OSRM Declares Linux Free of Copyright Violations

tmu writes "According to a recent press release, the Linux 2.4 and 2.6 kernels are free of any code that violate copyrights. OSRM, the new startup formed by Daniel Egger and including groklaw founder Pamela Jones, completed a 6-month review of all code in both kernels. They must be pretty confident of the results, because they're offering product liability insurance to both developers and users."

Do we really need this?

[whig]

$25,000 coverage for $250/year? Do we really need this? In three years time, we'd be paying more than the cost of SCO's unnecessary license for a minuscule amount of coverage that we don't need, because, as they themselves say, Linux is free of copyright infringements.

Re:Do we really need this?

[nomadic]

I'm assuming the liability insurance will cover more than SCO. With the enormous amount of code changing hands in the OSS community, it's not really a bad idea to have liability insurance.

Re:Do we really need this?

[Bruce+Perens]

Open Source developers don't generally need this product. Some of them may feel more secure with it. But when we get to software patents, that may be one that you do need.

Bruce

Re:Do we really need this?

[gnuber]

Open Source developers don't generally need this product.

Your press release states that you "will charge $250 to individual Linux developers". So you admit that you are charging hundreds of dollars for something unnecessary? If I wanted to waste money, I could pay $699 to SCO instead.

Are you actually offering this insurance yet? It sounds like you have not even found a reinsurer after spending months trying. Even if I wanted this insurance, I would be a fool to pay premiums before you have any sort of financial backing.

I have great respect for Bruce and Pamela, but frankly this reeks of opportunism and greed. OSRM will only be able to sell this product by scaring companies into thinking it is necessary. How will that possibly help Open Source? The venture capitalist who started this organization (Daniel Egger) has already begin spreading FUD. Just a few days ago he completely mischaracterized the DaimlerChristler suit. The OSRM web site has been cleaned up after intense criticism, but still says things like "organizations gaging the risks of Open Source software face a vacuum of clear information." On the contrary, I know of hundreds of highly convincing paper from lawyers like Eben Moglen dismissing the SCO claims.

Because your business is to scare people into buying insurance, you neglect to mention the millions of dollars in defense money already available free from the OSDN. There is also the million dollar Redhat Open Source Now fund. And don't forget vendor indemnification freely available for customers of Redhat, HP, Novell, etc. You do mention vendor indemnification on the OSRM site, but only to attack it as inferior to your insurance.

The OSRM page states that "OSRM has generated the widespread support of Open Source leaders," but the only ones I have seen supporting it are on the OSRM payroll. Without the credibility of PJ and BP, this project would be universally ridiculed. Egger made a good decision in paying you off (I'm sorry that sounds harsh, but we all know he hired you two for your credibility in the open source world).

You are a smart guy and have studied this more than I have. So perhaps you can enlighten me as to why I should consider this a good thing. Or maybe you are just trying to cash out on the current Linux FUD. That isn't illegal, but please don't cast it as doing us a favor.

Re:Do we really need this?

[Bruce+Perens]

First, there is no way that the $250 policy can ever be a money maker. There just aren't enough folks who will get it. It might break even. It is a way to provide normal folks with access to the resources that companies are paying $100,000 for.

This is what I worry about. Some turkey sues an Open Source developer with intent to restrain. Not to recover funds. Said developer says "Uh-oh, I don't have the funds to support a single day in court. I'd better sign my copyright over to that turkey, sign whatever documents he has saying that I will never, ever write Open Source again, and find some other way to entertain myself."

$25,000 is not necessarily enough to defend every case, but it's enough to tide you over until you can get a publicly-funded defense up and running.

Regarding OSDL (not OSDN!) I don't know if there will be anything left for you when they are done with Autozone and Damiler, etc. Same with the Red Hat funds. I hope there is and that they are available to you. And also, I am worried about what happens if one of OSDL's corporate members is the plaintiff in a patent case against Open Source software. So, having a party that is not tied to HP and IBM is probably a good thing. And having a party that concentrates the funds for defending Open Source software into an entity that can actually do something is a good thing, too.

I think the most important point for the individual Open Source developer is "if you don't think you need this - you probably don't". Those who do need it know who they are.

Bruce

Also...

[TechnologyX]

In other news today, Darl McBride received a strange packet marked "code review", with a post-it note attached that simply read "PWNED"

PC speaks for herself...

[LostCluster]

Groklaw's running a more detailed piece that gives more information than in the press release. This basically ammounts to a reporter reporting about herself, but that also makes it information straight from the source.

+1 funny

[mrsam]

I find it rather humorous that this outfit is probably going to make more money off what's SCO's doing than SCO's itself.

After all, they only need to break $20K, and now they're doing better than Darl & Co.

This is hillarious. Darl's been huffing and puffing for a year trying to squeeze water out of a rock; now here comes OSRM, and before long they made more money essentially by betting that Darl's got nuthin!

Re:Backed with the foundation of a house of cards.

[Bruce+Perens]

Of course we would use reinsurance, as do all similar companies. Daniel is working on that side.

Bruce

Debunking the FUD and myths

[FunWithHeadlines]

OK, for all those who won't bother reading the story, keep these points in mind:

1. This is voluntary insurance. Don't want it? Don't get it.

2. This isn't targeted at users, who are not at risk in any case, so 95% of us can move on, nothing to see here.

3. This has nothing to do with the risks of Linux, for there is nothing wrong with Linux. Instead, it's about the fact that, as SCO showed, there are bad people who want to make trouble for FOSS and will use nuisance suits in order to do that. Sad but true, but let's at least look at the world realistically. We now have another tool to fight these losers.

4. If you are a kernel developer, or a big-pocketed Linux corporate user, and you think you could become a target of one of these nuisance suits, you now have a chance to get insurance against such. Voluntary. Don't want it? Don't get it.

5. Does this make you sad? Blame the bad people who want to cause trouble for FOSS, not the people who are stepping up to try to help.

Re:Backed with the foundation of a house of cards.

[Zcipher]

I think you, like many people, are misreading the service being provided by this company. They aren't offering to have you pay into their banks so that if SCO comes a knockin' you can just roll over and pay them with money from OSRM. Rather, what they are providing is material aid to your company so that you can take SCO to court and fight the charges. Therefore, it is only likely to be providing this aid to a few companies at a time, and can likely get injunctions to slow down any other cases in which they are involved. So, it's relatively unlikely that they'll be asked to pay all the claims at the same time.

I think the more important point is that we shouldn't make the assumption that SCO will be the only SCO. Unless somehow magically all of its cases end in "There cannot possibly under any circumstances be any code in Linux that wasn't meant to be there," which is TERRIBLY unlikely not only because of the innate absurdity of the court ruling on the potential "ownership" of every line of code, including those not material to the case, but also because none of the cases actually deal with the IP except for the Novell and Red Hat ones, one of which says SCO doesn't really own the code to begin with. Simply put, no matter what happens, there is still a vulnerability with open source with so many contributors that someone will view it as an easy target for stock-pumping litigation.

In light of this, it's much more obvious why a company might be willing to shell out $100,000 a year to reduce their risk of having to shell out $Millions to pay for legal defense or $millions in settlement fees.

Respectfully Disagree

[sethadam1]

If I know PJ (and I don't), I don't think the purpose of this is to truly offer insurance. I think it's just to get the word out there that people in the know know this: SCO is full of shit. SCO has made a lot of waves by whining and litigating without showing a shred of proof, and they've even had companies like EV1 cave in and buy licenses just because they feat a lawsuit!

Since the government (SEC?), for whatever reason, is allowing this nonsense to continue, this company is fighting fire with fire and responding in tow: they are attacking SCO on the battleground they themselves defined: the media. They are standing up and saying "We've audited Linux cover to cover, and you, sirs, are full of it."

This is what we need. More news that gets the word out that SCO is an organization of extortionists who have learned to use the slow, inefficient, expensive legal system as a weapon.
To boil it down: SCO is metaphorically using the old "pretending the finger in your pocket is a gun" shtick, and OSRM is announcing "That's your finger, jackass."

A couple of thoughts.

1 - It is very common for insurance companies to buy re-insurance from other insurance companies and spread the risk that way. I don't think it is a problem that these guys have only one line.

2 - We all know that this insurance is unnecessary. It isn't for us. It is for risk averse PHBs. It seems as much like a PR stunt as a viable business. The FUDmeisters dared the Linux community to indemnify the end users. A couple of companies rose to the challenge and here is yet another response. Having said that, if they can make a buck well, good for them.

As a thousand others have observed: check the Windows EULA.

"Who ya goin to call? FUD-busters!" (ok now I'm getting silly)

This insurance sounds familiar...

[nmoog]

Lisa: By your logic I could claim that this rock keeps tigers away.

Homer: Oh, how does it work?

Lisa: It doesn't work.

Homer: Uh-huh.

Lisa: It's just a stupid rock.

Homer: Uh-huh.

Lisa: But I don't see any tigers around, do you?
...

Homer: Lisa, I would like to buy your rock.

A fund to buy SCO's "IP"

[mcSey921]

Let's start a fund to buy SCO's "intellectual property" when all this litigation eventually drives them into bancruptcy.

The OS community playing IP vulture doesn't seem like too bad an idea. SCO does have some code that could be bought and GPL'ed, and the company isn't gonna be worth much a year from now. Let's pool.

Email the money to me for now;)

HHOS

Re:If it's so free of copyright infringement....

[mopslik]

Depends if you mean sued as in 'successfully sued', or just the initiation of the process, and if you believe your nation's legal system is just and fair.

Even "unsuccessfully sued" can cost someone a hell of a lot of money. Have you seen how long some of these cases can drag out? It costs money just to defend yourself. And if you successfully defend yourself, you still have to launch your own counter-suit if you want to reclaim any of those losses.

While insurance seems of little use to most people, I can see some companies thinking it's a worthwhile investment.

Parent is Right

[tabdelgawad]

If SCO wins a single case in court about copyright violations, what's the point of cashing in your insurance to fight a battle that's already lost? And if SCO loses a single case in court about copyright violations, how can they go after someone else for the same (now non-valid) copyright violation?

My guess is nobody will really buy this insurance except those, like OSRM itself, who just want to make a statement. The real announcement here is that an audit of the Linux kernel was completed and that somebody's willing to put some money where their mouth is.

Quit worrying about SCO

[Animats]

It's time to quit worrying about SCO.

• Their stock is in a screaming dive. Closed at $7.77 today, down from $22 at peak.
• Their VCs want their money back.
• Before they can sue Linux users over copyright violations, they have to beat IBM and Novell and Red Hat and Damlier-Chrysler or AutoZone.
• They're losing against IBM, and the other suits aren't going anywhere yet.
• IBM's law firm is Cravath, the big hammer of corporate litigation. Cravath puts huge teams of lawyers on the job and has an organized process for not missing anything and not making mistakes. Nobody wins a weak suit against Cravath.
• SCO has never sued a Linux user that didn't have a previous contract with SCO. If they try, any such suit can be stalled until the big lawsuits are settled, for the same reason the Red Hat lawsuit is on hold.
• Because SCO has been sueing their own customers, it's dangerous to become an SCO customer. SCO sales have thus tanked.

So there.