My Visit to SCO
As mentioned above, I met with Chris Sontag and Blake Stowell. Chris Sontag did almost all the talking. In general, below I say "SCO says" and so forth, but Chris Sontag was the one who actually was talking.
Chris Sontag showed me a series of PowerPoint (I assume) slides and talked about them. I took notes on my laptop. He listened to my questions and tried to answer them. He did not show me anything beyond his planned presentation, despite my requests for some additional information. This presentation was not the same as the one described by The Inquirer. This one was divided into three main topics: SCO owns Unix, SCO vs. IBM and Linux is tainted.
SCO argues it purchased full rights to Unix from the old SCO, which purchased the rights from Novell. The Unix patents still are owned by AT&T, but SCO has purchased the right to use them. There was a dispute with Novell over copyright ownership, but SCO claims this has been resolved and SCO does indeed own the copyrights.
In general, SCO claims to have purchased all rights to all versions of Unix System V and all prior versions of Unix, which were developed by AT&T.
My concerns are with free software, not the actual ownership of Unix. I believed at the start of the lawsuit that SCO owned the rights to Unix, and I suppose I still am willing to believe that. I think that any legal issues here clearly are a matter of the purchase contract between Novell and the original SCO, and it should be more or less straightforward for the new SCO and Novell to settle them.
The main issue of interest to me is whether rights to early versions of Unix have been weakened by the wide spread distribution of source code, including the publication of the Lions book and the fact that, until recently, the new SCO was distributing Unix source code for free on its FTP site.
SCO is suing IBM for breach of contract, unfair competition, tortious interference and misappropriation of trade secrets. SCO is now the owner of the contract that IBM originally signed with AT&T (I assume, but maybe some later owner) to develop AIX. That contract requires derivative works remain part of AIX. It also requires IBM to maintain confidentiality of sources and derivative code. Derivative works are allowed "provided resulting materials are treated as part of the original software products."
SCO has a list of about 20 IBM engineers who are, it claims, using AIX methods in Linux. SCO claims that some of these engineers literally are looking at AIX source code as they discuss Linux issues and making recommendations based on the AIX code.
SCO claims this is inappropriate because everything built on top of AIX or using methods developed in AIX is really a derived work of Unix. As we talked, I realized this is a key part of SCO's argument. SCO claims that anything built on top of Unix is itself a derived work of Unix. I will discuss this further below.
SCO said that besides IBM, Sequent has contributed code to Linux which is derived from Unix. Sequent is now a subsidiary of IBM.
SCO also claims that some of the derivative works IBM contributed to Linux include NUMA, RCU, JFS, SMP, performance measurement and improvements, serviceability, scheduler improvements, LinuxPPC 32 and 64 bit support, logical partition support. Sontag moved on to the next slide before I typed down the rest of the list.
I asked specifically about JFS, because I know that was originally developed for OS/2. SCO claims that JFS was originally developed for AIX, then ported to OS/2, then ported back to AIX; the port back to AIX was the basis for the Linux port. Chris Sontag said this was straight from the JFS web page. I just checked, and the JFS web page does not entirely agree. There IBM says that while JFS was first developed for AIX, the development for OS/2 was a new effort; the Linux port was based on the OS/2 work, not the port back to AIX. Using SCO's expansive definition of derivative work, arguably the development on OS/2 was based on the original AIX development, as some of the same people may have worked on it and used their experience with the AIX code.
Again, despite all this discussion, the whole issue of SCO vs. IBM was not the reason I was there. If IBM did indeed breach its contract, I suppose it should pay some appropriate penalty. I've been around the computer world too long to think that IBM is on the right side of every issue. However, SCO's presentation did not show me any clear evidence that IBM did indeed breach its contract. Obviously, IBM has contributed code to Linux, but it is not at all clear to me that such code is a derivative of Unix.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide