[Snort-users] [Bleeding-sigs] Re: What's up with Snort's license? (Answer rollup)

Matt Jonkman jonkman at ...14019...
Sat Jul 21 20:59:44 EDT 2007

Paul Schmehl wrote:
> I've been watching this discussion closely.  ISTM that every time
> Sourcefire/Marty does something some people immediately assume the worst
> and start crying "crisis".  (Matt, you are a senior member of that
> group.) Given the past history of snort, Sourcefire and Marty, ISTM that
> Sourcefire/Marty should be given the benefit of the doubt in cases such
> as this.  IOW, rather than screaming "license change! License change!"
> it would be a great deal more productive to simply ask for
> clarification. Nothing I have read (and I've read it all) remotely
> approaches the cries of dire disaster coming from some quarters.

:)  I am a close watcher of snort, as I have a significant interest in
it and the community. No one was crying crisis until two weeks after
mysterious license changes, cvs down, and a note that a significant
change (not going v3) was being made.

We waited, waited, and no word. At that point is when we all started
getting nervous and tried to exert pressure to get a response from SF.

No one implied or directly said that we suspected SF was up to evil. We
were in the dark with very suspicious happenings.

>> One open question though: Are major code contributors going to be
>> reimbursed for the revenue made from their code under separate
>> commercial licenses in the 2.x branch?
> This is such a ridiculous question that I'm stunned you would ask it. 
> The GPL permits not only the use of open source code but also its sale
> in a derivative, commercial product.  There's not a single word about
> reimbursement of the contributors of the open source code.

The only ridiculous question is the one that's not asked. :)

Given SF's long time (and justified) claim that many companies are
making a load of cash on their and the other contributors to snorts
work, and their recent moves to get an all SF copyrighted snort 3.0 with
a commercial license, I think this is a perfectly sensible question.

It was asked to make a point though, which apparently was lost.

>> If it were going to be licensed
>> to someone under the GPLv2 (or 3) these contributors would not be
>> entitled to anything as I understand. But under some other license I
>> think the copyright owners must be compensated, no?
> You understand wrong.  Here's what Marty wrote:
> " By sending these changes to Sourcefire or one of the
> Sourcefire-moderated mailing lists or forums, you are granting to
> Sourcefire, Inc. the
> unlimited, perpetual, non-exclusive right to reuse, modify, and/or
> relicense the code."
> Somehow, you (and several others) seem to have completely missed or
> deliberately ignored the "non" in "non-exclusive" use (after all, if
> we're going to impute negative motives to folks, let's not stop with
> Marty - those on the "other side" don't exactly have "clean hands" in
> this debate either - fair enough?).  IOW, copyright holders of code (or
> rules or whatever else you want to assert is "contributing" to snort)
> STILL retain their copyright.  All they are doing is granting Sourcefire
> the right in perpetuity to reuse, modify or relicense the code.  Clearly
> this clause protects Sourcefire from vindictive or litigious copyright
> holders.  It does *not* remove any existing rights from a copyright
> holder but does prevent them from changing the license terms after
> Sourcefire has made use of it.

Good points, but you're going places no one has gone. My question about
reimbursement was in regard to commercial licenses, and pointing out
that code contributors might also offer commercial licenses or support
of snort as SF does now to make money on their work.

>> I realize that won't be an issue in the 3.0 branch as it's all SF code.
>> But it seems fair that major contributors should be considered at least
>> in current agreements.
> It doesn't seem fair at all to me.  People who contribute to snort do
> not "deserve" to be compensated for income that Sourcefire generates
> from the sale of a *derivative* product that uses snort.  Snort is still
> free. Snort is still open source.  Nothing has changed in that regard,
> and no copyright holder has given up, lost or had stolen any of his or
> her rights to their contribution(s).

Not talking derivative, talking snort.

>> To be clear, I'm not one of those people. My contributions to date are
>> almost all in signatures. But it's a question worth asking.
> I for one am getting quite irritated at the repeated attacks on Marty
> and Sourcefire.  Marty's actions and decisions have been consistently
> pro-open source from the beginning of snort and remain so today.  Now
> that he's actually making money from snort (by adding closed source
> added-value software to it in a package - something others complaining
> here are also doing) some seem to resent the change.  Yet snort still
> remains open source.  The community still contributes to snort, and the
> community still benefits from snort.  No one (AFAIK) has to pay a dime
> for snort or for the rules (even though Sourcefire contributes most of
> the new code and does much of the rules-testing.)

I missed the attack part here. This conversation is one to get
information on a change that was executed poorly.

The entire conversation I've been involved in (not sure about others)
has been asking questions and trying to get answers. No one called Marty

>> From my viewpoint, what's changed is the attitudes of some in the 
> community, and at least *some* of them have interests other than those
> of us who simply use the product and are thankful to have a top quality
> IDS that we don't have to pay for.


I respect your opinions Paul, and appreciate your contributions to BE
and others. But I think you're over-reacting to this.

But that is your right.

Personally, I like the Reagan saying "Trust but Verify". I trust Marty
to do the right thing, because he's always done things there were close
enough to the good as a whole while keeping him in business. But that
doesn't mean I'm going to not be watching and asking questions.
Sometimes offending questions even, but I'm gonna ask. I think I have an
especially greater responsibility in my role at BE to ask those
questions as well. But that doesn't mean I think Marty evil.


Matthew Jonkman
Bleeding Edge Threats
US Phone 765-429-0398
US Fax 312-264-0205
AUS Phone 61-42-4157-491
AUS Fax 61-29-4750-026

PGP: http://www.bleedingthreats.com/mattjonkman.asc

More information about the Snort-users mailing list