Slashdot Mirror
IBM Points Out SCO's GPL Software Distribution
An anonymous reader writes "Cnet is reporting that IBM has launched a counterstrike against SCO Group's attack on Linux users, arguing that SCO's demands for Unix license payments are undermined by its earlier shipment of an open-source Linux product." JayJay.br points out a similar but more colorful article on The Register "in which SCO says that 'SCO-Caldera does not own the copyrights to JFS (Journaling File System), RCU (Read, Copy, and Update), NUMA (Non-uniform Memory Access) software, and other IBM-developed AIX code that IBM contributed to the Linux kernel.' Gee, now that I was almost buying their license ..."
So does this mean that as long as you use Caldera or SCO or whoever's distro of Linux, you have the Top-Secret Stolen Code under a Proper License and you're safe from the supposedly Harsh Penalties Of Law for using Top-Secret Stolen Code?
I swear, this is getting more and more like threatening to sue the readers of a newspaper because it contained an AP story that wasn't properly credited.
"IBM really took their time to get things done."
A wise decision on their part.
Rather than leap into the fray, FUD cannons firing full effect, they likely took the time to research things a bit.
The end result?
IBM doesn't end up looking the fool, as SCO has.
It's what Slashdot pundits have been saying all along: SCO's shipment of a Linux distribution undermines its demands for Unix license payments. Nothing new here for the well-informed Slashdot reader.
SCO counters with the expected: they didn't contribute the code knowingly, and thus the code was never officially released under the GPL.
20 mil and I will! Learn Esperanto with 20M others.
That's essentially where SCO started this whole thing from -- before certain executives started shooting their mouths.
The core issues is still a big hissy fit over the failed Monterey AIX-UnixWare unification project, and you're right that nobody here has the details.
SCO can not distribute their proprietary code linked with GPL code, because it would be illegal under the GPL. So if they claim they can, SCO, and by the SCOian logic, all SCOs customers are liable for a class action lawsuit from everybody that has ever contributed to those OSS projects. Sounds like cannon fodder for some counter-FUD, not to mention a countersuit to me.
Kjella
Live today, because you never know what tomorrow brings
One the one hand, we all know that SCO is full of crap, and this will help formalize it.
On the other hand, this will provide an enormous amount of ammunition to groups who think the GPL is viral by nature.
Im not saying its true... but spin factories will not have a hard time extolling the deviousness of the GPL in respect to SCO, the GPL just wandered up on poor unsuspecting SCO and stole SCO IP.
Of course, the argument is bull, but try and convince a CEO/CIO/COO of that. Unfortunately, a lot of CTOs may miss the boat too.
A few weeks back, I honestly expected the following to happen:...- new code gets quietly released for functions A, F, H and Z in the kernel, gets exhaustively tested by several key Linux people and very quickly appears in the next kernel release
i am amazed at the number of folk who simply assume the claims of sco are accurate, that there is unlawful code in the linux kernel. could it be that the above has not happened precisely because there is no offending code to replace?!
Life is short; think quickly.
Meanwhile, SCO says that the GPL is barely viral at all, not even worthy of a runny nose. That's because they linked their code to a bunch of GPL'd software, but they say that they can ignore the license because "hey, we didn't really mean it". In fact, the GPL must be so unviral that SCO can still distribute this code from their FTP site.
It will be interesting to see if any court buys both of these arguments at the same time.
If you have a business where you essentially own System V; where in fact, the only thing you have of value is System V, and you release Unix-like code under GPL, it seems to me you'd better understand what you're releasing!
What I mean is that the GPL in this case had the possibility of unique harm to SCO (a 1st year legal student could see that), and yet they (a) encouraged their own employees to work on a GPL project (b) released a version of the GPL OS themselves.
It seems a bit disingenuous to say "I am an operating system company, but I didn't know what I was releasing".
They're either stupid or lying. In either case, it appears to be that they lost their unique ability to distribute the moment they distributed Linux.
How can an Operating System company claim ignorance of the copyright within an operating system they sold? Its inexplicable. It goes beyond the boundary of veracity. Or, like I said earlier, they're a bunch of yahoo's that have no idea of what they're doing.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
How can they not know about this? They are distributing the supposedly infringing version of Linux as I type this. Regardless of what they may or may not have known in the past, they certainly do know that whatever code they believe they own is in Linux right now, yet they continue to distribute it in blatant violation of the license.
they are _STILL_ distributing it, it would be another thing if they had stopped distributing it.
right now, on this day, several months after it this crap started, still it's on their ftp, with gpl attached.
you don't say to a judge that you didn't know your cars breaks were failing six months after it failed the inspection because of the brakes and you kept driving it anyways, "sorry sir, i didn't know they were faulty, even though i must have known!"..
and licensing binary only running of linuxes is just sick (paying for nothing, except for the privilidge of doing a contract with these jolly sue maniacs), and has no point at this phase of the legal progress anyways.
anyways, now they're claiming theres entire files in there, but at the same time they're claiming they belong copyright-wise to ibm.. so.. actually i don't have any idea anymore theres so much of this crapfud around, how on earth can they be ibm written and at the same time line by line copied from sco's unix base? or are they trying to say that their contract with ibm forces ibm not to do any research on their own on the same fields they have licensed from sco(seperate developer groups and all included)?
world was created 5 seconds before this post as it is.
Even so, the guy still walked out from SCO with some intimation of what the code actually was. Assuming it didn't look ridiculously generic and therefore likely to be produced by 2 people working on the same problem at the same time, it would have some defining characteristics that a grep through the source would probably find pretty quickly.
If it's in an old version of the kernel, then it may just take a bit longer to grep for it.
I'm not talking about something as gruesome as a SCO copyright message, but you'd think there would be some aspect of the code that would remain in the guy's mind when he left SCO.
Furthermore, I can't believe the individuals who signed the NDA were that disinterested that they didn't do exactly this. I know *I* would have done so, if only to satisfy my own curiosity.
Assume just one of these people did this, and now has concrete proof (if only in their own mind) as to whether SCO is talking out of their arse or not. Would that person not be inclined to find a way to make this information public, via whatever obfuscation process was required to ensure their identity was untraceable? I mean, these guys were picked because of their kernel and/or coding knowledge; surely they could make a few discreet enquiries about anonymous mail relays and how to use them...
I'm not encouraging these guys to flout SCOs NDA; I'm just surprised that it hasn't occurred through "osmosis" as normally happens with NDAs, and there's not a general feeling among OSS people that the problem has gone away if it actually ever existed.
For a while, many people have been speculating that SCO-Caldera is looking to get bought out. The usual assumption is that the purchasing party would be IBM....
I present to you, gentle reader, another possibility. One that has the purchaser as not IBM, but Microsoft... think about it for a bit.. MS buys a SCO license at the first possible minute (more or less), then later starts openly postulating similar things as SCO...
Deep pockets vs. deep pockets... who will win?...
And you thought the DOJ vs MS was a long trial...
"Distributing a product is not the same as contributing to a product," Stowell said Friday. In other words, the mere act of distributing GPL-covered code isn't sufficient; the copyright holder also has to deliberately release the code as open-source, he said. "The copyright holder has to knowingly contribute this code." --from the first article linked above
So, to summarize, SCO didn't pay attention to the product they were distributing, and accidentally released source code under a license that they should not have. Isn't this exactly what they accuse IBM and Linus of doing, of not paying attention and violating someone's IP rights in the process?
The great thing about it is that IBM and Linus' "victim" is SCO, and SCO's victim is SCO!
If only every other Linux competitor were so self defeating...
IANAL ... whee ... so this is my own opinion, only.
SCO's defense with regard to GPL provisions applying to their distribution is the Linux community's defense. SCO is claiming that there is a distinction between merely distributing a copy of Linux versus actually incorporating their own code into it. In theory, I presume, this means they were unaware that code they claim is their intellectual property was already in the Linux kernel. So, by being unaware of it, they were not actually performing the act of contribution. If it can be shown that they were aware, that argument could vaporize. But left to stand, it could be valid (presuming it is also proven that code in Linux is in fact their property).
By basing their defense on being unaware of the existance of (supposedly their own) property in the Linux source, they are also handing the Linux community the same defense. If in fact there is SCO property in Linux, then everyone who was unaware of it can also claim like innocence on that same basis. Only those who knowingly or negligently placed any SCO property in Linux (if this did in fact happen) would be unable to use SCO's own defense.
To whatever extent SCO claims that anyone who was unaware of the existance of the property they claim is in Linux is liable, then SCO itself is liable for the GPL provisions despite their own lack of awareness. So watch the cards they play and follow suit.
now we need to go OSS in diesel cars
We should call SCO's bluff. They say "you have to buy our license because we own a bunch of code in Linux."
Let's tell them we will buy their licenses but only if each license has a provision that if a court finds that Linux didn't steal any code, then they will give us a full refund plus pay a penalty.
If they really think they own the code they would agree to this. What do you bet they would refuse to do it, and that would reveal they know it is all a scam.
How could they claim they did not know their code was in it when the source is viewable? I can hear the judge and jury laughing even now.
SCO will be forced to choose between:
1. Claiming that there's SCO copyrighted code in the Linux kernel that they say they don't consent to be licensed under the GPL, which means: a) they're committing fraudulent and deceptive behavior by misrepresenting that the code they're distributing is completely under the GPL when it isn't, and b) they're infringing on the rights of the copyright owners of the kernel code since they're knowingly mixing in non-GPL code, a direct violation of the GPL.
and
2. The only way they can avoid committing fraud and violating copyright law is to distribute ALL the code in the kernel under the GPL, which means they forfeit any ability to collect royalties.
SCO should be deathly afraid of being sued if they choose #1 because they don't even have the money to stay alive for all the years it will take to fight the IBM lawsuit, so I don't see that they have any choice except #2, unless they don't care about the destruction of their company.
Either way, SCO is almost certainly screwed.
Most of the original 32bit PPC support was done by Apple, not IBM (for MKLinux). So how can SCO claim that one.
Look at the size of the file. It cannot be
the whole kernel source, only patches.
Ironicly, if SCO prevails with their copyright
extremist view against IBM, then even distributing
these patches would be as damaging as the
whole kernel because of "derivitave works".
Copyright is a unique failing of our democracy,
because it is the pet issue of the media.
That is why our founding fathers created a
constitution and explicitly required the promotion
of the useful arts and a time limit. Too
bad it failed.
Had software existed back then, I am sure they
would have included a clause denying copyright
to secret works (the code of closed source code).
It's their apparent inaction that makes me think they're really serious about kicking SCO's ass.
Think about it. SCO, who's full of shit, is whining loudly and spreading as much FUD as it can, trying to scare Linux users and IBM's customers. IBM is sitting back, smug, waiting for its day in court, and quietly reassuring its customers. They're walking softly, which makes me think they're the ones with the big stick.
Now if IBM lowered itself to SCO's level, trying to win in the court of public opinion, then I'd be worried.
Anyone who loves or hates any language, platform, or manufacturer, doesn't know what they're talking about.
Derive is definitely the word here, according to my dictionary it is "to draw or be drawn (from) in source or origin".
Linux in its self is probably safe here as the Santa Cruz Organisation never seeked to use litigation against Linux.
JFS, NUMA and RCU from a technical point of view are just add-on's to a system. JFS itself coming from OS/2 (OS/2 derived from Sytem V?). NUMA was obtained when IBM purchased Sequent and RCU is just a method of multual exclusion that speeds up locking for systems with lots of CPU's. None of these are derived from System V, they are just "features" bolted onto AIX/Linux/Kitchen sink OS.
Regardless of JFS, NUMA and RCU, AIX may be a derivative of System V but that does n't mean that any new technology they add is automatically owned by SCO unless there is some kind of contract that states that(Project Monterey?). When contributing to Linux IBM where very careful not to contribute anything directly from AIX hence JFS code was from OS/2 and not AIX.
To use derive in this sense would be like me saying two totally different cars can be a derivitive of another by sharing the same spoiler.
And when the IBM lawyers finally do get around to doing something, you can bet they know exactly where they stand legally, and exactly how to crush a little pipsqueek like SCO.
Grab some popcorn, this should be fun to watch!
-- Will program for bandwidth
In essence, SCO has admitted that they don't really have *any* copyright case and that Linux intellectual property is all above board. They can still accuse IBM of breach of contract, but I really don't think any of us have the details on what the contracts stated.
After reading the article a couple of times, I think what SCO is saying is, even though they don't own the copyright to JFS, NUMA, and RCU, those features are part of AIX/Unix. Therefore they are trade secrets under IBM's contract with SCO and simply adding those features to Linux is a contract violation, even if IBM owns the copyright.
It seems like the technically legal, but morally reprehensible argument I would expect from SCO.
// TODO: fix sig
The lawsuit against IBM doesn't even start until April 2005. Lawsuit will take years. FUD money from sunw and msft will be gone by 2003. Sales at SCO are going from abysmal to worse. SCO has been *gushing* red ink since day one.
So what is scox going to do to pay the bills? I suppose scox can become a shell company, and exist only for the one-in-a-million chance that IBM will settle or something.
Makes me wonder how scox will get 15% of the market for web-tools, considering scox can't afford R&D. Even if scox could afford R&D, nobody would buy from scox.
Wow, what a bright future. No wonder SCO shares have gone from under $1 a share to over $13 a share.
IBM has been very careful in the contracts it signed, making careful distinction between ATT Unix and IBM's own contributions. Not all Unix licensees were as careful, possibly including Sequent. The question is, if Sequent's possibly incautious contract would have kept them from contributing their inventions to Linux, would that contract bind IBM, too? Would it prevent the inventions' new owner from releasing them unencumbered? Or, do IBM's own contracts with (the shell that is now) SCO subsume Sequent's?
Indeed, heavy weaponry takes longer to wheel into position, so you do so when it's impact is worth it.
If IBM were to make AIX open source - that is, make the AIX kernel, which included and depended on SysV code to function, open source, then they would indeed be in breach of their UNIX license.
AIX, as an OS kernel which includes Sys V code, is indeed a derivative work.
However, to claim that any SysV-derived UNIX cannot and has not received IP contributions from existing projects, which themselves are not licensed under the terms of the AT&T/Novell license, and as such distributing these works independently is illegal, is ludicrous.
Like, stunningly, incredibly ludicrous. In fact, I would say such a licensing agreement violates anti-trust laws, and would be ruled illegal and unenforceable, possibly rendering the entire contract void.
Free/Open/NetBSD cannot legally exist with this interpretation of 'derivative work', because they include code that was once linked with SysV code.
According to SCO, it doesn't matter if the BSD people own the copyright to every line of code, because it was once linked with SysV code, and hence is a derivative work.As such, they may not disclose it
This is quite clearly not the situation.
To claim that any IP placed in any SysV-derived UNIX strips the copyright-holder of that work's right to redistribute the original work under any license they see fit is absurd.
Are they really trying to say that because the text of the BSD license is included in SysV that nobody may distribute the text of the BSD license because it is covered by AT&T licensing agreements, and must be kept secret?
I gots ta ding a ding dang my dang a long ling long
So how much is this piracy worth. Lets take the man hours involved in creating the product as it stands and multiply it by the average cost of a developer. This will give us a per unit cost X. Then we need to multiply it by the number of people who have sourced the product from SCO and then also the number of people that they passed the code onto. Then we will have our damages figure and then we (not me I'm not a US citizen) should report the blatent crime to the FBI and let them persue it as they said they would ( as long as the damages are sufficient enough )
Additionally we should report this blatent piracy to software industry watchdogs such as the BSA and FAST
As the whole industry knows Piracy is a Bad Thing TM they should be keen to act. :)
Torvalds admittedly makes no checks himself.
Because it is impossible to check. When somebody come with a piece of code, and say they wrote it, how would you check?
Do you care about the security of your wireless mouse?
The issue is that they are still offering it now, months later, knowing that the code is in place.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
lol, I could have modded you down but I'll comment instead..
You obviously haven't been keeping up with things. SCO/Caldera knew very well that IBM was putting these things in the kernel as early as 2000. They released OpenLinux 4 ranting and raving about the same features you now see them saying were illegally contributed. How can they claim they didn't know when one of the listed features of OpenLinux is JFS?
The thing, though, is that *if* the copyrights are not SCOs in any way, shape or form, they have no grounds for going after end users. My understanding is if a trade secret gets out the game's over. SCO can sue IBM for leaking the information, but they can't then go after users for using said code.
True, but at this time the only actual lawsuit is against IBM. Everything else is just McBride's verbal diarria.
// TODO: fix sig
Well, we are just a big bunch of babies, now aren't we.
You see, we got a bit too used to instant gratifaction. We want our lawsuits to resemble the "Springer" show. Well, too bad.
Real companies like IBM - (by real, I mean companies that actually produce goods - not just IP holding lawsuit kings) do things in a more thoughtout manner.
While this is the defense that the open source community collaborated on first, IBM still needed to seek evidence and build a case, and then - using its teams of lawyers and retired judges, try the case. This is alpha testing for lawsuits.
And, well, the defense we all knew was perfect is perfect. And the additional evidence coming forth about Caldera employees inserting lines of code in the kernal only strengthens their argument: it would show that SCO's release of IP into GPL was no accident.
Don't forgot to contact the SEC! Sign your complaint about SCO's use shaky evidence to bolster its sagging stock price! This is all it ever was about to begin with! A quick buck for a dying firm!
Probably because they know SCO has no leg to stand on, on this case. Probably SCO knows this too. The real issue is to lure IBM into saying or doing something that IS likely to result in profitable litigation. IANAL so I don't know what this COULD be, but I suspect it's part of the strategy. Maybe not a $100M suit but a nice little $10M deal that could breathe new life in to their company.
IBM probably just wants to keep as quiet as they can,without losing business and watch SCO die.
The concession that IBM holds those copyrights is more important than SCO wants you to think. It may not hurt their case against IBM (as they keep saying that's a contract case), but it does two important things:
1) It ends the argument of "we, SCO, the copyright holders, didn't put the code under GPL", because SCO isn't the copyright holder.
2) It ends any possible liability on the part of Linux end users, because they are not a party to the contract in dispute.
Thank you for playing.
A "major distribution vendor" can be expected to know the source code, but keep in mind that the people involved in this type of work (Linux experts) are probably not the same employees who worked originally on the SCO UNIX pieces which are claimed to be in violation. Companies consist of sometimes hundreds or thousands of employees who have specialized roles and probably work in different geographical offices with little communication. Again, the burden of the crime, if any, is on the original violator. In SCO's case, they likely exercised due diligence as a Linux distributor by selling an adequate package of Linux (which isn't warranted anyway). The concept of due diligence implies a reasonable level of care in performing one's functions, but it is not the job of any entity to verify that they are not being cheated in extremely subtle ways.
Now, if SCO can be proved to have knowingly released their proprietary code under GPL, then certainly that would greatly weaken their case. But you and I don't know the details of the case, the internals of either company, nor the lines of code in question, so let's not jump to conclusions, eh?