Most Read Technology Reporter For More Than Two Decades

Maureen O'Gara

Subscribe to Maureen O'Gara: eMailAlertsEmail Alerts
Get Maureen O'Gara: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


A Response to SCO's Open Letter

'We will not attempt to erect a compromise with you on a foundation of dishonesty.'

Mr. McBride,

In your "Open Letter to the Open Source Community" your offer to negotiate with us comes at the end of a farrago of falsehoods, half-truths, evasions, slanders, and misrepresentations. You must do better than this. We will not attempt to erect a compromise with you on a foundation of dishonesty.

Your statement that Eric Raymond was "contacted by the perpetrator" of the DDoS attack on SCO begins the falsehoods. Mr. Raymond made very clear when volunteering his information and calling for the attack to cease that he was contacted by a third-party associate of the perpetrator and does not have the perpetrator's identity to reveal. The DDoS attack ceased, and has not resumed. Mr. Raymond subsequently received emailed thanks for his action from Blake Stowell of SCO.

Your implication that the attacks are a continuing threat, and that the President of the Open Source Initiative is continuing to shield their perpetrator, is therefore not merely both false and slanderous, but contradictory with SCO's own previous behavior. In all three respects it is what we in the open-source community have come to expect from SCO. If you are serious about negotiating with anyone, rather than simply posturing for the media, such behavior must cease.

In fact, leaders of the open-source community have acted responsibly and swiftly to end the DDoS attacks -- just as we continue to act swiftly to address IP-contamination issues when they are aired in a clear and responsible manner. This history is open to public inspection in the linux-kernel archives and elsewhere, with numerous instances on record of Linus Torvalds and others refusing code in circumstances where there is reason to believe it might be compromised by third-party IP claims.

As software developers, intellectual property is our stock in trade. Whether we elect to trade our effort for money or rewards of a subtler and more enduring nature, we are instinctively respectful of concerns about IP, credit, and provenance. Our licenses (the GPL and others) work with copyright law, not against it. We reject your attempt to portray our community as a howling wilderness of IP thieves as a baseless and destructive smear.

 We in the open-source community are accountable. Our source code is public, exposed to scrutiny by anyone who wishes to contest its ownership. Can SCO or any other closed-source vendor say the same? Who knows what IP violations, what stripped copyrights, what stolen techniques lurk in the depths of closed-source code? Indeed, not only SCO's past representations that it was merging GPLed Linux technology into SCO Unix but Judge Debevoise's rulings in the last big lawsuit on Unix IP rights suggest strongly that SCO should clean up its own act before daring to accuse others of theft.

SCO taxes IBM and others with failing to provide warranties or indemnify users against third-party IP claims, conveniently neglecting to mention that the warranties and indemnities offered by SCO and others such as Microsoft are carefully worded so that the vendor's liability is limited to the software purchase price, They thus offer no actual shield against liability claims or damages. They are, in a word, shams designed to lull users into a false sense of security -- a form of sham which we believe you press on us solely as posturing, rather than out of any genuine concern for users. We in the open-source community, and our corporate allies, refuse to play that dishonest game.

You invite us to negotiate, but you have persistently refused to state a negotiable claim. You have made allegations of a million lines of copied code which are mathematically impossible given the known, publicly accessible history of Linux development. You have uttered vast conspiracy theories which fail to be vague only where they are slanderous and insulting. You have already been compelled to abandon major claims -- such as the ownership of SMP technology alleged in your original complaint against IBM -- on showings that they were false, and that you knew or should have known them to be false.

Accordingly, we of the open-source community do not concede that there is anything to negotiate. Linux is our work and our lawful property, the distillation of twelve years of hard work, idealism, creativity, tears, joy, and sweat by hundreds of thousands of cooperating hackers all over the world. It is not yours, has never been yours, and will never be yours.

If you wish to make a respectable case for contamination, show us the code. Disclose the overlaps. Specify file by file and line by line which code you believe to be infringing, and on what grounds. We will swiftly meet our responsibilities under law, either removing the allegedly infringing code or establishing that it entered Linux by routes which foreclose proprietary claims.

Yours truly,
Eric Raymond
Bruce Perens


More Stories By Bruce Perens

Bruce Perens, a leader in the free software and open source community, is a member of the International Advisory Board of He is the creator of the Open Source Definition, the manifesto of the open source movement. Bruce is founder or cofounder of the Open Source Initiative, the Linux Standard Base, Software in the Public Interest, and No-Code International. He is the creator of Busybox, which has spawned its own development community and is part of most commercial devices using embedded Linux.

More Stories By Eric S. Raymond

Eric Raymond, usually known in the Open Source community simply by his initials, ESR, is President, Open Source Initiative.

Comments (7) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
scopukes 02/17/04 04:14:45 PM EST

SCO is simply sowing its own demise, much like Sun with its stubborn Java stance. I like the idea of investigating now who the money is going to in SCO. Certainly not the poort techies. With this petty lawsuit SCO is simply admitting that it is not as smart or savvy enough as other companies like IBM, Red Hat, or Suse that can compete and profit with services instead of charging for OS source. If SCO is really righteous and really wants to make big bucks, it should sue MS, whose transformation from teeny desktop OS Windows 3.0 to patched-up enterprise (i use the term loosely here) platform NT probably stole more Unix code than anyone can ever count. In the gazillion lines of source code for WinX I'm sure someone with the time can find a couple million proprietary code stolen from somewhere. But poor SCO probably isn't rich or expert enough to take on MS, so it tries to pick on the little guys. How sad. People will never pay SCO when there're TRULY FREE FreeBSD. That makes this whole affair smells, like someone is purposely attacking the strides that Linux has made. Could all this REALLY be from Unix people?

Ed De Andrea 09/15/03 08:00:55 AM EDT

I know nothing about Linux, can just barely deal with Windows, however, I feel, that these bigger entities who try to push their weight around will come out losers in the end. Even if I ever needed a product that they offer ( which , I seroiusly doubt I ever will ) SCO would be the last place I would go. This attack stands , maybe not on the same ground as the RIAA, but has the same flavor which leaves a repugnant taste in one's virtual mouth. You guys have worked hard on your Open Source and deserve ALL the credit, not some fly by night wolves in corporate sheeps clothing. Give 'em hell, boys !!!!!!

Anonimous 09/12/03 03:04:07 PM EDT

Linus has answered the way it should. Remember that SCO's letter real intention is to continue spreading FUD. And they have a main reason: to pump SCO's stock prices higher and higher. The questin is is not whether they crash but when between now and 2005. Expect more SCO's letters.

Rod 09/11/03 01:50:12 PM EDT

Excellent. I would say that Mr. McBride is showing his youthful inexperience. Just looking at his picture on the website, and reading his letter, I see a marketing slickster who lacks substance.

He made some good points about a business model and the willingness of big enterprise to embrace software developed "at large". As a business manager, I can see the pro's and cons of depending on open source software for mission critical application environments.

However, the real issue is this: His company is not positioned to take advantage of open source (services and application software). That is why he is attacking.

AND, it was all perfectly fine when open source was for nerds on their personal computers. Now that Linux (et al) is really making progress in the enterprise, OS software is a threat because it is taking revenues out of some people's pockets. This is the same reason why Microsoft is attacking Linux.

I could write volumes but I have a job to do, alas....

damaged justice 09/11/03 10:47:16 AM EDT

Linus shows how it ought to be done
And Eric, how not to do it.

Does anyone else think ESR got played like a fiddle and fell right into SCOGroup's hands? If he had never opened his mouth about the ALLEGED "DDOS", the media would have forgotten about it in less than a day. Remember that SCOGroup themselves even released a statement at one point saying it wasn't an attack, they were just down for "server maintenance" or something like that. But because ESR said "YES, IT POSITIVELY WAS A DDOS," the media have been concentrating almost exclusively on that ever since, as well as Darl McBride's whining about it.

I call BS - multiple comments at Groklaw show people doing ACTUAL INDEPENDENT RESEARCH to find out the truth of this supposed attack. It's certainly the strangest attack ever, since it seems to mysteriously stop every day during normal business hours. Until SCOGroup puts up some proof - and I don't mean just claiming that the FBI is investigating - I don't believe there have been any attacks since the initial one months ago. It's far more likely that SCOGroup themselves are taking their own site down to remove more embarrassing evidence and then blaming the downtime on "those evil open source hackers".

The upshot? I want to see more ACTUAL INDEPENDENT RESEARCH in the press, and less uncritical parroting. Nobody - not Darl McBride, not Eric Raymond, not God - should be taken at face value without checking the facts. Linus showed everyone how it ought to be done - NEVER lose your temper when arguing with a troll!

Kevin Loughrey 09/10/03 05:22:33 PM EDT

An excellent letter. It addresses directly the key issue. "Show us where there have been infringements and we (the open source movement) will, as the law requires, remove them as quickly as is reasonably possible and responsible."

Joseph Balsama 09/10/03 03:37:47 PM EDT

This is a good response to the latest publicity release from SCO.

Throughout this controversy, RMS, ESR, Mr Perens and Mr Torvalds, as well as many other open source and free software leaders, have agreed either to eliminate any problems SCO can show with Linux code, or to advocate for this course of action.

SCO's response has been to evade, lie, and threaten, which makes it obvious that this offer to legally solve the problem would interfere with their new business model, which seems to be extortion. They claim to be dealing in good faith, but I doubt that a judge will see it that way.