| Startup pronounces Linux kernel clean, offers legal services and insurance |
Apr. 19, 2004
Open Source Risk Management (OSRM) is offering three insurance products it says can reduce the attractiveness of lawsuits around open source. The products include corporate indemnification insurance, a collective defense program, and a legal advice subscription service for open source developers.
OSRM, a start-up with fifteen employees based in New York City, made the news in February when it hired Groklaw editor Pamela Jones as its Director of Litigation Risk Research.
According to CEO Daniel Eggers, OSRM's indemnification services are backed by reinsurance that it buys from "a number of fairly large insurance companies." It is not, itself, an insurance company with large holdings.
OSRM uses pattern-matching technology to evaluate copyright risks in software source code, offering to indemnify anyone using code that can pass muster. Unlike Black Duck, which two weeks ago announced a software tool for copyright risk assessment, it does not plan to distribute its pattern matching software, according to Eggers.
Product 1: Indemnification
Significantly, the company says that unpatched 2.4- and 2.6 Linux source trees have passed its tests, and it is willing to indemnify anyone using them. "We have been doing our own copyright review of the Linux kernel, comparing it to different versions of Unix," said Eggers. "To the best of our knowledge, the Linux kernel is clean and not infringing anybody's copyright."
Eggers adds that OSRM plans to certify additional source trees soon, such as those from commercial embedded Linux distributors.
Several Linux vendors, including Novell, Red Hat, and HP, already indemnify customers, but only for original costs. "Typically, device developers get indemnifnication equal to what they've paid," said Eggers. "But, it might cost fives times that to recall devices, if a judge ever ordered a recall."
Eggers says even a tiny, nearly inconsequential copyright violation could result in a recall order, because embedded software is viewed as a system component and field upgrades are rarely applicable.
Eggers says the general pricing scheme for end users will be about "three percent of the maximum coverage, or about $30,000 annually for a million dollars."
Eggers adds that OSRM is talking with a number of embedded device vendors doing custom Linux implementations about their insurance needs.
Product 2: Collective defense service
A second OSRM offering targets companies that have already received demand letters from SCO or others alleging copyright violations. "You can't get insurance once someone says they're going to sue you," says Eggers.
Eggers says the scarcity of good open source IP rights lawyers prompted OSRM to start its collective defense program. "They need to know IP law, the details of the GPL and other open source licenses, and the history of Unix, including AT&T, Berkeley, and SCO. We've been finding a handful of people who are really well versed in these things, and are making them available for companies, so they can coordinate and have a defense that's more coherent," said Eggers.
Eggers add that OSRM's legal panel is coordinating activities and developing a common set of defenses and documents, representing an estimated million dollars worth of value.
Several undisclosed companies have already signed up, according to Eggers. The defense service costs $100,000, annually.
Product 3: Developers' legal advice service
The third OSRM product is a legal advice service for developers priced at $250 per year. The service aims to educate open source software developers about their rights, teach them the intellectual property value of their contribution, and explain how to minimize the chance their copyright will be challenged later. According to Eggers, a typical customer would be a developer needing to get a company to acknowledge that he or she contributed code under the GPL.
Embedded angle
According to Eggers, much of the initial interest in OSRM's services has come from the embedded quarter, in part due to well-publicized cases involving embedded devices and alleged GPL violations.
"The first wave of Linux development was developing technical parity with other OSes," said Eggers. "Now, Linux for devices is the match of any embedded operating system. Now, the war is on another ground -- the legal system -- and it has a totally different set of rules. In the end, you still need lawyers, guns, and money, and that's where we come in."
Related Stories:
(Click here for further information)
|
|
|
FUEL Database on MontaVista Linux
Whether building a mobile handset, a car navigation system, a package tracking device, or a home entertainment console, developers need capable software systems, including an operating system, development tools, and supporting libraries, to gain maximum benefit from their hardware platform and to meet aggressive time-to-market goals.
Breaking New Ground: The Evolution of Linux Clustering
With a platform comprising a complete Linux distribution, enhanced for clustering, and tailored for HPC, Penguin Computing¿s Scyld Software provides the building blocks for organizations from enterprises to workgroups to deploy, manage, and maintain Linux clusters, regardless of their size.
Data Monitoring with NightStar LX
Unlike ordinary debuggers, NightStar LX doesn¿t leave you stranded in the dark. It¿s more than just a debugger, it¿s a whole suite of integrated diagnostic tools designed for time-critical Linux applications to reduce test time, increase productivity and lower costs. You can debug, monitor, analyze and tune with minimal intrusion, so you see real execution behavior. And that¿s positively illuminating.
Virtualizing Service Provider Networks with Vyatta
This paper highlights Vyatta's unique ability to virtualize networking functions using Vyatta's secure routing software in service provider environments.
High Availability Messaging Solution Using AXIGEN, Heartbeat and DRBD
This white paper discusses a high-availability messaging solution relying on the AXIGEN Mail Server, Heartbeat and DRBD. Solution architecture and implementation, as well as benefits of using AXIGEN for this setup are all presented in detail.
Understanding the Financial Benefits of Open Source
Will open source pay off? Open source is becoming standard within enterprises, often because of cost savings. Find out how much of a financial impact it can have on your organization. Get this methodology and calculator now, compliments of JBoss.
Embedded Hardware and OS Technology Empower PC-Based Platforms
The modern embedded computer is the jack of all trades appearing in many forms.
Data Management for Real-Time Distributed Systems
This paper provides an overview of the network-centric computing model, data distribution services, and distributed data management. It then describes how the SkyBoard integration and synchronization service, coupled with an implementation of the OMG¿s Data Distribution Service (DDS) standard, can be used to create an efficient data distribution, storage, and retrieval system.
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
|
|
|
|
|
news feed