Perens Talks About Open Source Risk Management

Big Sav writes "Here is a quick but good interview with Bruce Perens. It also raises the topic of indemnification vis a vis the SCO court case " Interesting interview - talks about Peren's new Open Source Risk Management company.

Surprised

[andy666]

I am surprised that he didn't discuss the work of Jonathan Smith at U of Penn.

Self-promotion

[lukewarmfusion]

Not that I can really blame him, but this interview is simply a promotion of his new OSRM company. Like posting an interview with your favorite movie star (who spend the entire time plugging his or her new film). It just doesn't seem like "news" as much as it is a commercial.

Is this a good thing?

[gregarican]

To me it sounds as if the group Bruce is on the board of is trying to exploit or otherwise captalize on the FUD of SCO actually winning a lawsuit. Which probably won't happen. Kind of reminds me of start-up companies which were around for all of the Y2K madness back in 1999. The FUD helped fuel interest, which really exaggerated the real deal.

Maybe Bruce should start selling underwear to Iraqi prisoners...

Re:Is this a good thing?

[pointbeing]

To me it sounds as if the group Bruce is on the board of is trying to exploit or otherwise captalize on the FUD of SCO actually winning a lawsuit.

Agreed.

They're not really offering a lot for the money anyway - on the kernel developer side they offer $25k of protection. IMO if someone was to actually *win* a lawsuit $25,000 would be just a drop in the bucket.

Also, why would I give $100k to someone who doesn't know that at least in this context 'panel' isn't a proper noun? ;-)

Necessary

[Plaeroma]

For our less read posters http://dictionary.reference.com/search?q=indemnifi cation In a perfect world, this service wouldn't be necessary. But, you really can't expect companies to take even imagined risks. If this helps people get involved in OSS despite all the SCO FUD, then job well done.

Bottom line is...

[Otter]

...the claimed TCO of Linux has just gone up by however much Getting Sued Over Linux insurance you decide you need. Perens claims he isn't taking advantage of FUD, and he may well not be -- but at least acknowledge that this represents a 180 degree change from "No one could possibly believe there's any legal risk associated with Linux use and anyone who says otherwise is a Microsoft spy!"

What is risk?

Most people think that risk is "probability of bad outcome weighted by cost of bad outcome", or somthing like that. It's not, because in a market, "price" reflects all probabilities and weightings, i.e. price is the "expected value".

Risk is properly measured by the variance in possible outcomes, the amount of "spread" around the expected value, and probability does not enter into that.

Risk has a value because every extra dollar you add to your wealth is worth less to you than the one that came before. So, upward "wins" in the variance are worth less than downward "losses", i.e. you should be willing to pay to eliminate risk, to shrink your variance.

So, the economic "risk" of the SCO lawsuit exists with regard to the spread in possible outcomes, and has nothing to do with their probabilities. The value of insurance to you is based on your economic activity and your risk aversion.

Insurance will increase the spread of Linux, not decrease it.

Perens is capitalizing on his name, not on the FUD, since the article doesn't reflect that he understands risk in detail.

How ridiculous is their case, anyways?

[192939495969798999]

It is actually pretty ridiculous of SCO to even have this court case. As an example, I cite my dad's run-in with the US-PTO upon trying to patent a piece of software many years ago: they rejected his claim, stating that "there will NEVER be patents on computer software." Maybe they meant there SHOULD never be patents on computer software... who knows. Once again, it would be nice to see what SCO actually claims they "own", and how they can prove that "fact".

Re:why bother RTFA?

[Bruce+Perens]

And I'd answer, if anyone actually asked a question.

Re:why bother RTFA?

[Bruce+Perens]

but instead some legal assistance in the case there is an IP problem with open source software. Is this correct? If so, why go that route? It seems to offer little tangible benefit other than the "FUD Protection" angle.

It lets us establish a permanent legal team who work on a number of similar claims against Open Source. They'll be up to date on their research, etc. That sort of efficiency will save everyone money.

Why not just pro-actively sell the legal assistance -- for example if a company wants to use OSS Project X, you would perform research and certify that the IP in Project X is "clean" and the project is freely redistributable.

We're doing that too, but if you didn't know: you can never finish a patent search definitively. Regarding the copyright issue you point out, that is easier to deal with.

Currently we have to work with insurance companies. We can't offer it ourselves yet.

Bruce

Re:why bother RTFA?

[Bruce+Perens]

Why am I liable for the misdeeds of another person?

Well, you aren't. But proving that could be expensive. The problem is that the patent statute says that you can be prosecuted for various forms of infringement, including use. If you got to court, your first action would probably be to attempt to sever yourself from the case, for just the reasons you state. And it might work. But we need clearer law here, or at least good case law.

I know that there are some cases I could win as a defendant, but I'd have to spend all I have to get there, and wouldn't get it back. Is that really winning?

I have been thinking about non-Open-Source risk management as you suggest. But there are many entities that can claim expertise on "Software". We can offer a specialized expertise. Also, having focus is a very good thing for a start-up company. If you try to do everything, you fail at doing anything.

To capitalize on SCO's claims, someone would have to believe them. If you look at any survey of the IT industry, you know that's not the case. And you should also know that I have worked very hard to knock down SCO and continue to do so. But it is the nature of Free Software that we do gain something from our enemies. If Microsoft hadn't been saying all of those bad things about us ("unamerican", forsooth), people in business wouldn't have been curious about what was scaring Microsoft, and would not have looked as closely at what we had to offer as they did.

The best thing you can do when thinking about OSRM is to assume that SCO is gone (soon enough that'll be true) and consider what our role is when facing patent claims. There will be enough of them.

Bruce

Re:why bother RTFA?

[Bruce+Perens]

If you read my recent press (use news.google.com) you'll notice that I am doing anything but sell indemnity. The Robert Macmillan article especially makes that point.

Regarding the FUD messages, we have gone very far out of our way not to amplify FUD and I seriously doubt that hearing of OSRM is turning any customer away.

But there is something you can tell your customers. If we don't do more about software patents, especially patents in standards, a few years from now Linux won't be Free Software any longer. You'll have to buy a patent-licensed version at a steep mark-up from one of the commercial distributions. And the commercial distributions have been doing hardly anything to help is with the patent fight.

Unfortunately, donating to FSF doesn't do much about legal defense. FSF has one legal counsel, who works pro-bono and happens to be off writing a book and other stuff this year so his availability to FSF is extremely limited. They have never built a legal team. And they have been entirely innefective regarding software patents for years, They called their anti-patent effort LPF - League for Programming Freedom, and it has been unstaffed for most of a decade.

And unfortunately, the software companies that we compete with do view us as a consortium of large businesses out to kill them. They and their legal teams will treat us that way.

Bruce