“Along with the many benefits of open source…come a number of risks. Perhaps the most obvious risk is potential liability for intellectual property infringement. The typical open source project is a grass-roots effort that contains contributions from many people. This method of development can be worrisome from an intellectual property standpoint because it creates multiple opportunities for contributors to introduce infringing code and makes it almost impossible to audit the entire code base…The typical license form does not include any intellectual property representations, warranties or indemnities in favor of the licensee; it contains a broad disclaimer of all warranties that benefits the licensor/contributors.
Even if such representations and warranties or indemnity obligations existed in open source license agreements, it would be difficult if not impossible to recover against the licensor for having licensed infringing code. Many of the most prominent open source projects appear to be owned by thinly-capitalized non-profit entities that do not have the financial wherewithal in most cases to answer for a massive intellectual property infringement suit…
Open source licenses also do not contain the kinds of representations and warranties of quality or fitness for a particular purpose that commercial software vendors sometimes negotiate into agreements among themselves…Some open source software projects, such as the Linux initiative, have one or more stewards who monitor code quality and track bugs. Other initiatives, however, are really more the product of weekend and after-hours hobbyists and do not enjoy the same code quality and rigorous testing protocol. Without contractual commitments of quality or fitness, the licensee must accept the risk that the software contains fatal errors, viruses or other problems that may have downstream financial consequences.
Companies looking to build a business on open source software also need to consider the problems associated with creating derivative works. Some open source license forms, such as the GPL, require licensees to provide free copies of their derivative works in source code form for others to use, modify and redistribute in accordance with the terms of the license agreement for the unmodified program. This licensing term is advantageous for the free software community because it ensures that no for-profit company can “hijack” the code base from the community. On the other hand, this licensing term makes it very difficult for companies in the commercial software business to use such open source software as a foundation for a business. These companies must be concerned that their “value added” programs might some day be viewed as “derivative works” and need to be made available to the world in source code form for free.”