For example, in January, a group of Groklaw regulars published an exhaustive examination of a set of files in Unix System V called the Application Binary Interface; the team looked at the legal and technical history of these files, as well as SCO's role in their development, in order to determine whether SCO could reasonably sue others for using the ABI files. Their conclusion: "I think you will see from this article alone that if SCO is planning to sue anyone over the ABI files, unless there are facts we haven't unearthed, they seem to be leaning on a rickety bamboo reed."

"I couldn't do that definitive research without the community," says Pamela Jones. "I don't think IBM could either, for that matter. I believe we have established that there is no point in SCO pursuing the ABI files."

Jones has been praised by just about everyone in the open-source world for her efforts to undermine SCO. Linus Torvalds, the creator of Linux, has said that Groklaw shows "how the open-source ideals end up working in the legal arena, too, and I think that has been very useful and made a few people sit up and notice." Bruce Perens calls Jones "paralegal to the world." Clay Shirky, the influential tech pundit, points out that "Groklaw may also be affecting the case in the courts, by helping IBM with a distributed discovery effort that they, IBM, could never accomplish on their own, no matter how many lawyers they throw at it."

About the only party not happy with Groklaw is SCO. The firm's CEO, Darl McBride, has publicly accused IBM of secretly funding Groklaw (Pamela Jones denies this.) In an interview with Salon, Blake Stowell, a spokesman for the firm, dismissed the idea that Groklaw can be a source for well-researched insight into the SCO case; in his view, much of what goes on at Groklaw is unabashed SCO-bashing. "One of Groklaw's biggest roles is to provide an opinion," Stowell said. "I think they have been successful in having an awful lot of people come to their site to gain an opinion on things. But it's a very one-sided opinion, and if that's the only thing that people read to gain an opinion on things they're getting a very one-sided view." Stowell doesn't think that Groklaw has uncovered anything of lasting import legally. "I don't think they've influenced at all what we've done in our lawsuit," he said.

Reading through Groklaw, it's certainly easy to see Stowell's point. You'd be hard-pressed to find a pro-SCO word on the site, and, as on Slashdot or any other discussion board, "there's a lot of chatter and noise in the comments," notes Don Marti, of Linux Journal. But it's also true that readers of Groklaw often point to valuable primary sources of new information concerning complex legal controversies, Marti says, and for a lawyer looking into Linux, these resources are probably very helpful.

It's this aspect of Groklaw that attracted Egger, of OSRM. One part of establishing Linux's legality in order to offer insurance for it, Egger says, is sorting out the complicated legacy of Unix; Egger considered Groklaw the perfect forum to conduct this research. "The history of Unix is very tangled and confused," Egger says. Anybody who owns a bit of Unix can say, "There's something in Linux that is similar, so I'm going to sue!"

That's what SCO did, Egger says, "and if SCO can do this, there are about 30 other Unix product lines besides the ones that are in dispute in the SCO case, and we better find out what happened to those, who owns them and what happened to them." Through OSRM, Egger will fund part of Jones' work on building this "Unix timeline," but all of the information the project digs up will be given to the public domain, Egger says. The timeline project will also include the work of hundreds of volunteers who asked to help after Jones announced it on Groklaw. In an article to be published in a forthcoming issue of Linux Journal, Jones says that the volunteers include "most of the published historians of Unix and many of the people who actually contributed to Unix in the first place." She adds that one Groklaw reader has called her "the maintainer of the Linux anti-lawsuit kernel," which Jones says is a "good description of what our project is all about."

The core of the Linux operating system -- the "kernel" -- is made up of millions of lines of code written by programmers of varying ethical and professional obligations; it is not a piece of software designed to satisfy lawyers, as is probably the case with much of the code written at proprietary firms, but instead to satisfy developers. So how can OSRM ever be sure enough of what's inside Linux -- and of where it came from -- to offer insurance for the system? Egger says that the company has launched an extensive "certification process" of the operating system. The process is labor intensive, but, he says, not all that difficult.

"We look at the origin of the code and make sure it was written by reputable people," he says. "We make sure we know they weren't involved in litigation, and that the companies they worked for agree that they were authorized to contribute this code to Linux. So we look at who wrote the code and what documentation there is around that." OSRM also maintains a "huge database" of both proprietary and open code from other software, Egger says, and the company is comparing that code with the Linux code "to look for possible copying." The company has not yet completed its certification of Linux, but so far, Egger says, "I have not found anything that would cause me to be concerned -- it looks very, very clean." But Egger adds that if he did find something, "we wouldn't tell you -- we would just quietly work with the developers to fix it."

Egger considers this part of the process key to the success of OSRM. There are probably some in the open-source community who look askance at Egger's project; part of the business of selling insurance for a product, after all, is convincing customers that there's a risk associated with using that product, and many open-source developers don't think there's anything risky about using Linux. But Egger insists that he's not looking to profit from weaknesses in Linux -- and, indeed, he says he'll do everything he can to work with Linux developers to make the system safe from legal attacks. "We'll quietly identify places where better documentation, a better record will reduce the risk of future litigation," he says. "We call it 'papering the kernel.' We're engaged in these activities at a very high level. That's the value of insurance companies -- we're involved with the community in risk mitigation activities, in developing best practices for reducing exposure, and in proactive research." All of this, he says, makes Linux safer.

And slowly, fans of open-source software -- even the ones who think SCO's claims are bogus -- are coming around to the idea that Linux has got to be made safer from third-party infringement suits. Last year, Pamela Jones was somewhat skeptical of the idea that open-source software needed legal protection; now, she's changed her mind. "I haven't changed my mind about the strength of the GPL, [GNU General Public License] which is what really protects you," she notes. "But I became convinced, when I saw the stock price shooting up, that there will be copycat SCOs. I know my business enough to know that it is pretty much inevitable. Nuisance lawsuits are a fact of life. How do you protect against that threat?" OSRM, she says, offered "a way for the community to fight and win against future nuisance lawsuits ... Nuisance lawsuits will come. So we must be realistic."

Then Jones added this analogy: "When you buy insurance for your car, is it because you don't trust the workmanship or have doubts if Ford had the rights to the machinery that built it? Or is it because you realistically know there are bad people in the world who might steal your car or your radio or scratch your windshield by throwing a rock at your car?

"It's the same with software. There's nothing dangerous about GNU/Linux software. What you need protection from is people, bad people."

Recent Stories