Slashdot Mirror
My Visit to SCO
Ian Lance Taylor writes "I signed the SCO NDA and visited them to discuss their claims against Linux. My essay about it is on the Linux Journal web site. The short version is that SCO's claims are unproven, as indeed I expected would be the case before I went. The amount of information they were willing to show me was extremely limited, and
did not by itself prove that their claims were true, nor that their claims were false." Other SCO-bits: Sun is doing their usual foot-in-mouth routine, thinking that two FUDs makes a Solaris purchase, or something like that. IBM is now joining the contact the customers bandwagon. Eric Raymond has been keeping himself busy - here's a story about him. SCO hates BSD, too, but they're not taking it lying down. And of course Cringley has his two cents.
In a discussion I was reading that mentioned this article, it was mentioned that there was a misspelled word in the comments of some allegedly copied code. If true, then one could just strip the comments from the Linux source, and do a spell check in the appropriate language. I forgot where I was this. Can somebody verify?
:)
Or better yet, Ian Taylor can just tell us the name of the file.
I've wondered this ever since SCO started saying they'd let people look at the code under an NDA. Perhaps you can give us some light as to what the NDA swore you to?
NDAs are held to be invalid if the information that you agree not to disclose is already public information, or is revealed to the general public through someone elses doing at a later time.
If the claim is that certain lines of code belonging to SCO are now being distributed in the public domain then it would seem that you couldn't NDA that away - the cat's already out of the bag so to speak. Assuming their claims are 100% valid, everyone who signed the NDAs is perfectly free to tell you exactly what lines of code are infringing, yet nobody has done this. Suppose because they can't find anything that's conclusively out in the open already (the basis of SCO's claims)
There's some new stuff in there. Apparantly, they insinuated that even Microsoft and Apple are not immune to being sued, though they have not taken action yet. Perhaps if they get money from IBM, they'll snowball down the chain of OS's, using the previous court cases, gaining billions as they go to fund the lawyers? We'll see
Also, it seems they've been searching for this sort of IP infringement for a year now. Was it in an earlier article that I saw that the CIO or something of SCO has a history of using IP to extort money in this fashion? If so, he's been planning this attack for a while, and i'd be surprised if he didn't have series of plans if things go/don't go his way. Very scary, for everyeone.
And, I want to say, even though you may be a huge corporation, serving your own ends, please help fight SCO. They are not simply attacking IP, but humanity's well-being. The future of computing could be as bleak as the Matrix's blackened sky if SCO has its way.
Theoretically, under this model, the descendents of Johann Gutenberg now get to sue every book publisher in the world for not paying them royalties on the IP of printable-format books. Wow. Time to hit the family tree records!
IAALS.
Two things stuck out for me, after reading.
The biggie: SCO basically is arguing that any code developed on top of Unix is a derivative work of Unix.
If you developed on Unix, and then went to Linux and did something similiar a few years down the line, with the benefit of hindsight yet with the same goals in mind, you probably did one of two things: recoded the section from memory, or, recoded a part of it using what you remembered plus possibly a better method that you had learned through sheer experience. SCO wants to claim rights to that experience. So no matter where you go from this day forward, if you happen to code the same thing in a *nix-like operating system, and they see the same algorithm (because, for example, the one you came up with couldn't be improved on), they should get a chunk of that.
Next: SCO said it has no current program [for Linux Licensing]. It hopes to come up with something in which noncommercial use and educational use would be free, but for commercial use it wants some remuneration. SCO said it hadn't come up with a plan because it still is trying to figure out the scale of the problem.
Did anyone else cringe as soon as they read the term "Linux Licensing", which preceded that paragraph?
"the scale of the problem" is an easy way of saying "finding every corporate customer on Redhat, Lindows, SUSE, and every other distro's books and sending them OUR Linux Licensing agreement."
This is so painful to watch. The company wants to say that anyone with a good idea cannot port that idea years later. That they own it. That even if that programmer kept a chunk of the code they once wrote, because they knew they couldn't remember it line-per-line, and copied it into a kernel module, that they own the rights to it.
More or less, if you've ever worked for Company A, coded something for them, found a very unique and exceptional way of, say, saving a compressed binary file, and you save that chunk of code for later use, and use it in free, GPL'd, software, then Company A has the right to sue you for violating their Intellectual Property. That, to me, is wrong. Even if the comments are the same. Even if the algorithm is the same.
Welcome to the grey area of black and white operating systems. What a terrible place to be.
Seeking to invalidate SCO's claims, ESR managed to round up 60 users who had access to SysV code. Is it going to be enough? BSD could claim that thousands of users had access to that code. If what ESR claims is true (SCO licencinc SysV to universities) than the whole case looks more and more like BSD (+Univ. of California) vs. USL case. Read IT
Great point. Also, weren't they GIVING their ancient linux away until very recently? It's hard to give something away then claim trade secret. Although I'm not sure that covers all their claims, as they tend to jump around a lot.
Similarly, I would bring up the old "If linux copied SMP from you, how come they're so much better at it?" routine. OpenLinux flat sucks, and that's all there is to it.
It's also fun to hear them interpret the GPL. They seem to think that, since IBM put their code into the GPL, that this prevents their code from actually BEING GPL'd...even if THEY release linux too! Something must be in the water in Utah.
-Looking for a job as a materials chemist or multivariat
I was under the distinct impression that IBM was phasing out AIX in favor of Linux over the next decade, which is one of the big reasons SCO was angry. I could be wrong.
This signature has Super Cow Powers
I can't help thinking that as of this writing SCO has a market cap of around $130 million and Red Hat has nearly $300 million in cash and investments. Even at an inflated price, Red Hat could afford to buy SCO and free up Unix once and for all. Live the dream.
And IBM could afford to do it and might even still have enough money to buy a G8 country. OK, that's an exaggeration, but if Red Hat could afford it, IBM certainly could. Apple could. And Microsoft could.
And this leads one to ask: why haven't they? If MS really thought SCO had a smoking gun to put straight through Linux's heart, don't you think they'd do it in a second? They're willing to dump millions on software licensing and lobbying not to lose to Linux in the public sector and large coroporate installations. A cool $130 Million that could knock Linux development flat for 5-10 years would be an easy investment for them.
But they don't do it. Very curious. So how compelling is that case again?
Tweet, tweet.
"[SCO] said that until the parties go to court, it doesn't want the Linux community to remove the code in question. SCO thinks it's more than changing a few lines of code."
I'd bet a all the money I have that if that "offending" code was revealed tonight we'd have it all rewritten by Monday morning. The Linux community is more angry about this than anything that has ever touched it. All that anger would be unleached in an orgy of coding the likes of which even God has not seen.
SCO is afraid the reason for thier lawsuit will vanish is they reveal their hand.
"[SCO] feels large chunks are derivative. It argued that even a full replacement would be in part based on the prior effort, and thus would itself be derivative, at least under the terms of the IBM contract."
Sorry. no. It'd be easy to get around this. You tell me what code infriges and I'll post the input and expected output from that code (without even revealing where the code is). Any programmer who independently writes code that meets those requirements has NOT infringed SCO's licences.
I doubt it. People are still happily buying Linux. People are still happily buying AIX, even though there is supposedly no valid license.
SCO: 60M in revenue last year, lost 25M.
IBM: 80B in revenue last year, GP of 30B.
IBM: Some of the *best* IP lawyers in the world (given their patent database, they've got good people to defend it).
Sorry, if Linux sales are threatened, they're at the tuppenny, ha'penny levels. Not on an enterprise scale.
49 20 68 61 76 65 20 74 6F 6F 20 6D 75 63 68 20 66 72 65 65 20 74 69 6D 65 2E
Same thing here, SCO is taking a very loose and general definition of derivative works. I doubt that any version of AIX is much of a derivative of SysV, then to go above and beyond that and try to call deriviatives of AIX technology SysV derivatives is legally interesting. This is a company that has never shipped anything remotely close to the technologies they are calling derivative. I think the courts will rule as expected in this case and the matter will be clear. I could understand if SCO was shipping something kind of Solaris like and IBM was taking AIX code derived from that solaris like platform and adding it to Linux. At best SCO owns something not that much more advanced than the OS project I did in college; in all seriousness it's closer to Yalnix and NachOS than it is to AIX. There probably isn't even a common data structure in it anymore.
Let's take this a little further. NT/2000/XP has BSD code and SysV code in it, both in the networking stack and in the POSIX layer. It has been radically altered and shares very little in common with the initial code but those were the starting points. Does that mean IE and DirectX and derivative works that SCO could in turn prevent MS from doing something like porting to MacOSX which is a product that competes with UNIX.
Like many libertarians, ESR is probably torn between allowing individuals to homestead in the realm of ideas and the counter-view which states that any form of copyright is a restriction on the property rights one has in physical property. Or it could just be that he's not as careful or pedantic as others (RMS, for example). I should note that I stopped reading Lawrence Lessig's latest book when I got to a line that stated he considered copying an entire book "stealing".
To me the most interesting quote was from Ian's article regarding software patents: "The software industry today survives only through an unstated agreement not to stir things up too much." Pretty much what this says is that we are in a twisty maze of passages, all alike-- and that the darker it gets the more likely we are to be eaten by a grue.
Copyright/patent madness as it relates to the less cut and dried aspects of fields like software (and music and movies) has us spending more time "clearing rights" than writing software (or music or movies). The innovation that the temporary monopoly granted by a copyright or patent is supposed to foster is nowhere to be found, except in those areas where those copyrights and patents are least enforced. If there is truly an unstated agreement to let sleeping dogs lie in the software industry, the minute someone (like SCO?) sets off the alarm, those dogs will awaken and bite us all.
The obvious things needed are: an end to software patents, a stricter limit on copyrights (especially for works that are primarily non-fiction in nature-- news reporting, software, etc), and more Free Software.
I do not have a signature
The article on Linuxjournal has been about the clearest article on the whole debacle I've seen yet. It says a number of things to me:
1.It takes someone involved with OSS to finally paint a somewhat clear picture of what this whole issue is about.
2.SCO seems to have some knowledge from the Monterrey project that IBM developers that were working there later became involved in Linux. To me this is perhaps the only real case SCO has got. They would have known who was developing on the IBM side and by scanning the Linux kernel mailing list might have seen those same names turn up. Hence SCO's case. However for SCO to actually prove anything beyond conjecture -which isn't admissible in court- will prove extremely difficult, as the author says. The presented code that SCO has been showing the NDA signees is possibly taken form Unix (SysV) or AIX but is very likely to be some sort of common use code that exists in just about every OS known. If the code is a ubiquitous as the author feels, then it is likely that the court will not rule in SCO's favour. That would be the death knell for SCO because it would open the doors for just about everyone on the earth to sue SCO for issues ranging from code theft to harrasment.
3.SCO is mainly creating a fog of war in order to frighten people, just as IBM is claiming.
4.I am less worried know than I was before I read the article.
The worst possible outcome, is that, with the current US government using the fear of terrorism weapon as an excuse to invade countries, ruin the economy, support corrupt corporations, that the court would in fact rule in SCO's favour. The outcome of that would almost certainly be that IBM will use it's patents to sue SCO on hundreds of accounts and will certainly appeal the case until it gets to the supreme court. I am pretty sure that SCO would eventually lose, but the damage to OSS in the USA would be done. The court procedings will have minimal effect outside the the USA. I am pretty sure that no European court will give any chance to SCO of winning a case against an OS that was origionally developed in Finland and is a major source of income in Germany (SuSE). It would be interesting in this case to see if a software split would occur, with software developement in the USA totally encumbered by legal issues, leaving only Microsoft able to peddle it's wares with success there, and OSS taking over outside the USA . Of course this is only conjecture and speculation.
I was shown a little of the copied code. Admittedly, I can't tell you what I saw, but I did form the opinion that it was not in the kernel proper. In all probability, the code is more important to Silicon Graphics' Altix servers than to average x86 Linux users.
Ugh.. Altix is Itanium (AKA ia64.) This sounds very much like the code I pointed out yesterday. (ate_utils.c in Linux -vs- malloc.c in versions of Unix up to at least System3)
A couple of things people have pointed out about why the example I found should be legit:
(1) It's in BSD... No, I'm no expert on BSD history but from what I've read the settlement happened between BSD 4.3 and 4.4. Anything prior to 4.4 probably doesn't count since the whole reason BSD won is that they had rewritten all of the code. BSD3 contains pretty much an exact copy of malloc.c from Sys3, but the version in 4.2 looks newer than the version SGI used. I'd assume it's even more different in BSD 4.3 and 4.4.
(2) The code is common knowledge. This same form of malloc has been around longer than the C language. This sounds good, but it's hard to believe the code was written independently. The comments, structure, and variable names seem a bit too much to be coincidence.
(3) Caldera released the code for all versions of Unix prior to and including Sys3 under a BSD-style license. This is definitely the best argument, but SGI didn't include a "(c)Caldera 2001" in the file. The dates in SGI's copyright statment in that file are also out of line with the date of the Caldera offer, and it's easy to show that ate_utils.c was around prior to 23 Jan 2002. (Check the 2.4.17 ia64 port on Kernel.org)
The real question is why would SGI use versions of malloc and free that trace their lineage all the way back to 1973 Bell Labs when there are untainted, free, and better written versions of these functions available.
There is more to Technologies developed by other companies as add-ons to SysV were incorporated into Linux. This is not copyright infringement at all, but violates contracts signed by the original parties. than just that.
To be specific, SCO is claiming that the addons are a "derivative work" of System V.
Consider the definition of "derivative work" found in Title 17 of the U.S. code:
A ''derivative work'' is a work based upon one or more preexisting works, such as a translation, musical arrangement, dramatization, fictionalization, motion picture version, sound recording, art reproduction, abridgment, condensation, or any other form in which a work may be recast, transformed, or adapted. A work consisting of editorial revisions, annotations, elaborations, or other modifications which, as a whole, represent an original work of authorship, is a ''derivative work''.
From this definition it appears that for something to be a "derivative work" it would need to be substantially the same overall work as the original work.
In other words, a "derivative work" of an operating system would itself be an operating system or something functioning largely as an operating system. Or it could be code copied from the original operating system into another operating system.
The original work is still there in some form as a part of the derivative work.
In this case, the RCU code developed by Sequent, the JFS code regardless of whether it is the original AIX version or the original OS/2 version, and any other code developed directly by IBM, Sequent, or other sources apart from AT&T/Novell/SCO are not by themselves derivative works because they do not embody anything close to the original work.
They are not a recasting, a transformation, or an adaptation of the original work.
They are not derived from the original work.
They do not embody the original work.
They do not contain the original work or elements of the original work.
They are not revisions of the original work.
They are the modifications that can be applied to the original work to produce a derivative work.
SCO's definition of "derivative work" does not match up at all with any notion I hold about what is and what is not a derivative work.
Remember - this weeks version of SCOs complaint is a contract matter between SCO and IBM. Copyright is NOT the issue. The code is not the issue. Linux is not the issue. The code is a blind.
/usr/src/uts/uts for all to see.
What SCO want to do is invalidate all existing Unix licenses so that all Unix rights revert to SCO. By then arguing that ALL Unix-like code is a derivative work they will claim that all unix-like code, no matter who wrote it, is actually SCOs.
By this means SCO hopes to profit from the work of hundreds of thousands of coders who worked for no pay on the original AT&T Unix, BSD Unix, Linux etc as well as all the commercial developement done by IBM, HP, SGI etc etc.
But SCOs entire argument is based on the "trade secret" that is the Unix sources. If anyone can show that SCO and previous owners of the rights to Unix sources have NOT taken care of their trade secret, SCO has NO case whatsoever. This is what ESR is doing right now by gathering evidence that Unix source code was widely available to people who did not sign any NDA at the time.
Fortunately, it's almost trival to discover evidence that Unix code has been widely available during the 1990s. Many commercial releases of Unix back then included source. For example, Amdahls UTS was a Unix for the IBM390 including multiprocessor support that was distributed widely with the sources in
BTW I suspect that it was Fujitsu, not SUN, that was the other big unix company that recently bought a license from SCO...
After all, as the author points out, pretty much everything in current software is a derivative of what's gone earlier.
Using this argument, surely:
- Perl is derived from C, sed, awk, etc.
- Ada (design commissioned by US DoD, no less) is derived from Pascal, Algol and many others
- virtually every procedural language is derived from Algol
- MS Windows and the Mac UI are derived from X Windows and/or Xerox PARC's work (not 100% sure about the sequence of these, but the point still stands if the list has to be reordered)
- (add other examples till you get tired of it)
My point is that this is an entire industry built on "standing on the shoulders of giants". Nobody, *nobody* creates anything entirely from scratch.
Ridiculous derivations aside, I'd have thought that if SCO's (re-)definition of "derivative works" stands up, then surely all x86-based servers would be derived from IBM's original PC. After all, that's tangible hardware you can put your hands on such that a relative layman could see obvious derivations, not a bunch of lines of code where any proof of illegal copying is going to depend on accepting CVS-type logs as solid evidence. If the US legal system holds this to be true, then that could be used to kill off all non-IBM x86 hardware development since the early 1980s.
God forbid that Ada Lovelace's (frequently credited as "the first programmer") descendants read this rubbish and call their lawyers for a chat...
So, could SCO be saying that anything written in C or C++ or... wait, how about C#, is also a derivative work of Unix.
In that case, why stop there, you can pretty much sue everybody under that assumption.
I think, just like the author has mentioned, they cannot really get a decent case against Linux. All we have to do is a source compare on one of those old Caldera distros. And if it turns out there - well, SCO has distributed the source code themselves... Did people actually use caldera?
And since they are claiming that JFS and SMP and other components contributed to Linux by IBM are coming from AIX, that remains just an assumption. Do they have a source for AIX? Of course they don't, i hope they don't. Good luck proving that one, buddy!
Goot times!