Please take note of our Who uses it page, which list just some of the vendors who incorporate OpenSSH into their own products -- as a critically important security / access feature -- instead of writing their own SSH implementation or purchasing one from another vendor. This list specifically includes companies like Cisco, Juniper, Apple, Red Hat, and Novell; but probably includes almost all router, switch or unix-like operating system vendors. In the 10 years since the inception of the OpenSSH project, these companies have contributed not even a dime of thanks in support of the OpenSSH project (despite numerous requests).
Imagine a world without OpenSSH. Would Cisco's use RDP?
Editor's Note: These companies can easily donate via the OpenBSD Foundation.
(Comments are closed)
Comments
By
Anonymous Coward (66.42.181.247)
on
Perhaps the more open source friendly USA government might be able to help out.
Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
Just another vote for USA gov funding to OpenBSD.
Comments
By
Phil Collins (79.73.187.205)
on
> Perhaps the more open source friendly USA government might be able to help out.
>
> Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
>
> Just another vote for USA gov funding to OpenBSD.
Shame Theo blew it huh?
Comments
By
Anonymous Coward (174.1.43.89)
on
> > Just another vote for USA gov funding to OpenBSD.
>
> Shame Theo blew it huh?
Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
Comments
By
Anonymous Coward (129.128.184.114)
on
So the defense (or offense?) industry is the only one with any money?
I guess so... I mean the banks are gone, the car makers will be soon,
and after that, health care, etc.
> > > Just another vote for USA gov funding to OpenBSD.
> >
> > Shame Theo blew it huh?
>
> Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
Because of the old wise saying, "never bite the hand that feeds you"...
Comments
By
Anonymous Coward (87.178.145.174)
on
> > > > Just another vote for USA gov funding to OpenBSD.
> > > Shame Theo blew it huh?
> > Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
> Because of the old wise saying, "never bite the hand that feeds you"...
Is may be old, but is it wise?
I don't think so.
It's a culture of subordination and of fear, even of not believing in your own ability to survive.
You should even take this as a lesson to change your crappy opinion: OpenBSD (or Theo) spoke out, and it's still there.
And that's better than supporting officialized, pseudo-legal murder.
> > > > > Just another vote for USA gov funding to OpenBSD.
> > > > Shame Theo blew it huh?
> > > Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
> > Because of the old wise saying, "never bite the hand that feeds you"...
>
> Is may be old, but is it wise?
It's wise because it brings you to the realisation that;
1. the hand is feeding you because you allowed it to feed you,
2. you allowed it to feed you because you know that without that feeding you would probably die,
3. the hand is feeding you because you are in need,
> I don't think so.
I admire and respect your individuality, are you American?
> It's a culture of subordination and of fear, even of not believing in your own ability to survive.
I agree, but think about it, if you had believed in your own ability to survive, would you have let that hand feed you?
> You should even take this as a lesson to change your crappy opinion: OpenBSD (or Theo) spoke out, and it's still there.
While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> And that's better than supporting officialized, pseudo-legal murder.
That's a neat way of putting it. :-)
Comments
By
Anonymous Coward (74.14.156.178)
on
Your logic is weak, if someone sees me and asks, "hey, you up for some steak and beer? My treat." Is my response, "no thanks, I think I can feed myself," or, "sure." One does not only allow someone else to give them food, seagulls take handouts all the time, they can find food on their own without the handout. Sometimes, the hand is handy, but it's not needed.
> Your logic is weak, if someone sees me and asks, "hey, you up for some steak and beer? My treat." Is my response, "no thanks, I think I can feed myself," or, "sure." One does not only allow someone else to give them food, seagulls take handouts all the time, they can find food on their own without the handout. Sometimes, the hand is handy, but it's not needed.
Umnn, in that case your understanding of my proposition is tangled.
In your assertion, you are assuming that, "that someone", is someone you already know pretty well, which was not the case between US DoD and Theo.
US DoD would be considered some rich looking guy on the street who you don't know at all, would you accept an offer for steak and beer from just anybody on the street unless you are damn hungry and thirsty? and know that you won't last long without a bite and a sip which you can't afford on your own.
I really don't know about you, but at-least I would not.
There's a difference between seagulls and highly evolved humans like us.
By
Anonymous Coward (204.80.187.9)
on
> While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
>
> > And that's better than supporting officialized, pseudo-legal murder.
>
> That's a neat way of putting it. :-)
>
You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
>
> > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> >
> > > And that's better than supporting officialized, pseudo-legal murder.
> >
> > That's a neat way of putting it. :-)
> >
>
> You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
What you've written makes no sense what-so-ever.
Maybe you could re-phrase it using a sensible tongue.
Comments
By
anonymous (24.21.85.143)
on
> >
> > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > >
> > > > And that's better than supporting officialized, pseudo-legal murder.
> > >
> > > That's a neat way of putting it. :-)
> > >
> >
> > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
>
> I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
>
> What you've written makes no sense what-so-ever.
> Maybe you could re-phrase it using a sensible tongue.
Kathe,
While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
> > >
> > > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > > >
> > > > > And that's better than supporting officialized, pseudo-legal murder.
> > > >
> > > > That's a neat way of putting it. :-)
> > > >
> > >
> > > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
> >
> > I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
> >
> > What you've written makes no sense what-so-ever.
> > Maybe you could re-phrase it using a sensible tongue.
>
> Kathe,
>
> While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
No offense against Oregonians, but I used a IP address to location mapping tool which showed the IP origination from New York and domain as YKWC.COM which is from rural Oregon
Hence my carefully worded sentence :-)
Which tool do you use for IP to location mapping?
Comments
By
anonymous (24.21.85.143)
on
> > > >
> > > > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > > > >
> > > > > > And that's better than supporting officialized, pseudo-legal murder.
> > > > >
> > > > > That's a neat way of putting it. :-)
> > > > >
> > > >
> > > > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
> > >
> > > I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
> > >
> > > What you've written makes no sense what-so-ever.
> > > Maybe you could re-phrase it using a sensible tongue.
> >
> > Kathe,
> >
> > While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
>
> No offense against Oregonians, but I used a IP address to location mapping tool which showed the IP origination from New York and domain as YKWC.COM which is from rural Oregon
> Hence my carefully worded sentence :-)
>
> Which tool do you use for IP to location mapping?
I am wrong...he's in Bend, Oregon. I tracerouted the ip and glanced at the Seattle names at first. In any case, I went to the guy's website and saw I had his software installed. I deleted it ASAP.
By
Anonymous Coward (74.14.156.178)
on
I wouldn't hold it against you if you stopped posting here, trolling like this, while fun sometimes, is not needed and definately not productive in any discussion.
De Raadt voiced his opinion in a free discussion, there is nothing about that which makes him responsible for the cutoff of funds, it's the politicians within DARPA's management who did that.
By
Anonymous Coward (74.14.156.178)
on
I wouldn't hold it against you if you stopped posting here, trolling like this, while fun sometimes, is not needed and definately not productive in any discussion.
De Raadt voiced his opinion in a free discussion, there is nothing about that which makes him responsible for the cutoff of funds, it's the politicians within DARPA's management who did that.
> > Perhaps the more open source friendly USA government might be able to help out.
> >
> > Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
> >
> > Just another vote for USA gov funding to OpenBSD.
>
> Shame Theo blew it huh?
Let's not dig up old skeletons, what's gone is gone, let's look towards the future.
I know its tough given the current economy, but, how about donating $10 towards OpenBSD?
By
Anonymous Coward (24.21.221.209)
on
> Perhaps the more open source friendly USA government might be able to help out.
>
> Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
>
> Just another vote for USA gov funding to OpenBSD.
Yes, this is worth looking into . There is a new administration in Washington, D.C. and a new effort into cyber-security. OpenBSD would be a perfect fit for an entity wanting to sponsor the development of a diverse ecosystem providing security for the government. Time for the OpenBSD Foundation to so some lobbying ?
Another AC
By
Daniel Bolgheroni (189.110.232.39)
on
Nice it got included in the official webpage of the project.
"(...) not even a dime of thanks (...)" (!)
By
Anonymous Coward (193.190.253.144)
on
Now I don't want to be silly, but you're acting like those companies are big bad boys that didn't pay their bills, while that simply isn't true.
With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
Comments
By
Kami Petersen (kokamomi)
on
> Now I don't want to be silly, but you're acting like those companies are big bad boys that didn't pay their bills, while that simply isn't true.
No they are big irresponsible boys.
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
We have to demand responsibility.
Comments
By
Anonymous Coward (77.244.194.50)
on
>
> No they are big irresponsible boys.
how are they irresponisble?
they use a very secure SSH implementation, its free and open source, why is that irrespomsible?
> We have to demand responsibility.
By making them pay for something thats free?
Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Comments
By
jkm (194.237.142.10)
on
> > We have to demand responsibility.
> By making them pay for something thats free?
>
> Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Giving away money to ensure that they can continue to get security fixes and new functionality in the worlds best SSH implementation. Especially as they ported it to their own sorry as OS and now are dependant on OpenSSH. I think its a valid business argument but it still takes guts and balls..
By
Daniel Bolgheroni (189.110.203.141)
on
> Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Yes, maybe you're right. Big companies must make money no matter how. They must not invest in environmental programs or sustainability. Nor donate 0.1% of their profits to such a project like OpenBSD cause this would cause investors to become a little more poor.
Hey, come on, have you used open source software before? Do you know why OpenBSD/OpenSSH claims for donations?
By
Anonymous Coward (128.171.90.200)
on
> >
> > No they are big irresponsible boys.
> how are they irresponisble?
> they use a very secure SSH implementation, its free and open source, why is that irrespomsible?
>
> > We have to demand responsibility.
> By making them pay for something thats free?
>
> Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
They can contribute to the foundation which makes it a charitable donation. That's a big tax write off, plus some free publicity.
Oh .... and you increase your customer base as the cynical open source community thinks your safe to deal with.
Comments
By
Anonymous Coward (24.84.108.117)
on
> They can contribute to the foundation which makes it a charitable donation. That's a big tax write off, plus some free publicity.
Steak & lobster is a tax write-off too, and much more delicious.
> Oh .... and you increase your customer base as the cynical open source community thinks your safe to deal with.
What about my safe?
By
Isak (77.244.194.50)
on
> Now I don't want to be silly, but you're acting like those companies are big bad boys that didn't pay their bills, while that simply isn't true.
>
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
I have to agree with this one.
Its the wonder of BSD, anyone can use it, i think the frase was "even to bomb austalia".
I hope this thing doesnt turn into a darren reed situation.
By
Anonymous Coward (81.165.178.114)
on
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
Yes, the code is developed and given away for free. But, it seems company's are making big money using open-source software.
So, there's no shame in knocking on their door and making them realize that they actually are making money because they can just use your software. And, if they would just give back a little to the projects making the free software, those projects can make sure they stay alive and maybe even do better.
If these big boys would have to pay license fees for all the free software out their, maybe they wouldn't be as big as they are today. Sharing can work in both directions you know.
By
Anonymous Coward (87.178.145.174)
on
> Now I don't want to be silly, but you're acting like those companies are big bad boys that didn't pay their bills, while that simply isn't true.
>
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
How are you "thinking"??
Of course you can.
You only can't claim legal entitlement.
But you can ask for a gift, or a favor, even claim moral responsibility (if that's how your moral works).
I don't see any problem here.
Do you really think that the only things one can claim are "rights" or "obligations"? Don't you think that good, free people can go beyond this simplistic way of looking at life and relations in such a legalistic, "I have the right to" way?
And don't you think that there are natural responsibilities, wishes, goodheartedness, etc., propting you freely to do certain actions although nobody supervises, controls, punishes you if you don't?
By
sthen (2a01:348:108:155:216:41ff:fe53:6a45)
on
> Now I don't want to be silly, but you're acting like those companies are big bad boys that didn't pay their bills, while that simply isn't true.
Ever been to some public event, like a music concert or something, which was put on with no entry charge, but where donations are requested to cover costs? Sure, you can go without paying, but putting some money in the donations bucket is the responsible thing to do, and you benefit too because it increases the likelihood of another one in the future.
Stretching the analogy a bit, but I think it holds: some company shows up and makes a recording of the concert to sell, without putting a penny in the bucket. Ok, they're allowed to, but it's not really on, is it? Not only is it unfair to the people putting on the show, but in effect they're taking money from the many private individuals who _are_ donating.
Comments
By
Anonymous Coward (24.84.108.117)
on
> Ever been to some public event, like a music concert or something, which was put on with no entry charge, but where donations are requested
> to cover costs? Sure, you can go without paying, but putting some money in the donations bucket is the responsible thing to do, and you benefit
> too because it increases the likelihood of another one in the future.
The likelihood of OpenSSH not releasing another version because of lack of funding has 10 years of evidence saying that won't happen. And if it does, a big company can simply pay their own developers to maintain it.
> Stretching the analogy a bit, but I think it holds: some company shows up and makes a recording of the concert to sell, without putting a penny
> in the bucket. Ok, they're allowed to, but it's not really on, is it? Not only is it unfair to the people putting on the show, but in effect
> they're taking money from the many private individuals who _are_ donating.
Taking money? You have a really warped brain. It's not unfair when everyone involved in the concert says "Come to the concert, it's free. Record it, you're free to do so. Even sell your recording, all free." When someone does the very thing they were given permission to do, how is it unfair?
By
Rich (195.212.199.56)
on
I wish you the very best of luck with this. I really do.
I just can't help thinking that if these companies have not given back anything over the last 10 years, then it's unlikely they'll start now. You can probably try and embarrass them into it, but they probably don't 'do' embarrassment and they don't care.
The ONLY way I can see you could get any money from them is by changing the licence such that it says "If you're Cisco or Apple or ... then you owe us ...", but obviously that's not going to happen.
Comments
By
Anonymous Coward (98.127.110.254)
on
>they probably don't 'do' embarrassment and they don't care.
Possibly, but we don't know until we try, do we? When I was managing the small network for a non-profit in DC a few years ago, their 24-port switch wasn't cutting it anymore, so I replaced it with an HP switch. I noticed that the SSH used was OpenSSH, and wrote them a polite email asking that at least a portion of the profit be returned to the OpenBSD project.
Surely my email wasn't what did it, but I can only assume mine was a voice among (relative) multitudes that eventually ended up with a donation to the OpenBSD Foundation.
The (possibly apochryphal) Chinese proverb is relevant:
The river wears down the rock, not with strength, but with persistence.
By
Anonymous Coward (169.244.70.146)
on
A common pattern these days is for vendors to support development by paying someone to work on the code. They often hire a developer or dedicate someone inside the company to work on the code. I think companies feel that this gives them more control over how the money is spent.
Either way, I hope companies that benefit from the work of various projects such as OpenBSD, the Apache Foundation, and x.org can help keep these projects going.
Comments
By
Anonymous Coward (88.217.158.50)
on
> A common pattern these days is for vendors to support development by paying someone to work on the code. They often hire a developer or dedicate someone inside the company to work on the code. I think companies feel that this gives them more control over how the money is spent.
unfortunately for theo this does not give _him_ any money.
and this is what this cry for donations is all about.
By
Anonymous Coward (132.236.176.65)
on
Give me a list of the vendors that DO return the favor, so I can do business with them.
Comments
By
Justin (216.17.75.76)
on
> Give me a list of the vendors that DO return the favor, so I can do business with them.
You want a list of contributors? Here you go http://www.openbsd.org/donations.html
Comments
By
Anonymous Coward (132.236.176.65)
on
> > Give me a list of the vendors that DO return the favor, so I can do business with them.
>
> You want a list of contributors? Here you go http://www.openbsd.org/donations.html
This list is mostly useless. I'm in it because I donated something like $20 back in 2004. For all I know half of those names could be $1 contributors.
Say I want to buy a load of hardware but want it from "The good guys", I would find it helpful to see a list of a) hardware vendors, b) who gave more than $1, and I might even buy from the company that gave the largest donation.
> This list is mostly useless. I'm in it because I donated something like $20 back in 2004. For all I know half of those names could be $1 contributors.
>
> Say I want to buy a load of hardware but want it from "The good guys", I would find it helpful to see a list of a) hardware vendors, b) who gave more than $1, and I might even buy from the company that gave the largest donation.
The amount of the financial contribution is relative.
A $10,000 donation from a large profitable company that rakes in $10 million in revenue is one thing.
A "measly" $50 donation from a startup that's still operating at a loss and working hard to make ends meet to feed its employees is another.
By
Anonymous Coward (89.8.55.165)
on
> Give me a list of the vendors that DO return the favor,
> so I can do business with them.
Here's the list:
*
Guess you're out of luck ;-)
By
Erik Carlseen (68.107.78.192)
on
I know this may be difficult to believe - schmoozing will get larger checks written than shaming will. Software written on the BSD license is given to the world with very few restrictions, so there's not a massive moral case against people and corporations who use it ... with very few restrictions. There's an excellent business case to be made for donating to OpenBSD, but it's hard to sell a business case with the current approach.
Another difficult thing is that the entire process seems very "open-ended." There are always needs for and requests for donations, but (aside from specific projects) there never seems to be a periodic goal (yearly, quarterly, monthly, etc.). As insane as it may sound, going to a person or company and saying "we need this amount of money to do x" is easier for them to digest than "we need a non-specific amount of money to do non-specific things." Look at how well people respond to requests for donations for specific things like new machines for developers, for example. Most of these things that I see on Undeadly are funded within a few days. For the "general fund," I'd create an annual budget for things like supporting developers, hackathons, development machines, hosting, and the dozens of other things I'm not thinking of. Publish this list, then create quarterly and annual donation targets and keep the progress towards these targets publicly available. Remind people (in a non-threatening way!) of the consequences of not hitting these targets - such as that OpenBSD and OpenSSH are on the cutting edge of security, and that improvements in these areas benefit the entire world and "improve the breed" of computing in general and it would really suck to see these improvements impeded just because some large companies couldn't find the time (they have the money) to justify (remember, someone on the inside needs to stick their butt on the line sell it up the chain) cutting a check that's probably less than their CEO's annual budget for foot massages. You get the picture.
The final thing I'd suggest - I'm not sure it will fly, but I'm suggesting it anyway - is to sell annual "Platinium / Gold / whatever" sponsorships. They'll need something tangible: for example, thanking them publicly in the documentation and help messages in all releases during their sponsorship year, and perhaps a section of the web site thanking the current and previous year's "Platinium / Gold / whatever" sponsors. I would think that for a project like OpenSSH that's used by most of the known universe, you could set the top level of sponsorship in the $250K / year range +/- $150K (it's a tough time to guess these things). The first year will be difficult to test because the economy sucks and even without that factor it's still difficult to feel out the market for a good price point. Yes, it runs the risk of NASCAR-izing the projects, but if that's what it takes to keep the project at the level of funding you want then you do what you have to do. On the other hand, when the economy is good you can play sponsors off of each other ("You know, TLA corporation is a diamond sponsor and it makes them look really good and you want to look really good, too, don't you?" - more eloquent than that, but you see what I mean).
Anyway, I hope these suggestions based on my forays into PHB-land are helpful.
Comments
By
Erik Carlseen (68.107.78.192)
on
If it helps, you can think of it as hacking the social and economic infrastructure of The Man. :-)
Comments
By
Erik Carlseen (68.107.78.192)
on
Or slipping packets through their budgetary firewalls.
By
Rich (195.212.199.56)
on
Some common-sense suggestions.
Unfortunately, these (and other) things have been suggested before, but they never, ever seem to get acted upon.
As for smooching, while I agree with what you say, it seems the antagonistic approach is the order of the day for OBSD. I don't say this as a flame; it's extremely well documented, and you all know what I'm referring to. I'm sure the reason we have so little co-operation between OBSD and other projects (Linux being a classic example) is that, quite frankly, the OBSD project stance is often pretty obnoxious. Who wants to do business with a project that's so difficult to talk to. We're even obnoxious to each other - a quick scan of the misc mailing list will show hundreds of examples of (maybe inexperienced) people asking perfectly reasonable questions or making suggestions only to be blasted into next week with some completely unwarranted abuse. I love OBSD; it's a fantastic OS. It's clean. It's simple. I wouldn't like to use anything else. I buy the CDs, I donate cash. ...but I HATE the attitude that prevails; a combination of stuck-up goodness-knows-what and general unpleasantness. I don't refer to the mailing lists any more; they are too full of abuse.
Threats and abuse rarely get you anywhere unless you have some sort of legal instrument backing you up. The nature of the BSD licence means that (generally) no such legal instrument exists (because nobody is actually breaking the licence agreement). So that leaves you with only one option - try to be nice instead :-) Painful, I know. But maybe it's worth a try.
Comments
By
wim wauters (82.69.131.70) undeadly@unisoftdesign.co.uk
on
www.unisoftdesign.co.uk
> a quick scan of the misc mailing list will show hundreds of examples of (maybe inexperienced) people asking perfectly reasonable questions or making suggestions only to be blasted into next week with some completely unwarranted abuse.
Sure, programmers and sysadmins could spend all day being nice to people with lazy brains!
The road to hell is paved with good intentions. Or trying to please everyone.
I admire the OpenBSD project for being efficient and focussed.
If you want a more crowd-pleasing attitude, why don't you stick to Apple?
Comments
By
tedu (udet)
on
> > a quick scan of the misc mailing list will show hundreds of examples of (maybe inexperienced) people asking perfectly reasonable questions or making suggestions only to be blasted into next week with some completely unwarranted abuse.
>
> Sure, programmers and sysadmins could spend all day being nice to people with lazy brains!
a better response would be to ask for examples. I just did a quick scan of misc for the last few days and don't remember anyone being blasted into next week, let alone hundreds of them.
the "misc is mean" meme is perpetuated by people who don't post there and people saying "that's how we like it", but neither makes it true.
By
Anonymous Coward (114.30.119.39)
on
OpenBSD is a meritocracy. A healthy dose of intellectual arrogance serves it purpose well here. There is no (well, minimal) flaming for the sake of flaming - it is all about rejecting inferior ideas. Sometimes the tone of the response(s) can appear harsh, but its generally just clashing of brains. There is a certain Darwinism in it.
It makes contributors think, "Am I confident that my patch is worthwhile and will not make me look stupid?". If you don't know, then you're probably just wasting people's time. Of course, there is a strong culture of telling people to RTFM. And with the exceptional documentation available, no one really has an excuse.
So just harden the fuck up, ok?
Comments
By
Anonymous Coward (128.171.90.200)
on
> OpenBSD is a meritocracy. A healthy dose of intellectual arrogance serves it purpose well here. There is no (well, minimal) flaming for the sake of flaming - it is all about rejecting inferior ideas. Sometimes the tone of the response(s) can appear harsh, but its generally just clashing of brains. There is a certain Darwinism in it.
>
> It makes contributors think, "Am I confident that my patch is worthwhile and will not make me look stupid?". If you don't know, then you're probably just wasting people's time. Of course, there is a strong culture of telling people to RTFM. And with the exceptional documentation available, no one really has an excuse.
>
> So just harden the fuck up, ok?
The people who tend to get "blasted" are generally people who will not admit when they are wrong, their ego is bruised and so they continue to post again and again. That is when it becomes harsh.
By
James Frazer (70.82.135.116) james.frazer@gmail.com
on
I agree. I don't really like the present method the OpenBSD project is using to try and get money. One of the main reasons OpenSSH is used everywhere IS because it is free. Had it been released as a commercial project then some other free alternative would be the defacto standard. I think it's pretty pathetic to release something for free then whine about wanting money for it a number of years after it has become standard.
So what if all these companies use SSH? They use a whole lot of other pieces of software as well, and if they had to dish out money for each chunk of borrowed software then they'd quickly become unprofitable.
Comments
By
Anonymous Coward (98.127.110.254)
on
Price of 1 year support subscription for basic Red Hat Enterprise Linux: $349US
Percentage of interactions with RHEL servers that utilize OpenSSH: ~100%
Amount Red Hat has donated to continue to maintain an integral piece of software which allows them to be in business: $0US
While there's no legal obligation for any commercial entity to send money back, they can still be labelled as poor community members for not doing so.
It's bad news all around money-wise for pretty much everybody right now, but that's when open source projects need the most support, since contributors may be too busy making ends meet to spend time maintaining software pro bono.
Comments
By
Anonymous Coward (128.171.90.200)
on
> While there's no legal obligation for any commercial entity to send money back, they can still be labelled as poor community members for not doing so.
I bet there are no RHEL users complaining that RedHat are not donating to OpenSSH, until that happens you're plum out of luck.
Also remember RedHat do not make their money selling OpenSSH, they make their money selling support for RHEL.
Comments
By
Anonymous Coward (98.127.110.254)
on
> > While there's no legal obligation for any commercial entity to send money back, they can still be labelled as poor community members for not doing so.
>
> I bet there are no RHEL users complaining that RedHat are not donating to OpenSSH, until that happens you're plum out of luck.
>
> Also remember RedHat do not make their money selling OpenSSH, they make their money selling support for RHEL.
My point was that OpenSSH is a key part of what allows them to have a profitable business. It's not a hard argument to follow.
By
Dan Farrell (danstermeister)
on
dannosbeerblog@blogspot.com
Your arguments are valid to me- while everyone is entitled to their opinion, it's easy to understand why you're not getting money from entities that you rail against. Not playing nice-nice has gotten decent but limited results, plain and simple. People who get upset at that assessment, I feel, are getting their panties in a twist.
It's not that it's wrong to speak out, and it's certainly not wrong to want money from these companies. But logic has to dictate that many companies that receive negative pressure from a project are likely to never consider funding it. What's my proof? This article. duh!
And your funding idea certainly smacks of Wikipedia's style of funding, which apparently seems to be working for them. Rhetorically, what's the worst that could come of running a campaign of that sort?
The OpenBSD Foundation is still pretty young- hopefully it will come around to some of these and other innovative approaches.
By
rrioux (12.24.41.131)
on
Honestly, the only way to get around this would be to introduce a new license. Free for users, and to be used everywhere except being redistributed for use with a product which charges for software or service related to software.
Therefore users are happy, business users are happy, but people that redistribute it in a form in which they make a profit need to pay or get a possibility to get sued.
I think ill call it the License FUNSORTS (Free for Use Not for Sale Or Relation To Sale)
By
Anonymous Coward (24.119.18.143)
on
I've been looking about for grants to fund a local service organization and took the time to search for funding sources that focus on funding free and open source software - while I could identify funding for dramatic productions for preschoolers in and around Boston (or anywhere/anything else you might guess) the only one I know about is Melon, but software wasn't even an area of specialization available in the search criteria for the database of funding sources.
Rather than getting all confrontational, how about approaching these organizations through their philanthropy offices (they all have 'em) and make a grant request by way of the traditional channels. Now, I realize that all giving is getting harder, but at least this is how other worthy, non-IT, projects request and receive funds from these organizations. Who knows, maybe Walmart will donate a couple grand to the OpenSSH project, supporting local service organizations is something they do very well. Call it the secure network neighborhood...
If you want money, you need to hunt it down and kill it yourself - actively making requests for supporting grants is the best way to approach these firms - it is how they expect to be approached.
By
Anonymous Coward (195.53.217.165)
on
Keep crying, guys, keep crying ...
By
Anonymous Coward (81.182.66.78)
on
> these companies have contributed not even a dime of thanks in support of the OpenSSH project (despite numerous requests)
Sorry, but i do not understand this sentence. I'm not a native english speaker (not a troll, really). What this means exactly? This companies completely deny to support OpenSSH despite using it in their devices and products?
Thanks,
Comments
By
Anonymous Coward (69.181.125.73)
on
> Sorry, but i do not understand this sentence.
These companies include OpenSSH in their products, and the OpenSSH developers have repeatedly asked these companies for donations, but these companies have never donated to OpenSSH.
By
Chris (68.0.21.193)
on
OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. ... The software is developed in countries that permit cryptography export and is freely useable and re-useable by everyone under a BSD license.
http://www.openssh.org/
Change FREE to gratis.
Comments
By
Anonymous Coward (114.30.119.39)
on
Go jerk off Stallman, and anyone else who likes to abuse the word 'freedom' such that it loses all meaning.
By
Loki 2 (218.214.194.113)
on
> OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. ... The software is developed in countries that permit cryptography export and is freely useable and re-useable by everyone under a BSD license.
>
> http://www.openssh.org/
>
> Change FREE to gratis.
NO! OpenSSH IS FREE unlike the linux stuff that is gratis but UNfree.
Comments
By
Anonymous Coward (139.70.118.137)
on
> > OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. ... The software is developed in countries that permit cryptography export and is freely useable and re-useable by everyone under a BSD license.
> >
> > http://www.openssh.org/
> >
> > Change FREE to gratis.
>
> NO! OpenSSH IS FREE unlike the linux stuff that is gratis but UNfree.
Since it's FREE and advertised that way, why the complaints about donations?
Comments
By
Anonymous Coward (74.14.156.178)
on
The complaint comes in the same way that if I am giving out answers for the upcoming Exam, I'd like a coffee from some of the Jocks passing their classes because of me. It's not a law, but it is a nice thing to do. One could call it playing nice, not that the Jocks ever do that with Nerds.
By
Loki 2 (218.214.194.113)
on
Since it's FREE and advertised that way, why the complaints about donations?
There are no complaints really - just a statement of fact. It's just like reminding people (who can afford a little - or a lot) not to starve to death the goose that lays the golden eggs.
I can't see anybody putting pressure on the little indie linux distros who get by on donations but it is surely miserly to the point of outright lousiness for Hed Rat, Apple, Cisco, IBM, et al, to distribute untold thousands of copies without even a token contribution.
They won't miss the water 'til the well runs dry, I suppose.
By
c2 (208.191.177.19)
on
Quite sad, really. 0.01% of the CEO's bonus would go a long way here.
Too bad OpenSSH can't somehow get a piece of the Obama stimulus package action. It's probably a far worthier project than some other potential recipients. Then the US government could recoup that from said corporations (amongst us other taxpayers).
Oh well, in the meantime I'll buy a 4.5 CD.
By
Sum Yung Gai (151.188.18.45) sumgai@cmosnetworks.com
on
Yeah, I know, the BSD license proponents don't like the GPL. But this is exactly why it was created--problems like this. With it, these big megacorps either contribute back, or they don't use the code and are free to write their own implementation.
You want contributions for your project? Great, then do like the original (pre-Sun, very profitable and successful) MySQL AB did. License it under the GPL, and then offer a "commercial" license for the same exact code for the Ciscos, Junipers, and Apples of the world. *If* your project is good and of value, you *will* get your financial contributions, and your project remains Free Software! If it worked for MySQL, it can work for you.
--SYG
Comments
By
Loki 2 (218.214.194.113)
on
> Yeah, I know, the BSD license proponents don't like the GPL. But this is exactly why it was created--problems like this. With it, these big megacorps either contribute back, or they don't use the code and are free to write their own implementation.
>
> You want contributions for your project? Great, then do like the original (pre-Sun, very profitable and successful) MySQL AB did. License it under the GPL, and then offer a "commercial" license for the same exact code for the Ciscos, Junipers, and Apples of the world. *If* your project is good and of value, you *will* get your financial contributions, and your project remains Free Software! If it worked for MySQL, it can work for you.
>
> --SYG
Bullshit! We appreciate truly FREE code.
Offering code under the GPL and having a commercial version is no better than offering a BSD version and a commercial version. ISTR that the MySQL commercial code was "enhanced". Whatever.
The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
Nahhh.
We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
Comments
By
Sum Yung Gai (151.188.18.45) sumgai@cmosnetworks.com
on
> Bullshit! We appreciate truly FREE code.
Great! Welcome, brother, because the GPL helps to guarantee your freedom. :-)
> Offering code under the GPL and having a commercial version is no better than offering a BSD version and a commercial version. ISTR that the MySQL commercial code was "enhanced". Whatever.
>
Sure it is. That helps to get contributions into the upstream Free Software project. Not the only way, for sure, but apparently a very effective one.
As for MySQL "enhanced", not that it's relevant, really, but MySQL AB made it quite clear that indeed the MySQL code was exactly the same. The only difference was the license. If any "enhancing" was done, it was done by the entity that paid for that "proprietary" license...not by MySQL AB. Remember, this is pre-Sun MySQL.
> The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
>
Use of the GPL is a very good incentive to get them to "play fair" and not leech like that anymore. Isn't that what we want to have happen?
> Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
> Nahhh.
>
Of course they would. It just wouldn't be Free Software (GPL *or* BSD), and at worst, the protocol would very likely be kept secret or possibly patent-encumbered.
> We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
>
Clearly you don't like Debian devs, and that's OK. They probably don't like you, either. :-) But take heart; I still think you're cool, and we know that counts for everything this world has to offer. :-D
--SYG
Comments
By
Loki 2 (218.214.194.113)
on
> > Bullshit! We appreciate truly FREE code.
>
> Great! Welcome, brother, because the GPL helps to guarantee your freedom. :-)
No it doesn't. It helps put me in chains if I write code or want to "borrow" a bit of code. I've taught Linux classes for IBM (before I discovered OpenBSD) and IBM made very certain that we knew very well what obligations the GPL put on us. All of the squillion clauses.
>
> > The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
> >
>
> Use of the GPL is a very good incentive to get them to "play fair" and not leech like that anymore. Isn't that what we want to have happen?
No. The GPL is as unfree as code gets. IAC how much would corporations which don't contribute to OpenSSH contribute if the licence changed? I'd bet it would be the same.
>
> > Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
> > Nahhh.
> Of course they would. It just wouldn't be Free Software (GPL *or* BSD), and at worst, the protocol would very likely be kept secret or possibly patent-encumbered.
You don't really know anything about SSH do you?
The protocols are out there. Any other "protocol", secure only by obscurity, would not interoperate with the world. As for patents, you are really full of it. There is so much prior art it doesn't rate.
>
> > We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
> >
>
> Clearly you don't like Debian devs, and that's OK.
Don't put words in my mouth. I said "a Debian dev" and I only nominated who he was coding for to identify the event I referred to. He caused the SSL keygen to generate weak keys.
Doing good SSH code is the province of some very select programmers. It's not for your average mug with a bit of C, used to writing games, drivers, or accounting apps.
By
jirib (89.176.154.63)
on
"The IBM Systems Director on x86 DVD no longer includes OpenSSH for
Windows. If a Platform-Agent managed system or Common-Agent managed
system does not have a Secure Shell (SSH) package installed, IBM Systems
Director Server cannot communicate securely with the managed system. To
secure communication, install OpenSSH on the managed system. Download
OpenSSH for Windows from www.sourceforge.net/projects/sshwindows/ and
update the managed system with SSH."
By
Martin (124.169.173.239)
on
Red Hat is probably the largest contributor to Xorg and gcc.
Red Hat probably the largest contributor to Gnome and several other things OpenBSD users use.
OpenSSH is used by Red Hat. Red Hat code is used by OpenBSD.
Here is a partial list of some major Red Hat open source contributions:
http://fedoraproject.org/wiki/RedHatContributions
Comments
By
Loki 2 (218.214.194.113)
on
> Red Hat is probably the largest contributor to Xorg and gcc.
>
> Red Hat probably the largest contributor to Gnome and several other things OpenBSD users use.
>
> OpenSSH is used by Red Hat. Red Hat code is used by OpenBSD.
>
> Here is a partial list of some major Red Hat open source contributions:
> http://fedoraproject.org/wiki/RedHatContributions
And Hed Rat's profit is? Compared with a non-profit outfit that writes better code than those guys know how to.
Having had a client with a very busy mailserver running on RHES in a hosting centre which would only install official release RH OSes, I know all too well how lousy their service was. They couldn't get an upgrade to fix a bug in the RH implementation of Postfix and had to backlevel the complete OS to get one that worked.
Really professional? But they have the profits to prove that marketing is better than good code.
And they still don't contribute for the highest security item in their product. Sux.
By
Anonymous Coward (87.182.206.157)
on
While everybody and every company may feel free to donate to Theo or the OpenBSD Foundation they
should not feel free to consider these donations being tax deductable. [This should be valid for
most countries, reason below.]
The donations page http://openbsdfoundation.org/donations.html clearly states:
"We are not a registered charity, in the sense that we do not issue tax deductible receipts."
And while I understand the reasons for the foundation not being a registered charity I also
understand that it is difficult for many companies to donate money because both Theo/OpenBSD and
The OpenBSD Foundation are not registered charities.
Donating as a company usually means someone has to make a decision to spend money that does not
belong to himself. You might expect the company to have strict rules for this situation (and here
I resist to joke about those millions for cashburners).
Chances are that one of the rules sounds like "we donate to registered charities only" because it
is an easy rule that removes a big part of the burden of checking the recipient to someone else
(usually the state). In fact, I would expect any reasonable management to implement this rule.
So there is no solution without overhead.
Setting up a registered charity is a pain in the neck and this is not going to change (after all,
being allowed to issue tax deductible receipts without all that WOULD mean being allowed to print
money).
If one is after donations from the big guys one must at least try to make it easy for them.
Please take note of our Who uses it page, which list just some of the vendors who incorporate OpenSSH into their own products -- as a critically important security / access feature -- instead of writing their own SSH implementation or purchasing one from another vendor. This list specifically includes companies like Cisco, Juniper, Apple, Red Hat, and Novell; but probably includes almost all router, switch or unix-like operating system vendors.
In the 10 years since the inception of the OpenSSH project, these companies have contributed not even a dime of thanks in support of the OpenSSH project (despite numerous requests).
By Anonymous Coward (66.42.181.247) on
Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
Just another vote for USA gov funding to OpenBSD.
Comments
By Phil Collins (79.73.187.205) on
>
> Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
>
> Just another vote for USA gov funding to OpenBSD.
Shame Theo blew it huh?
Comments
By Anonymous Coward (174.1.43.89) on
>
> Shame Theo blew it huh?
Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
Comments
By Anonymous Coward (129.128.184.114) on
I guess so... I mean the banks are gone, the car makers will be soon,
and after that, health care, etc.
So sad...
By Mayuresh Kathe (59.182.236.106) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
> >
> > Shame Theo blew it huh?
>
> Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
Because of the old wise saying, "never bite the hand that feeds you"...
Comments
By Anonymous Coward (87.178.145.174) on
> > > Shame Theo blew it huh?
> > Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
> Because of the old wise saying, "never bite the hand that feeds you"...
Is may be old, but is it wise?
I don't think so.
It's a culture of subordination and of fear, even of not believing in your own ability to survive.
You should even take this as a lesson to change your crappy opinion: OpenBSD (or Theo) spoke out, and it's still there.
And that's better than supporting officialized, pseudo-legal murder.
Comments
By Mayuresh Kathe (59.182.228.100) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
> > > > Shame Theo blew it huh?
> > > Yeah! You're so right! Why state that is better to help the OpenBSD project than build bombs and invade other countries. I can see how the later is so much better to benefit humanity.
> > Because of the old wise saying, "never bite the hand that feeds you"...
>
> Is may be old, but is it wise?
It's wise because it brings you to the realisation that;
1. the hand is feeding you because you allowed it to feed you,
2. you allowed it to feed you because you know that without that feeding you would probably die,
3. the hand is feeding you because you are in need,
> I don't think so.
I admire and respect your individuality, are you American?
> It's a culture of subordination and of fear, even of not believing in your own ability to survive.
I agree, but think about it, if you had believed in your own ability to survive, would you have let that hand feed you?
> You should even take this as a lesson to change your crappy opinion: OpenBSD (or Theo) spoke out, and it's still there.
While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> And that's better than supporting officialized, pseudo-legal murder.
That's a neat way of putting it. :-)
Comments
By Anonymous Coward (74.14.156.178) on
Comments
By Mayuresh Kathe (59.182.239.44) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
Umnn, in that case your understanding of my proposition is tangled.
In your assertion, you are assuming that, "that someone", is someone you already know pretty well, which was not the case between US DoD and Theo.
US DoD would be considered some rich looking guy on the street who you don't know at all, would you accept an offer for steak and beer from just anybody on the street unless you are damn hungry and thirsty? and know that you won't last long without a bite and a sip which you can't afford on your own.
I really don't know about you, but at-least I would not.
There's a difference between seagulls and highly evolved humans like us.
By Anonymous Coward (204.80.187.9) on
> While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
>
> > And that's better than supporting officialized, pseudo-legal murder.
>
> That's a neat way of putting it. :-)
>
You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
Comments
By Mayuresh Kathe (59.182.231.64) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
> > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> >
> > > And that's better than supporting officialized, pseudo-legal murder.
> >
> > That's a neat way of putting it. :-)
> >
>
> You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
What you've written makes no sense what-so-ever.
Maybe you could re-phrase it using a sensible tongue.
Comments
By anonymous (24.21.85.143) on
> > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > >
> > > > And that's better than supporting officialized, pseudo-legal murder.
> > >
> > > That's a neat way of putting it. :-)
> > >
> >
> > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
>
> I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
>
> What you've written makes no sense what-so-ever.
> Maybe you could re-phrase it using a sensible tongue.
Kathe,
While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
Comments
By Mayuresh Kathe (59.182.230.30) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
> > > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > > >
> > > > > And that's better than supporting officialized, pseudo-legal murder.
> > > >
> > > > That's a neat way of putting it. :-)
> > > >
> > >
> > > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
> >
> > I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
> >
> > What you've written makes no sense what-so-ever.
> > Maybe you could re-phrase it using a sensible tongue.
>
> Kathe,
>
> While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
No offense against Oregonians, but I used a IP address to location mapping tool which showed the IP origination from New York and domain as YKWC.COM which is from rural Oregon
Hence my carefully worded sentence :-)
Which tool do you use for IP to location mapping?
Comments
By anonymous (24.21.85.143) on
> > > > > While I respect and admire Theo for his outspokenness and his ability to call a mistake a mistake, I also believe that Theo should exert a certain level of diplomacy while dealing with entities which are as large as the US government.
> > > > >
> > > > > > And that's better than supporting officialized, pseudo-legal murder.
> > > > >
> > > > > That's a neat way of putting it. :-)
> > > > >
> > > >
> > > > You are a total pussy. Why not come into the USA and suck some redneck cock. The kind that shoots dope 4 times a day and drinks beer all night. They will show you waht respect means, even when you're bleeding all over.
> > >
> > > I wouldn't expect a New Yorker to use such foul language, but then again, you might be from rural Oregon.
> > >
> > > What you've written makes no sense what-so-ever.
> > > Maybe you could re-phrase it using a sensible tongue.
> >
> > Kathe,
> >
> > While his language is foul, please notice the IP address (unlike mine) does not go to Oregon, it goes to Seattle.
>
> No offense against Oregonians, but I used a IP address to location mapping tool which showed the IP origination from New York and domain as YKWC.COM which is from rural Oregon
> Hence my carefully worded sentence :-)
>
> Which tool do you use for IP to location mapping?
I am wrong...he's in Bend, Oregon. I tracerouted the ip and glanced at the Seattle names at first. In any case, I went to the guy's website and saw I had his software installed. I deleted it ASAP.
By Anonymous Coward (74.14.156.178) on
De Raadt voiced his opinion in a free discussion, there is nothing about that which makes him responsible for the cutoff of funds, it's the politicians within DARPA's management who did that.
By Anonymous Coward (74.14.156.178) on
De Raadt voiced his opinion in a free discussion, there is nothing about that which makes him responsible for the cutoff of funds, it's the politicians within DARPA's management who did that.
By Mayuresh Kathe (59.182.231.77) kathe.mayuresh@gmail.com on http://mayuresh.kathe.in/
> >
> > Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
> >
> > Just another vote for USA gov funding to OpenBSD.
>
> Shame Theo blew it huh?
Let's not dig up old skeletons, what's gone is gone, let's look towards the future.
I know its tough given the current economy, but, how about donating $10 towards OpenBSD?
By Anonymous Coward (24.21.221.209) on
>
> Truth takes time. Funding might eventually start moving. USA military funded up RedHat.
>
> Just another vote for USA gov funding to OpenBSD.
Yes, this is worth looking into . There is a new administration in Washington, D.C. and a new effort into cyber-security. OpenBSD would be a perfect fit for an entity wanting to sponsor the development of a diverse ecosystem providing security for the government. Time for the OpenBSD Foundation to so some lobbying ?
Another AC
By Daniel Bolgheroni (189.110.232.39) on
"(...) not even a dime of thanks (...)" (!)
By Anonymous Coward (193.190.253.144) on
With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
Comments
By Kami Petersen (kokamomi) on
No they are big irresponsible boys.
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
We have to demand responsibility.
Comments
By Anonymous Coward (77.244.194.50) on
> No they are big irresponsible boys.
how are they irresponisble?
they use a very secure SSH implementation, its free and open source, why is that irrespomsible?
> We have to demand responsibility.
By making them pay for something thats free?
Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Comments
By jkm (194.237.142.10) on
> By making them pay for something thats free?
>
> Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Giving away money to ensure that they can continue to get security fixes and new functionality in the worlds best SSH implementation. Especially as they ported it to their own sorry as OS and now are dependant on OpenSSH. I think its a valid business argument but it still takes guts and balls..
By Daniel Bolgheroni (189.110.203.141) on
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
Yes, maybe you're right. Big companies must make money no matter how. They must not invest in environmental programs or sustainability. Nor donate 0.1% of their profits to such a project like OpenBSD cause this would cause investors to become a little more poor.
Hey, come on, have you used open source software before? Do you know why OpenBSD/OpenSSH claims for donations?
By Anonymous Coward (128.171.90.200) on
> > No they are big irresponsible boys.
> how are they irresponisble?
> they use a very secure SSH implementation, its free and open source, why is that irrespomsible?
>
> > We have to demand responsibility.
> By making them pay for something thats free?
>
> Dont get me wrong, i really think it would be nice if they did chip in. But why whuold they, these big companies are all about making money for the investors. Giving away money for something thats free? Its just not sencible to go to a financial manager and say "here is the best tool for teh job - its free - but can we give them a little money, PLEEEEEEEEEEASE?" and then on top of that pay their own developers to port it to their own sorry ass OS/platform.
> It takes someone with guts and balls to do that and do it right, and these companies just dont have any of those.
They can contribute to the foundation which makes it a charitable donation. That's a big tax write off, plus some free publicity.
Oh .... and you increase your customer base as the cynical open source community thinks your safe to deal with.
Comments
By Anonymous Coward (24.84.108.117) on
Steak & lobster is a tax write-off too, and much more delicious.
> Oh .... and you increase your customer base as the cynical open source community thinks your safe to deal with.
What about my safe?
By Isak (77.244.194.50) on
>
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
I have to agree with this one.
Its the wonder of BSD, anyone can use it, i think the frase was "even to bomb austalia".
I hope this thing doesnt turn into a darren reed situation.
By Anonymous Coward (81.165.178.114) on
Yes, the code is developed and given away for free. But, it seems company's are making big money using open-source software.
So, there's no shame in knocking on their door and making them realize that they actually are making money because they can just use your software. And, if they would just give back a little to the projects making the free software, those projects can make sure they stay alive and maybe even do better.
If these big boys would have to pay license fees for all the free software out their, maybe they wouldn't be as big as they are today. Sharing can work in both directions you know.
By Anonymous Coward (87.178.145.174) on
>
> With the OpenSSH license, you simply can't claim money, or demand a gift...(that's true for the GNU folks too)
How are you "thinking"??
Of course you can.
You only can't claim legal entitlement.
But you can ask for a gift, or a favor, even claim moral responsibility (if that's how your moral works).
I don't see any problem here.
Do you really think that the only things one can claim are "rights" or "obligations"? Don't you think that good, free people can go beyond this simplistic way of looking at life and relations in such a legalistic, "I have the right to" way?
And don't you think that there are natural responsibilities, wishes, goodheartedness, etc., propting you freely to do certain actions although nobody supervises, controls, punishes you if you don't?
By sthen (2a01:348:108:155:216:41ff:fe53:6a45) on
Ever been to some public event, like a music concert or something, which was put on with no entry charge, but where donations are requested to cover costs? Sure, you can go without paying, but putting some money in the donations bucket is the responsible thing to do, and you benefit too because it increases the likelihood of another one in the future.
Stretching the analogy a bit, but I think it holds: some company shows up and makes a recording of the concert to sell, without putting a penny in the bucket. Ok, they're allowed to, but it's not really on, is it? Not only is it unfair to the people putting on the show, but in effect they're taking money from the many private individuals who _are_ donating.
Comments
By Anonymous Coward (24.84.108.117) on
> to cover costs? Sure, you can go without paying, but putting some money in the donations bucket is the responsible thing to do, and you benefit
> too because it increases the likelihood of another one in the future.
The likelihood of OpenSSH not releasing another version because of lack of funding has 10 years of evidence saying that won't happen. And if it does, a big company can simply pay their own developers to maintain it.
> Stretching the analogy a bit, but I think it holds: some company shows up and makes a recording of the concert to sell, without putting a penny
> in the bucket. Ok, they're allowed to, but it's not really on, is it? Not only is it unfair to the people putting on the show, but in effect
> they're taking money from the many private individuals who _are_ donating.
Taking money? You have a really warped brain. It's not unfair when everyone involved in the concert says "Come to the concert, it's free. Record it, you're free to do so. Even sell your recording, all free." When someone does the very thing they were given permission to do, how is it unfair?
By Rich (195.212.199.56) on
I just can't help thinking that if these companies have not given back anything over the last 10 years, then it's unlikely they'll start now. You can probably try and embarrass them into it, but they probably don't 'do' embarrassment and they don't care.
The ONLY way I can see you could get any money from them is by changing the licence such that it says "If you're Cisco or Apple or ... then you owe us ...", but obviously that's not going to happen.
Comments
By Anonymous Coward (98.127.110.254) on
Possibly, but we don't know until we try, do we? When I was managing the small network for a non-profit in DC a few years ago, their 24-port switch wasn't cutting it anymore, so I replaced it with an HP switch. I noticed that the SSH used was OpenSSH, and wrote them a polite email asking that at least a portion of the profit be returned to the OpenBSD project.
Surely my email wasn't what did it, but I can only assume mine was a voice among (relative) multitudes that eventually ended up with a donation to the OpenBSD Foundation.
The (possibly apochryphal) Chinese proverb is relevant:
The river wears down the rock, not with strength, but with persistence.
By Anonymous Coward (169.244.70.146) on
Either way, I hope companies that benefit from the work of various projects such as OpenBSD, the Apache Foundation, and x.org can help keep these projects going.
Comments
By Anonymous Coward (88.217.158.50) on
unfortunately for theo this does not give _him_ any money.
and this is what this cry for donations is all about.
By Anonymous Coward (132.236.176.65) on
Comments
By Justin (216.17.75.76) on
You want a list of contributors? Here you go http://www.openbsd.org/donations.html
Comments
By Anonymous Coward (132.236.176.65) on
>
> You want a list of contributors? Here you go http://www.openbsd.org/donations.html
This list is mostly useless. I'm in it because I donated something like $20 back in 2004. For all I know half of those names could be $1 contributors.
Say I want to buy a load of hardware but want it from "The good guys", I would find it helpful to see a list of a) hardware vendors, b) who gave more than $1, and I might even buy from the company that gave the largest donation.
Comments
By Anonymous Coward (128.171.90.200) on
By Lawrence Teo (lteo) on http://labs.calyptix.com/
>
> Say I want to buy a load of hardware but want it from "The good guys", I would find it helpful to see a list of a) hardware vendors, b) who gave more than $1, and I might even buy from the company that gave the largest donation.
The amount of the financial contribution is relative.
A $10,000 donation from a large profitable company that rakes in $10 million in revenue is one thing.
A "measly" $50 donation from a startup that's still operating at a loss and working hard to make ends meet to feed its employees is another.
By Anonymous Coward (89.8.55.165) on
> so I can do business with them.
Here's the list:
*
Guess you're out of luck ;-)
By Erik Carlseen (68.107.78.192) on
Another difficult thing is that the entire process seems very "open-ended." There are always needs for and requests for donations, but (aside from specific projects) there never seems to be a periodic goal (yearly, quarterly, monthly, etc.). As insane as it may sound, going to a person or company and saying "we need this amount of money to do x" is easier for them to digest than "we need a non-specific amount of money to do non-specific things." Look at how well people respond to requests for donations for specific things like new machines for developers, for example. Most of these things that I see on Undeadly are funded within a few days. For the "general fund," I'd create an annual budget for things like supporting developers, hackathons, development machines, hosting, and the dozens of other things I'm not thinking of. Publish this list, then create quarterly and annual donation targets and keep the progress towards these targets publicly available. Remind people (in a non-threatening way!) of the consequences of not hitting these targets - such as that OpenBSD and OpenSSH are on the cutting edge of security, and that improvements in these areas benefit the entire world and "improve the breed" of computing in general and it would really suck to see these improvements impeded just because some large companies couldn't find the time (they have the money) to justify (remember, someone on the inside needs to stick their butt on the line sell it up the chain) cutting a check that's probably less than their CEO's annual budget for foot massages. You get the picture.
The final thing I'd suggest - I'm not sure it will fly, but I'm suggesting it anyway - is to sell annual "Platinium / Gold / whatever" sponsorships. They'll need something tangible: for example, thanking them publicly in the documentation and help messages in all releases during their sponsorship year, and perhaps a section of the web site thanking the current and previous year's "Platinium / Gold / whatever" sponsors. I would think that for a project like OpenSSH that's used by most of the known universe, you could set the top level of sponsorship in the $250K / year range +/- $150K (it's a tough time to guess these things). The first year will be difficult to test because the economy sucks and even without that factor it's still difficult to feel out the market for a good price point. Yes, it runs the risk of NASCAR-izing the projects, but if that's what it takes to keep the project at the level of funding you want then you do what you have to do. On the other hand, when the economy is good you can play sponsors off of each other ("You know, TLA corporation is a diamond sponsor and it makes them look really good and you want to look really good, too, don't you?" - more eloquent than that, but you see what I mean).
Anyway, I hope these suggestions based on my forays into PHB-land are helpful.
Comments
By Erik Carlseen (68.107.78.192) on
Comments
By Erik Carlseen (68.107.78.192) on
By Rich (195.212.199.56) on
Unfortunately, these (and other) things have been suggested before, but they never, ever seem to get acted upon.
As for smooching, while I agree with what you say, it seems the antagonistic approach is the order of the day for OBSD. I don't say this as a flame; it's extremely well documented, and you all know what I'm referring to. I'm sure the reason we have so little co-operation between OBSD and other projects (Linux being a classic example) is that, quite frankly, the OBSD project stance is often pretty obnoxious. Who wants to do business with a project that's so difficult to talk to. We're even obnoxious to each other - a quick scan of the misc mailing list will show hundreds of examples of (maybe inexperienced) people asking perfectly reasonable questions or making suggestions only to be blasted into next week with some completely unwarranted abuse. I love OBSD; it's a fantastic OS. It's clean. It's simple. I wouldn't like to use anything else. I buy the CDs, I donate cash. ...but I HATE the attitude that prevails; a combination of stuck-up goodness-knows-what and general unpleasantness. I don't refer to the mailing lists any more; they are too full of abuse.
Threats and abuse rarely get you anywhere unless you have some sort of legal instrument backing you up. The nature of the BSD licence means that (generally) no such legal instrument exists (because nobody is actually breaking the licence agreement). So that leaves you with only one option - try to be nice instead :-) Painful, I know. But maybe it's worth a try.
Comments
By wim wauters (82.69.131.70) undeadly@unisoftdesign.co.uk on www.unisoftdesign.co.uk
Sure, programmers and sysadmins could spend all day being nice to people with lazy brains!
The road to hell is paved with good intentions. Or trying to please everyone.
I admire the OpenBSD project for being efficient and focussed.
If you want a more crowd-pleasing attitude, why don't you stick to Apple?
Comments
By tedu (udet) on
>
> Sure, programmers and sysadmins could spend all day being nice to people with lazy brains!
a better response would be to ask for examples. I just did a quick scan of misc for the last few days and don't remember anyone being blasted into next week, let alone hundreds of them.
the "misc is mean" meme is perpetuated by people who don't post there and people saying "that's how we like it", but neither makes it true.
By Anonymous Coward (114.30.119.39) on
It makes contributors think, "Am I confident that my patch is worthwhile and will not make me look stupid?". If you don't know, then you're probably just wasting people's time. Of course, there is a strong culture of telling people to RTFM. And with the exceptional documentation available, no one really has an excuse.
So just harden the fuck up, ok?
Comments
By Anonymous Coward (128.171.90.200) on
>
> It makes contributors think, "Am I confident that my patch is worthwhile and will not make me look stupid?". If you don't know, then you're probably just wasting people's time. Of course, there is a strong culture of telling people to RTFM. And with the exceptional documentation available, no one really has an excuse.
>
> So just harden the fuck up, ok?
The people who tend to get "blasted" are generally people who will not admit when they are wrong, their ego is bruised and so they continue to post again and again. That is when it becomes harsh.
By James Frazer (70.82.135.116) james.frazer@gmail.com on
So what if all these companies use SSH? They use a whole lot of other pieces of software as well, and if they had to dish out money for each chunk of borrowed software then they'd quickly become unprofitable.
Comments
By Anonymous Coward (98.127.110.254) on
Percentage of interactions with RHEL servers that utilize OpenSSH: ~100%
Amount Red Hat has donated to continue to maintain an integral piece of software which allows them to be in business: $0US
While there's no legal obligation for any commercial entity to send money back, they can still be labelled as poor community members for not doing so.
It's bad news all around money-wise for pretty much everybody right now, but that's when open source projects need the most support, since contributors may be too busy making ends meet to spend time maintaining software pro bono.
Comments
By Anonymous Coward (128.171.90.200) on
I bet there are no RHEL users complaining that RedHat are not donating to OpenSSH, until that happens you're plum out of luck.
Also remember RedHat do not make their money selling OpenSSH, they make their money selling support for RHEL.
Comments
By Anonymous Coward (98.127.110.254) on
>
> I bet there are no RHEL users complaining that RedHat are not donating to OpenSSH, until that happens you're plum out of luck.
>
> Also remember RedHat do not make their money selling OpenSSH, they make their money selling support for RHEL.
My point was that OpenSSH is a key part of what allows them to have a profitable business. It's not a hard argument to follow.
By Dan Farrell (danstermeister) on dannosbeerblog@blogspot.com
It's not that it's wrong to speak out, and it's certainly not wrong to want money from these companies. But logic has to dictate that many companies that receive negative pressure from a project are likely to never consider funding it. What's my proof? This article. duh!
And your funding idea certainly smacks of Wikipedia's style of funding, which apparently seems to be working for them. Rhetorically, what's the worst that could come of running a campaign of that sort?
The OpenBSD Foundation is still pretty young- hopefully it will come around to some of these and other innovative approaches.
By rrioux (12.24.41.131) on
Therefore users are happy, business users are happy, but people that redistribute it in a form in which they make a profit need to pay or get a possibility to get sued.
I think ill call it the License FUNSORTS (Free for Use Not for Sale Or Relation To Sale)
By Anonymous Coward (24.119.18.143) on
Rather than getting all confrontational, how about approaching these organizations through their philanthropy offices (they all have 'em) and make a grant request by way of the traditional channels. Now, I realize that all giving is getting harder, but at least this is how other worthy, non-IT, projects request and receive funds from these organizations. Who knows, maybe Walmart will donate a couple grand to the OpenSSH project, supporting local service organizations is something they do very well. Call it the secure network neighborhood...
If you want money, you need to hunt it down and kill it yourself - actively making requests for supporting grants is the best way to approach these firms - it is how they expect to be approached.
By Anonymous Coward (195.53.217.165) on
By Anonymous Coward (81.182.66.78) on
Sorry, but i do not understand this sentence. I'm not a native english speaker (not a troll, really). What this means exactly? This companies completely deny to support OpenSSH despite using it in their devices and products?
Thanks,
Comments
By Anonymous Coward (69.181.125.73) on
These companies include OpenSSH in their products, and the OpenSSH developers have repeatedly asked these companies for donations, but these companies have never donated to OpenSSH.
By Chris (68.0.21.193) on
http://www.openssh.org/
Change FREE to gratis.
Comments
By Anonymous Coward (114.30.119.39) on
By Loki 2 (218.214.194.113) on
>
> http://www.openssh.org/
>
> Change FREE to gratis.
NO! OpenSSH IS FREE unlike the linux stuff that is gratis but UNfree.
Comments
By Anonymous Coward (139.70.118.137) on
> >
> > http://www.openssh.org/
> >
> > Change FREE to gratis.
>
> NO! OpenSSH IS FREE unlike the linux stuff that is gratis but UNfree.
Since it's FREE and advertised that way, why the complaints about donations?
Comments
By Anonymous Coward (74.14.156.178) on
By Loki 2 (218.214.194.113) on
There are no complaints really - just a statement of fact. It's just like reminding people (who can afford a little - or a lot) not to starve to death the goose that lays the golden eggs.
I can't see anybody putting pressure on the little indie linux distros who get by on donations but it is surely miserly to the point of outright lousiness for Hed Rat, Apple, Cisco, IBM, et al, to distribute untold thousands of copies without even a token contribution.
They won't miss the water 'til the well runs dry, I suppose.
By c2 (208.191.177.19) on
Too bad OpenSSH can't somehow get a piece of the Obama stimulus package action. It's probably a far worthier project than some other potential recipients. Then the US government could recoup that from said corporations (amongst us other taxpayers).
Oh well, in the meantime I'll buy a 4.5 CD.
By Sum Yung Gai (151.188.18.45) sumgai@cmosnetworks.com on
You want contributions for your project? Great, then do like the original (pre-Sun, very profitable and successful) MySQL AB did. License it under the GPL, and then offer a "commercial" license for the same exact code for the Ciscos, Junipers, and Apples of the world. *If* your project is good and of value, you *will* get your financial contributions, and your project remains Free Software! If it worked for MySQL, it can work for you.
--SYG
Comments
By Loki 2 (218.214.194.113) on
>
> You want contributions for your project? Great, then do like the original (pre-Sun, very profitable and successful) MySQL AB did. License it under the GPL, and then offer a "commercial" license for the same exact code for the Ciscos, Junipers, and Apples of the world. *If* your project is good and of value, you *will* get your financial contributions, and your project remains Free Software! If it worked for MySQL, it can work for you.
>
> --SYG
Bullshit! We appreciate truly FREE code.
Offering code under the GPL and having a commercial version is no better than offering a BSD version and a commercial version. ISTR that the MySQL commercial code was "enhanced". Whatever.
The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
Nahhh.
We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
Comments
By Sum Yung Gai (151.188.18.45) sumgai@cmosnetworks.com on
Great! Welcome, brother, because the GPL helps to guarantee your freedom. :-)
> Offering code under the GPL and having a commercial version is no better than offering a BSD version and a commercial version. ISTR that the MySQL commercial code was "enhanced". Whatever.
>
Sure it is. That helps to get contributions into the upstream Free Software project. Not the only way, for sure, but apparently a very effective one.
As for MySQL "enhanced", not that it's relevant, really, but MySQL AB made it quite clear that indeed the MySQL code was exactly the same. The only difference was the license. If any "enhancing" was done, it was done by the entity that paid for that "proprietary" license...not by MySQL AB. Remember, this is pre-Sun MySQL.
> The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
>
Use of the GPL is a very good incentive to get them to "play fair" and not leech like that anymore. Isn't that what we want to have happen?
> Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
> Nahhh.
>
Of course they would. It just wouldn't be Free Software (GPL *or* BSD), and at worst, the protocol would very likely be kept secret or possibly patent-encumbered.
> We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
>
Clearly you don't like Debian devs, and that's OK. They probably don't like you, either. :-) But take heart; I still think you're cool, and we know that counts for everything this world has to offer. :-D
--SYG
Comments
By Loki 2 (218.214.194.113) on
>
> Great! Welcome, brother, because the GPL helps to guarantee your freedom. :-)
No it doesn't. It helps put me in chains if I write code or want to "borrow" a bit of code. I've taught Linux classes for IBM (before I discovered OpenBSD) and IBM made very certain that we knew very well what obligations the GPL put on us. All of the squillion clauses.
>
> > The real point of this thread is that there are companies out there that derive money from having some very dedicated coders making OpenSSH and not contributing any support.
> >
>
> Use of the GPL is a very good incentive to get them to "play fair" and not leech like that anymore. Isn't that what we want to have happen?
No. The GPL is as unfree as code gets. IAC how much would corporations which don't contribute to OpenSSH contribute if the licence changed? I'd bet it would be the same.
>
> > Some ratbag said that if OpenSSH wasn't there the corps get some coders to do it for them. Yeah, right. For peanuts? Experts in security coding?
> > Nahhh.
> Of course they would. It just wouldn't be Free Software (GPL *or* BSD), and at worst, the protocol would very likely be kept secret or possibly patent-encumbered.
You don't really know anything about SSH do you?
The protocols are out there. Any other "protocol", secure only by obscurity, would not interoperate with the world. As for patents, you are really full of it. There is so much prior art it doesn't rate.
>
> > We've already seen what happens when a Debian dev hacks on security code. What a nice stuff-up that was.
> >
>
> Clearly you don't like Debian devs, and that's OK.
Don't put words in my mouth. I said "a Debian dev" and I only nominated who he was coding for to identify the event I referred to. He caused the SSL keygen to generate weak keys.
Doing good SSH code is the province of some very select programmers. It's not for your average mug with a bit of C, used to writing games, drivers, or accounting apps.
By jirib (89.176.154.63) on
Windows. If a Platform-Agent managed system or Common-Agent managed
system does not have a Secure Shell (SSH) package installed, IBM Systems
Director Server cannot communicate securely with the managed system. To
secure communication, install OpenSSH on the managed system. Download
OpenSSH for Windows from www.sourceforge.net/projects/sshwindows/ and
update the managed system with SSH."
By Martin (124.169.173.239) on
Red Hat probably the largest contributor to Gnome and several other things OpenBSD users use.
OpenSSH is used by Red Hat. Red Hat code is used by OpenBSD.
Here is a partial list of some major Red Hat open source contributions:
http://fedoraproject.org/wiki/RedHatContributions
Comments
By Loki 2 (218.214.194.113) on
>
> Red Hat probably the largest contributor to Gnome and several other things OpenBSD users use.
>
> OpenSSH is used by Red Hat. Red Hat code is used by OpenBSD.
>
> Here is a partial list of some major Red Hat open source contributions:
> http://fedoraproject.org/wiki/RedHatContributions
And Hed Rat's profit is? Compared with a non-profit outfit that writes better code than those guys know how to.
Having had a client with a very busy mailserver running on RHES in a hosting centre which would only install official release RH OSes, I know all too well how lousy their service was. They couldn't get an upgrade to fix a bug in the RH implementation of Postfix and had to backlevel the complete OS to get one that worked.
Really professional? But they have the profits to prove that marketing is better than good code.
And they still don't contribute for the highest security item in their product. Sux.
By Anonymous Coward (87.182.206.157) on
should not feel free to consider these donations being tax deductable. [This should be valid for
most countries, reason below.]
The donations page http://openbsdfoundation.org/donations.html clearly states:
"We are not a registered charity, in the sense that we do not issue tax deductible receipts."
And while I understand the reasons for the foundation not being a registered charity I also
understand that it is difficult for many companies to donate money because both Theo/OpenBSD and
The OpenBSD Foundation are not registered charities.
Donating as a company usually means someone has to make a decision to spend money that does not
belong to himself. You might expect the company to have strict rules for this situation (and here
I resist to joke about those millions for cashburners).
Chances are that one of the rules sounds like "we donate to registered charities only" because it
is an easy rule that removes a big part of the burden of checking the recipient to someone else
(usually the state). In fact, I would expect any reasonable management to implement this rule.
So there is no solution without overhead.
Setting up a registered charity is a pain in the neck and this is not going to change (after all,
being allowed to issue tax deductible receipts without all that WOULD mean being allowed to print
money).
If one is after donations from the big guys one must at least try to make it easy for them.