The show opened here on a nervous note when Open Source Risk Management revealed on Monday that there are 283 issued, but not yet court-validated, software patents that might be used in patent claims against Linux.
Because of this, OSRM announced that it will offer IP (intellectual property) insurance at an annual rate of 3 percent for $5 million in coverage against legal costs and damages.
"Dan Ravicher [leader of the OSRM patent study and executive senior counsel to the Free Software Foundation] is very, very good, and the points he makes about patents should be taken seriously," said Douglas Levin, CEO and president of Black Duck Software Inc., an information services company offering IP risk management and mitigation software solutions.
Indeed, Linux patent concerns arent just theoretical. The German city of Munich is delaying its Linux deployment because of European patent concerns. This migration of 14,000 desktop and notebook computers from Windows to SuSE Linux has been seen as one of the most significant victories for desktop Linux.
Such concerns are also the reason Red Hat has partnered with Black Duck. This deal will form part of Red Hats Open Source Assurance program, a plan to protect open-source developers and RHEL (Red Hat Enterprise Linux) subscribers from potential IP problems.
"Working with partners like Black Duck, Red Hat is committed to preserving the creative spirit of developers, fortifying the confidence enterprise users have in Linux and open source, and increasing the value of Red Hat subscriptions," said Matthew Szulik, Red Hats chairman and CEO.
Levin said Black Duck has been working with Red Hat for six months before this deal was announced and that his Waltham, Mass., firm is also working on deals with other Linux vendors and organizations. "Black Ducks mission is to help any organization concerned about the risks of combining open source and proprietary software code, either accidentally or intentionally, into its own software."
In Red Hats case, "their customers had been telling them for months that they need support in IP risk and open-source software assets management," Levin said. Black Ducks protexIP/developmentSM program uses an extensive license and source-code knowledge base to rapidly identify instances of open source software and potential license conflicts in developers code trees.
Red Hat will work with Black Duck to develop joint seminars with Red Hat Global Learning Services to educate customers on best practices in IP risk mitigation. The companies will also offer joint service offerings to assess and help implement open-source IP best practices and will deliver value-added IP risk management solutions.
But, as Karen Copenhaver, Black Ducks general counsel, points out, while Black Ducks programs protect users and developers from many kinds of IP claims, "theres no way to use search technology to find the implementation of a patentable invention. The essence of patent law is inventive activity. Search technology [such as that used in protexIP/developmentSM] is ideal for finding copying which is consistent with copyright but not patent law."