[linux-elitists] Re: (forw) Viewable Source != Open Source

Scott McNeil mcneil@valinux.com
Mon Mar 6 17:36:17 PST 2000

Please let us know if Marjorie responds.

Scott McNeil
VA Linux Systems
408.542.5757 voice
408.744.1855 fax

Rick Moen wrote:
> Another Linux periodical fooled by these bozos.  It's really getting
> a bit on my nerves.
> (My query to Tripwire, Inc. about clarifying its intentions, and about
> whether it  has sufficient title to the Tripwire codebase to open-source
> it, has been ignored, by the way.)
> ----- Forwarded message from Rick Moen <rick> -----
> Date: Sat, 4 Mar 2000 22:18:36 -0800
> From: Rick Moen <rick>
> To: ljeditor@ssc.com
> Subject: Viewable Source != Open Source
> X-Mailer: Mutt 1.0i
> Dear Ms. Richardson:
> Suddenly, it's 1984, again.  That was about when the developer
> community figured out that access to merely _view_ source code was not
> enough, and they need not put up with the disadvantages of proprietary
> licences.  Proprietary code is fine for those who like it, but might
> suddenly become unavailable for further improvement and adaptation if
> (say) the owner withdraws the product, changes business models, or goes
> bankrupt.
> I say it feels like 1984 because of David Penn's 3-Mar-2000 article,
> "Tripwire Opens Up 'Best of Breed' Security Tool"
> (http://www2.linuxjournal.com/articles/business/034.html).  Penn reports
> that Tripwire, Inc. will be "providing source code for its flagship
> product, as opposed to merely open sourcing older versions...."
> However, "providing source code" _isn't_ open sourcing.  Am I missing
> something, or isn't this free / open-source world's  key, fundamental
> difference?  Did I just dream the last sixteen years?  Did, say, Sun
> Microsystems's SCSL suddenly become an "open source" licence, merely
> because it makes covered source code open for inspection?
> In fact, it is clear that Tripwire, Inc. remains under the (mistaken)
> impression that viewable source = open source:  Its FAQ
> (http://www.tripwire.org/faq.html) states that "Tripwire, Inc. has had
> the advantage of distributing an open source product in the market for 8
> years".  This refers to "Tripwire ASR", the viewable-source variant of
> the company's product.  Which, of course, is not open source, and never
> was.
> Examples abound, actually, of the open-source community going to
> considerable lengths to replace proprietary, viewable-source software,
> to gain the advantages of genuine open source.  The canonical example
> would be BSD Unix and its progeny.  In the security field, GNU Privacy
> Guard is replacing proprietary PGP, OpenSSH is replacing SSH, _and_ Rami
> Lehti's GPL'd AIDE package (Advanced Intrusion Detection Environment,
> http://www.cs.tut.fi/~rammer/aide.html) is making Tripwire obsolete.
> Tripwire, Inc.'s confusion about licencing is understandable -- and no
> doubt genuine:  They're very late to the party, are considering joining,
> and misunderstand the ground rules.  But it's a little less easy to
> understand how _LJ_ could repeat the company's claims so uncritically.
> --
> Cheers,                        My pid is Inigo Montoya.  You kill -9
> Rick Moen                      my parent process.  Prepare to vi.
> rick (at) linuxmafia.com
> ----- End forwarded message -----

More information about the linux-elitists mailing list