Slashdot Mirror


OSRM Declares Linux Free of Copyright Violations

tmu writes "According to a recent press release, the Linux 2.4 and 2.6 kernels are free of any code that violate copyrights. OSRM, the new startup formed by Daniel Egger and including groklaw founder Pamela Jones, completed a 6-month review of all code in both kernels. They must be pretty confident of the results, because they're offering product liability insurance to both developers and users."

17 of 347 comments (clear)

  1. Backed with the foundation of a house of cards... by LostCluster · · Score: 4, Insightful

    Insurance policies are always grouped into lots that allow the "law of large numbers" to come into play. That is to say, small numbers might go on a random walk, but within a large group the actual number of claims will always be reasonably close to the expected number of claims.

    Sorry... an insurance company that's offering only one liability product that is either going to have claims from all customers or have no claims at all is not going to fly. Either they'll be pocketing all of the premiums, or the whole house of cards will colapse in more claims than they can ever handle. There's no middle case... either every user of Linux is going to end up owing big bucks to SCO, or none of them do.

  2. Do we really need this? by whig · · Score: 5, Insightful

    $25,000 coverage for $250/year? Do we really need this? In three years time, we'd be paying more than the cost of SCO's unnecessary license for a minuscule amount of coverage that we don't need, because, as they themselves say, Linux is free of copyright infringements.

    --
    Peace and love, y'all
  3. This is absolutely worthless... buy it anyway? by LostCluster · · Score: 4, Insightful

    I'm not quite sure an insurance policy from these people is worth as much as a SCO license, in that they're either selling policies that won't pay if SCO owns nothing, and they'll be overextended if it does turn out SCO owns something.

    However, if you've got a PHB who's seriously thinking about sending his $699 per server into SCO... this may just be a company that you can use to fool your fooled-by-SCO PHB into sending money to the anti-SCO lawyers instead of the pro-SCO lawyers.

  4. Where's the methodology by jaymzter · · Score: 4, Insightful

    I never saw this adequately answered on Groklaw. This is no different really than benchmarks or TCO studies. Show us your methodology, give us the name of an independant third party which conducted the review, and let us review the results. Coming from OSRM I consider this well meant but to be followed by a large grain of salt as they have a vested interest in the outcome. I believe Linux isn't tainted, but if you've combed through the code of Linux and several Unixen, I'd like to see it in black and white.

    --
    If thou see a fair woman pay court to her, for thus thou wilt obtain love
  5. +1 funny by mrsam · · Score: 5, Insightful

    I find it rather humorous that this outfit is probably going to make more money off what's SCO's doing than SCO's itself.

    After all, they only need to break $20K, and now they're doing better than Darl & Co.

    This is hillarious. Darl's been huffing and puffing for a year trying to squeeze water out of a rock; now here comes OSRM, and before long they made more money essentially by betting that Darl's got nuthin!

  6. Debunking the FUD and myths by FunWithHeadlines · · Score: 5, Insightful
    OK, for all those who won't bother reading the story, keep these points in mind:

    1. This is voluntary insurance. Don't want it? Don't get it.

    2. This isn't targeted at users, who are not at risk in any case, so 95% of us can move on, nothing to see here.

    3. This has nothing to do with the risks of Linux, for there is nothing wrong with Linux. Instead, it's about the fact that, as SCO showed, there are bad people who want to make trouble for FOSS and will use nuisance suits in order to do that. Sad but true, but let's at least look at the world realistically. We now have another tool to fight these losers.

    4. If you are a kernel developer, or a big-pocketed Linux corporate user, and you think you could become a target of one of these nuisance suits, you now have a chance to get insurance against such. Voluntary. Don't want it? Don't get it.

    5. Does this make you sad? Blame the bad people who want to cause trouble for FOSS, not the people who are stepping up to try to help.

  7. Re:Backed with the foundation of a house of cards. by Zcipher · · Score: 5, Insightful

    I think you, like many people, are misreading the service being provided by this company. They aren't offering to have you pay into their banks so that if SCO comes a knockin' you can just roll over and pay them with money from OSRM. Rather, what they are providing is material aid to your company so that you can take SCO to court and fight the charges. Therefore, it is only likely to be providing this aid to a few companies at a time, and can likely get injunctions to slow down any other cases in which they are involved. So, it's relatively unlikely that they'll be asked to pay all the claims at the same time.

    I think the more important point is that we shouldn't make the assumption that SCO will be the only SCO. Unless somehow magically all of its cases end in "There cannot possibly under any circumstances be any code in Linux that wasn't meant to be there," which is TERRIBLY unlikely not only because of the innate absurdity of the court ruling on the potential "ownership" of every line of code, including those not material to the case, but also because none of the cases actually deal with the IP except for the Novell and Red Hat ones, one of which says SCO doesn't really own the code to begin with. Simply put, no matter what happens, there is still a vulnerability with open source with so many contributors that someone will view it as an easy target for stock-pumping litigation.

    In light of this, it's much more obvious why a company might be willing to shell out $100,000 a year to reduce their risk of having to shell out $Millions to pay for legal defense or $millions in settlement fees.

  8. Respectfully Disagree by sethadam1 · · Score: 5, Insightful

    If I know PJ (and I don't), I don't think the purpose of this is to truly offer insurance. I think it's just to get the word out there that people in the know know this: SCO is full of shit. SCO has made a lot of waves by whining and litigating without showing a shred of proof, and they've even had companies like EV1 cave in and buy licenses just because they feat a lawsuit!

    Since the government (SEC?), for whatever reason, is allowing this nonsense to continue, this company is fighting fire with fire and responding in tow: they are attacking SCO on the battleground they themselves defined: the media. They are standing up and saying "We've audited Linux cover to cover, and you, sirs, are full of it."

    This is what we need. More news that gets the word out that SCO is an organization of extortionists who have learned to use the slow, inefficient, expensive legal system as a weapon.
    To boil it down: SCO is metaphorically using the old "pretending the finger in your pocket is a gun" shtick, and OSRM is announcing "That's your finger, jackass."

  9. Re:If it's so free of copyright infringement.... by Bruce+Perens · · Score: 4, Insightful
    Well, we've learned that being innocent doesn't prevent you from being sued, haven't we?

    Bruce

  10. A couple of thoughts. by Anonymous Coward · · Score: 5, Insightful

    1 - It is very common for insurance companies to buy re-insurance from other insurance companies and spread the risk that way. I don't think it is a problem that these guys have only one line.

    2 - We all know that this insurance is unnecessary. It isn't for us. It is for risk averse PHBs. It seems as much like a PR stunt as a viable business. The FUDmeisters dared the Linux community to indemnify the end users. A couple of companies rose to the challenge and here is yet another response. Having said that, if they can make a buck well, good for them.

    As a thousand others have observed: check the Windows EULA.

    "Who ya goin to call? FUD-busters!" (ok now I'm getting silly)

  11. Here's why by FunWithHeadlines · · Score: 4, Insightful
    That's like saying "I guarantee there is no danger of flooding here. But I would be happy to sell you flood insurance."

    No, the correct analogy would be more like this:

    "I guarantee there is no natural danger of flooding here, but there are rustlers out there going around causing floods and if you want to protect yourself, try this."

  12. Re:If it's safe, why do we need insurance? by Trogre · · Score: 4, Insightful

    That's pretty much the long and short of it.

    But imagine you're trying to convince your PHB that you need to deploy linux in your enterprise.

    "But what about all this copyright that SCO is claiming?" he asks.

    Now you can tell him "It's just FUD/BS." (which we know is true, but not all non-techs do).

    Or you can tell him "It's just FUD/BS, but if you're worried we can purchase 3% liability a year in insurance."

    Which one is he more likely to listen to?

    If the $699 per seat is the liability they refer to, then that's $20/year per linux box.

    So like most insurances, this is just offering peace of mind for those who worry about the highly unlikely event of a catastrophe (or should that be fiaSCO?).

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  13. Re:If it's so free of copyright infringement.... by Bruce+Perens · · Score: 4, Insightful
    Well, being unsuccessfully sued is what I'd worry about. It can still cost you a lot to defend yourself.

    Look for sites about tort reform.

    Thanks

    Bruce

  14. Re:Backed with the foundation of a house of cards. by IWannaBeAnAC · · Score: 4, Insightful
    If BigInsurCo is willing to provide reinsurance for this deal, why wouldn't they just sell Linux Insurance themselves and cut out the middlemen?

    Because BigInsurCo knows how to evaluate risk, but doesn't know anything about Linux?

    Because, to BigInsurCo, it is too small an operation to bother dealing with the details by themselves?

    Because OSRM seem to be offering more than just insurance (such as access to their IP lawyers)?

  15. Parent is Right by tabdelgawad · · Score: 5, Insightful

    If SCO wins a single case in court about copyright violations, what's the point of cashing in your insurance to fight a battle that's already lost? And if SCO loses a single case in court about copyright violations, how can they go after someone else for the same (now non-valid) copyright violation?

    My guess is nobody will really buy this insurance except those, like OSRM itself, who just want to make a statement. The real announcement here is that an audit of the Linux kernel was completed and that somebody's willing to put some money where their mouth is.

    --
    Imposing Libertarian views on everyone online since 1992.
  16. PJ offering a better product than SCO by 0x0d0a · · Score: 4, Insightful

    SCO's license doesn't grant you a blanket indemnity -- just a guarantee that *they* won't sue you.

    PJ is selling insurance that covers *any* infractions.

    If a company has a choice between purchasing real insurance from PJ or "insurance" from SCO, they're almost certain to do better with PJ.

    'course, I think the whole set of concerns is a lot of baloney -- open source types tend to be pretty careful about licenses -- but it's not as if you can claim that PJ has falsely inflated her product's merits -- she's been saying the same thing for quite a long time. :-)

  17. missing links by Doc+Ruby · · Score: 4, Insightful

    Let's say they traced, in 6 months, every line of code that went thru the kernel's CVS back thru its committer, and back thru them to its submitter, supposedly its "programmer". How do they know of all those "programmers", none copied someone else's code? And that none submitted code written for hire by someone else, who therefore owns the copyright? While this is possible, 6 months is a long time to investigate every person from whom code came in the 10 year history of the kernel. It's a long time just to get feedback from every programmer, let alone audit their development processes feeding their commits. And if even one programmer didn't reply to their questions, which programmers are free to do, then that mystery programmer is a potential copyright breach.

    I don't think there's code in the kernel with copyright that conflicts with the GPL. And it's incumbent on any competing copyright holder (*cough* SCO *cough*) to prove they have the controlling copyright. But OSRM seems to be placing an implausibly confident bet on that conjecture.

    Meanwhile, their liability insurance is totally unrelated to their bet on Linux copyright unencumbrance. The liability insurance is merely betting that less than 3% of the insured value of the software they cover is malware. Charging 3% of that insured value, and paying less than 3% in claims, is the aggregate arbitrage of which all insurance is made. But nowhere in that calculus does any Linux copyright liability appear. There's a missing monkey in here somewhere.

    --

    --
    make install -not war