Wired.com has a story about the O-Reilly peer-to-peer conference this week, asking people like Ian Clarke, “the brash, young, P2P-evangelizing founder of Freenet, a
still-in-development P2P network,” about the future of P2P. He says: “The music industry did not win this. They may have won the battle, but
the collateral damage — in terms of fan loyalty, etc. — was substantial, so much that I doubt they’d ever
do something like this again.”

From a column at ZDNet: “This week I was busy rebuilding my Linux desktop. That’s right — I am a member of that
supposedly rare species, the Linux desktop user. In three years, I’ve never had to do anything
as rash as a complete system backup, wipe, and reinstall — a yearly or semi-yearly necessity
in my Windows days. But that’s what it had come to.”

Posted at InternetWire: You should be aware that class action complaints involving the securities of the above companies (including VA Linux, NewsForge’s parent company) were
filed on behalf of investors by the law firm of Milberg Weiss Bershad Hynes & Lerach LLP (“Milberg
Weiss”), often in cooperation with other major experienced securities firms.

From the humor site, Segfault (remember, it’s humor): “As Chief Architech for MSN R&D, I must finally answer, clearify and perhaps offer appropriate
solutions to the dangers involved in running Linux on AMD processors. Many concerned customers
have written statements similar to the following: ‘Lately, I have heard many… things about linux in
the news. But, is it true that Linux can cause damage to AMD Athlon chips?’ ”

– By Grant Gross –
Updated 6:56 p.m. EST –
Tatu Ylönen, who’s asked OpenSSH to change its name because he claims to own the trademark to SSH, says he’s making the demand now because the project has “only become more visible during the last months.”

Ylönen, chairman and CTO of SSH Communications Security Corp., says his actions are prompted by recent confusion over the difference between his company’s product and OpenSSH. (See part one of the story. Also, Ylönen released a statement and proposal Friday morning.)

“I have recently seen a significant increase in e-mails confusing the meaning of the SSH mark,” Ylönen wrote early Thursday. “…have also come to suspect if some of
the OpenSSH people may have been intentionally trying to confuse and misrepresent the meaning of the SSH mark.”

Theo de Raadt, one of the leaders of the 2-year-old OpenSSH project, said the team isn’t attempting to blur the lines at all; it’s simply touting its work as a high-quality SSH implementation.

Update: The OpenSSH project received legal papers from SSH Communications Security’s lawyers Thursday.

In addition, Bill Sommerfield, chairman of the Internet Engineering Task Force Secure Shell working group attempting to produce an open standard for SSH, said a name change for OpenSSH would slow the group’s work, although he couldn’t predict how the working group would respond to the trademark controversy.

“The working group has been making steady progress and … we were in the middle of the working group’s ‘last call’ period on the core Secure Shell protocol documents when I first received word of the dispute,” he said. “Needless to say, added delay in the standards process does not help the end user.”

de Raadt’s team based OpenSSH on a 1995 license written by Ylönen that says in part, “the code I have written for this software can be used freely for any purpose.” de Raadt argues that this is the first time Ylönen’s company has pressed its trademark since receiving it in 1996. The OpenSSH Web site lists more than a half dozen other versions of SSH that he says haven’t heard from Ylönen.

Two authors of other popular SSH products posted messages at securepoint.com Wednesday, saying Ylönen hasn’t moved to halt their use of the SSH name.

Ian Goldberg, author of Top Gun ssh for the Palm Pilot, wrote that he exchanged email with Ylönen and others at SSH Communications Security in the summer of 1997. “Tatu even asked me if I’d be willing to do an implementation of the 2.0 protocol,” Goldberg wrote. “No one ever asked me to not use the ‘ssh’ name in the program title.”

Robert O’Callahan, who released Teraterm SSH for Windows in 1998, wrote that several universities have distributed his product to their students, and it’s been distributed on CD software collections, including with the book “Unix Secure Shell.” He said he’s never heard from SSH Communications Security about a trademark violation.

But Ylönen insists that his company has consistently claimed SSH as a trade mark since early 1996, saying companies such as Van Dyke and F-Secure SSH have acknowledged the trademark. F-Secure SSH, a value-added reseller of SSH Communications Security pays a royalty for use of the name, he said.

“All this time our policy has been that the trademarks cannot be used by others without a proper acknowledgment, and cannot be used in product names without a special license from us,” he said.

“We have enforced it against all significant players in the field,” he added. “We have not felt it appropriate to go after every random web page or the various non-commercial student projects done at universities.”

de Raadt cites U.S. trademark law that requires owners of trademarks to notify violators immediately. A trademark lawyer said U.S. law goes so far as to require trademark holders to check regularly for violators, or risk their trademarks becoming “genericized,” and de Raadt argues that Ylönen would have to be living under a rock not to be aware of OpenSSH before now. OpenSSH, released in December 1999 and in use before that, was used by more than 17 percent of all SSH users earlier this month, according to a study published on the University of Alberta Web site.

“Trademarks may not be attacked on a popularity basis,” de Raadt said. “All must be vigorously attacked at the first sign of existence.”

In addition to contacting OpenSSH this week, Ylönen says he sent an open letter to Niels Provos, an OpenSSH contributor and author of ScanSSH, through bugtraq list at securityfocus.com. Provos said he didn’t see that letter until it was published on NewsForge, but it may have been moderated off the list as being off topic.

Provos says he named his program ScanSSH, a protocol scanner that’s been around since last summer, because that’s what it does, scan for versions of SSH used on a machine.

Provos guesses that Ylönen is getting pressure from stockholders after SSH Communications Security went public in Finland within the last three months. “OpenSSH has become very popular, which we like, because we put lots of work into it,” he said. “I think it seems to them that OpenSSH is a threat to the profits.”

Ylönen didn’t respond to a question about pressure from stockholders.

Provos said he had hoped the two sides could find a resolution behind the scenes, to prevent Ylönen from losing face, before the corporate executive posted a letter to the the OpenSSH developers list Wednesday. “Many people do not have that much respect for Tatu anymore now that they’ve seen his motivation.”

The OpenSSH team also questions whether the trademark on the SSH name is actually valid in the United States, saying the trademark actually refers to a picture containing the letters “ssh,” not a series of letters “ssh.” Ylönen contends that the trademark on the name is valid.

Ylönen said he’s not sure of his next step if the OpenSSH team doesn’t back down. “I have tried to be polite, stick to facts, and reason with everyone,” he said. “I hope that we can find a solution that will cause minimal disruption in the network security community and will also allow us to protect our trademark rights. It would be shame if this issue escalated to something that damages everyone.”

NewsForge editors read and respond to comments
posted on our discussion
page.

Simon Cozens writes: “Remember back last summer when we announced that the Perl 6 project had
begin? Ever wondered where it’s got to now? Each week, I’ll be producing
a summary of what’s been happening on the Perl 6 development mailing
lists. It’ll be hosted at www.perl.com and you can get to this week’s
summary there. You can also subscribe to the digest mailing
list to automatically receive the summary by mail each week.”

Free OS has a how-to piece about upgrading to 2.4.x, “The biggest addition comes in the form of the much-publicized support for the
Itanium, Intel’s 64bit processor. While the processor itself is slated for release later
this year, the present support allows users to easily migrate to a 64bit processor
and take full advantage of the processor’s architecture. For home users, the IA64
support doesn’t mean much as it will take time for prices to come down and become
affordable. Additionally, support for IBM S/390 systems has also been added.”

The Standard seems uninspired by the Department of Justice’s new probe of Microsoft. “The theory: Microsoft’s
investment in Corel, which produces WordPerfect and
CorelDRAW, could reduce competition in the markets for office
software packages, said the Journal’s John Wilke. Corel also
makes software for Linux but, soon after Microsoft’s
investment, decided to stop distributing its version of the
operating system. Hmm. The Journal also said the DOJ is
looking into Microsoft’s pending buyout of Great Plains
Software (GPSI).”

LWN.net has it posted. Items include information about CPRM (Content Protection for Recordable Media), the system for enforcing
copy protection on personal computers. “The basic idea is to enforce
digital rights management — copy-prevention, limited use, whatever — in
electronic media.”

InfoWorld reports that Napster is curiously absent from the O’Reilly Peer to Peer Conference, which started Wednesday. Tim O’Reilly says Napster people felt “they couldn’t say a word” while their court problems remained.