My Visit to SCO

The full story of what one person who signed SCO's NDA encountered on his trip to Lindon, Utah.
Preliminaries

As mentioned above, I met with Chris Sontag and Blake Stowell. Chris Sontag did almost all the talking. In general, below I say "SCO says" and so forth, but Chris Sontag was the one who actually was talking.

Chris Sontag showed me a series of PowerPoint (I assume) slides and talked about them. I took notes on my laptop. He listened to my questions and tried to answer them. He did not show me anything beyond his planned presentation, despite my requests for some additional information. This presentation was not the same as the one described by The Inquirer. This one was divided into three main topics: SCO owns Unix, SCO vs. IBM and Linux is tainted.

SCO Owns Unix

SCO argues it purchased full rights to Unix from the old SCO, which purchased the rights from Novell. The Unix patents still are owned by AT&T, but SCO has purchased the right to use them. There was a dispute with Novell over copyright ownership, but SCO claims this has been resolved and SCO does indeed own the copyrights.

In general, SCO claims to have purchased all rights to all versions of Unix System V and all prior versions of Unix, which were developed by AT&T.

My concerns are with free software, not the actual ownership of Unix. I believed at the start of the lawsuit that SCO owned the rights to Unix, and I suppose I still am willing to believe that. I think that any legal issues here clearly are a matter of the purchase contract between Novell and the original SCO, and it should be more or less straightforward for the new SCO and Novell to settle them.

The main issue of interest to me is whether rights to early versions of Unix have been weakened by the wide spread distribution of source code, including the publication of the Lions book and the fact that, until recently, the new SCO was distributing Unix source code for free on its FTP site.

SCO vs. IBM

SCO is suing IBM for breach of contract, unfair competition, tortious interference and misappropriation of trade secrets. SCO is now the owner of the contract that IBM originally signed with AT&T (I assume, but maybe some later owner) to develop AIX. That contract requires derivative works remain part of AIX. It also requires IBM to maintain confidentiality of sources and derivative code. Derivative works are allowed "provided resulting materials are treated as part of the original software products."

SCO has a list of about 20 IBM engineers who are, it claims, using AIX methods in Linux. SCO claims that some of these engineers literally are looking at AIX source code as they discuss Linux issues and making recommendations based on the AIX code.

SCO claims this is inappropriate because everything built on top of AIX or using methods developed in AIX is really a derived work of Unix. As we talked, I realized this is a key part of SCO's argument. SCO claims that anything built on top of Unix is itself a derived work of Unix. I will discuss this further below.

SCO said that besides IBM, Sequent has contributed code to Linux which is derived from Unix. Sequent is now a subsidiary of IBM.

SCO also claims that some of the derivative works IBM contributed to Linux include NUMA, RCU, JFS, SMP, performance measurement and improvements, serviceability, scheduler improvements, LinuxPPC 32 and 64 bit support, logical partition support. Sontag moved on to the next slide before I typed down the rest of the list.

I asked specifically about JFS, because I know that was originally developed for OS/2. SCO claims that JFS was originally developed for AIX, then ported to OS/2, then ported back to AIX; the port back to AIX was the basis for the Linux port. Chris Sontag said this was straight from the JFS web page. I just checked, and the JFS web page does not entirely agree. There IBM says that while JFS was first developed for AIX, the development for OS/2 was a new effort; the Linux port was based on the OS/2 work, not the port back to AIX. Using SCO's expansive definition of derivative work, arguably the development on OS/2 was based on the original AIX development, as some of the same people may have worked on it and used their experience with the AIX code.

Again, despite all this discussion, the whole issue of SCO vs. IBM was not the reason I was there. If IBM did indeed breach its contract, I suppose it should pay some appropriate penalty. I've been around the computer world too long to think that IBM is on the right side of every issue. However, SCO's presentation did not show me any clear evidence that IBM did indeed breach its contract. Obviously, IBM has contributed code to Linux, but it is not at all clear to me that such code is a derivative of Unix.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: Software Patents

Anonymous's picture

MS is actually infringing many software patents but doesn`t care about this.

Re: My Visit to SCO

Anonymous's picture

First, a very interesting article. As to a comment about the senior management at SCO apprearing confident, I have found in my 30 years in the working world that to be a senior manager one must probably be an excellent poker player. I have seen many cases of people in these positions telling outright fabrications with the appearance of telling the truth, very much like bluffing in poker where one has a small pair but plays it like a royal flush. For instance, I have seen it told that there would be no layoffs only to have layoffs occur in one to two working days after the statement. This bluffing seems to be a recurring theme in this whole SCO affair.

Re: My Visit to SCO

Anonymous's picture

From David Syes...

Poker is what a Food Maker (Jack In the Box's parent company) did to my in 1992. The lying wretch told the judge a lie and she pulled off so smooth it was like pulling silk from back to front of a slippery crotch. She's lucky I cannot manipulate time, physics, law, and guilt, for I would eradicate her and her ilk (only the ones who outright lie in court, not honestly fight truthfully for their client.

Rather than repeat it cut & past, I'll simply give the URL:

http://lwn.net/Articles/36975/

David Syes

Re: My Visit to SCO

Anonymous's picture

Just something to think about...your decade of rage has resulted in far more cost and harm to you than to JITB or any other individual involved. I've had similar experiences with the court system (in Illinois, traffic tickets are uncorrelated with your actions, and are in reality more of a randomly-applied local tax) but you've got to move on.

Your feelings are justified, but they're not doing you any good. If JITB were to notice you, they'd probably just get another laugh from it.

Cristobol

Re: My Visit to SCO

Anonymous's picture

Please post the pictures. The text only make you sound like a weirdo.

Re: My Visit to SCO

Anonymous's picture

"SCO commented that Linux has no mechanism that ensures ownership of the IP which goes into it. It said most Linux developers are honorable, but some commercial entities are bending the rules for their own benefit."

They make this claim fairly often. I'd love to see someone react to it by asking whether SCO has such a mechanism (and then pressing them for details). I'm sure they don't, because it's not possible to ensure this.

Richard Braakman

Re: My Visit to SCO

Anonymous's picture

Of course Linux has such a mechanism, they call it a header. There every contributor claims that it's his "IP" or says where it came from. If you have any problems go to that person and leave everyone else alone.

Re: My Visit to SCO

Anonymous's picture

If all you do is sue people rather than develop any software, then you don't really need such a mechanism...

Re: My Visit to SCO

Anonymous's picture

...but some commercial entities are bending the rules for their own benefit...

SCO just knows this because it is one of the few. LOL

Re: My Visit to SCO

Anonymous's picture

Why don't we start a campaign and get everyone to contribute, say 10 buck each to buy back the Unix rights once and for all. Surely we can find 13 million linux/BSD and open-source users who would pay to get rid of the nuisance.

Re: My Visit to SCO

Anonymous's picture

You can already do this if you buy some SCO Group stock.

Re: My Visit to SCO

Anonymous's picture

"Once you have paid him the Danegeld, you'll never be rid of the Dane."

-- Kipling, iirc

Re: My Visit to SCO

sundancer's picture

Where do I sign up? I'm sick of secretiveness, litigeous licensing warnings in program startup splash screens, and people who contribute nothing outside of owning some code they are trying to slow or halt open developement with. If anyone wants to start a group to raise money for this I can donate the 10, some time, energy, and a subdomain for a site. Conact me through the feeback form at gorgelink.net
Opensource is freedom in motion.

Re: My Visit to SCO

Anonymous's picture

This might be a good time to point out that Linux also infringes upon my copyrights, I also will not tell you what code is infringing and I am willing to settle for just one million dollars. Thanks in advance.

Re: My Visit to SCO

Anonymous's picture

Why not contribute $10? Well, for starters, it feels like paying an anal rapist for a reach-around.

Re: My Visit to SCO

Anonymous's picture

Considering that SCO's seeing $3 billion (or more) in damages, I don't believe $13 million will suffice.

Re: My Visit to SCO

Anonymous's picture

Umm $10 * 13m people = $130m, SCO's worth according to the article

Re: My Visit to SCO

Anonymous's picture

Can you look back through previous versions of linux and see
how long/when the code came into the Linux kernel??

Re: My Visit to SCO

Anonymous's picture

Yes, I can, but reporting that information might violate the terms of the SCO NDA. Sorry.

Ian Lance Taylor

Re: My Visit to SCO

Anonymous's picture

Reporting the exact date might but want about the year.

Re: My Visit to SCO

Anonymous's picture

Why not just find the code (they probably used something obvious,) get the name of the contributor, and grep through the source for his contributions. Then check all the occurences between different kernel versions (you don't need to get every version, just get every 10th, or so.) You can eliminate whole kernel branches using only logic - I doubt you'll find any NUMA code in 1.x kernels.

Re: My Visit to SCO

Anonymous's picture

Then play the guessing game.

Was it 01/01/2000? Can't say

Was it 01/01/1999? Can't say

Was it 01/01/1998? ..silence...

was it 01/01/1997? Can't say

Combined work?

Anonymous's picture

Thank you for the article, it gives a good clear picture od SCO's position.
I have one question: I am not familiar with the peculiarities of US copyright law, but in the Netherlands copyright law makes a distinction between original works, derived works and combined works. The last category was originally intended for anthologies etc.
Looking at the case I feel that under Dutch law AIX would be placed in the combined work category, containing parts originating at both IBM and ATT. Some standard articles of law would come into play; IBM gets copyright for their own original contributions, but would still need permission from the ATT copyright keeper (now ATT) to distribute AIX as a whole. IBM would have discretion on how to distribute their original bits of code related to AIX.

[I have no opinion on the contractual part of the case. I am just a programmer that knows a few bits of law.]

Peter Roozemaal

Re: Combined work?

Anonymous's picture

Copyright in the US is largely Berne convention based, and operates similarly to your description as I understand. Contracts found legally valid can modify that, however and the crux of the issue will actually lie in that.

Re: Combined work?

Anonymous's picture

If some of the bits and pieces that we've been hearing about the license that IBM is being held to are true, IMHO, it amounts to a form of corporate indentured servitude. Like some of the employment contracts that developers and engineers are sometimes forced to sign (if they want a job, anyway) where anything they think up while employed by the company become the property of the company, I think this part of SCO's contract overreaches. Let's hope that it a court sees it that way. Otherwise, what company in its collective right mind would add anything to UNIX?
Why have UNIX expertise in your company? You don't need intelligent, creative programmers on the payroll if everything they produce is going to be owned by another company. If some manufacturer wants to sell hardware that runs UNIX, they must go, cap in hand, to SCO and beg for them to support their hardware. If that sort of situation is allowed, then innovation in the UNIX portion computer industry is dead (it nearly is dead in the Microsoft side already).

Re: My Visit to SCO

Anonymous's picture

net/drivers/dgrs.c: Derived from the SVR4.2 (UnixWare) driver for the same card.

Tainted????

Re: My Visit to SCO

Anonymous's picture

I'm sure the crack IP team at SCO has already found these as well:

drivers/char/applicom.c
/* Derived from Applicom driver ac.c for SCO Unix

drivers/char/rio/rio_linux.c
/* These constants are derived from SCO Source

Re: My Visit to SCO

Anonymous's picture

Note that the driver is apparently contributed by the manufacturer
of the card, who presumably also wrote the original
driver. That would make them free to provide their
work to whomever they wish, under whatever terms
they wish... In my kernel tree, the copyright comments
also contain a phone number for the company's sales
department so you can buy a board to use with the
driver...

Re: My Visit to SCO

Anonymous's picture

> That would make them free to provide their
> work to whomever they wish, under whatever terms
> they wish...

wrong. at least according to SCO's interpretation of what a "derived" work is: this is exactly the same case as jfs: developed _for_ a proprietary unix (not by copying stuff from it) in their twisted minds means derivative work.

of course you're perfectly right if you ask me or any other sanely minded person.

Wrong

Anonymous's picture

The original driver manufacturor is the copyright owner so he may relicense his code any way he pleases. It may have given SCO a perpetual license, but it can also do the same for Linux.

Re: Tainted????

Anonymous's picture

That file must not be the one that's been talked about previously. Not a humorous comment in the whole file. :-)

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

-------- Original Message --------
Subject: RedHat be a hero and buy UNIX to free it forever?
Date: Fri, 20 Jun 2003 00:13:59 -0400
To: mszulik@redhat.com, tiemann@redhat.com

http://www.linuxjournal.com/article.php?sid=6956
I can't help thinking that as of this writing SCO has a market cap of around $130 million and Red Hat has nearly $300 million in cash and investments. Even at an inflated price, Red Hat could afford to buy SCO and free up Unix once and for all. Live the dream.

What do you think? It sure is fun to sit and think about it the reaction on McBride's face if you guys tried this....priceless.

Regards,
A RH Fan.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

What would this do besides give RedHat a worthless company, and the SCO executives (and other shareholders) more money then they're worth?

Keep in mind that all SCO wants from this is to be bought. I see no reason to give them what they want.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Keep in mind that all SCO wants from this is to be bought. I see no reason to give them what they want.

This attitude is just cutting off your nose to spite your face. I'd happily see Darl McBride and his cohorts fly off in a fleet of new Gulfstreams in exchange for an end to all the copyright hoo-hah around Unix. In the end the OS community would have the better set of toys.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

As interesting as the idea of Red Hat buying SCO sounds I have to admit that I also thought it was great when Caldera bought SCO UNIX from SCO. And just look where *that* has gotten us. You just can't tell what may happen three, four, five or even ten years down the road.

I don't know about anyone else but I'd be willing to cough up $150 or so along with one million other people, and then we could all buy the damned company and release whatever copyrights and whatnot they actually own. Now THAT would be cool.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Hi,
100 EURO from me,
ZZ

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Hi,
I will give my 100 euro's only if, after buying SCO, it will be broken down and a 'GNU-Linux statue' would be build there. So everyone will remember the silent power behind Linux.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

And then we can pay off the next company and the next one and the next one until none of us have any money left. Yes, I can see what a great idea that is.

The only justification for paying off SCO is if they turn out to have a valid claim. That isn't actually impossible, but it does seem unlikely. They need to prove it, in court or out, before parting with any money to them makes any sense at all.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

I agree.

Re: My Visit to SCO

soloscribbler's picture

by the way, my previous comment (w/remuneration) was anon, so this adden. is just to say i'm soloscribbler.

Thanks again Ian be well.

Re: My Visit to SCO

Anonymous's picture

Thanks for your very enlightening article on your experiences at SCO and what you learned and have surmised from the experience. Very refreshing after reading Rob (Forrester Research) Enderle's 'think' piece on why seerious enterprises should stay away from Linux (besides the SCO FUD, hisreason seemed to be because all the Unix folk were fringe lunatics who used bad language).

Again, your take very much appreciated. BTW, from one writer to another, the word is remuneration, not renumeration. Isnt't that a laugh?

Thanks for this.

Anonymous's picture

I have been following the SCO situation (how could I not, it's everywhere) and have been waiting to hear somehing from anyone who actually took them up on the NDA and made the trip. Thank you for the insight.

Please please please forget all this SCO is wrong talk`

Anonymous's picture

Okay you have found code in an open source system,
you hire one of the best laywers,
you go public to say we have found evidence.

You have to be sure that what you have holds up in court, and I read that they actually are having the names of the engineers who put what where. So please take this serious and work with the thought that SCO has a claim.

Now once you adopt to this try to think about a way how to stop this.

o There was one way how to find similar code in different Open Source UNIX like systems if we could get support we could look at those pieces and check their origin.

o Then there was a clever comment, somewhere here, saying if the court would follow SCOs stance then UNIX would be a derivative work of VMS. Oha, how deep does the rabbit hole go.

o Could we start a class action suite against SCO because they distribute some of their Unixes without neccesary comments where they are using GPL'ed code.

o If some one views their code and writes a piece for Linux it is derivative. This way they would need to proove that the engineers at SCO have never looked at any Linux code when they were working on thier UNIX's.

o strangely enough just when they needed the copyrights, they found an amendement which Novell has no copy of. So what is going on in corporate america ? You own something that you never claim the copyrights for, or you find a piece of paper just when need you need it.

o What would happen if Novell would relese their UNIX patents into the Open Source ? What good would a Copyright be then on the patent ?

o What possibilities do you guys in america have to stop (legally) a FUD attack without getting broke or waiting for 20 years ?

How can we attack SCO (legally and in public) ? If they spread fear into the Comunity then we need to find their weak spot. And please no guessing or bending the truth type of attack.

One last thought. If a process starts next month and will last for 10 years, then Linux will be stalled or replaced in this time period by companies which otherwise would have adopted Linux. I have no doubt about this since I work for an american company. I know management is not relying on our words. They go the save way (as would I). So imagne this and you'll see that in this case Linux would die a slow death (maybe BeOS would then become the next big thing, who knows).

Also since SCOs management has a history of suing and winning we ahve to make sure that after this is over they never will be able to fie again. The message here is to destry them completely. SEC is looking into possible insider trading. That is a good start.

Also them telling they own al rights to UNIX officially in their statements to their share holder is a bold lie because they a) did not know about the copyrights before they issued this statement and b) they do NOT own the patents and c) there are large parts of UNIX Copyrights owned by other companies such as IBM etc.

Another point that I get a bad taste is their mixing Linux kernel and Linux. They publicly annoounce they own KDE, Gnome, Samba etc., when all they actually should talk about is the kernel. This may mean little to you but the public heared of Linux but how many of your ffriends do know what the heck a kernel is and if this is an important part. So in this they are violating the fair trade law (I am not a lawyer but logic tells me this is can not be a legal conduct).

I believe IBM should counter sue and enforce a clarification to this ASAP, as AIX does not only comprise of UNIX V5 code and thus generate false fear at their customers.

Just my thought on this.

Conterattacks

Anonymous's picture

Some people are fighting back. A German firm that organizes Linux conferences etc sued (or treatened to sue) local SCO outfit for hurting their business with unsubstantiated FUD. It appears that SCO letters to Linux users amount to libel there. Anyway, SCO not only removed threats from their .de site, but closed local office. Something similar is happening in Australia.

BTW, I think that Linus, Cox and the gang should sue for libel SCO honchos personally (not the company). I would gladly contribue to their legal fund. Class action in the name of all contributors (or even users) should also be contemplated.

I am not familiar with BSD license, but I wonder whether investigation of BSD code stolen by AT&T could be revisited. (Acording to some sources - I think I read it in an article by ESR - the ancient settlement was reached when it turned out that BSD contains a handfull of AT&T derived files, while SysV or whatever version was that contains hundreds of pilfered files.)

Further, SCO babbles about 'binary Linux license' that would be obtained by purchase of UnixWare (a.k.a ancient SysVr4). There is no such thing as binary Linux license, and SCO has violated Linux GPL on numerous occasions. This must be pursued in court. We need confirmation in the form of a verdict that GPL is a sound license and that infringing it is as serious as any other copyright infringement.

BTW, my company was Caldera partner. We are not any more, and I explain to my customers why.

Cheers!

Bonzi
Zagreb, Croatia

Re: Please please please forget all this SCO is wrong talk`

Anonymous's picture


What possibilities do you guys in america have to stop (legally) a FUD attack without getting broke or waiting for 20 years ?

Something ranging from slim to none. Our tort system is ruled by money and competence, and enough money never fails to buy competence. And everyone's always said IBM buys the best lawyers.

That's how we do business, here. The law on these matters has been more or less bought by companies with the money to hire expensive lawyers (i.e., companies like IBM and Disney and Sun and Time-Warner and Microsoft and Sony and...). So that's where the decision will be made: In the offices of people at IBM responsible for long-range planning. They'll decide how much of their corporate karma they want to spend to ensure an open-source future.
Now, so far, they think such a future is really good for them (because they're faster and stronger than all the other big players right now and can more readily adapt to the competetive demands of the Open Source ecosystem). But they could change their mind. Or they could envision a strategic change in any one of several directions, up to and including patent extortion, or even an outright or proxy purchase of SCO.
Best scenario for all concerned is a rational decision on the question of derivative works. But in the current corporate and copyright environemt (e.g., the Supremes recently ruled that copyrights can be permanent if Congress says so), the likelihood of that is, again, slim to none.
Not as good, but more realistic, is the earlier suggestion of a white-hat hostile takeover at SCO. The problem is that ratchets up the game a few notches. The reason that things aren't done that way on a daily basis now is that the risk is deemed too high -- it's like military deterrance (you don't use the hostile takeover, I wont' use it). It would move the conflict between companies vending server-based software and solutions (i.e., Sun, IBM and MS) into a new and potentially bloody phase that will enhance employment prosptects for nobody but the lawyers...

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix