Posted by
ryuzaki0
on from the to-an-independant-analyst dept.
cheesybagel writes "In this EETimes article SCO claims to have shown their evidence to our independent analyst friends from the Aberdeen Group. The evidence, all 80 lines of it, allegedly even has identical comments."
When...
by
Anonymous Coward
·
· Score: 5, Insightful
will this end?
Has anybody considered
by
gazbo
·
· Score: 5, Insightful
That maybe SCO are telling the truth - that maybe there is ripped off code? Undoubtedly if the claim was that MS had included GNU code in their apps, people would automatically presume guilt; why the immediate defensiveness now?
Especially as we have 80 lines of identical code including comments which is the real kicker.
Re:Has anybody considered
by
bheading
·
· Score: 5, Insightful
As the article points out, no-one knows that this code was SCO's to begin with. It could have found it's way from Linux to SCO's code. It could have bubbled it's way up from the earlier BSD releases. Who knows ?
If the case was really that simple it sounds like it's open-and-shut. It's hard to understand why SCO won't show it publicly, or allow anyone to see it without making them sign a huge NDA. What do they have to lose ?
And even then, the 80 lines would have to be pretty critical to form the basis for claims of $1bn in damages. How many thousands of lines of code are there in Linux (or any other OS) and how many blocks of 80 lines are singularly critical to the whole functioning of the OS ?
Re:Has anybody considered
by
surprise_audit
·
· Score: 5, Insightful
But the "trade-secret" code is already published in the Linux source, if SCO is to be believed...
Either: 1) SCO's code is included in the Linux kernel, and is therefore irrevocably publically available and no longer qualifies as trade-secret; or 2) SCO's code is not in the Linux kernel and may still be a valuable trade-secret. Or it may not, but that's not Linux's problem.
There isn't a third option, and all this dicking around with NDA's and crap like that is merely making SCO look stupid.
Re:Has anybody considered
by
RenQuanta
·
· Score: 5, Insightful
So first SCO is at fault for not showing any evidence. Now that they have, the claim is that they can't prove the code is theirs.
The code has yet to be given out to the community for consideration, it was shown to two heavily biased analysts under a strict NDA.
The DiDio character is a Windows consultant, and the Aberdeen group released a report last November that Linux was "the most vulnerable operating system". Yeah, that's the same as giving it to the community for them to verify SCO's outlandish claims.
Besides, copied or not, you already have it. Just look in the Linux source.
Yeah, sure. We'll get right on that. (In case you missed the sarcasm, eighty lines of code is a friggin' needle in the haystack! I'll leave it as an exercise to the reader to figure out all they implications that fact has...)
Why should SCO bother?
You're right about that. It's not in SCO's best interests now to give everyone the information required to determine what the facts are. It's in their best interest to drag this out as long as possible, to spread as much Fear, Uncertainty, and Doubt as possible, and to control public opinion by controlling the flow of information.
My guess? There may well be some code, but I'm betting that SCO didn't do their homework (corporate managers rarely do). It could be from the BSDs, from public-domain literature, or from SCalderO's own UNIX-Linux integration project which I've read referenced in other posts here.
In any case, I have no doubt that SCO has no case here. For further proof, go read the OSI position paper on the matter. A lengthy read, but very enlightening, and basically shows the SCO claims to be rather without merit. Or is your mind as closed as your source?
Re:Has anybody considered
by
hammock
·
· Score: 5, Insightful
Where did the code come from?
Find out which IBM engineers commited patches to the kernel. Find out which SCO engineers commited patches to the kernel.
You just narrowed it down. It's probably pretty easy to find out what code it is.
It's also just as likely that SCO copied the code from Linux, since we can trust Linus' logs, but SCO could fabricate thier own logs at a moments notice.
Linux supporters, however, were quick to question the meaning of the evidence. âoeCan SCO prove that this code came from SCO to Linux, and not from Linux to SCO?â asked Jon âoeMaddogâ Hall, executive director of Linux International (Nashua, N.H.), a Linux advocacy organization. âoeOr did the code that's in SCO Unix come from a third source? Show me the facts,â he said.
Not only have they NOT proved to the Linux community that the egg came before the chicken, but they have not even proved what "egg" this is. Is it IBM specific code? Is it the actual kernel??
FUD FUD FUD
-- Don't mod me, bro'!!!!
Mac OSX based on Linux?
by
Anonymous Coward
·
· Score: 5, Insightful
"The article also claims that Mac OSX is just as vulnerable to attacks as any other Linux based system."
Get your facts straight first, Mac OSX is based on BSD - not Linux!
Wasn't a good test
by
confused+one
·
· Score: 5, Insightful
I read the articles (there was more than one written). I read the comments by Aberdeen's rep. She said: Yep, that's the same code alright...
Where's the analysis in this? 80 lines of code isn't damning. Where did it come from? Did she go back into the distro archives and find where and when it was put into the code? No. Did she check against the BSD codebase? NO. Did she even know what she was looking at? Probably not.
Two previous post provide sufficient defense...
by
Anonymous Coward
·
· Score: 5, Insightful
The following two posts, taken from previous stories concenrning SCO, quite beautifully sum up IBM's best potential defense.
The first post, taken from a June 3rd story, points out the relative significance of a situation in which everything that SCO has said is true, and it even is a bit optimistic in favor of SCO's claims (but it still puts things in perspective):
Ok so we have this quote:
"The month of June is show-and-tell time," McBride said. "Everybody's been clamoring for the code...and we're going to show hundreds of lines of code."
So lets assume "hundreds of lines of code" is our N value. Now let N equal... oh... we'll be lenient on our definition of "hundreds" and make N = 5000.
Ok so we've got our hypothetical 5000 lines of offending code. Now lets count the number of lines in every.c file in linux-2.4.20.tar.bz2...
TMPFILE=`mktemp/tmp/$0.XXXXXXX` for i in $(for i in $(for i in $(find./|grep "\.c"|grep -v Documentation);do cat $i|wc -l;done);do echo $i;done);do echo -n $i+>>${TMPFILE};done;echo "0">>${TMPFILE};echo quit>>${TMPFILE};bc -q ${TMPFILE};rm ${TMPFILE}
Which gives us 3332935 (including comments but hey we're lazy).
And this seems reasonable give that according to this link [geocrawler.com] which shows ~1.8 million for a 2.2 kernel so yeah hey what's another 1.5 million between friends? (think of all the new hardware support)
Ok so we've got our probably bogus number of ~3.3 million lines of code. Remember N? Come on you can do the next step its fun!
5000 / 3332935 == 0.0015% and lets be super generous and assume comments make up 40% of our line count...
5000 / 1999761 == 0.0025%
I wonder what the statistical liklihood of having similiar blocks of code of some signifigant size that happen to be the same (excluding format and variable differences). I mean there's only so many ways one can _intelligently_ code a given function
Given those kind of percentages I doubt a judge or jury could be convinced of any copyright infringement of any signifigance. It'd be kind like trying to sue a competing encyclopedia company for swiping that one entry in the "P" volume on "Petards" ("hoisting", "petard", look it up) from you and demanding millions of dollars in compensation for this plagerism (ok so this analogy sucks but I had petards on my mind so...)
The second post, taken from a June 6th story, highlights the fact that something fishy would have had to have been going on within SCO's ranks for a block of code with full comments to be submitted for inclusion into the Linux kernel:
Not having the benefit of seeing the code I'll have to assumme these comments are fairly overwhelming evidence wise.
If you knowingly copy code, into a product that can be viewed by potentially millions, wouldn't you at least try to make it not resemble the original work.
Yes, it is easy to catch the lazy cheaters, but if put some effort in it then it should be a little more difficult then running grep.
I'm sure there are bound to be similarities here and there, coders no doubt ran into the same problems working on the same platform, but apparently these grievances were enough to goto court over.
Obviously, we can surmise they understand their work enough to copy kernel code, so we know the individuals were at least someone intelligent.
So, having in mind how code theft works, it doesn't make sense for something as obvious
Things are getting worse for Linux.
by
aussersterne
·
· Score: 5, Insightful
This is a lengthy prediction, and I'll probably get modded down for it, but hey, Slashdot is all about having fun by voicing one's opinion, so here I go.
You know and I know that SCO's case is meaningless and that even if some hapless SCO, Caldera or IBM idiot inserted code into Linux, that code can be quickly removed and replaced and a new kernel distributed to people using Linux.
You and I also know that it is much more likely that code made its way from Linux into SCO, or from BSD into both, and that SCO's "side-by-side code" demonstration technique doesn't hold up to solid reasoning.
However, very few people in business are going to understand this. Management are scared idiots, American management doubly so. They're going to stay away from Linux in droves and are already feeling personally betrayed by the people who make Linux, just on the strength of the FUD and accusations. They're already at home telling the wife how big a mistake Linux was and how they should have listened to the doubters.
It's natural for them to take this view so easily because they've been conditioned all their lives to believe that "there's no such thing as a free lunch" and "if it sounds too good to be true, it probably is" and after years of business training they're suspect of anything (even family matters) that don't emphasize the "bottom line" above all else. They were very reluctant to consider Linux in the first instance for these reasons and it took years of badgering on technical grounds and tempting on cost grounds from technical underlings to stop them from seeing Linux as some kind of a scam in the first place.
The courts in the US, unfortunately, have the same view. If it's corporation versus non-corporation, the corporation will always get the benefit of the doubt. The burden of proof will always be on the non-corporation, regardless of what the "law" may say, and in many cases, it's impossible for the non-coproration to win a case; the court will simply rule for the corporation even if it's patently obvious that the law doesn't support such a ruling. They'll do it with a backhanded wink and a nod and the belief that to hurt business and "the economy" is far worse that to hurt any non-business entity or group of individuals.
For these reasons, Linux in the US will likely suffer horribly over the next few months or perhaps even several years. In fact, it's doubtful that Linux will ever recover the "inevitable force" swagger that it has had over the last few months in that country. Instead, Linux will continue to grow across the rest of the world and the US will lose yet another technical and cultural advantage in the interests of supporting business above all else.
Hmm, maybe it's not so much a prediction as a fear. But I can't help but think that SCO has turned a corner on this one, not in terms of their case from an honest perspective, but in terms of the effect they're having.
Slashdot Mirror
will this end?
Especially as we have 80 lines of identical code including comments which is the real kicker.
Linux supporters, however, were quick to question the meaning of the evidence. âoeCan SCO prove that this code came from SCO to Linux, and not from Linux to SCO?â asked Jon âoeMaddogâ Hall, executive director of Linux International (Nashua, N.H.), a Linux advocacy organization. âoeOr did the code that's in SCO Unix come from a third source? Show me the facts,â he said.
Not only have they NOT proved to the Linux community that the egg came before the chicken, but they have not even proved what "egg" this is. Is it IBM specific code? Is it the actual kernel??
FUD FUD FUD
Don't mod me, bro'!!!!
"The article also claims that Mac OSX is just as vulnerable to attacks as any other Linux based system."
Get your facts straight first, Mac OSX is based on BSD - not Linux!
Where's the analysis in this? 80 lines of code isn't damning. Where did it come from? Did she go back into the distro archives and find where and when it was put into the code? No. Did she check against the BSD codebase? NO. Did she even know what she was looking at? Probably not.
The following two posts, taken from previous stories concenrning SCO, quite beautifully sum up IBM's best potential defense.
.c file in linux-2.4.20.tar.bz2 ...
/tmp/$0.XXXXXXX` for i in $(for i in $(for i in $(find ./|grep "\.c"|grep -v Documentation);do cat $i|wc -l;done);do echo $i;done);do echo -n $i+>>${TMPFILE};done;echo "0">>${TMPFILE};echo quit>>${TMPFILE};bc -q ${TMPFILE};rm ${TMPFILE}
The first post, taken from a June 3rd story, points out the relative significance of a situation in which everything that SCO has said is true, and it even is a bit optimistic in favor of SCO's claims (but it still puts things in perspective):
Ok so we have this quote:
"The month of June is show-and-tell time," McBride said. "Everybody's been clamoring for the code...and we're going to show hundreds of lines of code."
So lets assume "hundreds of lines of code" is our N value. Now let N equal... oh... we'll be lenient on our definition of "hundreds" and make N = 5000.
Ok so we've got our hypothetical 5000 lines of offending code. Now lets count the number of lines in every
TMPFILE=`mktemp
Which gives us 3332935 (including comments but hey we're lazy).
And this seems reasonable give that according to this link [geocrawler.com] which shows ~1.8 million for a 2.2 kernel so yeah hey what's another 1.5 million between friends? (think of all the new hardware support)
Ok so we've got our probably bogus number of ~3.3 million lines of code. Remember N? Come on you can do the next step its fun!
5000 / 3332935 == 0.0015% and lets be super generous and assume comments make up 40% of our line count...
5000 / 1999761 == 0.0025%
I wonder what the statistical liklihood of having similiar blocks of code of some signifigant size that happen to be the same (excluding format and variable differences). I mean there's only so many ways one can _intelligently_ code a given function
Given those kind of percentages I doubt a judge or jury could be convinced of any copyright infringement of any signifigance. It'd be kind like trying to sue a competing encyclopedia company for swiping that one entry in the "P" volume on "Petards" ("hoisting", "petard", look it up) from you and demanding millions of dollars in compensation for this plagerism (ok so this analogy sucks but I had petards on my mind so...)
The second post, taken from a June 6th story, highlights the fact that something fishy would have had to have been going on within SCO's ranks for a block of code with full comments to be submitted for inclusion into the Linux kernel:
Not having the benefit of seeing the code I'll have to assumme these comments are fairly overwhelming evidence wise.
If you knowingly copy code, into a product that can be viewed by potentially millions, wouldn't you at least try to make it not resemble the original work.
Yes, it is easy to catch the lazy cheaters, but if put some effort in it then it should be a little more difficult then running grep.
I'm sure there are bound to be similarities here and there, coders no doubt ran into the same problems working on the same platform, but apparently these grievances were enough to goto court over.
Obviously, we can surmise they understand their work enough to copy kernel code, so we know the individuals were at least someone intelligent.
So, having in mind how code theft works, it doesn't make sense for something as obvious
This is a lengthy prediction, and I'll probably get modded down for it, but hey, Slashdot is all about having fun by voicing one's opinion, so here I go.
You know and I know that SCO's case is meaningless and that even if some hapless SCO, Caldera or IBM idiot inserted code into Linux, that code can be quickly removed and replaced and a new kernel distributed to people using Linux.
You and I also know that it is much more likely that code made its way from Linux into SCO, or from BSD into both, and that SCO's "side-by-side code" demonstration technique doesn't hold up to solid reasoning.
However, very few people in business are going to understand this. Management are scared idiots, American management doubly so. They're going to stay away from Linux in droves and are already feeling personally betrayed by the people who make Linux, just on the strength of the FUD and accusations. They're already at home telling the wife how big a mistake Linux was and how they should have listened to the doubters.
It's natural for them to take this view so easily because they've been conditioned all their lives to believe that "there's no such thing as a free lunch" and "if it sounds too good to be true, it probably is" and after years of business training they're suspect of anything (even family matters) that don't emphasize the "bottom line" above all else. They were very reluctant to consider Linux in the first instance for these reasons and it took years of badgering on technical grounds and tempting on cost grounds from technical underlings to stop them from seeing Linux as some kind of a scam in the first place.
The courts in the US, unfortunately, have the same view. If it's corporation versus non-corporation, the corporation will always get the benefit of the doubt. The burden of proof will always be on the non-corporation, regardless of what the "law" may say, and in many cases, it's impossible for the non-coproration to win a case; the court will simply rule for the corporation even if it's patently obvious that the law doesn't support such a ruling. They'll do it with a backhanded wink and a nod and the belief that to hurt business and "the economy" is far worse that to hurt any non-business entity or group of individuals.
For these reasons, Linux in the US will likely suffer horribly over the next few months or perhaps even several years. In fact, it's doubtful that Linux will ever recover the "inevitable force" swagger that it has had over the last few months in that country. Instead, Linux will continue to grow across the rest of the world and the US will lose yet another technical and cultural advantage in the interests of supporting business above all else.
Hmm, maybe it's not so much a prediction as a fear. But I can't help but think that SCO has turned a corner on this one, not in terms of their case from an honest perspective, but in terms of the effect they're having.
STOP . AMERICA . NOW