Slashdot Mirror
Settling SCOres
Israel Pattison writes "The Inquirer is reporting that someone in Germany is claiming to have viewed the SCO-alleged infringing Linux source code without having to sign a NDA. The person gives details about the code that was presented, but the translation-by-software is difficult to follow." The story also includes a link to a human translation; maybe some Slashdot reader can do better. Also in the news is a story about a kernel developer getting uppity with SCO, as well he might.
Now, I haven't seen the code, but the way it's described sounds to me like SCO may have grafted comments from the Linux source onto the SysV code. Comments being as unique and "fingerprinty" as they can be, this might have seemed like a good plan for making the code look like it came from SysV. The litmus test may be the origin of the comments, especially the jokes. I know if someone ripped off my joke, I'd for SURE let people know. . .
You are not the customer.
Could someone who knows the fellow ask him to select a version of Linux and indicate the actual filenames/line numbers where the code is alleged to be "the same?" The question here is "where did the code actually come from." To answer that, its first necessary to know precisely the code at issue.
From there, I would imagine that Linus has extensive records on where particular kernel submissions came from. That leads to affidavits to the effect that the code was an original work, or its replacement with code which in fact is an original work. Either of which solves the problem.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Why the hell would someone write out saying they saw the code and never once mention a single file name or function name for that matter?
How difficult is it to say: function foo() in Linux is the same as bar() in SCO code? Duh! Give me a break.
This looks more and more like a bad soap opera.
Better luck next time.
No, shithead, wasting bandwidth is NOT a good way to take out your anger. It's a good way to demonstrate to the world that the LAST thing anybody wants to do is get involves with those Lunix terrorists and hippies.
If that's the impression you want to give, then go right ahead.
I am not a lawyer (get this out the way first), but my opinion of some highly relevant issues:
According to McBride's public statements, SCO view all the *nix variants as derivatives of their stuff. If anybody is interested enough to discuss this, but doesn't remember, I'll locate the news links and post them.
However as far as IBM is concerned: IBM are fully authorized in their contract to create derivatives of *nix - use any methods in the source - sublicense it as they choose - and what's more the contract says IBM own any derivative products that they create. The only proviso appears to be IBM should not copy code or whatever associated paperwork came with it (copying ideas and methods is explicitly allowed).
Furthermore, it actually explicitly says this on SCO's own web site, and as part of SCO's evidence. Go, for example, to top of page 2: http://www.sco.com/scosource/ExhibitC.qxd.pdf
So now, I think, we have yet another problem with SCO's case (aside from GPL issue, ATT v BSD issue, whether code was copied from or to SCO, whether SCO have the copyrights, whether anything in *nix is a trade secret given it's history, BSD contamination in *nix history undermining any copyright claim to entire *nix source, etc): Namely IBM are allowed to do more or less whatever they like in and with derivative UNIX products, explicitly stated in the contracts with ATT (which SCO inherited).
Can somebody say "troll"? (Probably some teenage Windozer having a good laugh.)
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
What's interesting is that the scheduler seems one of the least likely places for such code-pollution to occur -- as one of the most central parts of the kernel, it's also one of the most scrutinized and well understood by many people.
I'm also under the impression that the `traditional' linux scheduler (before the rewrite by Ingo Molnar in 2.5) is one of the oldest parts of linux, predating any involvement by IBM or any other large company with access to SCO source. [but this is just my impression from reading the LKML, not based on any research!]
Because the mechanisms involved are fairly implementation-specific, it's also very unlikely that anyone could just copy a few random functions from SCO, unless they were very generic. Since SCO is by all accounts very old and crufty, it's unlikely you'd even want to.
By far the most likely place for copied code is in obscure device drivers that no one really looks at or understands very well besides the original author.
Of course what we really want to hear is the name of these functions! C'mon non-NDA guy, cough 'em up!
We live, as we dream -- alone....
Funny you should mention that.
My sits on the board of a major corporation. He called me the other night to ask about Linux, and the legal issues involved in using it.
It took a few minutes to explain the decentralized nature of Linux and the history (much of which he already knew) of this case so far. Then he told me, "Sounds like a publicity stunt."
Anyway the thing I found interesting about this conversation was that my father, an extremely well educated man, and familiar with the business of software had trouble understanding the nature of open source software.
I suspect that there are many others in this type of position that have no idea how open source software works. They've been inundated with proprietary software for so long, that they seem to be stuck in that mind set.
Question is,
How do we educate the corporate world so they can make informed decisions for Linux, and other open source software?
This signature has Super Cow Powers
Unless SCO patented the methodology, then coding a replacement and having seen SCO's original code does not mean you can't make an equivalent original.
Legally speaking, I'm not so sure of that. The company I used to work for was recently involved in a lawsuit. A software company that sells a product that we bought the source code to over 20 years ago claimed that we were in violation of our license because we used our knowledge of their software to develop an RFP for a replacement system. There was no allegation of patent infringement or that we had created any kind of derivative product. Because this was clearly a rediculous interpretation of the law, we refused to settle. We ended up losing the case.
Who cares if IBM is in violation of SCO's license? That has nothing to do with IBM contributing to FOSS.
The current legal action being discussed here is SCO vs. IBM. SCO wants to revoke IBM's UNIX license because they claim IBM copied UNIX code into Linux. There has been no formal action taken by SCO against any Linux developers yet. If IBM did copy UNIX code into Linux, SCO will have an excellent case for back royalties, regardless of the good intentions of the kernel developers or whether the code is replaced in future versions.
No doubt. Cite a damn file name and line numbers. Without it, this looks like a scam to get traffic.
What use are vague references to jokes in comments? Tell the line numbers so that we can know for certain whether or not the code being shown comes from a questionable source.
If this story is true and someone did see SCO's code without a NDA then they're wasting the chance they've been given to cite some concrete examples of what SCO is claiming.
Since the author elected to provide the same sort of wish-wash "proof" that SCO is handing out to the public, it's hard to imagine this isn't a scam.
Most people understand the word lawsuit, specially if it comes with $1,000,000,000 as the amount.
SCO actions shows that you should be very careful with licesing software, either proprietary or open.
For instance, they sued IBM, and are threatening them with revoking their AIX license.
What business would want that?
Nobody wants SCO's source code.
I found the second link (re: kernel developer getting uppity with SCO) to be much more interesting. He claims to be the author (or significant modifier) of code which SCO purports to be in violation. His remark in short is "The violation is yours, 'cause I wrote the code". In a challenge to SCO, he's threatening to sue SCO unless they remove the paticular code sections from their list of copyright violations.
This may be one of the ways to put chinks in SCOs armor. Get other Linux kernel developers to compare what they've written against corresponding sections of OpenLinux. Then note SCO's violations.
Of course this is pure speculation and I'm no way implying that this is SCO's plan but if you wanted to claim ownership over a part of Linux than what better place to do it than the scheduler? Thats a core piece of code and not some driver or feature that you can turn off.
I do agree that it's so unlikely that it's not even worth considering..
I now this is way OT but frankly I've had a gutsful of my chosen industry. We have M$ behaving like total jerks for over a decade, Oracle looking like a complete bunch of bully boy tossers and now SCO behaving in a manner that would surely see them heading directly to jail for extortion if they had Italien heritage.
Frankly OSS is the only point of sanity and some morality left to the industry (I can't quite believe that the IBM of the 70s and 80s is suddenly transposed itself to that touchstone).
Phew, its off my chest, quick, mod me down.
-- Free software on every PC on every desk
I'm curious.. how can they distribute GPL code under an NDA. Linux code is copyright the author, and the only right SCO has to redistribute it is under the GPL.
Even if they think it's their code, if they downloaded the Linux source to get their copy, they are bound by the GPL just like the rest of us.
I think. IANAL and such. Anyone?
As the author of the article stated himself:
:)
As long as there are no original sources available where nothing is altered or deleted - especially the dates - and as long as SCO does not give any evidence that the sources under scrutiny are unaltered, all there allegations are simply said bullshit.
I think at least in Germany they can be sued for misuse of the court and up to now they can be sued for damaging IBM and everybody who sells and supports LINUX.
Well - let us sue them into oblivion
CU
This means SCO is in some serious shit if they testify under oath!
Bring it on SCO. I dare you!
My guess is IBM wants to take them to court and prove they perjured themselves and commited fraud by inserting these comments. It would be very damming to the lawyers and SCO itself if they did what you said. SCO can not pull this off.
This is why IBM is quiet and such a move by SCO would be the best counter-fud ever. All these fortune 500 companies who are now ready to ditch Linux will continue to use it again and not ever purchase anything from SCO again. Nothing like counterfud returning to them.
They are the only ones who still purchase their crappy products. Wont anymore I am sure.
Hell to make matters even worse for SCO, the comments are copyrighted according to the borne convention. This means they can not only be blasted for perjury and fraud from the shareholders but can also be sued for copyright infringment by the authors of the comments.
PS Does anyone know when the trial supposed to go to court and how long it may be? Every month its delayed with constant fud Linux's image goes down and its hurting many distributors like RedHat.
http://saveie6.com/
1) We have no function names, no file names, not even a precise description of what code or comments. Now, true, this guy says he was shown PAGES of code - NOT files, but Xerox copies - and that most of the Linux code was from Linux mailing list posts. Still, he can't write down (or remember, if he was not allowed to write notes) function names or specific comments? Something fishy, there.
2) He says some of the comments are identical but the code next to them ISN'T. This makes no sense unless SCO manipulated the comments. But why would SCO place identical comments next to non-identical code? Isn't that an OBVIOUS fake? Why would SCO do an OBVIOUS fake? Are they that stupid? Or was it an attempt to show fake code to analysts that will NOT be shown to the court - in other words, a publicity stunt?
3) This story doesn't resolve anything or even contribute to anything given its omissions and ambiguity.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
Looks like we all should start grabbing *BSD ISO's and CVS trees and start over. Makes me kind of glad I got a Mac.
I'm not saying we should be throwing in the towel just yet, but SCO sure has managed to knee linux right in the enterprise stomach and seems to be digging in for a long fight.
I know that this has severely hurt the chances of getting linux in my Fortune 100 company, no matter who the vendor is (HPaQ, Sun, IBM...it won't matter how many or few letters they have in their name). Linux - even if vindicated - will be relegated to niche apps (probably embedded appliances) and the chances of finally getting open source projects brought in will be even slimmer than they are now.
SCO hurt themselves and damaged the entire linux/open source community with this money-grab. I will take great pleasure in dancing on SCO's grave and will be one of the first persons making bids on their equipment when it's put up for auction.
Mind the gap...
Since a process scheduler is such a well studied piece of Computer Science theory, it might be that the code in both Linux and SCO's Unix is derived from the same published, academic source.
Something like an example from an Operating Systems 101 textbook... The natural starting place to write something like that. Both author's could've tossed in explanation from the same original source matter.
Also, the scheduler is part of what makes Unix what it is- a multitasking, process-switched operating system. If several people want to implement that feature, they'll all have a very similar thought pattern, and converge towards a similar solution.
I just use the old traditional car analogy when I try to explain it to people.
Here 'tis:
I make alternators, you make engines, leroy over there makes wheels, bubba makes frames and bodies and etc. Now we could all sit around and try to sell this stuff to each other with all sorts of schemes and deals and middlemen and whatnot, or we could all just cooperate completely and share a part with each other and all of us wind up with a pretty cool and snazzy complete car at very little cost to anyone. Then we *all* have our own good car to go drive to "real work" in. And whenever I build a newer better alternator I chip it in, and so does the engine guy, and so on. We do this forever, we are always driving a new car for real reasonable and not much hassle. And once in awhile someone totally new joins our car co-op group, like the new guy this week we added has a really nice car sound system we all get to add to our cars. Cool beans. Fat city.
From NetCraft: Recent Changes at Notable Sites:
The SCO website is running Linux! How ironic!Host localhost (127.0.0.1) appears to be up
...that some of SCO's allegations are certainly wrong in detail, and that certain specific code sections (like the scheduler) are under fire.
Now if someone can recall some of the strings that they saw and grep the kernel for them we can probably have a little chapter-and-verse from which to answer some of SCO's whining directly.
We have made progress against this stupidity, even if it's not as rapid or dramatic as you'd hoped. It'll be interesting to see how the threat of a countersuit impacts SCO's shares when the less technical sites pick it up.
Got time? Spend some of it coding or testing
Excellent article you linked to! I found this link from the article particularly interesting, in the context of the comments from the German fellow who saw SCO's "evidence" without signing the NDA. Here's a former SCO (now Intel) employee that worked on improving the Linux kernel for enterprise application (when he worked for SCO) talking about *scheduling* routines for *SMP* systems using Linux kernel 2.4.18.
Curiously, SCO did not show any actual Linux kernel code - only postings to the linux-kernel email list. So perhaps a 'bad' submission got filtered out by Linus and other reviewers and did not get into the actual kernel. Maybe it was rejected with comments like: "doh, you want to move _this_ cruft into the kernel? No way!" :-) <p> The 2.5 kernel's scheduler for example does not have any 60-line (or bigger) function that came from IBM or any other former Unix company. In fact there is no such scheduler function in the 2.4 or 2.2 kernels either. SCO clearly would have shown these people *actual kernel code*, not posting to some mailing list - if any such code existed ...
Legally interesting...
Since SCO did not disclose that author's name to you, it can't be covered by their NDA - true/false?
How much could you tell the developer about the code you had seen before their NDA bit you? Since SCO did not supply filenames and line numbers to you, their NDA does not cover you giving him file and line - true/false?
Got time? Spend some of it coding or testing
Or more accurately, MINIX. When Linus started the kernel, there really wasn't an Operating Systems 101 textbook per se. There might have been a few books on high level concepts, but solid. My history of Operating Systems isn't quite solid, but my understanding is that the MINIX book had just been recently released (the project started in 87, so its fairly safe to assume the book was released around 89). Before MINIX there were no public operating system implementations. They were proprietary information that had to be guarded by at least an NDA. There was no HURD (and mostly still is no HURD ;); there was no BSD (they reimplemented UNIX in circa 1994).
If code was 'borrowed' in Linux from anywhere, its likely MINIX. I believe Torvalds states that there is no MINUX code within Linux anymore, which is easy to believe given the time span and advancements in technology.
Really, schedulers are easily made unique, despite solving a central problem. Its simple to pick a design goal and make progress toward it. I highly doubt that MINUX and sysV were somehow related identically in that reguard. MINUX is by all accounts a simple yet functional implementation of an OS. SysV is reputatably a complex yet efficient beast. It may be the case that the code is duplicated, that much the german post implicates. But who stole from who is suspect, given the removal of dates. It may in fact be the case that SCO doesn't want to disclose the infringing code because the man submitting the patch was a) not liscenced or b) very poor and not IBM.
I Browse at +4 Flamebait
Open Source Sysadmin
However I'd bet on the stuff in common (assuming it exists at all) being in some architecture specific piece of code (ia64? 360?) - does the ia64 need a special scheduer anyone know?
Many of the comments in the Linux kernel are from the posix specification which is available on the internet. http://www.opengroup.org/onlinepubs/007904975/
It makes a lot of sense for a developer to copy the specification as comments and fill it up with implementation details. That's the way I would do it! That would explain why comments are the same and code is different.
"Fighting terrorists with millitary might is like killing a mosquitor on your Dad's forehead with a rifle."
I've read the original german text, what he sais is:
- SCO's lawyers forgot to force a person to sign a NDA, that's the reason those details came out
- 46 pages of code were compared, linux on the one side, probably (not sure because they didn't tell it) SysV-code on the other side
- most code was simliar and had some excat matching comments, but the implementation also differed in many points
- 60 lines of scheduler code were a almost exact match (!)
- all dates were cut out so nobody can tell (yet)
for sure who used the code first (but SCO would not start this case if they hadn't evidence imho)
- if the GPL proofs valid, SCO can only attack parts that they have not distributed so far, and those code was only in modifications by others, *not* in the unpatched kernel source tree!
Personally, I would prefer to be able to be paged whenever either Slashdot or Linux Today had an SCO update.
It's like a movie buildup. First you make the audience really hate the bad guy. Then the good guy wins.
This is the best entertainment I've seen in a long time. But it's real life and affects something I care about.
I'll see your senator, and I'll raise you two judges.
I just read an interview with Darl McBride on CNet where McBride admits they filed the suit against IBM and then sent their teams of programmers through the code to find similarities. I find this to be rather glaring evidence of extortion, rather than protection of IP rights.
If SCO was really concerned with their Unix licence rather than their failing business, they should have investigate first, and then filed suit if action was needed. Darl saw the leverage negative publicity might bring and decided to exploit it. No matter how victimized he tries to sound, he did things backward and it will bite him in the end.
The NDA is to be told which parts they think are violating
This is very interesting.
Notice how quite IBM is being in their legal case. Contrast with SCO which is making as much noise as possible. All of the press, the hourly soap opera updates, are all either from third parties, or from SCO. Not from IBM. In other words, SCO is playing this for PR.
Since when does a company involved in litigation show their evidence under NDA?
Hey, I'm suing CompanyX! But I'll show my case, secretly under NDA, to anyone and everyone. I don't want CompanyX to see my case. But I will allow others who sign an NDA to see my case before trial.
Why isn't IBM allowing everyone to see their evidence under an NDA? For that matter why doesn't every litigant follow this practice? It must all be for PR value. Translated: FUD. Who gains the most from such public FUD?
In fact, I wounder how the judge will view SCO's actions? Showing their evidence to anyone under an NDA? Any lawyers care to comment on this?
I'll see your senator, and I'll raise you two judges.