Lessons from the SCO/IBM Dispute (Freedom To Tinker)

Posted Jun 10, 2003 13:57 UTC (Tue) by elanthis (subscriber, #6227) [Link]

Why does it being in an open source product matter? Because then _anyone_ can take the code/ideas. Instead of just some of IBM's products having this supposedly stolen code, anyone in the world could take and use the code in question. Open Source means the code is leaked to a greater audience.

Duh.

Posted Jun 10, 2003 14:34 UTC (Tue) by Paul_Murphy (guest, #11735) [Link]

Actually Mr. Felton, someone has. Yes, I'm blowing my own horn and sort of feel bad about that, but there is a reasonable explanation in my linuxworld.com article on the SCO lawsuit.

My idea, which we'll soon see tested in public, is that the contract breach, if it took place (and i think it did), took place with respect to work done by IBM staff working on Linux for the z, p, and i series Power architecture, and thus "escaped" into open source when SuSe and Red Hat put this stuff into their code trees.

If this proves correct it should also have the nice consequence of leaving Linux on Intel (and sparc and alpha etc) unaffected in any direct sense - although I'm concerned that the long term indirect effect will be to layer lawyers into the open source process.

Posted Jun 10, 2003 14:54 UTC (Tue) by dbhost (guest, #3461) [Link]

"If any pimply-faced teenager can contribute code to open-source projects, how can you be sure that that code isn’t copyrighted or patented by somebody?"

To this I respond.
If any Khaki clad thirty something can drop slipshod code and hide it behind trade secrets and closed code,, how can you be sure that the code isn't copyrighted or patented by somebody? The answer to the question on the open source and closed source sides is the same. Without an army of legal researchers that would make the third infantry division look like a scout troop, you simply cannot. And ulike the Open Source development model, there is not well established evidence of who, where, and exactly when certain chunks of code got into the codebase. By knowing who and when a piece of code got put into the codebase we can make assumptions about its origin. Say for example (I am pulling things out of thin air here so bear with me, the names and hunks of code are fictional) Coder Larry Joe Bob has submitted a piece of code, lets say a sound card driver for the EMU10K 5.1 chips. He posts it to the kernel mailing list on July 10th 2003. Two years later company B says, hey that is our code that we have had in our product since 2004! A simple Googling of the kernel mailing list and newsgroups would turn up that the code indeed originated from Larry Joe Bob back in '03. Since Larry Joe Bob has no contact with Company B, and has no access to impact the time / date stamp on the Google archives it is safe to assume that the evidence is coming from an unbiased third party, and is therefore untainted. In fact that would expose Company B to a violation of the GPL for stealing Larry Joe Bob's code...
In much the same way, during the discovery process, I feel that it would be far easier for the Linux community, and IBM, to produce untainted evidence of origin and ownership than it would for the SCO group. This is not a slam dunk brain dead case. There are plenty of brain dead juries that hate big business. And the Linux community is being painted as in bed with IBM to kill the little guy. I am concerned that IBM will get hit with some stupid penalty like that woman a few years back won for spilling hot coffee on herself. Stupid juries can, and often due pervet the rule of law and allow slick lawyers to circumvent the spirit of the law.

Posted Jun 10, 2003 19:17 UTC (Tue) by josh_stern (guest, #4868) [Link]

One of the things I love about the open source community is that it is
dominated by engineers who are willing to speak precisely and without
b.s. on any topic, even if it is unpleasant. That said, I feel compelled
to point out the obvious (to me) pooka sitting in the middle of the
current discussion. While the legal theory is unclear to me (and
actually strikes me as somewhat dubious), it has been claimed by
SCO that end users of products that infringe on copyright could be
legally liable for damages to the copyright holder even if they were
unaware of the violation and the it was not directly caused by their
employees. In that context, Mr. Felten and others are being
somewhat disengenuous to point out that copyright infringement could
occur just as easily in commercial products. While that is true, it's
also true that business users care at least as much about the
possibility of getting sued than they do about the ethics of copyright
infringement or technical legality of the software on their systems.
Neither Mr. Felten or any of the commentators here has cared to
broach the obvious point that it is easier for the copyright holder to
discover violations in open source code, and hence easier for them to
sue. If the legal premise of end-user liability holds up in a substantial
way, then it will hurt open source in comparison to proprietary
products. Arguing that proprietary software is just as likely to infringe
may help with some dubious sort of "whose community is cleaner
argument" but doesn't establish any practical equivalence. For these
reasons, I believe that it is important for open source advocates to
fight for the premise that end-user liability can only start when the
end-user has some substantive reason to suspect copyright
infringement, with clear and reasonable legal standards for what
counts as substantive and what sort of practical due diligence is
required to insure its absence.