Slashdot Mirror
Embarrassing Dispatches From The SCO Front
An anonymous reader writes "Dennis Ritchie has acknowledged he with Ken Thompson wrote the code cited as 'proof' by SCO. This seems to fit perfectly with Bruce Perens' Analysis of SCO's Las Vegas Slide Show, and undermine Blake Stowell's claim 'At this point it's going to be his word against ours." Andreas Spengler writes "In the ongoing battle between SCO and the Linux community, German publisher Heise has shown that not only was the Linux implementation of the Berkeley Packet filter written outside of Caldera (now SCO), but that it was common practice there and at other companies to remove the BSD copyright notices from the internally used source code. In effect, SCO has proven publicly that they violated the BSD license." (Warning, article is in German.) Finally, a semi-anonymous reader writes "Learn all about how IBM's stomach will be roasted on a pyre of CDs at WeLovetheSCOInformationMinister."
common practice there and at other companies to remove the BSD copyright notices from the internally used source code
That's a large part of what cost AT&T in the ATT/USL vs BSD case -- AT&T had incorporated BSD code without the BSD copyright notices, violating the BSD license and thus BSD's copyrights. IIRC, AT&T ended up paying BSD's legal costs in that trial.
Hey SCO, how do you feel about paying IBM's (and anyone else you were thinking of suing) legal costs?
-- Alastair
Not sure the exact quote, but when people pointed out the fallacious examples, SCO said, "We think we know our own code."
However, their claims contradict this. Crucial to their suit is the fact that they did not know that there was UNIX code in Linux prior to all this litigation. If they did know that, then they willingly released their code under the GPL.
Perhaps they've learned a bunch about their code in the past few months, but if their developers did stuff like ripping out BSD advertising clauses many years ago, I don't see how the new management would be privy to it.
You may recall that recently SCO declared the GPL invalid. I believe the real reason why they did that is not, as many believe, because they continued to distribute Linux after they announced their lawsuit, but instead because they have actual Linux code inside their own SCO Unix. So far, this is just a hypothesis, but I think it best explains their action.
If in fact they have copied BSD code in violation of the BSD, then it's very plausible that they have copied GNU/Linux code in violation of the GPL.
Not Found
The requested URL
Continuing to cover this is not particularly useful. SCO won't be bothered by anything so trivial as facts. They are out for blood and maximum damage, and no possible response from anyone is going to stop them now. They will have to be defeated, but no action we take or not take will do anything significant. They know they aren't popular and don't care in the slightest. They may even know they are wrong, but that won't stop them from trying to use the system to get $$.
If we want to do something interesting, let's look ahead to how we might lobby and/or structure the GPL 3.0 to fight this kind of crap. Maybe create an auditing trail software package people can use to know not just the origin of a piece of code, but how it is used and what code is based off of it. Also give more press to the idea of mutual defense clauses in licenses - kind of the counterweight to the cross licensing of IP between companies. Let's think of some positive steps we might take in the future to make our position so obviously strong that anyone short of an SCO type wouldn't waste their time. I think someone who earlier said SCO really believes it is actually impossible for open source to produce what it has was right on the money, and with that settled in their own minds SCO goes into attack mode. There is nothing that can be done about such attitudes but fight. For the rest of the (semi) sane world however, making our position more obviously strong might be good. Let's focus there, and wait until SCO does something that we can actually respond to before rewarding any more of their tantrums.
"I object to doing things that computers can do." -- Olin Shivers, lispers.org
If true, this is very unfortunate. The last thing the Open Source community needs in its fight against SCO (and indeed, in general) is to be associated with virus writers.
John
I'm just busy laughing my ass off...
But seriously, all this talk of "Let's sue SCO! Issue them C&D letters!" will bring us nowhere. Let them appear like the rabid dogs that they are and let IBM and Redhat smack them down...
Then after they're done, we can hunt them like ducks and spammers.
In the meantime, we should focus on raising the profile of Linux. In a calm, Zen-like manner, unlike SCO's behaviour. This is a hearts-and-minds campaign, people...let's get to work...
Never underestimate the predictability of human stupidity...
We don't want Linux or Open Source software in general to be referred to as 'that free software that everone and his dog is sueing one another over'. John Q User may not care much about the lawsuits, but corporations certainly do, and well they should. If Linux gets a reputation for having all sorts of (potential) legal issues, that will hurt the OSS movement in the long run, even if some of the lawsuits are against scumbag outfits such as SCO. The only group that had the right idea was RedHat, who filed suit against SCO to stop the FUD.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
> It's currently being hit by a massive DDoS.
:) On one hand, I really hate to think that people will associate the Linux community with this kind of thing. On the other hand, I couldn't be more happy to see these guys getting what they deserve.
Ok, cool. But why would someone do that on a Saturday? Should have done it during the week when their customers might be more likely to try to get to their site.
Of course, this tactic opens up a massive internal conflict.
Ultimately, since it's illegal and rather immature, we really should put our foots down against this type of technique. SCO will be crushed in the marketplace and in court soon enough. We don't need to take down their site for that to happen.
Does anyone else find it amusing that lately a lot of the high-ranking posts on SCO topics have been "Funny" ones? Is it just because there's nothing left to talk about except SCO mockery? :P
because its illustrative of just how stupid a law it is. if major companies were as routinely screwed by this law as the little guy, the DMCA would be a memory.
SCO can have the GPL or BSD licenses declared invalid all they want--the code is still copyrighted. With the GPL or BSD in place, at least they have the excuse that "it's free anyway, we just got sloppy about satisfying a few conditions". But if they actually argue that they believe the GPL and BSD license are invalid, then they are committing willful copyright infringement of code they have no license at all for.
don't forget about microsoft. follow the money
into SCO. it explains all of the irrationality.
I'm sure this must be a fairly well known phenomenon, but it strikes me as remarkably poor marketplace efficiency - the market is supposed to be a good indicator of the aggregate psychological perception of worth of an equity, and right now the rules of engagement are preventing the market mechanism from working well for SCOX.
I'm inclined to believe in the "true believer" theory.
...
Look, I think that SCOX is worth $0.50 to $1.00 per share. I'm sure for the Slashdot crowd, that's a high estimate, and I'll get a bunch of replies saying "no! $0.01 per share! $0.000001 per share! Negative $699 per share!" But face it, reality says that there are people, right now, who are actually paying $13 per share for SCOX.
I have to try to get inside these people's heads, and I have to do it without taking cheap shots, which means that everyone else will take cheap shots at ME, the messenger.
But if you really want to understand
McBride gets up on stage with "Slide A" and "Slide B". McBride says that Slide A is from SCO Unix. McBride says that Slide B is from Linux. It's obvious to everybody that Slide B looks like Slide A.
Then the Linux community replies and says "We admit that Slide B is from Linux 2.4 Yes, but that code is properly licensed. Yes, but that code doesn't run on desktops or embedded systems. Yes, but that code has already been removed from the 2.6 series".
All of these things are true, and they are all important in a court of law. Especially the bit about proper licensing.
But the SCO-lovers and the Linux-haters aren't interested in "Yes, But". So our message doesn't make it through their filter. They put a lot of weight on "Slide B equals Slide A", and are not listening to an argument that Slide B has every legal right to look like Slide A.
Human beings are like that. They discount arguments and evidence that disagree with them. And once a human being "flips the bozo bit" on another person, or another group of people, it stays flipped.
That's what I think is happening with the stock.
As far as "marketplace efficiency" goes -- whole new topic. I agree that this kind of bubble is inefficient for capital formation. However, it does satisfy the psychological need of people to identify with something that embodies their ideals, just like a sports team. Some people buy SCOX because it fulfills their desire to hate Linux.
What better way to show that it's stupid than to 'overuse' it? Linus Torvalds sends DMCA letter to SCO's upstream provider? Cool....
Ok, cool. But why would someone do that on a Saturday?
Actually, the virus started its dirty work Friday evening, when everyone has left the office, which gives it two and a half days to do whatever it wants to the machines it owns. In fact, its a bank holiday in Great Britain this weekend, so make that 3 1/2 days.
I'm a writer, a poet, a genius, I know it. I don't buy software, I grow it.
SCO *already* violated the GPL. If they were to remove such files now that would likely be quite damaging to their case. So they must keep pretending that their Titanic is not taking on water.
You are being MICROattacked, from various angles, in a SOFT manner.
How would this improve the legal system? It would heighten the risks of a lawsuit, but once one was rolling, both parties would be fighting for their lives. This would really provide incentive for them to break any possible rules if doing so would improve the chances of them winning. You think attorneys are corrupt and underhanded now, wait until you increase the stakes this way.
Or you could say the real goal is to decrease the amount of lawsuits. Well, that might work, but what about the legitimate lawsuits? Or the minor ones? Nobody would be willing to risk their life for some employment dispute you had with your employer, or a rent dispute when your landlord steals your cleaning deposit. Therefore the only recourse you would have in many cases where you had been wronged would be outside of the law, ie you determine for yourself whether and to what extent you have been wronged, and how to redistribute things so justice is best served. Call me crazy, but I would prefer a third party besides you and your hired hitman handle these matters.
Either of the side effects of this system do not seem to increase the amount of justice in the world.
No problem. Be sure to ignore all the Gentoo kernel vulnerabilities, as well as ignoring that there is a double standard--Office holes are considered Windows holes, so it is only fair an unzip hole is a Linux hole. Especially since it's such an engrained part of Linux user space. If there are yahoos around here who think calling it "GNU/Linux" is necessary because the userspace is a part of the operating system, then the holes in its primary userspace apps count as well.
"Sufferin' succotash."
Unless SCO is behind the attack in order to create exactly the impression you cite.
Perhaps unlikely for SCO but in the 1950s the CIA organized mobs to riot againt the government then used the disorder to argue their case for a coup. Eisenhower was never told that the CIA rather than Tudeh (the Iranian communist party was behind it).
So yes this sort of thing does go on. But more generally it is important to police your supporters as vigilantly as your opponents. I was in Brazillia a couple of days ago for the Software Libre event in the parliament. The proceedings were in Protugeese and there was no translation so I did not follow all that was going on. But you could see the room turn against open source when the local loony firebrand started to speak. Instead of making the good case that his facts supported he went beyond the established facts to make claims that most people in the room simply dismissed as propaganda.
Up until that performance the tide was certainly with open source, afterwards there was a lot more opposition.
Basically the guy was speaking to his base, not building support.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
I know for a fact that SCO's website is hosted in an IDC here in Denver, as a friend of mine used to work there until recently.
In fact, he would point out that every time a new story was posted about them, they (at the IDC) would brace themselves for another DoS/DDoS against the SCO and other assorted domains.
These attacks do nothing but give some techs here a lot of extra work to worry about for no good purpose.
If you can't beat them, arrange to have them beaten. -George Carlin
So your saying that Caldera relinquished their copyright to System 3?
Provide evidence.
Office holes are considered Windows holes,
There are good, technical reasons for this, actually. Office is driven by a bunch of ActiveX objects, which links them to the base OS in a *big way*. Now, I realize that ActiveX is just a plugin architecture, and it's really just a wrapper around COM, and that MS uses it to ensure interoperability between their apps, but more often than not, the "Office" holes seem to be holes that are discovered in office, but they're actually holes in ActiveX, which is part of the OS. So yes, you can consider many Office holes as Windows holes, in a fashion that is quite different from an XPCOM hole in Mozilla being considered an OS hole, or a hole in OO.o being considered an OS hole, or a hole in PHP being considered an OS hole, etc.
If there are yahoos around here who think calling it "GNU/Linux" is necessary because the userspace is a part of the operating system, then the holes in its primary userspace apps count as well.
This makes sense, as long as the holes themselves are referred to as holes in the GNU/Linux operating system. Remember, Linux is just the kernel, so if you call a hole a "hole in Linux", you are referring to a hole in the kernel, but if you call it a "hole in GNU/Linux", you are referring to a hole in the OS. Since the distributions themselves vary, however, you can't really call a hole a "hole in GNU/Linux" unless every single GNU/Linux distribution includes the software that has the hole. That's not even considering whether or not the software is part of the default installation, or is an optional package (IIS holes were separate from Windows holes until MS installed and activated IIS on XP by default). So, if Mandrake Linux doesn't contain OPenSSH (which it does, this is just an example), then you can't very well imply that an OpenSSH hole is a hole in Mandrake Linux, which you would do if you referred to it as a "hole in GNU/Linux". Since it's far too pedantic to try to dig up all the distributions that include the offending software, it seems to me that it's just plain easier to keep the apps separate from the OS when referring to vulnerabilities, and allowing the users to determine whether or not they're vulnerable.
I'm done being pedantic myself, now. :)
Like what I said? You might like my music
Oh, wait ...
http://rocknerd.co.uk
>Eisenhower was never told that the CIA rather
>than Tudeh (the Iranian communist party was
>behind it).
I think it's more likely that Eisenhower managed to take what he did and did not know to the grave, whereas the CIA's ability to keep secrets broke down over time.
-fb Everything not expressly forbidden is now mandatory.