EOF - Why I Don't Worry about SCO, and Never Did

By the time this article goes to print and arrives in your mailbox, the SCO case will mean even less than it does when I'm writing this, and that's saying something. The latest headline associated with SCO is their potential delisting from the Nasdaq for failing to file paperwork. This is the public-company equivalent of being sent to bed without supper or being expelled from school. It isn't good, and it's very irresponsible.

By the time this magazine hits print they'll have sent in their homework, late, for a lesser grade, or they'll have retreated from the public markets and the expensive and revealing Sarbanes-Oxley scrutiny that comes with having a ticker symbol. Either way, they'll be even less of a threat to free software, but I have to say, I wasn't worried, not for one minute.

I wasn't worried about their legal position that they owned parts of the Linux kernel.

I wasn't worried about their complaints against friend of Linux, IBM.

I wasn't worried about the future of the Linux kernel, Linus himself, his wife, his kids, Alan Cox, Andrew Morton or, for that matter, the people in industry that SCO subpoenaed in pursuit of their action against IBM.

Why wasn't I worried? The time to sue Linux and many prominent open-source software projects has passed, and in that passing, we have a blueprint on how to avoid consequential litigation for future important free software projects. The reason I don't worry about people suing Linux, and the reason I wasn't worried when SCO did it, is because Linux has become too important to too many people for it to be vulnerable to that kind of attack.

The time to kill Linux was when it was a project with ten developers who lived on university stipends, not when it has thousands of connected developers and $14 billion in Linux-related sales (IDC's number for the year 2003, if you believe analysts). It was vulnerable when it was still a university project, not now when uncountable school districts are using it to reduce their dependence on the punitive cost structures of proprietary software. It was vulnerable when it was in use in a few countries by a few dozen users, not now when it is used by a few dozen countries to ensure their software sovereignty. In short, it was vulnerable when it meant nothing to a few, not now when it is central to the information age economies.

And if that hyperbole didn't make you turn the page and drool over an ad for some sexy cluster gear, here is what we learn from Linux and Litigation.

First, if you want to destroy a free software project's chances of success, start when it is young, by making a competing product so good there will be no user need for the free software.

Second, if you are running a large project, assemble your friends around you, the way Linux has, so you can absorb the hits that come with success. Surrounding Linux is a vast array of industry organizations, corporate users, nations and end users whose livelihood is tied tightly to Linux. This doesn't mean that Linux doesn't get sued, it simply means the people doing the suing find themselves horribly alone.

Third, put off any sort of foundation or corporatization until you are ready to defeat the slings and arrows that come with the success of your project. The Samba team has played this card very well. If some large software company were to go after Samba under the rubric of patent infringement, who could it go after that would slow the use of Samba? Samba project leaders Andrew Tridgell and Jeremy Allison would be protected by the same companies who find Samba vital to their survival. And this wouldn't stop people from using Samba one bit. Sometimes in the pages of LJ we talk about Microsoft as if it were filled with fools. But it's not so foolish as to sue its end users the way SCO has. The day for effectively suing Samba also has passed.

And finally, when people sue Linux or Samba, help if you can, but the best start is to keep using free software and help keep it vital to yourself, your workplace and your government. Through this need, this necessity, we enshroud our software with a warm blanket of security that the parasites will fail to penetrate.

So, in the end, this article is really about Asterisk, the free Voice-over-IP software that developed at telco hardware maker Digium. Asterisk represents a project that is on the verge of being too important to be vulnerable. If I were looking for an open-source company to back, I'd say (and have said) Digium. If you haven't tried it, you really should. It is remarkable stuff. Like Linux, you can't believe software can be this good and useful. And if it's good and useful, it will be important to enough people that legal threats from failed companies just won't matter.