Slashdot Mirror
SCO: Code Proof Analyzed, Linus Interviewed
Arker writes "Bruce Perens has now obtained a copy of the entire slide show from which the recently scrutinized SCO-related Linux code excerpts came, and has analyzed the remainder of the 'evidence' they presented there. Their other code exhibit turns out to have been the venerable Berkeley Packet Filter(!), and their revised line-counts are consistent with simply adding together all the lines of code that have been contributed by Unix licensees." Also, Iphtashu Fitz writes "A new interview with Linus Torvalds has been posted on eWeek.com. In it he slams SCO over the recently leaked source code. Among other things, he points out in the interview that some of the code in question has been removed from the 2.6 kernel ['because developers complained about how "ugly" it was'] before SCO even started complaining."
let the major media outlets catch on to this.
Karma: The shiznight, mostly because I am the Drizzle.
eWeek: For its part though, SCO has said that there are so many lines of code, and a variety of applications and devices that use that code, that simply removing the offending code would not be technically feasible or possible and would not solve the problem. Do you agree?
Torvalds: "They are smoking crack"
---
You gotta love Linus. It's not just that he speaks his mind, it's that he's just cavalier about what he says.
On a serious note, I'd like to see some the guys involved with SMP or JFS or NUMA get together and *sue SCO.* Tell them they want a cut of any license they collect on unless they can PROVE they aren't claiming ownership of parts of their GPL/BSD contributed code.
I actually mentioned this in my submission, but it got cut out.
The 'SCO' slide of their 'own' code shows the Berkley Packet Filter. The Linux code they showed, they claim is an 'obfuscated copy' but it is in fact a well documented clean implementation written from the published spec. The interesting issue is that SCO seems to be under the misapprehension that the BFP is their own code to begin with - that seems to imply that they illegally stripped a copyright notice somewhere along the way.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
First SCO said they weren't going to show the code because they had to "protect their secrets" -- those secrets being the copyrighted code itself.
.c file written by anyone at Sun, SGI, H-P, IBM, Sequent, Cray or any other licensee belongs to them.
Then they went on extortion trips to Japan and around the U.S. Neither panned out, with major companies like Oracle, Fujitsu, Mitsubishi and H-P calling their bluff. Accusations without proof are meaningless.
They showed code snippets under super-tight NDAs, mostly to non-geeks, who promptly said "yep, they look the same". Of COURSE they looked the same! Would SCO show code that doesn't match? The fact that it was all out of context didn't seem to matter.
When THAT didn't convince anyone, they started showing bits of code without an NDA -- and the rest of the world found out why IBM, Oracle, Fujitsu, et. al. isn't afraid and why SCO was so reluctant to show the code in the first place.
SCO is clueless. They have no idea what they own and what they don't. They don't know what they, as Caldera and SCO, gave away and what they "borrowed" from others for their own. They simply assume that any
Somebody just did a "diff" between the SCO source and a Linux kernel and went off from there.
Just watching them escalate the claims day after day gives a clue. First it is dozens of lines, then hundreds, then thousands, and now MILLIONS!
The truth is SCO probably had NO intention of this getting to the discovery phase -- they were hoping for a settlement or buyout before all this came to light.
They are quite desparate now.
Damn! I wish I bought SCOX back in November.
Learning HOW to think is more important than learning WHAT to think.
While this still seems like a pump and dump for SCO's execs, the biggest danger here is that SCO lands itself in the courtroom with a stupid and/or tech ignorant judge who will agree with their baseless, stupid claim that they own this code.
It may be one heck of a long shot for them, but dumber rulings have been made before.
Suddenly SCO not only owns Linux, but that could also qualify them as owning BSD as well as anything that even closely resembles UNIX in one way or another. They might even be able to lay claim to parts of every operating system out there so long as that OS borrowed concepts from UNIX (or BSD, Linux, etc.) Doesn't Windows have code copied from BSD too? Or maybe that is what Microsoft "lisenced" already...
"You spoony bard!" -Tellah
The Caldera license Parens cites as allowing the use of code in Linux does no such thing, according the FSF. It is similar to the original BSD license, which is NOT GPL-compatible, according to FSF, because of the advertising clause.
Whatever for?
If it's to help develop a competing approach to solving a problem, I'm all for it: whichever one winds up proving to be best at solving the problem should be the one adopted, even if it's the other camp's solution.
But dumping the BSD code just to be "unique" is silly.
With respect to this SCO nonsense, the only thing I care about is whether or not the origins of the contributed code can be traced. If a piece of code winds up in, say, FreeBSD, I expect they have checked its source as thoroughly as the Linux maintainers would for any code contributed directly to Linux. In short, I see little reason to discriminate between the two.
Finally, if a piece of code winds up in either distribution that shouldn't, then it's a moderately simple matter of pulling the code and rewriting it if necessary if it's found that the contributer who donated the code did so without proper authorization. One would hope that a court would find the action of such removal and rewriting in the face of accidental infringement to be sufficient remedial action once the infringing code is revealed. But this is the U.S. legal system we're talking about here, and it seems to be so screwed up that I can't dismiss the possibility that it would rule heavily against an accidental infringer. In fact, things seem bad enough that I have to consider such a situation to be likely.
Sigh...
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
IBM is COUNTERsuing SCO. I'm talking about straight up suits that aren't in response to SCO stirring up the shit. Out of the blue ones that says "Hey assholes, *I* wrote some of that code you're claiming ownship of, so let me see some of that cash."
I just called them and it was pretty simple. I explained that I was calling and wanting them to investigate SCO because of the aforementioned issues and the guy was like "yeah, I've gotten a lot of these." So it seems like slashdotters are doing something. Or at least someone is.
This is my digital signature. 10011011001
If SCO can simply assert that your Linux is infringing, despite the clear refutation of their "evidence", what's preventing the Linux user from just asserting their "Linux" is non-infringing?
Like in response to a SCO letter: "Our 'Linux' is a non-infringing custom build. Goodbye."
The burden of proof lies with them, doesn't it? How would they go about proving otherwise, assuming there's even anything there to prove?
~ Whence do you come, slayer of men, or where are you going, conqueror of space?
Perhaps he's just now realizing how rock solid his case is. When SCO comes out with code that he wrote himself, he can point and laugh at them with no excuse needed. Basically he's fearless.
This is my digital signature. 10011011001
" It probably still works, doesn't have capacitors that blew out"
Umm, remember this story from the start of the year?.
We had a number of IBM boards fritz with deformed, malfunctioning capacitors.
Having said that IBM were very professional in coming out quickly and changing the boards free of charge.
Your point is valid but your example spectacularly poor.
'There is a Light that never goes out.'
I tried to sue a company that was, in my view, in blatant violation of copyright law awhile back.
A company by the name of Head Games Publishing had downloaded a couple hundred Quake levels that had been created by a number of gamers, stripped their copyright notices, burned up a bunch of CDs with the levels and sold it as their own. The question that the lawyers kept asking me was "How much money did you lose as a result of their violating your copyright?" Because my primary objective in enforcing my copyright was to insure that anyone could download and enjoy my levels free of charge, I couldn't really name a dollar amount.
This apparently made it difficult to sue. I had $10,000 of my own money that I was willing to spend on this, and I could not convince the attorneys at Lane Powell Spears Luberski in Seattle to take the case. The impression that I came away with was that because of the lack of money involved with keeping the intellectual property "free", they didn't think that I (or they) would get anything out of winning the suit, and they weren't willing to take my paltry 10 grand to demonstrate that to me, which I guess I appreciate.
The situation that I was in may be similar to the SCO/JFS situation. Individual copyright owners of the JFS could have as much difficulty suing SCO as I had trying to enforce copyright ownership of intellectual property that I wanted to make freely available under a particular license.
Okay, there are plenty of comments analyzing the code in SCO's slide show. Let's have a look at the legal argument.
Slides 3, 4, and 5 document SCO's contract with Novell to acquire Unix IP. I don't see anything funny there.
The funny part is on slides 6 and 7. Slide 6 contains excerpts of the AT&T License Agreement with IBM. Slide 7 contains more excerpts from the AT&T License Agreement with IBM, except that "AT&T" is changed to SCO in one place.
However, this is just the Licensing Agreement. This just the contract that allows IBM to use AT&T Unix within its organization.
Beyond this contract, IBM also has a Sub-Licensing Agreement. The sub-licensing agreement allows IBM to sell Unix products to its customers. SCO's presentation does not talk about the sub-licensing agreement at all, but this agreement is one of the contracts filed with the Court.
To draw an analogy: the License Agreement is like the agreement that lets you run Windows on your PC. The Sub-License Agreement is like the contract that lets Dell sell Windows to other people. SCO's presentation quotes the License Agreement, and says that license prohibits IBM from distributing code. But SCO's presentation ignores the Sub-License Agreement, which allows IBM to sell UNIX to its customers.
On top of that, IBM has a third agreement with AT&T which grants IBM additional rights on top of the Sub-Licensing Agreement. The third agreement explicitly states:
2. Regarding section 2.01, we agree that modifications and derivative works prepared by or for you are owned by you.
7.06(a) Nothing in this agreement shall prevent LICENSEE from developing or marketing products or services employing ideas, concepts, know-how or techniques related to data processing embodied in SOFTWARE PRODUTCS subject to this Agreement, provided that LICENSEE shall not copy any code from such SOFTWARE PRODUCTS into any such product or in connection with any such service and employees of LICENSEE shall not refer to the physical documents and materials comprising SOFTWARE PRODUCTS subject to this Agreement when they are developing any such products or service or providing any such service.
You can read the contracts for yourself. They are Exhibit A, Exhibit B, and Exhibit C at SCO Lawsuit Documents.
So IBM has an explicit right for their engineers who have worked on the UNIX source code use ideas, concepts, know-how, or techniques in other IBM products. IBM paid good money for this right from the lawful copyright holders. (This may explain why SCO is attacking the Sequent contributions, because Sequent doesn't have as much rights in its contract as IBM has in theirs).
This brings us to Slide #22, where an IBM engineer posts information about his experience with scalability in AIX. Under section 7.06(a) above, IBM has the explicit right to disseminate such information about Unix (let alone IBM's rights to talk about property which is purely theirs, such as JFS).
SCO knows this. SCO filed these contracts with the Court (accessible through Pacer) and SCO also published these contracts on their web site.
I would love for reporters to dig into the actual exhibits and ask questions based on the exhibits. Just hit the SCO Lawsuit Documents link above and read the exhibits.
From the slides:
Multi-processor capabilities requires extremely high fault tolerances. Multi-processor memories requires "locking" at a fraction of a millisecond. These developments, among others, could not have been accomplished in a compressed time period without direct access to 25 years of UNIX development expertise and use of state-of-the-art Unix development labs.
They're saying that the jump from 2.2 to 2.6 an "Improbable Linux Development Path". For me, a non-kernel hacker, can someone explain why this particular point isn't true? Or do you have to pull from many examples in order to prove otherwise?
A programmer is a machine for converting coffee into code.
Also Tanebaum wrote a book and Linus bought it and asked him to sign it about a decade after the debate broke out. He refused and was still angy with him! Linus was dumbfounded.
Linus is not an angry or ego driven person. Its not in his personality. He even decided to get involved in the drm debate only after he was forced to take a stand. His stand was, I don't care and will not impose my views on anyone else. To do so would destroy the spirit of Linux itself. If anyone wants drm let them add it as a kernel module. Its their choice.
RMS even called Linus only an engineer and not an advocate.
Only one time I have ever seen him angry. That was from someone demanding again and again to add his patch to the kernel. He finally got angry and told the reasons why he would not accept the patch and he would ignore this person further unless the patch was accepted by more distro's and users.
My guess is he hates nonesense and wants this nightmare to end. Also his job could be on the line if SCO files an injunction to close kernel.org. If Linus can't share his tree then OSDL will have nothing for him to do and will probably can him.
http://saveie6.com/
Process should go like this.
Send a cease and desist letter explaining that you have Copyright to code that is being shipped by SCO and that given they have publically violated the terms of this license and that you demand them to stop shipping any further products. Lift the wording directly off pertinent parts of their own legal documents against IBM.
a) Don't explain what the violating code is. (that comes in a subsequent letter - if it ever gets there.) Make sure however that they HAVE shipped any product with your code.
b) Request damages. Take the working directly off pertinent parts of their public demands on companies using Linux products. Don't justify it but make it so you could argue in front of a Judge with a straight face. (remeber that RIAA is suing downloaders minimum $750 for $1 songs and up to $150,000 PER SONG so you don't need to dilly dally too much to justify 6 or 7 digit figures - or even 9 digit figues if you take their own example against IBM.)
c) Place a time frame in which they must respond by and make it very clear what you think they must do (stop shipping all products - because they all infringe by .. (give them the exact same time frame they gave IBM - to the day).
Cite relevant copyright law.
Make the letter as official looking as possible. If you have a brother in law who's an attourny, see if you could somehow have it sent by that office, just to add some pepper.
Send it FedEx next day air and have it signed for.
Wait the appropriate time.
2 thing could happen -
1) they may (likely) not respond at all. If this happens you should send another letter indicating that their lack of response now forces you to take legal action and that they now have xx days to respond before you WILL take steps for legal action and that you will also be suing for costs and injunctive relief.
2) They do respond. It will likely be a brush off. "We own yadda yadda ..", that's fine, they just gave you evidence for your court hearing. They acknowledged they got your letter, they dismiss all claims against them which you can now in turn use against them in exactly the same way as they used against Linux - ooh spooky. At this time you send another letter refuting all their claims (especially any asking for evidence unless they sign a really onerous NDA) and threaten to subpoena all their code to validate your claim.
Now is where you give them some breathing room. Tell them if they are prepared to:
Remove the company officers ... maybe
Renounce all this nonsense they have said.
That you would be prepared to negotiate a nominal settlement. Basically you need to seem to be preparing a case making it look like you're a reasonable person. You really DONT want to file legal action just yet. The response (if any) you get from this letter will be more ammo for you case.
NOW you're ready to file.
For starters, this is where you really need to talk to an attorney and do lots and lots of research. Talk to a number of attorneys, take the letter with you. Most attorneys would love to spend a few minutes chewing the fat on somthing like this. Go to a legal library, find relevant cases etc and file the papers yourself. If their smart, the first thing that SCO will do is ask to settle because legally you are right. But since smart cells are in short supply at SCO nowadays you may find youself dragged into a nasty counter-suit. If you and 1000 others actually get this far you can consider that you have already won. There is NO way a company like SCO would ever be able to pay the costs of dealing with so many legal actions - most of which they are likely to loose. However, you may be the only guy doing this so you might find yourself in hot water - but you may actually win.
.... This is how to handle SCO.
Because Alan Cox is, frankly, rather brighter than Darl McBride. Yes, I know, as others have posted, IBM and others have contributed to Linux' multi-processing code. But it worked extremely well before they did - I know, I was running a dual processor Pentium Pro with dual RAID5 arrays in late 1996 or early 1997, and that was running on Alan Cox's SMP patch to the 2.2 kernel (might even have been a 2.0 kernel).
I'm old enough to remember when discussions on Slashdot were well informed.
Yes. It got into the kernel from BSD. It is code that has been released under an open source license, and that SCO got from the same place as Linux. The difference being that SCO is still using the ugly code (and claiming rights to it that they don't have) whereas Linux has binned it and replaced it with something more elegant. That's not the reason SCO's claims are invalid, it's just a little bonus.
"Your claims are nonsense because you don't own this code, and here is evidence of where the code was made freely available before your company even existed. Oh, and the code sucks so much that you're the only ones who even want to use it. Shouldn't you be spending more on developers and less on incompetent lawyers?"
++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
I'm going to add just about 2 cents worth here.
;-)
I'm a hardware jock that has worked on 4 different commercial unix systems (from the development point of view.) All were multi-processors and I was doing this in 1982.
The first machine two machines I saw the work performed on was BSD! The last machines were Sys V plus Berkeley enhancements. These were in the mid 80's. So we're talking between 15 and 20 years ago. Not one of these companies was SCO by the way
In any case- I've seen several different engineers with the requisite skill set do this, and it worked quite well thank you very much.
At the same time, it took on the average of 1-2 years for a couple of programmers to add the multi-processing features to the OS. Hmmm, and consider that Linux was multiprocessing on a more primitive level by 2.4 kernel (or was it 2.2?) In any case for at LEAST 2 years and actually more like 5 years. They have just been improving it!
Not Rocket science.
Have you compiled your kernel today??