Mozilla Foundation Donates $10K to OpenSSH

eklitzke writes to tell us the OpenBSD journal is reporting that the Mozilla Foundation is donating $10,000 USD to the OpenSSH project. This comes as good news after the recent reported financial troubles from the OpenBSD and by extension the OpenSSH team. It seems that quite a few people have answered the call for aid made by OpenBSD's de Raadt.

NO

[DAldredge]

"While donations are not US tax deductible as charitable contribution" is what their website says. I guess they don't want to become a true non-profit org for some reason.

Re:NO

[Geekboy(Wizard)]

You cannot take advantage of a Non-Profit status in Canada, on your taxes in the US.

Re:NO

[SigILL]

I guess they don't want to become a true non-profit org for some reason.

They don't want to because of the huge administrative overhead that incurs. Theo'd much rather work on the next feature or security audit than on handling that.

Of course, you're free to set up your own non-profit "Friends of OpenBSD" foundation if you want to.

Isn't 10K too low?

[guyfromindia]

Considering the rumors that the foundation makes something close to $72 million? (http://news.zdnet.com/2100-9588_22-6048377.html)
Quoting Chris Blizzard, a board member "I won't comment on the dollar amount, except to say that ($72 million) is not correct, though not off by an order of magnitude...."
Guess any amount is fine...but 10K seems too low, IMHO

Re:Contribution made to OpenSSH or OpenBSD?

For something like this, no, you cannot effectively donate JUST to OpenSSH. Even if you could specify this *specific* amount of money is to be used for that project, if they wanted to they could just allocate that much less of their own money.

Re:Contribution made to OpenSSH or OpenBSD?

[dizzy+tunez]

Its going to both. OpenBSD and OpenSSH share the money. (Which is fine by me, since its the same dudes who makes the code to both projects)

Re:Contribution made to OpenSSH or OpenBSD?

[Syberghost]

The Slashdot post is misleading; they donated to the OpenBSD project in general, not one specific subproject within it. Doing that would open up a can of auditing worms that wouldn't be in anybody's best interest.

Conspiciously absent...

[rongage]

If you looked through the list of donations on Theo's donations page, it's quite curious that some of the larger commercial interests in the Linux World (RedHat, Novell, etc...) are NOT in there.

Of course, they may have requested no publicity.

This is Slashdot, I'll let you draw your own conclusions here... :)

Re:Conspiciously absent...

[SigILL]

some of the larger commercial interests in the Linux World (RedHat, Novell, etc...) are NOT in there.

Of course, they may have requested no publicity.

Nope, they just didn't donate.

Hell, IBM even wanted the OpenBSD team to handle end-user support for one of their high-paying customers for free.

Re:Good for Mozilla.

[liliafan]

I can see their point, there are other ways to get around this problem and other tools available to people. OpenSSH is a secure project every feature you add is another potential security hole, so really is makes sense for them to refuse to add this feature, in other instances where there is no other way to workaround this problem the developers would willingly add the code to the project but this particular case has other solutions.

Re:Contribution made to OpenSSH or OpenBSD?

[freshman_a]

While I like OpenBSD I don't have a need to support OpenBSD. On the other hand I do use and would donate money to OpenSSH.

Uh, I hate to tell you, but it's all the same people. If you read the OpenSSH project is prettypage it states "OpenSSH is developed by the OpenBSD Project." So yes, you do have a need to support the OpenBSD project if you want them to continue to develop OpenSSH.

There isn't a entity setup for OpenBSD or any other of their projects it seems. It's questionable what actually happens with the money donated.

I'm sure they squander all the money on booze and hookers. Pardon the sarcasm, but it's pretty much the same as if you sent Linux a check to help support the Linux project. And if you check out the donations page, there's quite a list of names there. I'm sure if something fishy was happening to the money, someone would have noticed by now. Besides, the OpenBSD project is basically Theo's baby. Why would he jepordize it by not being honest?

Re:Good for Mozilla.

[DeBeuk]

A lots of people/companies asked the OpenSSH group to include the ability to include rate limiting due to large SSH user/dictionary attacks being run by script kiddies. One person even WROTE it for them. I believe the OpenSSH group's response was "Not an ssh problem."

It's not an ssh problem. Connection rate limiting is something you really want to do with a firewalling solution.

Re:Good for Mozilla.

[lactose99]

Considering OpenBSD's pf packet filter already has support for connection rate limiting (and it works quite nicely), I'm inclined to agree with them. You could always run sshd via inetd or xinetd for connection limiting if needed.

Thunderbird

[Noksagt]

I can't compose messages in plain text?

As replied to you: yes, you can.

I can't have signature lines automatically removed when replying and quoting?

It does this too.

I can't change the name of my outgoing account when composing?

If you get the Buttons! extension you certainly can.

Crazy. Gimme kmail on Win32 and I'll be much happier.

happy?

Re:Contribution made to OpenSSH or OpenBSD?

[Slithe]

>> For something like this, no, you cannot effectively donate JUST to OpenSSH.

Here is a simple solution: look in the CREDITS file of the OpenSSH and find the developers who are responsible for the areas in which you desire some improvements and email them with offers to provide them money, hardware, or whatever they need to improve OpenSSH.

For the sake of convenience, here is the CREDITS file to OpenSSH-4.3p1

Tatu Ylonen - Creator of SSH; Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,; Theo de Raadt, and Dug Song - Creators of OpenSSH; Ahsan Rashid - UnixWare long passwords; Alain St-Denis - Irix fix; Alexandre Oliva - AIX fixes; Andre Lucas - new login code, many fixes; Andreas Steinmetz - Shadow password expiry support; Andrew McGill - SCO fixes; Andrew Morgan - PAM bugfixes; Andrew Stribblehill - Bugfixes; Andy Sloane - bugfixes; Aran Cox - SCO bugfixes; Arkadiusz Miskiewicz - IPv6 compat fixes; Ben Lindstrom - NeXT support; Ben Taylor - Solaris debugging and fixes; Bratislav ILICH - Configure fix; Charles Levert - SunOS 4 & bug fixes; Chip Salzenberg - Assorted patches; Chris Adams - OSF SIA support; Chris Saia - SuSE packaging; Chris, the Young One - Password auth fixes; Christos Zoulas - Autoconf fixes; Chun-Chung Chen - RPM fixes; Corinna Vinschen - Cygwin support; Dan Brosemer - Autoconf support, build fixes; Darren Hall - AIX patches; Darren Tucker - AIX BFF package scripts; David Agraz - Build fixes; David Del Piero - bug fixes; David Hesprich - Configure fixes; David Rankin - libwrap, AIX, NetBSD fixes; Dag-Erling Smørgrav - Challenge-Response PAM code.; Dhiraj Gulati - UnixWare long passwords; Ed Eden - configure fixes; Garrick James - configure fixes; Gary E. Miller - SCO support; Ged Lodder - HPUX fixes and enhancements; Gert Doering - bug and portability fixes; HARUYAMA Seigo - Translations & doc fixes; Hideaki YOSHIFUJI - IPv6 and bug fixes; Hiroshi Takekawa - Configure fixes; Holger Trapp - KRB4/AFS config patch; IWAMURO Motonori - bugfixes; Jani Hakala - Patches; Jarno Huuskonen - Bugfixes; Jim Knoble - Many patches; Jonchen (email unknown) - the original author of PAM support of SSH; Juergen Keil - scp bugfixing; KAMAHARA Junzo - Configure fixes; Kees Cook - scp fixes; Kenji Miyake - Configure fixes; Kevin Cawlfield - AIX fixes.; Kevin O'Connor - RSAless operation; Kevin Steves - HP support, bugfixes, improvements; Kiyokazu SUTO - Bugfixes; Larry Jones - Bugfixes; Lutz Jaenicke - Bugfixes; Marc G. Fournier - Solaris patches; Mark D. Baushke - bug fixes; Martin Johansson - Linux fixes; Mark D. Roth - Features, bug fixes; Mark Miller - Bugfixes; Matt Richards - AIX patches; Michael Steffens - HP-UX fixes; Michael Stone - Irix enhancements; Nakaji Hiroyuki - Sony News-OS patch; Nalin Dahyabhai - PAM environment patch; Nate Itkin - SunOS 4.1.x fixes; Niels Kristian Bech Jensen - Assorted patches; Pavel Kankovsky - Security fixes; Pavel Troller - Bugfixes; Pekka Savola - Bugfixes; Peter Kocks - Makefile fixes; Peter Stuge - mdoc2man.awk script; Phil Hands - Debian scripts, assorted patches; Phil Karn - Autoconf fixes; Philippe WILLEM - Bugfixes; Phill Camp

- login code fix; Rip Loomis - Solaris package support, fixes; Robert Dahlem - Reliant Unix fixes; Roumen Petrov - Compile & configure fixes; SAKAI Kiyotaka - Multiple bugfixes; Simon Wilkinson - PAM fixes, Compat with MIT KrbV; Solar Designer - many patches and technical assistance; Svante Signell - Bugfixes; Thomas Neumann - Shadow passwords; Tim Rice - Portability & SCO fixes; Tobias Oetiker - Bugfixes; Tom Bertelson's - AIX auth fixes; Tor-Ake Fransson - AIX support; Tudor Bosman - MD5 password support; Udo Schweigert - ReliantUNIX support; Wendy Palm - Cray support.; Zack Weinberg - GNOME askpass enhancement; Apologies to anyone I have missed.; Damien Miller ;