SCO's lawsuit against IBM and SCO's demanding money from companies using Linux has caused some using Linux to worry that this wonderful "too good to be true" operating system may be too good to be true. Perhaps Linux really did have stolen intellectual property, or IP, that was owned by SCO either by copyright or trade secret statute. SCO's initial refusal to reveal the alleged stolen Unix code in Linux made it impossible to prove or disprove their claim. Their continued refusal got everyone quite worried and I even have had a client ask me about his risk in continuing to use Linux for his firewalls and servers.

Fortunately, SCO finally chose to show some of their claim as people were starting to doubt that they "had" anything. This was done at SCOforum on 18 August 2003 to convince SCO's dwindling customer base that they are king of the Unix and Linux world. During a presentation SCO showed slides with two columns, the first column had Linux code and the second column had Unix code. In some of the examples, SCO wanted to "maintain its trade secrets" and so displayed the code in the greek character set. This was almost as clever as Adobe using ROT13 as an encryption algorithm. It was "cracked" by researchers just as fast.

SCO did demonstrate that some sequences of source code were found both in SCO Unix and in the Linux 2.5 kernel. It took less than a day for researchers to trace the code further. Some of the code was from ancient versions of Unix that previously had been released into the public domain. This means that while SCO had the right to include it in their Unix code, the Linux community also had the right to include it in Linux with no consideration to SCO. Oops.


It turns out that the code was not added to Linux by IBM nor Sequent, which IBM later acquired. Oops again. Actually, this would not absolve IBM from any liability but it would reduce the amount of damages by a possible unintentional use of standard Linux code if it contained stolen code. However, since the code is public domain there is no claim by SCO against IBM. The code is public domain both because SCO declared it so and because a U.S. Federal judge stated in 1993 that he doubted that AT&T had an legitimate copyright claim to the bulk of the Unix code due to its failure to put a copyright notice in the code -- don't try this at home as the law for newly created works no longer requires the notice.

But wait. There's more. Some of the other examples of "SCO Unix code" turned out to have originated in the Berkeley Unix code. This code was copyrighted -- by the Regents of the University of California. SCO programmers stripped this copyright out before "dropping" this code into SCO Unix.