Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat's Open Source Assurance Program

Posted by michael on from the safety-blanket dept.

scubacuda writes "ZDnet and others report that Red Hat now offers the 'Open Source Assurance Program' as protection for customers if they get hit with a copyright infringement case from the SCO Group. From their website: 'A key feature of the Open Source Assurance Program is an Intellectual Property Warranty. The warranty ensures, that in the event that an infringement issue is identified in Red Hat Enterprise Linux software code, Red Hat will replace the infringing code. Red Hat's warranty assures customers that they can use Red Hat Enterprise Linux and related solutions without interruption. The warranty is available for all customers having a valid registered subscription to Red Hat Enterprise Linux or related solutions.'" Following close behind Novell and Hewlett-Packard, but it looks like Red Hat is not actually indemnifying their customers like Novell and HP, but rather is simply promising to fix any real copyright problems moving forward, which is something I think we would assume they would do in any case.

19 of 142 comments (clear)

  1. Can't indemnify by airrage · · Score: 4, Interesting

    Throughly useless I think. You can replace the code, but you can't indemnify 3rd parties. So, because anybody can sue anyone for anything, you'll still end up in court if your pockets are deep enough.

    Like trying to swat elephants with fly-swatters.

    --
    "This isn't a study in computer science, its a study in human behavior"
  2. Nice gesture by JRob007 · · Score: 3, Interesting

    Its nice to see that even though this is something that they would fix anyways, they are saying it publicly. To many times coporations words and actions imply that they will do something, only to not follow through. Its nice to see a company take a stand and say out loud, what they are going to do.

  3. How will this actually work? by Sean80 · · Score: 4, Interesting
    I'm not entirely clear how this would work out for customers, so a thought experiment. Say SCO successfully proves that the Linux thread scheduling code is a copyright violation. What does Red Hat do next? Sure, they could rewrite it, but would companies which are now running their flight booking apps, and (don't take me too literally here) their nuclear power station control programs on the Linux kernel be happy about this?

    It would appear to me that the strength of Linux is its history and stability. Take that way, and trouble's a comin'?

  4. Issues about exposure to code? by LinuxHam · · Score: 4, Interesting

    Warning: DNRA

    Seems like a strange thing to offer. Here at work, once you get exposed to open source code, you can never go back to dealing with internal code merely due to the risks that algorithms you develop internally may accidentally be recreated in open source work.

    How can RH say that they will replace your code with non-tainted code if the tainted code is the only way they've seen for approaching a problem. Seems like they need the equivalent of an optoisolator between their tainted developers and non-tainted developers. A white room approach with a description of the goal slid under the door.

    --
    Intelligent Life on Earth
    1. Re:Issues about exposure to code? by jhoger · · Score: 2, Interesting

      Wow your company is paranoid... and I'd say abnormally so.

      Usually it goes the other way... once you are exposed to Closed source code, you can never be employed writing the same Closed source code for another vendor. Example: BIOS clean room development.

      In the open source world, ideas are traded fairly freely. It's easy not to copy someone else's code. It really is. Open source guys really don't care if you copy their ideas. They won't sue you for that. Now your closed source could leak out one day. But that's easy to see since open source code is usually publicly available.

      Now if some loser adds some closed source code into an open source code base without permission, it should be treated as a bug and fixed. I think that Red Hat is absolutely doing the right thing here. There's only going to be bits and pieces here and there I would guess... they'll squash them like bugs if they show up.

      Now SCO thinks they can sue end users for infringement of their copyright for using Linux. From what I've read on Groklaw they aren't going to have much luck with those cases. Hence the fact that there aren't any such cases yet. Just the IBM suit which is about breach of contract, not copyright.

  5. The least they could do. by osewa77 · · Score: 4, Interesting

    Being that this is literally the least they could do, this situation is an example of what it means to maximize profits by minimizing costs :-)

  6. This is a better solution than the others by MajorDick · · Score: 5, Interesting

    IMHO, this is a MUCH better solution, while I dislike SCO and their tactics, there MAY be some validity to their point , afterall look at how many contributions have been made, its happened before in opensource where someone included copyrighted code (yes I know what they have thus far claimed cant be verified) BUT what happens if it does ?

    Remove the code ! I trust RedHat to replace the code quickly and effectivley, RH has made tons of contributions to linux. The others offer to absolve financial IF there is infringing code, RH says hey dont worry well replace the code so those infringments dont apply.

    I like this solution much better being a RedHat customer.

    1. Re:This is a better solution than the others by whittrash · · Score: 2, Interesting

      This move also has one SIGNIFICANT advantage. Anyone can still modify the code after it comes from Redhat and still be under warranty for the specific product supplied by Redhat (although I imagine the new code wouldn't be under warranty). They can be assured that the base they are working on is rock solid. To me that is more useful than having to check with your distributor every time you wanted to change something. It also doesn't lock a person in to an expensive service agreement. It is a more flexible solution than indemnification and preserves open source values better. In short, for people who just want to buy a reliable Linux distribution without being bothered by unnecessary services, this is an easy way to get a reliable product. This is a better solution than indemnification for most small/midsize users and an equivalent value for large businesses.

      This warranty also says something about the quality of RedHats work. They are willing to stand up for the code they put out. Indemnification only means they will have lawyers back you up and you won't pay any penalties in court, not necessarily that the code is free of IP defects which could be more damaging if chunks of code need to be re-written while you are trying to run a business. A warranty also puts some implied liability with RedHat, as they are to blame if any dirty code is distributed, thus indirectly shielding end users in a way that is similar to indemnification. This is a much more elegant solution than indemnification.

  7. is this possible? by mcmonkey · · Score: 4, Interesting
    The warranty ensures, that in the event that an infringement issue is identified in Red Hat Enterprise Linux software code, Red Hat will replace the infringing code. Red Hat's warranty assures customers that they can use Red Hat Enterprise Linux and related solutions without interruption.

    How can this be possible? If there is a case where Red Hat software contains infringing code, and Red Hat cannot come to an agreement with the code's owner on continuing use, Red Hat is prepared to replace the infringing code immediately? I presume use without interruption means support without interruption.

    If Red Hat has a complete code base in wings so that any arbitrary bits of code found to be infringing can be replaced, and Red Hat is more sure of its legal standing on the replacement code (since it is meant to be used in event an existing infringement is found), why not just release that code?

  8. Replace the code? by pe1chl · · Score: 2, Interesting

    The warranty ensures, that in the event that an infringement issue is identified in Red Hat Enterprise Linux software code, Red Hat will replace the infringing code.

    What use is that? When the SCO case really holds up, the issue is not to replace the code but to pay them their royalties. Those payments is what should be guaranteed, not the replacement of the code. Such a replacement will be just as free as the original code.

  9. Stock by savagedome · · Score: 4, Interesting

    Even though SCO's stock has had one hell of a run, and (overwhelming) majority of us believe that their campaign is a fluff, nasdaq's risk analysis tools rates it almost alongside Redhat's stock.

    SCOX grade is at 369 and RHAT is at 356.
    For reference, Nasdaq is 86 and S&P500 is 52
    Higher the number, greater the risk.

    SCOX Risk
    RHAT Risk
    So, either these analysts are smoking crack or maybe I am just a dumbass when it comes to stocks. The later is a likely possibility!

    --


    Free XBox, PS2
  10. Yes? by bstadil · · Score: 2, Interesting
    First if there is infringing code it is RH or rather first the person that submitted the code that bears the responsability.

    In the case you mention the court will normally allow a period to remove the infringing code, so as not to impose unneccerary hardship on innocent victims.

    In addition the Copyright owner has a duty to mitigate damages, in case they want to be awarded Damages by the court. The latter by the way the latter is why SCO will never get anything from the Linux community in case hell freezes over and some code beloning to them is in Linux.

    --
    Help fight continental drift.
  11. Re:"if we're caught, we won't do it again" by molnarcs · · Score: 4, Interesting

    This is actually one of the best ideas I ever heard. Of course stating that we will replace the code is stating the obvious (that's what linux hackers been saying all along) but what matters is the 'smell' of this statement: it smells professional and businesslike. And most importantly: it is a proactive document.

    Also, it might provide some legal protection against alleged 'willful' infringment. If they can point their fingers to their Open Source Assurance Plan whenever they are brought to courts by a party claiming infringment, they have the acting in 'good faith' argument on their side, unless they won't live up to their promises (which is _very_ unlikely).

    You might say this Plan is just words, but still, it has an important side-effect. Those who don't read groklaw daily, but know about SCO's fiasco, can now call RedHat whenever they receive a threatening letter. Of course, they could have called them anytime, but this document is like a message: call us if someone contacts you claiming infringment. This puts customers in touch with RedHat first, and RH can tell directly to their clients (who, as I said, don't necessarily read groklaw) what this case is about, and SCO failed to pinpoint any infringing code.

  12. Bad example by roystgnr · · Score: 2, Interesting

    The thread scheduling code has been rewritten, repeatedly IIRC. I suspect if there were any problems there, Red Hat would just revert to a previous scheduler, and take any performance hit in exchange for the security of using an already-tested chunk of code.

    If you look at the examples SCO has actually brought up as "copyright infringement", things get even better. Linux's SGI malloc had already been deleted for technical reasons by the time they pointed it out, Linux's BSD packet filter was an original reimplementation of code that wasn't SCO's to begin with, and Linux's ABI code, if it turns out to be copyrightable and copied (Linus says no) at all, could be mostly replaced by randomizing a list of numbers and recompiling everything.

    SCO's big claim is that IBM-written code is somehow a SCO trade secret because it was once linked to System V, but even if they were to win that it would just mean a fine for IBM, not any sort of problem for those users of the code who don't have any contracts with SCO.

  13. Umm didn't they already give? by Performer+Guy · · Score: 2, Interesting

    Red Hat contributed to the OSDL defense fund, so that means they're already putting their money where their mouth is and better yet doing it with everyone else in a way which covers us all, not just licensees of RH Enterprise. Anyone know what the fund is up to now?

  14. Don't Understand Why Redhat Offers This by Goo.cc · · Score: 3, Interesting

    If Redhat sells me software that is found to infringe on SCO's copyrights, then that is a problem between Redhat and SCO. As the end user, I am not the infringer.

    You don't see Eolas suing Microsoft users over their patent lawsuit. You don't see CD buyers being sued for buying a rap CD that has been found to have used sampled music without permission.

    The "Open Source Assurance Program" is just PR.

  15. I just don't get it..... by Anonymous Coward · · Score: 3, Interesting

    I've been following this SCO trash since day 1.

    I seriously do not understand... How, exactly, is it that SCO can charge a licensing fee for IP they have not proven belongs to them?

    Is there NO protection for consumers?

    This isn't just a case of SCO commiting liable, fraud, stock fraud, etc.... but this is also SCO blatently stealing from consumers.

    This means, one day, someone like Microsoft could just barge in and say Linux code had stolen MS code in it - force companies to pay under the threat of a massive legal dispute - something 99% of the companies in this country would be defenseless against and would be forced to pay - much like what SCO is doing right now.

    Where is our "Big Brother," you know - the one who will stick you in jail for 20 years for simply posessing the knowledge and the means to decrypt a satellite signal. (Ohh, how we love the DMCA.)

    At what point are we going to have another postal situation, where some geek is going to go insane from being such a minority that said geek(s) will simply wreck havoc on government systems and end up a martyr.

    God knows, I'm just about to the point where if an SCO rep knocks on my door - you can gurantee Mr. Smith and Mr. Wesson will give them .357 reasons to GTFO and STFU real quick.

    This is unreal. I'm half American Indian - but I've never really felt like a minority because I suppose I 'appear' white. Now I really think I'm beginning to understand what Black people complain of. Look at what is happening to the OS community, we're the minority. WE'RE the Black people of technology.

    Something needs to change. We need some political action, the average person needs to be aware of what is happening with technology. Linux is without question the only real potential OS to replace MS Windows. MS knows that, SCO [Obviously] knows that, but the average person just has no clue.

    Being that Linux is unquestionably on the brink of becoming the replacement desktop - you would think this should be newsworthy and of great public interest.....

    *sigh*

  16. Red Hat quickly gaining ground with MS tactics. by Saeed+al-Sahaf · · Score: 2, Interesting
    I've often said that companies like Microsoft have no obligation to support obsolete software like Win95 and 98, both of which are quite old. But RedHat has done basically the same thing, with much more recent software (and about one tenth of the blathering out cry from folks around here). And so, this statement bothers me: The warranty ensures, that in the event that an infringement issue is identified in Red Hat Enterprise Linux software code, Red Hat will replace the infringing code.

    So, even though a year or so ago, I went to Office Depot and bought RH8 Pro in a box, after only a year since this professionally packaged OS graced the shelves of a major retailer, RH not only does not support it anymore (where are the cries from ./ers that gave Microsoft all the heat with the 95 / 98 support death?), but we are not included in this warranty either

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
  17. Re:Do you work at SCO by any chance? by Anonymous Coward · · Score: 1, Interesting

    My description was not very clear. I was trying to describe how my employers works hard to separate developers working on closed source commercial products from those making contributions to the open source community. This is to avoid accidentally publishing proprietary algorithms that the company did not want released with a particularly generous license. You have to be careful about who's working on what, and what kinds of algorithms each person needs to develop for each class of software.