Mozilla Foundation Donates $10K to OpenSSH
eklitzke writes to tell us the OpenBSD journal is reporting that the Mozilla Foundation is donating $10,000 USD to the OpenSSH project. This comes as good news after the recent reported financial troubles from the OpenBSD and by extension the OpenSSH team. It seems that quite a few people have answered the call for aid made by OpenBSD's de Raadt.
For clearly demonstrating they are part of the whole community. If other organizations would take the same attitude, we would all be much better for it.
"To those who are overly cautious, everything is impossible. "
This just goes to show how little financial support there is for open source projects. Everyone thinks that the F/OSS and contracts will relieve everything, but the truth is, open source software needs all the help that it can get. Mozilla Firefox is one of the few projects that was lucky enough to gain widespread recognition, but in order for open source to survive, we must all work for it, not take it for granted.
You may not realize it, but there are countless of excellent OSS projects out there. Imagine the amount of people that have monetary troubles every single day; now image that as being a lot more difficult, and you will see the struggles of an open source programmer. Advertising and the occassional donation simply ISN'T going to do it. The worst part is, no one has figured out a source for an actual revenue stream. If we don't ensure the survival of an increasingly popular commercial model, we might face another "dotcom" crash--after all, money has to come from somewhere.
Think of it this way, if the median salary for the development team is say $55k/year, plus benefits and taxes, and there are what maybe 4 team members (developers + manager)? You are looking at a cool 1/4 mil per year. Which means that $10k will keep the developers paid for roughly half a month of full time work.
Nothing against OS development, but if you want a professional package, someone has to pay for it.
-Rick
"Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
You could argue 0 is too low, and even then you would be wrong. Mozilla is already giving much more: The best browser in the world whose development costed a lot more in man-hours and money. They have no obligation whatsoever of giving a dime to bsd any more than you do.
So regardless of how much money the Mozilla foundation makes, if out of their heart, self interest or whatever decide to donate $10k ( or even $10), all you get to say is "thank you", and if you really want to show appreciation, ask "is there anything I can do for you?".
I brought this up in a "Ask Slashdot" a few days ago. (still pending) I'm a huge OpenSSH fan, but I do not use OpenBSD. I mainly use Linux for several reasons that I don't need to explain here. While I like OpenBSD I don't have a need to support OpenBSD. On the other hand I do use and would donate money to OpenSSH. The problem is, like so many of the children's charities among others. You donate $x amount of dollars and in the end not even a 4th of it goes to what you donated too. I wish OpenBSD lots of luck, but my interest lies only with OpenSSH and thats where I want my money to go.
A quote from the donations page:
Simply send a donation cheque in CDN/US/EUR funds made out to Theo de Raadt, since cheques made out to "OpenBSD" cannot be cashed.
There isn't a entity setup for OpenBSD or any other of their projects it seems. It's questionable what actually happens with the money donated.
OpenSSH development is tied with OpenBSD because the project is *part* of OpenBSD. People just took the time to code it to be portable, and some effort is made to make sure that it works on other Unix platforms. It is more useful that way.
What you want is much like saying that you want to donate to Thunderbird, but not have the money go to the Firefox crew, as you only use Thunderbird. The same foundation is working on both, so the money goes to the group as a whole.
And yes, de Raadt really should set up a non-profit for OpenBSD, under the OpenBSD name.
I've noticed some undue emphasis placed on OpenSSH & OpenSSL. They are GREAT packages, but not the only thing people benefit from. Don't forget, that nearly every commercial operating system has pilfered code from the BSD projects.
EVERYBODY should contribute, especially the companies that have profited from the hard work of the team.
Seriously, not having non-profit status is certainly part of why they're having trouble getting funding. It means that any contribution made to them is taxed (so they're not able to use all the money that is given to them) and I'm sure it makes companies less likely to donate to them as well because they're not able to deduct their contribution from their taxes either. I mean, I'm not saying this is the silver bullet that would solve their funding problems, but it's certainly part of it and I think it's a bigger part than they realize.
Yes, you do, if you use any of the software that they ship as part of the base install. They've put thousands of hours into auditing all those and submitting their changes upstream.
Basically, you're donating to a team who audits and secures a lot of software, some of which they write in-house. It's not meaningful to ask them to work on only your pet project since none of it stands in isolation. For example, suppose that their new memory allocator shows an error in OpenSSH. Was the fix part of their ongoing authorship of OpenSSH, or would you credit it to the memory allocator project?
Dewey, what part of this looks like authorities should be involved?
http://marc.theaimsgroup.com/?t=114312315700005&r= 1&w=2
There has been such a great soap opera on this on the OpenBSD mailing list.
It's nice to see mozilla.org donate some cash but the real money should be coming from IBM, Redhat, Cisco and all the other vendors that bundle OpenSSH into their products. Somewhere in that post is a link to an email chain where IBM demanded Theo fix a bug that was in OpenSSH. (I believe the bug was fixed in a more recent version of OpenSSH then they were bundling.)
Sure, they could change the license for OpenSSH and start making money off it but that's missing the point of what the BSD license is all about.
It costs a lot of money to run that project and keep ahead of the jerks who are trying to break into your systems every day.
If you use products from vendors that have OpenSSH bundled in them and they aren't on http://www.openbsd.org/donations.html then send them an email and ask them to give regularly. that's the only thing we can do to help keep us safe on this hostile internet!
GO PUFFY
> How much does OpenBSD donate to the third party software devs that they use?
see where it says "+ patches" in your list?that's when they contribute fixes for problems in the software. They then notify the project that actually owns the software, who can then use the patches too. This is probibally more useful than sending money.
Sitting Walrus Blog