Saturday, June 19, 2021

SCO CEO Chastises Open Source Community

Citing denial of service (DoS) attacks which took down the SCO Group Web site, and what he characterized as an admission by open source guru Bruce Perens that SCO’s Unix System V code had been copied into Linux, SCO CEO Darl McBride Tuesday chastened the open source community for failing to police its own and using a “flawed” development model that
doesn’t respect intellectual property.

Since March, SCO has become the center of a whirlwind of
controversy, with accusations that the open source Linux operating system
is an unauthorized derivative of its Unix System V operating system.

In an open letter to the open source community Tuesday, McBride tore into
the community over the denial of service (DoS) attacks that took down its
Web site in August. McBride chastised the community for failure to police
its own and said it risks its credibility with customers and the public.

“These were the second and third such attacks in four months and have
prevented Web users from accessing our Web site and doing business with
SCO,” McBride said in an open letter to the community Tuesday. “There is no
question about the affiliation of the attacker — open source leader Eric
Raymond was quoted as saying that he was contacted by the perpetrator and
that ‘he’s one of us.’ To Mr. Raymond’s partial credit, he asked the
attacker to stop. However, he has yet to disclose the identity of the
perpetrator so that justice can be done.”

In August, Raymond, president of the Open Source Initiative (OSI),
acknowledged that the attacker was an “experienced Internet engineer.” In a
posting to internetnews.com sister site Linux Today, Raymond,
while noting that he did not actually know the identity of the person
responsible, said, “I had been hoping, and actually expecting, that the
attacker would turn out to be some adolescent cracker with no real
connection to the open-source community other than a willingness to stand
down when one of its leaders asked. But no; I was told enough about his
background and how he did it to be pretty sure he is one of us — and I am
ashamed for us all.”

McBride said the failure of the community and Raymond to come forward and
help apprehend the attacker raises questions about whether open source is
ready to take a central role in business computing.

“We cannot have a situation in which companies fear they may be next to
suffer computer attacks if they have a business or legal position that
angers the open source community,” McBride said in his letter. “Until these
illegal attacks are brought under control, enterprise customers and
mainstream society will become increasingly alienated from anyone
associated with this type of behavior.”

For his part, Raymond does not disagree that such attacks are harmful to
the open source community.

“This attack was wrong, and it was dangerous to our goals,” Raymond said,
noting that many in the community feel that SCO is attempting to hijack
their years of volunteer work on Linux. “I realize the provocation was
extreme; since March, SCO has threatened, grossly insulted, and attacked
our community and everything we’ve worked for. I’m certainly not without
sympathy for the person who did this.”

But Raymond also argued that the open source community must use the truth,
not criminal methods, as its weapons.

“Nevertheless, we must never make this mistake again, whether against SCO
or any other predator,” he said. “When we use criminal means to fight them,
no matter what the provocation is, we bring ourselves down to the level of
the thieves and liars now running SCO. That is unethical and bad tactics to
boot.”

In his letter, McBride also jumped on an apparent admission by Bruce
Perens, an oft-cited open source guru and former leader of the Debian
project, that there is, in fact, some Unix System V source code in the
Linux kernel.

“The second development was an admission by open source leader Bruce Perens
that Unix System V code (owned by SCO) is, in fact, in Linux, and it
shouldn’t be there. Mr. Perens stated that there is ‘an error in the Linux
developer’s process’ which allowed Unix System V code that ‘didn’t belong
in Linux’ to end up in the Linux kernel,” McBride said, citing an analysis of some SCO
evidence (released by SCO at its August conference in Las Vegas) by Perens
which was quoted by Computerwire. “Mr. Perens continued with a
string of arguments to justify the ‘error in the Linux developer’s
process.’ However, nothing can change the fact that a Linux developer on
the payroll of Silicon Graphics stripped copyright attributions from
copyrighted System V code that was licensed to Silicon Graphics under
strict conditions of use, and then contributed that source code into Linux
as though it was clean code owned and controlled by SGI. This is a clear
violation of SGI’s contract and copyright obligations to SCO. We are
currently working to try and resolve these issues with SGI.”

McBride said the allegedly “improper contribution” by SGI is an example
that reveals fundamental structural flaws in the Linux development process.
Further, he said the intellectual property roots of Linux are flawed at a
“systemic level” under the current model and raises the question whether
open source “can be trusted as a development model for enterprise computing
software.”

But in the analysis cited by McBride, Perens claims the community did have
a legal right to use the code, but it has been removed for technical
reasons. He said it duplicated a function provided elsewhere, and shouldn’t
have been included.

“In this case there was an error in the Linux developer’s process
(at SGI), and we lucked out that it wasn’t worse,” Perens wrote. “It turns
out that we have a legal right to use the code in question, but it doesn’t
belong in Linux and has been removed.”

Perens said the code is included in code copyrighted by AT&T and released
as open source under the BSD license by Caldera, which is now SCO.

McBride said open source developers need to shed their hacker roots, and
develop a new model that incorporates contracts, copyrights and other
intellectual property laws.

“If the open source community wants its products to be accepted by
enterprise companies, the community itself must follow the rules and
procedures that govern mainstream society,” he said. “This is what global
corporations will require. And it is these customers who will determine the
ultimate fate of open source — not SCO, not IBM, and not open source
leaders.”

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...