[Luni]-understanding the Linux/SCO court case

[jean at kcco.com]

Quoting Matthew Landry <mbl at lelnet.com>:


> 	Of course it _matters_. The problem is the ever-too-prevalent meme
> "of course SCO is going to win and Linux is going to face death and then
> that'll be the end of the world". Which is of course wrong because SCO
> isn't going to win, SCO winning wouldn't kill Linux, and Linux dying
> wouldn't be the end of the world. All three outcomes, if they happened,
> would be bad. But none of them are actually GOING to happen.

Agreed on all three points.  However, I see a dangerous "dismissiveness" not of
the allegations (which are absurd), or the FUD/hysteria of the impending
destruction of Linux (which is neither impending, nor going to happen at all),
but of the tactic being applied against linux and, if successful in any real
sense (i.e. depressed Linux sales for years to come as $CO drags this nonsense
out, etc.), almost certain to be applied against other free software projects
small and large.

This tactic is dangerous, destructive, and not necessarilly as futile as we'd
all like to believe.  That is what we need to not be living in denial of, and it
is that very denial I am seeing put forth quite often on this list, on other
lists I subscribe to, at slashdot, etc., and it is that denial which needs to be
fought in addition to the misinformation and FUD coming from Redmond Washington,
Utah, and elsewhere.

> And if the Linux community starts acting like SCO is
> about to blow a big hole in its side, that'll only give the FUD more
> credibility.

It is perhaps a fine line to walk
> 	And no, this _couldn't_ happen to {Free,Net,Open}BSD, because the
> BSD projects are not even potentially privy to any SCO trade secrets.

You cannot be certain that any free project, anywhere, hasn't had code
contributed that was derived improperly from a trade secret.  The same goes for
any proprietary project.  If the mere allegation of this becomes successful in
its broader goals (disinformation against Linux and free software) expect to see
more of it, aimed at both free and proprietary products.  $CO has chosen to
begin using the tactical nukes of IP law in a particularly negative-sum fashion
(c.f Game Theory)...if this is at all successful (it arguably already is, in
that they've artificially and fraudulantly inflated their stock price, and
obtained a cash donation from Microsoft) it will be used again, and again.

> And a
> trade secret case, unlike a copyright or patent case, can only be pursued
> against a defendant with legitimate access to those secrets and a
> pre-existing obligation to keep them...it doesn't infect third parties.

Very true, and in some incarnations of the accusations eminating from Utah it
has only been trade secrets that have been alleged.  In other incarnations of
their accusations it has been copyright violations and even patent violations.

They don't have a case.  We all know this.  If they did, they would reveal the
offending code so that it could be checked and, if found to have been improperly
included in the Linux kernel, removed.

Far, far more likely is that $CO has improperly included GPLed code in their
proprietary product (the linux compatability layer, as one former developer at
SCO pointed out, would be a good place to start looking for such violations).

However, as harmless as this will ultimately be to Linux on the legal front, it
is harmful in a FUD sense, and in a financial sense if this strategy is ever
employed against smaller projects without the funds to defend themselves, be
they free software or proprietary.  For this reason it is imperitive that we
take the method of attack here very seriously, for clearly spurious charges, a
frivolous law suit, and easy access to the media through hype and a PR firm can
do real damage to a product's image and perception.

In short, we should be brainstorming methods by which such allegations, even
were they to be true (e.g. Microsoft infiltrates a free project and has someone
dump illegal code into the project, then comes out a couple of years later with
allegations that happen to be true because they engineered this ... and no, I
don't think such tactics are at all below them, or as unlikely as we'd all like
to believe), can have a minimal impact on a project's viability.  For example,
should contributers sign affidavits as to the legality of their code?  Perhaps
that is overkill, but perhaps a copyright clause making that assertion in a
comment at the top of the code is not.  I'm not offering any easy answers, but I
do believe we have an opportunity to learn from this debacle and innoculate
future projects from this sort of attack, if we give it some thought and don't
simply dismiss it as absurd.  The charges are absurd: the methodology being
employed to abuse the legal system and trump up fictitious charges is not.

Jean.