4 posts categorized "snort"

June 25, 2008

Barracuda to Sourcefire: We see your CEO bet, and raise you to $8.25, call

Barracuda continues their poker game with Sourcefire today raising their $7.50 all cash bid to $8.25.  Are Dean and company just bluffing for publicity or are they willing to keep playing and stay in this game until all the cards are on the table?  I don't know for sure, but find it interesting that Barracuda did say to Sourcefire that they would be willing to explore ways that would show cards 2Sourcefire's increased value to Barracuda and based upon that increase their offer.  Of course $8.25 is still to low, but it is getting closer.  If the offer gets near 10 bucks, Sourcefire has some serious decisions to make.  In the meantime, Barracuda will again reap the PR bounty from having a seat at the hottest poker game in security.

12:27 AM in MandA, other security companies, snort, the security industry | | TrackBack (0)

May 30, 2008

What's the deal with the Barracuda offer for Sourcefire?

sourcefire charts By now you probably saw that Dean Drako and Barracuda have made an offer of $7.50 a share (in cash) for Sourefire. This values Sourcefire at about 200 million dollars and is a 13% premium over the Friday closing price. Of course this is well below Sourcefire's historical highs, but than again who is worth what they were a few months ago.  I have a chart on the left that shows stock prices.

So what is behind this deal? I think it is all about ClamAV and the Trend Micro suit.  As readers of my blog know, Trend Micro sued Barracuda a few months ago for patent violations around the way Barracuda uses ClamAV in its appliances.  I think Dean was looking to Sourcefire as the owners of ClamAV to step up and help in the defense of the suit.  I believe to date, that has not happened and Dean is upset with it.  In fact Dean actually mentions that suit and Sourcefire's lack of response on it as one of the two reasons why Barracuda's acquisition would make sense. For the other reason Dean takes a swipe at the Sourcefire management team, saying "We believe that the recent FIRE stock price reflects the execution challenges faced by the company’s management to date." 

I am not sure where Dean comes up with the 200 million to complete this deal, but assume he has lined up financing.  However, at this price I don't think this is more than a stunt.  If Barracuda goes beyond $7.50 a share to $10.00 a share or so, it gets real interesting.  Maybe this puts Sourcefire in play and someone else comes forward with another offer, who knows.  But right now I think Dean is just looking to stir the pot.

Update: As I expected, this morning Sourcefire rejected the Barracuda offer according to this article in BusinessWeek. The Sourcefire board said the 187.4 million dollar offer "is not in the best interests of Sourcefire and its stockholders".  Lets see what Barracuda does next.

12:45 AM in MandA, open source, snort | | TrackBack (0)

February 27, 2008

Wayne Jackson out over at Sourcefire

Just saw the release making it official that Wayne Jackson is stepping down at Sourcefire.  Having seen a few of these kinds of situations but not having any inside information, it looks to me like a mutual decision and probably tied to earnings and performance versus market expectations.  In any event, Wayne has done a great job of taking Sourcefire from a good open source project to a public company.  As much as Marty is the lightening bolt and thought leader over there, Wayne brought a steady hand and sense of maturity to the company.  He has much to be proud of in his work on this one.

With a new CEO search underway, I would imagine they are going to look for someone with public company CEO experience to help guide Sourcefire through a rocky market and make up for a history of missing street expectations.  At the same time Wayne's resignation was announced of course Sourcefire also announced another quarter where they missed the numbers. Their stock is down almost a dollar off of their 6.54 closing price.  This brings their market cap down below 150m I would bet.  Tough luck for a company that actually is executing. I think it has more to do with setting the right expectations with the street than it does with the companies market share and such. 

In any event, with a new CEO coming in you can be sure there will be other changes afoot at Sourcefire.  Good luck to you Wayne on your future endeavors, you have accomplished much!

06:02 PM in other security companies, snort, the security industry | | Comments (0) | TrackBack (0)

Technorati Tags: , , , ,

August 17, 2007

The MySQL-ization of the Open Source movement or using open source as a shield

I have been doing some more thinking on the ClamAV acquisition by Sourcefire, some of the comments I have received and a couple of blog posts (here and here) that Matt Asay has done over at his C/Net Open Road blog. This has solidified for me that the open source game is very different than it was 7 years ago when we started StillSecure.  Back then many folks would work with open source tools and components, build functionality on top of them and sell into the market.  You could bundle them and put your work on top of it and a business was born.  Think about the UTM business.  Where would Astaro, Fortinet or any of the UTMs be without being able to bundle open source products?  Forget security, what about so many other products that are using open source databases, Linux and other open source tools and components.

The changing face of open source has thrown a monkey wrench into the works.  What we are seeing between new license "clarifications", acquisitions of open source projects and taking open source closed, is now more than ever plain to see. If you are going to use open source components in your product or service, you have to pay the piper.  The copyright owners of that open source  software are going to want you to commercially license that software.  No where is this becoming more apparent than MySQL. Matt thinks that there is a double standard between traditional software companies and true open source companies. He defends MySQL's latest moves to only make Enterprise code available to paying customers.  He says if IBM or another company made a version of their code available open source they would be universally applauded.  Matt is correct, but what he fails to realize is that these open source companies owe their success to people using it because they buy into the whole open source thing.  Companies like MySQL, Sourcefire and others have been only too happy to reap the benefits of open source.  Good will in the community, having others help with code, testing, bugs, etc.  Then when others seek to use the code, they turn the open source thing on its ear and use it as a shield to keep others out. And please don't give me they won't help us, that is why they can't use it stuff.  Commercial companies don't want help maintaining or developing their code.  They just want cash.

So this is exactly what is going to happen with ClamAV.  In fact as Matt writes here, Tim O'Reilly thinks that virtually every open source company will eventually be acquired by a commercial entity.  Matt says you can either pay your money or contribute code.  Matt that does not cover the overwhelming majority of users of open source and as I said earlier most commercial entities don't want your code contributed.  This would mean they don't own the complete copyright on it and so can't do what they want.  Unless Matt you advocate that code developers should sign their copyright over for the work they do to the commercial entity.  I think you would agree that this is not fair either. Also lets not fool ourselves, even licensing the software is going to get expensive, as the copyright holder is not going to let the licensee make more money then they are if they compete.

So do I think this is right?  My answer may surprise you.  Yes, I think it is right and the natural way of things.  It goes to exactly what we did with Cobia.  I am not hung up on the dogma of open source.  I believe people who do work developing code should be paid for it.  I don't think using open source as a shield is right though. I say be upfront about what is going on.  So when I look at the FAC for the ClamAV deal as one commenter suggested and see this:

"Will Sourcefire change the way that ClamAV open source software is offered? Sourcefire has no current plans to change the way the ClamAV software is offered to end-users. Sourcefire is committed to investing in and advancing the ClamAV technology, just as we have with Snort and Snort.org. Sourcefire is absolutely committed to the continued distribution of ClamAV and the ClamAV malware database as an open source solution under the terms of the GPL."

I think to myself, who are they kidding.  They are going to try and use the same "clarification" to change the terms and use under the license.  Using ClamAV in a UTM is going to take a commercial license.  Why not just say so. Anyone who thinks differently is either a shill for Marty and gang or really, really naive. Another question is why doesn't Sourcefire just come out and say what they mean here? I think we would all respect that  more.

So what are UTM and other vendors who use open source to do?  Great question.  What I would like to see for the good of open source communities everywhere, is that anytime a commercial entity makes a licensing move like this, other companies that are using that open source tool band together with others in the community and fork the project as is their right.  Often times there are plenty of commercial companies using an open source tool, as well as a sizable enough community to support a fork of the project that will remain truer to the ideals that many people have around the use of open source.  That will stop the use as a shield of open source and encourage others to join the community. Without one commercial entity owning the project, all can share and share alike without fear of having the rug pulled out from under them.  The challenge is can competing commercial entities put aside their differences for the common good.  That is the question.  I would love to hear some comments on it!

03:02 PM in open source, snort | | Comments (2) | TrackBack (0)

Technorati Tags: , , ,

July 19, 2007

Marty Roesch clarifies some of his previous comments

In the interest of reporting all sides of the story (I just love this journalist stuff ;-)), I wanted to let you know that Marty Roesch clarified some of his comments which led to my blog article last night/this morning. Things Marty said that may alter what I believed when I wrote my article:

1. Q. Is it within Sourcefire's right to change the language in the source code preamble comments to lock the license at version 2 of the GPL?
A.  The new language that we incorporated for the 2.7.x release changes a notification provision that applies to the GPL, IT DID NOT CHANGE THE GPL.  This is a permissible change because it's modifying the suggested language for header preambles in Snort 2.7.x, not the license itself.  If you read the GPL you'll see that this language is suggested in the section that comes AFTER the Terms and Conditions of the license.  The new language follows one of these suggestions and specifies which version we want our licensees to follow.

I am not sure I wholeheartedly agree here, it sounds like a bit of legal hair splitting.  Marty and team say they did not change the license at all, it is still GPL, it just changes a notification provision.  Frankly, I don't think they had the right to change anything there without the owners permissions, but since I was not effected, I really can't say.  Would be interested in what others think.

2. Q.  Is Sourcefire addressing the concerns raised by Victor and Will from the Snort-inline project.
A.  Yes, we made some mistakes and have corrected them.  Today's release of 2.7 addresses the issues raised by Will and Victor.  If you have concerns regarding the headers or copyrights on code that you've contributed let us know and we'll take care of it.

This is good to hear and I am glad they did this.  Some of the "non-license changes" they changed were to code that was licensed under non-GPL, BSD licensed code.

3. Q.  Do the GPL v2 derivative works clarifications used in the Snort 3.0-alpha code base apply to the 2.x releases of  Snort?
A.  No, these clarifications apply only to Snort 3.0

So here, I just don't get it.  Marty clearly has said that the clarifications in the Snort 3.0 license just clarify what the GPL meant all along.  If so logic would dictate they apply to earlier versions as well, whether or not the clarifications were there or not.  If they don't, how is that clarification not a change.  It just doesn't make sense to me and is a I think a weakness in the argument here.

4. Q.  Does the "assumptive assignment" clause from Snort 3.0 apply to the 2.6/2.7 releases of Snort?
A. No, the assignment provisions in the Snort 3.0 license do not apply past contributions.  Sourcefire is in no way attempting to take ownership of the copyrights of past contributers.

I clearly misunderstood this and this is the way it should be.  People should know before hand about a "assumptive assignment" and make a decision on whether or not to contribute code based upon it.

5. Q.  Is Sourcefire claiming ownership of all contributed code?
A.  No.  The assignment clause in 3.0 will maintain your ownership of copyrights.  It is simply a licensing agreement granting us the right to modify and relicense to 3rd parties.

Again, I was not clear on this and am glad to see it. Of course in reality you are giving Sourcefire a pretty broad license to profit from your work and are you entitled to anything from it is a question to ask. But at least you still retain ownership.

6. Q.  Does this apply to past contributions?
A.  No.  Snort  3.0 is a completely new code base that is entirely developed and copyrighted by Sourcefire.  If we incorporate past contributions to the 2.x code base as work on the Snort 3.0 project continues they will maintain their original copyright and license.

So sounds to me like maybe this whole issue goes away as they are using only Sourcefire owned and developed code in 3.0.  That certainly make it less messy.

7. Q.  What is the practical effect of the derivative works clarifications?
A.  For end users there are none.  You are free to use and modify Snort as you do today.  For anyone that modifies and redistributes Snort *and* adheres to the terms of the GPL, there are none.  You may continue to modify and redistribute Snort as you do today.  The only impact is on organizations that redistribute Snort and fail to adhere to the terms of the GPL.

So this is where I think Marty is playing a bit fast and loose.  The *and* adheres to the terms of the GPL thing.  Is that the terms as Marty understands them.  The same terms that he says needs to be clarified otherwise they don't apply? Or is it the terms as I understand them.  Or for that matter how someone else understands them.  The devil is in the details on that one and I suspect will be the crux of my future conversations with Marty and the Sourcefire team.

08:23 PM in open source, snort | | Comments (0) | TrackBack (0)

Technorati Tags: , , , ,

Search

Lijit Search

disclaimer

  • The views and opinions expresed here are those of myself only and in no way represent the views or positions or opinions of my employer, Latis Networks, Inc. d/b/a StillSecure or anyone else.

Forbes.com

StillSecure, After all these years, the podcast

  • Podlogo

Categories

Currently Reading

Read Recently

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About