|
Downloading the Linux kernel from SCO in 2004 [large graphics] |
|
Friday, June 23 2006 @ 03:03 PM EDT
|
I earlier presented screenshots with time and dates showing that one could freely download OpenLinux 3.1 in June and July of 2003 from ftp.caldera.com, months after SCO sued IBM and claimed infringements in the Linux kernel. I saw no indication of any restrictions on the download, and there was no legal notice of any kind. Also, the software was still available at a number of web sites on the web for purchase. Groklaw member jbeadle informs me that he took screenshots of the 2.4.13 kernel being available for download from SCO's website ftp.sco.com in August of 2003. Better than that, he did it again in February of 2004, when the 2.4.21 kernel was freely available for the world to download from SCO's linuxupdate.sco.com site. February of 2004 is almost a full year after SCO sued IBM. Note in the first picture that the date the directory was updated is May of 2003, also post-litigation, which began in March. He took it one step further than I did, in that he took snapshots of the actual downloads in progress. You will see the date at the bottom right of the screen. He saw no legal notice or any wording at all about who could and who could not download and there was no password required or any prompt. Note that the third screenshot shows a snip from Ashlee Vance's article in the Register dated August 6, 2003, showing a download in progress and reporting that close to 30 people had sent him the url to an ftp site where the Linux kernel associated with OpenLinux 3.1.1 was stilll freely available for download. There is then no question in my mind that SCO continued to distribute the kernel under the GPL to the general public until at least February of 2004.
|
|
Authored by: bsm2003 on Friday, June 23 2006 @ 03:16 PM EDT |
> [ Reply to This | # ]
|
- Wide page - Authored by: pointman on Friday, June 23 2006 @ 03:50 PM EDT
- Wide page - Authored by: Nonad on Friday, June 23 2006 @ 05:08 PM EDT
- Wide page - Authored by: belzecue on Friday, June 23 2006 @ 11:36 PM EDT
- Wide page - Authored by: Anonymous on Sunday, June 25 2006 @ 03:26 PM EDT
|
Authored by: bsm2003 on Friday, June 23 2006 @ 03:19 PM EDT |
> [ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, June 23 2006 @ 03:25 PM EDT |
I didn't think digital images like screenshots held any legal weight. This
convinces me, but I'm not really an objective person in this regard.
In any case, even if authenticity can be established, what's to stop SCO from
claiming it's just an old automated system set up by people who long ago left
the company and, like an unlocked back door, doesn't mean anything about
their intentions today. It's machines talking to machines.[ Reply to This | # ]
|
- Screenshots Establish Intentions? - Authored by: Jude on Friday, June 23 2006 @ 03:38 PM EDT
- Screenshots Establish Intentions? - Authored by: Woad_Warrior on Friday, June 23 2006 @ 03:38 PM EDT
- Screenshots Establish Intentions? - Authored by: Anonymous on Friday, June 23 2006 @ 03:40 PM EDT
- Screenshots Establish Intentions? - Authored by: Anonymous on Friday, June 23 2006 @ 03:43 PM EDT
- Screenshots Establish Intentions? - Authored by: rsteinmetz70112 on Friday, June 23 2006 @ 04:28 PM EDT
- Screenshots Establish Intentions? - Authored by: argee on Friday, June 23 2006 @ 05:23 PM EDT
- Screenshots Establish Intentions? - Authored by: Anonymous on Friday, June 23 2006 @ 05:35 PM EDT
- I don't think that will fly. - Authored by: Jude on Friday, June 23 2006 @ 06:07 PM EDT
- Screenshots Establish Intentions? - Authored by: whoever57 on Friday, June 23 2006 @ 06:30 PM EDT
- Screenshots Establish Intentions? - Authored by: emperor on Friday, June 23 2006 @ 07:18 PM EDT
- Who's mistake? Who pays for it? - Authored by: Placid on Friday, June 23 2006 @ 08:01 PM EDT
- Screenshots Establish Intentions? - Authored by: Anonymous on Friday, June 23 2006 @ 08:05 PM EDT
- "Trivial mistakes"? Including brand-new kernels? Go home, Darl - Authored by: Anonymous on Friday, June 23 2006 @ 08:10 PM EDT
- Let's hope at least one of the other eleven is capable of critical thinking - Authored by: Anonymous on Friday, June 23 2006 @ 08:25 PM EDT
- Screenshots Establish Intentions? - Authored by: PJ on Saturday, June 24 2006 @ 12:12 AM EDT
- Screenshots Establish Intentions? - Authored by: argee on Saturday, June 24 2006 @ 01:10 AM EDT
- Screenshots Establish Intentions? - Authored by: Zarkov on Monday, June 26 2006 @ 08:45 PM EDT
- I rebut your arguments - Authored by: Anonymous on Friday, June 23 2006 @ 06:40 PM EDT
- Screenshots Establish Intentions? - Authored by: MarkDoyle on Friday, June 23 2006 @ 06:51 PM EDT
- Look at the file dates in those screenshots - Authored by: Anonymous on Friday, June 23 2006 @ 08:07 PM EDT
- Screenshots Establish Intentions? - Authored by: Anonymous on Saturday, June 24 2006 @ 01:23 AM EDT
- Please read up on the LAWS OF AGENCY...! - Authored by: Anonymous on Saturday, June 24 2006 @ 07:29 AM EDT
- Screenshots Establish Intentions? - Authored by: jplatt39 on Saturday, June 24 2006 @ 08:50 AM EDT
|
Authored by: mossc on Friday, June 23 2006 @ 04:00 PM EDT |
I downloaded
http://linuxupdate.sco.com/scolinux/update/RPMS.updates/kernel-source-2.4.21-
138.i586.rpm
on February 24th 2004
While looking for this I also came
across this
URL.
http://docsrv.sco.com:8457/en/SecureProg/history.html
downloaded on
June 21 2004 from
"Secure Programming for Linux and Unix
HOWTO"
This book uses the term ``Unix-like'' to describe systems
intentionally like Unix. In particular, the term ``Unix-like'' includes all
major Unix variants and Linux distributions. Note that many people simply use
the term ``Unix'' to describe these systems instead.
Linux is not derived from
Unix source code, but its interfaces are intentionally like Unix. Therefore,
Unix lessons learned generally apply to both, including information on security.
Most of the information in this book applies to any Unix-like system.
Linux-specific information has been intentionally added to enable those using
Linux to take advantage of Linux's capabilities."
Chuck[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, June 23 2006 @ 04:06 PM EDT |
I'm just an IANAL and not a geek. I've just kinda been watching this thing
IBM/SCO for the drama of it.
I have wondered the whole time why there is (seemingly) so little focus on SCO's
linux activites and the GPL. Shouldn't it be more prominent in IBM's defense? It
never seems to come up.
Or if it shouldn't be more prominent, why is that?
My real name is Bill, honest.[ Reply to This | # ]
|
|
Authored by: James Wells on Friday, June 23 2006 @ 05:00 PM EDT |
Greetings,
The very first screenshot actually gives lie to a couple of SCO's previous
statements about IBM's conduct. To explain them, I will have to talk a little
bit about Unix / internet traditions that some may not be aware of...
First, the hostname. Since the dawning of DNS, the primary anonymous FTP
hostname for any site dealing with Unix has gone by the name of ftp. This
tradition came about to make it easy for early adopters to access software
updates, releases, free documentation, etc from various places. For example,
back in the old days, if you needed a driver update for your old 3b2's, you
would go to ftp.att.com, or if you needed to get a copy of one of Intel's 8080
white papers, you would go to ftp.intel.com. Please note that this same
tradition is still alive and well, most web servers are called www, most mail
servers are called mail, most dns servers are called... Wait for it.... dns.
Almost as importantly as the hostname is the directory that the person is in.
Again, this is a tradition in the internet / Unix world. Back in the old days,
it was not uncommon for Administrators to use the same machine for both private
and public FTP services. Obviously these companies don't want their private
information to go out to the public, so they devised a standard method of
segmenting their FTP offerings. This method called for all private offerings to
go into one set of directories and all public offerings to go into a directory
called /pub. Again, by tradition, anything in the /pub tree is fair game for
download.
But there is still another piece here, which most people will never see, and
that is the username / password system on these ftp servers. And yes, there was
one that the person had to go through to get the screenshots, of course with a
web browser you will amost never see it.
When you use a web browser to hit an ftp site, the browser automagically
sends, without user intervention or visibility, the username of anonymous and
one of two passwords, either the users email address or a construct that
identifies the type of web browser. Now, the anonymous account has special
meaning to FTP servers. It tells the FTP server software, that the account is
public and that the account does not require password authentication. Once the
anonymous user logs in, they are generally only able to get to a single
directory... /pub, which as stated above is traditionally fair game for
downloads. ;)
At one time, SCO stated that IBM had to hack into their servers to gain
access to the OpenLinux kernel. Well, based on the screenshot, it looks like
IBM, simply followed tradition and went to ftp.sco.com, and if they were using a
web browser, it sent the username anonymous with a password of something like
legal@ibm.com. Remember the FTP server does not perform authentication for
anonymous users. Upod doing so, the FTP server dropped them into a directory
which may have contained a couple other directories, but did contain one called
/pub. And it was somewhere under the /pub directory that they obtained the
kernel.
To get see this in action, at a command line type;
ftp ftp.sco.com
The ftp server will ask for a username, type;
anonymous
It will then ask you for a password, simply enter something that looks like
an email address.
At this point you are in to their anonymous (Public) downloads section.
BTW. If you want, you can do the same thing at IBM, RedHat, Sun, Microsoft,
etc.[ Reply to This | # ]
|
|
Authored by: argee on Friday, June 23 2006 @ 05:04 PM EDT |
This stuff was put up to support existing customers; they
had notices and maybe even a cheesy password thing. That
means they are not distributing. By the same token, its
not a crime for you to get it either.
So either way, means nothing.
Now, if the company, not a dealer, would SELL you a Linux
after Darl "discovered" they had IP in Linux, then it may
be different. Even then, a "reasonable" period of time should
be allowable for word to get around, etc., and an allowance
should be made for inadvertent, trivial, errors.
Caldera never gave anything away. Anything on their web
site was in support of whatever binaries, CD's etc they
sold per their contractual obligations.
I am sure IBM will try to make something out of this,
but I do not think its going to have much traction with
the judges or the jury.
---
--
argee[ Reply to This | # ]
|
- Means naught - Authored by: Anonymous on Friday, June 23 2006 @ 05:34 PM EDT
- Means naught - Authored by: Jude on Friday, June 23 2006 @ 05:47 PM EDT
- Making available IS distributing - Authored by: Anonymous on Friday, June 23 2006 @ 06:31 PM EDT
- I think you miss a really major point ... - Authored by: Anonymous on Friday, June 23 2006 @ 06:47 PM EDT
- Means quite a bit - Authored by: Anonymous on Friday, June 23 2006 @ 07:16 PM EDT
- I think you will find - Authored by: Anonymous on Friday, June 23 2006 @ 08:07 PM EDT
- Means naught - Authored by: rm6990 on Friday, June 23 2006 @ 08:13 PM EDT
- Yeah, and all Napster did was "make songs available to existing customers" - Authored by: Anonymous on Friday, June 23 2006 @ 08:20 PM EDT
- I don't buy that argument at all - Authored by: Jude on Friday, June 23 2006 @ 08:37 PM EDT
- Redistributing Linux means you must honor terms of GPL - Authored by: hardmath on Friday, June 23 2006 @ 11:50 PM EDT
- Means they are screwed - Authored by: Anonymous on Saturday, June 24 2006 @ 06:48 AM EDT
- Wrong! Doh! - Authored by: SilverWave on Saturday, June 24 2006 @ 08:17 AM EDT
- Means naught - Authored by: Steve Martin on Saturday, June 24 2006 @ 10:52 AM EDT
|
Authored by: Jeffrey on Friday, June 23 2006 @ 05:15 PM EDT |
When was SCO legally allowed to remove access to the GLP'ed code that they
published and sold?
Let's say I made a living properly selling GPL'ed software on CD, and I had the
source availble to download. Then on some arbitrary day decided NOT to sell it
anymore, do my obligations to provide access to the source code end at that
moment as well?
I was just wondering if perhaps that was why SCO kept it up there for so long
after their decision to begin legal actions.[ Reply to This | # ]
|
|
Authored by: Anonymous on Friday, June 23 2006 @ 06:29 PM EDT |
SCO's position is (or perhaps was) that they are allowed to distribute Linux,
and that doing so, does not waive their claims against IBM or
others:
From 26 September 2003 (i.e. more than 6 months after they sued
IBM):
http://www.infoworld.com/article/03/09/26/HNibmclaim_1.html
<
BR>
Quoting, emphasis added:
SCO has not sold the SCO
Linux software in question since May 12, but the company continues to
distribute it via the Internet to honor existing support contracts, said SCO
spokesman Blake Stowell.
And, again quoting, emphasis
added:
Stowell disputed the idea that SCO could no longer
distribute Linux. "We're the copyright holder for the core Unix operating
system. If we want to charge someone a licensing fee for using our copyrighted
software that's gone into Linux, then we have that prerogative," he said. "If
we want to continue to distribute Linux to our existing customers, we can do
that because we own the copyrights on that Unix
software."
Additionally, in response to IBM's PSJ
motion on their counterclaim 6, SCO admitted distributing Linux to their
existing customers (although they also claimed that IBM had no right to find out
by accessing SCO's FTP site), and said they intended to continue doing so, until
at least the end of December 2004.
Anyway, my point is, while it's
interesting to see evidence of SCO distributing Linux after the lawsuit
commenced, there doesn't seem to be much (any) of a factual dispute over whether
they did or not - SCO admits they did continue to distribute Linux.
The
issues that really need to be addressed, are:
(a) whether their
continued distribution of Linux was in violation of the GPL
(b) whether
their continued distribution of Linux infringed IBM's copyrights
(c)
whether their continued distribution of Linux will count as a waiver of some of
their claims
We all think that we more or less know the answers to
these, but these issues are really legal (and not so much factual) issues that
won't be resolved until Kimball rules when IBM files their renewed PSJ
motions.
Quatermass
IANAL IMHO etc
[ Reply to This | # ]
|
|
Authored by: rsmith on Friday, June 23 2006 @ 06:47 PM EDT |
As I've posted in the previous story (link doesn't work, I get a 412 error?),
there is a legal notice on caldera's ftp site ftp.caldera.com. This is the same
ip-adress as ftp.sco.com (216.250.128.13). And if you log in to both sites, you
see the same stuff. Both sites accept anonymous logins.
In the root directory of the Caldera ftp site (ftp.caldera.com) there is a file
called Legal_Notice, dated the 8th of August 2003:
ncftp / > ls -l
-rw-rw-r-- 1 ftp ftp 899 Aug 8 2003 Legal_Notice
drwxr-xr-x 2 ftp ftp 144 Mar 14 2000 bin
drwxr-xr-x 2 ftp ftp 96 Mar 14 2000 etc
drwxr-xr-x 2 ftp ftp 48 Nov 19 1999 lib
drwxrwxr-x 36 ftp ftp 1088 Aug 3 2005 pub
-rw--w-r-- 1 ftp ftp 220 Sep 19 2003 welcome.msg
It contains:
ncftp / > less Legal_Notice
NOTICE: SCO has suspended new sales and distribution of SCO Linux until
the intellectual property issues surrounding Linux are resolved. SCO will,
however, continue to support existing SCO Linux and Caldera OpenLinux
customers consistent with existing contractual obligations. SCO offers at
no extra charge to its existing Linux customers a SCO UNIX IP license for
their use of prior SCO or Caldera distributions of Linux in binary
format. The license also covers binary use of support updates distributed
to them by SCO. This SCO license balances SCO's need to enforce its
intellectual property rights against the practical needs of existing
customers in the marketplace.
The Linux rpms available on SCO's ftp site are offered for download to
existing customers of SCO Linux, Caldera OpenLinux or SCO UnixWare with
LKP, in order to honor SCO's support obligations to such customers.
The directory /pub/OpenLinux3.1 contains a file ".message" with the
same content, dated august 4th 2003:
ncftp /pub/OpenLinux3.1 > ls -al
drwxrwxr-x 2 ftp ftp 72 Jan 18 2005 .
drwxrwxr-x 36 ftp ftp 1088 Aug 3 2005 ..
-rw-rw-r-- 1 ftp ftp 899 Aug 4 2003 .message
So assuming that the machine's clock runs correctly, and nobody doctored the
file dates with touch(1), there has been a notice up since august 4th 2003.
---
Intellectual Property is an oxymoron.[ Reply to This | # ]
|
|
Authored by: bstone on Friday, June 23 2006 @ 10:46 PM EDT |
The Linux rpms available on SCO's ftp site are offered for download
to existing customers of SCO Linux, Caldera OpenLinux or SCO UnixWare with LKP,
in order to honor SCO's support obligations to such
customers.
Does this statement in the "Legal_Notice" explicily
state that kernel source is distributed as part of SCO UnixWare with LKP?
Doesn't that make the entire package subject to the GPL? [ Reply to This | # ]
|
|
Authored by: DaveF on Friday, June 23 2006 @ 10:55 PM EDT |
As I posted in December of 2004, I had downloaded in January of that
year:
Authored by: DaveF on Thursday, December 02 2004 @ 05:53 PM
EST
[...] I used a web browser to enter SCOG's ftp site on January 23,
2004. I was not offered a login screen nor any warnings of any sort. Whilst
there, I downloaded the source for Linux kernel 2.4.21 and an iso of United
Linux.
I have the files on my harddrive with the original timestamps
from when I downloaded them.
This incident was well after the date that
SCO said they discontinued offering the files for download by members of the
general public.
I've preserved the timestamps on the files and a
copy of their server logs would verify that these files were downloaded on that
date from their servers.
--- Imbibio, ergo sum [ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, June 24 2006 @ 06:25 AM EDT |
Does this matter? The whole case is not about facts.
SCO can claim that they revoked an irrevocable contract.
SCO can claim that they own the copyright to 0x012FF7B3.
These are baseless claims to haress - nothing more, but also nothing less. Thus
facts don't matter. It's about wasting money, transfering money from SCO to the
lawyers.
What would happen if a law student claims that you can own the copyright to
0x012ff7b3 in an exam? He would be thrown out of the building. But it's ok to
claim that in a court, it seems.
The case only shows that the US legal system is broken.
Btw, another interesting point:
- the sysv file system is quite similar to the coherent file system. At least
Linux implements both from the same source files.
- Coherent doesn't infringe AT&T copyrights. AT&T send someone to Mark
Williams (the company that distributed Coherent). According to [1], it was
Dennis Ritchie.
- Doctrine of latches? AT&T said in 198x that it is ok to create a Unix (tm)
compatible OS that implements a virtually identical filesystem. Not that SCO has
any records from that time, but anyway...
[1] http://neil.franklin.ch/Usenet/alt.folklore.computers/20001107_Coherent
[ Reply to This | # ]
|
- Who cares? - Authored by: Steve Martin on Saturday, June 24 2006 @ 07:45 AM EDT
- Who cares? - Authored by: Anonymous on Saturday, June 24 2006 @ 08:01 AM EDT
- Who cares? - Authored by: PJ on Saturday, June 24 2006 @ 02:08 PM EDT
|
Authored by: Anonymous on Saturday, June 24 2006 @ 10:26 PM EDT |
jbeadle probably now has a nasty virus on his system. What's he thinking surfing
the net with unprotected IE? Ewww!!![ Reply to This | # ]
|
|
Authored by: seanlynch on Monday, June 26 2006 @ 04:11 PM EDT |
"He saw no legal notice or any wording at all about who could
and who could not download and there was no password required or any
prompt."
I know this is going to sound like a joke, but I
am very serious about this...
If he had looked hard enough in the License
file, he would have found a copy of something called the GPL. That has the
information on downloading and copying this thing called Linux.
Thank
You!
I'll be here through July.
Try the halibut, and remember to tip your
wait staff.
[ Reply to This | # ]
|
|
|
|
|