[Linux-aus] Flame Of The Week: John Parkinson on CIO.com

Leon Brooks leon at cyberknights.com.au
Sat Jul 5 20:28:02 UTC 2003

John Parkinson wrote the article, Tim Horgan is CIO's Webmaster, Vice 
President of Technology and Executive Director, Christopher Koch is 
Senior Editor of CIO (other pages report his address as ckoch at cio.com 
but I got no bounce).

For your amusement:

----------  Forward; originally to John & CIO  ----------

Subject: PLEASE do some real research before sounding off!
Date: Thu, 3 Jul 2003 18:17
From: Leon Brooks <leon at cyberknights.com.au>
To: john.parkinson at cgey.com
Cc: thorgan at cio.com, koch at cio.com, letters at lwn.net

Dear John

Quoting http://www.cio.com/archive/070103/et_pundit.html -

> Second, a lot of the intellectual property in Linux is actually
> owned by companies that never officially agreed to make it
> available under an open-source license.

I'd like to see it named. If it is *ever* named, I can promise you it
will be replaced with dizzying speed. The SCO Group (TSG, they are not
The Santa Cruz Operation) won't tell us which of the IP they claim as
their own supposedly is contained in Linux.

Mind you, TSG are claiming that everything since Babbage and Lovelace
is conceptually included in their flavour of UNIX, which they have
some licencing rights to (no patents, no trademark rights, and no
official copyrights) and therefore they own everyone's OS, even

Please, since you're obviously clear on what IP is involved, identify
it for us so that we can wash our hands of it!

We play our cards with an open hand, John Parkinson. Everybody can see
everything on our table. It makes no sense at all for us to steal code
from anybody, because we know that it's out there for them to see,
inspect, cross-reference, search, compare.

If TSG had any real evidence of plagiarism, they need only show it to
us and it's gone, rewritten in a flash. The fact that they have so
totally sanitised the handful of "evidence" so far seen (under NDA)
that it can't possibly be identified among the 3 or 4 million lines of
code in Linux speaks volumes for the weakness of their case.

I would expect TSG to sue people, and so should you - *if* you had done
any serious research. Darl McBride has a history of being a suer, and
The Canopy Group (the effective owners of TSG) are long-time suers too.
If not Linux companies, then someone else.

Their barratry is against IBM alone, not any other Linux company or
user, and it's over contractual limitations, not over patents or
copyrights. TSG are disputing software that they never wrote.

> But there are others, including Microsoft, that could do the same
> if they chose.

Yes, Microsoft are certainly at liberty to sue - but over what?

Microsoft's NT-series code-base is derived from MICA, a Vax/VMS variant
so totally different to Linux even before it became MS-Windows that it
would be much easier to write a new component from scratch than to try
bending MS-Windows code to fit Linux. MS-Windows is alien to everything
else. Linux, OS X, BeOS, Irix, FreeBSD all have more practices in
common between them than MS-Windows has with anything else.

It's worth noting that VMS features military-grade security which can
be enabled with very little effort, but MS-Windows NT and derivatives
are notorious for their lack of security (to say nothing of MS-Windows
9X). Many of my own customers asked me to install Linux for them
specifically because they knew it was more secure and robust than the
MS-Windows systems they had previously been using.

> Open-source software is free in the sense of "free speech"
> (which carries with it the connotations of certain rights
> and obligations), not "free ride" (which implies something
> for nothing).

It can be both. The whole concept of price is a bit outdated when
applied to Free/Open Source Software (FOSS). Someone who writes and
releases FOSS can be "paid" in fame, in people improving his/her
software for free, in people writing and improving related software for
free, in work that was previously unavailable, in many ways.

For the company employing FOSS, the up-front cost can make a
significant difference, and despite the many other advantages of FOSS
it is often cited as the primary reason for adoption. But the real
advantages of FOSS lie elsewhere, and the bigger ones are implicit in
not being owned by a company. Microsoft's software, for example, can
never enjoy these benefits to the same degree.

When a Microsoft employee writes software, it is Microsoft's software,
not his/her own. When a FOSS programmer writes software, (s)he owns it.
This one factor makes an enormous difference to the quality of product
and responsiveness of support as viewed by the end user.

When a program is FOSS, somebody else can audit it for security flaws
or useability, and change things to see what effect it has. This is
much more effective than a company doing its own auditing, since the
auditor brings very little of the author's corporate culture to the
table with them; they test things in different and unexpected ways and
so find more flaws.

When a program is FOSS, the authors are not as isolated from the end
users as they are in a corporation. The feedback loop is so tight that
it squeaks. When their program fails, the authors hear about it
directly. They are often able to ask detailed questions on the spot
that an ex-waiter with a tech-support knowledge base would never even
think of.

When a program is FOSS, there's no doubt or prevarication about how it
achieves any particular task. As well as debug-and-trace on a program
that you're trying to get interoperating with it, you have complete
access to the FOSS program for step-by-step and fine-grained diagnoses.
And of course no point in mystery protocols or proprietary barnacles
like lumps of binary amid one's XML.

If you want to learn about how a program, process or protocol works,
you have a working practical real-world example before you to tweak
and prod to your heart's content.

Nobody can force you to upgrade a FOSS program or accept new,
intrusive, insecure, unstable or dangerous features of it; the same
cannot be said of software with something to hide.

There are many, many ways besides the obvious ones in which FOSS saves
you money, not just up front but also in TCO. Many of the TCO studies
that I've seen do not even address these, yet time and time again I've
seen an attribute peculiar to FOSS save an office several thousand
dollars in consultancy time in ways that secret software could not.

> By my count, Red Hat issued more critical patches to its Linux
> distribution in 2002 than did Microsoft for the Windows 2000
> Server.

Which of RedHat's many Linux distributions? Did you remember to also
count the patches for MS-SQL Server, MS-Office, MS-Exchange,
MS-Outlook, Microsoft's games and so on?

Most modern Linux distributions include at least two each of SQL
database servers, web servers, FTP servers, full-strength mail transfer
agents, office suites, web browsers, email clients, instant messenger
clients, multimedia players, integrated development environments, the
list is endless. If Microsoft sold a CAD package, we'd even have
something to compare patches with against with QCAD and friends.

More information about the linux-aus mailing list