Slashdot Mirror
SCO: Code Proof Analyzed, Linus Interviewed
Arker writes "Bruce Perens has now obtained a copy of the entire slide show from which the recently scrutinized SCO-related Linux code excerpts came, and has analyzed the remainder of the 'evidence' they presented there. Their other code exhibit turns out to have been the venerable Berkeley Packet Filter(!), and their revised line-counts are consistent with simply adding together all the lines of code that have been contributed by Unix licensees." Also, Iphtashu Fitz writes "A new interview with Linus Torvalds has been posted on eWeek.com. In it he slams SCO over the recently leaked source code. Among other things, he points out in the interview that some of the code in question has been removed from the 2.6 kernel ['because developers complained about how "ugly" it was'] before SCO even started complaining."
A programmer is a machine for converting coffee into code.
Come on Linus, stop dancing around the issue. Tell us what you really think about their claims.
There's no point in questioning authority if you aren't going to listen to the answers.
Filter the packet... drop drop drop...
let the major media outlets catch on to this.
Karma: The shiznight, mostly because I am the Drizzle.
eWeek: For its part though, SCO has said that there are so many lines of code, and a variety of applications and devices that use that code, that simply removing the offending code would not be technically feasible or possible and would not solve the problem. Do you agree?
Torvalds: "They are smoking crack"
---
You gotta love Linus. It's not just that he speaks his mind, it's that he's just cavalier about what he says.
On a serious note, I'd like to see some the guys involved with SMP or JFS or NUMA get together and *sue SCO.* Tell them they want a cut of any license they collect on unless they can PROVE they aren't claiming ownership of parts of their GPL/BSD contributed code.
Here. Nuff Said.
The dogcow says "Moof!"
Repeating this from the last SCO story, needs more exposure...
...
I just got off the phone with the FTC. If everyone calls and complains then the chances they will investigate SCO goes up. They look for patterns. In other words, if the majority of their calls are about SCO then they will investigate. It is time to take the Slashdot effect to the phones.
These are the key points to make:
-You did not purchase software from SCO
-The company that "produced" your software did not purchase it from SCO
-It was not marketed or packaged by SCO
-Despite this SCO is asking for $199 from home users (You) and $699 from business for 1 CPU
They will ask for your name, phone number, address etc. That is mostly to verify your identity and citizenship I think.
Here is the number:
1-877-382-4357 option 4
They are nice and listen well. The lady I talked to even took the time to get a better understanding of what Linux is. The best quote from her "You didn't purchase it from them and they want you to pay them? That sounds crazy."
--
Call FTC 1-877-382-4357 opt 4
-You didn't buy from SCO
-Vendor didn't either
-They want $199
Here's some information that may help. They actually asked for this info:
The SCO Group
355 South 520 West
Suite 100
Lindon, Utah 84042
801-765-4999 phone
The guy I spoke with was actually somewhat familiar with what Linux is. One of his first questions was how this company got involved with me, which my answer was "Well, that's the problem. They didn't."
He eventually asked if SCO has contacted me personally with regard to this situation, which they have not. Don't lie to them. Be completely truthful. At the end of the call I got a reference number, and he said that if SCO does contact me personally, I should call back and let them know.
It was very easy to do, and took about 5 minutes of my time. The recording while I wated for the counselor to pick up the phone did say that the FTC does track trends in complaints. If we get enough people to complain, something will happen. Please, take a few minutes and call!
I really respect the guy. I hope that he is around when Linux finally overtakes the OS world once and for all.
First SCO said they weren't going to show the code because they had to "protect their secrets" -- those secrets being the copyrighted code itself.
.c file written by anyone at Sun, SGI, H-P, IBM, Sequent, Cray or any other licensee belongs to them.
Then they went on extortion trips to Japan and around the U.S. Neither panned out, with major companies like Oracle, Fujitsu, Mitsubishi and H-P calling their bluff. Accusations without proof are meaningless.
They showed code snippets under super-tight NDAs, mostly to non-geeks, who promptly said "yep, they look the same". Of COURSE they looked the same! Would SCO show code that doesn't match? The fact that it was all out of context didn't seem to matter.
When THAT didn't convince anyone, they started showing bits of code without an NDA -- and the rest of the world found out why IBM, Oracle, Fujitsu, et. al. isn't afraid and why SCO was so reluctant to show the code in the first place.
SCO is clueless. They have no idea what they own and what they don't. They don't know what they, as Caldera and SCO, gave away and what they "borrowed" from others for their own. They simply assume that any
Somebody just did a "diff" between the SCO source and a Linux kernel and went off from there.
Just watching them escalate the claims day after day gives a clue. First it is dozens of lines, then hundreds, then thousands, and now MILLIONS!
The truth is SCO probably had NO intention of this getting to the discovery phase -- they were hoping for a settlement or buyout before all this came to light.
They are quite desparate now.
Damn! I wish I bought SCOX back in November.
Learning HOW to think is more important than learning WHAT to think.
SCO Sues Linus Torvalds for Libelous Crack-Smoking Comment
JoAnn
And dammit, why does Linus Torvalds have to have 'S' at the end of his first and last name? I can't figure out where the apostrophy goes. ;)
Whatever for?
If it's to help develop a competing approach to solving a problem, I'm all for it: whichever one winds up proving to be best at solving the problem should be the one adopted, even if it's the other camp's solution.
But dumping the BSD code just to be "unique" is silly.
With respect to this SCO nonsense, the only thing I care about is whether or not the origins of the contributed code can be traced. If a piece of code winds up in, say, FreeBSD, I expect they have checked its source as thoroughly as the Linux maintainers would for any code contributed directly to Linux. In short, I see little reason to discriminate between the two.
Finally, if a piece of code winds up in either distribution that shouldn't, then it's a moderately simple matter of pulling the code and rewriting it if necessary if it's found that the contributer who donated the code did so without proper authorization. One would hope that a court would find the action of such removal and rewriting in the face of accidental infringement to be sufficient remedial action once the infringing code is revealed. But this is the U.S. legal system we're talking about here, and it seems to be so screwed up that I can't dismiss the possibility that it would rule heavily against an accidental infringer. In fact, things seem bad enough that I have to consider such a situation to be likely.
Sigh...
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Generally, no. I work with NDA material that's subsequently leaked (by other parties) all the time, and usually it's the leak-er that's considered at fault, not the person who republishes the leak. Presumably SCO could go after whoever sent the powerpoint pitch or took digital photos of the slides if they could find them.
Most of the companies I know that find sensitive material that is still marked "confidential" re-published by the press simply request that it be removed, but it appears that the reporting on the material itself is fairly well protected; I would imagine Bruce's commentary would fall under the reporting but things like slide photos or the slides themselves (if the "confidential" remained on the slide during the presentation) might be iffy.
As an aside, a lot of companies knowingly let "confidential" documents leak as a way of unofficially distributing the information. SCO could be hoping that this would result in very damaging reports without ever having to provide the code snippets publically -- it leaves an out of deniability "that was an internal document never meant for the outside world and it wasn't reviewed by our lawyers for accuracy, yada yada"
But this is SCO, so the fact that Bruce used the same alphabet as SCO in his report is probably grounds enough for them.
This came up in the recent Samba discussion, but I think it's worth reiterating.
If you have hold the copyright on any GPL code that SCO is distributing, sue SCO. They have stated that they do not intend to be bound by the GPL; their actions show that they do not plan to adhere to the terms of the GPL. It is reasonable to believe that they intend to violate the license (indeed, I think they have already). I think it would be reasonable to seek an injunction against SCO to prevent them from redistributing your code unless they agree that the GPL is valid and they are bound by it.
Imagine a beowulf cluster of lawsuits, hackers in jurisdictions all around the USA (or around the world) filing suit against SCO. Their stock price will plummet - that's a language they'll understand. They will be forced to respond.
What are the possible outcomes? These come to mind off the top of my head:
- They capitulate and agree publicly that the GPL is valid and they intend to adhere to it in redistributing GPL software. Major PR victory for free software.
- They agree to stop redistributing GPL software because they agree that the GPL is valid. Major PR victory for free software; major loss for SCO because they then have no viable product. This seems unlikely. Without product, SCO's sole source of income is lawsuits. Furthermore, in acknowledging the validity of the GPL, they open themselves up to further lawsuits seeking damage for their violating the GPL (which I think it is clear they have, in DEMANDING fees for GPL software). Their stock price plummets.
- They refuse to acknowledge the validity of the GPL. A judge (or judges) grant injunctive relief and force them to stop redistributing GPL software, affirming the validity of the GPL. Minor PR victory for free software. SCO no longer has products to distribute. This seems unlikely simply because I don't think SCO would go this far; again, without product to sell, their stock price plummets.
- Other companies avoid dealing in or distributing GPL software, fearing a Beowulf cluster of lawsuits. This seems quite possible; care must be taken in pointing out that suits are filed ONLY because SCO has violated and has stated their intention to violate the terms of the license.
So head down to your local library and check out a couple of legal texts. Find out how to file a copyright infringement suit in federal court in your jurisdictin. Learn to use "Whereas" in a sentence. Pay the filing fee, and pay a process server to Fed-Ex a letter to SCO to let them know they're being sued. Specify damages if you wish, but the goal (IMHO) is their acknowledgement of the validity of the GPL.
Most importantly, publicize what you've done; email every Linux news site out there, as well as major tech news sites. Get the information out there where the mainstream tech and stock analysts can find it and be disturbed at the liability that SCO has incurred in declaring that they do not intend to abide by the GPL.
IIRC, it was originally developed for AIX, yes, but the OS/2 version was not a port, it was a clean room implementation from the spec sheet instead. And it was the OS/2 code that was the basis for the Linux port. So, in fact, the article is correct.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Poor SCO pointy-haired-bosses... I can see it now (names omitted to protect the guilty):
-------------------
PHB1: "Hey PHB2, I'm putting together this PowerPoint. I suppose I should slap some code in there to make this suit look more legit."
PHB2: "Yeah, good idea." (PHB2 goes to Etrade to dump a bit more stock)
PHB1: "I've got this copied code the IPI [Intellectual Property Investigative --ed] Team passed on to me, but Legal says we can't release it."
PHB2: "Yeah, $600 an hour to tell us we can't disclose it to the press and claim it's top-secret priceless intellectual property at the same time."
PHB1: "No kidding." (pause) "You ever seen code like this?"
PHB2: "Linux hippies. I dunno, it's all greek to me."
PHB1: "Genius! What a brilliant idea, I'll show those hackers the code in Greek!"
PHB2: "Hey, you're good..."
(peck, peck, peck)
--LP
No no, it's *spelled* S C O, but it's pronouned "ass hats"
Vote for global prefs bug
I pronounce them dead. Time of death, the moment Darl opened is fat trap and talked up this scam.
Or you can go straight to the source (no pun intended).
The relevant portion:
Comment removed based on user account deletion
This is a common misunderstanding; thinking that there is something fundamentally wrong or illegal with reverse-engineering (be that examining source code or binaries). Like another poster pointed out, the only mechanism that could protect against "monkey see monkey do" would be trade secret registration.
For patents, it does not matter if you saw something and reimplemented it, or even created it yourself from the scratch. Copyright only protects against unauthorized copying, not against reimplementations.
The whole clean-room reimplementation idea was an overkill created by Compaq lawyers, when they were cloning IBM PC. They wanted to be 150% sure everything was legal, since they were dealing with a high-tech behemoth, with ample resources to use on lawyering. Doing clean-room development is plenty good for avoiding potential trouble, but it is not a requirement of any sort (more like a sterilized man using a condom).
I like paying taxes. With them I buy civilization -- Oliver Wendell Holmes
Subject: Re: XFS vs. JFS
Subject: Re[2]: XFS vs. JFS
See also Q1 on the JFS FAQ from IBM.
Basically the original implementation was too tightly tied to specific AIX features. So a spec was written and given to the OS/2 team, who were completely separate from the AIX team, and they wrote a clean implementation avoiding such problems. This OS/2 implementation, then, was ported to both AIX and Linux. The original AIX implementation is dead, and has been for some time. All implementations in current use are based on the clean room work by the OS/2 team.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
The reason it was ugly was that it duplicates the function of some other code in the kernel.
It is hard to believe that the code was ugly. After all, it was written by ken/dmr and withstood 30 years of scrutiny.
They were doing some BSD! And they've been asking people to "sign our MDA".
To paraphrase Inspector Clouseau, they are asking us to buy "a leesenzzz for their minkee". But it is not their minkee!
...Nothing interesting here. Just move along...
Remember, IBM as a company has made their money by keeping their "i"s dotted and their "t"s crossed. Several world governments contract IBM to handle very important and sensitive data. I doubt that IBM does anything of the scale that this is on without reasearching very carefully what they're doing.
This isn't to say that I especially trust IBM over any other vendor, but they have a much greater tendency of putting their money where their mouth is, delivering good business products and supporting them.
Remember that Aptiva that you played around with for a while and hated back in your introductory computer gaming phase? It probably still works, doesn't have capacitors that blew out like ABIT and Gigabyte have had, has drivers for every major OS from Windows 3.1 and OS/2 2.1 to XP, and will run for the next ten years without much trouble. They build computers, not consumer appliances.
I have an IBM PS/2 Model 95 at work that I still have powered on. It's a 50MHz 486 with Microchannel architecture. It's probably the best built computer in my office. IBM doesn't do things half-assed.
Do not look into laser with remaining eye.
I don't think there's any way that you could interpret that paragraph as granting ownership of derivatives to AT&T (or to SCO) and I don't think that even SCO are trying to claim that it does, at least not in their court claims (their PR contains all manner of gibberish).
What that paragraph does say is that the derivative works are covered by the same terms of that contract as the original software is. The contract requires that the original code is not disclosed to others. Thus, the derivatives also cannot be disclosed to others.
Remember, this case is about trade secrets and breach of contracts not about copyright violations. SCO are not claiming to own the copyright to the derivatives, they are claiming that IBM is contractually prohibited from publishing the code.
Their argument is still wrong because code that is linked to theirs is not derivative of theirs when separated out and containing none of theirs.
I dunno - might be interesting to see the FTC's notes on these calls.
"Got another call today from somebody complaining about this company called, uh, "hell-bound bastards", or possibly "Skoh". The complaint was along the lines of 'that fucking Darl better not leave Utah, because if he does he'll get a giant penguin made of barbed wire crammed up his ass'. Caller sounded fairly annoyed. Possibly bears further investigation, in light of the 4000 other calls we've received today saying much the same thing. Sure wouldn't want to be this Darl guy. What kind of a name is Darl, anyway? Sounds like some fatass lawyer to me."
Those are some big punches to pull and the only reason to pull them is to cover your ass in case someone really presents something infringing. If you say it's all BS instead of demanding a look, you hurt your credibility. By continuing to demand an honest answer from SCO, the free software world continues to show that SCO is not being honest. You can only refute SCO's nonsense as they put it before you. You can demolish claims on end users, you can show monitary damages don't exist, you can show revealed code is public, but you can't prove that there's no infringing code at all. If you do that, it makes you look irresponsible and that is something free software coders are not.
The "smoking crack" phrase is just a figure of speech for deranged and fradulent, which the current claims are based on the code presented. It would be very difficult to prove that cocaine is actually part of McBitch's Microsoft compensation package, so I doubt someone level headed like Linus would use the phrase literally. Not yet at least.
Friends don't help friends install M$ junk.
Taco:Yes, of course! The Holy Slashdot of OSDL! 'Tis one of the sacred relics Brother Cowboy Neal carries with him. Brother Neal! Bring up the Holy Slashdot!
AC's chanting: Pie Iesu domine, dona eis requiem.
Brother Neal: Armaments, chapter two, verse nine to twenty one.
Brother Neal: And Saint Stallman raised the Slashdot up high, saying, 'O Lord, bless this Thy Holy Slashdot that, with it, Thou mayest slashdot Thine enemies to tiny bits in Thy mercy'. And the Lord did grin, and the AC's did feast upon first posts, trolls, GNAA posts, and...
Taco: Skip it a bit, Brother.
Brother Neal: And the Lord spake, saying, 'First shalt thou click on the holy link called Slashdot. Then, shalt thou count to three. No more. No less. Three shalt be the number thou shalt count, and the the number of the counting shall be three. Four shalt thou not count, nor neither count thou two, excepting that thou then proceed to three. Five is right out. Once the number three, being the third number, be reached, then, clickest thou holy Slashdot of OSDL towards thy server, who being naughty in My sight, shall snuff it.'
Taco: Amen
Hmm. Well, I've smoked crack as well, and I don't think Linus is so off beam. Lets look at the facts:
Smoking crack is expensive. You need a fair few dollars if you're going to have a decent binge. For some people at least, they'll do pretty well anything to get that money. Lie, steal, whore.
Smoking crack makes you obsessive/compulsive. After that first hit, all you think about is more crack. You talk and think about it obsessively, and when you aren't making progress towards your goal of getting more crack, you're kinda depressed.
Now look at SCO. No integrity at all. Prepared to do or say anything to get more crack (an increase in stock price.) Talk obsessively about it in the media, even though their tales are demonstrably filled with lies.
I'll accept not everyone reacts in this way, so perhaps Linus should have been a bit more careful in his characterization. SCO isn't just smoking crack. SCO is the Skanky Crack hO, hustling a nasty bony ass that nobody but other crazy crackheads wants to buy.
Now where's that motherfucker who keeps on boasting about his SCO stock? I hope he's been on to his broker in the last few hours.
Because Alan Cox is, frankly, rather brighter than Darl McBride. Yes, I know, as others have posted, IBM and others have contributed to Linux' multi-processing code. But it worked extremely well before they did - I know, I was running a dual processor Pentium Pro with dual RAID5 arrays in late 1996 or early 1997, and that was running on Alan Cox's SMP patch to the 2.2 kernel (might even have been a 2.0 kernel).
I'm old enough to remember when discussions on Slashdot were well informed.
I certainly don't agree with this. 'Just a university lab by university students' tends to be the state of the art. Especially if the students are PhD students. I have never done anything in industry even remotely as state of the art as I did as a PhD student.