SCO's Open Letter to Open Source Community

joefish_only_1 writes "SCO CEO has posted an open letter to the open source community. There's some things Mr McBride mentions that I hadn't heard of yet, like an admission by Bruce Perens that "UNIX System V code is, in fact, in Linux, and it shouldn't be there."" A slashdot reader posted a comment recently that breaks it down quite well.

Logical flaws, galore.

[rcs1000]

There is something rather disgusting about this letter from SCO, and the following passage highlights it rather well:

"There is no question about the affiliation of the attacker - Open Source leader Eric Raymond was quoted as saying that he was contacted by the perpetrator and that "he's one of us." To Mr Raymond's partial credit, he asked the attacker to stop. However, he has yet to disclose the identity of the perpetrator so that justice can be done.

No one can tolerate DDoS attacks and other kinds of attacks in this Information Age economy that relies so heavily on the Internet. Mr Raymond and the entire Open Source community need to aggressively help the industry police these types of crimes. If they fail to do so it casts a shadow over the entire Open Source movement."

Now, substitute the phrases "black people", "black person", and "black community" for "Open Source"...

That the DDoS attackers were "members of the open source community" is irrelevent. It is like saying they had red hair, and therefore ALL red-haired people should bear responsibility. No. No. No. No.

You cannot generalise from a person, or even several people, to an entire community. That is wrong. Indeed, the whole letter is full of generalisations from (often inaccurate) specifics.

Down with SCO!

Re:Logical flaws, galore.

[otisaardvark]

Please don't get me wrong; I agree with your point. But also note it is easier to generalise about the open source "community" than (eg) the black "community" because people choose to be open source developers. Unless you take the Michael Jackson route, skin colour isn't something you can alter with your actions - being an open source proponent is.

At the risk of falling into the correlation/causation trap, it is far more likely that open source devs share more community characteristics than black people.

Re:Logical flaws, galore.

[jeavis]

McBride speaks about things which he knows little about. He has no way of knowing that ESR hasn't informed the proper authorities. Rather, McBride is simply resorting to speculation because ESR didn't inform him.

I've worked at an ISP for seven years, and in that time have seen my fair share of abusive and illegal online activity. In cases where legal action is sought, the proper authorities often don't want you to say anything to anyone, including the victim(s). I've received subpoenas for evidence from various state and federal entities over the years, and most contained some provision for maintaining confidentiality of both the evidence and the subpoena itself. They do not want to tip off the alleged perpetrator and give them an opportunity to try to elude investigators or destroy evidence.

Re:Logical flaws, galore.

[ichimunki]

No, but when someone like ESR decides to make it sound as though the Open Source community both claims this person as a member and then takes no steps to bring this person to justice for an obvious criminal act, that reflects negatively on the Open Source community as a whole. But then I absolutely rejected ESR as a "leader" some time ago, myself.

Personally I'm waiting for Darl to write an open letter to those of us in the Free Software movement-- one where he recognizes the philosophical underpinnings behind the movement as valid desires and stays away from the distracting nonsense about business models.

And anyway... has SCO specifically accused any software of being infringing other than the Linux kernel itself? If only Linux is (allegedly) infringing that would make all this talk about development models (in addition to all the business model garbage) a lot of hot air (i.e. BS). Have they mentioned that any of the BSDs may be infringing? How about the HURD? How about the larger GNU system? Perl? Ruby? Apache? MySQL or PostgreSQL? KDE? Well, SCO? When are you going to stop with the unsupported vague assertions and give us actionable information?

'improper contribution'.

[Channard]

The article doesn't offer as much insight into SCO's thinking with this apparently suicidal (PR wise anyway) move, but one thing does stand out, the use of the words 'improper contribution'. Not 'improper use' or This for me shows just how empty SCO's talk is. How exactly does someone improperly contribute something? If you contribute something, you do so. If something is stolen or copied from you, it's stolen. SCO didn't even have the guts to accuse anyone of stealing, they just came up with this nonsensical phrase. Kind of telling.

Not just attacking GPL anymore?

[Bistronaut]

This quote sounds like he's trying to "take back" the BSDs:

"Fair use" applies to educational, public service and related applications and does not justify commercial misappropriation. Books and Internet sites intended and authorized for the purpose of teaching and other non-commercial use cannot be copied for commercial use. We believe that some of the SCO software code that has ended up in the Linux operating system got there through this route. This violates our intellectual property rights.

Feedback Comment

[Richardsonke1]

I like the feedback comment at the bottom. I was thinking the same thing before i noticed it was down there. It's so true that it was/is near impposible to check if code was taken out of Unix. Would SCO like to give us a copy of their code? No, so they should just complain whenever they see a problem, and then the Linux community will take it out. It's that simple. No liscensing deals necessary. Here's the quote:

Nathan Hand commented ... "Secondly, no-one seems to have answered the perfectly legitimate question about the open source development process - just how DO you ensure that code submitted by a developer HASN'T been ripped off, just because the developer claims that it hasn't? McBride IS right when he says that Open Source is still maturing and we DO need to look at, and answer these questions."

How do you ensure it in any project, open source or closed sourced? You ask the author. You assume they tell the truth. How else could you do it? There's no magic marker on code that says "this is owned by foo". There's no central code repository where you can check ownership of a fragment. If there's no attribution in the comments or the README then there's practically nothing you can do. It's not like the Linux developers have access to SCO's source code so they can check every submission, looking for violations. SCO keeps their code secret. The best that the Linux developers can do is assume the author is telling the truth.

But this is true for ALL projects. I've worked on commercial projects and I know full well that violations occur. I've seen BSD code dropped into proprietary products with the BSD attributions stripped out. SCO put a slide up at SCOForum... it was code stolen from BSD! SCO thinks it's theirs but the history of the code is well known and it most definitely has gone from BSD to SCO. A SCO developer stole it and assumed nobody would ever know. Why isn't SCO "respecting the IP" of BSD developers?

The reality is, Linux is far more "IP accountable" than any closed source product. If a company developing a closed source product copied code from SCO, would SCO ever know? Of course not. But any company can look at Linux source code to determine if violations occur. The Linux model encourages transparency and "no secrets". The result is that violations are infrequent (in fact, SCO is the first claimant ever and their case looks VERY weak).

It's the closed source model where the vast majority of IP violations occur but most of them go by unnoticed.

There is nothing "immature" about the Linux model. It is following best practises of the industry and then some. SCO is trying to paint a picture of "immaturity" because they want to win this case in the court of public opinion, but I have every confidence that they will never win this case in a court of law.

IP Violation on Darl's part?

[Smiling_Jack]

Didn't Bruce say the following in his SCO code rebuttal?:

• You may re-publish this material. You may excerpt it, reformat it and translate it as necessary for your presentation. You may not edit it to deliberately misrepresent my opinion.

Isn't Darl taking Bruce's words out of context and misrepresenting them? Copyright violation, anyone?....

What Bruce said. Watch the qutation marks!!!!

[narrowhouse]

Bruce said:
"The other SCO code snippet Perens walks through had to do with memory allocation functions in Unix System V and Linux. He says there was, in fact, "an error in the Linux developer's process," specifically a programmer at SGI, and he says while the Linux community had the legal right to this code, it didn't belong in Linux and was therefore removed."

Was twisted by SCO into:
"an admission by Open Source leader Bruce Perens that UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn't be there. Mr Perens stated that there is "an error in the Linux developer's process" which allowed Unix System V code that "didn't belong in Linux" to end up in the Linux kernel"

So by saying it was REMOVED (we will say it slow so you can follow along Darl), Bruce Perens admitted that it ended up in the Linux kernel? Can SCO tell the truth at all, or do they all just live on Bizarro world?

Re:An Open Response to Darl McBride's Open Letter

[Eunuchswear]

"Nothing can change the fact that a Linux developer on the payroll of Silicon Graphics stripped copyright attributions from copyrighted System V code..."

Nothing, except, inconveniently, that it is not a fact. The fact is that SGI did extensive due diligence before contributing any code to Linux, and the code in question long precedes the development of Unix System V.

If SGI did extensive due diligence then why did they strip the original copyright notice from this code?

Quotes from Perens:

The oldest version of this code we've found so far is in Donald Knuth's The Art of Computer Programming, published in 1968.

So the code can't have been legaly copied from there (it's copyright).

The implementation shown in the slides was written by Dennis M. Ritchie or Ken Thompson at AT&T, in 1973. You can see the 1973 version of the function in this file, originally called dmr/malloc.c. The code is from Unix version 3, the oldest known version of Unix that still exists in machine-readable form. The complete source for that system can be found here on the net. In 2002, Caldera released this code as Open Source, under this license.

But the license pointed to says:

Redistributions of source code and documentation must retain the above copyright notice, this list of conditions and the following disclaimer.

So the code can't have been legaly copied from there as the copyright notice has been removed.

And finaly Perens argues:

AT&T was actually found to have lost its copyright to the code in question during the lawsuit, because the code was published without a proper copyright notice.

Consequently, I find that Plaintiff has failed to demonstrate a likelihood that it can successfully defend its copyright in [Unix version] 32V.

The result is that between the judge's finding and 1996, when there were additional changes to the Berne copyright convention that would have made the AT&T code copyrightable, the code was essentially in the public domain.

But, so what? That's talking about Unix 32V, and Perens goes on to say:

the version that was included in Linux seems to be from System V.

Which has never been released under any kind of open source license or been put in the public domain.

So, yes, SGI could have copied the 32V code, but they didn't.

Or they could have copied the Unix Version 3 code, if they'd included the copyright and license notices, but they didn't.

But they had no right to copy the System V code at all.

Perens is right:

In this case, there was an error in the Linux developer's process (at SGI),

but this is just wrong:

It turns out that we have a legal right to use the code in question

as even Perens admits the code was copied from SysV.

SCO depend on BSD code

[ananiasanom]

'ancient unix' isn't valid for commercial purposes even though it was licensed under a BSD license.

Oops, SCO OpenUnix or whatever they call it this week just lost the X Window system, developed by MIT and released under a BSD-like license. Darn, the TCP/IP support written at Berkely and released under a BSD license isn't valid for commercial purposes either.

There seems to be more of this open source stuff around than SCO are aware of...

Re:perens

[mj01nir]

Darl sez: The second development was an admission by Open Source leader Bruce Perens that UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn't be there. Mr Perens stated that there is "an error in the Linux developer's process" which allowed Unix System V code that "didn't belong in Linux" to end up in the Linux kernel (source: ComputerWire, August 25, 2003). Mr Perens continued with a string of arguments to justify the "error in the Linux developer's process."

But Bruce actually said: In this case, there was an error in the Linux developer's process (at SGI), and we lucked out that it wasn't worse. It turns out that we have a legal right to use the code in question, but it doesn't belong in Linux and has been removed.

And at the top of Bruce's slide show analysis: You may re-publish this material. You may excerpt it, reformat it and translate it as necessary for your presentation. You may not edit it to deliberately misrepresent my opinion.

Get 'em Bruce!