Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/3/84; site maynard.UUCP Path: utzoo!linus!alliant!maynard!campbell From: campbell@maynard.UUCP (Larry Campbell) Newsgroups: net.unix,net.lang,net.legal Subject: Re: Are any parts of UNIX in public domain? Message-ID: <282@maynard.UUCP> Date: Sat, 12-Apr-86 12:29:57 EST Article-I.D.: maynard.282 Posted: Sat Apr 12 12:29:57 1986 Date-Received: Sun, 13-Apr-86 08:46:45 EST References: <481@batcomputer.TN.CORNELL.EDU> <518@looking.UUCP> <2437@teddy.UUCP> <755@ccird2.UUCP> Organization: The Boston Software Works Inc., Maynard, MA Lines: 74 Xref: linus net.unix:6986 net.lang:2093 net.legal:2969 This article contains some misconceptions. > In the case of GNUemacs, there is a long "copyright but public > domain" notice. In this case, the author has proof that he > owns the property, but he is explicitly putting it in public > domain. In fact, the author explicitly requests that this > "public domain notice" not be removed as a condition of publication. > He has the right to do this because he owns the copyright. Something can NOT be both copyrighted and public domain. The terms are antonymous. GNU probably says "copyrighted but you're allowed to copy (subject to certain conditions)." If they use the phrase "public domain", they've probably jeopardized their copyright. > Perhaps AT&T believed that "trade secrets" was the better way to > protect themselves under the circumstances. The formula for > Coca-Cola is a well protected trade secret, but others may discover > the secret, and unless they have been covered by a non-disclosure > agreement, they can use the formula. In fact, this has happened > several times, and Coke has had to change the formula so that their > competitor can't say "it tastes just like Coke". > > If Cornell had a non-disclosure agreement and let a student or > faculty member who had not signed a similar agreement see the source, > Cornel would have been in violation of their AT&T contract. If > a "hacker" broke into Cornel's computer and "ftp'd" the source > to his PC, the only protection would be a copyright notice. AT&T has long used trade secret law to protect UNIX sources. Prior to the copyright act of 1979 (and maybe even still today), putting a copyright notice in source code would have indicated intent to publish. Published works by definition cannot be trade secrets. For something to be a trade secret, you have to try to keep it secret. Now, if Cornell had a guest account with no (or an obvious) password, which had read access to the sources, then Cornell would be at fault and liable for damages. On the other hand, if Cornell took reasonable steps to insure system security and the hacker had to go to great lengths to get the sources, then the hacker would be at fault. The key is whether reasonable steps were taken to protect the trade secret, and whether the hacker could reasonably have known that he was not supposed to have access to the sources. Obviously if a burglar breaks into your locked office and makes off with source listings, the law will not consider it your fault. But if you leave the door unlocked with a sign on it reading "Juicy trade secrets in the 3rd drawer, help yourself" (or maybe just "UNIX development group") then you can't plead innocence when someone helps themselves. As with any question involving human behavior and morality, there are many shades of grey. Suppose the hacker accidentally acquired privileges -- let's say someone logged in as root then hung up but the job didn't get logged out, so the hacker dialed straight in to a logged in root job. Is this Cornell's fault or the hackers? Not clear. If it could be proved that the hacker KNEW he wasn't supposed to have access to the sources, then it's probably his fault. On the other hand, if the root users at Cornell knew about this bug and just hadn't bothered to fix it -- then it's probably Cornell's fault. That's why we have judges and juries and appeals processes -- because there is often no hard and fast way to determine who is really at fault. The bottom line, though, is that if you know or have reason to believe the software is proprietary, then you'd better not disclose without checking with the owner -- in this case, AT&T. To be more specific, if you're not sure about yacc and lex, then ASK THE PROBABLE OWNER -- AT&T. If they say "proprietary" then you'd better assume it's proprietary, or hire a damn good lawyer. I don't know about you, but I'd rather play it on the safe side than tangle with AT&T's legal staff. -- Larry Campbell The Boston Software Works, Inc. ARPA: maynard.UUCP:campbell@harvard.ARPA 120 Fulton Street UUCP: {harvard,cbosgd}!wjh12!maynard!campbell Boston MA 02109