| With Mitchell Ashley, CTO and general manager, | | | | code. Were their rights overwritten when that |
| StillSecure, who spoke to Lora Bentley at IT Business | | | | change was made? Yes, Snort is commercially |
| Edge regarding the differences between GPL v2 and | | | | backed, and a substantial amount of the work is |
| GPL v3 and why some open source leaders aren't | | | | done by a commercial company, but not all of it is. |
| making the switch. StillSecure's Strata Guard Free is | | | | So what happens if someone wants to combine |
| based on the Snort open source project. | | | | Snort, or another strictly GPL v2 project, with a |
| When the Free Software Foundation released version | | | | project licensed under GPL v3? We don't have an |
| 3 of the GNU General Public License in June, most in | | | | answer yet, according to Ashley. And we won't until |
| the open source community knew it would make | | | | two companies decide to challenge their differing |
| ripples - and maybe even require significant changes | | | | interpretations of the license in court, it seems. |
| to the way open source companies do business. But, | | | | The problem, as Ashley sees it, is one of evolution: |
| perhaps naively, we didn't expect it to cause quite as | | | | I think what we're seeing is that open source is |
| much fuss as it has. | | | | undergoing this evolution from an open and free |
| - Microsoft has declared - in just so many words - | | | | project to a second phase of being commercially |
| that it is not a party to the license and that nothing it | | | | backed, and then a third phase, which we're entering, |
| does should be construed as its acquiescence to be | | | | where the commercial venture wants to make some |
| bound thereby. | | | | changes to the licensing around what was originally |
| - Linus Torvalds remains firm in his refusal to move | | | | developed. I think that leads to some confusion and |
| the Linux kernel to the new license because of its | | | | miscommunication and a lot of concern from people |
| DRM restrictions. | | | | that not only use the software, but also develop it. |
| - The Open Source Initiative has called on companies | | | | And there's a better way to resolve the confusion |
| that use the "open source" moniker without using an | | | | and miscommunication than long and costly litigation, |
| OSI-approved license to make changes - with mixed | | | | he says: |
| results. | | | | ...I would like to see organizations like the OSI (Open |
| And the latest topic of discussion has been | | | | Source Initiative) and the FSF broadening their |
| Sourcefire's decision to "lock" the Snort project under | | | | thinking about not just free software development |
| GPL v2 by removing the option to license it under | | | | and free software for use, but also putting that into |
| later versions of the GPL until the company has time | | | | an ecosystem that includes commercial use of that |
| to evaluate the new license. | | | | free software. There's probably just as much - or |
| Network security software provider StillSecure offers | | | | maybe more - open source being used inside |
| a free IDS/IPS that is based on the Snort project. In | | | | commercial products than there are just in user |
| a recent IT Business Edge interview, CTO Mitchell | | | | networks around the world. At least it's certainly a |
| Ashley explained the confusion the licensing change | | | | substantial percentage of it. To ignore that is sort of |
| has caused and clued us in as to what he thinks | | | | ignoring reality. There's an argument to be made - |
| would solve a lot of the issues surrounding GPLv3. | | | | both from an economic perspective and from the |
| - Read the full interview: Licensing in an Evolved Open | | | | development perspective - that having that |
| Source Ecosystem. | | | | commercial role in open source is an important part |
| The problem users and observers seem to have with | | | | of the ecosystem... |
| Sourcefire's decision is not the decision itself, but | | | | Interestingly, this isn't the first time that open source |
| whether Sourcefire can unilaterally make that | | | | organizations have been challenged to begin thinking |
| decision, he says: | | | | about the commercial side of the software they |
| There's some concern about whether Sourcefire has | | | | advocate. Participants in this year's Open Source |
| the right to make that kind of change. They certainly | | | | Think Tank agreed that "a new industry forum on |
| do as to their own contributions - which are | | | | open source that includes software companies and |
| significant - to the Snort project, but there are | | | | customers" is necessary. |
| others who have also contributed a great amount of | | | | |