Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Is Cobia Open Source?

Thomas Ptacek challenged Alan Shimmel recently on whether StillSecure's Cobia??? Unified Network Platform??? is really Open Source. Alan's response is that essentially most folks only care that open source means free, and the source code comes with it. After all, that is the obvious definition of the term without knowing the back history. It's not, however, the actual, accepted definition of the term. See the FSF's discussion of the two terms for a bit more background on "Free Software" and "Open Source".
Ironically, Alan suggests that Thomas is a "strict constructionist" for requiring an OSI approved license. It's ironic, because a strict constructionist only looks at the exact words. That's exactly what Alan does by looking only at "open" and "source". Thomas, on the other hand, is trying to interpret what the term means to those to whom it's relevant, and in this case, there's a cultural usage of the term carries a different meaning than just looking at the exact term itself would suggest.

Alan mentions that he wouldn't want to release it under the GPL and then pull it later (presumably referring to Nessus' non-gpl 3.0 version). However, if you use the GPL, you can't /pull/ it later. You can only chose a new license for just the segments of code that you wrote (without getting permission from all code contributers). This means that in a big project if you get lots of contributers, you can't just up and leave the GPL without leaving lots of code behind.

That's exactly why people like contributing to GPL projects. Even StillSecure's competitors have incentive to contribute to Cobia if it's GPL, because they know it helps everyone and not just StilSecure.

There are many examples of companies making money via GPL software, so Alan's straw man argument that "someone has to pay the bills" doesn't speak to the actual reasons of using GPL or not.

Maybe I'm just one of those purists Alan talks about, but to me, Open Source means Open Source. If StillSecure just wants to give out a package of existing GPL software (Cobia is built on Linux and other GPL software under the hood) that they're wrapping together under a non-GPL, but still free interface, by all means, go for it--but let's call it what it is: freeware. Don't try to hang the name "Open Source" on it when it's not what the term means. English is vague and ambiguous enough as it is, please don't hijack a term with a well-accepted definition to mean something different just because Open Source is popular. Google "open source" and see how many pages it takes before you find a result that is released under a non-OSI approved license. I don't have the patience to find out, I imagine it'd take some time.

  • 1