OT: reasoning behind open vs. closed SSH

Ben Lindstrom mouring at etoh.eviladmin.org
Wed Nov 26 01:41:37 EST 2003

On Tue, 25 Nov 2003, Christian Vogel wrote:

> Hi Ben,
> On Mon, Nov 24, 2003 at 10:09:05PM -0600, Ben Lindstrom wrote:
> > >   2 - legal liability
> > This one has urked me.  Everyone keeps claiming, "Oh closed source
> > products are better due to legal liability."  However when you ask any
> > commerical company if they will pay for any product destruction or breach
> > to a system.  You'll see most of them laugh you out of the room.
> It's not about what the contract or license-agreement says,
> it's just about what the pointy-haired *think* when they buy something
> from $BIGNAME. Say, if they feel that some bug was introduced very negligent,
> they might just want to sue $BIGNAME anyhow, instead of 100 different
> individuals in the Free/OpenSource case...[1]

But you see that is the problem.  The EULA denies you that right (at least
in the US).  It has been upheld in a handful of lawsuits.  Which is where
the problem lies.

CEO of the company can imagine all he wants to about suing his vendor,
but unless it is a contractual breach he has zero rights to do so.
Otherwise Microsoft would be sued back to the dark aged after the last
year or two worth of damaged caused by "negliect".

In the limited cases where a EULA may allow indeminification the upper
limit on the risk is normally the cost of the shrinkwrap software.  Which
would barely cover the cost of someone looking in the direction of the
damaged machine.

The only argument I can give from a CEO standpoint about wanting a company
is the ability to call up their CEO/President and bitch them out for not
supporting a "loyal customer".  As a result I may get a free mouse pad and
reassurance that the problem is being "looked at".  And I walk away with a
false warm fuzzy. =)

Honestly, I'd rather have someone speak straight up to me.

- Ben

More information about the openssh-unix-dev mailing list