OSRM Declares Linux Free of Copyright Violations

tmu writes "According to a recent press release, the Linux 2.4 and 2.6 kernels are free of any code that violate copyrights. OSRM, the new startup formed by Daniel Egger and including groklaw founder Pamela Jones, completed a 6-month review of all code in both kernels. They must be pretty confident of the results, because they're offering product liability insurance to both developers and users."

Backed with the foundation of a house of cards...

[LostCluster]

Insurance policies are always grouped into lots that allow the "law of large numbers" to come into play. That is to say, small numbers might go on a random walk, but within a large group the actual number of claims will always be reasonably close to the expected number of claims.

Sorry... an insurance company that's offering only one liability product that is either going to have claims from all customers or have no claims at all is not going to fly. Either they'll be pocketing all of the premiums, or the whole house of cards will colapse in more claims than they can ever handle. There's no middle case... either every user of Linux is going to end up owing big bucks to SCO, or none of them do.

Do we really need this?

[whig]

$25,000 coverage for $250/year? Do we really need this? In three years time, we'd be paying more than the cost of SCO's unnecessary license for a minuscule amount of coverage that we don't need, because, as they themselves say, Linux is free of copyright infringements.

Re:Do we really need this?

[nomadic]

I'm assuming the liability insurance will cover more than SCO. With the enormous amount of code changing hands in the OSS community, it's not really a bad idea to have liability insurance.

Re:Do we really need this?

[crackshoe]

I would view it as paying to support these people who, presumably of their own volition, went through the whole damn kernel just to make sure that its free of unpleasant copyright problems. on the other hand, there are probably businesses that would like some sort of liability insurance for peace of mind, but would prefer to avoid SCO ating like a bully trying to steal their lunch money.

Re:Do we really need this?

"Do we really need this?"

Would you rather pay SCO?

"In three years time, we'd be paying more than the cost of SCO's unnecessary license for a minuscule amount of coverage that we don't need, because, as they themselves say, Linux is free of copyright infringements."

Do you believe that SCO will be around in 48 months? I don't. If they are not then you save money and are spared hassle. If SCO survives for 3 years well then see response to question one.

Re:Do we really need this?

[Bruce+Perens]

Open Source developers don't generally need this product. Some of them may feel more secure with it. But when we get to software patents, that may be one that you do need.

Bruce

Re:Do we really need this?

The Legend of Zelda

Many years ago Prince Darkness "GANNON" stole one of the TRIFORCE with power. Princess ZELDA had one of the TRIFORCE with wisdom. She divided it into "8" units to hide it from "GANNON" before she was captured.

Go find the "8" units "LINK" to save her.

Re:Do we really need this?

If you don't want it, don't get it. It's that simple.

I don't really want it either, but I don't think it's a bad idea. I also think comparing the price to SCO's license is stupid. Personally I would rather pay $1000 a year to an insurance company than pay $1 to SCO.

Re:Do we really need this?

[gnuber]

Open Source developers don't generally need this product.

Your press release states that you "will charge $250 to individual Linux developers". So you admit that you are charging hundreds of dollars for something unnecessary? If I wanted to waste money, I could pay $699 to SCO instead.

Are you actually offering this insurance yet? It sounds like you have not even found a reinsurer after spending months trying. Even if I wanted this insurance, I would be a fool to pay premiums before you have any sort of financial backing.

I have great respect for Bruce and Pamela, but frankly this reeks of opportunism and greed. OSRM will only be able to sell this product by scaring companies into thinking it is necessary. How will that possibly help Open Source? The venture capitalist who started this organization (Daniel Egger) has already begin spreading FUD. Just a few days ago he completely mischaracterized the DaimlerChristler suit. The OSRM web site has been cleaned up after intense criticism, but still says things like "organizations gaging the risks of Open Source software face a vacuum of clear information." On the contrary, I know of hundreds of highly convincing paper from lawyers like Eben Moglen dismissing the SCO claims.

Because your business is to scare people into buying insurance, you neglect to mention the millions of dollars in defense money already available free from the OSDN. There is also the million dollar Redhat Open Source Now fund. And don't forget vendor indemnification freely available for customers of Redhat, HP, Novell, etc. You do mention vendor indemnification on the OSRM site, but only to attack it as inferior to your insurance.

The OSRM page states that "OSRM has generated the widespread support of Open Source leaders," but the only ones I have seen supporting it are on the OSRM payroll. Without the credibility of PJ and BP, this project would be universally ridiculed. Egger made a good decision in paying you off (I'm sorry that sounds harsh, but we all know he hired you two for your credibility in the open source world).

You are a smart guy and have studied this more than I have. So perhaps you can enlighten me as to why I should consider this a good thing. Or maybe you are just trying to cash out on the current Linux FUD. That isn't illegal, but please don't cast it as doing us a favor.

Re:Do we really need this?

Face it bruce perens is just another "cyber"-parasite passing himself off as a "cyber-guru" of the hacker community like bourgeois lawyer lawrence lessig and "suprised by wealth" Eric Raymond.

Fuck these parasites.

Re:Do we really need this?

[jtev]

Here here brother, millions for defence but not one cent in settlement or whatever. dammit, to bad I'm to broke to even be able to afford the cost of filing papers. hmm, maybe a frivolous lawsuit countersuit would be in order to.

Re:Do we really need this?

[Bruce+Perens]

First, there is no way that the $250 policy can ever be a money maker. There just aren't enough folks who will get it. It might break even. It is a way to provide normal folks with access to the resources that companies are paying $100,000 for.

This is what I worry about. Some turkey sues an Open Source developer with intent to restrain. Not to recover funds. Said developer says "Uh-oh, I don't have the funds to support a single day in court. I'd better sign my copyright over to that turkey, sign whatever documents he has saying that I will never, ever write Open Source again, and find some other way to entertain myself."

$25,000 is not necessarily enough to defend every case, but it's enough to tide you over until you can get a publicly-funded defense up and running.

Regarding OSDL (not OSDN!) I don't know if there will be anything left for you when they are done with Autozone and Damiler, etc. Same with the Red Hat funds. I hope there is and that they are available to you. And also, I am worried about what happens if one of OSDL's corporate members is the plaintiff in a patent case against Open Source software. So, having a party that is not tied to HP and IBM is probably a good thing. And having a party that concentrates the funds for defending Open Source software into an entity that can actually do something is a good thing, too.

I think the most important point for the individual Open Source developer is "if you don't think you need this - you probably don't". Those who do need it know who they are.

Bruce

Re:Do we really need this?

[dipipanone]

$25,000 is not necessarily enough to defend every case

I suspect $25,000 is not enough to defend *any* case. That would barely cover David Boies's laundry bills.

I wonder how much IBM has spent so far -- a lot more than $25,000, I'm sure -- and the case is still at least a year short of going to trial.

Re:Do we really need this?

[undernourished]

Sure, but if you give me $25, I'll tell you HOW miniscule the coverage is.

Re:Do we really need this?

^ This might seem like trolling, but check the "Customers refuse to run Red Hat's kernel" FUD-o-Gram Perens posted earlier today.

Re:Do we really need this?

Yeah.. but no offence.. you aren't IBM.

You don't sue individuals for the same kind of money as you sue huge great faceless corporations for.

Re:Do we really need this?

[the_thunderbird]

Sure, it looks like it is not worth while, but you have to consider other things. Linux may be free of copyright infringments, but what happens if another SCO comes along and starts sueing developers, claiming that they have infringed on their copyrights to bloat their stock price?? I mean what are you as a developer (with no money?) going to do? I know I can't fight a lawsuit with even a small company like the SCO Group and would have no choice but to settle, unless of course being a UK citizen entitles me to state assistance????? I think this kind of insurance, even as small as it is, is something we as developers all need to look at.

Re:Do we really need this?

[bruthasj]

Question is: why isn't there liability insurance for other platforms, namely proprietary?

For example: what if I bet the farm on BeOS as my development platform?

The answers to this post will inevitably be the answers to this thread's question.

Re:Do we really need this?

[dipipanone]

Yeah.. but no offence.. you aren't IBM.

Hey, I'm not even a coder so it's no skin off my nose.

You don't sue individuals for the same kind of money as you sue huge great faceless corporations for.

That's a fair point, but even so, in intellectual property cases, the companys that are doing the suing will tend to throw all of their resources at the case because they're operating out of a sense of 'use it or lose it'. $25,000 tends to be nothing to such companies, so you're not fighting in any sort of level playing field even if you have the insurance.

I'm not sure that $25,000 will go very far in funding any sort of real legal dispute. I don't know what IP lawyers cost in the USA, but say they bill at around $250 an hour, that would buy you around 100 hours.

Perhaps you're right. Perhaps that is manageable for relatively small cases, where the facts aren't in dispute and there's no need for lots of discovery and depositions? I imagine this insurance firm must have looked at it and decided what it took, and I suppose -- with it being their business and all -- that they have more of a clue than I do.

Even so, I do wonder whether people wouldn't be better off being covered by some sort of less specific legal insurance that often has much higher cost ceilings?

Re:Do we really need this?

[gl4ss]

Well, do you REALLY think that a company with only 1 cpu that's running linux would take it?

how about 20? or 40?

Re:Do we really need this?

[Rogerborg]

Of course we need it. Independent analyist and journalist Pamela Jones of Groklaw says we do, and I believe her because she has no interest in OSRM. I mean, it's not as though she works for them or anything. If she did, then someone who spends so much time talking about integrity and honesty would be very, very careful to say so in every astroturf article that she writes about them.

Re:Do we really need this?

[rjch]

I suspect $25,000 is not enough to defend *any* case. That would barely cover David Boies's laundry bills.

Somehow I seriously doubt that David Bowie's laundry bills would be covered by this policy. It's probably not the best analogy to be made.

Having said that, such an expensive product for such minor coverage would be like purchasing a hankerchief from David Bowie to wear (as your sole item of clothing) on a cold winter's day. It's a nice statement to make, but isn't really going to make much difference in the long run.

Re:Do we really need this?

[nomadic]

There is professional liability insurance for proprietary programmers, though you seem to be talking about something outside the realm of what insurance is supposed to address.

Re:Do we really need this?

[jav1231]

Except for the fact that you 're conceding the TCO war to M$ if you do. I don't understand why we would want to. We've already conceded the "runs on older machines" war. Early on the argument was "you won't have to upgrade your older machines" until the distro's started getting too big for them. Then we said "OS is cheaper" now we're adding insurance costs. What's the advantage now? Just that it's not proprietary? Just food for thought.

Insurance

So they're offering insurance to people just in case they are wrong? Don't they have any faith in themselves? :)

Re:Insurance

[Guppy06]

You have it backwards: They're offering insurance because they're that sure they're right. If they were worried they were wrong, then they'd be worried about having to actually pay claims and wouldn't be so willing to offer the insurance.

Essentially they're trying to call SCO's bluff.

Re:Insurance

[bersl2]

This is why there are reinsurance companies: to insure the insurance companies in case they actually have to pay up.

Re:Insurance

[mark-t]

If they were so confident they were right, they could offer lifetime liability insurance for a single sum, say a hundred dollars or so, all clear profit, since they would never have to actually pay anything.

Also...

[TechnologyX]

In other news today, Darl McBride received a strange packet marked "code review", with a post-it note attached that simply read "PWNED"

Re:Also...

All right! SCO has been pawned for money. In a year, anybody with enough can buy it. I'll bet that RedHat would jump at the chance.

Re:Also...

You're owned .

This is asinine

[ObviousGuy]

Their "insurance" is many times more expensive than SCO's licensing fees.

Re:This is asinine

[Enry]

The point isn't the cost - the point is it exists. Those of us who know better don't need to get it. Those who need to convince those who don't know better can use this as a fallback (but boss, you *can* get insurange).

Re:This is asinine

[etymxris]

But even if so, the money isn't going to someone who will litigate your market, and potentially you again in the future. Let's say I was a famous person (I'm not.) I'd rather pay significant money for security if I needed it, rather than simply paying off those that threaten me. Think about it.

Re:This is asinine

It depends on how you factor the cost.

If you pay SCO you've lost rights to the code.
If you pay the insrance costs you haven't, unless SCO wins a copyright violation suit, in which case you would have to pay more than the license fee and lose the rights to the code.

You'r buying a get out of jail a bit cheeper card.

Re:This is asinine

[Decameron81]

The difference is who is taking the money from you, and what for.

From SCO you would be buying a license that protects you from being sued by them, and only them. From these other guys you would be paying a liability license that protects you from whoever it is that wants to sue you.

Now if that's not enough of a difference there is the moral implications of paying SCO. By doing so you are supporting their business model. You are asking for other companies to use it and ask you for a difference fee to protect you from them too. Like in most things, many people will prefer the short term advantage, even though it comes with the promise of long term disadvantages. But that doesn't make it right.

So putting the money SCO asks and the money that these guys ask on the same level is not fair. The service you are paying for is totally different (if SCO's license can be called a service...).

Diego Rey

Re:This is asinine

[jmt9581]

Yes, but SCO is not the only entity with potential IP issues with open source software in the Linux operating system.

Re:This is asinine

[Jeremy+Erwin]

As far as I can tell, the SCO license is only a license for the binaries-- not source. This insurance will indemnify development activities.

This is absolutely worthless... buy it anyway?

[LostCluster]

I'm not quite sure an insurance policy from these people is worth as much as a SCO license, in that they're either selling policies that won't pay if SCO owns nothing, and they'll be overextended if it does turn out SCO owns something.

However, if you've got a PHB who's seriously thinking about sending his $699 per server into SCO... this may just be a company that you can use to fool your fooled-by-SCO PHB into sending money to the anti-SCO lawyers instead of the pro-SCO lawyers.

Re:This is absolutely worthless... buy it anyway?

[pete6677]

I think this type of business would have been a lot more successful about a year ago. At that time, the mainstream tech press was making it sound like SCO had a case, and nobody had seen (or not seen) enough of the evidence to really say much either way. It seemed unlikely that they could get billions of dollars from IBM, but people were a bit scared. Lately, their case has almost fallen apart and investors are starting to pull out. Not only has their stock fallen, but they have mostly shown their hand, which consists of suing people who they have business agreements with. If someone has no relationship with SCO and has been running Linux all this time, I don't see why they would suddenly get concerned about being sued by SCO. But I agree, this type of insurance is certainly better than sending SCO a check.

Re:This is absolutely worthless... buy it anyway?

Especially since SCO has already failed to produce any evidence of copyright infringement in court (and even dropped that portion of the suit, I believe).

1. Wait until SCO is just about to self-destruct
2. Sell Insurance
3. Profit!

what about ....?

[Thelonious+Monk]

What about previous kernel releases i.e. 2.2. etc...

Re:what about ....?

a) does SCO claim 2.2 ?
b) who cares :-)

Re:what about ....?

[UpooPoo]

That was back when Linux was according to SCO, "the technological equivalent of a bicycle". ie. It's not in contest.

Re:what about ....?

[name773]

so my bicycle can run linux 2.2?

Re:what about ....?

[SphericalCrusher]

Because the newer versions = the older versions + new stuff, to sum it up.

I hope this really means the good news that my mind is considering it to be right now. Could SCO's reign of BS lawsuits finally be over?

Re:what about ....?

[74nova]

does that mean that there was no offending code to take out of 2.4 and 2.6 before this review? its entirely possible that im full of it, but i thought there were a few things in there that were quickly removed. if so, they might not have been removed from the older kernels. am i just wrong?

Re:what about ....?

[74nova]

if there is any sort of cpu and computing architecture on there, probably.

Re:what about ....?

[SphericalCrusher]

Nothing was removed, because SCO could not prove shit against them. They wanted certain lines removed, but they never specified which lines they were OR which lines the Linux source code had allegedly violated.

Re:Backed with the foundation of a house of cards.

[woodhouse]

Perhaps they're backed up by another insurance company. Can anyone confirm this? Otherwise, I agree.

They lend some credibility

[The_Mystic_For_Real]

They seem fairly credible in their claim, as they have put their money where there mouth is. Of course, this review of the code may not affect a court ruling on the matter, as there are complicated technical issues involved in this case and they may not be in the scope of knowledge of some judges.

Re:They lend some credibility

[AKAImBatman]

They could be called to testify that in their professional opinion the code is free from defects. Conflict of interest might be an issue, however. Of course, since SCO can't actually produce any evidence, I don't think things will get that far.

Where's the methodology

[jaymzter]

I never saw this adequately answered on Groklaw. This is no different really than benchmarks or TCO studies. Show us your methodology, give us the name of an independant third party which conducted the review, and let us review the results. Coming from OSRM I consider this well meant but to be followed by a large grain of salt as they have a vested interest in the outcome. I believe Linux isn't tainted, but if you've combed through the code of Linux and several Unixen, I'd like to see it in black and white.

Re:Where's the methodology

[74nova]

its a program called diff. hehe, j/k

Re:Where's the methodology

[gurustu]

OSRM is giving you something almost as good as black and white ... they're giving it to you in green.

They're so confident of their claim, that they're willing to put their money where their mouth is.

In any case, what specifically would you want to see? All of the source code of all the operating systems they looked at with check marks next to each line? And who would you choose for an independant third party?

Re:Where's the methodology

[iabervon]

OSRM does have a vested interest in the outcome, but it is in finding any problems and getting them fixed before they'd have to pay to defend them in court.

A TCO study is useful if the people who do it are offering to reimburse you any cost overruns.

Re:Where's the methodology

What money? This is a startup, they have no money, if they are wrong then they will go bankrupt - and you will get nothing for your insurance bet.

PC speaks for herself...

[LostCluster]

Groklaw's running a more detailed piece that gives more information than in the press release. This basically ammounts to a reporter reporting about herself, but that also makes it information straight from the source.

Re:PC speaks for herself...

its PJ you dumbshit karma-whore.

You are SUPA-LAME!!!@!!!@#!@#!#!

Good to know

[JoeShmoe950]

Most people think its SCO free already, and couldn't care less, but the insurance is a great thing. Just wondering, what is up with the SCO case? Haven't heard about 'em in a while now.

If it's so free of copyright infringement....

[salvorHardin]

If it's so free of any copyright infringement, why do we need any kind of liability insurance?

Re:If it's so free of copyright infringement....

[Bruce+Perens]

Well, we've learned that being innocent doesn't prevent you from being sued, haven't we?

Bruce

Re:If it's so free of copyright infringement....

[kitzilla]

You don't (I think), but you're free to buy it or not. Depends if you find value in whatever level of "peace of mind" or liability mitigation the policy affords.

$25k coverage isn't particularly helpful. If SCO prevails, they could extract "damages" far in excess of that amount. It's really only useful to private users who might find themselves with a SCO bill for, say, eight years of Linux use at whatever trumped-up bullshit license fee they demand. These users are the least capable of shelling out the $250 premium, and the least likely to be interesting to SCO's legal sharks.

Re:If it's so free of copyright infringement....

[salvorHardin]

Depends if you mean sued as in 'successfully sued', or just the initiation of the process, and if you believe your nation's legal system is just and fair. Personally, I have a hard time believing the latter about any nation's judicial system, but I worry that SCO and friends will use this as an argument to support their case. I was hoping there would be some brilliant retort to silence such a question once and for all, but I guess I'll just have to hope that 'open-sourcing' this thought hasn't given malicious types any advantage ;-)

Re:If it's so free of copyright infringement....

[Bruce+Perens]

Well, being unsuccessfully sued is what I'd worry about. It can still cost you a lot to defend yourself.

Look for sites about tort reform.

Thanks

Bruce

Re:If it's so free of copyright infringement....

[mopslik]

Depends if you mean sued as in 'successfully sued', or just the initiation of the process, and if you believe your nation's legal system is just and fair.

Even "unsuccessfully sued" can cost someone a hell of a lot of money. Have you seen how long some of these cases can drag out? It costs money just to defend yourself. And if you successfully defend yourself, you still have to launch your own counter-suit if you want to reclaim any of those losses.

While insurance seems of little use to most people, I can see some companies thinking it's a worthwhile investment.

Re:If it's so free of copyright infringement....

[salvorHardin]

Okay, I'm going to spend a little while looking over this site, but given that I'm UK-based, it might take some time for me to 'translate' things into terms I understand.
In Britain, we have a system called legal aid which provides lawyers for those who can't afford them. If I get sued by SCO for running linux, I may be eligible for legal aid.
If I have to be re-imbursed for expenses, and I need to take SCO to court for such costs, well, there's always legal aid, and if I can't get that, there's plenty of No Win, No Fee legal beagles out there.

Re:If it's so free of copyright infringement....

[dipipanone]

well, there's always legal aid

Hmmm. YANAL, are Y? In fact, I think you'll find that legal aid in the UK doesn't cover civil litigation of this sort. The taxpayer quite rightly doesn't feel that he or she has any role in funding people's lawsuits. The sole exception here is medical negligence claims, which are still legally aided due to the huge cost of bringing an action.

...and if I can't get that, there's plenty of No Win, No Fee legal beagles out there.

You misunderstand how contingency fee arrangement cases are fought. If you're an individual and you want to sue an insurance company or whatever, you may well find a lawyer prepared to act on a contingency fee basis -- though many will expect you to take out insurance to fund the case should you happen to lose in court, and you'll have to cough up around a third if you win.

However, you can't get lawyers to act on a no win, no fee basis if you're *being* sued, because there aren't any damages for them to take their success fees out of.

Sorry.

Re:If it's so free of copyright infringement....

[Sique]

Where is the simple solution, that the losing party in a civil suit pays both bills? (Or they share the bills if the suit was partly successful.) So everyone just pays the initial costs and can claim it back if she was right.

Re:Backed with the foundation of a house of cards.

[UpooPoo]

Depending on the outcome of this case IP law suits could become much more plentiful. I think that open source software could become especially vulnerable. I have to agree that with you on your stance in regards to the SCO case. But I don't think that this type of insurance is completely without potential.

SCO business plan

1. get lots of people to buy this insurance
2. sue everyone who buys it
3. they settle immediately and use the insurance to pay their licensing fees
4. insurance company goes bankrupt, but it doesn't matter, we've already got the cash.

Re:SCO business plan

[ProfessionalCookie]

Ummm sorry...

5. ???
6. Profit!

Re:SCO business plan

heh i knew i was forgetting something...

How do they know anything we don't?

[LostCluster]

I'm not sure how they can come to that conclusion without having access to the code which SCO is claiming that they have which was inapproprately added into the Linux kernels. Just what exactly did they do in their six-month process to prove that what SCO has behind door #3 isn't there?

Of course, SCO might turn out to have nothing but some farm animals behind door #3, and that outcome is more likely than not to be the one that comes out in the end... but really, what more is this group doing but just spreading counter-FUD about SCO's FUD?

Besides, if you take them at their word, then you don't need their insurance because you're exposed to no risk. They're basically offering a competive form of "SCO lawsuit insurance" that seems only about as strong as buying SCO's "license".

Re:How do they know anything we don't?

[LordK3nn3th]

Perhaps they combed through logs to see where what originated from?

Re:How do they know anything we don't?

[S.Lemmon]

Actually, right now the most likely outcome after the BayStar pullout (and especially if RBC follows) is SCO goes belly up before we ever see what's behind door number three.

Re:How do they know anything we don't?

[Pharmboy]

I'm not sure how they can come to that conclusion without having access to the code which SCO is claiming that they have which was inapproprately added into the Linux kernels.

if you read the article, you would have seen that they traced the roots of all the code (be it bsd/pd or the credited author) and are basing their opinion on that research. They feel they have "sourced" all the source.

Re:How do they know anything we don't?

[shanen]

All they need to do is trace the code in the actual Linux kernels. If they can show that all of that code comes from non-copyrighted or properly released sources, then it doesn't matter what code SCO has.

There are basically two lines of analysis without having to see SCO's code. One is to find the corresponding Linux code in previously released code. I should doublecheck my facts on this, but as an example, I believe that most of the old BSD Unix has been publicly released already, so any code from such a source is free and clear.

The other line is to trace the sources of the code to reliable authors. If you can trust those authors when they say that they wrote and did not copy a piece of code, and that they then gave their permission to include that code in Linux, then that code can be trusted.

If this announcement is not just some kind of smoke and mirrors, then SCO should start sinking quickly into the abyss.

Re:How do they know anything we don't?

[LostCluster]

if you read the article, you would have seen that they traced the roots of all the code (be it bsd/pd or the credited author) and are basing their opinion on that research. They feel they have "sourced" all the source.

But SCO claims that somebody submitted what they claimed they had to the rights to when realy it was SCO's IP. Of course, they've yet to say who... but whomever lied while submitting would simply need to lie to Pam and Bruce to fool them.

Re:How do they know anything we don't?

[lspd]

I believe that most of the old BSD Unix has been publicly released already, so any code from such a source is free and clear.

No. Anything before 4.4BSD-Lite is questionable. You might be risk using the older stuff on the basis that Caldera gave away the ancient UNIX code it was based on, but considering what bastards they are now it's probably not a good idea. If you're taking anything from BSD, make sure it's from a version released after the BSD settlement. Everything prior to that required a UNIX license.

Re:How do they know anything we don't?

[lightray]

All they need to do is trace the code in the actual Linux kernels. If they can show that all of that code comes from non-copyrighted or properly released sources, then it doesn't matter what code SCO has.

You haven't looked at the Linux source, have you?

Do you have any idea how much of it there is?

Re:How do they know anything we don't?

I'm pretty sure it would be impossible to track down every author, especially from the early years. They must have made a blank assumption about very old code.

Re:How do they know anything we don't?

[shanen]

Do you have any idea how much of it there is?

Quite a bit. One would guess that's why it took them some months to do the work.

Still can't see any clear reaction on the SCO stock price, though it's back under $8 at last report.

The way they are falling

[eclectro]

they might need a parachute soon.

Please send your nickels and dimes to the "Darl McBride this-is-not-hopeless-really fund".

SCO is nuts

I have noticed that they have not FILED any copyright infringement actions, despite their numerous allegations that Linux infringes on their copyrighted code and mentions of the rights of copyright holders in their legal pleadings and press releases. No matter how loudly they proclaim infringement of copyright, they aren't willing to use the appropriate federal laws (USC-17) to protect this supposedly infringed upon "IP". I wonder why.

If SCO has copyright material that has been infringed upon, they have to go to the INFRINGER (whoever has access to their code and copied it, meaning the code and not just a work-alike clean-room code, into the kernel) for damages. End users and unwitting publishers of infringing materials are not listed in USC-17 as liable for infringement. You can't get damages from a publisher if one author of a short story collection lied about the authorship, nor can you collect from the bookstores and purchasers.

If they have proof that Red Hat is distributing infringing material, they first have to notify RH what the infringing material is. As the innocently infringing publisher, RH has the chance to double check the material, and either remove it or check its pedigree dispute the infringing nature of it.

The only time a publisher can be nailed for damages is if the plaitiff can prove they knew, or could reasonable have been expected to know, that a work was copyright. This covers sleazy anthology publishers who don't bother to get permissions and pay royalties, and anyone stupid enough to accept a well-known work of fiction from anyone but the real author.

Re:SCO is nuts

[glwtta]

Dude, where have you been the last year or so? Everybody knows SCO is full of shit - there is no reason to keep repeatedly listing the reasons.

Re:Backed with the foundation of a house of cards.

yeah, if they only offer this for the linux kernel, it won't fly. they need to insure other things as well -- other open source projects.

+1 funny

[mrsam]

I find it rather humorous that this outfit is probably going to make more money off what's SCO's doing than SCO's itself.

After all, they only need to break $20K, and now they're doing better than Darl & Co.

This is hillarious. Darl's been huffing and puffing for a year trying to squeeze water out of a rock; now here comes OSRM, and before long they made more money essentially by betting that Darl's got nuthin!

Re:+1 funny

[salvorHardin]

now here comes OSRM, and before long they made more money essentially by betting that Darl's got nuthin!
Remind me to invite McBride to the next poker evening.

Re:+1 funny

[k4_pacific]

Maybe that was the plan all along. Maybe Darl will take his remaining money and invest in OSRM.

Probably not though.

Re:+1 funny

[LostCluster]

This is hillarious. Darl's been huffing and puffing for a year trying to squeeze water out of a rock; now here comes OSRM, and before long they made more money essentially by betting that Darl's got nuthin!

If this was poker, OSRM is basically telling the table that SCO's hand is a 5-high. :)

(But wait a second... there's no way SCO's hand can be as bad as a 5-high...)

Re:+1 funny

[i.r.id10t]

And if it were, it would be a straight. Or at least have a pair hiding in there.

As I often said while playing poker with friends "They are all under 9 and none look the same!"

Re:+1 funny

[Idarubicin]

(But wait a second... there's no way SCO's hand can be as bad as a 5-high...)

Sure it can. SCO is holding a two, a three, a five, the Rules of Poker card (in Spanish), and a "powerful card that [they] intend to reveal in court"...which appears to be a coaster.

Re:+1 funny

[dipipanone]

This is hillarious. Darl's been huffing and puffing for a year trying to squeeze water out of a rock

I believe you meant to write:

"Darl's been huffing and puffing on a rock for a year now as he tries to squeeze billions out of IBM to support his crack habit."

Hope this helps.

Re:+1 funny

[Citizen+of+Earth]

If this was poker, OSRM is basically telling the table that SCO's hand is a 5-high. :)

Isn't the lowest possible hand a 7-high? You can't pick five cards lower than a seven without getting a pair or a straight.

Of course, the real deal here is that they don't have a hand.
--
"Seven-high beats no cards."

Re:+1 funny

[ajs318]

A five-high hand would have to be 5-4-3-2-A, which is counted as a straight in most circles and even beats A-K-Q-J-T in some circles, or else contain a pair. 6-4-3-2-A is the lowest ranking poker hand.

Of course, even A-A-A-A-W doesn't necessarily beat a Magnum .....

Re:+1 funny

[Citizen+of+Earth]

6-4-3-2-A is the lowest ranking poker hand.

Huh? Ace-high is the highest single card.

Re:+1 funny

[ajs318]

Doh! So it is. 7-5-4-3-2, it would have to be then. Think I'd best stay away from any card tables for awhile pending a little practice :)

Re:+1 funny

[cpeikert]

Isn't the lowest possible hand a 7-high? You can't pick five cards lower than a seven without getting a pair or a straight.

In any respectable game of poker where low hand wins (Omaha Hi-Lo, or Lowball), a five-high (i.e., A2345) is the lowest possible hand. It doesn't count as a straight, and the ace counts as a low card.

Conflict of interest

So, until now Pamela Jones was doing a terrific job reporting on the obsurdities of SCO claims. Now, she started a company in whose best interest is for SCO and others like it to keep going as long as possible so that her little company can offer insurance. Is it just me, or did we just loose an unbiased source of law information.

Re:Conflict of interest

[jaymzter]

If you RTFA you'll see that PJ did not start the company. She runs a site that covers the SCO case and while she is an employee of OSRM, I believe this is a valid bit of news for her site to cover. In the same sense however, seeing as she does hold a legal review position at OSRM, raising questions of conflict of interest is a valid point

Re:Conflict of interest

[dipipanone]

I believe this is a valid bit of news for her site to cover

As do I. Unfortunately, she rapidly moves from covering the news about the kernel's cleanliness into an advertising pitch for the insurance company that now employs her.

That really is a significant departure from her previous coverage of this issue and is a sad loss of her (and Groklaw's) independence in my view.

I dunno, she keeps on telling us that Groklaw is Open Source paralegal work. Well, does that mean that the community can choose to drop these advertising pitches? If so, I vote that Groklaw loses them. What was once a genuine labour of love and anger is now tied up with support for certain business propositions and I think that's a very sad thing.

Re:Conflict of interest

[ispeters]

I don't think anybody loosed PJ. She sort of started the whole groklaw thing herself. We may have lost her though. (Sorry, I'm not usually a spelling Nazi, but this double entendre made me laugh.)

Re:Backed with the foundation of a house of cards.

[greendoggg]

Often with "regular" insurance companies, the insurance company itself gets insurance in case something catstrophic happens and it can't handle all the claims. In fact, I think it might be required by law for some things (but I'm not very sure about that). So if this company is backed by someone with really big bucks, that would be sufficient.

Re:Backed with the foundation of a house of cards.

[Bruce+Perens]

Of course we would use reinsurance, as do all similar companies. Daniel is working on that side.

Bruce

Insurance fees more expensive than SCO Bribe

[NemosomeN]

And we all know SCO would never sue a customer...

Shut down sco.com the legal way

SCO has admitted to violating the copyrights of dozens of companies and hundreds of individuals on content probably worth hundreds of millions of dollars. They are now by far the biggest pirates ever. I think it's time of all of these copyright holders to contact SCO's ISP, xo.net, and demand that SCO's site be pulled down. To do this, you send by fax or paper mail to xo.net an identification of the copyrighted work that you believe has been infringed (specifying the portions that you claim), an identification of the material that you believe to be violating it, contact information for you and for SCO, the statement "I have a good faith belief that use of the copyrighted materials described above on the allegedly infringing web pages is not authorized by the copyright owner, its agent, or the law.", the statement, "I swear, under penalty of purjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.", and your signature. (Assuming that what google requires is what is mandated by law).

I'd enjoy the whole SCO fiasco if SCO spent the time before their case comes to trial shut off the internet for running a warez site.

sweet..

sweet, but editors, dont post this under the SCO topic, this is a linux topic. Just because SCO is challenging the code, doesn't make every article linux-gpl-code related, related to SCO.

This is becoming annoying.

[OzTech]

If SCO are successful with their actions against IBM, then they will be paid by IBM for the infringment. While not being based in the US, I'm pretty certain it would be the same there, in so far as they can't sue IBM for incurred losses and then attempt to sue innocent parties for the same losses. It just won't wash. Why won't media organisations, including Slashdot report this simple fact and put an end to all the hoop-la.

Debunking the FUD and myths

[FunWithHeadlines]

OK, for all those who won't bother reading the story, keep these points in mind:

1. This is voluntary insurance. Don't want it? Don't get it.

2. This isn't targeted at users, who are not at risk in any case, so 95% of us can move on, nothing to see here.

3. This has nothing to do with the risks of Linux, for there is nothing wrong with Linux. Instead, it's about the fact that, as SCO showed, there are bad people who want to make trouble for FOSS and will use nuisance suits in order to do that. Sad but true, but let's at least look at the world realistically. We now have another tool to fight these losers.

4. If you are a kernel developer, or a big-pocketed Linux corporate user, and you think you could become a target of one of these nuisance suits, you now have a chance to get insurance against such. Voluntary. Don't want it? Don't get it.

5. Does this make you sad? Blame the bad people who want to cause trouble for FOSS, not the people who are stepping up to try to help.

If it's safe, why do we need insurance?

[SuperBanana]

They must be pretty confident of the results, because they're offering product liability insurance to both developers and users.

If the kernel is free of copyright violations, why do we need insurance?

That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

Re:If it's safe, why do we need insurance?

Haven't had a flood in a while have you?

Don't you think you are overdue for one?

Re:If it's safe, why do we need insurance?

[Rik+van+Riel]

That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

Isn't that what all insurance companies do? Playing the odds when statistics are firmly on their side...

Re:If it's safe, why do we need insurance?

[LordK3nn3th]

How many insurance agencies would be happy to give you flood insurance if you asked for it in an incredibly no-risk-of-flood area?

Re:If it's safe, why do we need insurance?

That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

Yeah. Some guy tried to sell me flood insurance. I told him that I live on a hill. He said that I could have a 50% discount. I told him to get lost.

Not really, but it's funny.

Re:If it's safe, why do we need insurance?

[Trogre]

That's pretty much the long and short of it.

But imagine you're trying to convince your PHB that you need to deploy linux in your enterprise.

"But what about all this copyright that SCO is claiming?" he asks.

Now you can tell him "It's just FUD/BS." (which we know is true, but not all non-techs do).

Or you can tell him "It's just FUD/BS, but if you're worried we can purchase 3% liability a year in insurance."

Which one is he more likely to listen to?

If the $699 per seat is the liability they refer to, then that's $20/year per linux box.

So like most insurances, this is just offering peace of mind for those who worry about the highly unlikely event of a catastrophe (or should that be fiaSCO?).

Re:If it's safe, why do we need insurance?

[crackshoe]

pretty much anyone who likes making money. insurers don't want to cover those in high risk flood areas, but the federal government makes em (at least in the states). what insurer in their right (and unforced by retarded laws) insure someone in an area that floods regularly, or gets hit by hurrivanes on a yearly basis. so thats not really a great metaphor for much of anything.

Re:If it's safe, why do we need insurance?

[Surye]

If the $699 per seat is the liability they refer to, then that's $20/year per linux box.

Don't forget that $699 is per cpu.

Re:If it's safe, why do we need insurance?

[tomreagan]

thank god someone around here gets it.

Re:If it's safe, why do we need insurance?

[Shimbo]

That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

It's more like car insurance. If some a**hole crashes into your car, claims it's your fault, then tries to sue you for damages, you'll be glad that your insurers will defend the claim on your behalf. You don't have to be in the wrong to incur legal costs.

Article title word rap

my browser rapped it like this:

OSRM Declares Linux Free of Copyright
Violations

1) Read first line: "gasp! the GPL is invalid!"
2) Read second line: "sigh of relief"

Re:Backed with the foundation of a house of cards.

[Zcipher]

I think you, like many people, are misreading the service being provided by this company. They aren't offering to have you pay into their banks so that if SCO comes a knockin' you can just roll over and pay them with money from OSRM. Rather, what they are providing is material aid to your company so that you can take SCO to court and fight the charges. Therefore, it is only likely to be providing this aid to a few companies at a time, and can likely get injunctions to slow down any other cases in which they are involved. So, it's relatively unlikely that they'll be asked to pay all the claims at the same time.

I think the more important point is that we shouldn't make the assumption that SCO will be the only SCO. Unless somehow magically all of its cases end in "There cannot possibly under any circumstances be any code in Linux that wasn't meant to be there," which is TERRIBLY unlikely not only because of the innate absurdity of the court ruling on the potential "ownership" of every line of code, including those not material to the case, but also because none of the cases actually deal with the IP except for the Novell and Red Hat ones, one of which says SCO doesn't really own the code to begin with. Simply put, no matter what happens, there is still a vulnerability with open source with so many contributors that someone will view it as an easy target for stock-pumping litigation.

In light of this, it's much more obvious why a company might be willing to shell out $100,000 a year to reduce their risk of having to shell out $Millions to pay for legal defense or $millions in settlement fees.

Hmm

[David_Bloom]

1) Declare Linux is safe, offer insurance 2) People pay insurance 3) CEOs of insurance place take in huge salaries 4) Someone claims ownership of part of linux 5) Insurance place goes bankrupt, screwing all of its clients. CEOs still rich. 6) ??? 7) PROFIT!!!

Re:Hmm

Uh, isn't 5 PROFIT!!!.

Respectfully Disagree

[sethadam1]

If I know PJ (and I don't), I don't think the purpose of this is to truly offer insurance. I think it's just to get the word out there that people in the know know this: SCO is full of shit. SCO has made a lot of waves by whining and litigating without showing a shred of proof, and they've even had companies like EV1 cave in and buy licenses just because they feat a lawsuit!

Since the government (SEC?), for whatever reason, is allowing this nonsense to continue, this company is fighting fire with fire and responding in tow: they are attacking SCO on the battleground they themselves defined: the media. They are standing up and saying "We've audited Linux cover to cover, and you, sirs, are full of it."

This is what we need. More news that gets the word out that SCO is an organization of extortionists who have learned to use the slow, inefficient, expensive legal system as a weapon.
To boil it down: SCO is metaphorically using the old "pretending the finger in your pocket is a gun" shtick, and OSRM is announcing "That's your finger, jackass."

Re:Respectfully Disagree

[nuba]

Hey SCO, is that your finger in your pocket, or one big wad of crap?

Re:Respectfully Disagree

I don't think the purpose of this is to truly offer insurance. I think it's just to get the word out there that people in the know know this: SCO is full of shit

I don't see how this negates the parent's point. "Oh, we're not really selling insurance, we're selling Linux Advocacy(tm)". This sounds just like the "ThinkTank" that Microsoft invented to produce a report that Microsoft was Good For America. It only fools the people who wanna be fooled.

Unless there was some legal advantage to forming the insurance company (such as the ability to examine UNIX code or something -- the article doesn't explain how they "verfied" that Linux doesn't have any copyright problems.)

Re:Respectfully Disagree

[xenocide2]

I know its not like slashdotters to follow a developing story by reading anything more than the usual snippets of any given article, but SCO has offered a shred of evidence. They've pointed at a few heavy server techniques that they just might have a point on. I have a feeling this case is going to help define for all software engineers just how much knowledge an employee can gain and apply elsewhere without violating copyright. How any company can go along and say "We looked at the source code and guarentee that all the software was owned by the submitter," given the implicit copyright on all code created.

For what its worth, Linux will go on, and I think SCO's tactics of suing users is in poor taste. The offending code, if any, can be removed or possibly changed and the majority of enterprise users will remain unaffected.

Re:Respectfully Disagree

[sethadam1]

I'll bite, despite your insinuation that I haven't read more than the Slashdot summaries of SCO news. I've read virtually every SCO story in the news for the last year plus, including painful stories on Groklaw, so I think I know my stuff for the most part.

So you know - the "shreds' of evidence you refer to took almost a year for SCO to produce, hardly "offered" as much as produced under pressure. Also, it was references to header files and standard error files - hardly unique, and in other places, code that could, within hours, be attributed to other sources. If there were really offending code, SCO could have tried to get someone with some sort credibility in the Linux community to sign an NDA in the first place, not start out by deceiving the public with the "MIT math team" or whatever it was they claimed - a dept MIT claims has never existed.

Re:Respectfully Disagree

[drinkypoo]

You were close. The finger isn't in their pocket, the finger is (far from the pulse) jammed straight up their ass.

Re:Respectfully Disagree

[dipipanone]

Hey SCO, is that your finger in your pocket, or one big wad of crap?

If you can't tell the difference, be very, very careful when you pick your nose...

Re:Respectfully Disagree

[westlake]

Insurance is not a business that can safely be rooted in ideology, evangelism or

Re:Respectfully Disagree

[the+gnat]

No, the problem to which the parent referred is the fact that specific technologies introduced into the kernel may have been covered by the license IBM and others signed with AT&T. That is, code such as the RCU stuff from Dynix or whatever was originally an add-on to a derivative of SysV Unix. SCO claims that their contract restricts how such addons may be used elsewhere, and that their inclusion in Linux violates the contract. The code review might well have proven that all code was property of the submitters, but that wouldn't make any difference as far as the contract violation claim is concerned.

They may be correct. This doesn't justify the campaign they've been running or support any of their broader claims. Even under such a contract, they have no basis for claiming that their intellectual property has been stolen; the IP remains that of IBM et al., regardless of how the contract restricts its use. The claim of direct copying of code, as you note, has been pretty thoroughly debunked so far, and was probably bullshit invented to make them sound more like victims than they are.

Regardless, until either the contract case has been settled in SCO's favor by a court, or SCO can prove to the world that core parts of the Linux kernel really were copied from SysV, they have absolutely no grounds on which to sue companies using Linux or to extort licenses. I really wish one of the companies being asked to pay SCO for their use of Linux would go after them with their full legal department - this kind of crap is unacceptable.

Re:Respectfully Disagree

[hackstraw]

Since the government (SEC?), for whatever reason, is allowing this nonsense to continue

Being that the lawyers are going to be the only winners in the whole SCO, and other scandles like these (Enron, WorlCom, @Home, etc), and that most of the government officials are lawyers, what incentive does the government have to discontinue the nonsense?

Patent insurance?

[whig]

I know that OSRM and you are both well meaning, though you might want to put a standard disclaimer in your replies that you are on the board. At any rate...

Is OSRM offering patent insurance? I didn't see that in the press release.

Re:Patent insurance?

[Bruce+Perens]

We will do patent insurance. We're not doing it yet.

Bruce

Re:Patent insurance?

[tomreagan]

And you won't. You won't find the reinsurance coverage for it and you're balance sheet can't support it.

You're insane. You can't make money in patent insurance. The defense costs are too high, and the losses to large if you lose. That's why no one writes it.

Swiss Re has been known to write the occasional policy. Of course, it's with a $5m retention and indemnity only, and you're generally paying about 40% rate on-line.

Re:Patent insurance?

Mod parent up. He KNOWS something about the insurance biz, unlike Perens.

Re:Patent insurance?

[1lus10n]

"You can't make money in patent insurance."

Sounds somewhat similar to :

"You can't make money on something you give away for free"

I don't think the goal is to turn into the allstate or geico of the software world, I think it is more along the lines of getting the PHB's of the world to listen, and have some actual backing. (even if it isn't a lot) Its all paper to the higher ups of the world, and this sure as hell isn't aimed at your average perl hack.

Re:Patent insurance?

[Short+Circuit]

If there's a payout cap, I can't see why it wouldn't work. After all, with a patent system as admittedly borked as the US's, patent lawsuits can probably be won. Especially in cases where prior art to the patent, or the "logical next step" nature of the patent, can be demonstrated.

A couple of thoughts.

1 - It is very common for insurance companies to buy re-insurance from other insurance companies and spread the risk that way. I don't think it is a problem that these guys have only one line.

2 - We all know that this insurance is unnecessary. It isn't for us. It is for risk averse PHBs. It seems as much like a PR stunt as a viable business. The FUDmeisters dared the Linux community to indemnify the end users. A couple of companies rose to the challenge and here is yet another response. Having said that, if they can make a buck well, good for them.

As a thousand others have observed: check the Windows EULA.

"Who ya goin to call? FUD-busters!" (ok now I'm getting silly)

Re:A couple of thoughts.

[mysticgoat]

1 - It is very common for insurance companies to buy re-insurance from other insurance companies and spread the risk that way. I don't think it is a problem that these guys have only one line.

Agreed. There are a number of specialty insurance firms that work this way.

2 - We all know that this insurance is unnecessary. It isn't for us. It is for risk averse PHBs. It seems as much like a PR stunt as a viable business. The FUDmeisters dared the Linux community to indemnify the end users. A couple of companies rose to the challenge and here is yet another response. Having said that, if they can make a buck well, good for them.

While what you say is not untrue, I think the more important point is that any enterprise considering a new venture that is dependent on Linux for success now has a means of demonstrating to investors that they are protecting themselves from suits-- including "nuisance" suits that can still be crippling. Especially in the tender period before the new venture begins to show a profit.

As a thousand others have observed: check the Windows EULA.

Very good point. Maybe OSRM will eventually expand to offer some of the "normally expected" protections that are deliberately excluded in MS EULAs. Or maybe not... that might require a multi billion dollar cash reserve...

Don't be too pessimistic

I think this insurance could be a great deal for anyone who ever entered into a contract with SCO. These parties can set aside the notion of all cases will have the same outcome. SCO can't sue everyone. Not only do you get the $25,000 dollar protection you might be able to reach legal connections that could keep you out of the fray longer than SCO will exist.

This insurance sounds familiar...

[nmoog]

Lisa: By your logic I could claim that this rock keeps tigers away.

Homer: Oh, how does it work?

Lisa: It doesn't work.

Homer: Uh-huh.

Lisa: It's just a stupid rock.

Homer: Uh-huh.

Lisa: But I don't see any tigers around, do you?
...

Homer: Lisa, I would like to buy your rock.

Re:This insurance sounds familiar...

[NeuroManson]

I'd have to say it sounds more like Family Guy, in "When You Wish Upon a Weinstein", where Peter buys volcano insurance.

The insurance cost?

[}InFuZeD{]

For those that are saying the insurance ends up costing more than SCO's licensing... I'm pretty sure SCO's license fees are for one copy of Linux, not all the copies you want.

I think they're offering insurance for a company, not per copy of Linux you're using. Hence if you're a big company using 500+ copies of Linux... $250/year is nothing compared to the $300k licensing fee charge SCO could try to hit you with.

Re:The insurance cost?

[whig]

RTFA, oh nevermind, this is Slashdot. Anyhow, $250/year is just for developers to insure themselves against legal defense expenses. Companies are expected to pony up $30,000/year for $1,000,000 coverage. That's not a one-time payment, either.

Re:Backed with the foundation of a house of cards.

As long as they have meta-insurance, or Linux isn't the only thing they insure, then even if the house of cards collapses, nobody who buys pays a dime of litigation fees for copyright violations. I don't expect it to happen anyway.

Well done. First post, on topic.

Pay SCO, pay someone else...

[axis_omega]

Sure I'll give my money to them like I gave my hard earned 699$, money to SCO, then I'll be sure to never be sued and I even have an insurance to protect me, so I can continue to develop on a free as in free beer operating system.
Earn more money to give to another insurance compagnie who will get sued, that will counter sue...

Man, when this madness will end.

SCO insurance is really dangerous...

[Simonetta]

Basically the entire SCO vs. Linux affair is Microsoft using a front organisation to attempt to destroy their strongest competitor. Because this competitor is not a single company, but a loose collection of individuals connected by a large network, Microsoft can destroy Linux only by either destroying the network itself or by using a custom-crafted law to prevent any company from using Linux openly. The internet is too big to destroy now so they are threatening to destroy any company that switches from MS to Linux by endlessly expanding legal fees.
Let's not forget that Bill Gates was a master poker player. He's using the threat of an endless series of raises (Microsoft's lawyers disguised as SCO vs. the lawyer's of the target company).
No one in their right mind would play poker like this against the richest man in the world. It is impossible to win because he will always out raise you.
Linux must develop a different strategy against Microsoft/SCO.

Re:SCO insurance is really dangerous...

[SpaceLifeForm]

If any company really wants to switch to Linux, even in the threat of some bullshit lawsuit, they can play the legal corporate entity games such as holding companies, create a new company that (at that point) does not have any Windows licensing stranglehold over them, and transfer selected assets (sans Windows) to the new company, and fold the old company. Granted, that costs money.

IMO, the best strategy is to be patient, and let MS screw themselves up.

Re:SCO insurance is really dangerous...

[GoofyBoy]

>Linux must develop a different strategy against Microsoft/SCO.

Why should anyone developing Linux change? All that has happened is a bunch of legal manuvers, just movement on the field that might or might not lead anywhere.

What were they doing wrong before? If I enjoy working on an OpenSource project, should I change anything I do just because SCO says something that hasn't been proven in court?

Isn't any action on the Linux team too late? They are working on 2.6, and stuff SCO say in violation includes 2.4.

Re:SCO insurance is really dangerous...

Let's not forget that Bill Gates was a master poker player.

Where'd you hear that? I heard he's played in Vegas before and he's not very good. One might even say he's a poor poker player.

Re:SCO insurance is really dangerous...

[undernourished]

yeah but he plays a MEAN hand of solitaire.

Re:SCO insurance is really dangerous...

[Usagi_yo]

Bill Gates does not play poker very well. It is well known that he plays low stakes Texas hold'em, a community card variant.

Urban Legend or just Apocryphal, the story goes Bill Gates was playing $3-$6 Texas Hold'em at the Mirage Casino in Las Vegas in the early 90's. Seeing Doyle Brunson, 2 time World Series of NL Hold'em Poker, playing $2000-$4000 Hold'em in the upper section, Bill Gates had a lacky go buy Doyle Brunson's book -- Super System, co-authored by David Sklansky, Mike Caro, Chip Reese, and Bobby Baldwin (current casino mananger of Mirage). He [Gates] then sent the lacky over to get the book autographed. Doyle Brunson is reported to have said something like: "If the richest man in the world doesn't have the guts to come over and play me, I'm certainly not going to give him my autograph".

Oh, and as for Linux 2.4 and 2.6 insurance -- is this implicitly admitting that SCO actually has a case against 2.5?

Re:SCO insurance is really dangerous...

[shrykk]

"No one in their right mind would play poker like this against the richest man in the world. It is impossible to win because he will always out raise you."

We're going all-in!

The poker analogy is broken. You can play poker against the richest guy in the world. (Otherwise the richest guy at the table would always win & no-one would play). You can never be forced out of a pot for not being able to call the whole of a bet - you can play for whatever you have on the table, and any extra your opponent has bet is returned to him (or put in a side-pot). A better player could eventually break the richest guy in the world, as long as he didn't go broke.

Sadly, this is not the same as the current situation. There will be more challenges against the GPL, and the world will have to change to cope with it - source checking, insurance, etc.

SCO will go broke, but there will be other challenges. The community will have to protect itself, and that means paying. Thankfully, it is in many companies' interest to support free software, and their funds, lawyers and experience with IP issues will help the OSS community.

Re:SCO insurance is really dangerous...

[omynous]

Urban Legend or just Apocryphal, the story goes Bill Gates was playing $3-$6 Texas Hold'em at the Mirage Casino in Las Vegas in the early 90's.

...

"If the richest man in the world doesn't have the guts to come over and play me, I'm certainly not going to give him my autograph".

Bill Gates certainly wasn't the richest man in the world back then. This is a good sounding story, nothing more.

Please be aware that I REALLY DISLIKE Mr. Gates and his companies dirty tactics as much as I dislike U.S. foreign policy. Which is to say about as much as is possible. This story is just a story.

Shannon Mann

I thought

[snakattak]

we figured this out last year.

Cheap indemnity?

[salvorHardin]

The bit I would be interested in is if I was, say, running an IT services company, providing and managing several Linux servers for clients, would I be able to take out the insurance if I was distributing the disputed code?
This might be a cheap way for the smalltime business to mirror the indemnity offered by the likes of HP/Compaq.

Re:Cheap indemnity?

[kitzilla]

That's a question for your legal counsel. :-)

PJ integrity down the crapper

[djroute66]

The last few weeks Darl et. al have been bashing PJ as someone who's funded by IBM. We've all thought this was some paranoia generated by SCO to diminiscule PJ's efforts.

But now she is going to run a business that is based on these efforts. In effect, isn't her integrity now affected by the "bottom line." Darl's paranoia machine now has a leg to stand on.

Not that I care, but... You know.

Here's why

[FunWithHeadlines]

That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

No, the correct analogy would be more like this:

"I guarantee there is no natural danger of flooding here, but there are rustlers out there going around causing floods and if you want to protect yourself, try this."

Re:Here's why

[dipipanone]

"I guarantee there is no natural danger of flooding here, but there are rustlers out there going around causing floods and if you want to protect yourself, try this."

"Our insurance won't pay out enough for you to track down and catch the rustlers, nor will it replace the damage that the flood does, but it should just about cover you for the purchase of a cheap plastic dinghy that might get you to high ground -- if it doesn't get a puncture on the way."

SCO is per CPU

[Camel+Pilot]

If I read the article correctly this is not a per cpu protection license. SCO wants to lighten your pocket book by $699/per CPU. This coverage is a lump sum with protection up to the amount x you feel comfortable. Big difference.

Re:SCO is per CPU

[Citizen+of+Earth]

this is not a per cpu protection license. SCO wants to lighten your pocket book by $699/per CPU.

That is, $699 until they decide that they want more money from you. SCO takes particular pride in suing only their own customers. It doesn't pay to negotiate with terrorists.

Total Cost of Ownership

[femto]

What's the bet that Microsoft's next 'TCO Survey' includes a column with a big number in it for Linux and a big fat zero etentered for Windows?

I guess that's what M$'s 50 million bought them. Another phantom 'cost' which they can use as an allegation against Free Software.

I reckon the 'public' won't see past the M$ spin, to appeciate that by its nature Free/Open Software is continually being checked for copyright infringements.

So?

"OSRM Declares Linux Free of Copyright Violations"

Does OSRM have any more credibility in the court's eyes or SCO's eyes than the thousands of Linux users who have been saying the same thing for almost a year?

Re:So?

[erikharrison]

In a word - yes.

Think about it this way - Groklaw has been respected for a while, after all, much more respected than Joe Slashdot poster.

Plus, they're putting they're money where their mouth is. Although a look at the numbers says that it might still be cost prohibitive to go with OSRM rather than pay $699 to SCO, but OSRM has some pretty powerful arguments on their side.

Re:So?

[mark-t]

Over a year, actually... this fisco started in March 2003, iirc.

I'm Confused

What should I do with my $699? Should I:

A - Give it to SCO
B - Buy Linux Insurance
C - Spend it on beer and porn

Re:I'm Confused

I don't know which option is worse, giving the money to SCO or paying for porn. ;)

Re:Linux needs to get its act together

[sloanster]

User: "How do I get Quake 3 to run in Linux?"
Zealot: "Oh that's easy! If you have Redhat, you have to download quake_3_rh_8_i686_010203_glibc.bin, then do chmod +x on the file. Then you have to su to root, make sure you type export LD_ASSUME_KERNEL=2.2.5 but ONLY if you have that latest libc6 installed. If you don't, don't set that environment variable or the installer will dump core. Before you run the installer, make sure you have the GL drivers for X installed. Get them at [some obscure web address], chmod +x the binary, then run it, but make sure you have at least 10MB free in /tmp or the installer will dump core. After the installer is done, edit /etc/X11/XF86Config and add a section called "GL" and put "driver nv" in it. Make sure you have the latest version of X and Linux kernel 2.6 or else X will segfault when you start. OK, run the Quake 3 installer and make sure you set the proper group and setuid permissions on quake3.bin. If you want sound, look here [link to another obscure web site], which is a short HOWTO on how to get sound in Quake 3. That's all there is to it!"

LOL, nice try - (why am I even bothering to answer? oh well, must be bored I guess)

I remember when I bought the quake 3 arena boxed set for linux... IIRC that was back in 2000 - The drill went like this:

Insert the cd in my redhat 6.2 system, and when the file manager came up a second later with the CDROM, click on setup.sh, confirm the defaults with the gui installer that pops up, click OK and we're good to go. fraggin folks on the internet half an hour later.

Things haven't really changed that much - like the other day when I inserted the ut2004 cd in my fedora core 1 system, clicked on setup and was playing ut2004 a few minutes later.

Obviously...

[gnu-sucks]

...they compared code from the wrong non-linux kernel.

I mean, everyone knows the code-base for linux 2.6 is directly stolen from the Windows 2.1 leak. Well, all the good code anyway.

I propose a third-party be selected to go over every line of windows 2.1 code, and linux 2.6. Once all the common code has been found, I'm confident the open source community will gladly dump it from the linux code-base, and basically start from scratch.

At last, a reason to create a better linux.

Re:Obviously...

[fprog]

Windows 2.1 ? Maybe Windows 3.1 or 3.0 or 2.0 or 1.0 ? You mean Linux stoled code from MS-DOS? Of course it did!!! just type `dosemu` :-) See that's a proof now pay your bill to SCO!

Re:Obviously...

I'll post this anonymously, for karma :)

Windows 2.1 was never officially released into the public, yet I use it every day. Why? I'm an audio engineer, and many Neve consoles with FlyingFaders have a 286 running Windows 2.1.

Quite honestly, I had never heard of 2.1 either, until I ran into a Neve.

Not at all

PJ did not start this company, and the company is about more than SCO, and PJ will be as glad as the rest of us when SCO is no more. The sooner the better. But as SCO showed, there are nuisance suits coming, from more than SCO. What's wrong with another tool to fight what's coming, even after SCO is gone?

One work SCAM

[troop23]

No one needs this. Don't waist your money.

Re:One work SCAM

[negacao]

A. PJ is a good person, who has done a lot of work in her spare time, for free, to benefit the community at large.

B. Before SCO was SCO, AT&T was SCO - see the BSD debacle to know what I mean.

In effect, we know SCO is full shit - but what about future companies? What would you do, if right now, SCO marched up to your business and demanded 20k in license fees?

Most would cave in. This insurance will help you fight.

If this insurance becomes available to individuals, I will get it - just because I really like groklaw, and think PJ's a cool person. Okay, so the backing up against pointless lawsuits bit helps, but.. :)

Re:One work SCAM

Nor(sic) won(sic) neds(sic) gramma(sic) or either(sic) speeling (sic).

Re:One work SCAM

No one needs this. Don't waist your money.

What a thoughtful and complete response. I really liked the way you explained the costs/benefits from different customer perspectives to support your point. Oh, and where did you get your research? I must admit to being shocked at the level of effort you put into citing your sources. Overall, a fine logical agrument with a well-supported conclusion.

Re:One work SCAM

[troop23]

Your right PJ is top notch. However, I have a gut feel about this and it's bad. Maybe she's also being scamed. I say again stay away from this.

Re:One work SCAM

[negacao]

FWIW, OSRM is PJs employer.

So, if she's being scammed, it's been happening for quite a while.. <g> I have the feeling this is something she talked the company into.

:)

Re:One work SCAM

[Doctor7]

FWIW, OSRM is PJs employer. So, if she's being scammed, it's been happening for quite a while.. I have the feeling this is something she talked the company into. No, OSRM basically sprang into existence and then headhunted PJ and Bruce with the promise that they wouldn't actually have to do too much and could carry on doing their open-source work. It is a scam, and PJ and Bruce are just names on paper to give it a veneer of legitimacy.

Re:One work SCAM

[negacao]

Can I have some of that crack?

Nice idea but..

[tuomoks]

Why is this even an issue ? SCO had / has? Linux available for any/everybody under GPL so ? They can't take it back ! Maybe against some company that hasn't given Linux based systems and complains of "stolen code" but SCO ? SCO may have something against ( their own ? ) developers but users - I don't think so, otherwise we ( yes, I use Windows sometimes ) would be sued with MS - think about that, paying those $$$$ MS has paid lately - and no user ever got sued, why would Linux users ???

A fund to buy SCO's "IP"

[mcSey921]

Let's start a fund to buy SCO's "intellectual property" when all this litigation eventually drives them into bancruptcy.

The OS community playing IP vulture doesn't seem like too bad an idea. SCO does have some code that could be bought and GPL'ed, and the company isn't gonna be worth much a year from now. Let's pool.

Email the money to me for now;)

HHOS

Re:A fund to buy SCO's "IP"

[LostCluster]

It'd be easier to just buy SCO... as soon as the first ruling goes against SCO and the SCOX stock starts its plumet, be on the buying side of that transaction. Once 51% of the voting control company is amassed, vote to release all IP of the company into the public domain, game over.

Re:A fund to buy SCO's "IP"

[mcSey921]

True, but I was more of the mind just to buy the code after all the office furniture and computers had been sold off;)

Re:A fund to buy SCO's "IP"

[neurojab]

>Let's start a fund to buy SCO's "intellectual property" when all this litigation eventually drives them into bancruptcy.

That's assuming SCO owns any valuable "intellectual property". They don't own any UNIX patents (Novell has those). They don't own the name "UNIX" (the Open Group has that). They don't own the copyrights to UNIX System V (as per Novell's letters to SCO).

All they have is a poor port of UNIX to i386 and a "weapons of mass destruction" lawsuit machine. You want any of that? I don't.

Re:A fund to buy SCO's "IP"

Let's start a fund to buy SCO's "intellectual property" when all this litigation eventually drives them into bancruptcy.

Let us start a fund to buy SCO so our children can play in the IP minefield!

Re:A fund to buy SCO's "IP"

[rodac]

I think we should start a fund to collect money for SCO instead. Look, they are running out of money. When they do, the entertainment will cease. As all good entertainment, tv or elsewhere, for a really good quality laugh you have to put your money on the table. Think about it for a while, these guys have enlightened our world for 1 year plus, and are still going strong. We have cried, we have laughed but most of all we have had a good time. Now we must step up and save them or we will go back to just boring it news once again.

$250/year is for developers

[whig]

OSRM wants $30,000/year from businesses for $1,000,000 coverage.

Hogwash

When did PJ claim to be unbiased? (Maybe my back was turned.)

Why is it necessary that Groklaw be unbiased? All that is necessary is that the information be accurate.

Hey dude - Pamela is on our side. I think I'll clink a couple of glasses together and drink a couple of toasts to her.

Re:Hogwash

Yes. Her track record is very good. However, my initial reaction to all of this is this:

Linux is a community effort built on trust and peer review. When SCO came along, the abviousness with which the company is trying to extort money from people became abvious and SCO has been vilified for it and rightly so. However, the FUD has stayed with us, and as oppose to fighting it as a community effort (groklaw) a company has been created that asks people to pay up or live in FUD.

If we chose to address our problems by paying companies to fight for communities rights to create we end up fighting the wrong battle.

Re:Hogwash

[IntlHarvester]

I posted something similar over at groklaw --

There is now financial interests within the Linux Community in publicizing the risks associated with Linux. Which may have the effect of amplifying Fear, Uncertainty and Doubt rather than dismissing it.

There's also the matter that some legal information or opinions may be reserved for those who are paying in rather than given to everyone.

I'm not trying to ascribe bad motives to the people behind this -- I just don't think they've thought out this enterprise to it's capitalist conclusions and what (unintended) effects it might have. "Trust Us" doesn't go very far in a for-profit world.

Re:Backed with the foundation of a house of cards.

[Deliveranc3]

There cannot possibly under any circumstances be any code in Linux that wasn't meant to be there," which is TERRIBLY unlikely not only because of the innate absurdity of the court ruling on the potential "ownership" of every line of code.

I think a ruling stating that there is no difinitive evidence that there is offending code in linux and that all the code in Linux belongs in the public domain would not be unreasonable.

Linus wrote the kernel, everything else is subsidary and fluid. Linux as a whole can not be held responsible for other aspects as they were checked as well as posible.

The courts DO NOT hold organizations specializing in the public good to the same standard as companies which specialize in profit.

No, not true

PJ is NOT running this business, she has been hired. It's her day job. You have one of those too, right? She has to pay her bills somehow, and she managed to find a group that pays her to do work for them that let's her do Groklaw. You don't want her to have a day job? Pay her salary.

There is no conflict of interest between what OSRM is doing and what Groklaw is about. OSRM is much larger than the SCO issue -- it's about all the nuisance lawsuits yet to come. Groklaw is much more than about SCO -- it's about debunking legal FUD about FOSS. Those are complementary roles, and there ain't nothing wrong with that.

Re:No, not true

Look -- it definately takes a bite out of her (and Perens') credibility:

Before: PJ, Independant Paralegal determined to get to the bottom of this SCO thing
After: PJ, Linux Insurance Saleswoman, has a financial interest in Linux's success.

Not trying to dismiss the great work done over at Groklaw or the smart posters there, but if they wanna be blatent Linux backers, it's just another slashdot, and her credibility in the world at large is no more than your average marketing drone's

It's like those articles that Slashdot/Newsforge runs: "Roblimo, VA Linux Editor, says Linux is ready for the desktop!". Nobody cares outside of the big advocacy circlejerk.

Re:No, not true

She's not selling insurance, that's not her function. She has an interest in Linux that goes far beyond anything money can offer. She proved it by doing what she did without any money coming to her. That money opportunities later showed up is the way the community works. Nothing wrong with that. Now if she begins to put ads all over Groklaw, or shills insurance on a daily basis with no news connection, or somehow sells out, I'll be pointing it out too. But given her track record, I think she can be trusted.

Re:No, not true

Handwaving about someone's integrity, or Follow The Money -- most people are going to go with the latter, whether you and PJ like it or not.

Re:No, not true

[dipipanone]

She's not selling insurance, that's not her function

Did you R the F'ing A? Because if that isn't selling insurance, I don't know what is.

Now if she begins to put ads all over Groklaw, or shills insurance on a daily basis with no news connection, or somehow sells out, I'll be pointing it out too

So it's OK for her to use the site to shill insurance provided:
a.) She has a news hook to hang it on?
b.) She doesn't do it every day?

Like it or not, PJ now has a vested financial interest in seeing these threats against Linux continue. I believe that today's article is a perfect example of exactly how that vested interest will be shaping future coverage of this issue on Groklaw.

While I absolutely agree that you can't take anything away from PJ's efforts, this financial relationship changes things -- whether you like it or not -- and runs the risk of letting people characterise her and her website as a Linux equivalent of Laura DiDio or Rob Enderle.

And given that she's always said that Groklaw's strength is in how the community researches and unpacks these stories, I think she does that community a serious disservice by conflating her work for this insurance company, and their work on unpacking the SCO vs. IBM story.

YMMV.

Re:Backed with the foundation of a house of cards.

[southpolesammy]

Yes, but the original poster does have a point here. Insurance does work due to the laws of large numbers and just one judgement in SCO's favor will likely cause the probability of all outcomes to shift enormously in SCO's favor, meaning that the insurance companies no longer have a profitable enterprise.

I'm not sure any company or group of companies would (or could) bear that reinsurance risk, however miniscule the possibility of it occuring might be. Remember, judgment isn't about right or wrong, but what is determined in a court of law.

Re:Backed with the foundation of a house of cards.

[JanneM]

Others have stated this already, but just to clarify: all insurance companies reinsure their policies, and it goes especially for areas that tend to be all-or-nothing.

Take a southern California or Tokyo-region real estate insurance company - they're in the same kind of boat. One big earthquake and they are up a very narrow creek with nary a paddle in sight. So what they do is insure their claims in turn in other companies; preferably companies that have little or no other exposure to the same risks. And of course, thiscompany would be a reinsurer for other comapnies as well.

For the risk-taking company, it is a way to dilute risk; rather than, as you say, have either a huge windfall or a total disaster every year, you try to arrange for a reasonable profit every year, rather than just on average.

For the reinsurer, this is another way to dilute risk, and get in on an area in which you have no expertise of your own; from this perspective, the spread between what the company pays you and what they take in from the original insurees is the payment they get for being the expert in the area so you don't have to. A northern European insurance company does not have much in-house expertise on north American earthquakes or their precise effect on real estate holdings, and they would not attract enough business to make it worthwhile, but by reinsuring a California company they get into that business, while relying on that company to do a far better risk assessment than they could do themselves.

The problems occur, of course, if enough things (like natural disasters) happen in a short enough time frame; that can bring _every_ insurance company into trouble, even companies that at first glance have nothing to do with it. You may see your car insurance rise 20% because of flooding in south China, a hurricane off the coast of Florida and a medium-scale earthquake in Hokkaido in the same year.

Re:Backed with the foundation of a house of cards.

great... this goes to show how reliable news on /. is... one of the people who "looked through every line of code in linux" has time to post here.

Re:Backed with the foundation of a house of cards.

[judmarc]

The same reasoning that makes insuring against this sort of thing difficult would also, it seems to me, make reinsurance difficult to get.

Reinsurance is appropriate when a risk is insurable, but more capital is needed. Here there's some question regarding whether the risk is sufficiently appealing to (re-)insurers as a business proposition, especially when part of that risk is made up of potential defense costs and SCO, as we all know, is rather litigious.

I like it

It adds more (voluntary) cost to Linux. My employer swore off using any software that was free (with the exception to Adobe Acrobat reader). In fact, he was disappointed when I installed Gimp on my workstation, so he bought me a copy of Photoshop (which I hate) instead. When I ask what the big deal was, since I was happy to use the free alternatives, he said, "We try to avoid free software whenever possible. We don't want it interferring with our other applications." The quality of the software doesn't matter - he seemed to be against the idea of free (as in beer) software in general. Maybe he thought it was communistic, I dunno. It would be easier to sell him RedHat with a big support contract and an insurance policy than it would be to sell him a burned image.

"Costs less than Windows? Must be crap!"

I'm waiting for the day he finds out I loaded Firefox and Thunderbird on my workstation. What can I say - I'm a web developer. I need Firefox!

OT: Why can't you draw rectangles in Gimp?

Re:Linux needs to get its act together

[gnu-sucks]

yeah, I have to second that. Although I ran into a little trouble with my 4 meg video card, I was able to get it running pretty easily.

A few things to note to the flamer:
1) OpenGL.org is the 'obscure web site' you are looking for.
2) 99% of the people who would be playing quake on a linux box installed linux with one large partition, so space in /tmp wouldn't likely be an issue.
3) unless your browser is retarded, you shouldn't have to chmod +x an installer.
4) All you really have to do to the XF86Config file is enable OpenGL, and whatever video card driver you likely needed anyway.

Yeah, I've had bad days on linux too, but quake was an easy one. Now, converting SQL tables from a proprietary SQL server running on SCO unix, passwords from a solaris yp box, onto linux, and then passing FTP through an ipv6 vpn with two firewalls on either side, thats a more interesting day.

Bruce Perens rocks

He's like this badass anime samurai... just sits there and growls something wise every once in a while :)

Re:Backed with the foundation of a house of cards.

[IWannaBeAnAC]

I think you are wrong here. Insurance is all about weighing up probabilities and setting a premium based on that. To say that an insurance company would refuse to reinsure due to "miniscule" probabilities of something going wrong is simply inane.

Anyone who's been following the SCO/IBM court proceedings on Groklaw can see where the case is headed, I would not expect they would have too much trouble finding someone to provide reinsurance.

Re:Backed with the foundation of a house of cards.

[ron_ivi]

A good related article can be found at fool.com
"...what could either be a profitable new market niche or a spectacular new scam: open source insurance..."

IMHO if it were $250/yr contributing to a legal defense fund, I'd go for it.

OTOH, If it's $250/yr to fund payouts, perhaps I should start looking if I have any IP in Linux that I can collect royalties on. :-)

At any rate, I hope one of your offerings is $250 for a legal-defense fund to fight such lawsuits instead to pay for them to go away.

Re:Backed with the foundation of a house of cards.

[mentin]

There is a good joke about such kind of insurance:

A company calls insurance agent to get an insurance quote.
- What are your risks?
- We don't know
- How much your company costs?
- $10M
- OK, send them in.

In this case the cost of insurance will probably be equal to SCO price.

Re:Backed with the foundation of a house of cards.

[Bruce+Perens]

I am not one of the code reviewers. But I know of three separate companies that have run similar code reviews.

Bruce

Re:Backed with the foundation of a house of cards.

So who is the reinsurance intermediary and who are the underwriters?

The big picture

[FlynnMP3]

I see this as a start to offsetting the corruptness that people can use the courts for. The courts will never be 100%, they can't be. It is a manmade entity. As such, man can always find a way to subvert it.

The efforts of OSRM are a way to open the examination of IP laws and defunct lawsuits to a distributed community effort. If they can make a little green on the way, I say good for them. They have the right idea about using the many eyes concept to keep people honest. The dishonest ones that persist, have to stand up to severe scrutiny.

This could even be the start of a wave of community efforts that serve the common good. I see nothing wrong with this.

Re:Linux needs to get its act together

[qkw]

a few minutes to install ut2k4???
Thats how long it took me to just change the cds! all 5 of them!

Not bloody likely

[Rimbo]

RTFA shows that they're shopping around for reinsurance companies.

Do you know what reinsurance is?

What happens is that OSRM will insure FooCo for, say, $10 billion. Of that, OSRM only covers up to $1M. Most claims are going to be in that small range. Small claims are covered by FooCo, who has a $5k deductible on their policy. (FooCo will have very high premiums with such a low deductible.)

OSRM sells the rest of the liability off to reinsurance companies in various tiers. Reinsurance A covers the next $19M. Reinsurance B covers the next $80M. Reinsurance C covers the last $9 billion.

Let's say FooCo loses a liability lawsuit to SCO. (Won't happen, but we're in la-la land even talking about liability for Linux, so play along.) The judgment is for $25 million, and FooCo decides not to appeal, because they're covered!

Out of the check FooCo writes to SCO, $5k comes from FooCo themselves, and the other $24,995,000 comes from OSRM.

But before OSRM writes that check, they get a check from Reinsurance A for $19 million dollars. OSRM also gets a check from Reinsurance B for $4,995,000. OSRM covers the remaining $1M themselves -- that's OSRM's deductible. The judgment has to be for over $1 billion before Reinsurance C even gets involved; it wasn't in this imaginary wet dream stolen from Darl's happiest hour, so Reinsurance C does nothing.

So OSRM is only out $1M, minus the premiums they paid to Reinsurance A, B, and C.

So that's how it works. OSRM's little press release today is to help attract reinsurance companies -- to show them how safe their investment is. ("Hey, it's FREE MONEY!") OSRM will still get customers, no matter how safe Linux is, because most businesses live by the motto "Cover Your Posterior."

Re:Not bloody likely

[LostCluster]

RTFA shows that they're shopping around for reinsurance companies.

Which means they don't yet have one.

Re:Not bloody likely

[Rimbo]

"Which means they don't yet have one."

It only matters if one of their customers loses a lawsuit.

Re:Not bloody likely

You can get in a lot of legal hot water selling improper insurance. If they know they can't meet the policy obligations, that's pretty much straight-forward fraud, no?

Re:Not bloody likely

[Rimbo]

"You can get in a lot of legal hot water selling improper insurance. If they know they can't meet the policy obligations, that's pretty much straight-forward fraud, no?"

It would be if they didn't have the reinsurance companies backing them up. The reinsurance companies allow the company to cover whatever their customers need. Few single companies can cover the entire expense of insuring, for example, a five-star hotel. That's why the risk is spread across multiple insurers in this way.

Re:Not bloody likely

[Wateshay]

Just a little nit-pick in an otherwise great comment.

In most cases the insurance company will participate actively in any court cases, and will have the final decision about things like appeal and settlement. No insurance company in its right mind would allow their insurees to decide not to appeal a verdict because they're insured.

Re:Not bloody likely

[Rimbo]

"In most cases the insurance company will participate actively in any court cases, and will have the final decision about things like appeal and settlement. No insurance company in its right mind would allow their insurees to decide not to appeal a verdict because they're insured."

Good point and my mistake. The key thing is that the insurance company's lawyers are there to defend the insurance company, not to defend the client. Some folks forget that. :)

Re:Backed with the foundation of a house of cards.

[BoomerSooner]

You're exactly right. An individual would be better off maxing their liability insurance and getting umbrella insurance with a better liklihood of being successfully defended. I have personal and my company has liability insurance (personal is 1 million I think with the umbrella and company is 5 million). It's more pricy than $250 but I get more coverage (significantly more).

The first thing any business needs to do is cover its ass in this very sue-happy environment. Did you see the article about the lady suing Coor's because they market beer and her stupid ass kid killed himself drunk driving 90mph into a pole? How about personal responsibility? There are consequences to actions in this world, unfortunatly a consequence of doing business is you have significantly greater odds of getting sued over bullshit the longer you're in business.

Re:Backed with the foundation of a house of cards.

[jtev]

Linux is not public domain, Linux is licenced under the GNU GPL, but all contributors to Linux keep their copyrights. So Linux being placed in the public domain would NOT be a win. now saying that the code in Linux apears to be properly contributed would be.

Re:Backed with the foundation of a house of cards.

[AhBeeDoi]

I think the more important point is that we shouldn't make the assumption that SCO will be the only SCO.

Who else is gonna sue? Except for Novell, the Unix copyright holder, I can't think of anybody. :^)

Re:Backed with the foundation of a house of cards.

Point of "reinsurance" is to distribute the risk. If that isn't really happening, there's no point in doing it.

Put it this way: If BigInsurCo is willing to provide reinsurance for this deal, why wouldn't they just sell Linux Insurance themselves and cut out the middlemen?

It's called underwriting

[EmbeddedJanitor]

Most insurance companies could not afford a huge bunch of claims caused by a common event and thus get underwriting from other insurance companies to spread the load. For example, a company that provides house insurance in a particular area could get completely wiped out by a tornado/earthquake whatever, so they reinsure with other companies to spread the load around.

The whole idea behingd insurance (like any biiz) is to make money. The insurance folk just do this by selling risk reduction. They then get reinsured by other companies. In effect you can think of the insurance companies providing this Linux service as just brokers since if there are claims, they won't be paying the whole sum directly.

You're right, your post is asinine.

[schon]

Their "insurance" is many times more expensive than SCO's licensing fees.

Well, if you had bothered to read the article, you'd see that the insurance is for developers, not users.

SCO's licenses are for *END USERS*.

So there's really no point in comparing the two now, is there?

Re:Backed with the foundation of a house of cards.

[IWannaBeAnAC]

If BigInsurCo is willing to provide reinsurance for this deal, why wouldn't they just sell Linux Insurance themselves and cut out the middlemen?

Because BigInsurCo knows how to evaluate risk, but doesn't know anything about Linux?

Because, to BigInsurCo, it is too small an operation to bother dealing with the details by themselves?

Because OSRM seem to be offering more than just insurance (such as access to their IP lawyers)?

"Putting your money where _their_ mouth is"?

[Danny+Rathjens]

On the plus side, the act of doing it helps lift some of the FUD SCO has caused; similar to other companies' guarantees.

On the other hand, isn't accepting money to do this taking advantage of the FUD that people already have?

Another thing to consider is that the linux legal defense fund setup up by OSDL has already raised $3 million

Re:Respectfully Disagree.. word is getting through

[auzy]

I think people are finally starting to realise that they are nutcases.. 5 days ago their stocks were 11 days, now they are 8.. their stocks are dropping faster and faster.. if the drop continues at this rate, they will be bankrupt within a month..
The best thing is that they have killed any chances of anyone buying SCO products again.. Because why would you spend money on a product that is in a very high risk position, from a company obviously going bankrupt.. And now that they examined it to ensure theres no stolen code, it leaves them with no income because no one will buy a license now that they are sure that we didn't steal anything.

Lets bet on how long until they go bankrupt.. I'm betting 2 months ;)

Re:Linux needs to get its act together

[sloanster]

Well, nowadays I have a p4-2800 with a gig of RAM - so, the install went pretty quickly...

Richest guy...

[IronBlade]

No one in their right mind would play poker like this against the richest man in the world.

I think Ingvar Kamprad looks like a nice enough guy to play poker with...??
Oh, did you mean the second richest guy? That Bill dude?

Re:Richest guy...

[God!+Awful+2]

I think Ingvar Kamprad looks like a nice enough guy to play poker with...??

You would play poker against a billionaire who still flies economy class?? That guy must really love his money.

-a

Re:Richest guy...

[adamofgreyskull]

He really loves a drink too, apparently he has 3 months of drinking and 1 month off(to avoid getting too dependent and give the liver a rest).

He may have caused me hours of anguish being dragged round Ikea, but he's still my No.1 favourite richest man in the world ever.

Re:Richest guy...

[sprekken]

AH! HAHAHA! HAAAAH HAAAAH HAAAAH! Yeah, fuck you Bill. Haha! You're not the richest anymore asshole!

[nelson] Ha Ha! [/nelson]

Well, if they can do that...

[DeadVulcan]

OSRM Declares Linux Free of Copyright Violations

Whoa, they can do that?? Well, hell...

I, DeadVulcan, declare that Iraq is free of weapons of mass destruction.

Re:Well, if they can do that...

[transporter]

Tell me, oh Johnny Carson, with a towel wrapped around your head and holding an envelope up to your forehead...are you considering just the non-exsistent WMD that Iraq didn't have or the WMD that the U.S. is now busy planting in Iraq ???

Transporter

Re:Well, if they can do that...

[Idarubicin]

Whoa, they can do that?? Well, hell...

I, DeadVulcan, declare that Iraq is free of weapons of mass destruction.

See? It worked.

That's not how insurance works?

[defile]

I thought the purpose of insurance was to turn random unpredictable costly expenses in your lifetime into small, fixed, periodic payments.

If the numbers are done properly, the amount of money you will pay in your lifetime to this cause is equal to the amount of money you will pay in premiums, but you can plan for paying premiums. In exchange for this convenience, the insurer collects slightly more money to cover operating expenses and so that they can turn a profit on their promise. Due to the economies of scale, it may actually be cheaper to go with an insurance company in spite of their overhead costs.

But anyway...

Insure Linux against intellectual property violations? Lets apply the formula:

Number of dollars that I plan to pay fighting off intellectual property claims on Linux: 0.

I guess I can pass on this kind of insurance.

Re:That's not how insurance works?

Number of dollars that I plan to pay fighting off intellectual property claims on Linux: 0.

No, you don't decide on what you plan to pay. you decide based on what you expect to have to pay. And you decide what you expect to have to pay based on risk analysis.

Re: scam or scum?

At least now you get choices about how you waste your cash: OSRM or SCO.

Parent is Right

[tabdelgawad]

If SCO wins a single case in court about copyright violations, what's the point of cashing in your insurance to fight a battle that's already lost? And if SCO loses a single case in court about copyright violations, how can they go after someone else for the same (now non-valid) copyright violation?

My guess is nobody will really buy this insurance except those, like OSRM itself, who just want to make a statement. The real announcement here is that an audit of the Linux kernel was completed and that somebody's willing to put some money where their mouth is.

Re:Parent is Right

[Lord+Kano]

If SCO wins a single case in court about copyright violations, what's the point of cashing in your insurance to fight a battle that's already lost?

I think you're missing the point. If these guys have spent 6 months going over the code and they are sure that none of it infringes upon SCO's copyrights, then it's just free money for them every time someone signs up.

LK

Re:Parent is Right

[MrHanky]

If SCO wins a single case in court about copyright violations, what's the point of cashing in your insurance to fight a battle that's already lost?

You seem to think that if SCO wins a case, they're going to own Linux. That's not very likely. If IBM contributed SCO's code to Linux, that's between IBM and SCO: IBM would have to pay loads of money to SCO for damages, and the code would have to be removed. If IBM contributed their own code to Linux in breach of contract with SCO, IBM would have to pay SCO money, and Linux users could care less. They don't have contractual relations with SCO, neither with IBM.

SCO's claims would be ridiculus, even if they were based on truth.

IBM didn't write Linux completely by themselves, but contributed some rather big parts. Instead of using the usual allegory with a car, consider it this way: You have done a huge research project, citing many sources. Now one of these sources is shown to be plagiary. Does that mean your research now belongs to the person that has been plagiarised?

My point is: A judge would have to be seriously fucked up to give away the work of other people because of some related person's wrong-doing. In no way has SCO the right to $699 for every copy of Linux shipped, and I think even SCO understands that. $699 is worth a lot in imaginary returns for speculants^W investors, though.

Not a house of cards, more like a barn-raising.

[pegr]

They will turn around and spread the risk (and the profits). Many entities will be absorbing the risks. The more Linux is found to be non-infringing, the more will be willing to stand in the money line (and the lower the retruns...). If a judgement is ever made, many will be paying into it. While your observation is statistically correct, is does not consider the standard business methods used in the insurance industry.

PJ offering a better product than SCO

[0x0d0a]

SCO's license doesn't grant you a blanket indemnity -- just a guarantee that *they* won't sue you.

PJ is selling insurance that covers *any* infractions.

If a company has a choice between purchasing real insurance from PJ or "insurance" from SCO, they're almost certain to do better with PJ.

'course, I think the whole set of concerns is a lot of baloney -- open source types tend to be pretty careful about licenses -- but it's not as if you can claim that PJ has falsely inflated her product's merits -- she's been saying the same thing for quite a long time. :-)

Re:Backed with the foundation of a house of cards.

[CptSparrow]

You're pretty close on this one. Although "regular" insurance companies aren't backed by big bucks, the HAVE big bucks. I work for one of the largest. A few years ago, when they posted a multi-BILLION dollar loss, the solution was "hmmm.... Don't throw away your paperclips next year." And they continued rolling out brand new workstations to every employee, and replacing all the servers.

Re:Backed with the foundation of a house of cards.

[DebianRcksLindowsLie]

Because reinsurance works in a different manner. It takes a while for the reinsurance claims to go around, and in the meantime you've got time to recoup your losses.

Re:Backed with the foundation of a house of cards.

[DebianRcksLindowsLie]

There are many companies that provide code review, based upon code matching.

Re:Backed with the foundation of a house of cards.

"I think a ruling ... that all the code in Linux belongs in the public domain would not be unreasonable."
Actually, this is highly UNreasonable.
Courts will NOT make any such statement, especially as a blanket "all the code...". Courts will only make statements specific to evidence, for example, proof that "these 2,337 lines right here were contributed to the public domain by Josy Programmer on such and such a date...".
Declaring a work to be public domain, if it is not certainly there already, would mean taking away someone's copyrights. If that person had money, or say, some kind of insurance, such a ruling would likely be appealed, and if evidence did not actually prove the code belonged in the public domain, the ruling would be overturned.
"courts do not hold ... to the same standards..."
Copyrights are copyrights, no matter who owns them. That's how the courts sees it. Nonprofit or "public good" organizations DO operate by the same copyright laws, and the courts do NOT recognize privilege in this way.

Re:Backed with the foundation of a house of cards.

[phoenix.bam!]

When i first saw that story I always thought Coors should counter sue the mother for not properly teaching her son responsibilty as well as slander.

And yes, I actually believe Coor should sue her. It might teach parents everywhere to start taking responsibility for their own children.

missing links

[Doc+Ruby]

Let's say they traced, in 6 months, every line of code that went thru the kernel's CVS back thru its committer, and back thru them to its submitter, supposedly its "programmer". How do they know of all those "programmers", none copied someone else's code? And that none submitted code written for hire by someone else, who therefore owns the copyright? While this is possible, 6 months is a long time to investigate every person from whom code came in the 10 year history of the kernel. It's a long time just to get feedback from every programmer, let alone audit their development processes feeding their commits. And if even one programmer didn't reply to their questions, which programmers are free to do, then that mystery programmer is a potential copyright breach.

I don't think there's code in the kernel with copyright that conflicts with the GPL. And it's incumbent on any competing copyright holder (*cough* SCO *cough*) to prove they have the controlling copyright. But OSRM seems to be placing an implausibly confident bet on that conjecture.

Meanwhile, their liability insurance is totally unrelated to their bet on Linux copyright unencumbrance. The liability insurance is merely betting that less than 3% of the insured value of the software they cover is malware. Charging 3% of that insured value, and paying less than 3% in claims, is the aggregate arbitrage of which all insurance is made. But nowhere in that calculus does any Linux copyright liability appear. There's a missing monkey in here somewhere.

Re:missing links

The way I understand it is that even if one of the programmers did breach copyright, by checking to make sure they can't find any evidence of it, they're proving that the publisher (kernel.org, or the distro makers, or whoever) aren't infringing copyright themselves, since you can only do it knowingly. If a programmer DID breach copyright, they'd still have to remove the tainted code, but they can't be sued - only the programmer himself can.

Re:missing links

[Sven+Tuerpe]

Let's say they traced, in 6 months, every line of code that went thru the kernel's CVS back thru its committer, and back thru them to its submitter, supposedly its "programmer". How do they know of all those "programmers", none copied someone else's code?

What SCO ist demonstrating are inherent flaws of the concept of intellectual property treated much like a physical asset. The one flaw is that after a number of sales, licences, and contracts, nobody does know any more who owns what, and whether the owners actually do possess what they own. This is a non-issue for phyical items: One can easily follow a chain of subsequent sales of an item, verify each individual one, and find out in finite time and memory whether the ultimate buyer got what they paid for. This is not the case for intellectual property. Nobody knows who owns what part of Unix, and any court decision will be arbitrary to an extent. There is s simple post-condition for sales of phyical items: When X sells item I to Y, then after the contract has been fulfilled, Y does possess I, and X does not possess I. This is not the case for intellectual property: After selling intellectual property rights in a virtual item I to Y, X may still retain intellectual property rights in the same item I, leading to kind of a mess after a number of sales.

The other flaw is caused by the fact that virtual goods are easily modified or extended, and it is hard to find out later who made what modification or extension. To describe clearly and beyond doubt the intellectual property sold or licenced, one would have to include the entire item with the contract as its own description. Which is close to impossible.

Re:missing links

[Doc+Ruby]

Evidentiary discovery, of physical or virtual evidence possession trails, is often "hard". But not impossible. And with email, CVS logins and grep, source code heritage can be much more traceable than, say, bullets, dollars, bloody gloves, icepicks.

But there *is* a fundamental difference between real and virtual property to which you refer, although not necessarily operational in this case. Real property is largely "autonomous": it exists and works without necessarily any dependence on any other property: physical objects stand alone. Virtual property is merely instructions for the behavior of other virtual and real property.

For example, while a song might be valuable at first because it's novel, people want to dance to the new song; years later, it's valuable as a folk song. The source of value has changed: value now derives from the consumers who kept it "alive", not the authors/publishers who "bore" it. Software is the same way: the guts of sendmail derive value now not from the innovative coding of Eric Allman (nowadays Allman's code looks pretty rudimentary), but from the interoperation of so many other infosystems with it. The same can be said of the System V UNIX code, in eg. its 1990 version. Other virtual property, like Mickey Mouse, are a mixture, due to continuous (albeit vacuous :) innovation from Disney contributing to the property.

The recent laws allowing (even mandating, for commercial survival) endless patent/trademark/copyright perpetuation fly in the face of this cultural and economic fact. The public domain is a very deep, large and powerfully compelling body of human norms, with which these laws conflict. We will spend the next couple of generations wasting time, better spent developing new private property, shackling the free fertilizer of old public property. Hopefully the wrongheaded SCO case will collapse in a mushroom cloud of lessons about the lifecycle of virtual property, in which secrecy and exclusivity are characteristics only of its birth, not its perpetuation.

Hmm

According to a recent press release, the Linux 2.4 and 2.6 kernels are free of any code that violate copyrights.

And we all know that press releases are unassailable sources of information and legal advice.

Re:Backed with the foundation of a house of cards.

[lspd]

I would very much like to know what methods they used to review the code. Interpreting the results of any comparison to remove false positives is a very subjective process. Do they have a method that doesn't generate false positives? If so, did their method find the code that SGI admitted to contributing by mistake?

To be honest, anyone claiming there is absoloutely no questionable code sounds as suspect as SCO claiming it's all questionable code. Reality is never black and white like that.

Of course, at this point it's obvious that any SCO code in Linux is trivial and unintentional. If there were millions of lines of SCO code in Linux it would be impossible to overlook. It remains to be seen how much GPL code has made its way into SCO's UNIX offerings.

Re:Backed with the foundation of a house of cards.

[tomreagan]

What about the fact that the coverage they are offering is already available from most of the largest E&O providers in the market (AIG, ACE, Hiscox, Chubb, Zurich, CNA, etc.) 1. cheaper 2. with higher limits 3. with more experienced claims handling staff 4. not tied to specific best practices and techniques (without which coverage does not attach) and 5. as part of a larger E&O program that will provide more coverage for the more likely problems - bugs.

Seriously, this is really just a lot of fluff at this point. $100k in defense costs and $1m in limits is nothing for large companies that buy $50m - $100m liability towers, and a small company looking for coverage can buy $1m in limits (including software copyright) for a lot less than $30k.

And for the record, Bruce, reinsurance is not a great answer. Just look at the problems the London markets are having getting Swiss Re to pay their claims. For a small, poorly capitalized company like OSRM, more than 3 or 4 losses (which their adverse selection will guarantee) will leave them cash flow negative, unable to continue functioning while they wait for the reinsurers to cut a check.

Re:Backed with the foundation of a house of cards.

Hey Perens -- according to groklaw comments, you aren't even legally licenced to sell insurance!

Hopefully you bought some "legal insurance" yourself, because you might need it.

Sounds like a license to print money

I can offer insurance that gravity will work consistently on the surface of the earth. Just send me $100 for every million dollars of insurance and I will personally guarantee you that unpowered objects won't fly away from the earth's surface. Act now, and I'll throw in insurance that pi is an irrational number at only one cent per digit!

Re:Backed with the foundation of a house of cards.

[tomreagan]

Uhh, "northern European reinsurance" companies like Swiss Re and Munich Re pretty much wrote the book on property insurance.

I think you've got it backwards - they arrange their reinsurance programs to mitigate the total exposure, freeing the primary insurer from having to get everything right. If the primary was so confident in their ability to manage the exposures, they wouldn't need as much reinsurance, would they?

Re:Backed with the foundation of a house of cards.

> Because OSRM seem to be offering more than just insurance (such as access to their IP lawyers)?

Apparently the aren't really selling "insurance" at all, only the legal services.

We'll see if they even find a BigInsurCo.

I think I get it, now...

[soloport]

So my interpretation of what you're willing to offer the community could be summed up by this statement, no?.

Re:I think I get it, now...

[Bruce+Perens]

Tee hee. Well, everyone wants to stick it to SCO. But I think the real role of OSRM comes when Open Source gets hit with software patent problems.

Bruce

Re:I think I get it, now...

[Short+Circuit]

Then what's your stand going to be when a Linux or other free software contributor who doesn't subscribe gets nailed with a patent lawsuit?

Would you recommend that free software contributors be part of an organization capable of paying the subscription fee?

Re:I think I get it, now...

[Bruce+Perens]

That has yet to be worked out.

Thanks

Bruce

Re:Backed with the foundation of a house of cards.

[JanneM]

Well, in some cases (earthquake coverare, for instance) even getting it statistically completely right would make the system nonworkable. You may know exactly how likely that earthquake is and how much damage it can do, and yet you can't offer insurance since if it happens you'll be out of business, period.

It's not front- or backwards; it goes both ways. The primary insurer and the reinsurer has different reasons to participate. It really is just different viewpoints on the same thing.

Oh, and BTW, I was not implying that those insurance companies does not know about property insurance, but only that they would not find it worthwhile to accumulate deep, local expertise for the sake of just a few customers.

Re:Backed with the foundation of a house of cards.

[tomreagan]

i hear, but GenRe still seems to have figured out how to make it work...

I don't know.

[/dev/trash]

I am pretty sure that statistically, we're all gonna die someday.

Re:Backed with the foundation of a house of cards.

[zcat_NZ]

I don't think they're insuring against SCO winning., the code review means they're pretty confident SCO has no case.

They're insuring against individual nusance lawsuits from SCO, and similar bottom-feeders that may start up this path in the future.

Quit worrying about SCO

[Animats]

It's time to quit worrying about SCO.

• Their stock is in a screaming dive. Closed at $7.77 today, down from $22 at peak.
• Their VCs want their money back.
• Before they can sue Linux users over copyright violations, they have to beat IBM and Novell and Red Hat and Damlier-Chrysler or AutoZone.
• They're losing against IBM, and the other suits aren't going anywhere yet.
• IBM's law firm is Cravath, the big hammer of corporate litigation. Cravath puts huge teams of lawyers on the job and has an organized process for not missing anything and not making mistakes. Nobody wins a weak suit against Cravath.
• SCO has never sued a Linux user that didn't have a previous contract with SCO. If they try, any such suit can be stalled until the big lawsuits are settled, for the same reason the Red Hat lawsuit is on hold.
• Because SCO has been sueing their own customers, it's dangerous to become an SCO customer. SCO sales have thus tanked.

So there.

Re:Quit worrying about SCO

[rodac]

I worry a lot, for the day when SCO will no longer ease. With the exception of AbsolutelyFabolous, this has been the most entertaining and funniest thing I have ever seen in the last few years. Remember all the times we have collectively rolled around on the floor laughing at something Darl has said. He is indeed a genious of comedy. I dont want to sit here 1 year from now and say "remember when SCO was still around. Didnt we have a great time then laughing at all those crack hallucinations. I havent had a really good laygh since they died. If only I had contributed money to the keep-sco-alive fund. If only I knew how boring life would be without sco..." Do you want to risk that? No I thought so. Keep sending in your donations to SCO.

Re:Quit worrying about SCO

[Animats]

SCOX is down to $7.18 today, another new low for the year. The little runup two weeks ago seems to have come from SCO's announced stock buyback scheme. While that was going on, you'd see some upward movement near the end of each day. That seems to have stopped. Now it's downhill every day.

Re:Quit worrying about SCO

[Animats]

Down to $6.55 now. SCOX has lost a third of its value in the last week. The market cap just dropped below $100M.

Am I the only one who read this as ORSM?

[asscroft]

I'm ashamed.

Re:Am I the only one who read this as ORSM?

[iLL_L0gic]

I was thinking the same damn thing. It makes me feel a little sick and dirty that there aren't 100 posts just like this.

Re:Am I the only one who read this as ORSM?

[frankm_slashdot]

yeah, shit.. i gotta admit it too... too bad orsm is going to be a pay site in a few weeks =/

i feel so ashamed... :'(

Re:Am I the only one who read this as ORSM?

[adamofgreyskull]

Am I the only one who doesn't know what ORSM means?

Title insurance

This sounds like title insurance for the "intellectual property" (excuse the tired phrase) that is Linux. OSRM did the equivalent of a title search (I'd like to know more about how this was done) and are now offering (for a fee) to back anyone's entitlement to license Linux. This is a good thing.

A bit suspicious...

[ignavus]

It's a bit suspicious that Linux users might need to buy insurance but the users of the dominant (can we say "convicted monopolist's"?) operating system don't. (Say, what about selling insurance policies against litigation by the BSA????)

I mean, we *all* need fire and auto insurance - not just some of us. But when it is only the *competitors* of a convicted bully who need the insurance... well, draw your own conclusion.

Maybe it should just be called the Microsoft Threat insurance policy. And that means that Microsoft has already won: they have successfully made Linux dearer to own and run.

A more appropriate action is to hunt down the money trail to Microsoft, then BREAK IT APART. A company that is bent on KILLING its opposition needs more than a rap on the knuckles. Everyone would be better off without the abusive monopoly - even its shareholders would probably benefit.

Lawsuits are a great weapon.

[James4765]

I've had a lawsuit threatened against me from some things I posted online - cost a company some major sales, and they came after me. It worked - I couldn't defend myself, my boss said the company couldn't defend me, so I caved in. Stopped posting on the offending sites, and haven't been there in years.

Let's say you wrote a program that could compete with ACID, Sound Forge or one of the other pro-level audio editing programs. One lawsuit about some obscure, obsolete codec could delay release in the United States for years - look at the 2600 case. During that time, they continue to make profits unchallenged, and they continue to use baroque legalisms to run up your lawyer's bill until you cry "uncle" and give up.

It really seems like this insurance is intended for software companies and in-house developement teams that have overly-cautious bosses. Cool idea. Dunno if it'll survive a major assault, though.

Re:missing links (works-for-hire)

[retiarius]

excellent points.
speaking as an ex-BSD contributor, much unix code
is really work-for-hire flying under the radar.

certain open source code authors have "signed off"
(i.e. dedicated to public domain, signed the FSF
copyright forms, non-exclusively dual-licensed
stuff to all-comers, etc.), without caring a whit
about whether such artistic works are really
works-for-hire...

this is a natural consequence of being a creator
who writes open source code "on the side",
perhaps unrelated to the business of an employer.

yet, when push comes to shove, employers
with $$ can interpret the labor codes more favorably
than the poor sap who works on some peripheral R&D.

the phraseology "own time, own equipment"
just doesn't fly if the nexus of work & play
is computer software.

I don't want mom and pop

[Mordes]

to want linux for anything but the quality of linux. The quality is consistently going up... so it's only a matter of time.

Re:Backed with the foundation of a house of cards.

[God!+Awful+2]

Because BigInsurCo knows how to evaluate risk, but doesn't know anything about Linux?

How is that insightful? Either BigCo is going to insure LittleCo or not. If they insure LittleCo, based solely on LittleCo's "expert" judgement, they still bear all the risk. Now that LittleCo has publicly stated that Linux is free of copyright violation, what useful function do they still serve?

-a

Re:Respectfully Disagree.. word is getting through

[stevey]

The best thing is that they have killed any chances of anyone buying SCO products again.

Sadly not true, I'm working for a company that is in the process of setting up a new SCO installation on behalf of a customer.

Sure SCO Unixware isn't cutting edge, or something that I think is very popular, but we use it and it's the platform a few products run on.

Course in my server room it our SCO boxes sit next to our Debian boxes .. but that's another story.

Right now there's been little inside talk of the SCO case, but I'm guessing a migration to Linux might not be out of the question..

This smells of snake-oil

[Simon+Brooke]

OK, OK, I know that some of the board members of this company are people we most of us respect. And judging by what Bruce Perens, at least, has contributed to this discussion it seems they really believe in the idea.

But it smells of snake oil.

One cannot, in general, prove a negative. I've no doubt this company has diligently gone through every line of the kernel and reviewed it. But they have not, because they cannot have, diligently gone through every line of pre-existing proprietary computer code on the planet. The majority of computer programs are never released in source form, and it is not normally possible to reconstruct the original source by reverse engineering a stripped binary. So for the vast majority of legally copyright software out there, they did not have the source and could not compare Linux against it.

But that, actually, is beside the point.

By reading diligently through the code the company may potentially put something back into Linux; they may notice and report back to the relevent authors blunders, inelegancies and bugs.

They may.

But apart from that, they make no contribution back to the community. They are, in effect, another bunch of freeloading parasites on the community - the moral equivalent of head lice. They cannot have done what they say they've done, because it is a logical and practical impossibility. But they will profit - probably substantially - on the fears of ill-informed or risk averse corporate managements, and that profit is at least to some extent at the community's expense, because it siphons off money that those corporations were at least in principle prepared to spend on Linux.

No worrie matey....

[jotaeleemeese]

... somebody with your reading comprehension capabilities most likely is not writing any software for which anybody else will make a lot of fuss.

Re:Backed with the foundation of a house of cards.

[mcrbids]

I think a ruling stating that there is no difinitive evidence that there is offending code in linux and that all the code in Linux belongs in the public domain would not be unreasonable.

Except for one small, leetle teensie problem. Linux isn't in the public domain now. Never was.

Hopefully, it never will be.

See, there's this thing, called the GPL. It's a license. A license is a legal mechanism (usually based on contract or some other terms and conditions) that allows you to do something that's otherwise not permitted or is illegal.

For example, there's a driver's license. It's generally illegal to drive - unless you have a license.

Similarly, it's a violation of various statutes to use software developed by somebody else without their permission.

Software in the "public domain" is owned by everybody (and nobody) and you can do whatever you like with "public domain" software.

However, Linux is NOT in the public domain. Linux is a hopelessly tangled mess of software ownership that would be a train wreck if it weren't for the fact that it's licensed (there's that word again!) under the GPL.

Let's hope that Linux stays semi-free - as the real "free" is what killed Unix!

Obvious kemosabee.

[jotaeleemeese]

In case you are a poor developer that contributes to Linux and a company with relatively big pockets plays an SCO on you.

Re:Respectfully Disagree.. word is getting through

[artg]

What's your contingency plan for supporting that customer if (when) SCO bite the dust ?

Assuming you've got one, what stops you using it straight away ?

Re:Respectfully Disagree.. word is getting through

[stevey]

That would be a management plan that I'm currently unaware of.

I would imagine a swiftish migration either to a supported Linux distribution, or possibly Solaris.

Implementing it now? The biggest challenge would be going round all our customers removing the currently working SCO installations and installing a new OS + reinstalling our apps.

In short it would be a nightmare to manage when the systems are in use 24x7.

Re:QUIET, ASSMUNCH

[ajs318]

If you had actually bothered to read anything off the Debian site you would realise that though the stable version of their software may claim old version numbers, it is actually bang smack up to date with security patches. Most users will want the testing version, or maybe unstable {which is made by grabbing the newest version of almost everything as it comes out}.

You only have to edit a file, for crying out loud. If you can't deal with that then you are not a hacker -- but it's easier to be a whining little baby, isn't it? Go back to your pirate copies of Windows and Office XP and delude yourself you're sticking it to the man by copying software illegally, when in reality you're just sucking his cock and loving it.

SGI, Anyone?

[Queuetue]

Didn't SGI admit to a blunder where they introduced tainted code?

That would indicate that at least some versions of 2.4 didn't pass the sniff test, and therefore "2.4 free of copyright violations" already needs some clarification.

These are good people, finding an interesting way to make a buck, but it's impossible - flat out im-poss-i-ble that in 6 months, they conclusively guaranteed that every line is original thought with a clean pedigree.

If they had come back with a list of 300 questionable sections, and a version of linux that has those questionable sections removed (and worked with a limited number of features) I would be far more prone to believe.

This announcement sounds like hopeful zealotry, pure marketing, or worse for us all, incompetence.

Re:Backed with the foundation of a house of cards.

[adamofgreyskull]

I share your supsicions BUT...
Although I'm not privy to the facts, I'm not sure why it *couldn't* be "black and white", consider that the following has to be true for the code to be infringing on copyrights.
If X's code *is* in the kernel AND X actually owns the copyright(!) AND If that code is not legally GPL'd/BSD'd AND the code passes $patent_tests*.

X's *claims* to own copyrights may be blatantly false,e.g. certain claims of SCO's have been vehemently debunked by Linus himself, because he wrote it.

If a company "accidentally" releases code under the GPL then, as far as I understand it, they have to STFU, accept their losses, go home and listen to Morissey.
If an employee of company X GPL'd code illegally, then that's another matter.
But doesn't some element of Good Faith(tm) enter into it? Perhaps some resident IAAL/IANALBIPOOTV could ellucidate.



*If the code is trivial or obvious, two developers may well come up with the same solution independently. They may eben^H^H^Hven use the same variable names if it's trivial and obvious, or, they are complying with some standard etc..

Pedigree

[Queuetue]

If they now have pedigree on every line of linux ... Will they please publish it? Every single line, with an attribution credit next to it.

They would have had to build one of these in order to declare it free of violations, right? Please, publish this on a website, and give the community the tools required to defend itself.

Copyright iviolation in drivers/usb/emi26.c

The file drivers/usb/emi26_fw.h carry the license below: /*
* This firmware is for the Emagic EMI 2|6 Audio Interface
*
* The firmware contained herein is Copyright (c) 1999-2002 Emagic
* as an unpublished work. This notice does not imply unrestricted
* or public access to this firmware which is a trade secret of Emagic,
* and which may not be reproduced, used, sold or transferred to
* any third party without Emagic's written consent. All Rights Reserved.
*
* This firmware may not be modified and may only be used with the
* Emagic EMI 2|6 Audio Interface. Distribution and/or Modification of
* any driver which includes this firmware, in whole or in part,
* requires the inclusion of this statement.
*/

AFAIK there is no written statement from Emagic that it allows such code to be included in GPL kernel.

See for details bug 242895 at
http://bugs.debian.org/cgi-bin/bugreport.cgi

Re:Copyright iviolation in drivers/usb/emi26.c

That is a header file that only describes data structure, not the code that works on the data. You also didn't post the whole header to that data file, which also states "* This file is generated from three different files, provided by Emagic."

Re:Backed with the foundation of a house of cards.

[adamofgreyskull]

Off the bat, let me say..the closest I've got to insurance is buying it and a quotes system we wrote for a uni project.

If I *know* someone isn't going to crash their car, then I can offer them a premium as low as you like, if it covers my costs and perhaps a little profit. And I'll be undercutting the people who aren't sure whether that person will crash their car.
This should be the position OSRM are in surely?

Likewise, I only offer to insure their car up to it's agreed value, if another insurer doesn't know the value of their car, then they might insure it for more than it's worth, further raising the premium they charge.
This should be the position OSRM are in surely?

If this expert knowledge doesn't give them enough edge to offer a lower price, then I share your concerns for the viability of their endeavour.

My understanding of insurance is offering to bear a risk for monetary compensation. If there is no risk, why should anyone want to pay someone to take 0 risk off their hands?

Re:Backed with the foundation of a house of cards.

[shrykk]

Well, of course BigInsureCo can reinsure LittleCo.

BigInsureCo spreads the risk by offering insurance to lots of small fry.

Say they have to pay out to SCO ...shudder... no, forget that. Say they have to pay out to some other small company who took out insurance with them, well they're fine, cos they got free money for insuring against SCO's crap, and lots of other ventures.

The bigger an insurance company is, the more certain their profit becomes, as long as they can assess risks fairly well. Bigger sample, smaller variance. The only thing that has brought insurance companies down in recent years is insuring satellites that crashed.

Mod parent funny!

David Boies/David Bowie confusion! ROFL

NICE GUY??? NOOO

the guys is a fucking nazi!
ask anyone in sweden, they will tell you

I am really in doubt!

[hummassa]

Did you really just mixed musician David Bowie and SCO's lawyer Davie Boies?

Re:I am really in doubt!

[Short+Circuit]

I suddenly had a picture of a musical that took place in a courtroom. Odd.

Bruce - what happened to your interview?

[gosand]

Bruce, I know this is slightly off-topic, but whatever happened to your Slashdot interview? I thought that you must just be way too busy to answer the questions, but here you are posting on Slashdot. At the time at least, some of the questions were good ones, and I had one that I'd still like to hear your opinions on. The interview questions were posted on July 28 of 2003. What happened?

Re:Bruce - what happened to your interview?

[Bruce+Perens]

It seems I wrote answers on a laptop on a plane a long time ago and then forgot to submit them. And now they are stale.

Bruce

Re:Bruce - what happened to your interview?

[gosand]

It seems I wrote answers on a laptop on a plane a long time ago and then forgot to submit them. And now they are stale.

It's probably safe to say that they weren't lost due to a BSOD, huh? :-)

Thank you for responding! I have emailed the Slashdot editors several times about this, because it was one of the interviews I was looking forward to, but never happened. But I never could get any response.

They should conduct another one, seeing as how a lot of those questions had to do with SCO, but some didn't (like mine). I am sure there are many other Open Source questions out there that you could handily field.

Anyway, thanks for the response.

Firmware? Kernel?

I am not a Linux guru, however ...

Firmware is something that lives in some kind of rom. It is usually part of a device. I can't imagine how firmware would be included IN the kernel.

What is at issue here is the kernel only. Everything else (which is most of any distro) is another issue.

Re:Firmware? Kernel?

The issue here is that Linux kernel distribution as awailable from kernel.org includes a copyright material and apparently there is no license from the copyright holder that allows to do that.

It does not matter if that material is a source code, data structure or a binary firmware. As long as it is a copyrighted material, redistribution should include proper license.

I would not be suprised if there are other drivers in Linux kernel with dubious license situations and it is strange that somebody can declare Linux kernel free of them.

$25K only buys you about 60 hours of an IP lawyer

Basically, the developer policy won't see you thru the first 4 weeks of discovery.

This policy is next to worthless.

I see aircraft renters "insurance" that covers $50,000 per passenger. When was the last time a tort lawyer settled for $50,000? Basically worthless, as is this "developer's insurance".

This just scares the poor college student who would think about contributing to FOSS right out of town. What we need is legal change to protect the developers, not an insurance policy that is virtually worthless.

Think about how few people would actually contribute to FOSS if they actually have to PAY for the right.

The Red Hat/OSDN approach is the ONLY correct way to solve the developers liability problem absent legislation.

-mike

Know your audience

[prgrmr]

Given the two-tier rate structure, slashdotters ought to chill. This obviously isn't targeted at the random Linux hacker, but toward the corporate users of linux who aren't necessarily open source savy. I'm thinking banks, life insurance companies, financial institutions, and conglomerates. Companies with lots of money, who traditionally run large iron from the Big Name Computer companies and are the type to pay a software vendor for open source products they could otherwise download for free (as in beer), simply because they need to have the comfort level of a (supposed) VAR in the middle.

It's not a bad move, as far as business strategies go. It's practically free money, as these sorts of companies go for this sort of "low cost, high risk protection" all the time. Plus the chances of SCO (or anyone else) successfully taking on any of these corporations is fairly small, making the risk-reward ratio incredibly favorable.

PJ is NOT offering insurance

[FunWithHeadlines]

That's what OSRM is doing, and they hired her to do some research for them. Big difference.

Re:Backed with the foundation of a house of cards.

[willabr]

After 30 year study, Castro announces communism OK.

Conflict of Interest?

[4of12]

because they're offering product liability insurance to both developers and users."

Now this is a weird situation.

And before anything else let me say that I am a strong advocate for free software and think Pamela Jones and groklaw have done a wonderful service to the community by applying intense legal play-by-play to the SCO case.

But.

If they're in the business of selling insurance against copyright attacks on Linux, does that not represent a conflict of interest?

If they were after the money, I would have expected their assessments to have at least a small note of ominious nature so that potential clients would be inclined to buy that insurance.

In an era when every other day you hear about yet another lapse in corporate ethics, with the problems that Arthur Anderson got into by offering consulting services to the same clients to whom they offered auditing services, people have to be a lot more careful.

We Sell SCO Insurance For Less

[Long-EZ]

I'd be willing to sell you some SCO insurance for a lot less. And I accept PayPal.

IBM's legal team will prevail and destroy SCO in the process. There won't be anything left for Red Hat, AutoZone, or Daimler-Chrysler. There is no chance at all that anyone farther down the chain will ever face SCO in court. SCO insurance is a sucker bet.

The business world is finally learning what /. readers have known all along. SCO is a scam. SCOX stock has generally trended downward, with a few surprising upward blips based on the FUD of the day. But SCO is now in its death spiral. The stock is tumbling, and this time it isn't coming back. Time for this company to take a little dirt nap.

It's also time for Microsoft to launch the next assault against Linux. I say, "Bring it, bitch."

knowingly?

[Doc+Ruby]

Just because they didn't find evidence in 6 months of looking doesn't mean there's no evidence somewhere. If "knowingly" is the standard, then everyone is in the clear - but I'm not sure that's the case here. Citation? If that's the model, then 6 months *is* enough to find that kernel.org and the distro makers have a clean paper trail. Infringement upstream would remain liability only upstream. In any case, all those SCO infringement suits on endusers would be frivolous. They sure look that way to me, but not necessarily on this "knowingly" principle. And since a judge would need only a single hearing to learn so themself, I'd expect those suits would be discarded by now.

Pamela of Arc

[infochuck]

Who the hell is this lady, where the hell did she come from, and will she marry me?

Re:Backed with the foundation of a house of cards.

[sepluv]

If an employee of company X GPL'd code illegally, then that's another matter

I heard of previous cases in the US which suggest that, in the US at least, if an employee licenses something or makes a contract, the company cannot withdraw it by saying the employee was not allowed to--they can only sack the employee.

Obviously there is a certain amount of common sense (i.e.: you would expect it to be released by a senior employee to believe a contract/license)--if someone on the shop floor in Mc. Donalds tries to sell McDonalds to you, it would be argued that you should not believe them.

IANAL &c.

Re:Backed with the foundation of a house of cards.

[BoomerSooner]

Just an FYI:
I called my insurance agent and 1 million dollars of coverage for a software company runs $225.00/year. I cannot remember what I pay for my insurance since the bill isn't in front of me!

So you can pay $250 for $25,000 in coverage. Which if anyone needs it the company will dry up. Or you can go to (yes they are evil) St.Farm and get $1,000,000 for $25 less. Which is the better option?

Some times I think everyone should be required to get a degree in Finance or at least be able to pass the CFP (Certified Financial Planner) exam before making decisions in their financial lives. CFP is the easy exam, CFA (Chartered Financial Analyst) is the insanely difficult one to get (harder than the CPA and Bar from what I've heard, but the guy that told me had a CPA, CFA and JD (Law) so I trust his opinion).

Wow-ee!!

Hooray! OSRM declares Linux free of copyright violations! Meanwhile, you can't even get a Soundblaster-compatible card working that Windows 95 from 10 years ago runs out of the box.

Watching Linux zealots justify it and dance around the issue is one of the most hilarious things I've read at Slashdot. Keep it up!

MODS--It's a repost

[bonch]

Funny you mention repeating, since it's a "six-month old repost" according to the front page of Anti-slash.org.

Re:MODS--It's a repost

[momerath2003]

I have mod points and was about to mod it down or you up...

but then I realized, 'What if anti-slash is only pretending it's a repost and just want duped moderators to mod it down?'

An interesting conundrum, but as I have posted here now, I can't use my mod powers, thus absolving me from my dilemma.