OpenBSD Project in Financial Danger
Posted by
ScuttleMonkey
on Tue Mar 21, 2006 12:12 PM
from the show-me-the-money dept.
from the show-me-the-money dept.
DieNadel writes "In an entry to the OpenBSD Journal, Marco, from the OpenBSD project, warns about the somewhat disturbing financial situation in which they are now. The OpenBSD team is the one that also develops the OpenSSH suite, used nowadays almost everywhere. From the entry: 'What I want to point out what a lot of people don't seem to realize is that OpenSSH development is paid from the same pool of money as OpenBSD. OpenSSH is in use by millions around the world however the revenue stream just simply isn't there. This is where other projects could help. Without naming entities or projects by name there are others out there that are sitting on some cash. It would be wonderful if these entities could share some of the wealth to keep us going.'"
Related Stories
[+]
OpenBSD 3.9 Adds Sensor Framework 85 comments
wbglinks writes to tell us ZDNet is reporting that the newest version of OpenBSD will include a sensor framework to help system administrators keep tabs on the environmental conditions of their servers. From the article: "At present, there are a number of commercial products that allow the environmental conditions of servers to be monitored, but different brands of server require different products. For example, Dell PowerEdge servers use the Embedded Server Management tool, while Sun Fire Servers use Sun's Remote System Control. This can make server management tricky when running a heterogeneous architecture. OpenBSD 3.9, which is scheduled for release on 1 May, includes support for the sensors and the sensor management tools used on a number of architectures."
[+]
Theo de Raadt Discusses OpenBSD and Beyond 476 comments
emil writes to tell us that NewsForge (Slashdot Sister Site) is running an interview with OpenBSD project leader Theo de Raadt. In the interview Theo explores the upcoming release of OpenBSD 3.9, continuing financial difficulties, and some of the tension between the OpenBSD team and other businesses that some feel are taking advantage of the free software without giving anything back. In related news the Jem Report has an interesting writeup that expounds on widespread difficulties that could be faced if the OpenBSD project continues its downward spiral because of their parallel development of OpenSSH.
[+]
Mozilla Foundation Donates $10K to OpenSSH 277 comments
eklitzke writes to tell us the OpenBSD journal is reporting that the Mozilla Foundation is donating $10,000 USD to the OpenSSH project. This comes as good news after the recent reported financial troubles from the OpenBSD and by extension the OpenSSH team. It seems that quite a few people have answered the call for aid made by OpenBSD's de Raadt.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading ... Please wait.

Just waiting (Score:4, Funny)
Sad (Score:3)
Re:Sad (Score:3, Interesting)
Re:Sad (Score:5, Informative)
Re:Sad (Score:5, Insightful)
You?
Re:Sad (Score:4, Funny)
Re:Sad (Score:4, Funny)
Yeah, someone ought to do something about that
(Note to Americans with mod points: that's sarcasm, kthxs)
Seperate the openBSD & openSSH projects? (Score:5, Insightful)
These companies however would not want to give to an operating system project that competes with them.
Maybe the openBSD & openSSH projects should seperate?
Re:Seperate the openBSD & openSSH projects? (Score:4, Insightful)
Maybe the openBSD & openSSH projects should seperate?
This is exactly the first thing I thought when I read this story. It sounds like the developers are yelling: "OH NOES, OPENSSH IS DYING, WE NEED MONEY!!!!11", and then honest people, who want to support openssh, ask "How can I support OpenSSH?". The answer given is "Give money to OpenBSD."
To me, that's unacceptable. It's classic bait-and-switch. I use OpenSSH every day of my life and if you count scripts and cronjobs, probably every hour of my life. But I could give a shit about OpenBSD. So, while I'd be willing to help OpenSSH out, I want to know that my money is being spent on OpenSSH. I don't want the overhead going to OpenBSD. There, I admit it - I expect something in return for the money I donate - it's my money so sue me.
You want to get support for OpenSSH? Fork off the legal entity and make an OpenSSH foundation which can accept donations directly. We're not going to solve your OpenBSD problems for you, though.
~Will
Re:Seperate the openBSD & openSSH projects? (Score:5, Insightful)
Same argument, only taxes aren't voluntary. This is.
(Don't forget that the money you might give only to the OpenSSH project would go towards ensuring it works on about a dozen hardware platforms. I suppose you'd prefer that such money go only to OpenSSH/i386, because that's all you think you use?)
Re:Seperate the openBSD & openSSH projects? (Score:5, Insightful)
In which case, OpenBSD is helping you. OpenBSD's new safer malloc()/free() implementation found security bugs in x.org recently.
Same goes for most things that end up as part of OpenBSD - the stricter environment of OpenBSD shakes out bugs and the entire community benefits, not just OpenBSD users.
OpenBSD benefits far more than its immediate userbase.
flush master (Score:5, Insightful)
If eighty cents of every dollar I spend supporting OpenSSH gets flushed down the OpenBSD toilet, is that a good use of my contribution?
The cluelessness of this post defies belief.
I want to support this OpenFoil airplane wing because it supports me. However, if eighty cents of every dollar I spend supporting OpenFoil is vented through the OpenBlow high-test wind tunnel, is that a good use of my contributions?
NX protection, Pro-police, and priv-sep are all products of the two efforts coordinated together. Almost every dime OpenBSD spends is spent in the pursuit of enhancing security, and it's to imagine that those results are not immediately folded back into OpenSSH. Unlike FreeBSD, OpenBSD spends shockingly little on the OS itself. They aren't busy inventing disk geometry managers or porting to 150 different platforms.
90% of human stupidity originates in the capacity of the human mind to engage in intellectual shell games. Here is this dollar: let's split it up in to the 80 cents wasted on OpenBSD and the 20 cents invested in OpenSSH.
Or, my brother is dying of Leukemia. I want to donate blood because blood keeps him alive. Is that a good investment if 80% of the blood I donate is flushed down the toilet to replace blood lost during bone marrow transplants?
Almost too dumb to live, really.
BSD is dying... (Score:5, Funny)
Do what you can. (Score:5, Interesting)
"I believe it was at a conference in Australia (also in the 1996-1998 time frame) that I ran into a rather despondent Theo de Raadt, who told me that for lack of $300. his ISP was going to turn off the project's servers. I took out my checkbook and immediately wrote him a personal check for $300., to keep the OpenBSD servers alive. My comment to Theo was that "your project is too valuable to let die over a measly $300.""
If you're really poor, just donate 5$.
Re:Do what you can. (Score:5, Funny)
Momma always said... (Score:3, Funny)
-Rick
Re:Do what you can. (Score:4, Insightful)
Re:Do what you can. (Score:5, Insightful)
Also, I just sent a donation to OpenBSD via paypal. Even if I don't think of Theo as the greatest guy in the OSS world, the project is very important to keep alive, and not just for the OpenSSH portion. The OpenBSD group has made a public plea for support and I'm dissapointed to see something along the lines of "needing money, huh, hehehehe then just suffer bitches..." from many posts here.
I'm sure that talented people with a little spare time will read those kinds of posts and be glad to spend a year or two writing something cool and useful for you. With these attitudes, they may get what they are really begging for; a computer running microsoft software because developers got tired of people not stopping at mere indifference towards the projects, but happily extending into ridicule. What a grateful bunch we must seem to be.
Re:Do what you can. (Score:5, Informative)
No, if they want to hear what you have to say, they will pay for it. You probably just aren't that good at negotiating.
Re:Nice of Maddog -- but this is one for Google (Score:5, Insightful)
what openbsd needs, and what the article is highlighting, are the big companies who use openssh to kick in a few bucks
cisco uses it in their kit. soes does hp. ibm is another. do you think that between the three, they can't come up with say, $75k/year?
~a year ago, a friend of mine consulted at a company that was reworking their entire network. they ended up spending well over $30k on kit. they chose cisco *because* they had ssh (openssh btw) on their kit at the time. the other vendors they had did not
order an OpenBSD CD (Score:5, Informative)
The CDs that OpenBSD project sells is their main source of revenue and support.
Re:order an OpenBSD CD (Score:3, Insightful)
It obviously, and unsurprisingly, isn't working for them. They should work on finding other ways to raise money.
How to get the money (Score:4, Interesting)
I also think that the OpenBSD project needs to start operating a bit more like a business. Services need to be offered that bring in a healthy revenue stream. Two areas where the OpenBSD development team excel are cryptography and code auditing. Both are related to security, which is a good industry these days. The OpenBSD site could offer paid services, such as code auditing for other projects to enhance security, etc. The OpenBSD developers should also set up a consulting business that performs setup and maintainance of OpenBSD installations, perhaps primarily for small businesses that aren't in the IT business, such as clinics, legal offices, automotive repair facilities, family operated stores, etc. These are relatively simple setups for those familiar with OpenBSD and projects from the larger open source community, and the effort would be minimal. These small businesses would be willing to pay a reasonable price for the service, since they would save greatly on software licensing.
All of those methods could be used to bring in a healthy revenue stream for the OpenBSD project. But in the meantime, please get a PayPal account set up!
Re:How to get the money (Score:5, Informative)
http://www.openbsd.org/orders.html [openbsd.org]
The moderators suck. (Score:5, Informative)
Once again, with feeling:
http://www.openbsd.org/donations.html [openbsd.org]
I already donated today. Cheque, credit card (my preferred method), and Paypal are all easily listed. I guess having the donations link on the main page (just below project goals) was not obvious enough.
How you can help (Score:5, Funny)
Unfortunately, they know that the best value they can give to the tools they provide is to make them free. But as long as the tools are free, there will always be those parts of society that do not contribute to the costs of their creation. And, unfortunately, that's not a minority of people. When was the last time YOU gave money to OpenBSD?
This quagmire of people being unable to develop that that should be free will not disappear by itself. Resources need to be devoted, and unless people are prepared to actually act, not just talk about it on Slashdot, nothing will ever get done. Apathy is not an option.
You can help by getting off your rear and writing to your congressman [house.gov] or senator [senate.gov]. Tell them that critical free software is important to you. Tell them that you appreciate the work being done by the OpenBSD and GNU teams to support you with the software you need in your life but that if cheapskates keep refusing to contribute to the projects, ensuring people like Theo are not forced to hold down proper jobs, you will be forced to use less and less secure and intelligently designed alternatives. Explain the concerns you have about freedom, openness, and choice, and how a lack of money for Free Software harms all three. Let them know that this is an issue that effects YOU directly, that YOU vote, and that your vote will be influenced, indeed dependent, on their policies on funding Free Software.
You CAN make a difference. Don't treat voting as a right, treat it as a duty. Remember, it was thanks to ordinary people like YOU that we are now seeing such innovations as SMP in OpenBSD. Keep informed, keep your political representatives informed on how you feel. And, most importantly of all, vote.
Re:How you can help (Score:5, Insightful)
Just say no to TCP/IP, BSD UNIX, WWW, the Internet, FTP, and many algorithms used for smp systems and servers.
If it were not for uncle sam you would be paying $50 a month for AOL or CompUserve on a dialup modem with no interent nor innovation.
The government is not that evil in doing things like setting standards and funding research that private industry can't do because of their need to generate profits.
I have no problem with academia sponsoring OpenBSD because it will help everyone including business and personal use. OpenSSH is the result of free software and so is the web and apache.
Its not that evil folks and the government is not always bad. Sometimes its needed because the industry can't help itself.
Consider going GPL? (Score:4, Insightful)
Re:Consider going GPL? (Score:5, Informative)
Just because you have to make the source available to anyone who receives the software and you can't limit their redistribution does not prevent you from selling GPL'd software without the authors consent.
See http://www.gnu.org/licenses/gpl-faq.html#DoesTheG
Old Joke (Score:5, Funny)
"At Microsoft, we always wash our hands when we've been to the toilet!" said Bill, smugly.
"I'm sure all the Linux developers wash and dry their hands when they've been to the toilet!" said Linus, determined to outdo Bill.
"Fuck off, the pair of you," said Theo, "OpenBSD people don't piss on their fingers!"
Hmm.... (Score:5, Funny)
Slashdot Editors:Please add this link to the story (Score:5, Informative)
They could spend SOME time making it easy... (Score:5, Interesting)
And guess what, the project makes me feel like a sucker... because usually whoever is shipping CDs is out of town, and they don't go out for 2-3 weeks, meanwhile, people have been downloading for free and I'm waitting for my CDs...
You want businesses to pay more that use it? How about selling a business "OpenBSD license" that provides us X copies for some price on a per-server (or per-CPU license) under the BSD. Is it a joke, sure, because given 1 personal copy, I have a license to use it however I want. But if you sell me 5 $299 licenses, I can write it off as $1500 in software purchases. Alternatively, I could donate $1500, but then I can't write it off... This is rough on me as a small business owner, for no reason. A receipt for the purchase would help...
However, asking for non-tax deductable donations is a non-starter. If I was an IT grunt in the field, knowing that I could buy a CD for the $20 or $30 and use it without effort (or download), but if I want to contribute, I could generate an online invoice and bring it to A/P.
In that case, the geeks LOVE that they start the project immediately, and maybe the "invoice" gets paid, and maybe it doesn't. There is no loser in this scenario, but it would require the OpenBSD project to understand the people that they want money from and find a way to make it easy on us to give it to them.
Alex
OpenBSD offended their sugardaddy (Score:3, Insightful)
OpenBSD is a vital project that is lead by an amateur. OpenBSD had a sugardaddy [computerworld.com] in Darpa, but apparently offended them with negative comments. My question, who does he think will be most interested in his super secure OS?
Re:OpenBSD offended their sugardaddy (Score:3, Interesting)
If de Raadt's anti-war comments were indeed th
Re:OpenBSD offended their sugardaddy (Score:3, Insightful)
So you think that because an open source project has received some US government funding that the high profile members of such projects should voluntarily gag themselves in order to please their sugardaddy?
You do realize t
Obligatory Monty Python aside (Score:3, Funny)
[a man puts a body on the cart]
Man: Here's one.
The Dead Collector: That'll be ninepence.
OpenBSD: I'm not dead.
The Dead Collector: What?
Man: Nothing. There's your ninepence.
OpenBSD: I'm not dead.
The Dead Collector: 'Ere, he says he's not dead.
Man: Yes he is.
OpenBSD: I'm not.
The Dead Collector: He isn't.
Man: Well, he will be soon, he's very ill.
Just joking, here's to hoping OpenBSD gets better (financing) soon. (and you can change "Linux Zealot" to "Man" if you're so inclined...)
quick & painless (Score:4, Informative)
Sorry, wrong answer (Score:3, Insightful)
"It would be wonderful if these entities could share some of the wealth to keep us going."
Wow, that's a weak response. It sounds like they're basically asking other F/OSS projects to fork over cash because OpenBSD can't raise money. And it makes F/OSS groups look like the business-challenged hippies that some people think they are.
If you are going to have an OpenBSD organization, then that means that part of your job is raising funds to keep yourself a going concern. Let me repeat: your job is no longer just to write code, but to bring cash in the door so that you can continue to get paid. If you are building products that world + dog are using, then that should be pretty easy. If you are not capable of raising funds, then you need to find someone who is good at it to help you out. There are plenty of those people out there - any semi-competent second-year marketing student should be able to significantly increase their funding channels over what they have now.
I'm sorry but I just don't think you can say, "hey, other open source organizations have done a good job working with the public and the press, and they raised funding, so why can't we have it?" It just hacks me off when programmers complain about the business-types at an organization, then discover it's actually harder than they think. And in this case they have taken the additional step of not trying to remedy the problem, but actually glomming off other groups that have maintained done great work with fundraising and marketing their products.
I have supported OpenBSD myself in the past by buying install discs and T-shirts. I think OpenBSD is a fantastic OS and I will contribute my few bucks here and there to keep them going. But if OpenBSD's answer to their money problems is not to fix their own house but rather to ask others to fork over - it probably means they'll just get in this same hole again later! I think they need to have a better answer to this question if my support (or anyone else's) isn't just going to be money down the drain.
Re:Sorry, wrong answer (Score:5, Insightful)
What are you talking about? Let's look at that quote in full:
It seems to me that he's talking about businesses such as RedHat, who include OpenSSH in their products, not random open-source projects.
And if you were keener on reading the article than flaming, you would see that they had a working revenue stream in the form of selling CDs, but that people were moving away from it in preference to obtaining it for free.
The demand isn't any less, they aren't losing any users, they are just having to deal with people less willing to spend money when they can get something for free. It seems very reasonable to hint - without naming names - that the businesses who base their products on OpenBSD's work should contribute a bit. It's in their own best interests even.
I gave OpenBSD a chance (Score:3, Interesting)
Re:I gave OpenBSD a chance (Score:4, Interesting)
1) I went to the OpenBSD website and read the install FAQ
2) I downloaded a floppy disk image and the tools to write it in Windows from openbsd.org
3) I booted from the floppy installer on a computer attached to the internet
4) The installer FTP'd the entire OS from a mirror site
5) I said "This totally rocks!", ordered some CDs, and donated to the project.
I think my way was easier.
the flip side to all this (Score:5, Insightful)
What happens in six months when OpenSSH is no longer actively supported by the team that created it and a new exploit is discovered/released? What responsible IT manager is going to let his employer get into the potential problem in the first place?
I say, rather than begging for donations, the OpenBSD team needs to get their act together and find a way to keep the lights on, or they're going to see fewer and fewer people trusting the use of their software in large corporate environments. If that means the leader of the team needs to keep his mouth shut about his anti-war views when he's depending on a grant from the US Defense Department to keep his operation going, then that's what he needs to do. Being an adult means doing things you don't neccessarily want to do, like eating your peas and broccoli.
Hate to say it, but Google adsense (Score:4, Interesting)
Their biggest problem... (Score:5, Insightful)
When the U.S. DoD was funding them, the disbursements were handled thru a University or some such.
They need to grow up as an organization. Find a sympathetic accountant to donate his time/effort to establish a tax-free (and tax deductable) non-profit in Canada and an arm in the U.S. Hell, maybe one in the EU and one down under as well.
This will make them infinitely more appealing to corporations who have deep pockets and MAJOR qualms about writing big checks out to individuals.
-Charles
Re:Their community (Score:5, Funny)
And yet, here you are on Slashdot. How does that work?
Open Source Funding... (Score:5, Insightful)
There are some great and very useful OSS projects, but I don't make a living that way. My money comes off closed source/proprietary software - on the hugely popular closed platform. It's already hard enough making a living this way, I can't imagine how "easier" it would be if I gave the app away with the source code and let people fork it. I have enough money now to retire at 30, put my kids thru university, etc. Had I gone the open source way, I don't think this would be true.
It's just like websites and newspapers lately. Besides some advertizing (that we block in any way we can like using AdBlock), there just isn't much of a revenue stream. Nobody's really figured it out yet... Yet there are so many bright folks who've been scratching their heads for a while. This could be the 2nd "dotcom" crash - money has to come from somewhere to fund all this.
Re:Someone has to say it (Score:4, Insightful)
I don't think I'd describe Theo as particularly arrogant. When I've seen or read interviews with him (there was a particularly good one in the Sydney Morning Herald a while back that Google can probably help you find), he's seemed like a reasonable and rational individual. He occasionally flames people on the developer mailing list, but I don't really see how that affects you as a user.
Re:I'd be willing to chip in... (Score:3, Informative)
You mean like borland? (Score:4, Interesting)