd, I'm sorry to say that it counts for absolutely nothing. The only thing that matters is what the judge and/or jury thinks of the evidence that will be presented at court. Remember that your average judge and jury knows absolutely nothing about writing computer code and open source software licences. A lazy or inadequately-prepared defence may lead the judge to conclude in the legal universe things which aren't necessarily true in the everyday-life universe, including and not limited to a ruling that the GPL is completely unenforceable. This might not help out SCO very much, though needless to say it would have interesting implications for the Free Software community.
Learn the alphabet, boy. ESR != IBM. SCO's lawyers will be thinking no such thing, but even if they do, it really doesn't matter (see above).
Well, I suppose I should have mentioned that I did not in any way have legitimate access to the /src files - I was not in an area that was associated with computers other than as end-users.
...
The files were just open to read - to anyone who happened to log on to the system, be they computer guru, engineer, marketeer or clerk - or even the temp employees we hired for fill-in.
Even though UNIX was originally from Bell Labs, and the other Bell System companies had also been subsidiaries of AT&T, this was well after divestiture (JAN84), and the code that was accessible was Amdahl's version of System V, not BTL's. When I was actually at BTL, I did NOT have access to source
My confidentiality agreements dealt with customer and telco plant information.
As to whether this applies only to the Intel stuff by Novell or not won't really be known until SCO releases what "stuff" they are talking about.
--
Tomas
Heh.
For some bizarre reason I went looking through my "freaks" list--the list of people who have marked me as foes. Most of them, I found, were people that I'd have disagreements with online but fundamentally and philosophically agreed with.
You are one such poster. I can't remember what we got on opposite ends over at some point, but nearly every time I see your posts, I agree with them. This is one such case.
ESR has done many things within the open source community, but every time he pokes his nose into the real world, he comes off sounding like a juvenile, immature, and clueless fanatic. This is a legal case, requiring legally acceptable evidence, obtained in proper ways. Asking an anonymous community of geeks is about as far removed from reality as one might get. No one--NO ONE--is going to seriously examine another Raymond Rant.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
I'll begin with a question....
Is ESR your wife, shrink, attorney, or priest?
(I think that covers all the exemptions from being compelled to testify) If the answer is "no" on all accounts, don't talk to him. He can in no way guarantee that you won't be compelled to testify at trial, or that you, yourself, will be safe from prosecution. This is just doing discovery for SCO's attorneys, pointing out individuals with names of people who could have tainted the Linux source. I'm of the opinion that they have absolutely no proof of this, why assist them in finding it?
I understand the community wants to do something here. There is, however, little we can do to help, other than keep our mouths shut. Want to help? Convert an AIX or SCO Unix machine to Linux. We don't want to show support for SCO in any way.
Then let the folks who sign their correspondance "Esquire" figure this out.
Once it is known what line(s) of code are involved, then it's a matter of tracing back to who wrote it or contributed it. Testimony by the author may help. Proof of release dates may help. There are ways once the specifics are known. SCO is trying to prevent anyone from having time to research this by hiding facts until they actually have to show them during the legal proceedings.
And if in fact it turns out to be genuine SCO code that got in there, somehow, it should be possible to figure out the path it came from. The code would be removed and the kernel developers could cite where it came from. Maybe someone would get in trouble, depending. But until specifics are known, no serious action can be taken. If it's userland code, then it's a matter of that project author or team to work with.
If it's SysV init script code, at least my servers are safe because I already got rid of that :-)
now we need to go OSS in diesel cars
BUT IN 1994 Novell who then fully owned UnixWare...From the Usenet Archives
Did Novell, who at that time owned the Unixware source, put some of the code into GPL'ed Linux to remain compatable with UNIX binaries?Time to dig up those old copies of Byte and PC Weekly.
It makes the Copyright statement from the terminfo file that ESR maintains seem oddly prescient. The statement is accessible on my RH8 system with (2nd line, last paragraph).
What's next? I predict Microsoft will sue Sun for Copyright infringement of
available online at the University of Houston - Universty Park at least in the years 1988-1989 without any sort of signed non-disclosure by students, faculty, etc....
Actually, I'm sure his lawyer-type wife (as well as any other lawyer or person versed in trade secret law) can tell you why he's doing it. You see, there's this little precedent set in regards to trade secrets. If they've failed to enforce their NDA before, then they might not be able to make a claim against someone else who didn't uphold it.
I learned this when I left an employer and they realized I had worked there for ohhhhhh... about 3 years without signing their non-compete (duh!). The only thing they could sick a lawyer on me for was to protect their precious "trade secrets".
Their trade secrets were the following:
1) Their "best practices" methods of engineering, installing, and maintaining networks. Luckily, TCP/IP networking is pretty much common knowledge. The "best practices" are easily attainable from the Cisco and Microsoft websites (I helped them compile their best practices from those two websites). No way they could be considered a trade secret. This is analogous to the SCO fraudulent case as follows: They claim that the Linux OS couldn't have advanced without the inside knowledge attainable only from the UNIX source code. Unfortunately for SCO, if the "Enterprise kernel features HOWTO" is out there somewhere, SCO is screwed on this point.
2) Their special configuration and wiring of a modem to be used for a special out-of-band management device. Unfortunately, they had released the information to one of our suppliers. The supplier, in turn, posted it on their website. Doh! In the trade secret world, if one person can take a bit of information public, you can't make another person _not_ take it public. For example, BSD code is public, so they can't attack IBM for releasing a version of the same code. They tried to and LOST the case against BSD years ago. No enforcement against BSD == no enforcement against IBM.
3) Their last "trade secret" was supposedly their customer list. This one stumped me at first, because I (obviously) had knowledge about their customers. I knew who they were, their administrator/root passwords, their contact information, etc. etc. I even had a job offer or two from them. To use this information to my financial advantage _must_ be considered inappropriate use of a trade secret, right? WRONG! Their customer list is printed right on the back of one of their marketing brochures ("Look who we've done work for!"). Company name in hand, the phone book/Internet provided me with all of the contact information I wanted. As far as the customers' network layouts and passwords, those are proprietary information of the customers, not my former employers. Granted, it was a partial customer list and quite old. That didn't matter to me. The information I needed to get started was there. That was two and a half years ago. I've been stealing business from them ever since (not hard since they no longer provide the services I offered to their customers). This is much like SCO's earlier release of an old version of the UNIX source code. That earlier release could be enough to fry their case. Even though they are accusing IBM of raping their more recent versions, if the code in question is anywhere _near_ present in the old version, SCO is screwed.
Personally, I think SCO's case is going to fall... hard. If they had a real case, they would have shown the code long ago. Not just shown the code, but PROVED that they had it first and not the other way around. After all, Linux had many enterprise features before SCO's various *NIX flavors. Perhaps we should be sueing them for violation of the GPL?
-- S
-- Stu
/. ID under 2,000. I feel old now.
That is the problem.
Having Linus try to remember who put it in will not cut it without some record. Kernel.org will show when the offending code was added but not by who. The BSD groups have cvs so in a future lawsuit they can trace it to which user added the transaction adding the offending code.
What is interesting is at caldera's ftp site, they removed all the kernel 2.2.rpm files but left the later 2.4's. This shows that IBM had nothing to do with this but Novell or SCO could of leaked it. Assuming it was the 2.2 kernel and earlier that had Unix IP in it.
http://saveie6.com/
Actually, no, this is a pretty valid thing. Thing is, trade secrets are only valid if they're genuinely secrets, and if they're released to folks under a set of circumstances which is, at minimum, a subset of those ESR describes, they may well cease to be trade secrets any more at all. He's not looking for "special code", he's looking for trade secret violations -- and if you can think of a better way to do that than asking around to find people who may have been witnesses to them, yer a better man than me.
Anyhow, it's not the word of the "raving fanatic" that IBM needs to take, it's the word of the people who are (potentially) responding to the "raving fanatic"'s request for info.
ESR isn't all that much of a raving fanatic, though -- certainly not like RMS is. Plus he plays a pretty mean jazz flute...