Welcome!

Linux Authors: Carmen Gonzalez, Pat Romanski, Elizabeth White, Victoria Livschitz, Ignacio M. Llorente

Related Topics: Linux

Linux: Article

Who Owns Unix?

Who Owns Unix?

In response to the SCO lawsuit, Eric (with consultant Rob Landley) wrote the "OSI Position Paper on the SCO-vs.-IBM Complaint." This position paper addresses in detail SCO's claims of intellectual property ownership over Linux. The paper has been widely read and is considered by many to be the best analysis of the topic available. In short, the paper addresses the question, "Who owns Unix?".

LWM was able to catch up with Eric on the day of the Novell announcement that SCO did not own the patents or copyrights to Unix.

LWM: In a nutshell, what exactly is SCO trying to do?
esr: What they were trying to do, I think, was shake IBM down for a payoff or a buyout offer. That has blown up in their face, especially now that Novell has made a public statement that all but accuses SCO of lying about the disposition of the IP. But now they have to play this losing hand out to the end - because admitting that they knew they didn't have a real case to begin with might land their management in jail for fraud and harassment.

LWM: So tell me about the position paper you developed. Why did you and Rob Landley write it?
esr: I was trying to do two things really. One, I was trying to give IBM ammunition. Two, I knew the open source community would have to respond to SCO's attack sooner or later, and that it would be better if it was sooner - before SCO's propaganda (if any) had time to take hold.

But part of why I was upset didn't have anything to do with Linux. I'm actually an old Unix developer - back to 1982. I wasn't one of the original developers of Unix (though I've contributed code to Linux and the BSD Unixes), but I know those guys and they know me. The SCO complaint was insulting. It was SCO claiming that they owned all the code that we wrote - and then using that claim to harm Linux.

LWM: What's happening with your "No Secrets" effort?
esr: I'm trying to prove that the proprietary Unix vendors don't have any trade secrets. Right now I have enough people willing to sign affidavits about having uncontrolled read access to Unix source code that I can show there's been a pervasive failure to enforce even the minimum level of nondisclosure required to maintain trade secrecy. Thousands of people who have seen the Unix source code were never under nondisclosure. This is the kind of evidence that destroys trade-secrecy status.

If SCO continues, I'll get enough signed affidavits to prove that they have no trade secrets.

This is also an attempt to send a powerful message to potential future litigants: it's not safe to mess with the open source community because we can bite back.

LWM: And what is IBM's position on all this?
esr: You'll have to ask IBM that. I'm their ally in this, not their spokesperson.

LWM: For readers who may be unfamiliar with your work in this area, can you share some of your background with open source and Linux?
esr: I wrote the foundational paper on open source development, ran the meeting where the term "open source" was invented, and have been one of the community's principal ambassadors to the rest of the world for the last five years. I am the president of the Open Source Initiative, one of the community's two leading advocacy organizations.

LWM: What is the position of the Open Source Initiative on this issue?
esr: We believe SCO's claims are utterly without merit. In much of their complaint they seem to be, plainly and simply, lying through their teeth. We have published a detailed rebuttal at www.opensource.org/sco-vs-ibm.html. It looks even stronger than it did in light of Novell publicly announcing that they, not SCO, own the Unix patents.

LWM: So, who owns Unix?
esr: Legally, it's very unclear. Novell holds the patents. The OpenGroup owns the trademark. The copyrights are in some weird limbo - first Novell came out and said they owned them, but SCO now claims to own them under the terms of Caldera's deal with Novell and Novell is keeping mum. The one thing we do know is that the transfer of the copyrights (if any) was never recorded with the U.S. Patent and Trademark Office. That has interesting legal implications, and may be the reason SCO hasn't come out and made an explicit copyright-infringement claim in the lawsuit.

Ethically, OSI's position is that Unix belongs to the distributed development community that wrote it. SCO's threats broke the tacit understanding that kept us from asserting this for 30 years. It used to be that we agreed not to fuss over the fact that AT&T or Unix Systems Labs or Novell or SCO were claiming to own the code as long as they agreed not to fuss over the fact that every senior Unix developer had a technically illicit copy of the source code in his hip pocket.

Everybody took code from everybody. AT&T used Berkeley and Xenix code and got called on it during a 1993 lawsuit. Truth is, the rights picture is so tangled that nobody's theory of ownership would stand close scrutiny of the source code's history. The law of intellectual property doesn't handle this kind of situation well. The equitable thing to do would be to just give up, throw it open, and admit it belongs to the hackers.

LWM: What do you see as the potential downside risk for companies using Linux? Will SCO try to sue everybody?
esr: The risk dropped to zero last May 28 with Novell's announcements. SCO's response (http://biz.yahoo.com/prnews/030528/law059_1.html) basically admitted they've got no grounds to sue anybody but IBM.

SCO have since changed their minds, but I think this is just bluster. Furthermore, the various lawyers I've talked with agree that it's just bluster. When you think you have a strong case in court, you don't fight it in the media. SCO would scare me worse of they weren't huffing and puffing.

LWM: If you were a manager in a company considering using Linux for a first project, would this lawsuit impact your decision to give Linux a try?
esr: Not at all. Ignoring the occasional FUD storm is part of the job.

LWM: In your book The Cathedral and the Bazaar you describe the Linux development process as being like a bazaar, where all kinds of people with all kinds of interests are developing different pieces. Is Linux development still that way? How has it changed?
esr: If it has changed, it has changed by becoming more conscious and better organized. I played a part in that by giving people language with which to reflect on what they're doing.

LWM: What do you think will happen with this suit? Any idea how long it might be before it becomes clear what's going to happen?
esr: They can't win, not in front of a judge with any brain cells operating - and the word on His Honor Dale Kimball is that he's a sharp guy. Timeframe? Who knows. These things can drag on for years.

LWM: How can the Linux community ensure that Linux stays free of IP claims in the future? Can there be a process instituted that ensures this doesn't happen again?
esr: See my "No Secrets" page for an example of what network activism can do (www.catb.org/~esr). I've collected nearly 100 responses, with at least 40 people willing to sign affidavits. I think we can prove that there are no trade secrets in Linux. I think we can use the same methods to turn up prior art in patents cases.

LWM: Switching gears a bit, in the IBM -v- SCO analysis on the OSI Web site (www.opensource.org/sco-vs-ibm.html), you referred to a "seismic shift" occuring right now in the software industry. Can you explain what you meant?
esr: I already have. Readers should go to www.opensource.org/sco-vs-ibm.html#seismic for the story.

LWM: Will all applications eventually be open sourced? Which kinds might not?
esr: I don't think it will be all - there are economic circumstances in which closed source makes sense, though they're not common. I think "most" is a fairly safe bet, though. I've discussed this at length in my paper "The Magic Cauldron."

LWM: What will the software industry look like in five years?
esr: A lot like the legal profession does now, I think. Independent software firms will be like law firms, partnership organizations of professionals. Other programmers will work in-house at corporations the way that corporate lawyers do now. Programmers in general will be operating from a common open source base; secrecy will be a feature mainly of legacy software.

Regarding outsourcing and offshore development - one thing you can't outsource is getting inside a customer's mind. You can't move face-to-face, person-to-person communications and design offshore. You can outsource cookie-cutter code, but I predict a lot of companies are going to discover they're paying for large portions of code that don't match their requirements.

One of the things we know is that the most effective ways of writing software involve a series of interactions - a succession of prototypes - using continuous feedback. You can't do that if your customer's in Teaneck, New Jersey, and your developers are in Bangalore.

About Eric S. Raymond
Eric S. Raymond is an observer-participant anthropologist in the Internet hacker culture. His research has helped explain the decentralized open source model of software development that has proven so effective in the evolution of the Internet. His own software projects include one of the Internet's most widely used e-mail transport programs.

More Stories By Kevin Bedell

Kevin Bedell, one of the founding editors of Linux.SYS-CON.com, writes and speaks frequently on Linux and open source. He is the director of consulting and training for Black Duck Software.

Comments (3) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
Tim Gwyther 02/26/04 10:13:15 AM EST

So who really owns Unix?

Chuck Talk 09/29/03 08:32:30 PM EDT

Unix is a trademark of the Open group, and is a set of specifications which SCO holds nothing on. Who owns UNIX? Not SCO.

Autosea 09/27/03 09:20:39 AM EDT

Unix belongs to everyone who has made contributions to it.

@ThingsExpo Stories
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
Cultural, regulatory, environmental, political and economic (CREPE) conditions over the past decade are creating cross-industry solution spaces that require processes and technologies from both the Internet of Things (IoT), and Data Management and Analytics (DMA). These solution spaces are evolving into Sensor Analytics Ecosystems (SAE) that represent significant new opportunities for organizations of all types. Public Utilities throughout the world, providing electricity, natural gas and water, are pursuing SmartGrid initiatives that represent one of the more mature examples of SAE. We have s...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it's a mix of architectural styles ...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrategies, will examine why IT must finally fulfill its role in support of its SBUs or face a new round of...
One of the biggest challenges when developing connected devices is identifying user value and delivering it through successful user experiences. In his session at Internet of @ThingsExpo, Mike Kuniavsky, Principal Scientist, Innovation Services at PARC, described an IoT-specific approach to user experience design that combines approaches from interaction design, industrial design and service design to create experiences that go beyond simple connected gadgets to create lasting, multi-device experiences grounded in people's real needs and desires.
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With "smart" appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user's habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps, abiding by privacy concerns and making the concept a reality. These challenges can't be addressed w...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. According to a recent IDG Research Services Survey this rate of traffic will only grow. What's driving t...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective storage designed to handle the massive surge in back-end data in a world where timely analytics is e...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will want to use their existing identities, but these will have credentials already that are (hopefully) i...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect at Hookflash, will walk through the shifting landscape of traditional telephone and voice services ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, described how to revolutioniz...
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from hardware to software, or as we like to say, it’s an Internet of many different things. The difference ...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.