>> there should be a central license that people apply for to use >> software like metasploit. > > You don't want to go there.
let's go there anyway, and if hd moore doesn't comply, we can just slap some sort of law on the license to make it against the law not to require that downloaders have the license. in other words a mandatory license that all security software programmers must request downloaders show before they can obtain the software. security software programmers not in compliance with the license, will be treated as a bad guy... and a felony will have been committed, where you have allowed your software to knowingly be available to cyber criminals and terrorists, and have gone against the interests of national security in which the license is trying to protect. let's get some uk/us government backing for this license... everyone who has successfully been given a security industry software license will have their details kept on a government database, and their license reviewed periodically of a time still to be set, n3td3v recommends licenses should expire every 2 years per user, or every time your job circumstances change, and after which time your details are reviewed to check out your circumstances that you're still eligible for a license. for those who the government decide are allowed to have a security industry software license, in some ways, this is *insurance* that you have applied for in your license, in that if anything bad happens during your use of *any* security software, you may lose your license for life, or have points taken away from you, limiting your chances of being allowed your security industry software license to be renewed. what does it mean not to have a license would pretty much mean the end of your security professional career, in that, you wouldn't be able to do the job, without the tools for the job which the government has not given you permission to use. * the programmer has to register to the scheme before he/she can make available security software. * the user must have a valid security industry software license before they can download and use the software. it's like a driving license for security software, now let's get this implemented real quick. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/