RE: Sourcefire Acquired by Check Point Software

[Frank Knobbe <frank () knobbe us>]

On Sat, 2005-10-08 at 13:49 -0400, Kyle Quest wrote:
> > > It's amazing how Nessus and SourceFire [to a certain degree] (I'm
> > > talking
> > > about the Snort rules here) are complaining
> > > about how unfair it is that somebody just takes their work and does
> > > whatever they want with it... including repackaging and selling it.
> > > Well, this is what GPL is all about!
> >
> > uhm... no. These guys have other complaints. It's not the fact that
> > people are using GPL'ed code to make money. 

[...]

>  A number of companies are _using_ the source code against us, by
>  selling or renting appliances, thus exploiting a loophole in the GPL.

I wonder what "loophole" he's talking. The license seems pretty clear.
Anyway...

>  So in that regard, we have been fueling our own competition and we
> want
>  to put an end to that. Nessus3 contains an improved engine, and we
> don't
>  want our competition to claim to have improved "their" scanner."
>
> Let's analyze what he's saying...
[...]
> The real reason for dropping GPL comes in the last paragraph where
> Renaud says, "A number of companies are _using_ the source code
> against us,
> by selling or renting appliances, thus exploiting a loophole in the
> GPL.".
> Now how can you say, "uhm... no" to that?

I said "uhm...no" to your first paragraph. In case of Snort, the
complaint was not that people create appliances and resell them. The
complaint was that they remove the copyright notices. If people would
have kept them, attributing the work to SF and providing source code as
dictated, it wouldn't have been a problem.

The reason is that Snort is free, and will remain free. SF makes money
on products they built on it, like their RNA stuff. Also, the VRT rules,
while still free (as in beer), have a restrictive license that prevent
ISPs/MSSPs from profiting from the work SF put into testing it. These
can buy a license to resell them. But they can still resell Snort with
other rules, like Bleeding (which is BSD licensed), or their own
rules.... and there are shops that do exactly that.

So, "uhm ... no" to the fact that the software is GPL. That is not the
reason for concern (at least in the case of Snort). The statement that
"people are using the source code against us" is a bit twisted. The GPL
is clear and companies shouldn't act surprise when people take the
source code and use it according to the GPL.

Here's the thing. Nessus is free, and will remain free. The reason for
the license change is not that people are using the free Nessus to
provide services. We heard here why they are changing it, that is to
protect some new algorithms that speed up the workload. Personally, I'm
not sure that the license change is the appropriate response since it
won't take a weekend and people figure out the new algo.... especially
when folks like Dave look at it. But it is understandable.

SF's business is not Snort, it's the products they built on top of it,
and VRT rules.
Tenable's business doesn't appear to be Nessus, but the products they
build on top of it, and the the Nessus plugins.

Does that make sense to you Kyle? If not, please email Ron and Marty if
you like to learn more about how the GPL license of the open source
component affects them and how it relates to the rest of their software.

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part