The only thing this would serve to do is cause "cracked" versions of tools such as Metasploit and other security scanners to be put up on sites like the pirate bay. Then, what about if somebody coded their own "security tool"? Would they have to have a license to use it?
This whole idea goes against the idea of open source and free software. Sure, let the large corporate vulnerability scanners do whatever the hell they want with their software, but try telling an open source project that they have to close their source so that the "bad guys" can't get hold of their tools. A licensing system of this size would cost millions, if not billions to implement. This, along with the fact that it would be completely unenforceable when implemented makes it clear that you really haven't thought this through properly. It's like the government springing up and saying you must have a license to own a computer. Virtually every home in every MEDc has a computer already, that was bought before the licensing. There are no records of who owns a computer. Must the government go round to each home and search for a computer? If the owner hasn't got a license what do they do? Remove the computer? Sorry for this crappy metaphor, but it's something of a simillar scale and it's all I could think of to represent the absurdity of the idea. On Fri, Oct 10, 2008 at 2:31 AM, n3td3v <[EMAIL PROTECTED]> wrote: > there should be a central license that people apply for to use > software like metasploit. > > all the *respected* programmers would require the license before you > get to download. > > anyone can apply for a licence, however only those who meet the > criteria get given the licence. > > background checks are done on you to see you are who you say you are. > > that you're not a cyber criminal or terrorist, and that you're going > to be using the software for the intentions of which the product was > designed. > > verbal contracts never hold ground, saying, this software is for > testing purposes isn't any guarantee that the bad guys won't use the > software. > > we need a centralised security industry software license scheme so the > good guys can take full advantage of the tools made by creators of > security software, while shuttering the bad guys out. > > to rely on a "verbal contract" for security software as a safe guard > is no longer enough for the security industry in light of metasploit > and other borderline "evil" purpose software. > > its time that members of the industry work together to form such a > scheme, to insure a streamline programme that all the good guys can be > part of, only letting the good guys use the software for good > purposes. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Aaron Goulden
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
