When a young Linus Torvalds was working on his now-famous Linux operating system back in the early 1990s, the Finnish programmer no doubt envisioned the dawning of a new tech era — one in which ideas would be shared freely and everybody got along. A Linux world would be a softer, gentler one, much like the penguin Torvalds chose to symbolize his revolutionary open-code OS.
Back in the real world, Torvalds's penguin has been taking quite a pounding lately. The pounder: software maker SCO Group, which insists that Linux is taken, in part, from its proprietary Unix operating system. Based on that assertion — unproven as yet — SCO claims that companies using Linux owe the vendor a licensing fee.
Until recently, Lindon, Utah-based SCO has directed most of its intellectual-property ire at purveyors of Linux; most notably, IBM Corp. and Red Hat Inc. But this spring, SCO raised the stakes considerably. In March, it filed lawsuits against auto-parts retailer AutoZone and car maker DaimlerChrysler, both corporate users of Linux. "[Litigation] certainly is not our first choice," says Blake Stowell, SCO's director of public relations. "But in some cases, we've sat down with commercial businesses and explained our issues, and some of them have simply chosen not to purchase a license or to properly compensate us."
The explanation doesn't wash with some observers. In a survey conducted by Santa Cruz, Calif.-based Evans Data Corp., more than 90 percent of developers say they don't believe the SCO/Linux lawsuits have any merit. Indeed, some observers believe the suits are mostly intended to scare other companies into paying a $699-per-processor perpetual-licensing fee to the financially strapped SCO (backer BayStar Capital recently asked the vendor to repay the $20 million it invested in the company).
So far, more than a dozen businesses have apparently purchased licenses from SCO. But the company's critics warn that such purchases may lead to more Linux-related lawsuits. "If you buy the license from SCO, you encourage everyone and their brother coming around asking for a handout," says Daniel Egger, founder and chairman of New York-based Open Source Risk Management (OSRM) LLC. "Anyone who owns a strain of Unix can turn around and ask for a licensing fee. You'll never stop paying if you pay SCO."
To avoid that scenario, some companies have begun looking into purchasing Linux indemnity plans. Not surprisingly, vendors have already begun to roll out such plans. OSRM, for one, will soon launch a program designed specifically to guard against intellectual-copyright claims filed by SCO. Pricing hasn't been announced, but Egger says he believes the cost will be between 3 and 5 percent of the maximum desired coverage. "Linux is 30 million lines of code," he notes. "We're looking at it bit by bit so we can give [insurance] underwriters confidence that this is a manageable risk."
Several IT companies are also hawking programs designed to mitigate the risk from running open-source code on corporate servers. Hewlett-Packard Co. offers indemnification coverage specifically geared for Linux users. Same thing for Red Hat. And in January, Provo, Utah-based networking giant Novell Corp. launched a software indemnification program, one that will cover copyright-infringement claims from any third-party vendor. But beware the fine print: Linux insurance from vendors typically requires software and service purchases.
Some industry watchers aren't sure Linux insurance is even necessary. "The whole SCO scare is meaningless," insists Nicholas Petreley, a Linux analyst with Evans Data. "I will be really shocked if anything comes of it." Nevertheless, Petreley cautions companies to run all the possible licensing issues by a legal team before integrating open-source code into their own products. "[Otherwise] you may run into trouble," he grants.
Meanwhile, open-source advocates are lining up to help AutoZone and DaimlerChrysler fight the SCO suit. Others are encouraging Linux users not to purchase licenses from SCO. "If you take the [SCO] license, you have to promise not to modify the code," says Pamela Jones, editor of open-source Website Groklaw and OSRM's director of litigation-risk research. "And not modifying Linux will reduce its value to your company."