RE: Foundstone - keeping free tools from the public

["Bill Martin" <martin.b () attbi com>]

Greg, that was what I mentioned I was going to do, but I was a little more
detailed indicating email addresses, etc in a post here. Needless to say, I
was not as kind in my wording as you were, so everyone here did not get to
see it :-). That aside . .

I'm sure in the purchasing agreement, everything was clearly defined on what
was and was not included in the purchase.  I would hope that NTO is not
silly enough to contractually sell their products only to turn around and
face legal action by trying to redevelop the same product after it was sold
to someone else.

Here is an edited version of what I was going to send.  Less the portion
that was found objectionable:

===

I have to agree with you Betty. I wonder what the motive for this selfish
behavior is.  If it to <ahem> protect computing environments?  Or could it
be that times are tough, and the economy is slow and Foundstone might be
attempting to protect what little sales they may acquire in a troubled
economic time? As I said, I have my own belief and along with that, if it is
the latter, to behave in such a low life manner, I find it reprehensible.

As security minded people, we all know that ANY tool, be it system utility
or a hammer, can be either constructive or destructive. Take BackOrfice as
an example.  I know a number of businesses and organizations that have
actually utilized this product and had opted to us it because it was free.
It accomplished the same thing that commercial products did and it was
*FREE*. Reality is, any tool can be good or bad (should we have not included
DelTree with DOS because it was capable of removing a number of files and
directories) and that is the trade off we accept for a useful tools.

If Foundstone feels they need to place a TRO on another company because
their products might compete their own, (and act out under the guise that
they want to keep a "hacker tool" off the net) then I feel sorry for them.
Think about some of the products that Foundstone distributes themselves,
maybe someone should act towards them in the same manner.  If you have not
used Fscan, it is rather nice.  It is not Nmap, but it is quite good none
the less.  Considering this can be used for bad as well, should it be
stopped?

In the past, I use to hold a great deal of respect for Foundstone and their
developments, but I have lost all respect for them based on this one simple
act.
====

-bill Martin-


-----Original Message-----
From: Greg van der Gaast [mailto:greg.van.der.gaast () ordina nl]
Sent: Friday, October 11, 2002 1:23 AM
To: security-basics () securityfocus com
Subject: RE: Foundstone - keeping free tools from the public


In my humble opinion, it looks like Foundstone is being a greedy little
hypocrite. What they are doing is unethical to Microsoftesque levels and
goes against just about everything they've told the public and their
customer base. Furthermore, on top of their hypocrisy, they are using
words like "cyberterrorists" (it's gotten to the point that 'cyber' and
'terrorist' are one word now? Even catchier...) in order to appeal to
their clients and score brownie points with their large government
customer base who promote keeping the public in the dark.

I'm going to have to write angry emails to all the Foundstone employees
I know now...

Regards,

Greg van der Gaast
Ordina Public West
Security Services

-----Oorspronkelijk bericht-----
Van: bettyford5555 () yahoo com [mailto:bettyford5555 () yahoo com]
Verzonden: Thursday, October 10, 2002 5:45 PM
Aan: security-basics () securityfocus com
Onderwerp: Foundstone - keeping free tools from the public



What does the community think of this news -
http://www.ntobjectives.com/pressrelease_lawsuit.html?  Seems big
Foundstone is trying to keep others from releasing free tools to the
community.  Maybe I'm misinterpreting, but didn't they used to talk
about
the benefits of providing these types of tools to combat hacking?
Perhaps I'm wrong and just misunderstanding their position.