Dailydave mailing list archives
RE: Sourcefire Acquired by Check Point Software
From: Frank Knobbe <frank () knobbe us>
Date: Sat, 08 Oct 2005 19:04:51 -0500
On Sat, 2005-10-08 at 13:49 -0400, Kyle Quest wrote:
It's amazing how Nessus and SourceFire [to a certain degree] (I'm talking about the Snort rules here) are complaining about how unfair it is that somebody just takes their work and does whatever they want with it... including repackaging and selling it. Well, this is what GPL is all about!uhm... no. These guys have other complaints. It's not the fact that people are using GPL'ed code to make money.
[...]
A number of companies are _using_ the source code against us, by selling or renting appliances, thus exploiting a loophole in the GPL.
I wonder what "loophole" he's talking. The license seems pretty clear. Anyway...
So in that regard, we have been fueling our own competition and we want to put an end to that. Nessus3 contains an improved engine, and we don't want our competition to claim to have improved "their" scanner." Let's analyze what he's saying...
[...]
The real reason for dropping GPL comes in the last paragraph where Renaud says, "A number of companies are _using_ the source code against us, by selling or renting appliances, thus exploiting a loophole in the GPL.". Now how can you say, "uhm... no" to that?
I said "uhm...no" to your first paragraph. In case of Snort, the complaint was not that people create appliances and resell them. The complaint was that they remove the copyright notices. If people would have kept them, attributing the work to SF and providing source code as dictated, it wouldn't have been a problem. The reason is that Snort is free, and will remain free. SF makes money on products they built on it, like their RNA stuff. Also, the VRT rules, while still free (as in beer), have a restrictive license that prevent ISPs/MSSPs from profiting from the work SF put into testing it. These can buy a license to resell them. But they can still resell Snort with other rules, like Bleeding (which is BSD licensed), or their own rules.... and there are shops that do exactly that. So, "uhm ... no" to the fact that the software is GPL. That is not the reason for concern (at least in the case of Snort). The statement that "people are using the source code against us" is a bit twisted. The GPL is clear and companies shouldn't act surprise when people take the source code and use it according to the GPL. Here's the thing. Nessus is free, and will remain free. The reason for the license change is not that people are using the free Nessus to provide services. We heard here why they are changing it, that is to protect some new algorithms that speed up the workload. Personally, I'm not sure that the license change is the appropriate response since it won't take a weekend and people figure out the new algo.... especially when folks like Dave look at it. But it is understandable. SF's business is not Snort, it's the products they built on top of it, and VRT rules. Tenable's business doesn't appear to be Nessus, but the products they build on top of it, and the the Nessus plugins. Does that make sense to you Kyle? If not, please email Ron and Marty if you like to learn more about how the GPL license of the open source component affects them and how it relates to the rest of their software. Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- RE: Sourcefire Acquired by Check Point Software, (continued)
- RE: Sourcefire Acquired by Check Point Software Sash (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Kyle Quest (Oct 06)
- RE: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Ron Gula (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 07)
- Re: Sourcefire Acquired by Check Point Software Renaud Deraison (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 07)
- RE: Sourcefire Acquired by Check Point Software Cedric Blancher (Oct 08)
- RE: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 08)
- Re: Sourcefire Acquired by Check Point Software Renaud Deraison (Oct 08)
- Re: Sourcefire Acquired by Check Point Software Frank Knobbe (Oct 09)
- Re: Sourcefire Acquired by Check Point Software Renaud Deraison (Oct 09)
- RE: Sourcefire Acquired by Check Point Software Dave Korn (Oct 20)
- Re: Nmap/Nessus copyright Fyodor (Oct 20)
- RE: Nmap/Nessus copyright C. Church (Oct 20)
- Re: Nmap/Nessus copyright Fyodor (Oct 20)