For a company that makes a big deal about "thousands of years" of
experience, they clearly have not thought this through. A distributed
denial of service counter-attack to a distributed denial of service
attack? If both sides have massive numbers of machines engaged in sending
bogus messages you can be assured of two things: 1) there won't be enough
traffic brought to bear on the offending machines to shut them down. 2) It's
going to suck down massive amounts of bandwidth.
Can you see the tech guy
trying to explain that their company was knocked off, not by the attack, but
by the counter attack?
Give the manufacturer your money and tell him that he can send you your stuff whenever he's done with it. That's effectively what the "Software Assurance" plan was about. I'm surprised so many of them were sold.
On the other hand, there's one born every minute. Usually that's plenty.
many companies will unfortunately make a business decision - pay a little money now, rather then possibly a lot later in lawyer's fees. So I can't entirely blame them.
Its required for companies to honor their contracts. One of those contracts is the GNU license which they agreed to when they got Linux. One of the conditions of that license was that nobody is allowed to tack new conditions onto the GNU license. These companies expect to get free use of Linux both now and in the future and to have it supported by the Linux community. Fair enough, but part of the deal is to stick to the agreements which they've made with that community. It's not to their advantage or anyone elses to cave in on this. So far this seems to have been understood by pretty much everyone and only EV1 has given in.
The answer is easy. Do what every other self-respecting Linux sponsor is doing and sue SCO. They had a contract that said the financial terms would not be disclosed. SCO disclosed the terms. Breach of contract. SCO implied that EV1 thought the SCO case had merit. So add slander. Then maybe donate some cash to that fund that was set up to protect Linux users.
Maybe it won't hold up in court, but at least it will burn off some of the cash SCO received and spread their legal team a little thinner.
This is an abuse of authority by the police. If a private citizen came to the police with this story, would the police run out and charge the guy with multiple felonies? Or would they say it was a civil matter? Follow the links from the second site and see if any of the charges would stick.
Extortion. Threats of harm or injury to another person or his property? Just what is it he has supposedly threatend to harm?
Larceny by conversion. This assumes that you took something of value and used it for yourself rather than its original purposes. Just what is it that this guy supposedly took? And how is he using it for his own purposes?
Using a computer to commit a crime. This assumes a crime is committed. It's also a stupid law. Might as well make it illegal to use a stick to commit a crime. Committing the crime is a crime, no matter what you use to do it.
Obstruction of justice (bad link). This is based on the guy lying to the police about who owns the web site. Dumb thing to do, but "justice" doesn't figure prominently in this story in any case.
If all they want is the site name, they don't even need the courts. You can't keep someone else's name without a valid reason. That's what all the cybersquatting cases were about. The Macomb Sherriff could simply argue to ICANN that Pat Richard doesn't have a valid claim to the name "macombsherriff.com" and they could get it back. (Technically, it should be "macombsherriff.gov" anyway.)
Is it breaking the law for Baystar to continue to deny that Microsoft had anything to do with the funding if in fact they did?
No, because it's true. Sort of. In a twisted SCO sort of way.
"Microsoft" is a large publicly traded company. As an entity, the only money Microsoft gave SCO or arranged for SCO to get was the licensing fee. That does not mean that one or more of Microsoft's multi-millionaire employees didn't make the arrangements, but he did it when he wasn't wearing his Microsoft hat. SCO says that the leaked memo came from a contractor who was mistaken and had been corrected. The "mistake" was that the contractor didn't notice that his Microsoft contact had taken off his Microsoft hat.
EV1 paid over a million dollars to license the IP. I call that real money.
Maybe. According to this article Stowell was saying that the deal was "worth seven figures altogether". That certainly sounds like EV1 wrote out a check for a million bucks, but -- being a naturally suspicious type (especially about anything coming from the mouth of a SCO employee) -- I don't think that actually is what happened. For example, the actual contract may pay SCO $100k per year over the next ten years for the IP they own in Linux, but if the Novell suit doesn't work out for SCO, EV1 can break the contract with no further repercussions. That way Stowell can sound off about a million dollar contract without EV1 ever actually shelling out a million dollars.
The other thing I wonder about is the fact that SCO has only been suing SCO UNIX customers and former customers. F'rinstance, does anyone know if CA has a SCO UNIX license? If so, is the license for that bundled into the new license? It would make a big difference to the bottom line if CA already had to pay $4.9mil for a SCO UNIX license and $5mil for the new "plus Linux" one.
Of course, maybe I just haven't been wearing my tinfoil hat enough lately. Still, I'd love to see the actual contracts.
If I'm not mistaken, SCO filed suit against DC because they never received a response to their letter.
It wasn't the warning letter that they're getting sued for. SCO wrote another letter to people who are using both SCO UNIX and Linux requiring them to certify that they're not using any Linux that impinges on SCO's IP. The letter was worded like the old joke, "Do you still beat your wife?" There was no way to answer the question without incriminating yourself. Half the people who got the letter never answered it.
Note the targets of SCO's lawsuits so far and the reason why they're being sued:
IBM because they bought a UNIX license from SCO.
Daimler Chrysler because they use both Linux and SCO UNIX.
Autozone because they used to use SCO UNIX and changed to Linux.
Novell because they have a contract with SCO to collect UNIX licensing fees.
Note that in every case the problem has never been that the target used Linux. It's always because they did business with SCO. In no case has SCO tried to prove in court that they have IP in Linux; they reserve those claims for their press releases. The court cases are all about contractual disputes with SCO customers and former customers.
I've said it before and I'll say it again. The lesson is clear; it's dangerous to even talk to these nut jobs.
If I remember correctly, SCO's financial filings said that SCO Source made about $20k, but cost them something like $3mil to pay the lawyers. It looks like SCO is cutting a deal -- any deal -- wherever they can to give themselves the appearance of legitimacy. If companies were buying real licenses, SCO Source should be making real money. But it's not, so what's in the license? Perhaps the "license" is being mixed with other considerations (which have nothing to do with SCO's IP) that make it worth the purchaser's while. Or maybe the cost is cut to pocket change on the condition that the "licensee" not tell anybody the kind of deal they got.
It's the only way I can see this activity making any business sense.
I'd rather buy stock in Autozone. They have good long-term prospects and they're currently underpriced due to SCO's baseless accusations. There's bound to be a jump when the case gets tossed.
Since SCO seems to be acting as SCO's catspaw and EV1.net seems to be in league with them both, I'm betting on Lindows. Another chance for SCO to do Microsoft's dirty work for them.
The House is just playing to the crowd on this one. "See? We're really concerned about this! Vote for us!" Since it will never get signed into law, they'll never have to deal with the consequences. Like how many accidents will be cause by someone futzing with the "rolling test" rather than looking where they're going.
If you want to use interlocks, make them a punishment on first offense DUI. Don't wait until someone gets killed before the punishments get serious. Just the threat of having to deal with the things should make people think twice about combining liquor and driving.
is ilelgal to send someone a bill for something they don't owe
True, but if you read SCO's letter carefully, you'll find that it stops just short of being a bill. IANAL, but you can bet SCO's attorney's vetted the letter to keep it just this side of fraud.
It might be possible for one of the letter's recipients to press the case, but why would they? If they think it's bogus, they could either ignore it or forward it to their Linux vendor (as Lehman Brothers has done). Either option is free. Trying to take action against SCO for the letter is loaded with potential costs -- not the least of which is attracting the attention of the rabidly litigious SCO.
Additional links.
on
SCOoby Snacks
·
· Score: 2, Informative
Here are three of SCO's "five reasons" with appropriate links:
SCO UNIX(R) is backed by a single, experienced vendor. Where "experienced" is defined as less than four years.
There are several devices for this, from the $20 monocular to a $300 laser rangefinder.
Yeah, but this thing checks the incline as well. It's a lot different hitting to a green that's a few feet above you to one that's a few feet below. On the down side, the site says the range of the laser is only 100 meters, so its current form would be pretty useless for golf.
What if George W. ask Mr. Howard nicely to implement US software in all government applications?
You mean suck up to Microsoft while angering IBM? Ain't gonna happen. While politicians try to curry favor with special interests, they have to do it without angering other special interests. The last thing George and Company need in an election year is another story that paints him as pandering to a particular company. And a move like that would guarantee that Microsoft's enemies would see that the story got a lot of press time.
The last gig I had that dealt with sensitive data did the sensible thing up front and diddled the info to start with. Real names, addresses and account data was used, but we fed it through a scrambler that swapped all the information around so it was "realistic" but not "real". It looked and felt like real data, but had no other practical use.
But the real question is, "What was the policy?" Was there a policy that said development should not be done on real data? Did he have to have access to real data, or would dummy data have worked just as well? After all, the programmer himself could be a pedaphile. Whenever I see something like this that says a programmer made some kind of error, I want to know what the programmer's managers did to prevent it. They should had known that the data was sensitive and taken steps to to keep it confidential.
Can someone explain why companies love going public so damn much?
Because it makes money for those who own the company and/or finances further development. If I have a company worth a million dollars that I own privately, I can sell it in an IPO and have the million cash. Or I can sell some fraction of it, retain some control and put most of the money into development. Just because I have a product doesn't mean I don't need funds to develop a second or improve the first to keep it competitive.
Besides, a lot of times the company is not really owned by the person who came up with the original product, but by that person's investors. And the reason investors invest is that they think it will make them money.
There is a huge amount of discretion involved in creating estimates like this. Nearly all of the "cost" here is the hours of work involved in dealing with the virus, but the numbers are soft and those making the estimates are almost always motivated to inflate the numbers.
Think about it. The manager goes up to the employee and asks how many hours it took to fix the problem. If the employee gives a bigger number, it will look better when determining how much work was done that week, since the hours spent "working" on the virus are subtracted out. Of course the manager is collecting the information to give to his manager, and it's a good excuse for why his project is a day or two behind. Finally, the grand totals are reported to the public by those who are in the security business. It's in their best interest to inflate the numbers so the public will buy their goods and services. None of these people are necessarily lying, just picking the most conservative numbers available to them.
I know that, in my case, the only "cost" was the four or five seconds it took to delete a few emails which had an excised attachment replaced by a note saying, "This was a virus, so we removed it." The cost wasn't nearly as high as that second cup of morning coffee and it's associated extra trip to the restroom.
So why then, is SCO so eager to hand over $250,000 for an informant?... The FBI is likely to be hot on the worm author's heels... why it's in their best interest to part with so much money given that the culprit will likely be found anyway?
You've answered your own question. The FBI will be the ones to catch the guy and SCO won't have to pay anything. Meanwhile, SCO will take the opportunity to knock the Linux community (which had nothing to do with this infantile prank) and play the victim. Another free headline this doofus has given the publicity-hungry SCO.
I find it hard to believe that the "open source community" could be responsible for this DDOS against SCO.
It has nothing to do with the community. It has to do with one stupid putz with too much time on his hands and too few brains in his head. SCO has been busting its butt trying to stay in the news and here this moron goes and gives them a headline on a silver platter. Check their stock price over the last few days and see what effect the worm has had. SCO wouldn't risk launching the worm themselves; if they got caught the fallout would be huge and they'd lose the few friends they have left. Better to be rude and aggressive and let some script kiddie decide he's the Masked Avenger and do their dirty work for them.
Note to aforementioned putz: Why do you think SCO has been using inflammatory language? You're being played. Buying a bumper sticker from Thinkgeek doesn't make you part of the Linux community or anything else worthwhile. If you think you're coding skills are so hot, get out of your mom's basement and try playing with the big boys for a while. Go to Source Forge, pick a project that you can help and do something worthwhile for a change.
Back in the early eighties I worked in a factory (a two-hour commute) writing the software that would run the new robotics. This, of course, made us less than popular with the existing factory population. Some of my less fortunate colleages found out that it was also a bad idea to go to work in a foreign car.
They stuck us in a back room a substantial hike from the restroom. The room was filled with junk and trash and had to be cleaned, starting off with snow shovels to get the biggest piles and working our way down to brooms. Once the room was cleaned we sat down to admire orr handiwork. While they sat there, a half-dozen factory workers came in and had lunch, dropping their trash on the floor. We had to padlock the room. We also had to keep an eye out whenever we rearranged the tables. Apparently, there was a furniture mover's union . ..
Once we finished we were able to work there, but a half-dozen minicomputers with no air-conditioning kept the room stifling. We couldn't wear shorts, so we made do with short-sleeve shirts and a steady supply of cold sodas from coolers. Of course, drinking all that soda meant that the distance to the bathroom became more problematic.
I don't know how SCO possibly hopes to sustain another lawsuit
They have no choice. They've been hoping to scare companies into buying their licenses to avoid a lawsuit, but if they do that now any lawyer in the country will tell the judge, "Look at the Novell suit, SCO might not own this stuff anyway." If that happens just once, it will set a precedent for every other case to wait for the resolution of the Novell case, which could take years.
Besides, Boies and company might just be on a retainer to handle all the legal stuff, including this. They've got a stake in seeing SCO sold, not crushed.
Didn't they make this argument on the first go-round? As I recall, the judge ruled that they wouldn't get to see IBM's code until they produced evidence of infringement. It follows that if they can't produce evidence of infringement without looking at the code, either the judge has to reverse her previous ruling or the case is dead. It sounds like they produced what they could (i.e., almost nothing) in the hopes that the judge wouldn't notice and would authorize the same fishing expedition she didn't permit last time.
Slashdot Mirror
Can you see the tech guy trying to explain that their company was knocked off, not by the attack, but by the counter attack?
"It's okay, sir. It was friendly fire.
On the other hand, there's one born every minute. Usually that's plenty.
Maybe it won't hold up in court, but at least it will burn off some of the cash SCO received and spread their legal team a little thinner.
- Extortion. Threats of harm or injury to another person or his property? Just what is it he has supposedly threatend to harm?
- Larceny by conversion. This assumes that you took something of value and used it for yourself rather than its original purposes. Just what is it that this guy supposedly took? And how is he using it for his own purposes?
- Using a computer to commit a crime. This assumes a crime is committed. It's also a stupid law. Might as well make it illegal to use a stick to commit a crime. Committing the crime is a crime, no matter what you use to do it.
- Obstruction of justice (bad link). This is based on the guy lying to the police about who owns the web site. Dumb thing to do, but "justice" doesn't figure prominently in this story in any case.
If all they want is the site name, they don't even need the courts. You can't keep someone else's name without a valid reason. That's what all the cybersquatting cases were about. The Macomb Sherriff could simply argue to ICANN that Pat Richard doesn't have a valid claim to the name "macombsherriff.com" and they could get it back. (Technically, it should be "macombsherriff.gov" anyway.)"Microsoft" is a large publicly traded company. As an entity, the only money Microsoft gave SCO or arranged for SCO to get was the licensing fee. That does not mean that one or more of Microsoft's multi-millionaire employees didn't make the arrangements, but he did it when he wasn't wearing his Microsoft hat. SCO says that the leaked memo came from a contractor who was mistaken and had been corrected. The "mistake" was that the contractor didn't notice that his Microsoft contact had taken off his Microsoft hat.
The other thing I wonder about is the fact that SCO has only been suing SCO UNIX customers and former customers. F'rinstance, does anyone know if CA has a SCO UNIX license? If so, is the license for that bundled into the new license? It would make a big difference to the bottom line if CA already had to pay $4.9mil for a SCO UNIX license and $5mil for the new "plus Linux" one.
Of course, maybe I just haven't been wearing my tinfoil hat enough lately. Still, I'd love to see the actual contracts.
Note the targets of SCO's lawsuits so far and the reason why they're being sued:
- IBM because they bought a UNIX license from SCO.
- Daimler Chrysler because they use both Linux and SCO UNIX.
- Autozone because they used to use SCO UNIX and changed to Linux.
- Novell because they have a contract with SCO to collect UNIX licensing fees.
Note that in every case the problem has never been that the target used Linux. It's always because they did business with SCO. In no case has SCO tried to prove in court that they have IP in Linux; they reserve those claims for their press releases. The court cases are all about contractual disputes with SCO customers and former customers.I've said it before and I'll say it again. The lesson is clear; it's dangerous to even talk to these nut jobs.
It's the only way I can see this activity making any business sense.
I'd rather buy stock in Autozone. They have good long-term prospects and they're currently underpriced due to SCO's baseless accusations. There's bound to be a jump when the case gets tossed.
If you want to use interlocks, make them a punishment on first offense DUI. Don't wait until someone gets killed before the punishments get serious. Just the threat of having to deal with the things should make people think twice about combining liquor and driving.
It might be possible for one of the letter's recipients to press the case, but why would they? If they think it's bogus, they could either ignore it or forward it to their Linux vendor (as Lehman Brothers has done). Either option is free. Trying to take action against SCO for the letter is loaded with potential costs -- not the least of which is attracting the attention of the rabidly litigious SCO.
But the real question is, "What was the policy?" Was there a policy that said development should not be done on real data? Did he have to have access to real data, or would dummy data have worked just as well? After all, the programmer himself could be a pedaphile. Whenever I see something like this that says a programmer made some kind of error, I want to know what the programmer's managers did to prevent it. They should had known that the data was sensitive and taken steps to to keep it confidential.
Besides, a lot of times the company is not really owned by the person who came up with the original product, but by that person's investors. And the reason investors invest is that they think it will make them money.
Think about it. The manager goes up to the employee and asks how many hours it took to fix the problem. If the employee gives a bigger number, it will look better when determining how much work was done that week, since the hours spent "working" on the virus are subtracted out. Of course the manager is collecting the information to give to his manager, and it's a good excuse for why his project is a day or two behind. Finally, the grand totals are reported to the public by those who are in the security business. It's in their best interest to inflate the numbers so the public will buy their goods and services. None of these people are necessarily lying, just picking the most conservative numbers available to them.
I know that, in my case, the only "cost" was the four or five seconds it took to delete a few emails which had an excised attachment replaced by a note saying, "This was a virus, so we removed it." The cost wasn't nearly as high as that second cup of morning coffee and it's associated extra trip to the restroom.
Note to aforementioned putz:
Why do you think SCO has been using inflammatory language? You're being played. Buying a bumper sticker from Thinkgeek doesn't make you part of the Linux community or anything else worthwhile. If you think you're coding skills are so hot, get out of your mom's basement and try playing with the big boys for a while. Go to Source Forge, pick a project that you can help and do something worthwhile for a change.
Just my humble opinion.
They stuck us in a back room a substantial hike from the restroom. The room was filled with junk and trash and had to be cleaned, starting off with snow shovels to get the biggest piles and working our way down to brooms. Once the room was cleaned we sat down to admire orr handiwork. While they sat there, a half-dozen factory workers came in and had lunch, dropping their trash on the floor. We had to padlock the room. We also had to keep an eye out whenever we rearranged the tables. Apparently, there was a furniture mover's union . . .
Once we finished we were able to work there, but a half-dozen minicomputers with no air-conditioning kept the room stifling. We couldn't wear shorts, so we made do with short-sleeve shirts and a steady supply of cold sodas from coolers. Of course, drinking all that soda meant that the distance to the bathroom became more problematic.
Ahh, the good old days.
Besides, Boies and company might just be on a retainer to handle all the legal stuff, including this. They've got a stake in seeing SCO sold, not crushed.
Didn't they make this argument on the first go-round? As I recall, the judge ruled that they wouldn't get to see IBM's code until they produced evidence of infringement. It follows that if they can't produce evidence of infringement without looking at the code, either the judge has to reverse her previous ruling or the case is dead. It sounds like they produced what they could (i.e., almost nothing) in the hopes that the judge wouldn't notice and would authorize the same fishing expedition she didn't permit last time.