Hacker News .hnnew | past | comments | ask | show | jobs | submitlogin
OpenLava under IBM attack (groups.google.com)
208 points by BuuQu9hu on Dec 19, 2016 | hide | past | favorite | 42 comments


I dunno. I've known IBM's primary copyright counsel (Terry Ilardi) for many years, and he's very friendly to open source (and very smart).

I suspect there is more to this story than meets the eye.

Reading the reddit, etc, it's really unclear what the history is. I read the DMCA request, which seems straightfoward, and the counternotice, which reads like someone who probably shoudl have consulted a lawyer (it makes legal claims about their non-disclosure/etc obligations) :P

Even looking at wikipedia, it looks ... complicated https://en.wikipedia.org/wiki/Platform_LSF)

Given a counternotice was filed, it's also not clear what is getting shutdown and why (IE lack of details), etc.

Lot of panic, little details.


That doesn't square with Shawn Starr's statement. He worked at Platform Computing before the IBM acquisition. Part of their code was packaged for Linux and relicensed as GPLv2 in partnership with RedHat. All OpenLava work as been based on that GPL'd code and developed in the open.

Unless you're claiming the Platform Computing partnership with RedHat was unauthorized and somehow concluded without management approval it would appear IBM doesn't have a leg to stand on. The history of OpenLAVA used to be available for everyone to see, though thanks to Ilardi's team that is no longer true.


"That doesn't square with Shawn Starr's statement." It actually does, because there is nothing anywhere, that gives enough detail to say anything really.

There are a lot of claims, but not a lot of facts. Shawn says he was authorized to package something under the GPLv2. The rest is just opinion. For example, you have no idea what any of the IP agreements involved said.

Seriously. IBM is generally too meticulous, and not stupid enough, to be in a situation where they have no leg to stand on.

They were the ones who went through hundreds of thousands of pages of documents to prove SCO didn't own the copyright.

I think it's a bit naive to, based on a statement from one guy who did some packaging work, that IBM has no leg to stand on.

In fact, a bit of Googling turns up a counterpoint: http://www.law360.com/articles/850910/ibm-sues-startup-for-a...

Note: IBM claims some IBMers stole code when they left IBM, and then illegally incorporated it later into the open source project. Not that the original code was not GPLv2'd validly.

Note also: David, the person making the claim here, works/worked (it's a bit hard to tell if he is still employed there) for the company IBM is suing.


> Seriously. IBM is generally too meticulous, and not stupid enough, to be in a situation where they have no leg to stand on.

Are you not familiar with IBM's history of shaking down smaller players?:

http://en.swpat.org/wiki/Sun_Microsystems_inc.#Paying_IBM_fo...


This is also consistent with the reddit comment here:

https://www.reddit.com/r/linux/comments/5j3mn2/ibm_is_trying...


That's because i wrote that comment :)


Why on earth would this get downvoted? It's one of the most substantial posts I've ever seen on any site, no exaggeration.


Fair enough, maybe it is all stolen code.


FWIW: IBM appears to have been fairly careful in the DMCA request. It only requests versions 3.0+ be taken down ("The Infringing Software, which includes each branch of "openlava" starting with at least version 3.0, is available at the following online locations:"). The code has been available on github since 1.0

So they most certainly have some specific set of code they think is taken.

See https://github.com/github/dmca/blob/master/2016/2016-10-17-I...


> I dunno. I've known IBM's primary copyright counsel (Terry Ilardi) for many years, and he's very friendly to open source (and very smart).

Apparently, you don't know him good enough.


This was the most interesting comment on that thread

   I need to step in here, 

   Considering *I* was the one who packaged Lava, the original sources are here:
https://spstarr.fedorapeople.org/ocs-rhhpc/trunk/src/kits/la...

   IBM has no right to claim nor any DMCA claim that can revoke this as we released this long before IBM bought the company and they bought the company afterf I had left Platform Computing.

   IBM has no standing to DMCA this source code if you forked it from my original RPMs we released.

   Thanks,

   Shawn


> What I also want to say is, if code added to OpenLava was proprietary from LSF then IBM has every right to sue. We only released authorized GPLv2 code and IBM from what the lawsuit says acknowledges this part. This code in question is legal and free to fork use and develop.


The court case documents are worth looking at before forming any opinions: https://www.unitedstatescourts.org/federal/nysd/463894/ (specifically https://www.unitedstatescourts.org/federal/nysd/463894/1-0.h...) -- it alleges that former LSF engineers joined teraproc after leaving IBM and took source code with them, as well as claiming teraproc went after IBM clients offering their managed cluster software for less money than LSF.

David Bigagli also says in the first post in that thread:

  IBM does not have a technical answer to OpenLava and to the benefit its users have. 
  They cannot articulate why their software is better than OpenLava for the money they charge for it. 
  IBM fears OpenLava because is does provide a better functionality than their own software and 
  that's why it can only reply with a lawsuit by hiring: 
  Kirkland & Ellis LLP.
Sounds like there might be slightly more to this than is outlined in comments.


From the timeline, I think Github is in breach of DMCA provisions. The project seemed to provide a proper, valid counter-notice[0].

Unless Github has been served with an an actual judicial injunction, then they should have restored the content after 10 days[1].

[0]: https://github.com/github/dmca/blob/master/2016/2016-11-07-I...

[1]: https://help.github.com/articles/guide-to-submitting-a-dmca-...


They _can_ restore the content, the provider is not obligated to.


Eagerly awaiting a response from the GH team. Assuming all the DMCA stuff was handled correctly they need to restore ASAP. How they handle this is (or should imo) be a very good yardstick for deciding if you want to host your FLOSS project with them, apart from the technical reasons.


Assuming all the DMCA stuff was handled correctly they need to restore ASAP.

They need to restore, but not ASAP, they must wait at least ten days, according to 17 U.S. Code § 512 (g) (2) (C): https://www.law.cornell.edu/uscode/text/17/512


The DMCA actually does state that they must restore the content within 10-14 days of receiving a valid counter notice. There is no clear penalty, but most service providers seem to comply.

(Edit: unless the copyright owner files an action, which may have been what happened here)


True, I guess open source projects are also not obligated to host on such a provider.

I'm assuming there are more details forthcoming. Have to wait and see.


FYI, the company in question is one of Github's largest (perhaps, the largest) enterprise customers.



Here's where IBM sued Teraproc for what they claim is incorporating stolen code into OpenLava; http://www.law360.com/articles/850910/ibm-sues-startup-for-a...

(AFAICT, they make no claim that openlava was not GPLv2'd validly, only that people later illegally put stolen IBM-owned code into it)



Never heard about OpenLava. But among the bad things, the good thing is that project just get promotion for free.


I couldn't find a link to the actual repo, here's the DMCA takedown https://github.com/openlava/openlava


The thing that worries me the most is that there is no public mirror of (important) OSS Github projects outside of the US, is there? It is all centralized in one place under one jurisdiction.


I'm not too concerned about that since git is intrinsically a decentralized model.

Even if github is gone, your local repos are still there and there's very little friction to migrate or push source code to other github alternatives.


Only if you use github just as a host for your repository. If you use all the other features it provides, migrating is much more difficult.


I have no experience in this but a quick Google search suggests that it is trivial to migrate GitHub issues to GitLab or JIRA:

https://docs.gitlab.com/ce/workflow/importing/import_project...

https://confluence.atlassian.com/adminjiraserver071/importin...


I rely right now on GitLab for political reasons.

How much in US jurisdiction are they? I do not live in USA and don't want to have anything with that country, specially don't want its long arm of IP law anywhere near me.


GitLab Inc is a US corporation: https://about.gitlab.com/2015/07/01/Operating-as-GitLab-Inc/

You might consider installing your own instance of GitLab hosted in a country that you prefer.


Right, the day before they pull your repo because of a spurious DMCA claim, it's trivial.


Sure, but you probably don't have them locally.




I copy some projects on my own gitlab. Hosted in UK and France, but non of them is public.


This stands out:

> IBM does not have a technical answer to OpenLava and to the benefit its users have.

> They cannot articulate why their software is better than OpenLava for the money they

> charge for it. IBM fears OpenLava because is does provide a better functionality than

> their own software and that's why it can only reply with a lawsuit by hiring:

> Kirkland & Ellis LLP.

As an emotional, rather than logical appeal. It doesn't matter how great OpenLava is if they have violated IBM's copyrights.


Naive question. The platform computing acquisition was fairly large IIRC. I keep seeing workload scheduling pop up in different places. Is this really a large market? I thought scheduling made sense in grid computing/HPC systems. Having trouble seeing the economic value here. Any comments on the market/business side would help this old hacker.


Can we get this changed to a less salacious title? The original thread is called "OpenLava under IBM attack".


I don't like either the current title "trying to bully". Is IBM bullying or not ?


Based on the little that is known, no.

There is an ongoing lawsuit over whether some commits to the project contained proprietary IBM code. IBM's claim is plausible, and the counterclaim seems awfully vague.

For example, from the founder:

> I have developed most of the OpenLava code and I have reviewed all contributions. All this development was done without access to any IBM code. All IBM claims regarding the source code are false and fabricated.

If you didn't author every line of code, but in at least some cases only reviewed the contributions, then you have no way of knowing whether IBM's claims are false or fabricated; the only way he'd be able to recognise IBM code is if he had access to that code to cross-check, which he also claims not to have.

It's not a very...convincing denial, is it?


if IBM can statically analyze the OSS software, why the hell the OSS side can't statically analyze the proprietary software to check the claims? (despite the difficulty to reverse engineer the code, if its binary)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: