This week, SCO's Darl McBride wrote:
The most controversial issue in the information technology industry
today is the ongoing battle over software copyrights and
intellectual property. This battle is being fought largely between
vendors who create and sell proprietary software, and the Open
Source community. My company, the SCO Group, became a focus of this
controversy when we filed a lawsuit against IBM alleging that SCO's
proprietary Unix code has been illegally copied into the free Linux
operating system. In doing this we angered some in the Open Source
community by pointing out obvious intellectual property problems
that exist in the current Linux software development model.
This debate about Open Source software is healthy and beneficial. It
offers long-term benefits to the industry by addressing a new
business model in advance of wide-scale adoption by customers. But
in the last week of August two developments occurred that adversely
affect the long-term credibility of the Open Source community, with
the general public and with customers.
The first development followed another series of Denial of Service
(DDoS) attacks on SCO, which took place two weeks ago. These were
the second and third such attacks in four months and have prevented
Web users from accessing our web site and doing business with SCO.
There is no question about the affiliation of the attacker - Open
Source leader Eric Raymond was quoted as saying that he was
contacted by the perpetrator and that "he's one of us." To Mr
Raymond's partial credit, he asked the attacker to stop. However, he
has yet to disclose the identity of the perpetrator so that justice
can be done.
No one can tolerate DDoS attacks and other kinds of attacks in this
Information Age economy that relies so heavily on the Internet. Mr
Raymond and the entire Open Source community need to aggressively
help the industry police these types of crimes. If they fail to do
so it casts a shadow over the entire Open Source movement and raises
questions about whether Open Source is ready to take a central role
in business computing. We cannot have a situation in which companies
fear they may be next to suffer computer attacks if they take a
business or legal position that angers the Open Source community.
Until these illegal attacks are brought under control, enterprise
customers and mainstream society will become increasingly alienated
from anyone associated with this type of behavior.
The second development was an admission by Open Source leader Bruce
Perens that UNIX System V code (owned by SCO) is, in fact, in Linux,
and it shouldn't be there. Mr. Perens stated that there is "an error
in the Linux developer's process" which allowed Unix System V code
that "didn't belong in Linux" to end up in the Linux kernel (source:
ComputerWire, August 25, 2003). Mr. Perens continued with a string of
arguments to justify the "error in the Linux developer's process."
However, nothing can change the fact that a Linux developer on the
payroll of Silicon Graphics stripped copyright attributions from
copyrighted System V code that was licensed to Silicon Graphics
under strict conditions of use, and then contributed that source
code to Linux as though it was clean code owned and controlled by
SGI. This is a clear violation of SGI's contract and copyright
obligations to SCO. We are currently working to try and resolve
these issues with SGI.
This improper contribution of Unix code by SGI into Linux is one
small example that reveals fundamental structural flaws in the Linux
development process. In fact, this issue goes to the very heart of
whether Open Source can be trusted as a development model for
enterprise computing software. The intellectual property roots of
Linux are obviously flawed at a systemic level under the current
model. To date, we claim that more than one million lines of Unix
System V protected code have been contributed to Linux through this
model. The flaws inherent in the Linux process must be openly
addressed and fixed.
At a minimum, IP sources should be checked to assure that copyright
contributors have the authority to transfer copyrights in the code
contributed to Open Source. This is just basic due diligence that
governs every other part of corporate dealings. Rather than defend
the "don't ask, don't tell" Linux intellectual property policy that
caused the SCO v IBM case, the Open Source community should focus on
customers' needs. The Open Source community should assure that Open
Source software has a solid intellectual property foundation that
can give confidence to end users. I respectfully suggest to Open
Source developers that this is a far better use of your collective
resources and abilities than to defend and justify flawed
intellectual property policies that are out of sync with the needs
of enterprise computing customers.
I believe that the Open Source software model is at a critical stage
of development. The Open Source community has its roots in counter-
cultural ideals - the notion of "Hackers" against Big Business - but
because of recent advances in Linux, the community now has the
opportunity to develop software for mainstream American corporations
and other global companies. If the Open Source community wants its
products to be accepted by enterprise companies, the community
itself must follow the rules and procedures that govern mainstream
society. This is what global corporations will require. And it is
these customers who will determine the ultimate fate of Open Source
- not SCO, not IBM, and not Open Source leaders.
Some enterprise customers have accepted Open Source because IBM has
put its name behind it. However, IBM and other Linux vendors are
reportedly unwilling to provide intellectual property warranties to
their customers. This means that Linux end users must take a hard
look at the intellectual property underpinnings of Open Source
products and at the GPL (GNU General Public License) licensing model
itself.
If the Open Source community wants to develop products for
enterprise corporations, it must respect and follow the rule of law.
These rules include contracts, copyrights and other intellectual
property laws. For several months SCO has been involved in a
contentious legal case that we filed against IBM. What are the
underlying intellectual property principles that have put SCO in a
strong position in this hotly debated legal case? I'd summarize them
in this way:
"Fair use" applies to educational, public service and related
applications and does not justify commercial misappropriation. Books
and Internet sites intended and authorized for the purpose of
teaching and other non-commercial use cannot be copied for
commercial use. We believe that some of the SCO software code that
has ended up in the Linux operating system got there through this
route. This violates our intellectual property rights.
Copyright attributions protect ownership and attribution rights -
they cannot simply be changed or stripped away. This is how
copyright owners maintain control of their legal rights and prevent
unauthorized transfer of ownership. Our proprietary software code
has been copied into Linux by people who simply stripped off SCO's
copyright notice or contributed derivative works in violation of our
intellectual property rights. This is improper.
In copyright law, ownership cannot be transferred without express,
written authority of a copyright holder. Some have claimed that,
because SCO software code was present in software distributed under
the GPL, SCO has forfeited its rights to this code. Not so - SCO
never gave permission, or granted rights, for this to happen.
Transfer of copyright ownership without express written authority of
all proper parties is null and void.
Use of derivative rights in copyrighted material is defined by the
scope of a license grant. An authorized derivative work may not be
used beyond the scope of a license grant. License grants regarding
derivative works vary from license to license - some are broad and
some are narrow. In other words, the license itself defines the
scope of permissive use, and licensees agree to be bound by that
definition. One reason SCO sued IBM is due to our assertions that
IBM has violated the terms of the specific IBM/SCO license agreement
through its handling of derivative works. We believe our evidence is
compelling on this issue.
The copyright rules that underlie SCO's case are not disputable.
They provide a solid foundation for any software development model,
including Open Source. Rather than ignore or challenge copyright
laws, Open Source developers will advance their cause by respecting
the rules of law that built our society into what it is today. This
is the primary path towards giving enterprise companies the
assurance they need to accept Open Source products at the core of
their business infrastructure. Customers need to know that Open
Source is legal and stable.
Finally, it is clear that the Open Source community needs a business
model that is sustainable, if it is to grow beyond a part-time
avocation into an enterprise-trusted development model. Free Open
Source software primarily benefits large vendors, which sell
hardware and expensive services that support Linux, but not Linux
itself. By providing Open Source software without a warranty, these
largest vendors avoid significant costs while increasing their
services revenue. Today, that's the viable Open Source business
model. Other Linux companies have already failed and many more are
struggling to survive. Few are consistently profitable. It's time
for everyone else in the industry, individuals and small
corporations, to under this and to implement our own business model
- something that keeps us alive and profitable. In the long term,
the financial stability of software vendors and the legality of
their software products are more important to enterprise customers
than free software. Rather than fight for the right for free
software, it's far more valuable to design a new business model that
enhances the stability and trustworthiness of the Open Source
community in the eyes of enterprise customers.
A sustainable business model for software development can be built
only on an intellectual property foundation. I invite the Open
Source community to explore these possibilities for your own benefit
within an Open Source model. Further, the SCO Group is open to ideas
of working with the Open Source community to monetize software
technology and its underlying intellectual property for all
contributors, not just SCO.
In the meantime, I will continue to protect SCO's intellectual
property and contractual rights. The process moving forward will not
be easy. It is easier for some in the Open Source community to fire
off a "rant" than to sit across a negotiation table. But if the Open
Source community is to become a software developer for global
corporations, respect for intellectual property is not optional - it
is mandatory. Working together, there are ways we can make sure this
happens.
Best regards to all,
Darl McBride
CEO
The SCO Group
In response, Eric Raymond and Bruce Perens, two high-profile open
source evangelists, called McBride's letter - in an exercise of
marvelously purple prose - "a farrago of falsehoods, half-truths,
evasions, slanders and misrepresentations."
Raymond denied that he knows who unleashed the last Denial of
Service attack on SCO and reiterated what he said initially - that
he was contacted by a go-between, and not the culprit himself.
Raymond characterized McBride's implication that he is shielding the
perpetrator as "false and slanderous." (Actually he means libelous.)
Raymond and Perens claim that open source is "instinctively
respectful of concerns about IP, credit and provenance....We reject
your attempt to portray our community as a howling wilderness of IP
thieves as a baseless and destructive smear."
They claim that open "source code is public, exposed to scrutiny by
anyone who wishes to contest its ownership" and ask whether "SCO or
any other closed-source vendor can say the same? Who knows what IP
violations, what stripped copyrights, what stolen techniques lurk in
the depths of closed-source code. Indeed, not only SCO's past
representations that it was merging GPL'd Linux technology into SCO
Unix but Judge Debevoise's rulings in the last big lawsuit on Unix
IP rights suggest strongly that SCO should clean up its own act
before daring to accuse others of theft."
They say SCO's charge that a million lines of code was lifted from
Unix is "mathematically impossible" and then of course they come to
the perennial open source point and say, "If you wish to make a
respectable case for contamination, show us the code. Disclose the
overlaps. Specify file by file and line by line which code you
believe to be infringing, and on what grounds. We will swiftly meet
our responsibilities under law, either removing the allegedly
infringing code or establishing that it entered Linux by routes
which foreclose proprietary claims."
See
http://www.catb.org/~esr/writings/mcbride2.html for the entire
letter.
Then later this came from Linus Torvalds:
Open Letter to Darl McBride - Please Grow Up
Dear Darl,
Thank you so much for your letter.
We are happy that you agree that customers need to know that Open
Source is legal and stable, and we heartily agree with that sentence
of your letter. The others don't seem to make as much sense, but we
find the dialogue refreshing.
However, we have to sadly decline taking business model advice from
a company that seems to have squandered all its money (that it made
off a Linux IPO, I might add, since there's a nice bit of irony
there), and now seems to play the US legal system as a lottery. We
in the Open Source group continue to believe in technology as a way
of driving customer interest and demand.
Also, we find your references to a negotiating table somewhat
confusing, since there doesn't seem to be anything to negotiate
about. SCO has yet to show any infringing IP in the Open Source
domain, but we wait with bated breath for when you will actually
care to inform us about what you are blathering about.
All of our source code is out in the open, and we welcome you point
to any particular piece you might disagree with.
Until then, please accept our gratitude for your submission,
Yours truly,
Linus Torvalds
Subscribe to AJAX & RIA Journal Email News Alerts
Subscribe via RSS
