Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Snort-Signatures
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Snort-sigs] STILL no word from Sourcefire about their License Chang

from [Paul Schmehl] Network Security [Permanent Link]
Subject: Re: [Snort-sigs] STILL no word from Sourcefire about their License Changes
Date: Tue, 17 Jul 2007 10:08:33 -0500
--On Tuesday, July 17, 2007 14:48:05 +1000 Matt Jonkman <jonkman@bleedingthreats.net> wrote:

(Mirror from my site post:
http://www.bleedingthreats.net/index.php/2007/07/17/still-no-word-from-so
urcefire-about-their-license-changes/ )


Victor Julien (co-author of the inline portions of Snort) posted in his
blog a while ago about the license changes to Snort that Sourcefire is
trying to slip by. They have made a mass change to the Snort code, even
that parts they do NOT hold the copyright about.

Victor and myself have asked and blogged about the issue and after weeks
have no response from Sourcefire. Victor doesn't want the license on his
code changed, and hasn't been able to get a response from Sourcefire.

I personally don't have code in there, but I am concerned at the
motivation of this change, as well as the lack of respect for the
contributors rights. Victor has put up a new post which puts things very
well:

http://www.inliniac.net/blog/2007/07/16/snort-license-changes-revisited.h
tml

I echo that sentiment, and add my concerns here:

What is the issue in GPLv3 that Sourcefire is concerned about?

What are Sourcefire's intentions for the future of Snort then?

Why is CVS no longer accessible?

Is it possible to get any response from Sourcefire about this? A lot of
us rely on this code, and it's not all owned by sourcefire. If we can't
trust Sourcefire to even communicate with us, then I think we need to
start thinking about a new home for Snort.

If you want the community's trust, you have to communicate!

I read Victor's blog post. Can you explain what the practical effect of the change is? It would appear that there is something in the GPLv3 license that they don't like.

--
Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Attachment: p7sOkg8fjEJrk.p7s
Description: S/MIME cryptographic signature

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Snort-sigs] STILL no word from Sourcefire about their License Changes, Matt Jonkman
Next by Date:  [Snort-sigs] Bleeding Edge Threats Daily Signature Changes, bleeding
Previous by Thread:  [Snort-sigs] STILL no word from Sourcefire about their License Changes, Matt Jonkman
Next by Thread:  Re: [Snort-sigs] STILL no word from Sourcefire about their License Changes, Matt Kettler
Indexes:  [Date] [Thread] [Top] [All Lists]