Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Feds Kill Check Point's Sourcefire Bid

ScuttleMonkey posted more than 8 years ago | from the i-don't-want-to-wash-the-people's-truck dept.

181

Caffeinated Geek writes to tell us The Register is reporting that Check Point Software has removed their bid to buyout rival software company Sourcefire following objections from the FBI and the Pentagon to the Treasury's Committee on Foreign Investments. From the article: "Federal agency objections to the security software tie-up center on the implementation of Sourcefire's anti-intrusion software 'Snort' by the Bureau and Department of Defense, AP reports. In private meetings between the panel and Check Point, FBI and Pentagon officials took exception to letting foreigners acquire the sensitive technology."

cancel ×

181 comments

Most telling part of the article... (5, Insightful)

trazom28 (134909) | more than 8 years ago | (#14989105)

'Check Point says the two companies will find ways round the roadblock. CEO Gil Shwed said: "We've decided to pursue alternative ways for Check Point and Sourcefire to partner in order to bring to market the most comprehensive security solutions."'

So, they can't merge, but the items in question will be shared anyway.. so much for regulation and oversight :)

Why does the media always get these things wrong (5, Insightful)

einhverfr (238914) | more than 8 years ago | (#14989197)

The ports issue was blown way out of purportion. The ports themselves were not being taken over, just the operation of a few cargo cranes.

Here it is not about the technology and control thereof. It is about ensuring that the DoD, FBI, etc. don't have to provide sensitive information about their infrastructure to foreign firms as a part of technical support.

I have it on good authority that some branches of the DoD are moving away from Microsoft software because they keep getting their tech support calls routed to India and they *require* support from engineers in the US.

Re:Why does the media always get these things wron (0, Redundant)

'nother poster (700681) | more than 8 years ago | (#14989249)

they *require* support from engineers in the US.

Even if the engineers aren't citizens of the U.S. Got to love that.

Re:Why does the media always get these things wron (2, Funny)

DJCacophony (832334) | more than 8 years ago | (#14989261)

"Hello? Tech support in north korea? I have a problem with this encryption that is not exportable outside the us, and..."

Re:Why does the media always get these things wron (1)

'nother poster (700681) | more than 8 years ago | (#14989398)

And?... nothing. Crypto was removed from the munitions list years ago wan't it? It's been about 10 years since I have done crypto work and I haven't kept up on the munitions list status. Even if it is still on the list, why would it matter? If it is a vetted algorithim and implimentation, having the source code would do nothing to help the enemy state anyway. The only reason something like keeping the code out of forign hands would work is if the "security" of the product was enforced by "obscurity". Age old problem, and stupid implimentation if it is.

My guess is that the .gov version of Snort has some hooks that allow it to work with some .gov developed software to identify traffic of a certain nature outside the realm of the intrusion detection rules built in, or pass off data streams to a seperate node for follow-on processing like decryption and such.

Re:Why does the media always get these things wron (1)

DJCacophony (832334) | more than 8 years ago | (#14989408)

And?... nothing. Crypto was removed from the munitions list years ago wan't it?

No.

Re:Why does the media always get these things wron (1)

'nother poster (700681) | more than 8 years ago | (#14989567)

Well, since it's still on the list, it's still as moronic a regulation now as it was 10 years ago when I stopped tinkering with crypto.

Re:Why does the media always get these things wron (0)

Anonymous Coward | more than 8 years ago | (#14989318)

Good point, if it the could was not Open Source, so, thus rendering their claim of concern mute.

Re:Why does the media always get these things wron (2, Funny)

IAmTheDave (746256) | more than 8 years ago | (#14989603)

Yes... security... stop the sale. But AT&T, SBC, MCI - you guys go ahead and buy each other up all you want. Monopoly good. But WHOA - you're putzing with some OSS stuff we use! Bad company! NO PURCHASE FOR YOU!

This sounds specious (0)

Anonymous Coward | more than 8 years ago | (#14989801)

I mean a company that produces a lions share of the firewalls that are used by DoD surely already has access to infrastructure information. What further information would they get if they had IDS technology too?

Re:Why does the media always get these things wron (1)

ericspinder (146776) | more than 8 years ago | (#14989975)

The ports issue was blown way out of purportion. The ports themselves were not being taken over, just the operation of a few cargo cranes.
I'll agree that the ports deal was a little overblown, but I am happy that someone finally took notice of the importance of port security. However it wasn't 'just a couple of cargo cranes'. These people would be responsiable for the staffing and managing of the day-to-day security, and would have intimate knowledge of the inspection process for the ports which they work. It might be easy to 'make sure' that one particular cargo carrier was 'missed' by customs, just by unloading it late in the day.

Of course, the mitigating factor would be the other staff who might notice 'something fishy'.

But it is freely available to anybody (4, Informative)

andy314159pi (787550) | more than 8 years ago | (#14989113)

But snort is freely available to anybody right now:

http://www.snort.org/ [snort.org]

Re:But it is freely available to anybody (2, Informative)

DJCacophony (832334) | more than 8 years ago | (#14989206)

It's a specific implementation of snort, not just the code. If it was just the code, the company wouldn't be selling it, and another one wouldn't be buying it.

Re:But it is freely available to anybody (1)

andy314159pi (787550) | more than 8 years ago | (#14989231)

I'm confused. Snort is probably pretty easy to build for an arbitrary system. I haven't compiled it myself for my system, but prebuilds exist for most distributions. Did they change snort's code in the commercial version or is it just a build for more common OS's?

Re:But it is freely available to anybody (2, Informative)

DJCacophony (832334) | more than 8 years ago | (#14989299)

Sourcefire sells snort as part of a system. See here [sourcefire.com] .

Re:But it is freely available to anybody (1)

andy314159pi (787550) | more than 8 years ago | (#14989317)

oh yeah. :)

irrational fear? (2, Interesting)

rovingeyes (575063) | more than 8 years ago | (#14989116)

Isn't snort open source? What am I missing?

Re:irrational fear? (1, Insightful)

Anonymous Coward | more than 8 years ago | (#14989142)

Never underestimate the incompetency of a government.

Re:irrational fear? (3, Insightful)

trazom28 (134909) | more than 8 years ago | (#14989162)

Same fear that kept the Dubai ports deal from going though. Stereotypes and the FUD factor.

The world is going from a less global-centric to a more local-centric way of life. A step backwards I'd think.. how can one relate to those not like themselves, if they refuse to relate to them?

Re:irrational fear? (1)

XMilkProject (935232) | more than 8 years ago | (#14989527)

The Dubai ports deal was far more superficial than even stereotypes, racism, and FUD. It was simply a fear of missing an opportunity for election time issues.

Re:irrational fear? (2, Interesting)

pegr (46683) | more than 8 years ago | (#14989172)

sn't snort open source? What am I missing?
 
Well, Snort could always pull a nessus [slashdot.org] and close the source...

Re:irrational fear? (1)

DJCacophony (832334) | more than 8 years ago | (#14989181)

It's a specific implementation of snort, not just the code. If it was just the code, the company wouldn't be selling it, and another one wouldn't be buying it.

Re:irrational fear? (2, Funny)

morgan_greywolf (835522) | more than 8 years ago | (#14989225)

Oh, my! Snort is open source? But Bill Gates and Steve Ballmer both said that open source software is insecure!

I had no idea! We're going to have stop using Snort immediately!

-- The FBI

Open source!= public. (2, Informative)

wiredog (43288) | more than 8 years ago | (#14989233)

The GPL only requires that you provide source code if you provide the binary. So if you do a version for $SecretAgency, with $SecretStuff in it, then you only have to provide the source to $SecretAgency. Not to the general public.

Re:Open source!= public. (2, Insightful)

'nother poster (700681) | more than 8 years ago | (#14989294)

Or, $SecretAgency could modify the code and compile it to binary and not distribute it, but allow Check Point Software access to the source as part of the support contract so that if $SecretAgency calls for support the support staff at Check Point Software won't simply scratch their heads and go, "that's not how it's supposed to work!"

Re:irrational fear? (3, Informative)

vitamins (531658) | more than 8 years ago | (#14989368)

To clarify snort is to sourcefire what fedora is to redhat enterprise linux. (I forget what I got on my SAT.) So the developers of snort are trying to make some money by marketing a pre built platform "SourceFire". Also I have heard that even though Check Point is used by many fortune 500 companies it is not used by the U.S. Government because it is developed in another country.

Re:irrational fear? (4, Insightful)

algae (2196) | more than 8 years ago | (#14989377)

Maybe you're missing the possibility that whoever's using Snort in the DoD doesn't want to have to hire a full-time programmer to act as tech support when they can just get a contract with Sourcefire instead? As far as I can tell, this isn't about code, it's about support. Sensitive information occasionally needs to be given to tech support in order to diagnose/fix problems, and the DoD would prefer whoever's on the recieving end to be an American. I wonder if Sourcefire have any support personnel with gov't security clearances.

Re:irrational fear? (1)

spaztik (917859) | more than 8 years ago | (#14989392)

The fact that the United States government and all members thereof have, in fact, lost their minds.

Re:irrational fear? (2, Informative)

RyanCowardin (961379) | more than 8 years ago | (#14989394)

Snort is open-source.... SourceFire makes money off the other things they've created to work with/around Snort...

Quoted from here [isp-planet.com]

"Roesch sees Snort and Sourcefire as two different solutions aimed at distinctive markets. "The idea of Snort was to give people the best free, open source intrusion detection system we could, and we were pretty successful at that," he said. "The idea of Sourcefire is to say, 'Okay, we've got good intrusion detection technology: let's add everything else people need to use these systems effectively in large organizations.'"

And that's not to say that large organizations can't use Snort without the backing of Sourcefire. Roesch says some of the biggest companies in the world use Snort. Sourcefire just adds the manageability along with ease of use and deployment that many enterprise customers are looking for in an intrusion detection system.

Sourcefire's OpenSnort Sensors cost $9,995 each, and the OpenSnort Management Console costs $19,995. Various service contracts are available, ranging from a platinum level with around-the-clock support to a standard contract with per-incident support and e-mail discussion list access. Training on Sourcefire's products is also available. Training on IDS and forensic analysis in general is planned for the near future"

Also, the Federal Information Security Management Act [sourcefire.com] might have a lot to do with this decision as well:

"The Federal Information Security Management Act (FISMA), Title III of the E-Government Act of 2002, outlines requirements to secure Federal information. Each Federal Agency, including contractors or other organizations who work with the agency, must develop, document, and implement an agency-wide information security program. Detailed guidance and recommendations are provided by the National Institute for Standards and Technology (NIST) encompassing all aspects of information security."

Re:irrational fear? (1)

supabeast! (84658) | more than 8 years ago | (#14989453)

You're not really missing much - this is just people in the US Government being pricks. The US Government already has a great relationship with Checkpoint, certifies Checkpoint products for use in classified networks, and Checkpoint products are a common sight in those classified networks of the various US intelligence agencies. Checkpoint taking over Snort wouldn't really change much of anything.

"Buyout" is a noun. (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#14989118)

Learn English.

What? (1)

crow_t_robot (528562) | more than 8 years ago | (#14989122)

They can have our ports but foreigners can't have snort? WTF?

You can have our ports, but not our software! (-1, Offtopic)

elrous0 (869638) | more than 8 years ago | (#14989137)

Okay, you can have that too.

-Eric

Not about the technology per se (4, Informative)

einhverfr (238914) | more than 8 years ago | (#14989153)

It is about support contracts and how much information about DoD infrastructure they want a foreign firm to have. This is far more of a serious and legitimate issue than the sale of the operation of a few cargo cranes to a Dubai firm.

The issue is that the DoD is very serious about controlling the amount of access foreigners have to their infrastructure and information on that infrastructure. I have it on very good authority that some DoD divisions are moving away (at a cautious rate) from Microsoft technologies precisely due to their difficulty in avoiding having their tech support calls routed outside the US. However, this is probably all I can say on this board.

Re:Not about the technology per se (1)

crow_t_robot (528562) | more than 8 years ago | (#14989190)

Sure, because other companies (i.e. Sun, etc...) don't outsource their tech support to India and other shitholes outside the US...

Re:Not about the technology per se (4, Funny)

pickyouupatnine (901260) | more than 8 years ago | (#14989224)

If he said anymore, he'd have to KILL US ALL!!!!!

Re:Not about the technology per se (1)

c_forq (924234) | more than 8 years ago | (#14989796)

Funny, yes. But on some issues the government does not fuck around, security of classified information being one of them. If were to leak something we wouldn't have to worry about anything, besides never hearing him post here again. He might have a hell of a lot to worry about though.

Re:Not about the technology per se (4, Insightful)

Homology (639438) | more than 8 years ago | (#14989255)

The issue is that the DoD is very serious about controlling the amount of access foreigners have to their infrastructure and information on that infrastructure. I have it on very good authority that some DoD divisions are moving away (at a cautious rate) from Microsoft technologies precisely due to their difficulty in avoiding having their tech support calls routed outside the US. However, this is probably all I can say on this board.

Yeah, no kidding. Many foreigners are serious about this as well, but when they try to do something about it, there are huge cries about "free" and "fair" trade from USA and demands for sanctions.

Re:Not about the technology per se (0)

Anonymous Coward | more than 8 years ago | (#14989326)

Yeah.. don't say any more dude..

If support calls are a problem, how about the fact that virtually every commercial software company is doing overseas outsourced development? How about the fact that open source projects have no physical boundaries?

How about the fact that the government already uses Check Point's firewall product quite broadly. Wouldn't a network access control product be more of a concern than an IDS product?

Re:Not about the technology per se (0)

Anonymous Coward | more than 8 years ago | (#14989448)

It's not about SNORT. Look at some of the other software products that Sourcefire sells. One product in particular (not open source) is used by DoD by several defense contractor.

Re:Not about the technology per se (2, Interesting)

c_forq (924234) | more than 8 years ago | (#14989855)

how about the fact that virtually every commercial software company is doing overseas outsourced development?

Not the software companies contracted by the military and DoD. All defence contracts stick to American companies and all work stays in America. Notice how Lockheed Martin and Raytheon don't have any international competition (in the defence department, Lockheed has international competition on its non-defence products). I am willing to bet all open source the government uses has been modified, with many modifications not made public (note the GPL requires you to provide source only to those you provide the binary to. If you don't provide the binary to anyone you don't have to provide the source to anyone, or if the gov has someone else do the work they don't have to provide the source to anyone but the gov).

Re:Not about the technology per se (1)

the_B0fh (208483) | more than 8 years ago | (#14989474)

OK, this does not make sense. DoD and the US government has a shitload of Checkpoint licenses - something like 30% or 50% of their firewalls are checkpoints.

Why would checkpoint/snort be an issue? And it's not like Checkpoint can't just download a copy of snort, and use that to integrate with their firewalls.

Besides, isn't Israel our good friend?

Re:Not about the technology per se (0)

Anonymous Coward | more than 8 years ago | (#14989955)

Easy answer, change security software. If the Feds don't like how this is going, they have NO RIGHT to stop it. They can go with a different solution, however.

More than just source code... (4, Interesting)

chill (34294) | more than 8 years ago | (#14989184)

I'll bet their objections stem more from the realization that a lot of organizations download the latest rules and trust them blindly, installing them automatically. It is pretty trivial to create a server-side filter to provide "custom" rules based on the client or requesting IP address, thus "infiltrating" a particular organization.

After all, VRT-certified rules require a subscription and how many places have the expertiese and time to validate them?

I figure someone at the Pentagon asked the simple question "Hey, do we use Snort?" and got the answer "Yeah, it is everywhere. Why?" and just about had heart failure.

  -Charles

Sigh... (5, Insightful)

Anonymous Coward | more than 8 years ago | (#14989186)

I work for a very large MSSP, and this makes me quite sad.

Sad, because Snort's source code is not exactly a mystery. And Check Point's technology already does a much better job at preventing intrusions, since it is a firewall and Snort is a really shitty IPS. (All IPS are shitty, sorry. I like Snort for IDS, really) My sadness here is deep and mournful.

I'm also really disappointed, because I hate Sourcefire. I was really looking forward to Check Point reigning in their way-out-of-line sales guys. More than that, tech support at Sourcefire (all 3 guys!) sucks, 'cause they're all arrogant pricks who don't really give a shit about the customer, and honestly believe their code is perfect and never has problems. Actually, that sums up SF pretty well. Check Point, for all their problems, actually listens when we complain, which is nice, though getting things fixed is an ungodly slow process.

Oh well. Fuckin' government.

Re:Sigh... (0)

Anonymous Coward | more than 8 years ago | (#14989463)

I feel your pain...I interviewed with them a while ago...and I found them very arrogant. No sense of common courtesy.

Re:Sigh... (1, Insightful)

Anonymous Coward | more than 8 years ago | (#14989735)

Totally disagree. We own several Sourcefire devices and the have been nothing short of awesome. We actually asked them to build stuff SPECIFICALLY for our environment, and they were happy to oblige.

Re:Sigh... (1, Insightful)

Anonymous Coward | more than 8 years ago | (#14989892)

Just for the record, I also totally and completely disagree. I headed up the rollout and later monitoring and maintenance of Sourcefire products at a previous job, and I found the tech. support to be extremely competent and helpful. I could call and ask any question and they would answer that question completely truthfully and honestly, which is more than I can say for almost any other support that I have ever talked to. And yes, I dealt with two of the techs and felt the same about both.

closed source (2, Informative)

Casca (4032) | more than 8 years ago | (#14989193)

So um, anyone have a problem with the fact that Checkpoint NGX is closed source firewall software, that quite a few government sites use? It doesn't bother them that there could be a backdoor waiting for the "secret Israeli shutdown code" in every Checkpoint firewall in the world?

Re:closed source (1)

winkydink (650484) | more than 8 years ago | (#14989237)

Why would it bother the US when they own the ultimate Israeli shutdown code?

"You're on you're own."

O Noes, Digital Fortress 2! (1)

Orrin Bloquy (898571) | more than 8 years ago | (#14989334)

Dan Brown must be jizzing his pants "adapting" this news story for his next book.

Re:closed source (4, Informative)

chill (34294) | more than 8 years ago | (#14989349)

Check Point firewalls are prohibited in a lot of government departments, including the Pentagon and most of the DoD. There are exceptions, of course.

Re:closed source (0)

Anonymous Coward | more than 8 years ago | (#14989654)

This has been the case for years, as much of Checkpoint is funded by Israeli intelligence.

Re:closed source (0)

Anonymous Coward | more than 8 years ago | (#14989628)

There's a lot of security and instant messaging software out of Israel. A number of the developers come from an Israeli Military Intelligence background ... You can connect the dots, can't you?

Re:closed source (1)

Triskele (711795) | more than 8 years ago | (#14989745)

So um, anyone have a problem with the fact that Checkpoint NGX is closed source firewall software, that quite a few government sites use? It doesn't bother them that there could be a backdoor waiting for the "secret Israeli shutdown code" in every Checkpoint firewall in the world?
I guess no more than it bothers the rest of us that large amounts of software used by our governments probably really does have a "secret US shutdown code". What's good for the goose is good for the gander, right? Oh I forgot, the WTO is only there to protect against anti-US competition.

Isolationist in force not in trade (3, Interesting)

dada21 (163177) | more than 8 years ago | (#14989196)

I really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade. The "secrets" everyone is so adamant in protecting are already all over the world, almost nothing is secret anymore.

The reason I am frustrated is not just because the Feds attempt to use security as a reason for trade barriers, but because it also seems to leave me with the opinion that such coercion could have underlying cronyist reasons. I don't like giving powers and rights up to the Feds when I don't know who is truly profiting from these actions. There are a lot of global motivators hidden in the closet, and we don't have an open book to the finances of those in power.

I don't trust anyone with securing the borders anymore, not when they do it with trade barriers rather than a real defense of our land and only our land. I prefer isolationism of government -- keeping our government only in our sight, away from prying and entangling and financing others. I prefer open trade -- no tariffs, no embargoes, no taxes, no favoritism, no protectionism and no limits to what people can sell and buy.

Re:Isolationist in force not in trade (2, Insightful)

einhverfr (238914) | more than 8 years ago | (#14989234)

I really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade.

Funny, I thought that was exactly what the Commerce Clause was intended to allow. IANAL though. Unless you have a different view of commerce that somehow omits trade.

Re:Isolationist in force not in trade (2, Insightful)

dada21 (163177) | more than 8 years ago | (#14989301)

No, you're right -- the framers were vague (and conflicting) in their desire for the commerce clause. It's a debate I lose based on the facts. I still don't think the Constitution allows these barriers to be created, though.

At the time of the framing of the Constitution, commerce meant ""[i]ntercourse, exchange of one thing for another, interchange of anything; trade; traffick." This is per Sam Johnson's Dictionary of the English Language, Third Edition 1765 [amazon.com] . I believed based on this definition alone I lose the debate with international trade (but win the debate with interstate trade).

The problem is that one should dig deeper. The Constitution was accepted because James Madison promised that "The commerce clause would forever be used to protect the liberty of every American to trade in an unhindered way." This lets me believe that the intent was not for the federal government to restrict trade but to try to help enable trade.

It is a deeper problem than a few words or paragraphs can deal with, but I'm still reading and researching more on the intent of the ideas of the Framers. I believe we've twisted so many words in the past 200 years that it is very hard to see any reason to even refer to the Constitution as it stands today.

Re:Isolationist in force not in trade (0)

Anonymous Coward | more than 8 years ago | (#14989415)

When you get right down to it, the commerce clause is specifically there to keep the states and localities from fucking things up. It's bad enough that we have companies fucking things up with region codes where the DVD-CA's contract with Sanyo keeps me from watching a movie I bought from the BBC. At least with the commerce clause causing the bullshit to be spread across the country, it might affect enough people that something will be done about it.

Re:Isolationist in force not in trade (1)

Zak3056 (69287) | more than 8 years ago | (#14989428)

I still don't think the Constitution allows these barriers to be created, though.

I agree with you in general that the commerce clause has been taken too far, but in this specific instance I have to raise a point: one of the most important sources of funding for the new government was... tarriffs. That being the case, it seems that the founders believed that the constitution permitted the creation of at least some barriers on foreign trade. Perhaps not as far as disallowing foreign investments, but barriers none the less.

Re:Isolationist in force not in trade (2, Interesting)

einhverfr (238914) | more than 8 years ago | (#14989612)

While I think that most people would suggest that the Madison view of the Commerce clause has largely dead unfortunately, I think his intention was different than you make it out to be.

The purpose of the Commerce Clause was simply to help ensure a uniform code of trade between the States and between the United States and foreign entities. It was designed to avoid trade wars between, say, New Jersey and New York and to prevent foreign states from exploiting such inconsistancies between states for their own advantage over us. So even under the most limited view of the Commerce Clause I can find, it ought to allow Congress to regulate international business.

However, I do not think that the original intent was to allow the regulation of marijuana grown for personal medical use where neither commerce nor interstate concerns are at issue (the Supreme Court disagrees as to the current intention though, see Raisch v. Gonzales) as this seems to be unreasonably far removed from the intent of the clause.

But IANAL.

Re:Isolationist in force not in trade (1)

ahodgson (74077) | more than 8 years ago | (#14989655)

really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade. The "secrets" everyone is so adamant in protecting are already all over the world, almost nothing is secret anymore.

If the US government obeyed its constitution and the intentions of the framers, there wouldn't be a DoD or an FBI at all, so it wouldn't be a problem. There wouldn't be "Feds".

You live in a country that takes over 35% of GDP in taxes and supports a massive government that intrudes in all aspects of your life and the lives of people around the world. Stop worrying about little things like the Constitution. Congress hasn't for at least 145 years.

Re:Isolationist in force not in trade (1)

dada21 (163177) | more than 8 years ago | (#14989841)

I agree. That's why I am an anarcho-capitalist and not a libertarian. My only Constitutional beliefs are in the proper 1st and 2nd Amendment and the individual's right to property mixed with their labor, and everything else matters little to me.

but the fed wants to give physical ports to UAE? (0)

Anonymous Coward | more than 8 years ago | (#14989201)

Ok, so sourcefire, a company that offers a few services and oversees an opensource project (but doesnt own) is a security sensitive matter? Last I checked, snort contributers come from many countries besides the US. Not to mention the signatures!

But when the UAE, a nation with strong direct terrorist ties, is interested in aquiring 6 major US sea ports, the fed tries to give it to them with no oversight and sneak it under our noses in violation of federal law.

The CIFUS board passed the UAE deal without investigation but block sourcefire without merrit. Talk about a double standard!

Re:but the fed wants to give physical ports to UAE (0)

Anonymous Coward | more than 8 years ago | (#14989321)

Um.. I think Sourcefire does own the patents on Snort.

Re:but the fed wants to give physical ports to UAE (4, Interesting)

dammy (131759) | more than 8 years ago | (#14989360)

First of all UAE is our partner in fighting terrorism. Unless of course, your just racist by nature, then that wouldn't matter to you. Second, it was not ports being sold to the UAE corp, it was the terminals which operate in those ports. Those terminals are actually leased, not owned by those corps, even if that corp built the facility. The actual owner is the government and they get all the toys at the end of the lease, which they turn around and lease yet again.

Same thing at airports. Hangers or terminals maybe built and paid for by corporations or individuals, but at the end of the lease, the airport authority (usually state but could be county or city) has ownership of those structures.

Dammy

Re:but the fed wants to give physical ports to UAE (2, Interesting)

trazom28 (134909) | more than 8 years ago | (#14989523)

But when the UAE, a nation with strong direct terrorist ties, is interested in aquiring 6 major US sea ports, the fed tries to give it to them with no oversight and sneak it under our noses in violation of federal law.

Are you on the same planet we are? I'd have to say no, considering the UAE is one of the friendliest nations. Considering the US Navy stops there on average 400 times per year for shore leave, they can't be all bad. And that's a fact. Get rid of your stereotyping, and you may learn something.

That is SO stupid (1)

alexborges (313924) | more than 8 years ago | (#14989210)

I mean.... sourcefire is based in OpenSource.... there is no closing that lid.

Re:That is SO stupid (1)

Joseph_V (908814) | more than 8 years ago | (#14989522)

That's the problem. It is open-source software and in the hands of "foreigners", thus they present a proven leak on security software. They don't want to fund a company that is doing this even if the company had good intentions, I assume.

Snort Technology (1)

MECC (8478) | more than 8 years ago | (#14989230)

If the issue is really preventing snort technology from falling into foreign hands, then shouldn't someone tell them that snort is opensource, and already in the hands of those nasty foreign devils?

Wakeup and Smell the Packets (0)

Anonymous Coward | more than 8 years ago | (#14989244)

Source fire is NOT Snort boneheads.
And the reason the FBI, Pentagon objected is obvious.

Too many eggs in one companies basket.
If you pwn the firewall, you may not pwn the IDS too.
These objections make complete sense to me.

Move along, nothing to see here.

Xenophobia, anyone? (3, Insightful)

slavemowgli (585321) | more than 8 years ago | (#14989246)

FBI and Pentagon officials took exception to letting foreigners acquire the sensitive technology.

Ah, yes, nothing like some good old xenophobia, mixed with a nice measure of nationalism. You just can't trust those foreigners - many don't even speak English, or have funny skin colours, or similar things. The government is really just protecting you from these traitors, citizen.

Liberals 2000s = John Birchers 1950s (-1)

Anonymous Coward | more than 8 years ago | (#14989287)

The liberals are the new John Birchers.

John Birchers of previous millenium.
"Any one who diagrees with me is a Communist".

Liberals this millenium.
"Any one who diagrees with me a xenophobic, homophobic, racist isolationist".

Grow up or go way. Either way, I don't care.

You'll probably get "modded up" for passing the one of the Libertarian or Liberal litmus tests, though.

Re:Xenophobia, anyone? (1)

KarmaMB84 (743001) | more than 8 years ago | (#14989314)

It's hard to consider the United States Xenophobic when most of the world really does hate us.

Re:Xenophobia, anyone? (1)

Jedi Alec (258881) | more than 8 years ago | (#14989624)

It's hard to consider the United States Xenophobic when most of the world really does hate us.

Hate? Don't flatter yourself. s/hate/utterly ignores/

Re:Xenophobia, anyone? (1)

hobbes75 (245657) | more than 8 years ago | (#14989331)

Not xenophobia, they are just afraid of a security system they can not crack/control... ;-)

national security vs capital loss (3, Insightful)

dotpavan (829804) | more than 8 years ago | (#14989265)

This brings up a point, why should Sourcefire sacrifice its profits/capital gain for National security? Would they be compensated monetarily for having lost this deal, because of not trade sanctions or rules, but national security. And who gets to decide what is safe for US and what is not? When big coprporations who have lobbying power get port deals (not flamebait, just comparison as its fresh in memory) and they arent seen as national threat, then how come this is. And someone has rightly pointed, this being open source.

reminds me of a toon at a local newspaper here:

scene: night time, husband and wife in bed (please dont stretch your imaginations)

Husband: ah, now that we know for sure that the Dubai company isnt handling the US ports, I can get a sound sleep.

Wife: Yes, Its good and heartening that the DHS still oversees security.

They pause, give a shocked and scared-to-death look.

Re:national security vs capital loss (1)

alen (225700) | more than 8 years ago | (#14989396)

there is a special team from the FBI, CIA, NSA, Commerce and a few other departments that looks at any merger where a foreign company buys a US company. They look at the national security aspects and either put conditions on the merger or kill it. Nothing you can do since there is a law that lets the government do this.

Re:national security vs capital loss (1)

trazom28 (134909) | more than 8 years ago | (#14989397)

scene: night time, husband and wife in bed (please dont stretch your imaginations)

You *do* realise this is slashdot... right?

Snort (0)

Anonymous Coward | more than 8 years ago | (#14989267)

I guess Check Point Software will have to resort to the second option to snort. [bbc.co.uk]

Yet again. (1, Funny)

Anonymous Coward | more than 8 years ago | (#14989290)

I work for the gubment, and I can tell you.
There is the hugest need for assh()le to elbow road maps here.

Geesh, what's next, Exporting Knoppix will be illegal?

This makes less sense than it seems... (1)

zappepcs (820751) | more than 8 years ago | (#14989323)

This makes less sense than it seems. Sure, all the comments make sense of things, but one thing doesn't fall into line. Why is the government stopping this sale when they could just as easily take the open source code, mangle it for their own, and carry on with their own internal protection software? Its obviously not rocket science, and makes sense to keep security development internal when its that sensitive.

This really smells like interference for reasons that are not floating on the surface. Only time and investigative measures will tell for certain, but I suspect we should all be wearing tin foil hats when we read this story.

A different view on things (4, Informative)

brennz (715237) | more than 8 years ago | (#14989417)

I have read more BS in these threads than anywhere else in recent memory.

So, I'll in you on the truth.

Foreign nations are actively seeking to get their hands into US classified govt sites, to get the underlying information which they want DESPERATELY. Israel, France, China, Russia - they are the most aggressive.

A few years back I was working for DOD. Someone was trying to make a sales pitch for equipment they wanted to sell us, for use in classified environments. They claimed to be a US company.

My boss asked me to look into the company and get back to him. It took a few hours, but I found exactly what I think he already suspected.

The company was a US company in name only. The entire company was infested at the upper levels by former intelligence personnel from one of the above countries already mentioned. Most of their company also, was in this foreign country too. Only a small amount of sales ppl actually were in the US for the company.

They made a huge amount of factual misrepresentations, trying to trick us.

When the US govt says no, there is normally a reason behind it, or active intelligence efforts supporting their rationale. Don't believe some moronic reporter with shit for brains that is labelling something as "protectionism".

Re:A different view on things (5, Informative)

RyanCowardin (961379) | more than 8 years ago | (#14989641)

And just to rehash history... it's not like Israel has EVER tried to spy [cnn.com] on the US [msn.com] before or anything.

When the government does business with a US company, it's a heck of a lot easier for the administration to send someone over to said company threatening, "Hey, we don't like what you're doing! Keep it up and we'll happily send your entire company on a quail hunting trip with Dick Cheney!" It just doesn't have the same affect on a foreign owned company, unfortunatly.

Re:A different view on things (1)

greg_barton (5551) | more than 8 years ago | (#14989924)

When the US govt says no, there is normally a reason behind it, or active intelligence efforts supporting their rationale.

As opposed to when they say yes... [google.com]

Purely Political (0, Troll)

SailorBob (146385) | more than 8 years ago | (#14989510)

Snort is an Open Source program, which means that it's source code is already available to the Chinese, Iranians and anyone else who wants it. I assume that Sourcefire's closed source products are based in one way or another on the technology in Snort, which makes it very difficult to understand the FBI and Pentagon's objections other than in the context of an anti-Israel political decision.

I geuss the FBI has the resources to hunt down and entrap Jewish political lobbyists [jonathanpollard.org] but not to catch terrorists or say anything about a terrorist supporting Arab state [frontpagemag.com] taking over the country's ports.

Zionist Baiting (0)

Anonymous Coward | more than 8 years ago | (#14989534)

Check out the posters "home URL" .... http://www.landofisrael.info/ [landofisrael.info]

BTW, Johothan Pollard is/was a traitor.

This will contribute to inflation of the USD (3, Informative)

Serveert (102805) | more than 8 years ago | (#14989577)

All these foreigners collect dollars by selling products/services, and when they try to use these dollars - with the Dubai ports deal or this case - they are rejected by the US Government.

So essentially foreigners are stuck with 'funny money' which they cannot use as true currency. Sooner or later they will wake up, sell dollars en masse and opt for another currency after they realize they have been had. They've been giving us commodities and services while we give them monopoly money.

Control (1)

certel (849946) | more than 8 years ago | (#14989605)

Two legitimate companies should not be bound by countries. I think this is dumb.

Absolute Nonsense (0)

Anonymous Coward | more than 8 years ago | (#14989673)

Does this mean the US Government is going to remove all of their installations of Check Point FW-1?! 70% of the agencies I have worked for or audited here in DC use Check Point / Nokia solutions. Did they forget about the boxes?

I guess (0, Troll)

Jachra (960690) | more than 8 years ago | (#14989715)

the DOD and FBI can not trust the Mossad these days to protect there interrest.

A new /. poll? (1)

OhHellWithIt (756826) | more than 8 years ago | (#14989721)

I have Snort and I am...
  • a U.S. citizen.
  • a furriner.
  • a citizen of an Axis of Evil nation.

it's not the product.... (0)

Anonymous Coward | more than 8 years ago | (#14989740)

Soucefire's largest customer: US Federal Government. Owning the company means knowing exactly where it's installed, details of some of those installs, who supports it, where the boxes were shipped, etc....

I believe this is the info that they didn't want falling into foreign hands -- not anything snort specific. Crap, the intrusion sensors and defense center all run linux with some custom bits -- that part's not voodoo.

Great for Sourcefire (2, Funny)

Kludge (13653) | more than 8 years ago | (#14989781)

This will great for the value of Sourcefire. Image if the Feds said that your company was too valuable to them to sell to a foreign country. Woot! That will be several hundred million extra, please.

Things are just getting wierd. (1)

dilvish_the_damned (167205) | more than 8 years ago | (#14989785)

Snort is now a national asset.
I am jealous, I want to write a national asset of mine own so that the feds can block its sale to a Canadian Homebrew Club.

The most dangerous enemy. (1)

jack_n_jill (642554) | more than 8 years ago | (#14989819)

The most dangerous enemy it the one masquerading as your friend.

http://www.ussliberty.org/ [ussliberty.org]

Israel stabs you in the back and then expects you to participate in the cover-up.

Simple Solution (1)

tecker (793737) | more than 8 years ago | (#14989860)

Create an American based company and then buy the other two. Or simply merge them and set up shop here.

BTW. What does the government have against an Israeli company. I thought we were friends with them. Might bit strange. Im sure they will find a way arround this.

When did we turn into xenophobes? (0)

Anonymous Coward | more than 8 years ago | (#14989878)

Great, after that whole Dubai business, now this too. Is America slipping back towards the old days of anti-globalism where everyone is afraid to "let them foreigners who steal our jobs in"? Funny how both the Dubai business and this ended up being resolved by the company in question being forced to give up essentially. Especially weird considering how the Dubai company insisted that they would not fold several times, then they did... Then this company folds without even hesitation. Food for thought, eh? In the end though, the thing that scares me is that in this global economy, it could kill us in the future to become too xenophobic.

Teaching (1)

PacketScan (797299) | more than 8 years ago | (#14989966)

Will someone teach the government what "open sourse" and "oss" mean. Not the meaning of the words or letters but the Ideals.
Don't let the government that ANYONE can "get this technology" by downloading the source code.
http://www.snort.org/dl/ [snort.org]
Yikes.. looks like were too busy listening to Suzie Q's phone calls to Julie.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...