It has been said many times that the "free" in "free software" should be
understood in the sense of freedom, not economy. As has been pointed out
by Lawrence Lessig and many others, software code increasingly plays a
regulating role in our lives, much like the legal code does. To the extent
that we can keep that code free - in view and under our control - our lives
as a whole will be more free.
Few acts symbolize freedom more than voting. The image of the popular vote
is so strong that even the most despotic of governments feel the need to go
through the motions; Kim Jong recently won
an election with 100% of the vote. In most of the world, fortunately,
elections tend to be just a bit more competitive than that.
There is, however, a strong trend toward entrusting elections to black-box,
closed-source electronic systems. Many of these systems have no auditing
capability, no external record of votes cast, and, often, manufacturers
with interests that do not always coincide with fair voting results. These
manufacturers have resisted adding important features, such as an
independent, voter-verifiable printed paper ballot. With
many electronic voting systems, the only record at the end of the day is
the data sitting on the system's disk. An unaudited, unbacked-up disk file
created by unseen, closed-source software is a frightening way of choosing
a leader. History shows that, when an opportunity for mischief presents
itself, somebody will eventually take advantage of it.
Perhaps more than any other application, electronic voting cries out for
the use of free software. Votes are a public resource which should never
be filtered through a black box. As one looks around, however, serious
projects aiming to create free election software are rare. Some of them
(e.g. GNU.FREE, Voting Systems Toolbox) have
gone dormant. Others (GVI) are more interested in
exploring alternative voting methods. Then there are some (like the
recently announced EVM
project) which appear to be headed in the right direction, but which are
too young to have released any useful code.
Part of the problem, certainly, is that, unlike many other free software
projects, an electronic voting project cannot just put up a tarball on an
FTP site and watch its software achieve World Domination. There are
certification requirements, which vary across jurisdictions.
Proposed standards for voting systems are stringent; see, for
example, the IEEE's
voting equipment standards draft. Human factors and presentation
fairness issues loom big in this area. Then, there is security; activists
who are concerned about electronic voting have, generally, recommended that
voting systems attain a Common Criteria EAL4 rating, above and beyond the
voting-specific requirements. Then there is the little matter of turning
free voting software into a real product which can be sold and supported,
in large numbers, to agencies in charge of running elections.
In other words, the code is not sufficient. Bringing free software to
electronic voting will also require substantial amounts of money. Getting
a voting system based on free software to an actual deployment will
probably carry a multi-million dollar price tag - for a single
jurisdiction. This is an effort which is beyond the capabilities of a
group of volunteers with a SourceForge site and a bit of code.
Some free software supporters have called for widespread public funding for
free software development. Others are very suspicious of increased public
influence in this area. But it would seem that voting would be a natural
place for governments to support a project or two. Governments are the
only customers, and there is a strong public interest in the creation of
voting software which is open, auditable, and worthy of trust. The
potential for long-term cost savings should have some appeal as well.
Projects which set out to create a free voting system, but which limit
themselves to cranking out code, are unlikely to achieve their goals. If
such a project wishes to see its code deployed, it almost certainly needs a
sub-group which occupies itself with the writing of funding proposals.
Some success in that area could go a long way toward the preservation of
freedom on a national scale.
Comments (8 posted)
Last week's Edition prompted a complaint or two about too much SCO coverage
in LWN. It is our hope to slowly edge SCO off the front page once again,
but the company makes that hard. This case is important for Linux and free
software, and we need to keep an eye on it.
The big news since last week's Edition, of course, is IBM's response and
countersuit, which was filed on August 7. We published a look at IBM's counterclaims on that day; the
full text of IBM's filing is also
available. IBM's response looks, in many ways, like Red Hat's suit from a
few days before, but there are a couple of important differences.
The first is that IBM makes a formal charge of GPL infringement against the
SCO Group. Bringing the GPL into the case is not an entirely surprising
thing for IBM to do; SCO's violation of that license seem relatively
clear. But its presence in IBM's filing sets this case up to be, perhaps,
the first true test of the GPL in court. Some of the noises coming out of
SCO suggest that the company believes it may be possible to break the
GPL in court and would like to do so. We must hope that IBM's lawyers
are on top of this part of the case.
The other important difference, of course, is that IBM has alleged four
counts of patent infringement. As much as many in the community are
pleased with anything that causes discomfort for SCO, the use of software
patents is always a cause for concern. A separate article (below) looks at
the specifics of IBM's patent allegations and how Linux stands with regard
to those patents.
SCO has not skimped on press releases over the last week. The company's response to IBM's
counterclaims included an interesting statement:
If IBM were serious about addressing the real problems with Linux,
it would offer full customer indemnification and move away from the
Exactly how IBM would "move away from the GPL" is not specified. SCO has
the sale of a Linux license to a Fortune 500 company - but, as is usual for
SCO, they won't say who the purchaser is or what sort of deal they were
offered. Finally, SCO announced
the "termination" of Sequent's Unix license.
SCO's System V UNIX contract allowed Sequent to prepare derivative
works and modifications of System V software "provided the
resulting materials were treated as part of the Original [System V]
Software." Restrictions on use of the Original System V Software
include the requirement of confidentiality, a prohibition against
transfer of ownership, and a restriction against use for the
benefit of third parties. Sequent-IBM has nevertheless contributed
approximately 148 files of direct Sequent UNIX code to the Linux
2.4 and 2.5 kernels, containing 168,276 lines of code. This
Sequent code is critical NUMA and RCU multi-processor code
previously lacking in Linux.
This is a reiteration of the core of SCO's claim against IBM: the Unix
licenses give SCO rights over any code which has ever touched Unix,
regardless of its source or ownership.
The next event in the SCO saga is likely to be the company's third-quarter
earnings call, happening 9:00 MST (GMT-6) on Thursday, August 14.
Among other things, the company will evidently discuss the substantial
amount of insider trading which has occurred since the IBM suit was filed.
Comments (5 posted)
[This article was contributed by Joe 'Zonker' Brockmeier]
IBM's response to SCO's suit last week was met with quite a bit of
enthusiasm from the Linux community, but with a tinge of concern as
well. Many in the Linux community are concerned about IBM's use of
patents to strike back at SCO. While IBM's patent claims are not
unexpected, and in fact are sound legal strategy for Big Blue, many
worry that IBM may someday use its huge patent arsenal against
competitors in the Linux marketplace and not simply as a defensive
mechanism against legal predators like SCO.
We took a look at IBM's patent claims to see how they might affect the
Linux community, and if Linux projects or vendors could be subject to
claims by IBM. It seems, at first glance, a little odd that IBM has
chosen to only claim infringement on four of their patents. IBM has
thousands of patents, it seems very likely that it could claim that SCO
infringes on dozens of patents. However, the patents IBM has chosen
affect most of SCO's non-Linux products -- namely, UnixWare and Open
Server, Reliant HA and SCO Manager. Users looking for SCO Manager on the
SCO website will find that it's not linked to their product section
anymore -- but using Google Cache it appears that sales have been suspended.
The first patent infringement claimed by IBM is patent 4,814,746: granted March 21, 1989. This patent covers an adaptive method of compression of data for communications between a host and remote terminals. IBM claims that this patent is infringed by both UnixWare and Open Server.
The second patent claim by IBM is patent
4,821,211: granted April 11, 1989. This patent covers "navigating among
program menus using a graphical menu tree" using a pointing device, and IBM
claims that SCO Manager infringes on the patent. This seems like a rather
obvious invention, and the patent could probably be used against a number
of programs. According to the patent, it is novel because of:
...the ability to visually display, in graphical form, the menu hierarchy
for (a) the program that the user is currently using, (b) other programs
on the user's computer, and (c) other programs on other computer systems
to which the user has access.
This claim limits the patent from being applied against just any GUI
application with a menu, but certainly could be applied against
applications that allow access to databases on other machines, GUI
front-ends for CVS, and a number of other applications you might find
being used on Linux.
IBM's third claim is patent
4,953,209: granted August 28, 1990. According to IBM, SCO is infringing
on this patent with the UnixWare product. This patent covers a
"self-verifying" technique to show that a user has received a data object,
agreed to the conditions of the data object's receipt or use, and has
installed in for reading or use. Not just the display of the license, but a
method of verifying after the fact that the user has actually taken some
action to indicate that they have agreed to the license.
Basically, this patent covers a method of distributing software and
having the user agree to a license without the need for the vendor to
distribute any physical media. A "clickwrap" license scheme, if you
will. While this patent may apply to some products that run on Linux
from proprietary vendors, it seems unlikely that this patent poses a
serious threat to the open source community in general.
The fourth and final (at least for now) patent claim is patent
5,805,785: granted September 8, 1998. This is the only patent that IBM
is using against SCO that doesn't predate Linux. IBM claims that SCO's Reliant
HA high-availability clustering solution infringes on this patent. This
patent covers monitoring and recovery of systems in a distributed or
clustered system, and specifically the "detection of and recovery from
open-ended, user defined failure events occurring in interdependent
subsystems" as opposed to a set of predefined failure events. It seems
likely that IBM could also make a case against several products and
projects in the Linux space related to clustering with this patent -- if
they chose to do so.
While IBM has an enormous patent warchest to draw on, SCO a/k/a Caldera
has only one patent to its name; patent
6,529,784, granted March 4 this year. This patent covers "a method for
providing system management services to a customer's network of target
computers through a communications network." This patent may be of interest
to Linux users, as it seems to specifically deal with package management
and software dependencies. We may yet be hearing from SCO on patent
matters, in addition to their other nebulous claims.
IBM has not proven eager to emulate Amazon in using its patents to
damage competitors, but its hands aren't entirely clean, either. There
is, for example, the oft-cited case of
IBM demanding $20 million from Sun using the threat of patent
litigation. While IBM has not been on the patent warpath of late,
there's nothing to stop them from deciding to start using their patents
against other Linux vendors or community projects that might compete
with IBM for customers.
There is no evidence that IBM is gearing up to use its patents against
the Linux community at this time, and it does seem unlikely that the
company would be willing to squander the goodwill it has accrued thus
far. However, there was a time when it seemed unlikely that SCO
(née Caldera) would be attempting full-on legal warfare against
Linux and the General Public License.
It might be prudent for the community to begin seeking guarantees from
IBM, and other Linux vendors with substantial patent portfolios, that
they will not use their patents against open source users, projects or
vendors. It would also be advisable that members of the open source
community work towards modification of the patent system. It seems very
likely that patent threats will be the next major hurdle that Linux and
open source face -- if not from IBM, then certainly from companies like
Microsoft or Sun that are directly threatened by the continued adoption
of Linux and open source.
Comments (7 posted)
in San Francisco is
the premiere trade show event of the year for Linux. For many companies
it's a good time to announce new products and new alliances, a time of hype
and press releases. LinuxWorld is also a place to network and glimpse a
wider range of the IT world. LWN editor Rebecca Sobol was there and
presents, My trip to San Francisco, LinuxWorld 2003
This LWN editor has very limited trade show experience. The Linux Business
Expo (LBE) at Comdex
1999 and the LBE,
Comdex 2000 and a couple of local shows comprise the sum total of my
experience. In comparison, LinuxWorld 2003 is a smaller show than the LBEs
of the past, though larger than any local show. In 1999 many small
companies came to the LBE hoping to be acquired by larger companies who were
planning IPOs. LWN and an Australian company called Moreton Bay were among
those small companies with booths near the back of the LBE. In 2000 LWN
was acquired by Tucows.com and Moreton Bay was acquired by Lineo, and life
seemed pretty rosy, for a while. Now, in 2003, LWN is once again
independently owned and operated, and so is Moreton Bay, with the new name
At LinuxWorld 2003 SnapGear joined other survivors of that era and newer
companies, with small booths to the east and north. The .org pavilion took
up the northwest section, leaving the center floor near the entrance to the
larger companies. IBM took up the most space, with a sprawling pavilion
and additional crew in partnering booths, like those of Red Hat and SuSE. Other companies with prime real
estate include Sun, Microsoft, Dell, Oracle, and Intel.
Microsoft was in a slightly smaller booth near the edge of the main space,
close to the .orgs. There happy customers were eager to talk about how well
Microsoft products work in their clustering, number crunching, high
availability environments. Elsewhere open source and proprietary go hand
in hand as applications and appliances use Linux and other open source
components to power not-so-open products. A single person from the U.S. Internal Revenue Service had free (as in
beer) CDs with tax preparation software for Windows and Mac.
On Monday your editor went for a long walk around the streets of San
Francisco, with the old LWN camera. By Monday night it was clear that the
old camera has seen better days. There may may or may not be pictures
hidden inside, but if they are there they are inaccessible, so unfortunately
there will be no photos to brighten this essay.
Tuesday began with Red Hat's press conference announcing the filing of a lawsuit against SCO. At the press conference
Red Hat CEO Matthew Szulik also talked about the creation of a Legal
Defense Fund for the open source community. Red Hat hopes that other
companies who depend on open source software will add to this $1 million
fund to help pay for the future legal needs of open source developers.
The next stop on my agenda was with SGI, who
shares space in the Intel booth. Ginny Babbitt and the LWN fan club at SGI
build multi-processor Altix systems with SGI ProPack software.
Irix, SGI's proprietary UNIX, is still used for some jobs, but more and
more Linux rules at SGI.
Later, in the meeting rooms Dell
Director Reza Rooholamini talked about Dell's high-performance computing
clusters (HPCC) with PowerEdge servers. Among Dell's HPCC customers are
the National Center for Supercomputing
Applications at the University of Illinois, Urbana-Champaign (NCSA).
That Dell HPCC cluster runs Red Hat Enterprise Linux and ranks among the fastest
supercomputers in the world. Dell can customize any system, whether a
supercomputing HPCC or a home PC, with your choice of OS, including several
flavors of mainstream Linux. Reza told us that Dell puts Linux on just
under 30% of their sales.
Tuesday night at the SnapGear party we celebrated independence
and new business models that are more realistic than, 'get acquired and
make a killing at the IPO'. SnapGear makes small VPN/router boxes
embedded with uClinux and other open source
software, so that when you plug the box in, "it just works". They will
build custom boxes too, if you want something beyond the standard models,
and the boxes all come with source code.
Wednesday morning started very early, with the Linux Professional Institute (LPI) advisory
board meeting. Lots of topics were discussed during the course of
this not-quite-two-hour meeting. To begin with Evan Leibovitch, President
of LPI talked about the the new LPI website, available in thirteen
languages; and how they manage to keep all the translations current.
We also learned that many certification organizations from many different
disciplines are part of a larger group that addresses some common problems,
like cheating on tests. LPI is now a member of the Information Technology Certification
Security Council (ITCSC), a membership funded organization, formed
"to preserve the security and integrity of certification tests for
the benefit of certified professions, their employers, and those companies
granting IT certification".
Lintraining.com is now sponsored by
LPI, making it easier than ever to find the training people need to become
Another topic was making exams available to everyone, not just those that
can easily come up with the fee. In developing countries people are
sometimes trapped in a situation where they are unable to afford
certification testing, but they also cannot find a job without the
certification. The other side of this is that LPI is setting up testing
labs where at least a part of the test is done in a hands-on computer lab,
making the testing facility more expensive.
Level 3 exams are in the works, but there are questions about the form they
will take. LPI strives to create exams are that distribution neutral, but
at level 3 there are system administration tasks are done very differently
by different Linux vendors.
Sponsorships keep LPI running, and Evan thanked Novell for becoming it's
newest sponsor. At the end of the meeting he also mentioned that SCO is
still listed among LPI sponsors. Caldera was LPI's first sponsor in 1998,
he told us, and many of same people are still at SCO, working in the
trenches to do good things, in spite of the actions of a few people in
management. So SCO's logo remains on the site to honor those Calderan's
who continue to do good things from the trenches.
Later that morning, in the Oracle
meeting room, I talked to Wim Coekaerts, Oracle's main kernel hacker.
Oracle's customers want Linux, so Oracle has made agreements with the
major Linux vendors to provide Linux along with Oracle products and
services. Oracle handles all the service calls, working with the
distribution vendor when necessary to resolve their customer's problems.
Linux is used in-house at Oracle.
The Oracle database, however, will remain proprietary for the
foreseeable future. Wim said that when Oracle released it's ClusterFS
under the GPL, their customers didn't care. Not a one ever submitted
a patch or paid the slightest attention to the source code. It seems
that Oracle customers don't have much, if any, IT department. Instead they
rely on Oracle to keep their systems running. They like Linux because it's
reliable and inexpensive, not because they can see the source code. Oracle
provides a total package of software, hardware and support. Open source
databases like MySQL and PostgreSGL are no competition, because they really
aren't in the same business.
Oracle had a statement prepared August 5, 2003 to respond to any
mention of SCO. "Oracle believes that anything that leads to a
more rapid resolution of the issues raised by SCO is good for the
industry and for the open-source community. Oracle has seen nothing
to date that has caused us to question our tremendous commitment to
Linux as a customer, promoter, supporter, and developer. We are
continuing our deep commitment to Linux and look forward to seeing
these issues resolved as quickly as possible. We will continue to
work with our close partners such as Red Hat and other Linux
distributions to promote continued adoption of Linux."
Booth strolling took up part of Tuesday and Wednesday. Many booths were
visited and there were conversations with many people, too numerous to name
here. Most people shared a desire for the swift resolution to the SCO
mess. Overall, people seemed confident about the future of Linux and of
Comments (12 posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: Bitten by old bugs; New vulnerabilities in ddskk, pam-pgsql, xpcd, zblast.
- Kernel: MSI support; libata; Too many threads?; Flavours.
- Distributions: New Releases from CRUX, Yoper
- Development: The GnuCash Project Needs Help, JACK Transport Design,
New versions of omniORB, Quagga Routing Suite,GSview Beta, Epiphany,
gCAD3D, CK-Ledger, GIMP, FreeFrame, ECL, PHP, Boa Constructor.
- Press: Linux's lucky lawsuit, Open Source "State of the Union",
Oracle's Linux conversion, KDE Usability study.
- Announcements: Linux on a Tablet PC, CAD/CAM for Linux, AUUG 2003 Conf,
International Ruby Conf, New Lisp web site.
- Letters: SCO