|
Declaration of SCO's Chris Sontag of December, 2004 (SCO v. IBM) - PDF & text |
|
Wednesday, March 02 2005 @ 05:18 PM EST
|
Here's Chris Sontag's latest declaration, in which he tries to support SCO's accusation IBM broke the law when it downloaded, from SCO's website, GPL'd Linux kernel code IBM itself wrote and owns the copyright on. IBM at the time was looking for evidence of copyright infringement, by the way. You know, like SCO's hero, the RIAA? SCO was in violation, IBM says, of the GPL by distributing that code in the first place, and hence SCO had no right to distribute that code to anyone, because they were violating IBM's copyright by so doing. SCO's defense is to allege IBM deliberately bypassed "security measures" -- in this case, we find out, a password prompt that didn't actually require a password or hinder free access in any way, due to SCO's incompetence -- and so they allege IBM "hacked" into their site. If that is illegal, could someone please rewrite that law so it isn't stupid any more? We also learn that SCO is not an avid reader of either Slashdot or the SCOX Yahoo message board. News that no password was needed to access SCO's Linux files was posted on Slashdot, they say, on October 31, 2003, and on February 18, 2004 on the Yahoo SCOX board. It was on March 4, 2004 that SCO finally "became aware of the problem and immediately fixed it." Immediately meaning after 4+ months, that is. Then it happened again in July, when SCO reintroduced the bug, as they call it, and over a month later, SCO realized they had done it again, and fixed it a second time. IBM is, therefore, to hear Mr. Sontag tell it, guilty of bypassing a buggy security system that didn't work to keep anybody out, if I have understood his argument. They claim there was a notice there, but I've heard and read conflicting stories about that.
I have read that many persons said that on the sites visited, there was no password required at all to gain access. It was, I've been told, like Windows 98, where they confront you with a password prompt, but if you hit Return, you access without one. Is that hacking? IBM is guilty of hitting the Return key. If that is "hacking", maybe we need to redefine our terms as well as rewrite the law. In any case, according to this declaration, SCO's distribution of Linux files was terminated on December 31, 2004. Mr. Sontag appears to make the argument that SCO had to continue to violate the GPL, because it was contractually obligated to offer updates to previous customers. This is the same company that would like IBM held to the strictest -- one might even say the most ridiculous -- possible interpretation of the laws on "hacking". First, SCO's argument is like saying you had to steal the Hope diamond because you were under a contractual obligation to do it and had already been paid to steal it. Second, they could offer updates without doing so from a website, instead of making it so easy for anyone to access. They could have sent out CDs by mail, for example. Their excuse for making the files readily downloadable to the public is that they were incompentent and kept goofing. And of course, IBM is to blame for that, I suppose. This all assumes that IBM wasn't a previous customer and neither were any of their employees. Third, SCO seems to think that as long as it didn't charge any new customers, they were permitted to continue to distribute to their previous customers. I think they don't understand the GPL. If you lose your right to distribute, you lose your right to distribute. The issue isn't whether you charge for the distribution, just that you did it after you lost your right to distribute. And by any GPL measure that I know, SCO continued to distribute after they lost their right to distribute. I am puzzled by one of Sontag's claims. He says that when SCO participated in the UnitedLinux project, it had no idea that JFS was derived from SCO'S proprietary software or that it had been contributed to Linux by IBM "in violation of IBM's agreements with SCO." He also claims they hadn't a clue that the other features SCO marketed, like asynchronous I/O, enterprise volume management systems, and better SMP scaling, were developed by IBM. They just went by what the rest of the UL consortium told them. Aside from the unbelieveability of such a claim, which depends on SCO executives reading nothing but the comics for several years, never once really looking at the code it was selling, the copyright notices, for example, and being totally incompetent, how exactly can it be that functionality that you don't have at all in your software is derived from your code when it does things you can't do with your code? I would like SCO to explain that, because I can't understand how that is possible. It must be me, because of not being a programmer. But if you want to program something new, why would you start with something old that doesn't do what you want and hack on that, instead of just writing something new? To me it's like saying the New York Times owns Groklaw, because I write news stories sometimes, and they did news stories first. Groklaw is doing something the Times, venerable though it is, never even thought to do. Even if GL and the Times had once been contractually bound, say over earlier templates the Times might have invented for covering the news and even if there was a clause saying that any modification of the templates remained under the control of the Times, when GL did something entirely different, open source legal research, how would that be covered by any NYTimes "news template" contract? I'm doing something utterly new and not even trying to do things the way the Times does, even though in the big picture we are each covering the news. It must be SCO's theory of "derived", meaning if you ever drove within 50 miles of Unix System V, your code is now barnecled onto the mother ship, and your brain is owned in perpetual serfdom until you die and are set free at last. In heaven, should you go there, you can code again in freedom. There is one other odd thing. Paragraph 30, to my reading, says that instead of attaching their Intellectual Property License for Linux, they tell the judge to look at a "similar" one that IBM attached as Exhibit 33 on its Motion for Summary Judgment on its Eighth Counterclaim. I must have that SCO IP License for Linux somewhere, but I'm not at home, so I can't retrieve it. Any of you have it handy? If they can't find it, let's help them out. This is another of the paper documents Frank Sorenson got for us from the courthouse. And thanks also to belzecue for the OCR, BobDowling for transcribing, and justjeff for the html (although, sadly, I didn't see his until after I had done it myself -- I still appreciate it though), and robert and Chris Lingard for proofing. Note that they mention some exhibits, which we will have ready soon. Here is Exhibit E, the product announcement, and Exhibit C, the termination letter to Sam Palmisano. Here's
the one you are waiting for, the logs, Exhibit F. Also, note that their pagination is off, and I didn't follow it, simply because it was too confusing, and I followed the PDF pagination instead. There are also a couple of tempting [sic] moments, but I restrained myself.
*********************************
Brent 0. Hatch (5715)
BATCH, JAMES & DODGE
[address, phone, fax]
Robert Silver (admitted pro hac vice)
Edward Normand (admitted pro hac vice)
Sem Eskovitz (admitted pro hac vice)
BOIES, SCHILLER & FLEXNER LLP
[address, phone, fax]
Stephen N. Zack (admitted pro hac vice)
Mark J. Heise (admitted pro hac vice)
BOIES, SCHILLER & FLEXNER LLP
[address, phone, fax]
Attorneys for Plaintiff
____________________________
IN THE UNITED STATES DISTRICT COURT
FOR THE DISTRICT OF UTAH, CENTRAL DIVISION
THE
SCO GROUP, Inc.
Plaintiff,
v.
INTERNATIONAL BUSINESS MACHINES CORPORATION,
Defendant.
|
Case No. 2:03CV0294DAK
Hon. Dale A. Kimball
Magistrate Judge Brooke C. Wells
DECLARATION OF
CHRISTOPHER SONTAG
|
1
1. My name is Christopher S. Sontag, and I am Senior Vice President and
General Manager of The SCO Group, Inc. ("SCO"). Unless otherwise noted or
evident from context, this declaration is based on my personal knowledge.
2. I submit this Declaration in support of SCO's Memorandum in Opposition
to Defendant/Counterclaim-Plaintiff IBM's Motion for Partial Summary
Judgment on SCO's Contract Claims, and in support of SCO's Memorandum
in Opposition to IBM's Motion for Partial Summary Judgment on IBM's
Copyright Infringement Claim (the Eighth Counterclaim).
3. I have participated in the management, administration, and enforcement
of SCO's UNIX System V ("SVRX") software agreements since 2002. Other
than through express written agreements and for due consideration, SCO
has never intended to waive and has always sought to protect and enforce
its rights under those agreements. I am not aware of any instance -- other
than through such written agreements -- in which SCO has intentionally
waived any right to enforce any provision of any of those agreements.
4. IBM and Sequent are among SCO's SVRX licensees. SCO has concluded
that IBM (which acquired Sequent after Sequent became an SVRX licensee)
has violated its (and Sequent's) SVRX agreements by contributing to the
Linux operating system source code from a derivative or modified work
that IBM developed based on SVRX after entering into its SVRX agreements.
5. SCO did not know that IBM had contributed source code to Linux in
violation of its (and Sequent's) SVRX licenses until December 2002 or
January 2003.
6. In selling SCO Linux 4.0 and other products, SCO marketed features
such as asynchronous I/O, enterprise volume management systems, better
SMP scaling, and
2
journaling file system support ("JFS") because, according to SCO's
partners in the UnitedLinux consortium, these features were included in
the version of Linux contained in the pertinent SCO product.
7. With the sole exception of JFS, all the features were known simply
by their appearance in Linux, not by where they originated. SCO had no
knowledge that they were developed by IBM, or that they were derived fiom
SCO's proprietary software licensed to IBM, or that they were contributed
by IBM to Linux in violation of IBM's agreements with SCO.
8. SCO identified JFS in its marketing as "developed by IBM," but SCO did
not know that JFS was derived from SCO's proprietary software licensed
to IBM, or that it was contributed to Linux by IBM in violation of IBM's
agreements with SCO.
9. SCO filed suit against IBM for breaching the IBM and Sequent software
agreements within months of concluding that IBM had done so. SCO thereby
expressly acted on and manifested its intent to enforce those licenses.
10. The same day it filed suit against IBM for breaching the SVRX
agreements, on March 6, 2003, SCO sent a termination letter to IBM's
Chief Executive Officer explaining that IBM's right to use or distribute
any software product based on UNIX System V, including AIX, would be
terminated on June 13, 2003, unless IBM cured those breaches. Exh. A
hereto. SCO sent a similar letter to IBM regarding Sequent, and Dynix/ptx,
on May 29, 2003. Exh. B hereto.
11. On July 12, 2003, SCO further demonstrated its intent to enforce
its rights under those agreements by delivering a termination notice to
IBM pursuant to Section 6.3 of the SVRX agreement. Exh. C hereto. After
sending its termination letters, SCO had attempted to meet and confer
with IBM, including through a meeting held on June 2,
3
2003, but IBM had failed to cure its breaches during the 100-day period
provided in SCO's termination letter to IBM and the two-month period
provided in SCO's termination letter to Sequent. Accordingly, effective
June 13, 2003, SCO terminated IBM's SVRX agreements; and effective July
30, 2003, SCO terminated the Sequent SVRX agreements. Exhs. C and D
hereto. SCO thus further demonstrated its intent to enforce its rights
under those agreements.
12. After filing suit against IBM, SCO considered whether to continue to
sell and market all of its Linux-related products, including SCO Linux
Server 4.0. I was personally involved in those discussions at SCO.
13. In analyzing that question, an important consideration SCO took into
account was its obligations to its existing customers. SCO took the view
that SCO's customers were entitled to order SCO's products and updates
from SCO for a period of time after becoming customers. See, e.g., Exh. E
hereto ("Product Announcement for Linux Server 4.0," dated November 19,
2002, in which SCO promises to offer purchasers the "SCO Linux Update
Service" for twelve months, including "Access to an up-to-date repository
of UnitedLinux and other updates for their system."). SCO did not want
to abandon its current customers unless there was no other alternative.
14. SCO decided that the most sensible solution was to suspend its sale
and marketing of all of its Linux-related products effective May 14,
2003, but to continue to allow SCO's current customers (to whom SCO had
obligations) to order such products.
15. By suspending the sale of its Linux-related products, including the
operating system, services, support, professional services, education,
and layered applications, SCO eliminated approximately 5-10% of its
revenues. From May 14, 2003, until May 31,
4
2004 (when SCO last sold a unit of Linux Server 4.0), SCO sold 83 units
and had 79 units returned, for a gross revenue of $1,849.
16. In taking into account the foregoing considerations and reaching the
foregoing decisions, SCO never intended to waive its right to enforce
its SVRX agreements, including against IBM and Sequent.
17. In compliance with its contractual obligations, SCO has provided
customers who purchased SCO Linux Server 4.0 Server files with access
to the product through a secret, individual password that the customer
could use at the log-in screen to SCO's website, and will continue to
provide such access through December 31, 2004.
18. I understand that IBM claims that SCO made sixteen of IBM's
copyrighted works available to the public through SCO's website. IBM's
Kathleen Bennett contends (Bennett Decl. (8/5/04) ¶ 4; Bennett
Decl. (8/16/04) ¶ 10) that access to these works was available on
the following four web pages:
a. http://linuxupdate.sco.com/scolinux/update/RPMS.updates,
b. http://Linuxupdate.sco.com/scolinux/SRPMS,
c. http://linuxupdate.sco.com/scolinux/update/RPMS.scolinux, and
d. ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/server/CSSA-2002-026.O/SRPMS.
19. The first three of the above-listed sites contained files related to
SCO Linux Server 4.0 products. In accordance with SCO's agreements with
its customers and with the UnitedLinux consortium, access to these and all
other SCO Linux 4.0 download sites has always required password-protected
authentication. For that purpose, those who registered SCO Linux 4.0
product received a login username and password to access the files. The
website had a legal notice that access was limited to SCO's customers.
5
20. On September 23, 2003 an upgrade was done to the authentication
mechanism on the download site, linuxupdate.sco.com. Through this upgrade,
a bug in the authentication software was inadvertently introduced. If
someone entered an invalid username or password (or both), they would
simply have the login prompt re-represented to them up to 3 times. After
three failed attempts, they would get an error message and be denied
access. However, if they left the username and password fields blank on
any attempt, the authentication process was delayed (by approximately
15-30 seconds) and access was eventually allowed.
21. Anyone who accessed the site by exploiting this bug would have known
they were bypassing a security login -- that is, hacking into the system.
22. On October 31, 2003, someone explained this password-bypass procedure
on the internet at Slashdot.org. On February 18, 2004, news of this bug
was posted on the SCOX message board at messages.yahoo.com. On March 4,
2004, SCO became aware of the problem and immediately fixed it.
23. On July 18, 2004, the authentication bug was inadvertently reintroduced
when a SCO programmer was fixing an unrelated problem. SCO was unaware of
this reoccurrence until August 23, 2004, when the problem was immediately
repaired again.
24. SCO maintains server logs showing access to its download sites. The
log files I analyzed demonstrate conclusively that the Ms. Bennett's
IBM "team" never attempted to log in with a valid username on January 9,
2004. Instead, they immediately bypassed authentication by exploiting
the bug.
25. The logs also show that between October 31 and December 1, 2003,
IBM repeatedly accessed the SCO log-in site but did not obtain access
to the SCO Linux Server 4.0 files.
6
The first successful exploit of the authentication bypass by an IBM host
occurred on December 1, 2003. Apparently understanding the bug by that
date, the Bennett team thereafter entered the site without authorization
several more times between then and January 9, 2004. True and accurate
excerpts from the pertinent logs, along with explanatory notes, are
attached as Exh. F hereto.
26. According to the server log files, IBM never attempted to exploit
the bug between March 4 and July, 18, 2004, the period when the initial
repair of the authentication bug was in place. Therefore, IBM would have
been unaware that SCO had repaired the bug in the authentication process
when, as shown on Exh. F hereto, Ms. Bennett's team returned to the site
without authorization on August 4, 2004, during the second period that
the bug was active.
27. The logs confirm unauthorized accesses from IBM IP addresses,
during which 51 files were downloaded, from January 9, 2004, to August
4, 2004, including the very files that IBM now relies on in its motions
for summary judgment. Complete logs of all unauthorized downloads by
IBM are available.
28. This the text of the legal notice that was posted to sco.com on
August 8, 2003:
NOTICE: SCO has suspended new sales and distribution of SCO Linux until
the intellectual property issues surrounding Linux are resolved. SCO
will, however, continue to support existing SCO Linux and Caldera
OpenLinux customers consistent with existing contractual obligations.
SCO offers at no extra charge to its existing Linux customers a SCO
UNIX IP license for their use of prior SCO or Caldera distributions of
Linux in binary format. The license also covers binary use of support
updates distributed to them by SCO. This SCO license balances SCO's need
to enforce its intellectual property rights against the practical needs
of existing customers in the marketplace.
Dear SCO customer,
7
Starting on November 1, 2003, SCO will institute new procedures
for you to access binary updates and source rpms. If you own an SCO
licensed copy of Linux (such as OpenLinux, eDesktop, etc.) it will be
necessary for you to register (or re-register) in order to continue to
receive support files. During the registration process you will receive
instructions on how the new access procedure will work or you can visit:
http://www.sco.com/support/linux_infc.html
This or similar text was on the site at all times IBM attempted (and
obtained) access.
29. Access to the fourth website mentioned by Ms. Bennett, which contained
only one of the sixteen programs (the Omni Print Driver), became subject
to password protection on August 13, 2004. No files for SCO Linux Server
4.0 were ever available at that site.
30. The SCO Intellectual Property License for Linux is sold pursuant to
written agreements, with the licensing clause worded similarly to that of
the Questar agreement attached as Exhibit 33 to IBM's Motion for Summary
Judgment on its Eighth Counterclaim. These licenses contain a release of
claims, a covenant not to sue, and a waiver of any infringement claims
SCO may have against the licensee. These licenses are solely for SCO's
UNIX software.
31. Other than SCO Linux Server 4.0 and SCO Open Linux 3.1.1, no SCO
product contained any of the sixteen programs at issue. SCO never modified
any of the sixteen programs.
8
I declare under penalty of perjury that the foregoing is true and correct.
November 30, 2004
____[signature]___
Christopher Sontag
|
|
Authored by: DBLR on Wednesday, March 02 2005 @ 05:39 PM EST |
Place corrections here so PJ may correct them.
Charles
---
"Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is
a well-armed lamb contesting the vote."
Benjamin Franklin.
[ Reply to This | # ]
|
|
Authored by: DBLR on Wednesday, March 02 2005 @ 05:40 PM EST |
Please use link code to make your links clickable:
<a href="http://www.example.com"> Link Text </a>
Charles
---
"Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is
a well-armed lamb contesting the vote."
Benjamin Franklin.
[ Reply to This | # ]
|
- If I don't lock the door of my car... - Authored by: atheist on Wednesday, March 02 2005 @ 06:22 PM EST
- OT-Off Topic Here. - Authored by: beserker on Wednesday, March 02 2005 @ 06:33 PM EST
- Free and open file formats - Authored by: Alphakafka on Wednesday, March 02 2005 @ 07:56 PM EST
- These young'uns got it too easy - Authored by: Jude on Wednesday, March 02 2005 @ 08:18 PM EST
- witness wanted - Authored by: Anonymous on Wednesday, March 02 2005 @ 08:23 PM EST
- Appeals court revisits Eolas decision - Authored by: Totosplatz on Wednesday, March 02 2005 @ 08:23 PM EST
- OT-Off Topic Here. - Authored by: Anonymous on Wednesday, March 02 2005 @ 09:47 PM EST
- Documents wanted that show Linux TCO/adoption stats - Authored by: Anonymous on Thursday, March 03 2005 @ 12:25 AM EST
- SCOG had 330 employees in October 2003. - Authored by: Anonymous on Thursday, March 03 2005 @ 01:39 AM EST
- What a shock - Can't be ! - GASP! - Bill Gates just ... - Authored by: Anonymous on Thursday, March 03 2005 @ 02:34 AM EST
- UK Could Introduce Special Tax on Computer Ownership - Authored by: Simon G Best on Thursday, March 03 2005 @ 03:04 AM EST
- If abndonment invalidates prior art, shouldn't it invalidate patents too? - Authored by: Anonymous on Thursday, March 03 2005 @ 04:15 AM EST
- Archive.org Purged of SCO Web Pages - Authored by: Saturn on Thursday, March 03 2005 @ 09:19 AM EST
- McCreevy's bias in dependency on Microsoft - Authored by: Anonymous on Thursday, March 03 2005 @ 11:27 AM EST
- Jeff Merkey working for Canopy, filing patents - Authored by: Anonymous on Thursday, March 03 2005 @ 01:48 PM EST
|
Authored by: Anthony on Wednesday, March 02 2005 @ 06:12 PM EST |
In points 6, 12, 13, 14, 15 and 17, the declaration refers to SCO selling or
sales of Linux.
Someone should be able to set me straight pretty quickly. I thought, as GPL
software, that SCO couldn't sell Linux. They can sell support, they can sell
packaging, they can even the CD's upon which they've burned it...
but can they really sell Linux? Did they own it so that they could sell it?
It seems like an odd phrasing to me.[ Reply to This | # ]
|
- Selling Windows.. - Authored by: rsteinmetz70112 on Wednesday, March 02 2005 @ 06:17 PM EST
- Quite consistent - Authored by: whoever57 on Wednesday, March 02 2005 @ 06:22 PM EST
- Selling Linux... - Authored by: rgmoore on Wednesday, March 02 2005 @ 07:30 PM EST
- Sales are not prohibited - Authored by: Anonymous on Wednesday, March 02 2005 @ 08:18 PM EST
- Selling Linux... - Authored by: John Hasler on Wednesday, March 02 2005 @ 11:36 PM EST
- Selling Linux... - Authored by: Anonymous on Thursday, March 03 2005 @ 08:39 AM EST
- Apropos Sontag's declaration - Authored by: Anonymous on Thursday, March 03 2005 @ 07:35 AM EST
- Selling Linux... - Authored by: mlwmohawk on Thursday, March 03 2005 @ 07:37 AM EST
- Discussion of waiver on lamlaw - Authored by: Anonymous on Thursday, March 03 2005 @ 09:50 AM EST
- Selling Linux... - Authored by: seanlynch on Thursday, March 03 2005 @ 09:55 AM EST
|
Authored by: rsteinmetz70112 on Wednesday, March 02 2005 @ 06:13 PM EST |
I bet IBM has at least one boxed copy of SCO Linux somewhere. If they don't they
can still buy one on eBay. It's been pretty much availible there continuously
since this thing began.
I'm not sure what this has to do with anything anyway. IBM only brought this up
to show that SCOG was still distributing Linux after they violated the GPL which
terminated their right to do so.
I hope IBM gets to reply to this thing and point out the defect was widely
published.
---
Rsteinmetz
"I could be wrong now, but I don't think so."
Randy Newman - The Title Theme from Monk[ Reply to This | # ]
|
|
Authored by: jbb on Wednesday, March 02 2005 @ 06:16 PM EST |
I wouldn't wish this mess on anyone, but the judges are getting
exactly what
they deserve.
SCO lies, prevaricates, whines and distorts. They are
rewarded with
everything they asked for and more.
Since the judges have
given positive reinforcement for this type of
behavior, it should be no
suprise that the rewarded activity is
repeated.
Insanity is
rewarding bad behavior and expecting different results.
--- SCO
cannot violate the covenants that led to and underlie Linux without forfeiting
the benefits those covenants confer. [ Reply to This | # ]
|
|
Authored by: whoever57 on Wednesday, March 02 2005 @ 06:20 PM EST |
Sontag actually said: SCO did not know that IBM had contributed
source code to Linux in violation of its (and Sequent's) SVRX licenses
until December 2002 or January 2003.
This means that SCO did
not know one (or both) of 2 possible things
That IBM contributed
code to Linux
That the contributions were "in violation of its (and
Sequent's) SVRX licenses"
Mr. Sontag does not make clear which of these
two possiblities is the case, so he can weasel out on the basis that SCO did not
know of the "license violations" until Dec 2003/Jan 2003. [ Reply to This | # ]
|
|
Authored by: DeepBlue on Wednesday, March 02 2005 @ 06:25 PM EST |
Here's a
rotated version of the Server Logs for those who might find that easier to
read.
If PJ wants to grab it and put it here that's fine - will help my
bandwidth! --- All that matters is whether they can show ownership,
they haven't and they can't, or whether they can show substantial similarity,
they haven't and they can't. [ Reply to This | # ]
|
- SCOG's really got IBM now! - Authored by: rsteinmetz70112 on Wednesday, March 02 2005 @ 06:35 PM EST
- robots.txt - Authored by: Anthony on Wednesday, March 02 2005 @ 06:40 PM EST
- Declaration of SCO's Chris Sontag of December, 2004 (SCO v. IBM) - PDF & text - Authored by: Anonymous on Wednesday, March 02 2005 @ 06:47 PM EST
- Where's the beef? - Authored by: Anonymous on Wednesday, March 02 2005 @ 07:12 PM EST
- Log Files - Authored by: stevem on Wednesday, March 02 2005 @ 07:54 PM EST
- Declaration of SCO's Chris Sontag of December, 2004 (SCO v. IBM) - PDF & text - Authored by: oldgreybeard on Wednesday, March 02 2005 @ 08:22 PM EST
- Declaration of SCO's Chris Sontag of December, 2004 (SCO v. IBM) - PDF & text - Authored by: oldgreybeard on Wednesday, March 02 2005 @ 10:46 PM EST
|
Authored by: Saturn on Wednesday, March 02 2005 @ 06:25 PM EST |
I'm seeing a queue of SCO people lining up to be ritually humiliated. First Erik
'million billion lines of copied code' Hughes, now Chris 'no password' Sontag.
And precious few statements from Darl McBride these days. The threats are
laughable, their case is not even remotely credible. Sad to say but it has
finally got to the point where it is pure comedy.
---
----------------------------------------
My own opinion, and very humble one too.
I'm not a lawyer.[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 06:28 PM EST |
Has anyone ever heard an opinion from Linux Torvalds, Alan Cox, or any of the
other kernel contributers on whether they may be interested in pursuing
copywrite infringement cases against SCO?[ Reply to This | # ]
|
|
Authored by: producer on Wednesday, March 02 2005 @ 06:51 PM EST |
WARNING - NO ENTRY!
STAY OUT!
THIS MEANS YOU!
This door is to remain locked at all times.
Access is restricted to all but those with proper identification.
Proof of ID must be presented upon entry.
The only other circumstances under which access will be possible are:
1-When there is nobody here to check said ID at the door; or,
2-When previously referenced door is, in fact, well......, not locked.
[ Reply to This | # ]
|
|
Authored by: Jude on Wednesday, March 02 2005 @ 06:59 PM EST |
If SCO's Linux was properly distributed under GPL, SCO's Linux customers were
free to give a copies to any number of other parties. Those parties would have
a right to ask for source code, and SCO would be obliged to provide it.
If SCO restricted source code access to only SCO's customers, then I think they
violated GPL right there. Once they were in volation, continuing to make the
code available to their customers was copyright infringement.
Perhaps I'm all wet, or perhaps SCO's lawyers missed this because it never
occurred to them that it was necessary to distribute the code to avoid copyright
infringement.
IANAL, and all that.
[ Reply to This | # ]
|
|
Authored by: GrueMaster on Wednesday, March 02 2005 @ 07:17 PM EST |
I would never put it on my resume.
Actually, if I remember correctly, the "Secure Login" screen was
easily bypassed by just going to ftp.sco.com with login as anonymous.
Yes sir, all the screen doors on the sub are latched. We're ready to dive.
---
You've entered a dark place. You are likely to be eaten by a Grue![ Reply to This | # ]
|
|
Authored by: Christian on Wednesday, March 02 2005 @ 07:20 PM EST |
The letter to Palmisano has one detail that caught my eye.We then
met with your lawyers on June 2, 2003 to clarify for them IBM's improper use of
the protected Software Products, including derivative works and methods. David
Boies presented the overall impropriety of donating AIX to open source in
violation of the Related Agreements, including a PowerPoint presentation showing
IBM's contribution of protected methods to open source.
David
Boies. There's a name I haven't heard in a while. So heavy hitter Boies was
sent to intimidate the lawyers from IBM with a powerpoint presentation. IBM was
not intimidated, and Boies has apparently dropped out of the picture.
When
did IBM hire CSM? It would have been hard for Boies to bluff his own previous
bosses.
[ Reply to This | # ]
|
|
Authored by: kberrien on Wednesday, March 02 2005 @ 07:24 PM EST |
Two thoughts on PJ's summary....
>Mr. Sontag appears to make the argument that SCO had to
>continue to violate the GPL, because it was contractually
>obligated to offer updates to previous customers.
I'm sorry, SCO's support/service contracts take priority over the licensing for
the software at issue? So why do they have an issue with IBM continuing to
sell/support AIX after SCO "terminated" their license? Didn't they
add a few billion to the claims over this?
>Third, SCO seems to think that as long as it didn't charge
>any new customers, they were permitted to continue to
>distribute to their previous customers.
But they charged customers for support initially. Offering the source, besides
complying with the GPL, is in effect payment for services which were pre paid.
I would assume you could actually prove this by looking at how its all
credited/debited on their books.[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 07:37 PM EST |
Item 28 ("the text of the legal notice that was posted to sco.com on August 8,
2003") seems to me to be completely irrelevant to the accesses they complain
about. Analyse the text for information about authorisation to download files
from SCO's site. The first paragraph claims that SCO has suspended [new]
distribution of SCO Linux. This is a factual claim, not an AUTHORISED PERSONEL
ONLY sign. The second paragraph is only addressed to SCO customers, so doesn't
apply in an obvious way to IBM. This paragraph says there are new (unspecified)
procedures for owners of licensed SCO Linux products. Since the IBM team
weren't owners of such licensed products, that didn't apply to them.
All we are
left with is whatever was on the Login/Password box, which isn't mentioned by
Sontag.
Looking at old Slashdot SCO posts, I ran across
this insightful gem
from June 2003:
I bet they are monitoring the downloads for IP addresses.
Then they serve the service providers with subpoenas for the identity of whoever
is using that address. Then they sue everyone.
Okay, so so far they are
just accusing IBM of hacking based on their access logs, and haven't got around
to suing anyone else for accessing those files. But if by chance they happen to
win the point, I wouldn't put it past them to try to sue everyone else in their
server logs...
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 07:40 PM EST |
This guy is amazing. He can read server logs, identify IBM's IP addresses and
yet not know what he is selling?
Also, wasn't IBM also part of UnitedLinux? [ Reply to This | # ]
|
|
Authored by: KBellve on Wednesday, March 02 2005 @ 07:42 PM EST |
I am not sure what SCO is trying to protect themselves from.
By using password protection to limit public access to a ftp site doesn't mean
they didn't violate IBM's copyrights.
If any of SCO's customers were allowed to copy any GPL code would put SCO in
violation of IBM's copyrights, if SCO violates the GPL.
Also, Sontag lists 4 "FTP" sites...but 3 of them are were actually web
sites. Did they actually use the same notice on their FTP server as their WEB
server? Did they use the same authentication mechanism?
I found it strange that they would use HTTP:// without it being encrypted
(HTTPS://) if they were so concerned about logins and passwords. This would mean
logins/passwords would be sent as plain text across the internet.
Does anyone know for sure that SCO didn't offer anonymous FTP access? I assumed
that was the way IBM accessed SCO's ftp site, and not submitting blank
logins...
[ Reply to This | # ]
|
|
Authored by: Mouse on Wednesday, March 02 2005 @ 07:53 PM EST |
It must be me, because of not being a programmer. But if you want
to program something new, why would you start with something old that doesn't do
what you want and hack on that, instead of just writing something
new?
Yes, that is how most software is developed.
When a new version of something is released with new features, it's not usually
a complete rewrite from the previous version. Usually the new features were
added on to the pre-existing code.
This can be the case even when the
two "versions" were written by different people. For example, UC Berkeley wrote
a version of Unix that was based on an older version of Unix from AT&T.
Eventually, Berkeley's Unix had little in common with AT&T's Unix, but there
was that big kerfuffle as they argued about who had written which
bits.
I don't know anything about JFS, but it's conceivable that it
could have been developed from an older file system that didn't support
journaling. That's what Sontag is implying (and he's also saying that SCO owns
some of that basic code). [ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 07:56 PM EST |
I think it is a lie. I can't tell you everything. Except that the webpage was to
allow access for customers.
There should be a trail - like an email trail of SCO distributing the required
user names and passwords to their customers who were supposed to have access. I
don't think this trail exists. Also a user name and password database should
exist that correspond with the customer list.
In any event I would like IBM to verify the existence or non existence of such a
trail. [ Reply to This | # ]
|
|
Authored by: dmomara on Wednesday, March 02 2005 @ 08:03 PM EST |
"28. This the text of the legal notice that was posted to sco.com on August
8, 2003:
NOTICE: SCO has suspended new sales and distribution of SCO Linux until the
intellectual property issues surrounding Linux are resolved. SCO will, however,
continue to support existing SCO Linux and Caldera OpenLinux customers
consistent with existing contractual obligations. SCO offers at no extra charge
to its existing Linux customers a SCO UNIX IP license for their use of prior SCO
or Caldera distributions of Linux in binary format. The license also covers
binary use of support updates distributed to them by SCO. This SCO license
balances SCO's need to enforce its intellectual property rights against the
practical needs of existing customers in the marketplace."
My copy of the page at http://linuxupdate.sco.com of the scolinux SRPM
repository has no such "legal notice" in it on the date 12/20/03. Only
directories above the SRPM subdir contained a notice.[ Reply to This | # ]
|
|
Authored by: m_si_M on Wednesday, March 02 2005 @ 08:05 PM EST |
would anyone even consider buying server software from a company
admitting things like these?
20. On September 23, 2003 an upgrade was
done to the authentication mechanism on the download site, linuxupdate.sco.com.
Through this upgrade, a bug in the authentication software was inadvertently
introduced. If someone entered an invalid username or password (or both),
they would simply have the login prompt re-represented to them up to 3 times.
After three failed attempts, they would get an error message and be denied
access. However, if they left the username and password fields blank on any
attempt, the authentication process was delayed (by approximately 15-30 seconds)
and access was eventually allowed.
[...]
22. On October 31,
2003, someone explained this password-bypass procedure on the internet at
Slashdot.org. On February 18, 2004, news of this bug was posted on the
SCOX message board at messages.yahoo.com. On March 4, 2004, SCO became
aware of the problem and immediately fixed it.
23. On July 18,
2004, the authentication bug was inadvertently reintroduced when a SCO
programmer was fixing an unrelated problem. SCO was unaware of this reoccurrence
until August 23, 2004, when the problem was immediately repaired
again.
Disgusting! [ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 08:11 PM EST |
The Slashdot disclosures in October 2003 seem to be
this thread, where user
Jaysyn answers the question "Anybody have the username and PW to download?" with
"You don't need it, leave it blank, really....", and
this thread, where an
Anonymous Coward points out the same thing, specifically for the url http://linuxupdate.sco.com/scolinux
a>.
In the latter thread user frkiii wishfully muses "I hope someone working for
SCO doesn't read this particular comment in /. for a while. :)" Apparantly they
got their wish!
[ Reply to This | # ]
|
|
Authored by: RedBarchetta on Wednesday, March 02 2005 @ 08:12 PM EST |
At the time this all occured, access to the SCO ftp server was restricted by a
password/login dialog box. This is a standard Apache (i.e., web server)
security feature. It's also standard for alot of sysadmins to screw up this
portion of the Apache setup.
The Apache "directory access" security
setup has two components:
1) The user/password database
2) The HTTP
server setup
The first component requires issuing shell commands to
create a name/password database. Since there are oodles of rookie system
administrators who aren't comfortable with the Linux/UNIX command line, this
step is often bypassed accidentally, or botched due to improper syntax
(sometimes it's just plain old ignorance).
The second component,
telling the Apache HTTP server how to restrict directory access, involves
editing a simple text file (.htaccess) located in each directory to be
restricted. Since most Linux/UNIX distributions come with a GUI-based text
editor, this part is the least botched.
So it's entirely possible to
completely botch the user/database setup, AND configure Apache to restrict
access, AND have the appearance of working security. If a user attempts access
to the "protected" directory, they will receive a name/password dialog. But
here's the rub: it won't restrict access unless the user database is
setup.
Your chain is only as strong as your weakest link.
In this case, the user/database setup was probably incorrectly
administered, and as a result people were able to bypass the dialog box. How?
By pressing OK without so much as entering a name or password.
Had the
administrators bothered to test their setup, they would have quickly discovered
the hole. Or they DID test the setup, realized they had a hole, but knew
nothing on how to resolved the problem. I elect the
latter.
--- Collaborative efforts synergise. [ Reply to This | # ]
|
|
Authored by: yscydion on Wednesday, March 02 2005 @ 08:16 PM EST |
Just out of interest (and from home not work) I typed "ftp://ftp.sco.com/"
into the address box of my web browser and there I was looking at the top level
directory of their FTP server with no prompt, and no visible text telling me to
go away. There was a file called "Legal_Notice", but I don't know what it says
because I did not download it. If I had gone to "ftp://ftp.sco.com/pub"
directly, I would not even have known that there was such a file. The directory
'pub' (for public) is a convention going back to before the web was invented for
a place where you put files that are being made publicly available for anyone to
download, so going directly there would be a normal thing to do.
Turning
off anonymous FTP is not rocket science, see for example http://docsrv.sco.c
om/NET_tcpip/ftpT.anon_access.html
"Controlling access to anonymous FTP".
Even if you don't have a convenient management interface like that, it is not
hard for anyone who has any idea how to manage internet facing servers.
I
did not probe very far, but there were various empty directories with Linux in
their name, and modification dates in December 2004 or January 2005. I can't
know what was there back then, but it all looks very suspicious to
me.
Sontag's paragraph 29 claims that the fourth listed "web site"[sic]
"became subject to password protection on August 13, 2004". The fourth URL takes
you to the FTP server, not a web site, and if Sontag's declaration is correct,
then the access control must have been removed since then. This seems highly
unlikely to me.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 08:59 PM EST |
"20. On September 23, 2003 an upgrade was done to the authentication mechanism
on the download site, linuxupdate.sco.com. Through this upgrade, a bug in the
authentication software was inadvertently introduced. If someone entered an
invalid username or password (or both), they would simply have the login prompt
re-represented to them up to 3 times. After three failed attempts, they would
get an error message and be denied access. However, if they left the username
and password fields blank on any attempt, the authentication process was delayed
(by approximately 15-30 seconds) and access was eventually allowed.
21. Anyone
who accessed the site by exploiting this bug would have known they were
bypassing a security login -- that is, hacking into the system. "
This is
simply nonsense, it may show a prompt for a password and user name from Internet
explorer for example but may not show anything if you use another software to
access this link from many Linux FTP applications or numerous other software
capable of downloading; I know because I just from curiosity accessed this files
by entering the link posted on many internet sites and I could downloaded
anything I want. Beside it was clear to me that it is GPL’ed software so it is
readily available to me. It is really silly for them to claim that they are the
UNIX owners and they posses the UNIX "secret" knowledge, but in the same time
are so incompetent, because they distribute under the GPL its own allegedly
stolen code to the public. What is it? Are they are really experts or
incompetent computer literate novice claiming to be experts. Shouldn’t they
test its "protected" site against most popular application people may use to
access it? After all the world is not turning only around MS Internet Explorer..
Shouldn’t they employ some of theirs advanced UNIX method and concepts to
maintain a simple site, the same methods and concepts they want billions for?
For many FTP agents or http browsers capable of ftp protocol there was no any
restriction to access to this files.. empty string is after all an empty string
and an empty string gets you in.. seamlessly anyone could get access to it at
any time.. it something doesn’t add up here.. It makes me wonder if it was
really password protected in a first place. [ Reply to This | # ]
|
|
Authored by: darkonc on Wednesday, March 02 2005 @ 09:00 PM EST |
PJ wrote:
The issue isn't whether you charge for the distribution, just that
you did it after you lost your right to distribute. And by any GPL measure that
I know, SCO continued to distribute after they lost their right to
distribute.
Their plea for leniency is based on the fact that they
never really made that much money off of SCO code , after they restricted who
whey would sell the stuff too. They also subtract the cost of returns from the
income from downloads so that it's a bit harder to figure out exactly how much
(gross) they took in for distributing Linux in this time period -- my
calculations come to $41,118 presuming that they didn't charge any sort of
'restocking fee' for returns.
As for 'hacking' the site with a null
login/password... This would be (for me) a standard way of checking to see if
the FTP site was still up..
Ftp downloads.ftp.com
[cr]
[cr]
exit
That this allowed you to login would just be am add-on.
If
I knew that a site allowed me to use enter/enter instead of
ftp/some_random_string, I'm lazy. I wouldn't bother with the extra typing.
It should also be noted that the FTP/email hack exists because the original
FTP daemon refused to allow access without a login and password, and this was
easier than changing the protocol (lazy programmers with a hack of their
own).
--- Powerful, committed communication. Touching the jewel within
each person and bringing it to life.. [ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 09:11 PM EST |
1. Sontag claims that SCO was not aware that they were distributing Linux to all
and sundry from their web site.
This claim is belied by their
spokesman's (Blake Stowell's) own public statements to the press, in which he
not only acknowledges that SCO continued to distribute Linux, but even attempted
to justify it.
For example, emphasis added, www.computerweekly.com/Ar
ticle125252.htm
SCO has not sold the SCO Linux software in
question since 12
May, but the company continues to distribute it via the
internet to
honour existing support contracts, said SCO spokesman
Blake
Stowell.
Stowell disputed the idea that SCO could no longer
distribute
Linux. "We're the copyright holder for the core Unix
operating
system. If we want to charge someone a licensing fee for using
our
copyrighted software that's gone into Linux, then we have that
prerogative,"
he said.
"If we want to continue to distribute Linux to our
existing
customers, we can do that because we own the copyrights on that
Unix
software."
2. Sontag claims that SCO was not
aware that it was IBM who contributed certain code to Linux, despite the fact
that SCO was marketing these very features.
While this claim maybe
appear implausible on its fact (didn't SCO know what product they were selling),
it is further belied by SCO's own documents, some of which have already been
presented as exhibits to this case.
I am of course refering to the
slideshow that SCO presented at their SCOforum, in August 2003. A copy of which
can be found at perens.org/SCO/SCOSlideShow.html<
/A>. In one of the slides (page 21 in the PDF version), SCO even goes so far as
to point to an IBM copyright notice!
Quatermass
IANAL IMHO etc[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 09:22 PM EST |
Legal Notice
------------
LISA (Linux Installation & System Administration)
is
Copyright (C) 1994-1995 Ralf Flaxa & Stefan
Probst
----------------------------------------
GNU GENERAL PUBLIC
LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software
Foundation, Inc.
675 Mass Ave, Cambridge, MA 02139,
USA
Everyone is permitted to copy and distribute verbatim copies
of this
license document, but changing it is not allowed.
Preamble
The
licenses for most software are designed to take away your
freedom to share and
change it. By contrast, the GNU General Public
License is intended to guarantee
your freedom to share and change free
software--to make sure the software is
free for all its users. This
General Public License applies to most of the Free
Software
Foundation's software and to any other program whose authors commit
to
using it. (Some other Free Software Foundation software is covered by
the
GNU Library General Public License instead.) You can apply it to
your programs,
too.
When we speak of free software, we are referring to freedom, not
price.
Our General Public Licenses are designed to make sure that you
have the freedom
to distribute copies of free software (and charge for
this service if you wish),
that you receive source code or can get it
if you want it, that you can change
the software or use pieces of it
in new free programs; and that you know you can
do these things.
To protect your rights, we need to make restrictions that
forbid
anyone to deny you these rights or to ask you to surrender the
rights.
These restrictions translate to certain responsibilities for you if
you
distribute copies of the software, or if you modify it.
For example, if
you distribute copies of such a program, whether
gratis or for a fee, you must
give the recipients all the rights that
you have. You must make sure that they,
too, receive or can get the
source code. And you must show them these terms so
they know their
rights.
We protect your rights with two steps: (1) copyright
the software, and
(2) offer you this license which gives you legal permission to
copy,
distribute and/or modify the software.
Also, for each author's
protection and ours, we want to make certain
that everyone understands that
there is no warranty for this free
software. If the software is modified by
someone else and passed on, we
want its recipients to know that what they have
is not the original, so
that any problems introduced by others will not reflect
on the original
authors' reputations.
Finally, any free program is threatened
constantly by software
patents. We wish to avoid the danger that redistributors
of a free
program will individually obtain patent licenses, in effect making
the
program proprietary. To prevent this, we have made it clear that any
patent
must be licensed for everyone's free use or not licensed at all.
The precise
terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND
MODIFICATION
0. This License applies to any program or other work which
contains
a notice placed by the copyright holder saying it may be
distributed
under the terms of this General Public License. The "Program",
below,
refers to any such program or work, and a "work based on the
Program"
means either the Program or any derivative work under copyright
law:
that is to say, a work containing the Program or a portion of it,
either
verbatim or with modifications and/or translated into another
language.
(Hereinafter, translation is included without limitation in
the term
"modification".) Each licensee is addressed as "you".
Activities other than
copying, distribution and modification are not
covered by this License; they are
outside its scope. The act of
running the Program is not restricted, and the
output from the Program
is covered only if its contents constitute a work based
on the
Program (independent of having been made by running the Program).
Whether
that is true depends on what the Program does.
1. You may copy and distribute
verbatim copies of the Program's
source code as you receive it, in any medium,
provided that you
conspicuously and appropriately publish on each copy an
appropriate
copyright notice and disclaimer of warranty; keep intact all
the
notices that refer to this License and to the absence of any warranty;
and
give any other recipients of the Program a copy of this License
along with the
Program.
You may charge a fee for the physical act of transferring a copy,
and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus
forming a work based on the Program, and copy and
distribute such modifications
or work under the terms of Section 1
above, provided that you also meet all of
these conditions:
a) You must cause the modified files to carry prominent
notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or
in part contains or is derived from the Program or any
part thereof, to be
licensed as a whole at no charge to all third
parties under the terms of
this License.
c) If the modified program normally reads commands
interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that
there is no warranty (or else, saying that you provide
a warranty) and that
users may redistribute the program under
these conditions, and telling the
user how to view a copy of this
License. (Exception: if the Program itself
is interactive but
does not normally print such an announcement, your work
based on
the Program is not required to print an announcement.)
These
requirements apply to the modified work as a whole. If
identifiable sections of
that work are not derived from the Program,
and can be reasonably considered
independent and separate works in
themselves, then this License, and its terms,
do not apply to those
sections when you distribute them as separate works. But
when you
distribute the same sections as part of a whole which is a work
based
on the Program, the distribution of the whole must be on the terms of
this
License, whose permissions for other licensees extend to the
entire whole, and
thus to each and every part regardless of who wrote it.
Thus, it is not the
intent of this section to claim rights or contest
your rights to work written
entirely by you; rather, the intent is to
exercise the right to control the
distribution of derivative or
collective works based on the Program.
In
addition, mere aggregation of another work not based on the Program
with the
Program (or with a work based on the Program) on a volume of
a storage or
distribution medium does not bring the other work under
the scope of this
License.
3. You may copy and distribute the Program (or a work based on
it,
under Section 2) in object code or executable form under the terms
of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source
code, which must be distributed under the terms of Sections
1 and 2 above on
a medium customarily used for software interchange; or,
b) Accompany it
with a written offer, valid for at least three
years, to give any third
party, for a charge no more than your
cost of physically performing source
distribution, a complete
machine-readable copy of the corresponding source
code, to be
distributed under the terms of Sections 1 and 2 above on a
medium
customarily used for software interchange; or,
c) Accompany it
with the information you received as to the offer
to distribute
corresponding source code. (This alternative is
allowed only for
noncommercial distribution and only if you
received the program in object
code or executable form with such
an offer, in accord with Subsection b
above.)
The source code for a work means the preferred form of the work
for
making modifications to it. For an executable work, complete source
code
means all the source code for all modules it contains, plus any
associated
interface definition files, plus the scripts used to
control compilation and
installation of the executable. However, as a
special exception, the source
code distributed need not include
anything that is normally distributed (in
either source or binary
form) with the major components (compiler, kernel, and
so on) of the
operating system on which the executable runs, unless that
component
itself accompanies the executable.
If distribution of executable or
object code is made by offering
access to copy from a designated place, then
offering equivalent
access to copy the source code from the same place counts
as
distribution of the source code, even though third parties are not
compelled
to copy the source along with the object code.
4. You may not copy, modify,
sublicense, or distribute the Program
except as expressly provided under this
License. Any attempt
otherwise to copy, modify, sublicense or distribute the
Program is
void, and will automatically terminate your rights under this
License.
However, parties who have received copies, or rights, from you
under
this License will not have their licenses terminated so long as
such
parties remain in full compliance.
5. You are not required to accept
this License, since you have not
signed it. However, nothing else grants you
permission to modify or
distribute the Program or its derivative works. These
actions are
prohibited by law if you do not accept this License. Therefore,
by
modifying or distributing the Program (or any work based on the
Program), you
indicate your acceptance of this License to do so, and
all its terms and
conditions for copying, distributing or modifying
the Program or works based on
it.
6. Each time you redistribute the Program (or any work based on
the
Program), the recipient automatically receives a license from the
original
licensor to copy, distribute or modify the Program subject to
these terms and
conditions. You may not impose any further
restrictions on the recipients'
exercise of the rights granted herein.
You are not responsible for enforcing
compliance by third parties to
this License.
7. If, as a consequence of a
court judgment or allegation of patent
infringement or for any other reason (not
limited to patent issues),
conditions are imposed on you (whether by court
order, agreement or
otherwise) that contradict the conditions of this License,
they do not
excuse you from the conditions of this License. If you
cannot
distribute so as to satisfy simultaneously your obligations under
this
License and any other pertinent obligations, then as a consequence you
may
not distribute the Program at all. For example, if a patent
license would not
permit royalty-free redistribution of the Program by
all those who receive
copies directly or indirectly through you, then
the only way you could satisfy
both it and this License would be to
refrain entirely from distribution of the
Program.
If any portion of this section is held invalid or unenforceable
under
any particular circumstance, the balance of the section is intended
to
apply and the section as a whole is intended to apply in
other
circumstances.
It is not the purpose of this section to induce you to
infringe any
patents or other property right claims or to contest validity of
any
such claims; this section has the sole purpose of protecting the
integrity
of the free software distribution system, which is
implemented by public license
practices. Many people have made
generous contributions to the wide range of
software distributed
through that system in reliance on consistent application
of that
system; it is up to the author/donor to decide if he or she is
willing
to distribute software through any other system and a licensee
cannot
impose that choice.
This section is intended to make thoroughly clear
what is believed to
be a consequence of the rest of this License.
8. If the
distribution and/or use of the Program is restricted in
certain countries either
by patents or by copyrighted interfaces, the
original copyright holder who
places the Program under this License
may add an explicit geographical
distribution limitation excluding
those countries, so that distribution is
permitted only in or among
countries not thus excluded. In such case, this
License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the
General Public License from time to time. Such new versions will
be similar in
spirit to the present version, but may differ in detail to
address new problems
or concerns.
Each version is given a distinguishing version number. If the
Program
specifies a version number of this License which applies to it and
"any
later version", you have the option of following the terms and
conditions
either of that version or of any later version published by the
Free
Software Foundation. If the Program does not specify a version number
of
this License, you may choose any version ever published by the Free
Software
Foundation.
10. If you wish to incorporate parts of the Program into
other free
programs whose distribution conditions are different, write to the
author
to ask for permission. For software which is copyrighted by the
Free
Software Foundation, write to the Free Software Foundation; we
sometimes
make exceptions for this. Our decision will be guided by the two
goals
of preserving the free status of all derivatives of our free software
and
of promoting the sharing and reuse of software generally.
NO
WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT
WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER
PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO
THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM
PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR
CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR
DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT
LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED
BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY
OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF
THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND
CONDITIONS
Appendix: How to Apply These Terms to Your New Programs
If you
develop a new program, and you want it to be of the greatest
possible use to the
public, the best way to achieve this is to make it
free software which everyone
can redistribute and change under these terms.
To do so, attach the following
notices to the program. It is safest
to attach them to the start of each source
file to most effectively
convey the exclusion of warranty; and each file should
have at least
the "copyright" line and a pointer to where the full notice is
found.
Copyright (C) 19yy
This program is free software; you
can redistribute it and/or modify
it under the terms of the GNU General
Public License as published by
the Free Software Foundation; either version
2 of the License, or
(at your option) any later version.
This program
is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY;
without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along
with this program; if not, write to the Free Software
Foundation, Inc., 675
Mass Ave, Cambridge, MA 02139, USA.
Also add information on how to contact you
by electronic and paper mail.
If the program is interactive, make it output a
short notice like this
when it starts in an interactive mode:
Gnomovision
version 69, Copyright (C) 19yy name of author
Gnomovision comes with
ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software,
and you are welcome to redistribute it
under certain conditions; type `show
c' for details.
The hypothetical commands `show w' and `show c' should show the
appropriate
parts of the General Public License. Of course, the commands you
use may
be called something other than `show w' and `show c'; they could even
be
mouse-clicks or menu items--whatever suits your program.
You should also get
your employer (if you work as a programmer) or your
school, if any, to sign a
"copyright disclaimer" for the program, if
necessary. Here is a sample; alter
the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
program
`Gnomovision' (which makes passes at compilers) written by James
Hacker.
, 1 April 1989
Ty Coon, President of Vice
This General Public
License does not permit incorporating your program into
proprietary programs.
If your program is a subroutine library, you may
consider it more useful to
permit linking proprietary applications with the
library. If this is what you
want to do, use the GNU Library General
Public License instead of this
License.
xx [ Reply to This | # ]
|
- yikes! - Authored by: Anonymous on Wednesday, March 02 2005 @ 11:26 PM EST
- yikes! - Authored by: belzecue on Thursday, March 03 2005 @ 01:47 AM EST
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 09:26 PM EST |
Why can't IBM go after discovery of every single version of SCO's website?
Surely that's trivial to provide, why is SCO withholding?
JRH
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 09:26 PM EST |
IBM doesn't need their proof of SCO distributing linux anymore.
Exhibit F seems to take care of that.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 09:31 PM EST |
".....SCO executives reading nothing but the comics for several
years......" Facts: - PJ frequently writes in a droll and/or
sarcastic fashion. - PJ's writings often point out, in a light-hearted
fashion, the hypocracy of all sorts of individuals and organizations. - Many
people read PJ's writings for entertainment of the humorous
variety. Conclusions: - PJ is, among others things, a comic writer,
hence a comic (at least some of the time). - Reading PJ's writings amounts to
at least perusing part of the universe of "reading the
comics". Conundrum: If PJ writings are considered part of reading the
comics, and the SCO execs were only reading the comics for a couple of years,
wouldn't they have likely found they were distributing Linux when they thought
they weren't? Especially as PJ is not the only humorist to have pointed this
out. Wouldn't this make here comment untrue and therefore not funny? But it is
funny. Funny how that works out. Or maybe only if SCO goes down - soon? [ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 10:29 PM EST |
``IBM is guilty of hitting the Return key. If that is
"hacking", maybe we need to redefine our terms as well as rewrite the
law.''
The bar is so low on what constitutes "hacking" that
it's almost difficult not to hack. Just ask the poor slob in Great
Britain who's been arrested for "hacking" into a web site created for tsunami
relief. His hacking tool of choice: lynx.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, March 02 2005 @ 11:04 PM EST |
IBM downloaded SuSE Linux kernel sources from the SCO web site. Why... those
cads!
Seriously... Is there any hard evidence that IBM didn't get into the
FTP site using a valid username and password? An outfit like IBM probably has a
copy of every piece of software ever written to evaluate it for compatibility,
etc. Who's to say they didn't have the access to the software accorded any SCO
user? SCO's say-so? Excuse me if I don't find their credibility as rock-solid
as they'd like us all to find it.
Finally, what SCO presents as access logs
aren't anything of the sort. They are a spreadsheet of information that SCO
purports to have come from FTP server logs. Where are the actual log files? IBM
ought to ask to see the raw data rather than some SCO "Reader's Digest"
condensation of the logs.
[ Reply to This | # ]
|
|
Authored by: eamacnaghten on Wednesday, March 02 2005 @ 11:50 PM EST |
IBM was is a Technology Partner (with HP and AMD and maybe others) of United
Linux.
Also - there is a rather good spin on their web site about their "inactivity"
....
We believe that the mission of UnitedLinux has been
accomplished. Connectiva, SUSE LINUX and Turbolinux continue to support,and
maintain products powered by UnitedLinux. Conectiva, SUSE LINUX and Turbolinux
also continue to market their respective UnitedLinux distributions and are
working together to enhance the capabilities of the UnitedLinux based system.
Each of the three companies will support its customers throughout the lifecycle
of version 1.0. There are no plans for a version 2.0 at this
time.
So they did not die because SCO messed them about - but
are not doing anything more because they achieved their objectives :-)
Web
sig: Eddy Currents [ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 12:00 AM EST |
I can load a FTP site full of mp3's, put in a file that says this is only for my
custmers, even put up a real password system. Sell passwords online. When the
riaa catches me distrubiting Usher, Madona, or Tim Magraw files by the
thousands. Is all I have to do then is say they had unclean hands by hacking in?
If that didnt work, maybe I was contractualy obligated to the people I sold
password to?
Not in a million years will that get me off the hook for copyright infringment.[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 12:05 AM EST |
Am I right in assuming that all this noise, clutter & fluff regarding
derived works & unix copies & linux, is still 100% dependant on SCO
proving they obtained copyright to unix and following that, to all derived
works.
My reason for asking is that surely the core matter for everyone involved in the
case is did tSCOg purchase the core ip & all rights & copyrights of
Unix, from Novell (Santa Cruz Op ?).
All the other stuff flying around & the massive efforts in discovery &
much of the follow on claims (excluding some of IBMs CCs) all must amount to
nothing if tSCIg don't, didn't and haven't got the copyright rights to Unix ?.
Just wanting to understand if I have this right ?
(it would help me understand better why tSCOg seem so desperate to avoid any
decision on this)
Tks
Doug Marker[ Reply to This | # ]
|
|
Authored by: Bill The Cat on Thursday, March 03 2005 @ 12:21 AM EST |
I am puzzled by one of Sontag's claims. He says that when SCO
participated in the UnitedLinux project, it had no idea that JFS was derived
from SCO'S proprietary software or that it had been contributed to Linux by IBM
"in violation of IBM's agreements with SCO." He also claims they hadn't a clue
that the other features SCO marketed, like asynchronous I/O, enterprise volume
management systems, and better SMP scaling, were developed by IBM. They just
went by what the rest of the UL consortium told them. I think I
recall that SCO actually promoted their Linux as having JFS, SMP etc. I may be
wrong but didn't this come up some time ago? Didn't SCO at one point say they
didn't know this stuff was in there but at a previous point in time actually
distributed press releases touting the fact that their Linux had these
features? Can someone correct or confirm this? Thanks --- Bill Catz [ Reply to This | # ]
|
|
Authored by: rm6990 on Thursday, March 03 2005 @ 12:32 AM EST |
Their FTP server's security is botched again!!! Go to
ftp://ftp.sco.com/
and watch as you gain access and no password is requested.
What a bunch of morons.[ Reply to This | # ]
|
|
Authored by: dwheeler on Thursday, March 03 2005 @ 01:31 AM EST |
Now this is getting silly (well, okay, this case got silly a while back). A
blank password is a common convention for public access. Claiming that pressing
RETURN at a password request is "hacking" defies common conventions.
Many
systems, particularly old ones, aren't able to disable their security/login
mechanisms. To compensate, it's been a convention for decades that if you don't
want some mechanism controlled by a password, you set its password to an empty
password.
If I'm told something is publicly available, and then asked for a
"password", I reflexively hit "return" with a blank password. If that works,
then clearly the provider didn't intend for it to actually be protected, or they
would have set a password. Otherwise, how the heck are people supposed to
provide public access with systems whose login mechanisms cannot be
disabled?
And of course, it's not even clear that the system even prompted
IBM for a password at all.
But bottom line, if all that was done was
pressing "Enter" at a password prompt, then IBM was simply following standard
computing conventions. Doing a password guessing attack (even if they use lynx)
would be a real attack, and if they were accused of that the accusation would
make more sense. But following standard conventions for anonymous use should be
fine.
[ Reply to This | # ]
|
|
Authored by: anwaya on Thursday, March 03 2005 @ 03:19 AM EST |
In his declaration at 14, Sontag tells us that "SCO decided that the most
sensible solution was to suspend its sale and marketing of all of its
Linux-related products effective May 14, 2003."
On June 13,
2003, The 2.4.21 kernel was released.
On December 19, 2003, SCO
published the "ABI Files letter", which says specifically that certain files in
the 2.4.21 kernel "were never intended or authorized for unrestricted use or
distribution under the
GPL in Linux."
On January 13, 2004,
pixpat.austin.us.ibm.com downloaded kernel-source-2.4.21-138.i586.rpm from
/scolinux/updates/RPMS.updates.
On February 18, 2004,
kernel-source-2.4.21-138.i586.rpm was downloaded again.
Previously, on
January 9, 2004, there was a fetch of the directory, but the only kernel
downloads that day were 2.4.19-SuSE.10[46].i586.rpm. None of the sessions SCO
presents list the 2.4.21 kernel before January 2004.
At some date after
Sontag's involvement in the decision to cease sales and marketing of Linux, SCO
decided to provide its customers with an update to the kernel on the FTP site.
They chose to provide a version, under the GPL, which must have contained files
they said should not be distributed under the GPL, or otherwise be
non-functional.
I wonder what their justification for this was? Did they look
to see if it was a kernel they felt didn't infringe on the IP rights they
assert? Or check that it didn't add new infringements? Did they consider that
distributing a new version of the Linux kernel might look like approval of the
kernel?
I should like to know what Sontag's answers are. Does anyone else
have more questions for Sontag?
[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 05:08 AM EST |
Next time Christopher Sontag enters a store, we'll call the police and accuse
hime of tresspassing. Although the door was not locked, he pushed it open and
entered the shop. This is clearly illegal, he should have known that the door
was normally locked and only due to a bug the door was open.
Silly SCO[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 05:54 AM EST |
Which is not the same as saying that they were on the actual pages which IBM
visited in order to obtain the source.[ Reply to This | # ]
|
|
Authored by: Steve Martin on Thursday, March 03 2005 @ 06:45 AM EST |
"The SCO Intellectual Property License for Linux is sold
pursuant to written agreements, ... These licenses are solely for SCO's UNIX
software."
Which of course immediately raises the
question of why it's a "License for Linux" if it's "solely for SCO's UNIX
software", and was only sold to people running Linux.
--- "When I say
something, I put my name next to it." -- Isaac Jaffee, "Sports Night" [ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 07:09 AM EST |
Interesting analogy with the RIAA... if SCO wins this argument does that mean
the RIAA is illegally "hacking" the P2P networks for downloading stuff
from them without an invitation.[ Reply to This | # ]
|
|
Authored by: mossc on Thursday, March 03 2005 @ 08:03 AM EST |
on oct 29th 2003 this worked without a password prompt:
wget
ftp://ftp.sco.com/pub/scolinux/server/4.0/updates/SRPMS/kernel-source-2.4.19.SuS
E-340.nosrc.rpm
wget ftp://ftp.sco.com/pub/scolinux/Legal_Notice
Chuck
[ Reply to This | # ]
|
|
Authored by: mossc on Thursday, March 03 2005 @ 08:09 AM EST |
"27. The logs confirm unauthorized accesses from IBM IP addresses, during
which 51 files were downloaded, from January 9, 2004, to August 4, 2004,
including the very files that IBM now relies on in its motions for summary
judgment. Complete logs of all unauthorized downloads by IBM are
available."
Lets see the complete logs of authorized downloads.[ Reply to This | # ]
|
|
Authored by: jdg on Thursday, March 03 2005 @ 09:21 AM EST |
Lamlaw got me thinking... Did oldSCO ever distribute Linux? Any single
distribution of Linux by oldSCO would stop newSCO from using this excuse because
they cannot make this excuse for oldSCO. If oldSCO did distribute Linux to
anyone, then newSCO "bought" the waiver when they bought Unix rights
from oldSCO. Too bad for newSCO.:>)
---
SCO is trying to appropriate the "commons"; don't let them [IANAL][ Reply to This | # ]
|
|
Authored by: LarryVance on Thursday, March 03 2005 @ 10:02 AM EST |
I am surprised by some of the attachments. They appear to be very incriminating
against tSCOg. Why would they publish their software specification that
expressly provides for linux a license restriction of usage on a limited number
of CPUs or an additional license for each implementation. This is in direct
conflict with the GPL, which they have claimed they do not repudiate.
The log files for the IBM access demonstrates that there was no hacking
involved. The column of status clearly states "ACCESS GRANTED". They
by their own admission granted access to the repository. If they try to pursue
illegal entry to IBM for this repository and apply it singularly to them and not
SUN, and M$, and HP, and SGI, and CA, and ad infinitum then they are IMO going
to be causing themselves big troubles by selective application.
Either Sontag is a total idiot or has no scruples. Maybe a combination of the
two. I think this declaration and the attachments I have seen are actually very
damning for tSCOg.
---
NEVER UNDERESTIMATE YOUR INFLUENCE!
Larry Vance[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 10:41 AM EST |
If they kept distributing due to being required to by customer contracts, does
this mean that when they stopped distributing it, they no longer had any such
customers?
Quite shocking then; I'd have figured they were out of customers long before
that.[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 10:43 AM EST |
Since anyone who downloads GPL'd sources is free to redistribute them, IBM could
have a registered SCO user download it and give it to them. Therefore, the only
damage potentially inflicted on SCO is unauthorized use of their website, not
disclosure of their kernel. Even if this were proven, so what? Damages would
have to be minimal.
[ Reply to This | # ]
|
|
Authored by: aug24 on Thursday, March 03 2005 @ 11:24 AM EST |
Looking at the server logs, they are just the http command logs (typically
access.log).
There's nothing whatsoever in there to indicate whether IBM logged with a
password or not. All that part of Sontag's declaration is supposition.
Justin.
---
--
You're only jealous cos the little penguins are talking to me.[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 11:26 AM EST |
1) The security was not setup correctly (and still isn't)
-->not illegal but shows intent to secure
If fact that seems to be the strategy here...honest we tried to keep them out we
did like security and they broke in.
2) We thought we quit distributing the product. (honest)
--> our security was poor but we didn't know unauthorised people were
actually getting the code. (bad people and IBM was a bad person also)
this is a difficut issue to force .... from IBM point of view...
1) you are a computer software company...(no your Honor we're a lic./IP
administration company now)
2) You had to read those outside sources...(no sir not during work hours and
they are not my hobbies so I don't check them)
3) You got emails from people...(well sir we get alot of emails and usually
answer the ones form people we know first the others can take months)
this silly little game is very hard to contain and by showing intent they are
trying to cover the issues...
p.s. please show us the infringment SCO the ones you found before trail and the
fishing expedition started...
a subtle ogre
[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 11:53 AM EST |
reminds me of a street corner hustler. they have their three cups and they keep
shuffling the ball [complaint] from cup to cup in an attempt to confuse the
opposition [and judges] as to which cup their claims are in...
sum.zero[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 11:54 AM EST |
I am glad that he did not presented his opinion as an expert.. ;-)
For those
unfamiliar with this program "Wget" is a popular a non-interactive network
retriever, bundled with any Linux distribution.
Open a shell console and
type:
wget -r -l 2 ftp://ftp.sco.com/pub/
-r is for recursive
-l is for
recursion depth ( 0 will get you all)
It is a common convention that /pub
contains publicly accessible files.
As you see there is no any restriction,
warning, disclaimer or password prompt.
[alec@develop alec]$ wget -r -l 2
ftp://ftp.sco.com/pub/
--08:32:51-- ftp://ftp.sco.com/pub/
=>
`ftp.sco.com/pub/.listing'
Resolving ftp.sco.com... 216.250.128.13
Connecting to
ftp.sco.com[216.250.128.13]:21... connected.
Logging in as anonymous ... Logged
in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done.
==> CWD /pub ... done.
==> PASV ... done. ==> LIST ... done.
[
] 2,437
--.--K/s
08:32:54 (94.42 KB/s) - `ftp.sco.com/pub/.listing' saved
[2437]
Removed `ftp.sco.com/pub/.listing'.
Creating symlink
ftp.sco.com/pub/OpenLinux3.1.1 -> OpenLinux311/
--08:32:54--
ftp://ftp.sco.com/pub/README
=> `ftp.sco.com/pub/README'
==>
CWD not required.
==> PASV ... done. ==> RETR README ... done.
Length:
789
100%[====================================================>] 789
--.--K/s
08:32:54 (123.66 KB/s) - `ftp.sco.com/pub/README' saved
[789]
--08:32:54-- ftp://ftp.sco.com/pub/du-s
=>
`ftp.sco.com/pub/du-s'
==> CWD not required.
==> PASV ... done. ==>
RETR du-s ... done.
Length:
11
100%[====================================================>] 11
--.--K/s
08:32:55 (2.64 KB/s) - `ftp.sco.com/pub/du-s' saved
[11]
--08:32:55-- ftp://ftp.sco.com/pub/ls-lR
=>
`ftp.sco.com/pub/ls-lR'
==> CWD not required.
==> PASV ... done. ==>
RETR ls-lR ... done.
Length: 4,884,219
11% [=====>
] 583,072 75.48K/s ETA 00:56
[1]+ Stopped
wget -r -l 2 ftp://ftp.sco.com/pub/
I stopped here ...
[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 12:29 PM EST |
"In heaven, should you go there, you can code again in freedom."
In hell, should you there, you will code for M$.[ Reply to This | # ]
|
|
Authored by: ChubbyTiger on Thursday, March 03 2005 @ 02:03 PM EST |
This is lovely. Anon login to ftp.sco.com. The legal notice
is:
NOTICE: SCO has suspended new sales and distribution of SCO
Linux until
the intellectual property issues surrounding Linux are resolved.
SCO will,
however, continue to support existing SCO Linux and Caldera OpenLinux
customers consistent with existing contractual obligations. SCO offers at
no
extra charge to its existing Linux customers a SCO [sic] UNIX IP license for
their use of prior SCO or Caldera distributions of Linux in binary
format.
The license also covers binary use of support updates distributed
to them by
SCO. This SCO license balances SCO's need to enforce its
intellectual property
rights against the practical needs of existing
customers in the
marketplace.
The Linux rpms available on SCO's ftp site are offered for
download to
existing customers of SCO Linux, Caldera OpenLinux or SCO UnixWare
with
LKP, in order to honor SCO's support obligations to such
customers.
In /etc/passwd one can find
root:*:0:0:::
bin:*:1:1:::
operator:*:11:0:::
ftp:*:14:50:::
nobod
y:*:65534:65534:::
Had I wished, I could have downloaded any bit
of OpenLinux I wanted without ever being asked for a password or being warned
that I'm not supposed to be there if I'm not a current customer.
Morons.
CT[ Reply to This | # ]
|
|
Authored by: chris_bloke on Thursday, March 03 2005 @ 05:02 PM EST |
According to the new
8K filed at the SEC
On February 28, 2005, on management's recommendation, the
Audit Committee of
the Board of Directors of The SCO Group,
Inc. (the "Company") concluded, and
KPMG LLP, the Company's
independent auditors agreed, that, due to certain
accounting errors, the Company's financial statements for
the quarters ending
January 31, 2004, April 30, 2004 and
July 31, 2004 should no longer be relied
upon and should be
restated.
Specifically
For the first, second and third quarters, the Company
expects to reclassify amounts related to certain shares of
common stock that
the Company may have issued under its
equity compensation plans without
complying with the
registration requirements of federal and applicable state
securities laws from permanent equity to temporary equity
in the amounts of
approximately $272,000, $231,000, and
$557,000, respectively. The
Company may make a rescission
offer to holders of certain shares and expects an
amount to
be classified as temporary equity until the completion of a
rescission offer or until the Company no longer has an
obligation to the
holders of such shares.
For the first
quarter and the second quarter, the Company
expects to reclassify accrued
dividends related to the
Company's previously issued Series A and Series A-1
Convertible Preferred Stock from equity to current
liabilities in the amounts
of approximately $879,000 and
$1,619,000, respectively. In October
2003, the Company
issued shares of Series A Convertible Preferred Stock in
connection with its $50,000,000 private placement, which
shares were
subsequently exchanged for and replaced with
shares of Series A-1 Convertible
Preferred Stock. When the
Company repurchased all outstanding shares of Series
A-1
Convertible Preferred Stock in July 2004, the Company's
obligation to pay
dividends on such shares terminated. The
accrued dividends were never paid and
ultimately were
recorded in equity upon the completion of the repurchase
transaction. In addition, the dividends were properly
captured in the
calculation of earnings per share in the
periods above.
For the first and second quarter, the Company expects to
restate approximately $233,000 of stock-based compensation
expense which
was recorded in the second quarter, but
incurred in the first quarter. There
will be no change to
the total stock-based compensation expense for the fiscal
year ended October 31, 2004.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Thursday, March 03 2005 @ 05:42 PM EST |
I think that SCO could claim that a password prompt represented a security
measure, even if an ineffectual one. For the benefit of the Judge and various
lawyers in the trial it should be made very clear that the socially accepted
convention for ftp servers is that if the ftp server allows logins with the
username "anonymous" and any password, then the ftp server is
considered open to public access.
[ Reply to This | # ]
|
|
|
|
|