Thursday, December 04, 2003

SCO Thoughts

So far I steered clear from the SCO controversy. Other people have done a better job of covering the clearly false nature of SCO's claim of copyright to the Linux kernel. One thing this controversy does highlight is the need for a rigourous intelluctual property management system. SCO clearly has no idea what IP they own, what IP is theirs and what IP belongs to others. This should be a clear warning sign for any company in the IP business.

  • Keep a record. If you write software keep your CVS tree and commits. Keep the entire history available and quickly readable. DO NOT stuff it into a old backup tape to age and degrade.
  • Periodically review your IP annually. Where is it? Where is it being used?
  • Have clear IP usage guidelines at your company. If programmers are contributing to open source projects, understand what that means.


Monday, November 24, 2003

FSF Reprint Article on the SCO controversy


SCO: Without Fear and Without Research


Eben Moglen



Monday 24 November 2003





There's a traditional definition of a shyster: a lawyer who, when the law is against him, pounds on the facts; when the facts are against him, pounds on the law; and when both the facts and the law are against him, pounds on the table. The SCO Group's continuing attempts to increase its market value at the expense of free software developers, distributors and users through outlandish legal theories and unsubstantiated factual claims show that the old saying hasn't lost its relevance.

Just The Facts


SCO continues to claim in public statements about its lawsuit against IBM that it can show infringement of its copyrights in Unix Sys V source code by the free software operating system kernel called Linux. But on the one occasion when SCO has publicly shown what it claimed were examples of code from Linux taken from Unix Sys V, its demonstration backfired, showing instead SCO's cavalier attitude toward copyright law and its even greater sloppiness at factual research.

On August 18, 2003, SCO's CEO, Darl McBride, offered a slide presentation of supposed examples of infringing literal copying from Sys V to Linux at a public speech in Las Vegas. Within hours the free software and open source communities had analyzed SCO's supposed best evidence, and the results were not encouraging for those investors and others who hope SCO knows what it is talking about.[1]

In Las Vegas Mr. McBride offered two examples of code from the Linux program that were supposedly copied from Sys V. The first implements the "Berkeley Packet Filter" (BPF) firewall. Indeed, the Linux kernel program contains a BPF implementation, but it is the original work of Linux developer Jay Schulist. Nor did SCO ever hold an ownership interest in the original BPF implementation, which as the very name shows was originally part of BSD Unix, and which was copied, perfectly legally, into SCO's Sys V Unix from BSD. Because the BPF implementations in Sys V and Linux have a common intellectual ancestor and perform the same function, SCO's "pattern-matching" search of the two code bases turned up an apparent example of copying. But SCO didn't do enough research to realize that the work they were claiming was infringed wasn't their own (probably because they had "carelessly" removed the original copyright notice).

Mr. McBride's second example was only slightly less unconvincing. Mr McBride showed several dozen lines of memory allocation code from "Linux," which was identical to code from Sys V. Once again, however, it turned out that SCO had relied on "pattern-matching" in the source code without ascertaining the actual history and copyright status of the work as to which it claimed ownership and infringement. The C code shown in the slides was first incorporated in Unix Version 3, and was written in 1973; it descends from an earlier version published by Donald Knuth in his classic The Art of Computer Programming in 1968. AT&T claimed this code, among other portions of its Unix OS, as infringed by the University of California in the BSD litigation, and was denied a preliminary injunction on the ground that it could not show a likelihood of success on its copyright claim, because it had published the code without copyright notices and therefore, under pre-1976 US copyright law, had put the code in the public domain. In 2002, SCO's predecessor Caldera released this code again under a license that permitted free copying and redistribution. Silicon Graphics, Inc. (SGI) then used the code in the variant of the Linux program for "Trillium" 64-bit architecture computers it was planning to sell but never shipped. In incorporating the code, SGI violated the terms of Caldera's license by erroneously removing Caldera's (incorrect) copyright notice.

Thus SCO's second example was of supposedly impermissible copying of code that was in the public domain to begin with, and which SCO itself had released under a free software license after erroneously claiming copyright. SGI had complicated matters by improperly removing the inaccurate copyright notice. So how many PCs and Intel-architecture servers around the world contained this supposedly infringing code? Zero. No version of the Linux program for Intel architectures had ever contained it. No SGI hardware for which this code was written ever shipped. HP, which sells 64-bit Itanium servers, has removed the code from the IA-64 branch of the Linux code tree; it was technically redundant anyway. But SCO's research went no farther than discovering a supposed instance of "copying," without asking whether SCO had any rights in what had been copied, and certainly without providing the audience to whom it was speaking any indication that the "Linux" it was talking about was a variant for rare computers from which the supposedly-offending code had already been removed.

What the Las Vegas "examples" actually demonstrated was that SCO's factual claims were irresponsibly inflated when they weren't being kept artfully "secret." With the facts running against them even when the facts were of their own choosing, it was unsurprising that after August SCO turned to the law. But the law was not on their side either.


Making Up the Law


SCO's legal situation contains an inherent contradiction. SCO claims, in the letters it has sent to large corporate users of free software and in public statements demanding that that users of recent versions of the kernel take licenses, that the Linux program contains material over which SCO holds copyright. It also has brought trade secret claims against IBM, alleging that IBM contributed material covered by non-disclosure licenses or agreements to the Linux kernel. But it has distributed and continues to distribute Linux under GPL. It has therefore published its supposed trade secrets and copyrighted material, under a license that gives everyone permission to copy, modify, and redistribute. If the GPL means what it says, SCO loses its trade secret lawsuit against IBM, and cannot carry out its threats against users of the Linux kernel.

But if the GPL is not a valid and effective copyright permission, by what right is SCO distributing the copyrighted works of Linux's contributors, and the authors of all the other copyrighted software it currently purports to distribute under GPL? IBM's counterclaim against SCO raises that question with respect to IBM's contributions to the Linux kernel. Under GPL section 6, no redistributor of GPL'd code can add any terms to the license; SCO has demanded that parties using the Linux kernel buy an additional license from it, and conform to additional terms. Under GPL section 4, anyone who violates GPL automatically loses the right to distribute the work as to which it is violating. IBM therefore rightly claims that SCO has no permission to distribute the kernel, and is infringing not only its copyrights, but those of all kernel contributors. Unless SCO can show that the GPL is a valid form of permission, and that it has never violated that permission's terms, it loses the counterclaim, and should be answerable in damages not only to IBM but to all kernel contributors.

IBM's counterclaim painted SCO into a corner on the subject of the GPL. Not only the facts but also the law are now fundamentally against SCO's increasingly desperate position. SCO and its predecessor, Caldera, have benefited enormously from the protections of the GPL. Thanks to the GPL, SCO has been able, for example, to use the invaluable work of compiler designers and implementers around the world who have made GCC the premier cross-platform C compiler. Customer applications run on SCO's Sys V Unix because of GCC, to which SCO contributed modifications particular to its system, and for which it assigned copyright to the Free Software Foundation. Caldera and SCO could not have marketed a usable operating system product without the contributions of the free software community. SCO was happy to take the benefits, but it has unethically sought to avoid its responsibilities. The law does not permit SCO to have it both ways.

So now it has become time for SCO and its lawyers to pound the table. SCO's response to IBM's counterclaim has been a round of absurd attacks on the GPL, its users, and its author, the Free Software Foundation. The GPL, SCO's answer to IBM's counterclaim alleges, violates not just federal statutes but also the United States Constitution. How a private copyright holder can violate the US Constitution by giving others permission to copy, modify and redistribute its work SCO does not deign to say. Legal theories aren't secrets; if SCO's lawyers had anything to offer in support of this novel proposition, they would offer it. Not one case decided in the long history of US copyright affords support to this ridiculous conception of an unconstitutional copyright license. No lawyer of my reasonably broad acquaintance, no matter what his or her view of the GPL may be, takes this moonshine seriously. After failing on the facts, failing on the law, and raising no more than derisive laughter from pounding the table, even the proverbial shyster is out of luck. What will we see next from SCO, an attack on the umpire?

Footnotes
1 The most complete review of the SCO Las Vegas presentation was written by Bruce Perens, and is available at http://www.perens.com/SCO/SCOSlideShow.html.



--------------------------------------------------------------------------------

Copyright © Eben Moglen, 2003. Verbatim copying of this article is permitted in any medium, provided this notice is preserved.

Eben Moglen is professor of law at Columbia University Law School. He serves without fee as General Counsel of the Free Software Foundation.

Monday, November 10, 2003

Outsourcing's Hidden Cost: The Dell Example

I recently tried to purchase a new server from Dell server. I wanted a Dell 650. I was browsing the outlet store @ the time. So I opened another browser window. I went to Dell and began ordering. I got a phone call and then went back to ordering. I wasn't paying attention and completed the checkout at the Dell Outlet Store. The servers were nearly identical price. So I ended up with a 400 SC being shipped instead my 850. I did notice when I received the email confirmation. So I quickly called the Dell Outlet but they closed at 4:00 PM PST. So I called the sales line. They stated that they will not be able to help me as the order was placed with the outlet center. So after an hour of trying to fix it, I give up and order an 650. I call the outlet center the next morning (7:00 AM PST) and find out that the item has already shipped. I asked them to pull it off the truck but they state that's impossible - Why? Because this support center has been sent off shore to India and they are unable to stop it. When I pointed out that it certainly hasn't left the Dell facility, they said there is nothing they can do, they have their procedures. They are not even in the same country as the warehouse. I spent another hour and a half trying to correct the problem. Eventually I gave up and thought well maybe I can use the server since I suspect returning it will be an equal nightmare.

This highlights one of outsourcings hidden costs. Every company over time builds up informal information structures and communication structures. Usually this is in response to meeting customer needs. I have experienced this first hand before when I purchased from the outlet store. I was buying a system for my brother at the outlet store and needed more RAM. (BTW this was before the the customer service center was outsourced to India.) I had already placed the order and needed some changes. I called the customer service number, got a rep who was able to make the changes I need by emailing production and making the changes and billing my credit card seperately. Not the normal procedure but it got the job done. Companies every day have informal structures like this that sprout up like a spider web around the company. They serve to meet customer need and route around damaged processes.

Outsourcing kills these informal connections by severing them completely. By not having these informal connections through out the company, the outsourced division can only follow the rote script. Which in my case was followed to the letter. The script was followed politely, and courteously but it did not solve my problem. Instead I spent 2.5 hours dealing with the problem, still not getting it resolved and the few dollars I saved with Dell was completely wasted as I spent much more trying to correct the order. I have a few questions for Dell.


  1. Why can't I change or delete my order with Dell online like everything else I buy online?
  2. Since you have outsourced the entire customer service division for refurbished systems why do they keep Central Time hours? I spoke with over 20 reps at the center and every single one was Indian (Bangalore I think from the accent). Why not keep all business hours in the US? Isn't the business in California worth it?

Intuitively I know the answer to the first question. Dell is about shipping units, not customer service. By shipping the unit they book the revenue. It doesn't answer the second question though. It couldn't be that hard to add 4 hours to the time that customer service is available could it? Especially give than you are saving tremendously on a per hour basis. Aren't your customers worth it?

Thursday, October 23, 2003

On Tuesday I attended the Occidental Business Associates Award Dinner. Patricia Sueltz, the executive VP of professional services at Sun Microsystems accepted her award as business person of the year and spoke about the network is the computer- Sun's mantra for 22 years now. It got me thinking about the nature of knowledge management right now. Right now knowledge management is in an incredibly poor state, with islands of human knowledge scattered in an unconnected archipeligo. The problem I face and I am sure everyone else faces is that too much information resides on client side. I store my documents locally. I do my spreadsheets locally. Yet my machine is an island even from my other machines like my laptop and my three home machines. I carry much of my information in a USB hard drive. Yet this seems a wholely inadequate solution. Knowledge and information gains value when is is shared, compared and inferences drawn from it. Services like Blogger partially address this problem through RSS feeds, yet even this information remains relatively isolated.

Too much of the computing experience is machine specific when it should user specific. Information that should reside on the network instead, resides locked away on a specific machine somewhere. Yahoo's desktop is the beginning of a networked desktop - a least it is accessible from multiple machines and multiple browser types. Yet to commit to using it is to commit too enclosing your knowledge and information in that island. This is generally true of systems like Sourceforge or any online project management software. You must commit your knowledge to a system. Of course with a standards compliant system, you can with some work get that infromation out in a way that you can use in other systems and with some work you can even do some of the valuable data mining that bring even more value to data. It wasn't that long ago that knowledge was even more compartmentalized and seperated in physical journals, books and micro fiched readers. I just guess I am anxious to get the next generation systems. Systems that have knowldge of my habits, interests, like and dislikes, what i read and what i don't. That's certainly the next few steps with Xao.

Thursday, October 16, 2003

I was thinking about Google the other day and it struck me that we very much live in the Google universe. Google for me is the end all of search engines due to it's incredibly broad coverage of the internet and in general human knowledge. Simply put Google is the resource for searching for pretty much anything. Well that got us thinking @ Xao. How to improve upon that search? What features would we want that we currently don't have in Google? One of our solutions is a more extensive and permanent history of the user's search history. How many times have you been searching for something at Google, find what you are looking for after a couple of tries and then a few weeks later try to remember the exact same search? I do it all the time and usually it takes the same couple of tries (or a different set since you no longer remember the exact search query). So to address this we have created an application which remembers your search and visit history. That way you can quickly look up what you were looking for on a particular day, see the sites you visited and the terms you searched on.

You might say,"Well the browser history and bookmarks of IE all provide these features." While that is certainly true, those are seriously flawed ways of using the network. Firstly they are annoyingly machine specific. My search history is only on the current machine that I am using. Depending on the settings of IE, this history is set expire (usually within 30 days or so). Additionally the history function of IE is very difficult to use, clearly not much user testing has gone into the feature. So our first attempt as a complete search history is here at Xao. For the full set of features you will need to register, however, none of that information is stored in a form that we can read (we encrypt it all). Right now we are pretty quickly hitting our query limit with Google, so you don't get the full effect. We are going to Gigablast But try it and let me and let me know what you think.

Thursday, October 09, 2003

I am sitting at my computer on Saturday morning playing Warcraft online. I am heavily involved in a multi-player game when Bodhi sticks his head into my study looking inquisitively at me. I know immediately what is on his mind - A WALK!. He walks over to me, pokes me with nose and then looks at me,"Come on, give me a walk." He then turns and walk out again. About two minutes later this happens again. It then happens a third time but this time Bodhi makes a sound much like human speech ran through a dog filter. He then shakes his massive head. Clearly he's thinking, the human isn't that stupid. Then his head and tail pop up. He has got an idea. He trots from the den to the living room and I hear a scratching @ the door. Now Bodhi is about 125 lbs @ this point. He can quickly do a lot of damage to wood pretty quickly. I take the obvious hint, drop Warcraft and Bodhi stands patiently by the door watching me gather leash, pooper scooper and dog collars. I gather all three dogs - Devo the ferocious looking but lovable Char Pei/Chocolate Lab mix, Sasha - Chow Chow/Australian Shepherd mix and of course Bodhi, the fierce Tibetan Mastiff off we go. A brisk walk 45 minutes later we find ourselves back home worn out. Bodhi circles his favorite spot by the fireplace and gives me one last look. "Good Job," resting his head on his paws.

Monday, July 28, 2003

I just returned from my brother's wedding in Indiana. In my small home town, my brother's wedding was one of the social events of the year with something like 500 people in attendance. My brothers wedding was Catholic, which means a full Mass and a wedding ceremony. The brides dress was HUGE and had something like a 12 foot train. I kid you not 12 feet of dress trailing behind her.

It was an old time church wedding, full Mass and a pretty good reception afterwords.

Thursday, June 26, 2003

CookingFor100.com Home

is the latest Xao effort - a recipe database for people who are cooking for 100 or more people. Kinda of neat and the first in an on going series of web products you will see from Xao and Singleton Price

BSD

Wednesday, June 25, 2003

Welcome to xaosearch.com's banfield animal hospital Search Results Section.

Ok - I downloaded the new google toolbar - It allows me to create a post on any web page I am currently viewing. Pretty cool actually.

Wednesday, April 09, 2003

I have been thinking about the question posed by Bernard Lewis's book What Went Wrong? The Clash Between Islam and Modernity in the Middle East. Lewis' book is an attempt to explain why the Arab world lost it's technological and cultural lead to Europe. The book is a little short on history for my tastes (the history tends to be ancedotal to illustrate a point) but it does cover the subject matter in a fairly interesting fashion. It's a pretty quick read too. This got me thinking about the question of Arab identity. Two days ago, Iraqis in Baghdad were tearing down statues of Saddam, destroying his picture and beating his image with their shoes (a horrible insult in the Arab world as shoes are considered unclean). What I found interesting has been the reaction of the Arab world outside Iraq. Stunned disbelief was very common, along with some commentators suggesting that it was staged in a Hollywood sound studio. How could there be such a disconnect between the experience of the Iraqi people and the Arab world at large? And why the sadness at a brutal dictator's fall?

I believe that the outside Arab world's reaction can be explained by looking at the larger question of Arab identity. What does it mean to be an Arab in the modern world? Arab identity is defined in opposition to the West. This means roughly pushing away from Western thought and ideas - without necessarily positing a set of values around which to build a positive identity. By continually defining oneself in such terms you hand off your identity to the very people you are trying to avoid. You have set your identity in opposition to whatever the West is producing. Arab identity no longer carries with it the positive identity of centuries past (once world leaders in culture, science and trade) but a distinct whiff of the Other. With this in mind, the disconnect between the Iraqis celebrating and the rest of the Arab world mourning is easy to understand. For the Iraqis Saddam was a brutal ruthless dictator who killed hundreds of thousands and tortured thousands. For the rest of the Arab world he stood in opposition to the West - as a symbol of that an Arab leader could successfully implement Western war methods and Western technology. So for many in the Arab world, Saddam is a symbol of themselves

Arabs must contend that their society, once so rich and so powerful - the very cradle of Civilization itself is at the very margins of culture and without oil, would be of no importance at all. The entire economic output of the Arab world excepting oil is equal to that of economic powerhouse Finland - a country of five million people. This lack of economic power very clearly translates into a lack of cultural power, further contributing to the marginalization of Arab identity.

Monday, March 24, 2003

This weekend I took my Tibetan Mastiff puppy to the Tibetan Mastiff Club of America National Show.The Bodhi placed third in 3-6 month dog. This is one of the national clubs devoted to the Tibetan Mastiff. The other is the American Tibetan Mastiff Association. TMs are a very rare breed. For more information on the history of the breed click here. TMs are among the oldest breeds of dogs with a recognizable appearance going back to more than 2500 years. Ths first written accounts of the breed are from China around 1100 BC. Most breeders today believe the TM served as the foundation source for the modern working breed dogs. In Tibet the animal is used as a guardian and flock guardian.


The show was held in Sacramento, a city I had never visited in California - a long six hour drive across the central valley filled with large scale farms. Farms very different than the small family run operations I had know as a kid in Indiana. Here the business of farming is just that a business. As a opposed to the family run operations which had been a family for 4-5 generations, these farms had the fresh newness of California on them, clean wholesome and at the same time industry and troubling. The farm lands of the Central Valley are like the myth of California itself. Heavily irrigated with water from the Colorado river, these lands would be barren without the water. They provide the illusion of fertility, with a heavy price. The land is barren otherwise. The water disguises and hides the dead land underneath. Life is produced and consumed, lush green life heavily fertilized with industrial pesticides. It provides the dream of California gleaming in the sun, whose cost is born by other people, other towns and other lives.

Thursday, March 20, 2003

Watching the reaction of the protesters in the United States has been interesting. The chant "No Blood for Oil" is pretty common. Of course the amazing thing is that under the current UN sanctions against Iraq, oil has been traded for blood. The current regime of sanctions were created after the Gulf war (Resolution 687) which put sanctions into place until Saddam disarms, stops production of all chemical, biological and nuclear programs, AND proves to the world that he has done so. The resolution has been amended several times to allow Iraq to sell oil for humanitarian purposes (ie food & medicine). It's been estimated by the UN that roughly 1/3 of the revenue for humanitarian purposes goes directly to Saddam and his inner circle. The money that should be buying food and medicine for Iraq children instead goes make sure Saddam can continue his reign and weapons program. While many protesters also feel the sanctions are wrong (The US is reponsible for the death of Iraqi babies), this clearly isn't the case. For every moment that Saddam remains in power, all Iraq children suffer. All that was required was that Saddam comply with the resolution. He chose not to and instead took the food directly from the mouths of children in order to perpetuate his regime. He then claimed the sanctions "killed millions." Saddam's theft of 1/3 the revenue for humanitarian purposes had a large part to do with the rise in infant mortality in Iraq after the Gulf war.

Certain researchers believe that Saddam's war with Iran marked the turning point and Iraqi health care has deteriorated since then. For example in the Northern no fly zone infant mortality rates have dropped below pre Gulf war levels. Where the Kurds are distributing the humanitarian aid - it actually seems to get to it's intended reciepients.

I personally think that the president does indeed have sense of moral outrage by the conduct of Saddam et al. "Blood for Oil" may be a cute slogan but it certainly falls short of the mark in describing the current administration's intentions.

Wednesday, March 19, 2003

Well - An attack of opportunity on Saddam. Probably traveling from bunker to bunker
As we are a few hours away from war I can help but wonder how long the president have the Iraqs' stew? Clearly going immediately to war at the deadline doesn't pack the same impact that say, six hours after the deadline will. We will see. There's a great article over at Salon. You can find it here. in a nut shell the article wonders why the progressive left can compare the president to Hitler but cannot in the same breadth hold Saddam accountable for the his actions. Not all nation states are created equally. Stalinist regimes with secret police are not the same as Western democracies. One of the real problems with United Nations is that it treats all states equally when they are not equal.