Slashdot Mirror

← Back to Stories (view on slashdot.org)

Indemnification Roundup

Posted by CowboyNeal on from the watching-your-back dept.

Skapare writes "O'Reilly Network's LinuxDevCenter has a great article summarizing the indemnification possibilities for businesses considering switching to (or staying with) Linux. Author Tom Adelstein covers the business risk mitigation aspects of using Linux today, and details available indemnification offerings from Novell, HP, Red Hat, and OSRM. So why not print a copy and send it to your company CEO."

8 of 120 comments (clear)

  1. Re:Am I safe just running Microsoft stuff? by aixou · · Score: 5, Informative

    I suppose it's somewhat analagous to volcano insurance. Everything's cool until your house is covered in soot.

    Do I need to buy or worry about this kind of stuff when I buy Microsoft software?

    No, but then Microsoft software is all done in house. 95% (give or take) of software included in a Red Hat distribution was not created by Red Hat, so they don't have the same level of accountability as Microsoft. With an indemnification plan, they are taking on the accountability of the linux kernel writers, which might give a justified peace of mind to any potential customer.

  2. Article repost before the slashdot-ing hordes by Rat+Tank · · Score: 2, Informative

    Looking for Indemnification While Linux Sales Double
    by Tom Adelstein
    06/28/2004

    Little doubt exists; a legal cloud hangs over Linux from infringement claims of the SCO Group, Inc. In spite of that cloud, Linux server sales grew 56.9 percent in the first quarter of the year. Linux sales in 2004 follows six consecutive quarters of double-digit growth for the free operating system during unprecedented legal attacks from SCO over the same period.

    Advertisement
    Linux success helped push all server growth to 7.3 percent according to IDC's Worldwide Quarterly Server Tracker. The contradictions of sales increases and legal uncertainties bring into question the degree of concern people actually feel about SCO's legal claims. One might say, if the defendants of the SCO suits don't see concern, why should I?

    This article examines issues related to Linux use in the enterprise while copyright infringement claims exist. CIO's and others who need pragmatic information when deciding whether or not to deploy Linux will find this useful. Rather than examine the legal case, we will examine market perception and risk related to using Linux.
    Market Perception

    SCO believes that Linux infringes on its Intellectual Property. SCO has sued IBM, Novell, AutoZone, and DaimlerChrysler on the basis of that belief. IBM and Novell market Linux while AutoZone and DaimlerChrysler use Linux in their businesses.

    Realists consider Linux adoption remarkable. The word on the street and in the foxholes of the IT community has created a swell of adoption from small businesses to the entire Fortune 500. The marketing of Linux by HP, IBM, Sun, Dell, Oracle, and Novell demonstrates the commitment of industry to Linux. With all the agreement in the market, most observers do not give SCO much of a chance of winning its cases.

    The recent announcement that the U.S. Federal Court system has deployed Linux adds further to the speculation that Linux deployment may be safe. People will reason that Linux use in the courts bodes poorly for SCO.
    Normal Risks Associated with Software Acquisition

    Procurement policies within large organizations discuss infringement. For example, the basic policy for software purchases at the University of Texas states:

    "We should expect that Vendors will develop their products without infringing the intellectual property rights of others, that is, without appropriating others' protected ideas or expression."

    Large purchasers want warranties from vendors guaranteeing their software does not infringe. Such purchasers do not necessarily expect vendors to provide warranties. They do expect that if the software infringes someone else's rights, the vendor will take care of any expenses incurred if the purchaser is sued or asked to stop using the software because of alleged infringement. Large organizations expect protection from infringement. They want to know that a software vendor will pay for expenses related to infringement and they want that stated in the software license agreement. They also realize that exceptions exist if the software is:

    * Beta test software
    * Free, steeply discounted, or very low-cost software
    * Software provided by nonprofit vendors
    * Software whose source exists in the public domain

    In enterprise terms, if a vendor agrees to indemnify, it means the vendor accepts the risk of financial loss.

    The first three situations above illustrate circumstances where a vendor may not make enough money on the product to justify assuming risk for indemnification. In effect the vendor says, "If you want this software, you'll have to accept the risk that it might infringe. If you want us to accept that risk, it will cost you a lot of money."
    SCO's Unprecedented Infringement Case

    Past infringement cases have focused on software makers rather than end users. For example, Microsoft has encountered many infringement cases from companies like Eolas, Stac, Burst, Netscape, Sun, and InterTrus

  3. hmm.. by dementedWabbit · · Score: 2, Informative

    actually, I seem to remember a stink over MS SQL Server, as they bought a limited-use licence for software used to make SQL Server work. This licence [IIRC] makes it illegal to modify SQL Server, or to use it in different environments. Redhat offering services to indemnify buyers against this is actually helping to get those that would hesitate - and it's actually still far more economical that MS (actually, if you count future support and forced upgrades from MS, Linux distro's could charge $1000 per seat and still come over cheaper in the whole TCO argument). Off topic, but there was a big stink about this over a period of what? a few hours on slashdot? Really, stop advertising these ginks that don't help the problem, and start getting more information up on the propriety sh****** that is the problem..

  4. Microsoft end users have been sued by walterbyrd · · Score: 4, Informative

    Nobody has ever been sued for just using Linux. However, end-users of a msft product (SQL server) have been sued over a patent violation.

    http://www.theregister.co.uk/2003/02/20/sql_serv er _developers_face_huge/

    From the evidence that exists so far, it is clear that msft end-users are the ones more likely to be sued.

    Of course the most likely to be sued of all, are end-users of scox proprietary products. For the simple reason that scox has made it a normal business practice to sue anybody who has any sort of contract with scox. So far that includes: ibm, chrysler, autozone, and novell.

    What was it scox spokesman blake stowell said? "Lawsuits are what you use against people you have a contract with."

  5. CEO by Mr_Silver · · Score: 4, Informative
    So why not print a copy and send it to your company CEO

    Unless you're in a very small company, the CTO would be a better bet.

    If you're in a really big company, then the chances are it should be going to the Director of IT.

    Don't immediately shoot yourself in the foot by annoying people whose job is not to consider/deal with these issues.

    --
    Avantslash - View Slashdot cleanly on your mobile phone.
  6. Definitely Not. by gillbates · · Score: 4, Informative

    For your consideration:

    • Microsoft's customers were sued by Timeline when Microsoft distributed code with SQL server that Timeline had only license to Microsoft for internal use.
    • I have never heard of a Linux vendor suing their customers. Yet fairly recently, Microsoft sued the LA school district for about $400,000. They sued a school .... Think about that one for a while.
    • Microsoft was convicted of abusing their monopoly position to hurt competitors. Misgivings about code written by volunteers are understandable, but it would be downright foolish to eschew code written by someone with altruistic motives in favor of code written by a convicted felon.
    • The idea that a convicted felon's code - code which is intentionally kept secret - is somehow less likely to infringe on IP rights is laughable, at best.
    • Furthermore, the fact that the source is closed means a company cannot even begin to evaluate the risk of infringement. One simply cannot determine how much or from whom Microsoft has stolen code - or if they've stolen any at all.

    One could make some very good objections to using Linux, but liability is not one of them. If anything, the fact that the source code is freely available means that absent frivolous plaintiffs (*cough* SCO *cough*) there is a very small risk of being sued. Unlike the proprietary, closed source model, cases of actual infringement can be mitigated by the end user. If I was sued for IP infringement and didn't have the source code, my only option (assuming that infringement really took place) is to pay royalties and licensing fees. But if I do have the source code, I can simply remove the infringing material, substantially reducing the damages that a plaintiff could collect.

    And for all you Microsoft-vs-Linux trolls, save it. Microsoft and Linux are just good examples of the relative strengths and weaknesses of open versus closed source. The argument would apply equally well to Adobe Photoshop vs. Gimp or Oracle vs Postgresql, etc...

    --
    The society for a thought-free internet welcomes you.
  7. Re:Bad opening statement... by mqx · · Score: 2, Informative

    "That's different."

    Of course it's different, but it's a legitimate issue to raise now that we're talking about F/OSS and indemnification.

    "And IANAL, but I really don't think an employer who had an employee contracted not to produce work for anyone other than the employer would be able to sue anyone besides the employee who broke contract."

    It's clear that your not a lawyer, because the circumstances are blindingly obvious: employee "moonlights", then employer claims that employee contributed unauthorised works to a F/OSS project, so employer as owner of the works (because, employee's contract says so) can take action directly against projects in which works are embodied.

    "This is one of the most ridiculus things about the SCO vs. AutoZone etc. cases: even assuming SCO has the rights to any source code used in Linux, why is AutoZone liable for that?"

    Because AutoZone has the works in its possession and is in fact using the works: it doesn't matter about any intermediate chains. If you have a pirate DVD in your possession, it doesn't matter who pirated it for you, the copyright owner can take action against you (and of course, they can also take action against the pirate if they can get their hands on him/her).

    "The inventor sued them, and won rightfully. I don't think he would have won if he had tried to sue someone who had bought or used a car that had windshield wipers."

    He would have won just as easily: infringement occurs if you possess, not just manufacturer. But the point is, why try and take action against 100000 separate car owners, when you can take against against 1 large car manufacturer. This is about the practical economics of litigation. I'm surprised you don't understand it.

  8. Simple. by Anonymous Coward · · Score: 1, Informative

    Run BSD.