Startup to sell open-source insurance

A New York-based company has used SCO's legal battle with the Linux community to venture into open-source insurance.

A New York-based company has used SCO's legal battle with the Linux community to venture into open-source insurance.

Open Source Risk Management (OSRM), a startup company, will offer insurance policies to companies using open-source software but fear that they may be sued.

The company now offers a variety of professional services, including software certification and strategic consulting on open-source software insurance.

It is also planning a series of training sessions on how best to mitigate the risk of using open-source software, which will begin on 27 April in California.

SCO claims that the Linux operating system violates its Unix copyrights, a claim hotly disputed by the Linux community, and has sued a number of IT suppliers and even two Linux users - DaimlerChrysler and auto parts retailer AutoZone - in connection with its intellectual property (IP) claims.

Although some Linux suppliers such as Hewlett-Packard and Novell have already began to offer indemnification for their customers, these programmes are "kind of limited", said Heather Meeker, a partner with law firm Greenberg Traurig, who is working with OSRM on the training sessions.

Some indemnification programmes, for example, no longer cover users who modify their Linux software - a key feature of open source, she said.

While there may be riskier areas in high technology - companies have lost billions of dollars because of computer security breaches, for example - the intense amount of publicity generated by the SCO lawsuit has created interest in open-source software insurance, Meeker said.

Part of the reason for the concern over SCO is that the software company has acted differently from companies in proprietary IP disputes.

"One of the things that SCO did that raised concerns is they started sending letters to users of the software," Meeker said.

OSRM is providing a service that all software users should have, said Bruce Perens, an open-source advocate who has had discussions with the company.

"Software risk management is something that all software needs, and is something that's not provided adequately for proprietary software," he said.

Robert McMillan writes for IDG News Service

Read more on Operating systems software