Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Foundation Donates $10K to OpenSSH

Posted by ryuzaki0 on from the breath-of-fresh-air dept.

eklitzke writes to tell us the OpenBSD journal is reporting that the Mozilla Foundation is donating $10,000 USD to the OpenSSH project. This comes as good news after the recent reported financial troubles from the OpenBSD and by extension the OpenSSH team. It seems that quite a few people have answered the call for aid made by OpenBSD's de Raadt.

21 of 277 comments (clear)

  1. Contribution made to OpenSSH or OpenBSD? by Tumbleweed · · Score: 5, Interesting

    Is this going directly to OpenSSH efforts, or to OpenBSD in general? There's nothing in there that specifically states which.

    There has been much talk in the recent past about the difference between wanting to support OpenBSD (and by default, OpenSSH), and just OpenSSH itself. Is it even possible to support 'just' OpenSSH?

    Either way, a classy move by the Mozilla Foundation.

    Now if you guys can just make Thunderbird stop sucking, I'd be much happier.

    1. Re:Contribution made to OpenSSH or OpenBSD? by Anonymous Coward · · Score: 5, Informative

      For something like this, no, you cannot effectively donate JUST to OpenSSH. Even if you could specify this *specific* amount of money is to be used for that project, if they wanted to they could just allocate that much less of their own money.

    2. Re:Contribution made to OpenSSH or OpenBSD? by dizzy+tunez · · Score: 5, Informative

      Its going to both. OpenBSD and OpenSSH share the money. (Which is fine by me, since its the same dudes who makes the code to both projects)

      --
      "If you loved me, you`d all kill yourselves today"
      Spider Jerusalem
    3. Re:Contribution made to OpenSSH or OpenBSD? by dsginter · · Score: 4, Funny

      Is this going directly to OpenSSH efforts, or to OpenBSD in general?

      This is going directly to Theo's "free as in beer" fund.

      --
      More
    4. Re:Contribution made to OpenSSH or OpenBSD? by Syberghost · · Score: 5, Informative

      The Slashdot post is misleading; they donated to the OpenBSD project in general, not one specific subproject within it. Doing that would open up a can of auditing worms that wouldn't be in anybody's best interest.

  2. Serious question. by AltGrendel · · Score: 4, Interesting

    Is this something that can be deducted from Income Tax as a charitable donation?

    --
    The simple truth is that interstellar distances will not fit into the human imagination

    - Douglas Adams

    1. Re:Serious question. by iamdrscience · · Score: 4, Insightful
      Is this something that can be deducted from Income Tax as a charitable donation?
      No because they are not a registered non-profit organization, you cannot deduct contributions to them from your taxes. Honestly, I can't think for the life of me why they haven't become a non-profit yet. I mean, it's somewhat of a hassle yes, but I'm sure the benefits would be worth it. Both NetBSD and FreeBSD have set up non-profit foundations (DragonFly BSD has not).

      Seriously, not having non-profit status is certainly part of why they're having trouble getting funding. It means that any contribution made to them is taxed (so they're not able to use all the money that is given to them) and I'm sure it makes companies less likely to donate to them as well because they're not able to deduct their contribution from their taxes either. I mean, I'm not saying this is the silver bullet that would solve their funding problems, but it's certainly part of it and I think it's a bigger part than they realize.
    2. Re:Serious question. by Scott+Wunsch · · Score: 4, Interesting
      Honestly, I can't think for the life of me why they haven't become a non-profit yet.

      They may well be. However, they're also Canadian. That means:

      1. Just incorporating as a non-profit isn't enough. They'd also have to register as a charity, and in Canada, that means a lot of paperwork, and a lot of restrictions.
      2. I'm not sure how international donations work for tax purposes, but I bet it still wouldn't be easy for Americans to write off their donations, even if OpenBSD were set up as a Canadian charitable organization.
      --
      \\'
  3. Congratulations to the Mozilla Foundation by stox · · Score: 5, Insightful

    For clearly demonstrating they are part of the whole community. If other organizations would take the same attitude, we would all be much better for it.

    --
    "To those who are overly cautious, everything is impossible. "
    1. Re:Congratulations to the Mozilla Foundation by Kelson · · Score: 4, Interesting

      1. Given that Mozilla does acutlaly have a revenue stream in addition to donations, what makes you think that $10K is all redirected donations?

      2. Given that "the Mozilla project uses SSH extensively for various purposes, including securing connections to the Mozilla CVS repository," perhaps supporting further development of OpenSSH might be considered important for continued development of the browser?

      What about other uses of money that aren't directly "improving the browser?" Would it be acceptable for MoFo to buy new servers for download mirrors? Support forums? How about Windows licenses or Mac hardware for development workstations, build boxes, and QA?

      3. While we're at it, what is it with the donate-but-with-strings-attached attitude these days?

  4. NO by DAldredge · · Score: 5, Informative

    "While donations are not US tax deductible as charitable contribution" is what their website says. I guess they don't want to become a true non-profit org for some reason.

    1. Re:NO by SigILL · · Score: 4, Informative
      I guess they don't want to become a true non-profit org for some reason.

      They don't want to because of the huge administrative overhead that incurs. Theo'd much rather work on the next feature or security audit than on handling that.

      Of course, you're free to set up your own non-profit "Friends of OpenBSD" foundation if you want to.
      --
      Error: password can't contain reverse spelling of ancient Chinese emperor
  5. Trace the source by quokkapox · · Score: 4, Interesting

    This money is coming from the Mozilla Foundation, which makes serious dough from google searches run via the firefox browser's default start page and the default search engine field. So use firefox, hit CTRL-k to search with google, and keep it going.

    --
    it's a blue bright blue Saturday hey hey
  6. This just goes to show... by TechnoGuyRob · · Score: 4, Insightful

    This just goes to show how little financial support there is for open source projects. Everyone thinks that the F/OSS and contracts will relieve everything, but the truth is, open source software needs all the help that it can get. Mozilla Firefox is one of the few projects that was lucky enough to gain widespread recognition, but in order for open source to survive, we must all work for it, not take it for granted.

    You may not realize it, but there are countless of excellent OSS projects out there. Imagine the amount of people that have monetary troubles every single day; now image that as being a lot more difficult, and you will see the struggles of an open source programmer. Advertising and the occassional donation simply ISN'T going to do it. The worst part is, no one has figured out a source for an actual revenue stream. If we don't ensure the survival of an increasingly popular commercial model, we might face another "dotcom" crash--after all, money has to come from somewhere.

    1. Re:This just goes to show... by 99BottlesOfBeerInMyF · · Score: 4, Insightful

      The worst part is, no one has figured out a source for an actual revenue stream.

      Where do people get ideas like this? Revenue comes from the same place as most software, the end users. How many people does IBM pay to work on open source software they use internally? When companies want features added, customization, or support for open source software they pay someone to provide it. It is not like this is anything new. Right now I work for a company that sells hardware with a lot of customized, closed source software on it. The boxes also include a lot of open source software on them. They run Linux or a BSD as the OS and make use of lots of popular server software. We do our development using mostly open source tools. What happens when we find a bug in something? We report it. That is free QA work. Sometimes we fix it; free coding. Sometimes we need more functionality; again free coding.

      That is all work our company paid someone to do and went into open source projects. That money comes from our investors and customers. So you might say, "so what?" That is only 40-50 engineers spending maybe 5% of their time. But that is what we need, so that is what we do. There are thousands of companies out there, of all sizes, doing the same thing. Some contribute a few hours a month from one developer and some hire people full-time to just improve a project, help steer the project's direction, and be an in-house expert on it. The developers are being paid. The code is being written. The end users are getting a very good deal. That is the primary business model of open source software, and it has been working for decades.

      P.S. more people would donate to Theo's cause if he could establish a proper non-profit for the US.

  7. $10,000 doesn't go very far by RingDev · · Score: 4, Insightful

    Think of it this way, if the median salary for the development team is say $55k/year, plus benefits and taxes, and there are what maybe 4 team members (developers + manager)? You are looking at a cool 1/4 mil per year. Which means that $10k will keep the developers paid for roughly half a month of full time work.

    Nothing against OS development, but if you want a professional package, someone has to pay for it.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  8. NO by paulpach · · Score: 5, Insightful

    You could argue 0 is too low, and even then you would be wrong. Mozilla is already giving much more: The best browser in the world whose development costed a lot more in man-hours and money. They have no obligation whatsoever of giving a dime to bsd any more than you do.

    So regardless of how much money the Mozilla foundation makes, if out of their heart, self interest or whatever decide to donate $10k ( or even $10), all you get to say is "thank you", and if you really want to show appreciation, ask "is there anything I can do for you?".

  9. Re:Good for Mozilla. by liliafan · · Score: 5, Informative

    I can see their point, there are other ways to get around this problem and other tools available to people. OpenSSH is a secure project every feature you add is another potential security hole, so really is makes sense for them to refuse to add this feature, in other instances where there is no other way to workaround this problem the developers would willingly add the code to the project but this particular case has other solutions.

    --
    GeekServ Unix Consulting Services (http://www.geekserv.com)
  10. Re:Good for Mozilla. by DeBeuk · · Score: 5, Informative

    A lots of people/companies asked the OpenSSH group to include the ability to include rate limiting due to large SSH user/dictionary attacks being run by script kiddies. One person even WROTE it for them. I believe the OpenSSH group's response was "Not an ssh problem."


    It's not an ssh problem. Connection rate limiting is something you really want to do with a firewalling solution.
    --
    Reality has a notoriously liberal bias -- Stephen Colbert
  11. Re:Conspiciously absent... by SigILL · · Score: 5, Informative
    some of the larger commercial interests in the Linux World (RedHat, Novell, etc...) are NOT in there.

    Of course, they may have requested no publicity.

    Nope, they just didn't donate.

    Hell, IBM even wanted the OpenBSD team to handle end-user support for one of their high-paying customers for free.
    --
    Error: password can't contain reverse spelling of ancient Chinese emperor
  12. OpenBSD and the money by menix · · Score: 5, Insightful

    http://marc.theaimsgroup.com/?t=114312315700005&r= 1&w=2

    There has been such a great soap opera on this on the OpenBSD mailing list.

    It's nice to see mozilla.org donate some cash but the real money should be coming from IBM, Redhat, Cisco and all the other vendors that bundle OpenSSH into their products. Somewhere in that post is a link to an email chain where IBM demanded Theo fix a bug that was in OpenSSH. (I believe the bug was fixed in a more recent version of OpenSSH then they were bundling.)

    Sure, they could change the license for OpenSSH and start making money off it but that's missing the point of what the BSD license is all about.

    It costs a lot of money to run that project and keep ahead of the jerks who are trying to break into your systems every day.

    If you use products from vendors that have OpenSSH bundled in them and they aren't on http://www.openbsd.org/donations.html then send them an email and ask them to give regularly. that's the only thing we can do to help keep us safe on this hostile internet!

    GO PUFFY