Redefining free security software


This article can also be found in the Premium Editorial Download "Information Security magazine: Tips from the 2007 Security 7 Awards."

Download it now to read this article plus other related content.

The other potential hitch is for enterprise UTM users whose vendors have built their products on top of open source offerings like Clam. Astaro and Barracuda are two such cases, and Information Security spoke to their CEOs about the situation. Neither Jan Hichert nor Dean Drako seemed particularly stressed about the trickle-down for their customers. Most UTM vendors offer multiple AV scanning engines, and ripping and replacing Clam should a license become onerous wouldn't be a big deal, both CEOs said.

The bigger question is around the commercialization of open source and the end of open source poaching. HD Moore made a loud statement this year with the introduction of the Metasploit Frame-work License upon the release of Metasploit 3, which limits the use of exploit modules and interfaces. "Proprietary businesses were using his code in commercial products, but not maintaining his copyright, instead using his community as free R&D," says Nick Selby, an analyst with The 451 Group. "That's not cool. He changed from the GPLv2 and Perl Artistic licenses to a home-baked license that says that neither Metasploit nor derivative works may be sold."

It's a faulty argument that these products are borne mostly on the sweat of the community. True, there are contributions from the outside, but it's a fair guess that Sourcefire engineers are the keepers and enhancers of a majority of the free Snort code--same goes for Clam and its team, and Moore's minions. There's

    Requires Free Membership to View

more give than take, and those doing the taking are the wrong ones profiting--for now.

This was first published in October 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: