Slashdot Mirror
Indemnification Roundup
Skapare writes "O'Reilly Network's LinuxDevCenter has a great article summarizing the indemnification possibilities for businesses considering switching to (or staying with) Linux. Author Tom Adelstein covers the business risk mitigation aspects of using Linux today, and details available indemnification offerings from Novell, HP, Red Hat, and OSRM. So why not print a copy and send it to your company CEO."
Here we have an allegedly pro-Linux site promoting the same false statement. That if you run Linux, you have an increased legal risk and hence should shop around for a vendor that indemnifies its users or buy insurance to do so.
If you're going to do an article like this, at least remove the distinction between FOSS (free and open source software) and proprietary software. For example, have a section that lists Microsoft, and then has a statement that says Microsoft does not indemnify their customers.
All these risks people are throwing out about FOSS play right into the hands of proprietary software vendors trying to figure out ways to up the TCO of Linux. Shame on LinuxDevCenter for playing along.
For something that has yet to be proven, and all signs point to the SCO case as being a farse.
These companies backing their products with legal aid are simply doing it as a marketing ploy. RedHat, HP, Novell.. they know there's nothing to worry about, that's why they've all been so eager to extend these "services."
I can't wait until the whole SCO case is just over. We all here know that SCO will lose.
- It's not the Macs I hate. It's Digg users. -
Why is it even necessary to get this kind of insurance, it would be the company selling the software to me that is liable, not myself unless I decide to redistribute it, and even then...
Join moola.com, play games to earn money.
Looking for Indemnification While Linux Sales Double
by Tom Adelstein
06/28/2004
Little doubt exists; a legal cloud hangs over Linux from infringement claims of the SCO Group, Inc. In spite of that cloud, Linux server sales grew 56.9 percent in the first quarter of the year. Linux sales in 2004 follows six consecutive quarters of double-digit growth for the free operating system during unprecedented legal attacks from SCO over the same period.
Advertisement
Linux success helped push all server growth to 7.3 percent according to IDC's Worldwide Quarterly Server Tracker. The contradictions of sales increases and legal uncertainties bring into question the degree of concern people actually feel about SCO's legal claims. One might say, if the defendants of the SCO suits don't see concern, why should I?
This article examines issues related to Linux use in the enterprise while copyright infringement claims exist. CIO's and others who need pragmatic information when deciding whether or not to deploy Linux will find this useful. Rather than examine the legal case, we will examine market perception and risk related to using Linux.
Market Perception
SCO believes that Linux infringes on its Intellectual Property. SCO has sued IBM, Novell, AutoZone, and DaimlerChrysler on the basis of that belief. IBM and Novell market Linux while AutoZone and DaimlerChrysler use Linux in their businesses.
Realists consider Linux adoption remarkable. The word on the street and in the foxholes of the IT community has created a swell of adoption from small businesses to the entire Fortune 500. The marketing of Linux by HP, IBM, Sun, Dell, Oracle, and Novell demonstrates the commitment of industry to Linux. With all the agreement in the market, most observers do not give SCO much of a chance of winning its cases.
The recent announcement that the U.S. Federal Court system has deployed Linux adds further to the speculation that Linux deployment may be safe. People will reason that Linux use in the courts bodes poorly for SCO.
Normal Risks Associated with Software Acquisition
Procurement policies within large organizations discuss infringement. For example, the basic policy for software purchases at the University of Texas states:
"We should expect that Vendors will develop their products without infringing the intellectual property rights of others, that is, without appropriating others' protected ideas or expression."
Large purchasers want warranties from vendors guaranteeing their software does not infringe. Such purchasers do not necessarily expect vendors to provide warranties. They do expect that if the software infringes someone else's rights, the vendor will take care of any expenses incurred if the purchaser is sued or asked to stop using the software because of alleged infringement. Large organizations expect protection from infringement. They want to know that a software vendor will pay for expenses related to infringement and they want that stated in the software license agreement. They also realize that exceptions exist if the software is:
* Beta test software
* Free, steeply discounted, or very low-cost software
* Software provided by nonprofit vendors
* Software whose source exists in the public domain
In enterprise terms, if a vendor agrees to indemnify, it means the vendor accepts the risk of financial loss.
The first three situations above illustrate circumstances where a vendor may not make enough money on the product to justify assuming risk for indemnification. In effect the vendor says, "If you want this software, you'll have to accept the risk that it might infringe. If you want us to accept that risk, it will cost you a lot of money."
SCO's Unprecedented Infringement Case
Past infringement cases have focused on software makers rather than end users. For example, Microsoft has encountered many infringement cases from companies like Eolas, Stac, Burst, Netscape, Sun, and InterTrus
actually, I seem to remember a stink over MS SQL Server, as they bought a limited-use licence for software used to make SQL Server work. This licence [IIRC] makes it illegal to modify SQL Server, or to use it in different environments. Redhat offering services to indemnify buyers against this is actually helping to get those that would hesitate - and it's actually still far more economical that MS (actually, if you count future support and forced upgrades from MS, Linux distro's could charge $1000 per seat and still come over cheaper in the whole TCO argument). Off topic, but there was a big stink about this over a period of what? a few hours on slashdot? Really, stop advertising these ginks that don't help the problem, and start getting more information up on the propriety sh****** that is the problem..
I wouldn't be so quick to indemnify myself; this just 'shows' SCO and their paid shills that they're right. ... they obviously know they've stolen our code for communist activities!"
"Look, these Linux users are getting indemnification
anyone that buy's into this is a complete fool. there is NO guarentee that you are protected in any way. I dont care what any of these companies say, they will not pay all your legal fees to protect yourself in court if another asswad company or person comes out of the woodwork and tries to claim that anyone using XYZ owes them $$$.
it's a bunch of empty and useless words that the companies are throwing out there. if you read it very closely I am betting that there are clauses and loopholes that relieve them of their "protection" in many ways.
if it makes a PHB heppy and shut's him up, then it may have value in that way. but it has ZERO value in any courtroom or for any protection for a company.
anyone with even a slight legal background can see this.
Do not look at laser with remaining good eye.
Nobody has ever been sued for just using Linux. However, end-users of a msft product (SQL server) have been sued over a patent violation.
v er _developers_face_huge/
http://www.theregister.co.uk/2003/02/20/sql_ser
From the evidence that exists so far, it is clear that msft end-users are the ones more likely to be sued.
Of course the most likely to be sued of all, are end-users of scox proprietary products. For the simple reason that scox has made it a normal business practice to sue anybody who has any sort of contract with scox. So far that includes: ibm, chrysler, autozone, and novell.
What was it scox spokesman blake stowell said? "Lawsuits are what you use against people you have a contract with."
These guys are doing imdemification for $100 penguin dollars
Why worry about SCO's lawuit of GNU/LINUX?
If I want to use an Open Source OS that had settled the UNIX IP matter long ago, I pick FreeBSD.
If for some reason I want the GNU tollset I could pick GNU/FreeBSD.
Too bad Tom Adelstein couldn't be bothered to point out how the SCO claims of UNIX IP vs Open Source OS was solved years ago by the BSDi crew.
I know, I know. It's awfully hard to prove them wrong when they won't say exactly what they claim. So sue me. err, no... Sue them! That's what IBM, RedHat, and a few others are doing right now.
The Cheese Stands Alone.
Once a business demonstrates sufficient long-term viability, there is inevitable pressure to consolidate and "standardize" the market by the removal of small competitors.
The most politically attractive tool for removing small vendors from a market is overwhelming economic force (free as in beer). Current case in point, Gmail will destroy small ISPs by teaching users to demand hundreds of megabytes of email storage. Yahoo & Hotmail have already responded.
Indemnification will do the same for Linux distributions. You may be able to roll your own distro, but it will be increasingly difficult to distribute it without legal exposure (not only to the publisher, but the distribution channel, e.g. SourceForge/OSDN).
After economic consolidation comes political consolidation (regulation). Sender-pays email, state-issued ID for publication, bank-issued ID for consumption, firewall liability insurance in exchange for permission to face the public network, VOIP-driven consolidate of "offline" and "online" IDs -- and just when you're about to go insane with boundary barriers: premium green-light services that guarantee swift passage to those who can afford it.
Creative anarchy will remain possible within organized economic pools that can negotiate regulatory barriers to entry and evolution.
Unless you're in a very small company, the CTO would be a better bet.
If you're in a really big company, then the chances are it should be going to the Director of IT.
Don't immediately shoot yourself in the foot by annoying people whose job is not to consider/deal with these issues.
Avantslash - View Slashdot cleanly on your mobile phone.
With all the costs of linux (accountability, support services, re-writing inhouse software, re-training IT), I think that most businesses will stick with MS and license their software. This recurring cost may be more than Linux's recurring cost, but the barrier for exit from MS's world is high. However, I do think that once MS releases a new OS and eventually businesses feel pressure to switch to it, many will instead switch to Linux. The cost of switching to Linux, while higher than the cost of supporting Windows, will be lower than the cost of switching to a new Windows OS, and will present a lower forward cost. Never underestimate greed as a tool to switch people to OSS.
I submitted this story last night, and it didn't get posted.
For your consideration:
One could make some very good objections to using Linux, but liability is not one of them. If anything, the fact that the source code is freely available means that absent frivolous plaintiffs (*cough* SCO *cough*) there is a very small risk of being sued. Unlike the proprietary, closed source model, cases of actual infringement can be mitigated by the end user. If I was sued for IP infringement and didn't have the source code, my only option (assuming that infringement really took place) is to pay royalties and licensing fees. But if I do have the source code, I can simply remove the infringing material, substantially reducing the damages that a plaintiff could collect.
And for all you Microsoft-vs-Linux trolls, save it. Microsoft and Linux are just good examples of the relative strengths and weaknesses of open versus closed source. The argument would apply equally well to Adobe Photoshop vs. Gimp or Oracle vs Postgresql, etc...
The society for a thought-free internet welcomes you.
This is huge in my business where the CEO is gunshy from a lawsuit 7 years ago. (yeah, I know...therapy) We recently turned down a completely free, open-source component for a relatively expensive one that did less for what? Indemnification. Our legal aid couldn't guarantee us that we wouldn't get sued.
It's a problem. Businesses that use 3rd party products need those products to perform WITHOUT giving them the added legal expense. I think your ROI really drops when it includes a few suits. Small businesses, in specific, aren't about to take that chance. That being said, they're less likely to be targeted, but often the chance isn't worth it.
They want someone to point a finger at if something goes wrong...the software breaks, it destroys data, or they get sued for infringement in order to recoup lost money. With open-source, you have no one to point at. (usually)
Blog,Twitter
... in any of the Microsoft anti trust cases? I really don't know, but it sure would be interesting if there was any way to force an audit of their code looking for "stolen" code. Someone who has looked at it under an NDA might have noticed it, but be reluctant to whistleblow on the subject being afraid of getting sued from microsoft for violating the NDA, and having no one to step in and help them with the legal fees. Just a maybe there because I don't know, but I am suspicious of them and their relationship with SCO at this time. It might be one of the reasons behind the SCO suit, perhaps "protect" some code that they are using now. If there was ANY bonafide evidence of code theft at their shop, it might be enough to get a new investigation going.
What say ye, ACs who have seen the code, any wisps of smoke there?
Novell offers legal protection, but Red Hat is basically offering the ability to carry on operations without worrying about the lawsuit. I understand that legal liability is important, but the real threat is not having a solution that you are legally able to use. To me, this reduces the real uncertainty in the situation. Novell's users might not have to worry about the legal fees, but what do they do with their business until they find a new OS solution?