My Visit to SCO
This essay describes my visit to SCO on June 17, 2003, to discuss SCO's claim that Linux infringes on its intellectual property rights. I visited the SCO office in Lindon, Utah, for about one hour. I spoke with Chris Sontag, Senior Vice President, Operating Systems Division, and with Blake Stowell, Director of Public Relations. In order to speak with them, I signed a non-disclosure agreement.
The short version of this essay is SCO's claims are unproven, as I expected would be the case before I went. The amount of information SCO was willing to show me was extremely limited, and it did not by itself prove that SCO's claims were true nor that its claims were false.
I won't give the full background here, as it is well covered elsewhere, such as on Karsten Self's page. The short version, as of June 17, 2003, is SCO has sued IBM, alleging that IBM took work that was the intellectual property of SCO and incorporated it into Linux (when I say "Linux" in this essay, I mean specifically the Linux kernel, not a complete distribution). SCO is the current owner of Unix, which originally was developed by AT&T. SCO, which used to be named Caldera, purchased the rights to Unix from a different company named SCO, which has since changed its name to Tarantella. Along with Unix, SCO purchased a number of contractual agreements, including one with IBM. SCO is alleging that IBM has violated that contract.
SCO also sent a letter to some 1,500 commercial users of Linux distributions, warning them that Linux may be an unauthorized derivative of code owned by SCO. That is, SCO alleges that Linux actually to some extent is owned by SCO and may not be distributed under the GPL. The letter further claims that users of Linux may have legal liability because of this.
SCO said it would provide evidence that Linux is a derivative of Unix to independent analysts. With the help of Don Marti, Editor in Chief of Linux Journal, I contacted SCO and offered to be one of those analysts. SCO agreed, subject to my signing the NDA and traveling to its headquarters in Lindon, Utah.
SCO's legal case is complicated by the fact that when SCO was named Caldera it was itself a Linux distributor, and it may have distributed, under the GPL, the code which it now claims to own. It also complicated by allegations that SCO has incorporated Linux code under the GPL into UnixWare. These issues may indeed cause SCO's legal case to founder, but not in the way I would prefer it to founder.
I took the trouble to visit SCO because I care about what happens to free software in general and Linux in particular. The SCO claims have put a cloud over Linux. I have heard speculation from business acquaintances that the free versions of Linux will be shunned by corporate IT users, who will be unwilling to take the legal risk of using it. I don't think that would be good for Linux or for free software.
I remember the AT&T case against BSDI and the University of California, which arguably stalled BSD development for a few years. Indeed, it arguably was the root cause of Linux's popularity, because Linux development was not stalled. SCO's case against IBM is in some ways a reprisal of the AT&T case, and I fear that it has a similar potential to stall Linux development.
SCO was willing to speak only with people who signed a Draconian non-disclosure agreement (NDA), one which essentially permitted SCO to declare any information it provided to be confidential, regardless of whether the signer already knew it, and which offered no circumstances under which that information could be revealed. Most Linux developers are unable to sign such an NDA, as it easily could prevent them from ever again working on the kernel. Similarly, employees of any company that works with Linux cannot sign such an NDA.
I have never contributed to the Linux kernel myself. However, I have worked with free software for over 10 years, including acting as a maintainer for projects owned by the Free Software Foundation. I have plenty of personal knowledge of how free software development works. I currently am not employed by anybody, but simply working as a contractor on work not related to Linux.
Thus, I felt going in that I was in a good position to sign the NDA and to analyze the information that SCO presented to me. While SCO easily could have made it impossible for me to contribute to the Linux kernel, it had no reason to do so. In any case, I had no particular plans to do any kernel work.
Before going to meet SCO, I asked three times if it would be willing to change the NDA. I suggested that SCO should change the NDA to permit the disclosure of information when legally required by a court and to permit the disclosure of information when SCO specifically agrees to it. I also suggested the NDA should be changed so that information I already knew before meeting could not be treated confidential. The only response I received was SCO forwarded my suggestions to its counsel.
As it turned out, SCO actually showed me very little confidential information.
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
- Using tshark to Watch and Inspect Network Traffic
- September 2015 Issue of Linux Journal: HOW-TOs
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects
- Build a “Virtual SuperComputer” with Process Virtualization
- My Network Go-Bag
- Doing Astronomy with Python