[EvanAnderson]

I don't particularly care why an organization would want to maintain a piece of software indefinitely. That's not my problem.

I do think that's important to recognize that there is model under which an organization can. I'd even argue that it's a more "free market" than that of single-source proprietary software, too. If there's a market in maintaining non-proprietary software someone will pop up to fill it (even if it's just a lone-wolf consultant). With proprietary software that can't happen.

Whether or not an organization or individual chooses to maintain software is an orthogonal concern to the model under which they maintain it. Even when there is a free market for maintenance some will opt to eschew maintenance. Personally, I'd like those organizations to pay the cost by way of data loss, downtime, going out of business, etc.

I'm not overly worried about it. I think traditional regulatory and risk management will eventually catch up. Someday (hopefully sooner, rather than alter) businesses won't be able to get basic insurance policies unless they can prove they're doing IT maintenance, for example.