My Visit to SCO

The full story of what one person who signed SCO's NDA encountered on his trip to Lindon, Utah.
Derivative Works

The key to SCO's case against IBM appears to be an expansive notion of derivative works. SCO basically is arguing that any code developed on top of Unix is a derivative work of Unix. It is arguing that the contract with IBM, which SCO now owns, makes clear that any work derivative of Unix must remain confidential.

SCO is using a very extensive notion of derivative work. When I made that objection, SCO said it was for the court to decide. It is true that, so far as I know, no court has ever ruled on whether one piece of software is derivative of another. The question is whether a court would rule that even software entirely developed by IBM, such as JFS, is a derivative work of Unix because it was developed as a component of a Unix system. I think we can all agree that Unix with JFS is a derivative work of Unix; the question is whether JFS by itself is a derivative work.

In general, the issue is where the boundary lies between derivative works and independent works. All programs run on Unix use a Unix API; do they therefore become derivative works? Presumably not. However, when writing a program that runs on Unix, I might look at Unix source code if I have access to it; does that make my program a derivative work? It seems, from SCO's comments, that it might claim this is so.

I am not a lawyer. However, I hope the courts will not accept SCO's broad definition of derivative work. I think it would be dangerous for free software and for software development in general. Software thrives by extending work done by others. If adding a component to an existing piece of software means the component is owned by the owner of the existing software, then few people will add components. That would not be good for anybody.

It's worth noting that if a court does accept such a broad notion of derivative work, it will weaken SCO's defense against the allegations that Linux code was copied into UnixWare. That would seem to put SCO on the horns of a dilemma; I don't know how it plans to resolve it.

Secrecy

I asked a couple of times why SCO was being so secretive about everything. The answers were not particularly convincing. SCO said it was keeping its evidence secret because it is part of a legal action. The evidence will be presented in court. SCO doesn't want it to be tried in public before it is tried in court.

SCO said the Unix code always has been provided under confidentiality agreements, despite its wide distribution. It said that until the parties go to court, it doesn't want the Linux community to remove the code in question. SCO thinks it's more than changing a few lines of code. As noted above, it feels large chunks are derivative. It argued that even a full replacement would be in part based on the prior effort, and thus would itself be derivative, at least under the terms of the IBM contract.

My guess is SCO would prefer not to have to reveal any of its evidence. My guess is it would prefer to settle with IBM and to use the spectre of liability to get licensing revenue from Linux users. After all, in court SCO might lose. The current situation, in which it makes people feel nervous, is better for SCO. I don't know if I'm right, and if I am right I don't know how it will play out.

Chris Sontag appeared confident when he spoke to me. However, my sense is SCO knows it has a weak hand, one it is playing as strongly as it knows how. I expect SCO to keep upping the pressure in the press, to announce a Linux licensing scheme and to hope to start getting more revenue.

IBM and Patents

IBM is a past master of the IP extortion strategy. For example, see this Forbes article about IBM's shakedown of Sun in Sun's early days. For SCO to attack IBM using IP is somewhat like trying to eat a live tiger.

If IBM starts to feel nervous about this suit, it will unleash its patent portfolio. SCO is certain to be violating a number of IBM patents. Unless some preexisting patent agreement exists between SCO and IBM, SCO surely will lose against IBM's countersuit.

However, for IBM to unleash its patent portfolio against Unix would not be a good thing for free software. After all, Linux probably violates a number of those patents as well. Once the beast is awakened, who knows when, or if, it will go back to sleep. The best hope in such a case is that IBM will recognize the danger of killing the goose with the golden eggs and lay off on its own accord.

It's worth noting that the people running SCO and their lawyers may not appreciate the power of software patents. In my experience, few people outside the profession understand the degree to which every program of any scope violates patents. The software industry today survives only through an unstated agreement not to stir things up too much. We must hope this lawsuit isn't the big stirring spoon.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Re: Software Patents

Anonymous's picture

MS is actually infringing many software patents but doesn`t care about this.

Re: My Visit to SCO

Anonymous's picture

First, a very interesting article. As to a comment about the senior management at SCO apprearing confident, I have found in my 30 years in the working world that to be a senior manager one must probably be an excellent poker player. I have seen many cases of people in these positions telling outright fabrications with the appearance of telling the truth, very much like bluffing in poker where one has a small pair but plays it like a royal flush. For instance, I have seen it told that there would be no layoffs only to have layoffs occur in one to two working days after the statement. This bluffing seems to be a recurring theme in this whole SCO affair.

Re: My Visit to SCO

Anonymous's picture

From David Syes...

Poker is what a Food Maker (Jack In the Box's parent company) did to my in 1992. The lying wretch told the judge a lie and she pulled off so smooth it was like pulling silk from back to front of a slippery crotch. She's lucky I cannot manipulate time, physics, law, and guilt, for I would eradicate her and her ilk (only the ones who outright lie in court, not honestly fight truthfully for their client.

Rather than repeat it cut & past, I'll simply give the URL:

http://lwn.net/Articles/36975/

David Syes

Re: My Visit to SCO

Anonymous's picture

Just something to think about...your decade of rage has resulted in far more cost and harm to you than to JITB or any other individual involved. I've had similar experiences with the court system (in Illinois, traffic tickets are uncorrelated with your actions, and are in reality more of a randomly-applied local tax) but you've got to move on.

Your feelings are justified, but they're not doing you any good. If JITB were to notice you, they'd probably just get another laugh from it.

Cristobol

Re: My Visit to SCO

Anonymous's picture

Please post the pictures. The text only make you sound like a weirdo.

Re: My Visit to SCO

Anonymous's picture

"SCO commented that Linux has no mechanism that ensures ownership of the IP which goes into it. It said most Linux developers are honorable, but some commercial entities are bending the rules for their own benefit."

They make this claim fairly often. I'd love to see someone react to it by asking whether SCO has such a mechanism (and then pressing them for details). I'm sure they don't, because it's not possible to ensure this.

Richard Braakman

Re: My Visit to SCO

Anonymous's picture

Of course Linux has such a mechanism, they call it a header. There every contributor claims that it's his "IP" or says where it came from. If you have any problems go to that person and leave everyone else alone.

Re: My Visit to SCO

Anonymous's picture

If all you do is sue people rather than develop any software, then you don't really need such a mechanism...

Re: My Visit to SCO

Anonymous's picture

...but some commercial entities are bending the rules for their own benefit...

SCO just knows this because it is one of the few. LOL

Re: My Visit to SCO

Anonymous's picture

Why don't we start a campaign and get everyone to contribute, say 10 buck each to buy back the Unix rights once and for all. Surely we can find 13 million linux/BSD and open-source users who would pay to get rid of the nuisance.

Re: My Visit to SCO

Anonymous's picture

You can already do this if you buy some SCO Group stock.

Re: My Visit to SCO

Anonymous's picture

"Once you have paid him the Danegeld, you'll never be rid of the Dane."

-- Kipling, iirc

Re: My Visit to SCO

sundancer's picture

Where do I sign up? I'm sick of secretiveness, litigeous licensing warnings in program startup splash screens, and people who contribute nothing outside of owning some code they are trying to slow or halt open developement with. If anyone wants to start a group to raise money for this I can donate the 10, some time, energy, and a subdomain for a site. Conact me through the feeback form at gorgelink.net
Opensource is freedom in motion.

Re: My Visit to SCO

Anonymous's picture

This might be a good time to point out that Linux also infringes upon my copyrights, I also will not tell you what code is infringing and I am willing to settle for just one million dollars. Thanks in advance.

Re: My Visit to SCO

Anonymous's picture

Why not contribute $10? Well, for starters, it feels like paying an anal rapist for a reach-around.

Re: My Visit to SCO

Anonymous's picture

Considering that SCO's seeing $3 billion (or more) in damages, I don't believe $13 million will suffice.

Re: My Visit to SCO

Anonymous's picture

Umm $10 * 13m people = $130m, SCO's worth according to the article

Re: My Visit to SCO

Anonymous's picture

Can you look back through previous versions of linux and see
how long/when the code came into the Linux kernel??

Re: My Visit to SCO

Anonymous's picture

Yes, I can, but reporting that information might violate the terms of the SCO NDA. Sorry.

Ian Lance Taylor

Re: My Visit to SCO

Anonymous's picture

Reporting the exact date might but want about the year.

Re: My Visit to SCO

Anonymous's picture

Why not just find the code (they probably used something obvious,) get the name of the contributor, and grep through the source for his contributions. Then check all the occurences between different kernel versions (you don't need to get every version, just get every 10th, or so.) You can eliminate whole kernel branches using only logic - I doubt you'll find any NUMA code in 1.x kernels.

Re: My Visit to SCO

Anonymous's picture

Then play the guessing game.

Was it 01/01/2000? Can't say

Was it 01/01/1999? Can't say

Was it 01/01/1998? ..silence...

was it 01/01/1997? Can't say

Combined work?

Anonymous's picture

Thank you for the article, it gives a good clear picture od SCO's position.
I have one question: I am not familiar with the peculiarities of US copyright law, but in the Netherlands copyright law makes a distinction between original works, derived works and combined works. The last category was originally intended for anthologies etc.
Looking at the case I feel that under Dutch law AIX would be placed in the combined work category, containing parts originating at both IBM and ATT. Some standard articles of law would come into play; IBM gets copyright for their own original contributions, but would still need permission from the ATT copyright keeper (now ATT) to distribute AIX as a whole. IBM would have discretion on how to distribute their original bits of code related to AIX.

[I have no opinion on the contractual part of the case. I am just a programmer that knows a few bits of law.]

Peter Roozemaal

Re: Combined work?

Anonymous's picture

Copyright in the US is largely Berne convention based, and operates similarly to your description as I understand. Contracts found legally valid can modify that, however and the crux of the issue will actually lie in that.

Re: Combined work?

Anonymous's picture

If some of the bits and pieces that we've been hearing about the license that IBM is being held to are true, IMHO, it amounts to a form of corporate indentured servitude. Like some of the employment contracts that developers and engineers are sometimes forced to sign (if they want a job, anyway) where anything they think up while employed by the company become the property of the company, I think this part of SCO's contract overreaches. Let's hope that it a court sees it that way. Otherwise, what company in its collective right mind would add anything to UNIX?
Why have UNIX expertise in your company? You don't need intelligent, creative programmers on the payroll if everything they produce is going to be owned by another company. If some manufacturer wants to sell hardware that runs UNIX, they must go, cap in hand, to SCO and beg for them to support their hardware. If that sort of situation is allowed, then innovation in the UNIX portion computer industry is dead (it nearly is dead in the Microsoft side already).

Re: My Visit to SCO

Anonymous's picture

net/drivers/dgrs.c: Derived from the SVR4.2 (UnixWare) driver for the same card.

Tainted????

Re: My Visit to SCO

Anonymous's picture

I'm sure the crack IP team at SCO has already found these as well:

drivers/char/applicom.c
/* Derived from Applicom driver ac.c for SCO Unix

drivers/char/rio/rio_linux.c
/* These constants are derived from SCO Source

Re: My Visit to SCO

Anonymous's picture

Note that the driver is apparently contributed by the manufacturer
of the card, who presumably also wrote the original
driver. That would make them free to provide their
work to whomever they wish, under whatever terms
they wish... In my kernel tree, the copyright comments
also contain a phone number for the company's sales
department so you can buy a board to use with the
driver...

Re: My Visit to SCO

Anonymous's picture

> That would make them free to provide their
> work to whomever they wish, under whatever terms
> they wish...

wrong. at least according to SCO's interpretation of what a "derived" work is: this is exactly the same case as jfs: developed _for_ a proprietary unix (not by copying stuff from it) in their twisted minds means derivative work.

of course you're perfectly right if you ask me or any other sanely minded person.

Wrong

Anonymous's picture

The original driver manufacturor is the copyright owner so he may relicense his code any way he pleases. It may have given SCO a perpetual license, but it can also do the same for Linux.

Re: Tainted????

Anonymous's picture

That file must not be the one that's been talked about previously. Not a humorous comment in the whole file. :-)

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

-------- Original Message --------
Subject: RedHat be a hero and buy UNIX to free it forever?
Date: Fri, 20 Jun 2003 00:13:59 -0400
To: mszulik@redhat.com, tiemann@redhat.com

http://www.linuxjournal.com/article.php?sid=6956
I can't help thinking that as of this writing SCO has a market cap of around $130 million and Red Hat has nearly $300 million in cash and investments. Even at an inflated price, Red Hat could afford to buy SCO and free up Unix once and for all. Live the dream.

What do you think? It sure is fun to sit and think about it the reaction on McBride's face if you guys tried this....priceless.

Regards,
A RH Fan.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

What would this do besides give RedHat a worthless company, and the SCO executives (and other shareholders) more money then they're worth?

Keep in mind that all SCO wants from this is to be bought. I see no reason to give them what they want.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Keep in mind that all SCO wants from this is to be bought. I see no reason to give them what they want.

This attitude is just cutting off your nose to spite your face. I'd happily see Darl McBride and his cohorts fly off in a fleet of new Gulfstreams in exchange for an end to all the copyright hoo-hah around Unix. In the end the OS community would have the better set of toys.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

As interesting as the idea of Red Hat buying SCO sounds I have to admit that I also thought it was great when Caldera bought SCO UNIX from SCO. And just look where *that* has gotten us. You just can't tell what may happen three, four, five or even ten years down the road.

I don't know about anyone else but I'd be willing to cough up $150 or so along with one million other people, and then we could all buy the damned company and release whatever copyrights and whatnot they actually own. Now THAT would be cool.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Hi,
100 EURO from me,
ZZ

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

Hi,
I will give my 100 euro's only if, after buying SCO, it will be broken down and a 'GNU-Linux statue' would be build there. So everyone will remember the silent power behind Linux.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

And then we can pay off the next company and the next one and the next one until none of us have any money left. Yes, I can see what a great idea that is.

The only justification for paying off SCO is if they turn out to have a valid claim. That isn't actually impossible, but it does seem unlikely. They need to prove it, in court or out, before parting with any money to them makes any sense at all.

Re: Just emailed RedHat CEO/CIO.

Anonymous's picture

I agree.

Re: My Visit to SCO

soloscribbler's picture

by the way, my previous comment (w/remuneration) was anon, so this adden. is just to say i'm soloscribbler.

Thanks again Ian be well.

Re: My Visit to SCO

Anonymous's picture

Thanks for your very enlightening article on your experiences at SCO and what you learned and have surmised from the experience. Very refreshing after reading Rob (Forrester Research) Enderle's 'think' piece on why seerious enterprises should stay away from Linux (besides the SCO FUD, hisreason seemed to be because all the Unix folk were fringe lunatics who used bad language).

Again, your take very much appreciated. BTW, from one writer to another, the word is remuneration, not renumeration. Isnt't that a laugh?

Thanks for this.

Anonymous's picture

I have been following the SCO situation (how could I not, it's everywhere) and have been waiting to hear somehing from anyone who actually took them up on the NDA and made the trip. Thank you for the insight.

Please please please forget all this SCO is wrong talk`

Anonymous's picture

Okay you have found code in an open source system,
you hire one of the best laywers,
you go public to say we have found evidence.

You have to be sure that what you have holds up in court, and I read that they actually are having the names of the engineers who put what where. So please take this serious and work with the thought that SCO has a claim.

Now once you adopt to this try to think about a way how to stop this.

o There was one way how to find similar code in different Open Source UNIX like systems if we could get support we could look at those pieces and check their origin.

o Then there was a clever comment, somewhere here, saying if the court would follow SCOs stance then UNIX would be a derivative work of VMS. Oha, how deep does the rabbit hole go.

o Could we start a class action suite against SCO because they distribute some of their Unixes without neccesary comments where they are using GPL'ed code.

o If some one views their code and writes a piece for Linux it is derivative. This way they would need to proove that the engineers at SCO have never looked at any Linux code when they were working on thier UNIX's.

o strangely enough just when they needed the copyrights, they found an amendement which Novell has no copy of. So what is going on in corporate america ? You own something that you never claim the copyrights for, or you find a piece of paper just when need you need it.

o What would happen if Novell would relese their UNIX patents into the Open Source ? What good would a Copyright be then on the patent ?

o What possibilities do you guys in america have to stop (legally) a FUD attack without getting broke or waiting for 20 years ?

How can we attack SCO (legally and in public) ? If they spread fear into the Comunity then we need to find their weak spot. And please no guessing or bending the truth type of attack.

One last thought. If a process starts next month and will last for 10 years, then Linux will be stalled or replaced in this time period by companies which otherwise would have adopted Linux. I have no doubt about this since I work for an american company. I know management is not relying on our words. They go the save way (as would I). So imagne this and you'll see that in this case Linux would die a slow death (maybe BeOS would then become the next big thing, who knows).

Also since SCOs management has a history of suing and winning we ahve to make sure that after this is over they never will be able to fie again. The message here is to destry them completely. SEC is looking into possible insider trading. That is a good start.

Also them telling they own al rights to UNIX officially in their statements to their share holder is a bold lie because they a) did not know about the copyrights before they issued this statement and b) they do NOT own the patents and c) there are large parts of UNIX Copyrights owned by other companies such as IBM etc.

Another point that I get a bad taste is their mixing Linux kernel and Linux. They publicly annoounce they own KDE, Gnome, Samba etc., when all they actually should talk about is the kernel. This may mean little to you but the public heared of Linux but how many of your ffriends do know what the heck a kernel is and if this is an important part. So in this they are violating the fair trade law (I am not a lawyer but logic tells me this is can not be a legal conduct).

I believe IBM should counter sue and enforce a clarification to this ASAP, as AIX does not only comprise of UNIX V5 code and thus generate false fear at their customers.

Just my thought on this.

Conterattacks

Anonymous's picture

Some people are fighting back. A German firm that organizes Linux conferences etc sued (or treatened to sue) local SCO outfit for hurting their business with unsubstantiated FUD. It appears that SCO letters to Linux users amount to libel there. Anyway, SCO not only removed threats from their .de site, but closed local office. Something similar is happening in Australia.

BTW, I think that Linus, Cox and the gang should sue for libel SCO honchos personally (not the company). I would gladly contribue to their legal fund. Class action in the name of all contributors (or even users) should also be contemplated.

I am not familiar with BSD license, but I wonder whether investigation of BSD code stolen by AT&T could be revisited. (Acording to some sources - I think I read it in an article by ESR - the ancient settlement was reached when it turned out that BSD contains a handfull of AT&T derived files, while SysV or whatever version was that contains hundreds of pilfered files.)

Further, SCO babbles about 'binary Linux license' that would be obtained by purchase of UnixWare (a.k.a ancient SysVr4). There is no such thing as binary Linux license, and SCO has violated Linux GPL on numerous occasions. This must be pursued in court. We need confirmation in the form of a verdict that GPL is a sound license and that infringing it is as serious as any other copyright infringement.

BTW, my company was Caldera partner. We are not any more, and I explain to my customers why.

Cheers!

Bonzi
Zagreb, Croatia

Re: Please please please forget all this SCO is wrong talk`

Anonymous's picture


What possibilities do you guys in america have to stop (legally) a FUD attack without getting broke or waiting for 20 years ?

Something ranging from slim to none. Our tort system is ruled by money and competence, and enough money never fails to buy competence. And everyone's always said IBM buys the best lawyers.

That's how we do business, here. The law on these matters has been more or less bought by companies with the money to hire expensive lawyers (i.e., companies like IBM and Disney and Sun and Time-Warner and Microsoft and Sony and...). So that's where the decision will be made: In the offices of people at IBM responsible for long-range planning. They'll decide how much of their corporate karma they want to spend to ensure an open-source future.
Now, so far, they think such a future is really good for them (because they're faster and stronger than all the other big players right now and can more readily adapt to the competetive demands of the Open Source ecosystem). But they could change their mind. Or they could envision a strategic change in any one of several directions, up to and including patent extortion, or even an outright or proxy purchase of SCO.
Best scenario for all concerned is a rational decision on the question of derivative works. But in the current corporate and copyright environemt (e.g., the Supremes recently ruled that copyrights can be permanent if Congress says so), the likelihood of that is, again, slim to none.
Not as good, but more realistic, is the earlier suggestion of a white-hat hostile takeover at SCO. The problem is that ratchets up the game a few notches. The reason that things aren't done that way on a daily basis now is that the risk is deemed too high -- it's like military deterrance (you don't use the hostile takeover, I wont' use it). It would move the conflict between companies vending server-based software and solutions (i.e., Sun, IBM and MS) into a new and potentially bloody phase that will enhance employment prosptects for nobody but the lawyers...

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix