Insuring Linux, Thanks to SCO

jtheory writes "There's an interesting article on Salon.com (free daypass available, ads, etc.) about the counter-reaction to SCO's attacks on Linux, and how SCO may actually be one of the best things to happen to Linux lately, because their attacks have turned a lot of attention to the possible Achilles' heel in the code contribution process. Includes some good detail on OSRM, a company offering insurance against lawsuits like SCO's, who notably hired Bruce Perens and PJ of Groklaw fame, and is doing their own extremely thorough analysis of the code and any possibility of improperly included code. The founder of OSRM also wrote a story called Why the Linux Community Needs Open Source Insurance on LinuxWorld." We've mentioned risk insurance before.

Why insure Linux?

You can replace it for free???

Re:Why insure Linux?

[jamonterrell]

I'll bite. Because MS can pay John Doe to contribute code from the leaked win2k source into linux and then sue every distributor of linux out of existance for copyright infringement. The problem here is that if something like this happens where MS gets turned loose, no insurance company will stick by without going bankrupt.

Re:Why insure Linux?

[dago]

"no insurance company will stick by without going bankrupt."

That's why you have reinsurance companies which insure the insurer. Such companies like MunichRe, SwissRe have even more assets than MS...

Re:Why insure Linux?

[B'Trey]

Obligatory IANAL disclaimer but it's difficult to see how this would work. Despite SCO's blustering threats to sue Linux users, it's extremely doubtful MS would have a case against anyone but John Doe in your scenario. After all, if I plagarize John Grisholm in my new novel, he can certainly sue me but he can't sue the people who buy my novel, even though they now have a copy of his work without paying him for it.

Once MS identifies their code in the Linux kernel, they might be able to demand that people stop using it, leading to the need for everyone running Linux to download a new kernel or patch.

It seems to me that the primary need for Linux indemnification is not that you may be succesfully sued for copyright infringement (even SCO has largely dropped the copyright infringment claim from their case against IBM) but to protect against RIAA-like tactics where one is extorted to settle out of court or face ruinous legal fees to defend oneself. IBM can afford to fight SCO and their ilk. Small business owners can't.

Re:Why insure Linux?

[Kjella]

After all, if I plagarize John Grisholm in my new novel, he can certainly sue me but he can't sue the people who buy my novel, even though they now have a copy of his work without paying him for it.

IANAL either, but the difference is obvious. If you gave everyone that bought your novel the right to reproduce it, that right is also revoked. He can't sue for mere possession, but he can sue for copyright infringement, since that right is now null and void.

And since that code is spread around lots of OSS mirrors around the world, incorporated into different projects, it is likely to be copied from one file to another faster than the retractions can be sent out.

Witness the recent WASTE and Via SecurePL event. That one is major enough you might actually point your finger at. What project FOO found a file in project BAR on sourceforge and integrated it into their own? Noone knows.

If the OSS community get enough of this type of "infection", it could seriously damage its credibility. Even if they acted in good faith. The legal issues, I'll leave to a lawyer.

Kjella

Re:Why insure Linux?

[B'Trey]

As I pointed out, once the code is identified as tainted, they can likely demand that you stop using it. Although I didn't specifically point it out, that should imply that it also means you can not distribute it. If they can show that you knowingly and wilfully used or distributed the code after knowing it to be tainted, they might be able to sue you. But they almost certainly can not sucessfully sue you for using/distributing the code before it was known to be tainted.

Re:Why insure Linux?

[dipipanone]

IANAL either, but the difference is obvious. If you gave everyone that bought your novel the right to reproduce it, that right is also revoked. He can't sue for mere possession, but he can sue for copyright infringement, since that right is now null and void.

While what you say is strictly true, it ignores a basic principle of tort law, which is that the reason for bringing a law suit is to recover one's damages.

So even if someone does copy a code fragment into something else, before the copyright owner can go around suing other people, they have to be able to show that that they've sufferered economic loss as a result of that person's actions.

Therefore, if I take a code fragment from your desktop publishing software, and incorporate it into my music sequencing software, how do you -- as a company -- suffer economic loss as a consequence of my using that software?

There's a quantifiable loss from the company who wrote the music sequencing software, because they should have licensed the code and would be paying royalties, so that one is easy. The end user issue just isn't that straightforward -- which is why SCO is suing companies that had a prior financial relationship with them. ie, they used to use SCO unix, now they use Linux, so by using Linux they deprive SCO of their sales.

But think back to the issue over the compression routines in gifs. Did anyone argue that end users should be sued because they were using software that made use of the patented compression routines? Of course not, because they weren't responsible for any financial loss to the company, therefore there wasn't any form of appropriate redress.

Ultimately, I believe that this point will emerge during the course of SCO's current lawsuits against end users but SCO are bringing the lawsuits in the hope of striking fear into the heart of other corporate end users in the hope of either persuading millions of linux users to stump up for a license, or as part of the information war in their pump and dump stock scheme.

IANAL, but I(love)ANAL.

Re:Why insure Linux?

[jamonterrell]

I'm not saying it isn't doable, I'm saying that the cost of an insurance plan that could handle a full blown attack by Microsoft would be more expensive that most people would be willing to pay. It's also difficult to sell insurance on something you get for free. I'm skeptical about this business plan working. That's all I'm saying.

Re:Why insure Linux?

[Kjella]

But they almost certainly can not sucessfully sue you for using/distributing the code before it was known to be tainted.

Read Title 17, Chapter 5, Sec. 504.
a) States that the copyright holder may choose between actual (b) and statutory (c) damages. I'll skip right to statutory:

"In a case where the infringer sustains the burden of proving, and the court finds, that such infringer was not aware and had no reason to believe that his or her acts constituted an infringement of copyright, the court in its discretion may reduce the award of statutory damages to a sum of not less than $200."

And if you read the legal notes there:

"The ''innocent infringer'' provision of section 504(c)(2) has been the subject of extensive discussion. The exception, which would allow reduction of minimum statutory damages to $100 where the infringer ''was not aware and had no reason to believe that his or her acts constituted an infringement of copyright,'' is sufficient to protect against unwarranted liability in cases of occasional or isolated innocent infringement, and it offers adequate insulation to users, such as broadcasters and newspaper publishers, who are particularly vulnerable to this type of infringement suit. On the other hand, by establishing a realistic floor for liability, the provision preserves its intended deterrent effect; and it would not allow an infringer to escape simply because the plaintiff failed to disprove the defendant's claim of innocence."

IANAL; but I'd say the distributions could get whacked around pretty good if they get slapped with $200 for each shrapnel of infringing code in an entire distribution.

Kjella

Re:Why insure Linux?

[jamonterrell]

What's with the horrible examples today?

This is not at all the same. In this case you're the ONLY one copying and distributing the book. Thus you are infriginging COPYrights. In the case of Linux a LOT of people are copying and thus infringing. Let's start a list:
1.) The person who submitted the code.
2.) The person who committed the code.
3.) The person who uploaded the kernel.
4.) Everyone who offers the kernel for download
4a.) All websites/mirrors that offer the kernel.
4b.) All products with the kernel incorporated into them (PVRs, mp3 players, toasters, who knows).
4c.) All makes of linux distributions (RH, Novell, etc)
4d.) All computer manufacturers that sell computers with linux (HP, IBM, etc).

Alright, have I made my point? Not just the person committing the infringed code is at risk.

Re:Why insure Linux?

[pizza_milkshake]

an attack like the one mentioned above would have the goal of smearing linux's reputation in the hopes that businesses would stay away from the software because of its high-profile legal trouble.

microsoft doesn't need to get rid of every copy, they just want to build up FUD surrounding it.

Re:Why insure Linux?

[IBitOBear]

Moreso, Linux doesn't accept "John Doe" contributions. If microsoft, or any of its agents, were to contribute code, or cause code to be contributed, to Linux it would be demonstrable that the inclusion of the code was proper.

If someone did it on their own, then as soon as Microsoft did what SCO didn't, that being identify the code, it would removed and replaced.

I Microsoft instead did what SCO did, and not identify the code, then they have failed to even attempt to mitigate their damages, and any copyright case falls apart.

The act of distribution obviates any Trade Secret, so there would be nothing to sue about there, except legal action against "John Doe".

And Patent issues exist or not independent of who provided what, which is why software patents are bad. It would be more valid for microsoft to take patents against things they know are going to be in Linux and then use that to club people over the head. Fortunately Linux has people like IBM who want to use it and have more patents. (But this is the one-paragraph proof that software patents are bad for everbody, so I'l let it go at that.)

In essence, you must remember, that "you cannot cheat an honest man."

OS Insurance

[the+MaD+HuNGaRIaN]

I thought Windows insurance was switching to Linux.

What's Linux insurance--switching to Mac OS X?

Re:OS Insurance

[tiger99]

No, it is switching to FreeBSD.

Seriously though, it is important that alternatives such as the BSD family exist, it means that in the event of future legal action, people can switch fairly easily, if they have to in the short term. Even better, they should run a mixture now. Diversity is a good thing, it might even prevent everything being damaged by a single virus, or programming error in an update, for example. Thinking only about Linux is not much different from thinking only about Windoze. I have even kept Windoze 2000 (dumped XP, it was almost as useless as the vile bug-infested ME), although my serious work is mainly done in SuSE now.

I use SuSE and Xandros (latest versions of both), FreeBSD and OpenBSD, the differences to the average user, who does not look at kernel source or the mechanism of system calls, are not great, but each has its own particular strengths. The only thing I have against FreeBSD is that the ports collection is so vast, compared even to a typical Linux distro, that selecting everything that you might want to play with is a very long task......

If we have a choice, we should exercise it, otherwise developers may get fed up, and the choice will diminish, which would be a bad thing

Google cache

[gspr]

Thanks, Google!.

Re:Google cache

[B'Trey]

Thanks, now I can RTFA. In doing so, it appears that the author did not do his homework particularly well, as both he and his sources seem to be thoroughtly confused on the issues.

Quote: "They sued AutoZone and DaimlerChrysler even though those companies didn't do anything wrong and acted in good faith," says Daniel Egger, a partner at the venture capital firm Eno River Capital. AutoZone and DaimlerChrysler simply purchased open-source software; they didn't write the code. But "because of a quirk in our legal system," Egger says, "you can be sued for using software when you did nothing wrong, just because some third party claims that they own part of that software or that the software infringes on their rights."

This is woefully uninformed. SCO sued neither Autozone nor DC for using Linux.

SCO's claim against Autozone arises from the fact that Autozone was using applications on SCO Unix and switched those applications from SCO to Linux in a very short time. The only way to do that, SCO claims, is by integrating the libraries from SCO Unix into Linux, which is a violation of the licensing terms for SCO Unix. SCO has no evidence that this happened other than the fact that Autozone switched over very rapidly, so they MUST have used SCO's libraries. Autozone and the consultant who did the switch both claim this is not the case, and it should be straightforward to demonstrate this in court.

The DC lawsuit arises because DC failed to return a certification of compliance. SCO sent out forms to everyone who has a license for SCO Unix and demanded that they certify that they were not using SCO code with Linux. Part of the license for SCO Unix says that they may demand such a certification of compliance.

So neither Autozone nor DC are being sued for "purchasing open source software." Both are being sued for violating the terms under which they licensed SCO software. Despite their many threats, SCO is suing their own customers, not Linux users. The case against Autozone seems extremely weak. The case against DC rests on a legal technicality that I'm not qualified to judge. If they do succeed in that case, however, it will have nothing to do with Linux.

Can I get /. libel insurance?

Seriously, folks.

Geezus, please put me out of my misery.

Now we have insurance agents peddling their wares on Slashfdot?

Re:Geezus, please put me out of my misery.

[c4Ff3In3+4ddiC+]

Subscribe to slashdot and beat the rush to see new ads masqueradig as articles.

So this is basically what?

[LOL+WTF+OMG!!!!!!!!!]

A sort of "malpractice" insurance, where instead of a doctor's malpractice, it's that of the code-plagiarizer?

Or is it for protecting the Linux distributer that was unaware of said plagiarism.

(By the way, I'm not saying Linux contains plagiarized code ;) )

Re:So this is basically what?

[SlashDread]

A very good question indeed.

To me it seems it targets distro's to insure "risks" not just plagiarism, but all sorts. patents, copyrights, whatever.

This enables those distro's to offer "indemnify" to their client eventually.

In a world, where layers rule, and coders drool, this is a good thing.

peace

"/Dread"

I, uh....

I for one welocme our new State Farm Overlords!

Best thing to happen?

[goatan]

about the counter-reaction to SCO's attacks on Linux, and how SCO may actually be one of the best things to happen to Linux lately, because their attacks have turned a lot of attention to the possible Achilles' heel in the code contribution process.

how is that actually good for Linux. Isn't take a bit like pointing out all the security holes in windows it doesn't improve the OS's reputation. and from most of what i remember about SCO's attacks on code contribution have been shown to be wide of the mark

Re:Best thing to happen?

[AftanGustur]

how is that actually good for Linux. Isn't take a bit like pointing out all the security holes in windows it doesn't improve the OS's reputation.

Linux's reputation wasn't that good at all. Each and every Microsoft consultant, I have met, has always been ready to spread FUD and outright false claims about the competition.

What SCO's case is doing is taking all those claims and making a lawsuit out of them. The only way that would be bad for Linux is if SCO actually won. And judging from the story so far, there seems to be less and less possibility of that happening.

No, what looks like is going to happend is that the SCO lawsuit will "Free" Linux from all the FUD that has been build up over the years ...

Maybe I'm being dense but -

[JosKarith]

Uh... isnt this a little like somebody in a straw house thanking arsonist for burning other people's houses down just to prove they're flammable?

Re:Maybe I'm being dense but -

[AftanGustur]

Uh... isnt this a little like somebody in a straw house thanking arsonist for burning other people's houses down just to prove they're flammable?

Uhmm, No, it's rather like when Microsoft paid for a benchmark that showed how Windows was faster in serving webpages and files on a network.

Linus and other developers went into overdrive, threw out the old memory system and inplemented the Direct-memory-copy functions (so data could go directly from hard-disk buffer to network-card buffer without having to go through conventional memory).

This helped Linux a lot, and if Microsoft has repeated the tests since then, they are keeping the results very, very secret.

Out of bad things to say

[superpulpsicle]

Heh. I can't even flamebait SCO anymore. Every bad thing that you could say about the organization has already been said.

Re:Out of bad things to say

[jamonterrell]

You'll now have to flamebait other companies by comparing them to SCO.

Re:Out of bad things to say

[Kardamon]

That's already happening: Genetic Technologies, a company that patented the "junk DNA" is called the "SCO Group of biotech" in this article.

TCO

One more cost to be added into 'independent' TCO studies funded by microsoft.

Do we really need this?

- We have an Strong and Clear in terms license.
- We have the code available.
- We have Lawyers all arround de world willing to defend GNU.
- Most developers have allways taken care of not violating copyrigth, and including only their code on the work they do

We have an implicit honor system, and it works. If someone do something wrong, we could listen the complain, isolate the coders and code compromissed, replace it with GPLd code, and apologies to the company the code has been stolen from.

All this SCO thing is just flamebait; don't pay more atention to them, and don't let them change the way this has allways been.

Re:Do we really need this?

[zanderredux]

Yes.

It might be impossible to do proper due diligence with very large F/OSS projects and the honor system, being "implicit", is not enforceable or, at least, verifiable.

Viruses

[somethinghollow]

their attacks have turned a lot of attention to the possible Achilles' heel...

With Windows, when someone points out a possible Achilles' heel, people exploit it (with viruses, etc). Is it good to point out potential problems? Yes if 1) They can be fixed or 2) They aren't problems. It will make the beast stronger. However, if the issue, in this case code contribution, which is THE blood of OSS, is actually a problem and can't be fixed, then this whole OSS thing might take a deathblow. If that is the case, I'd rather people not focus on it.

In the end we have to trust people that submit code. Short of checking it against a database of known code (which doesn't help if they stole code from a proprietary source), there isn't too much we can do.

While I tend to agree with "there is no such thing as bad press," if the press kills OSS or Linux (which, in this case, I bet it won't), I'd rather SCO not have started anything. And if other people start to try to exploit OSS because of the possible Achilles' heel (with law suits, bills passed to limit OSS), we'll end up with tons of irritating front page posts on slashdot. We might even have to have a sub-catagory for the it so we can have user filters.

But...

[rampant+mac]

"[...] Open Source Insurance"

What if someone forks it?

FireBird Insurance?

Re:But...

[mopslik]

FireBird Insurance?

After reviewing current trademark holdings, the FireBird Insurance Project has decided to adopt a new name:

InsuraFox

Please refer to all further policies by this name.

I want risk insurance...

[WhiskerTheMad]

... for my Windows servers. My last co. almost got burned by MS's code theft issues in SQL Server.

Of course, the premiums would be a stone bitch...

-----------

Re:Webmonkey's Apostrophe!

[BenjyD]

The guy's name was Achilles (note the "S" at the end). It is common practice to put the apostrophe after the final "s" and omit that additional possessive "s" in words like that.

Insuring Linux, *THANKS* to SCO?!

[Pan+T.+Hose]

"SCO may actually be one of the best things to happen to Linux lately"
"company offering insurance against lawsuits like SCO's, who notably hired Bruce Perens and PJ of Groklaw fame"

Is it really "one of the best things" for Linux, or for lawyers? I didn't need to buy any "Linux insurance" before that SCO farce. Why should I be grateful?

Why is this a good thing?

[ThogScully]

In my head, insurance agents who are capitalizing on this FUD are on par with amublance chasers sitting in the ER waiting room. Maybe that's a little harsh though towards the ambulance chasers, because at least they are around potential clients.

Offering this kind of insurance only perpetuates the FUD that Linux/OSS/FS/etc are not safe. Maybe if they offered this as general purpose software insurance, rather than targetting open source, I'd be more understanding. But offering it only for open source software essentially sends the message that IP infringement is common in open source software, but never happens in proprietary.
-N

Economic Reasoning At Its Best

[zanderredux]

This is an extreme example of economic reasoning at its best.... let's hope that the company selling the insurance is not related to SCO!!!

Seriously, folks, you DON'T need this!!

As long as you aren't stealing code for your open-source projects, you're fine. Someone like SCO can litigate till they're blue in the face, but as long as you didn't do anything wrong, you'll be fine. They can have all the billions of dollars they want, but money doesn't create evidence. If you need to get your court costs back, countersue.

It's a shame that these people try to peddle their bullshit off other people's fears. You DON'T need this!!

..but I'm sure most people here are smart enough to realize this (I hope). The last thing we need is fucking "code insurance".

I hate insurance

[Cobralisk]

Next thing you know, OS insurace will be required in order to legally operate a computer system.

From: <officer@localpolice.gov>
Subject: Speeding

Pull over,
I clocked you going 100Mbps in a 10Mbps subnet back there. May I see your license and insurance card? Did you know that it is unlawful to operate a network vehicle in the state of New York without a valid insurance policy?

Please step away from the terminal,
Sgt. Smith

Karma Insurance

[CharonX]

Hmmm... so you can insure yourself against the perils of using Open Source (like getting sued by SCO).

What I want is a Slashdot Karma Insurance.

(In fact I could use one right away now, since this gonna end up (-1, Offtopic) ^^; )

I hope this doesn't take off

[deque_alpha]

Just look what insurance has done to health care. The _last_ thing we need as a society is another aspect of our lives that is deemed neccesary to insure. On the whole, I beleive that insurance companies are some of the most exploitive organizations around, draining resources from society with very little positive return. At best, this is going to convince people to throw money away, at worst it is going to encourage frivolous lawsuits because the odds of payoff become higher, thereby making "OSS Insurance" a de facto requirement for running OSS and taking away one of its largest strengths.

Re:I hope this doesn't take off

[bruce_the_moose]

I beleive that insurance companies are some of the most exploitive organizations around, draining resources from society with very little positive return

While I can't claim to love insurance companies--institutions that plays with lots of money and produces little in the way of tangible products tend to spawn greedy bastards--you can point to some returns to society that they have made. Here's and example: Do you look for little tags or stickers that say "UL" on electrical devices you buy? You should. UL is Underwriters Laboratory, a lab sponsored by the industry (Underwriters) is in place to guarantee things like christmas lights won't burn your house down if you leave them on overnight. It's enlightened self-interest, of course, since if your house burns down the Insurance companies have to pay.

Oh, and having someone pick up the tab if your house burns down is probably a positive return to at least yourself, if not society.

I think OSS insurance is a good thing for this very reason: it means some institution actually thinks it's insurable. The way you make money selling insurance is covering things that are likely to NOT burst into flames.

Re:I hope this doesn't take off

[NorthDude]

The problem is not with insurances being offered, but with the peoples and organizations abusing this fact when bringing up lawsuit. Insurance primes goes up when insurance companies loses to much money. Do not forget that an insurance is a product, just like any ohter product out there.

I gotta ask...

[Otter]

If the people behind this insurance hadn't done some credentializing by hiring Perens and Groklaw, would it still be viewed as a helpful product? Or would it be an endorsement of SCO, a nefarious FUD tactic, probably a secret Microsoft conspiracy...?

Honestly, I'm amazed that more people don't view a company running around yelling, "Linux insurance! Protect yourself from the risks of Linux!" at least somewhat negatively.

Re:I gotta ask...

[ShinmaWa]

They didn't hire Groklaw, they hired the editor of Groklaw, PJ. She was doing Groklaw in her spare time anyways, so probably it will continue to be independent. Her expertise from Groklaw will certainly help, but you are making it seem like a company now controls Groklaw.

Well.. I will say this. Ever since PJ was hired by this firm, Groklaw's focus has changed dramatically. Early on it was "just the facts" about the case. Lately it has become more and more of a GPL zealot site, that tends to attack anyone and anything that is not wild about the GPL, including non-GPL open source!

PJ and Groklaw (and they are one and the same to me, since she maintains absolute control over the content there) have lost all credibility with me, since I can no longer trust her to be objective anymore -- even with SCO v. IBM.

I don't know if these two things are truly "cause-and-effect", but I certainly think that there is at least SOME influence there.

Mixed Reaction

[starseeker]

I dunno. In a perfect world, there shouldn't be a need for this kind of thing. But since we don't live in that world, this might have practical value.

My take on this is - it's a good thing if you are paranoid or a potential target. I don't understand why Linux end users are different from Windows end users in a liability sense - can someone point me to a good explanation of why my buying a Windows license suddenly frees me from potential legal trouble, whereas the GNU GPL somehow doesn't? Why isn't the author responsible in both cases? (Not a rhetorical question - I really would like an answer.)

Anyway, I'm not sure this lawsuit insurance is a bad idea no matter WHAT you do or what you use. Lawsuits are used like clubs against business opponents nowadays, and merit or justification isn't even of interest anymore. Perhaps an insurance setup where the insurance covers the costs of a defense up to $$$, but not the consequences of a guilty verdict, would be a good way for a lot of small companies to go. If they aren't doing anything wrong, and get their ass sued by $LARGE_COMPETITOR in order to put them out of business, the lawsuit coverage would let them put up enough of a fight to make trouble for $LARGE_COMPETITOR. If $LARGE_COMPETITOR had to do this for all the smaller competitive businesses they would go up against, it might start to be rather useless for them to try such methods.

Remember, lawsuit insurance in this scenario isn't about the merits of the case - it's about being able to resist bullying attempts by litigious bastards. If you have a good case, this would allow you to fight it, but wouldn't let scum insure their way out of the financial consequences of doing something illegal. In THAT capacity, I can see this being a good idea. And not just for open source software either.

Every ecosystem needs predators

[heironymouscoward]

It eliminates the weak and forces the rest to get stronger.

SCO and Microsoft (and Sun) are predators as far as the OSS community is concerned, and although they will cause much suffering and trauma, the result will be stronger and more successful OSS firms.

Re:Webmonkey's Apostrophe!

[Nick+of+NSTime]

"Keats' poetry" is incorrect according to MLA style, which governs writing here in the US. I think it's against AP style too.

OpenScam

[MouseR]

OSRM, a company offering insurance against lawsuits like SCO

Cool.

Now, instead of paying juggernauts for their expensive software, you can pay expensive insurers to use free software!

What would america be without lawyers?

Re:OpenScam

[Brad+Mace]

What would america be without lawyers?

I don't know, but I'm willing to give it a try.

Why this is _BAD_ for Linux...

[kuwan]

This "Linux Insurance" by OSRM is really bad for Linux. As noble as the creators may think it is, the fact that it exists at all shows that SCO has been (somewhat) successful in their campaign to cast uncertainty on the legitimacy of Linux and its code base.

For example, let's say that I want to sell my boss on buying a bunch of Linux servers instead of Windows or Solaris servers. I tell him all the great advantages of Linux - stability, performance, low cost, etc. Then some Windows schmuck interrupts and says that Linux has legal problems. I say "no it doesn't" and explain how the SCO fiaSCO is just a bunch of mumbo-jumbo. Then I go to explain that their is insurance that you can buy in case anyone (SCO or anyone else) tries to sue you.

After this my boss gets scared and thinks that there is legitimate risk involved with going to Linux. Then he thinks, "Why go with Linux and spend extra $$$ on insurance when I can just go with Windows or something else."

This whole insurance thing is just bad. It helps SCO to prove their point (that there is a problem with the Linux development process), makes Linux cost more than it should, and introduces the idea that risk is involved when using Linux.

Re:Why this is _BAD_ for Linux...

[bwcbwc]

After this my boss gets scared and thinks that there is legitimate risk involved with going to Linux. Then he thinks, "Why go with Linux and spend extra $$$ on insurance when I can just go with Windows or something else."

Well you should point out to him that if Microsoft includes code in Windows that violates someone's patent, and he runs that code on his computer, he could be liable for violating the patent, since he is performing a patented business process. If he's really concerned about IP liability, he should buy the liability insurance for Windows, too.

This issue isn't restricted to Open Source software, it's just that Software vendors haven't wanted to draw attention to it until they started losing sales to OSS.

You forgot Linus

[jaymzter]

I'm assuming by _Linux_ you are referring specifically to the kernel. Where your scenario fails to hold water is the fact that Linus and crew actually do check the code that gets submitted for the kernel. I don't see a johnny-come-lately with miracle code that works flawlessly on the first try getting something past them. In real life, YMMV

Re:I wonder...

Slashdot search already gives an option to avoid low-scored posts. If speed is important, it seems better to replace the gruesome twosome of Perl and MySQL with something more robust. May I suggest Asp.net and MS SQL Server?

Who Reinsures the Reinsurers? [n/t]

[m000]

The Shadow knows.

In other news...

[Pan+T.+Hose]

Insuring Linux, Thanks to SCO

In other news...

Insuring Cars, Thanks to Thieves

"There's an interesting article about the counter-reaction to thieves' attacks on cars, and how thieves may actually be one of the best things to happen to cars lately, because their attacks have turned a lot of attention to the possible Achilles' heel in the car locking process. Includes some good detail on a company offering insurance against thefts. This is a great news for every car owner."

Yeah, SCO is good for linux

It's building confidence in Linux. We look great, SCO looks like a bunch of jerks and bullies, possibly supported by Microsoft. It's showing that Linux is strong in the face of a full frontal assault, that it's not just a loose conglomerate of whimsical hackers, who'll just drop it when the going gets tough. It's commiting IBM and various other companies to the defense and support of Linux. It's providing a template and an example for future cases. After an initial wavering of faith in Linux, I'm sure we'll see a surge.

Hell, as long as the US Justice System doesn't drop the ball, the whole SCO issue is great for linux!

What?

[fedork]

You call this a SCO story?

gone are those days! we used to have a REAL SCO story every day back then...

SCO Unix license

[nuggz]

Part of the license for SCO Unix says that they may demand such a certification of compliance.

No the contract states that they can request compliance to the license agreement.

Companies like DC do not know, and can not confirm that there is or is not SCO code in Linux, therefore they can not certify such a thing.
This is just as ridiculous as asking them to certify there is no SCO code in MS windows, they just can't confirm it either way.

Only SCO customers need insurance

[Animats]

Everyone sued by SCO has had a previous contractual relationship with SCO. They've never made a straight copyright claim against an unaffiliated Linux user in court. So it's clear that the only people who might need insurance are SCO's customers.

Also, the Delaware court ruled, in putting the Red Hat vs. SCO suit on hold, that the Utah court was deciding the copyright issue. Based on that precedent, copyright-related suits can be expected to go on hold until IBM vs SCO is decided. So SCO is a long way from being able to enforce copyright claims against anybody. They'd have to beat IBM, then Novell, then Red Hat. Only then would Linux users have anything to worry about.

The market has picked up on this. SCO tried a stock buyback scheme to boost the the price of their stock. That worked for only a week, and bumped the price up from 9 to 11 or so. It's back to single digits today, at 9.09 today and dropping. It was 16 back in February, and 3 a year ago, before all the lawsuits.