Usenix President - Linux Needs Better Paper Trail
Anonymous Coward writes "Usenix Association president Marshall Kirk McKusick is a veteran of BSD's intellectual property scuffle with AT&T in the 1990s, and he's got some thoughts and advice for the keepers of the Linux kernel going forward, commenting: 'There isn't a well-documented ownership trail with Linux. So, they have opened themselves up to a swamp of 'he said-she said' about where code came from'."
Dating back to when linux (the kernel) didn't even have a version number, code was always attributed to where it came from. I'm sure everyone is familiar with at least the changelog and its attributions. And of course actual comments with names and email addresses are all over the sourcecode itself.
/. in The Mysterious Future!) In the unlikely event of SCO ever saying which lines are thiers, we may end up with the interesting situation where a Caldera/SCO employee put them there - and get to slap SCO for abusing the legal system.
Now, Mr. McKusick might have a partial point. Its entirely possible that some gremlin over at Caldera took a bunch of SCO's 'Intelectual' Property and threw it into the main kernel under the GPL. In which case once the lines of code are actually identified, I suspect we will know who contributed them in under 20 minutes (10 minutes of which will be the article sitting on
In any event, I'd be willing to put money on Linux's source code source documentation beating SCO's out any day of the week.
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
I guess, in the spirit of the GNU GPL, they'll have to come up with something, call it the FDA - a "Full Disclosure Agreement" that you *must* sign before contributing code, stating that you WILL tell everybody about the project and publish your code contribution, sort of a bizarro-world NDA.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
From what I've seen ownership never becomes a problem until large amounts of money become involved or until one group attempts to sandbag another group based upon their ownership. Since this is the open source community, most commonly under the GPL license, there is no worry about this sandbagging unless someone attempts to take a fork and make it commercial.
Is this where the need for a paper trail comes in? Suppose someone takes the kernel and starts their own independent development on it. Hypothetically, in five years, they could rewrite or replace over 50% of the kernel with their own code. From what I understand the GPL license requires that any code that it becomes part of must also be GPL. If the total code package is several million lines, however, who is going to pay to subpoena the source code for a commerical product to prove that it was indeed started from a GPL/open source project? Who will pay to have the code audited and what prevents a potentially unscrupulous commerical entity from playing mix and match with subroutines so carefully that the resulting audit would take more time to arrange properly that to actually audit the lines one by one?
I suppose, in this case, the paper trail wouldn't make a darn bit of difference. The paper trail isn't going to make it any easier to subpoena source code from a commercial entity if they're stonewalling.
Enter my tin-foil argument that Windows9x/2x is nothing more than badly mangled Linux and a customized window manager built with a crytpically designed compiler--but no one ever gets to see the source code so they'll never be able to prove it.
+++ATHZ 99:5:80
'There isn't a well-documented ownership trail with Linux. So, they have opened themselves up to a swamp of 'he said-she said' about where code came from'
So what? There is a basic flaw in this argument! In the USA anyway, you are presumed innocent until proven guilty. Anybody alleging that source was stolen and placed into Linux must prove that source code:
a. existed somewhere prior to being placed into Linux
b. was stolen, not just happens to resemble code that might have been developed independently by someone else
In short, there should be no burden of proof on Linux's part to prove that the source was not stolen; the burden of proof must be on the accuser to prove that the source was stolen!
Knowing who submitted exactly which piece of code to Linux will not drain the swamp of 'he said-she said' about where code came from'. In fact, it will make it a lot worse. Consider: company A claims that some portion of Linux source, submitted by person B, was stolen. Person B had business dealings with company A prior to or during the time that the source was submitted. Company A will say that this proves the source was stolen from them since person B obviously had opportunity! They will claim this even if person B had dealings totally unrelated to software within company A.
Was this not one of the reasons the GNU project wanted copyright assigned to it?