StillSecure, After All These Years

Jason Haislmaier is an attorney who has a good blog called Thinking Open.  Jason has a good article up called "let the games begin ...", noting that the first law suit ever filed in the US based upon a violation of the GPL has been filed in the US District Court for the Southern District of New York.  The suit has been filed by the Software Freedom Law Center and is again Monsoon Mulitmeida, Inc.  As far as violations of the GPL go, I think it is a rather tame one.  The plaintiffs allege the defendants did provide users of their product which contains open source software with access to the source code of the open source software.  The lawsuit is calling for monetary damages, fees and injunction against further distribution of the software.While I think there are much thornier issues that I would like to see the courts weigh in on around the GPL, I will be watching this one closely.

Making access to source code is an easy thing to do.  At StillSecure, we actually maintain a
page with all of the open source software we use in our products along with
links to the licenses themselves and the source code of the products. It would seem pretty open and shut to me, that anyone using open source software in their products should be doing the same according to the terms of the GPL.  My question is what about all of these security companies using GPL versions of Snort, Nessus, nMap, ClamAV, Samba, etc.  Are they making source code available.  I don't think they all are. In fact many as I have written before don't even have the decency to admit they use it. 

I would love to see the courts come down on the side of the SFLC here.  Then I would like to see some enforcement against all of the security companies out there who are guilty of this as well.  Then the fun and games would really begin!