HP Clarifies Indemnification Offer For Linux Users

After HP extended an offer of indemnification to users who purchase Linux through HP, SCO issued a strange press release: in it, SCO claims that HP's action actually supports SCO's claims that "issues exist" with the Linux kernel's legal status. In an article at NewsForge (like Slashdot, part of OSDN), HP's Martin Fink roundly denies SCO's backhanded interpretation; a followup story quotes Bruce Perens, Linus Torvalds and ESR on the HP offer. Linus: "Indemnification is wonderful. It might be a cynical marketing tactic, but if people are asking for it, why not?" The first article also points out the limited nature of HP's indemnification claims, which are definitely not blanket protection -- installing patches not approved by HP could well make them wash their hands of your machine.

Re:Has Eric Raymond Discovered Something?

[sloppydawg]

Does Eric Raymond's gaurded comments since releasing Comparator indicate that the results were not favorable????

I don't think so. MD5 conparisons are good for finding exact matches not partial matches as would be used in a derivative/obsucated claim so I'm not sure his program would find all of what SCO is claiming. I don't know the details of how his program works but knowing the problem space it would take some time to run a comparison against copied snippets within a file since it would involve splitting up the file many different ways and comparing all of these chunks agains chunks of another source tree split up and MD5'd in a similar fassion. So to confirm a negative requires a lot of caution and due diligence to avoid getting egg on the face.

More importantly his program may find matches and each of those matches must then be researched to determine the source of the IP. Remember code can be indentical and still legal. So needing to do all the legal research required to validate each similarity as legal or not would take some time. I think any assumptions on what may or may not be found by Comparator is a bit premature given all the work needed to produce a meaningful conclusion. If Raymond simply threw out a number like "Comparator only found 2% similarity between code bases" he'd be just as guilty of FUD slinging as Mr. McBride claim that millions of lines of SYS V code match linux 2.4 kernal code.

Re:Has Eric Raymond Discovered Something?

[braddock]

Comparator works by eliminating white-space and comparing overlapping three-line snippits.

Remember, the (sco released) "Ancient Unix" sources are publically avilable, as well as all BSD/FreeBSD/NetBSD and all versions of Linux. And comparator is FAST...it only hashes each snippit once.

It would not be hard for ESR to Comparator all publically available Unixes/Linuxes to his SVr4 tree and find any matches between Linux and his copy of SVr4 that don't appear in any of the other public unix variants.

That should provide VERY meaningful results. It wouldn't be perfect, but it would tell a LOT.

This shouldn't take ESR (or any guru out there who has access to proprietary Unix sources...) more than a day for the initial results.

The areas of Linux code which match could be made public on a Wiki or other web site and the community can comment on them. The community can then play clean-up and research and try to find the overlapping code matches, adding any additional source trees.

I can't honestly think of any reason ESR hasn't done this, except that he doesn't like the results he obtained. He did, after all, already go through the trouble of writing Comparator, which is most of the work. If I had access to proprietary unix code I'd do it myself.

braddock gaskill