Open Response to Darl McBride’s Open Letter

This is an open response to Darl McBride’s “Open Letter to the Open Source Community” of September 9, 2003. His text is blockquoted. The original is available at Darl McBride is President and CEO of SCO. I should also add that I have never built anything of note, I’m just a regular guy who likes to share what he can, and does his best not to step on other people’s rights, copy or otherwise.

“The most controversial issue in the information technology industry today is the ongoing battle over software copyrights and intellectual property.”

No it isn’t. It is certainly one of many newsworthy happenings in the industry, but the most controversial? No. Jobs going East is controversial. Freedom of and access to information in China and the Middle East is controversial. 154 patches and counting for Windows 2000 – many of them critical security patches – is controversial. One can hope that intellectual property law does become controversial enough to bear some extra scrutiny, and that at some point the antiquated IP law in the USA, and other countries, is updated to become more relevant to the Information Age. Furthermore, bear in mind that no law is immutable, and that every day law gets tested and pushed and pulled and is under constant review at all levels of the legal system. This is a Good Thing â„¢, and is what ensures law remains just and relevant.

“This battle is being fought largely between vendors who create and sell proprietary software, and the Open Source community. My company, the SCO Group, became a focus of this controversy when we filed a lawsuit against IBM alleging that SCO’s proprietary UNIX code has been illegally copied into the free Linux operating system. In doing this, we angered some in the Open Source community by pointing out obvious intellectual property problems that exist in the current Linux software development model.”

Battle? Fought? Us placing software in accessible places for anyone to use, and you suing people who use it is not a battle. The only aggressor here is you.

“This debate about Open Source software is healthy and beneficial. It offers long-term benefits to the industry by addressing a new business model in advance of wide-scale adoption by customers. But in the last week of August, two developments occurred that adversely affect the long-term credibility of the Open Source community, with the general public and with customers.”

“The first development followed another series of Denial of Service (DoS) attacks on SCO, which took place two weeks ago. These were the second and third such attacks in four months and have prevented Web users from accessing our web site and doing business with SCO. There is no question about the affiliation of the attacker – Open Source leader Eric Raymond was quoted as saying that he was contacted by the perpetrator and that “he’s one of us.” To Mr. Raymond’s partial credit, he asked the attacker to stop. However, he has yet to disclose the identity of the perpetrator so that justice can be done.”

Fair enough. There’s *some* aggression. But it’s neither orchestrated nor considered a viable solution by a united, representative body. Unlike your company’s actions.

“No one can tolerate DoS attacks and other kinds of attacks in this Information Age economy that relies so heavily on the Internet. Mr. Raymond and the entire Open Source community need to aggressively help the industry police these types of crimes.”

You think we’re some street gang who can bring the noisy newbies under control? There’s no hierarchy out here Mr. McBride. We’re not policemen. We have no “leader”. Mr. Raymond may well be a vocal spokesman, and may even mostly say what most of us tend to almost always agree with. However, he is not, nor is anyone else, our “leader”.

“If they fail to do so it casts a shadow over the entire Open Source movement and raises questions about whether Open Source is ready to take a central role in business computing. We cannot have a situation in which companies fear they may be next to suffer computer attacks if they take a business or legal position that angers the Open Source community. Until these illegal attacks are brought under control, enterprise customers and mainstream society will become increasingly alienated from anyone associated with this type of behavior.”

If we fail to police the Internet at large we’re casting a shadow over the movement? Are you quite alright? The very essence of the movement is that we are all individually responsible for our own actions, and that often we can contribute a greater whole than the sum of our parts.

As for OS taking a central role in business computing, only one community can ever answer that: the business computing community. While there are some in the OS community that see dollar signs in funnelling OS product into the workplace, that’s not why the product is made and it’s most certainly not what drives most of us. If the business community wants it, they’ll take it, if not, they won’t. I know that I personally believe that in some instances business would be better off with OS in the back of the house, but I’m not sending out sales reps to get it done. The software has always spoken for itself.

“The second development was an admission by Open Source leader Bruce Perens that UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn’t be there. Mr. Perens stated that there is “an error in the Linux developer’s process” which allowed UNIX System V code that “didn’t belong in Linux” to end up in the Linux kernel (source: ComputerWire, August 26, 2003). Mr. Perens continued with a string of arguments to justify the “error in the Linux developer’s process.” However, nothing can change the fact that a Linux developer on the payroll of Silicon Graphics stripped copyright attributions from copyrighted System V code that was licensed to Silicon Graphics under strict conditions of use, and then contributed that source code into Linux as though it was clean code owned and controlled by SGI. This is a clear violation of SGI’s contract and copyright obligations to SCO. We are currently working to try and resolve these issues with SGI.”

If it happened, it’s wrong. If you can assure me that no developer on SCO payroll has ever copied in work he did for a previous employer, imported code from non-SCO sources, furnished a project with non-original work… if you can look me in the eyes and tell me this is a problem based on the Linux development model and not on every now and then someone just tries a little too hard to achieve – no matter the model, if these things you can tell the world then we’ll all be ready to take your conversation a little more seriously. This is not a flaw in the Linux development process, it’s a flaw in human nature.

The very fact that the Linux is Open Source and therefore allows itself to be open to peer scrutiny is what makes it better software.

“This improper contribution of UNIX code by SGI into Linux is one small example that reveals fundamental structural flaws in the Linux development process. In fact, this issue goes to the very heart of whether Open Source can be trusted as a development model for enterprise computing software. The intellectual property roots of Linux are obviously flawed at a systemic level under the current model. To date, we claim that more than one million lines of UNIX System V protected code have been contributed to Linux through this model. The flaws inherent in the Linux process must be openly addressed and fixed.”

No, this reveals fundamental flaws in the development process, period. I would counter that the intellectual property roots of IP law are obviously flawed at a systemic level under the current law, but then I might start looking like a fanatic anti-patent hacker who thinks any country that awards a patent to “One-click” technology needs to go home and read a few books before granting IP rights.

“At a minimum, IP sources should be checked to assure that copyright contributors have the authority to transfer copyrights in the code contributed to Open Source. This is just basic due diligence that governs every other part of corporate dealings. Rather than defend the “don’t ask, don’t tell” Linux intellectual property policy that caused the SCO v. IBM case, the Open Source community should focus on customers’ needs.”

We are not a customer-driven community. You not understanding this explains why so much of your argument will fall on deaf ears. We mostly do this for ourselves, and share what we can out of a hybrid altruistic attention-getting exercise. Our “customers” are expected to be able to deal with their own problems, or find the best way to deal with them which maybe – even probably – doesn’t include the author of the work.

“The Open Source community should assure that Open Source software has a solid intellectual property foundation that can give confidence to end users. I respectfully suggest to Open Source developers that this is a far better use of your collective resources and abilities than to defend and justify flawed intellectual property policies that are out of sync with the needs of enterprise computing customers.”

The fact that your company has an IP policy does little to prove that IP infringements are not capable of happening within your own code. It does prove that you would probably do something about it if you ever found out. If you looked hard enough. I believe a far better use of our collective time would be going through your code and showing you how easy it is for copyright code to creep in here and there.

“I believe that the Open Source software model is at a critical stage of development. The Open Source community has its roots in counter-cultural ideals – the notion of “Hackers” against Big Business – but because of recent advances in Linux, the community now has the opportunity to develop software for mainstream American corporations and other global companies.”

w00t! This seems to be a big deal for you. We’re not against Big Business. We’re against the people and mindset it can often produce, such as people who need to put the word “hacker” in quotation marks.

“If the Open Source community wants its products to be accepted by enterprise companies,”

(that’s a very big “if”…)

“the community itself must follow the rules and procedures that govern mainstream society.”

Acceptance = rule-abiding? I’m not American, but I’m pretty sure this goes against the founding ideals of the American dream. American companies positively adore doing business with people outside the mainstream, even so-called rule breakers. Looked at Google lately? Amazon?

“This is what global corporations will require. And it is these customers who will determine the ultimate fate of Open Source – not SCO, not IBM, and not Open Source leaders.”

No, the fate of Open Source software will always be decided by the need for it to be made. This has very little to do with global enterprise, and more to do with bankrupt school systems in Eastern Europe.

“Some enterprise customers have accepted Open Source because IBM has put its name behind it. However, IBM and other Linux vendors are reportedly unwilling to provide intellectual property warranties to their customers. This means that Linux end users must take a hard look at the intellectual property underpinnings of Open Source products and at the GPL (GNU General Public License) licensing model itself.”

“Reportedly unwilling to provide intellectual property warranties to their customers” – and this causes you to believe that end users should start panicking? First of all, most of these end users won’t care unless they are too part of an enterprise using these reportedly unwarranted products. Second of all, are you ready to sue all of them, too?

“If the Open Source community wants to develop products for enterprise corporations, it must respect and follow the rule of law.”

Again with the big “if”. I know this consumes the largest part of your daily activities, but please try to remember that ninety percent of the planet’s populace do not wake up every day worrying about their enterprise customers. If you truly manage to hamper the use of Open Source software in enterprise then you have achieved next to nothing. If enterprise wants it, they’ll take it. In the meantime we’ll keep coming up with free and easy ways for the people who need the help to get access to good, solid, usable software they can teach their kids with, run their third-world businesses with, evade their dictatorial government oppression of access to free information with, learn to write newer, better software with.

“These rules include contracts, copyrights and other intellectual property laws. For several months SCO has been involved in a contentious legal case that we filed against IBM. What are the underlying intellectual property principles that have put SCO in a strong position in this hotly debated legal case? I’d summarize them in this way:

1. “Fair use” applies to educational, public service and related applications and does not justify commercial misappropriation. Books and Internet sites intended and authorized for the purpose of teaching and other non-commercial use cannot be copied for commercial use. We believe that some of the SCO software code that has ended up in the Linux operating system got there through this route. This violates our intellectual property rights.

2. Copyright attributions protect ownership and attribution rights-they cannot simply be changed or stripped away. This is how copyright owners maintain control of their legal rights and prevent unauthorized transfer of ownership. Our proprietary software code has been copied into Linux by people who simply stripped off SCO’s copyright notice or contributed derivative works in violation of our intellectual property rights. This is improper.

3. In copyright law, ownership cannot be transferred without express, written authority of a copyright holder. Some have claimed that, because SCO software code was present in software distributed under the GPL, SCO has forfeited its rights to this code. Not so – SCO never gave permission, or granted rights, for this to happen.

4. Transfer of copyright ownership without express written authority of all proper parties is null and void.

5. Use of derivative rights in copyrighted material is defined by the scope of a license grant. An authorized derivative work may not be used beyond the scope of a license grant. License grants regarding derivative works vary from license to license-some are broad and some are narrow. In other words, the license itself defines the scope of permissive use, and licensees agree to be bound by that definition. One reason SCO sued IBM is due to our assertions that IBM has violated the terms of the specific IBM/SCO license agreement through its handling of derivative works. We believe our evidence is compelling on this issue.

The copyright rules that underlie SCO’s case are not disputable. They provide a solid foundation for any software development model, including Open Source. Rather than ignore or challenge copyright laws, Open Source developers will advance their cause by respecting the rules of law that built our society into what it is today. This is the primary path towards giving enterprise companies the assurance they need to accept Open Source products at the core of their business infrastructure. Customers need to know that Open Source is legal and stable.”

Copyright rules do not “provide a solid foundation for any software development model”, they merely create constraints within which some software developers are forced to deal with while engaged in development. Challenging rules and laws is as socially acceptable and necessary as voting.

“Finally, it is clear that the Open Source community needs a business model that is sustainable if it is to grow beyond a part-time avocation into an enterprise-trusted development model.”

The only thing that needs a business model would be a business. How do you conclude that a loosely-organized community of givers needs a business model? Businesses wanting to sell their expertise around a certain product need a business model.

“Free Open Source software primarily benefits large vendors, which sell hardware and expensive services that support Linux, but not Linux itself.”

Free Open Source software benefits everyone who uses it or benefits from someone having the use of it. There is no “primarily”, and there is especially no “primarily large vendors”.

“By providing Open Source software without a warranty, these large vendors avoid significant costs while increasing their services revenue.”

Sounds like good, solid capitalism to me.

“Today, that’s the only viable Open Source business model.”

That’s not an Open Source business model, that’s a business model wrapped around the exploitation of a software product and/or the need of its users to get professional services associated with the product. It’s hard to find an Open Source business model these days, because everyone keeps patenting them.

“Other Linux companies have already failed and many more are struggling to survive. Few are consistently profitable.”

Six out of ten businesses fail within their first two years. Laundromats, car dealerships, accounting firms, Linux companies. This is normal, not some weird hardship suffered by companies working with Open Source technology.

“It’s time for everyone else in the industry, individuals and small corporations, to understand this and to implement our own business models-something that keeps us alive and profitable. In the long term, the financial stability of software vendors and the legality of their software products are more important to enterprise customers than free software.”

Free as in beer? Are you deliberately misusing the word there? I believe, despite your rising call to arms, that free access to the source code powering their business is of more import, in the long run, than the financial stabilty of software vendors.

Any company switching to Open Source software to save money is in for a big surprise, as I know you’re well aware. TCO may come down, and licensing fees should wither, but still, it’s hardly a panacea for profitless companies.

“Rather than fight for the right for free software, it’s far more valuable to design a new business model that enhances the stability and trustworthiness of the Open Source community in the eyes of enterprise customers.”

That is your opinion, and is duly noted. I believe it is far more valuable to fight for the right to Open Source software, regardless of its cost.

“A sustainable business model for software development can be built only on an intellectual property foundation.”

Hogwash. China’s software development industry continues to grow by leaps and bounds, averaging over 26 percent annual growth.

“I invite the Open Source community to explore these possibilities for your own benefit within an Open Source model. Further, the SCO Group is open to ideas of working with the Open Source community to monetize software technology and its underlying intellectual property for all contributors, not just SCO.”

That’s right, we’re all doing this waiting for the big payoff. None of us actually care about what we’re doing, we just know that one day, enterprise customers will find a way for us to get rich. That’s what drives us. No, really. Monetize me.

“In the meantime, I will continue to protect SCO’s intellectual property and contractual rights. The process moving forward will not be easy. It is easier for some in the Open Source community to fire off a “rant” than to sit across a negotiation table. But if the Open Source community is to become a software developer for global corporations, respect for intellectual property is not optional-it is mandatory. Working together, there are ways we can make sure this happens.

Best regards to all,

Darl McBride


The SCO Group

It’s going to be very hard to work with a corporation that believes our very existence is a systemic problem.


Jaz-Michael King,
Open Source Community