Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

U.S. Investigating Sale of Snort as Security Risk

Posted by CowboyNeal on Thu Mar 02, 2006 06:20 PM
from the homeland-security dept.
United States Security IT
msmoriarty writes "The Associated Press is reporting today that the same U.S. committee that approved the Dubai ports deal is 'strongly objecting' to Israeli-based Check Point's acquisition of Snort's parent company, Sourcefire, because it doesn't want a foreign company to own Snort's underlying technology. According to the article, the broader 45-day review process rejected for the ports deal is already underway regarding this transaction, and 'secret' meetings between the FBI, DoD and Check Point have been held."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

U.S. Investigating Sale of Snort as Security Risk 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • Well the govt starts programs then pays their buddies newly created company to provide a service. As opposed to the government providing the service itself. All in the name of 'smaller government.'

    Well, selling of the company comes with the territory.
    • Use the SOURCE, Avi... I mean Luke.

      It is long since time we all forked from Marty, anyway. The Nessus debacle looms, again.

      Per Leonid Shebarshin, ex-chief of the Soviet Foreign Intelligence Service:
      Referring to his meeting with an unnamed al-Qaeda expert at the Rand Corporation, a nonprofit research organization in the U.S., Shebarshin said: "We have agreed that [al-Qaeda] is not a group but a notion."

  • Oh man (Score:3, Informative)

    by Anonymous Coward on Thursday March 02 2006, @06:23PM (#14838935)
    After I saw this article headline and for a few seconds before I read the actual article summary, I was just sitting there dumbfounded, going "wait, so that War On Drugs thing is still going on?"

  • gotta love it (Score:5, Insightful)

    by dorko16 (797086) <drew.dorko@Nospam.gmail.com> on Thursday March 02 2006, @06:25PM (#14838946)
    You've got to love how the post can have no mention of exactly what Snort is or the objectional underlying technology actually is or does.

  • Isn't snort open source? (Score:4, Insightful)

    by commodoresloat (172735) * on Thursday March 02 2006, @06:26PM (#14838956) Homepage
    Is the worry that the Israeli company will change the license? If they can't do this, what is the security risk? If the technology is open source, does it really matter what country the company that owns it resides in?
    • I think the US government is concerned that the new non-American owner could silently change the source code and hide backdoors in it. Of course, America is as paranoid as usal.
      • How does one "silently" change the code of an open source product? Code changes will be obvious to anyone auditing it; if the US government is concerned, they should hire a code auditor (or just run the diffs). This is a reason why it's better to use open source tools for such applications than closed source ones, regardless of what country owns them. It would be a lot easier for a terrorist to "silently" change the code of a closed source application by bribing the right people even if the code was owne
      • I wouldn't call it paranoia; the Israelis have spied on the US many, many times. Comparing it to the port deal isn't really fair. I'd say this story is the usual Zionist paranoia. You know, because, the US government secretly wants to support Arabs and destroy Israel. (Sarcasm. There really are people who think that way, though.)

    • US thinks it's non free and they should know. (Score:4, Insightful)

      by twitter (104583) on Thursday March 02 2006, @08:17PM (#14839640) Homepage Journal
      What a nice showcase of the difference between "open" and "free". From the article:

      Under the sale, publicly announced Oct. 6, Check Point would own all Sourcefire's patents, source-code blueprints for its software and the expertise of employees. ...

      Reinsch, a former Commerce Department undersecretary. "The most important case is where we're making an irrevocable technology transfer to a foreign party. Port operations raise security issues, but the ports are still in the United States."

      Patents == Forever? What do they mean "irrevocable"?

      Employees == Slaves.

      Dude, you're moving to Israel! Maybee that's a stretch but the panel and the companies seem to think they own their employees. How insulting, but that's what a NDA is all about, isn't it?

      Software freedom is important. Having the source code is useless if you don't have the legal right to compile it, change it and share it with your friends. Software patents, NDA's, closed source binaries keep you from doing what you want with your own computer. The DMCA will keep you from sharing what you know about someone else's stuff. What you find is that the "owner" holds the card you need. All the anti-competitive games people play have more serious consequences than meets the eye.

      Lawmakers are more aware of the consequences of the laws they have written than you might give them credit for. US "Ownership" of whole categories of computer function is clearly the intent of much recent IP legislation. RIM's problems make sense, viewed through this lens. It won't due to have foreigners buy or otherwise enjoy that ownership. It makes me sick.

  • the same U.S. committee that approved the Dubai ports deal
    What the heck?

    Whether or not the committees's qualms about Snort are justified, bringing up the "ports deal" is a useless flamebait... We all know perfectly well, that it was not the fact of the government ownership of the Dubai company, that is the real problem with that deal...

    • Re:Slashdot prone to xenophobia? (Score:5, Insightful)

      by Saeed al-Sahaf (665390) on Thursday March 02 2006, @06:30PM (#14838981) Homepage
      Whether or not the committees's qualms about Snort are justified, bringing up the "ports deal" is a useless flamebait...

      No, it's pointing out a double standard that seems to have its root in cronyism and personal financial interests.

      • No, it's pointing out a double standard that seems to have its root in cronyism and personal financial interests.

        Khmm, I was almost convinced, the US government (the crusaders) is owned by the Israelis :-) Suddenly, it opposition to a deal, that would benefit an Israeli company draws fire...

        There is no "double standard" neccessarily — government ownership of a weapon (such as encryption) is a legitimate concern. Operating ports are not — despite all of the politicians' hysterics — a "k

      • Actually, it really doesn't have any relevancy. Very regularly, technology acquisitions like these are blocked due to foreign export of technical data. This comes up a lot in the defense business, and if the federal government uses this technology for security, then it has the ability to block these transactions. The State Department can also grant export licenses for technology and could do so in this case.

        I really think the claims of cronyism are unjustified in reguard to the ports deal, just as I th

      • Re:Slashdot prone to xenophobia? (Score:5, Informative)

        by JourneyExpertApe (906162) on Thursday March 02 2006, @07:58PM (#14839521)
        Nope, I gotta agree with the GP. If you'd listened to objective coverage of the ports deal, you'd know that:

        1. The ports were already in the hands of a foreign company (Peninsular and Oriental Steam Navigation Company).
        2. Dubai and the UAE are US allies. The fact that a few criminals came from there does not change that.
        3. The inspection of cargo will still be handled by US Customs and Border Protection.
        4. Security will still be provided by the Coast Guard.

        Now, Israel, on the other hand, has a history of spying on the US, including having their spies caught on US soil. I'm not familiar with Snort, but since it is computer security related, I think further investigation is probably warranted before this is allowed. Israel, while nominally a US ally, could potentially be a great threat.

    • I think the implication is supposed to be that the decision is hypocritical--holding technological security to a "higher standard" than physical security doesn't really make any sense.

      But you're still right about it being useless flamebait. I mean, can you imagine this scenario:

      Committee Member: "We have some more foreigners trying to purchase things."

      Committee Chair: "Uh oh, another foreign company buying stuff. We really took a bath on that Dubai thing, let's go ahead and hold the review this ti

    • If Slashdot were prone to Xenophobia, there would be a lot less people saying essentially identical things to what you're saying. How about easing off of that crack pipe a bit and evaluating the posts before you call us all bigots next time? The fact of the matter is that most of the posts on that story (it got posted onto Slashdot... since it isn't at all about technology) were saying that people who don't support the deal are jerks.

      You're getting modded insightful because people agree with your notions
    • You can blame this flamebait on AP, not slashdot, since it appears in the article.
  • So they learned from the huge row erupting from the Dubai deal, and are doing a real review of any foreign company to avoid another fight. Isn't that what you'd like (if you think controlling access in this manner is a good idea in the first place)?

  • I could be wrong... (Score:3, Interesting)

    by farrellj (563) on Thursday March 02 2006, @06:29PM (#14838978) Homepage Journal
    But isn't Snort Open Source? Doesn't that mean that the "technology" is already *out* there?

    Could this just be another bogus attempt by the Bush's krewe to "spin" things, and make it look like they actually care about the US surviving another 200 years, as opposed to preparing for "The Rapture" that Fundamentalist Christians have been saying is 'comming soon', for the past 1,000 years?

    Good thing there are term limits!

    ttyl
              Farrell
    • Snort is dual licensed. There is an open source version and a commercial version. The problem is that the commercial version, which the US government and industry buys, could be diddled with. It is possible to put back doors and other nasties in the commercial version.
  • Check Point's website has some decent info about the acquisition, [checkpoint.com] albeit somewhat fluffed with marketing. They also have a pdf FAQ [checkpoint.com] regarding the acquisition.

  • Anti Business Practices (Score:3, Insightful)

    by Rac3r5 (804639) on Thursday March 02 2006, @06:32PM (#14838998)
    This seems to be a really dumb move. Its basically telling the world that its ok for the US to take over foreign companies, but its not ok for foreign companies to take over a US business.

    What doesn't make sense is Snort is OPEN SOURCE. So if someone wanted to do something to the US computers, they would have already done so. There are lots of highly skilled network layer programmers all over the world that are capable of reporducing snort's functionality. This deal will just screw the US company involved, nothing more.

  • Sale of 'Family Silver' (Score:3, Interesting)

    by chris_sawtell (10326) on Thursday March 02 2006, @06:33PM (#14839002) Journal
    When both countries and people have run up debts that they cannot service they have to be prepared to sell off things to repay those debts. Warmongering is an expensive exercise, you have to pay for by selling assets. US, get used to the idea; it will happen more and more in the future.

  • Eh, big deal. (Score:5, Interesting)

    by irregular_hero (444800) on Thursday March 02 2006, @07:07PM (#14839210)
    First, I should point out that some of the other posters here seem to think Sourcefire == Snort. It does not, although Sourcefire's products have some dependency on Snort as a general engine. Sourcefire's main product line is actually far deeper than just SnortOnABox -- it delves into areas like vulnerability management and event collection/aggregation, things that "open source" Snort does only if you have a really good administrator who knows how to piece together all the various moving parts into something manageable.

    Second, it's remarkable that the DoD would question Check Point's intentions. If they truly cared whether this particular deal was in the best interests of "national security" (whatever that happens to mean today, then they wouldn't use Check Point's firewall products either. But they do! The US Navy uses Check Point firewalls in great, prodigious quantities -- enough that they need Check Point's ISP-class management console software to run all of them! And they're not the only branch of the military using it, not to mention the multitude of other Federal agencies.

    This sounds like a reach to me. Something based in rumor, started by a politician, that has to be ended by the press finding the real story inside the rumor...

  • Snort, Dubai, and India (Score:3, Insightful)

    by WillAffleckUW (858324) on Thursday March 02 2006, @07:55PM (#14839510) Homepage Journal
    Amusingly, both Congress and the White House have spent more time investigating the Isreali-produced Snort than they have investigating either the Dubai buying US ports or making a deal to allow India to receive US nuclear technology even though they won't permit inspections of their military nuclear facilities.

    Hypocrisy is rampant.

  • Somthineg isn't kosher about this transaction (Score:4, Funny)

    by Anonymous Coward on Thursday March 02 2006, @10:40PM (#14840349)
    I mean, an Israeli company buying a company with a pig as a logo?
    • It's not a "troll". There is quite a bit of evidence that the port deal has to do with money interests of friends of GWB, otherwise the White House would not have push for it. Speculation maybe, but not a "troll".

      • There is quite a bit of evidence that the port deal has to do with money interests of friends of GWB, otherwise the White House would not have push for it.

        There is also "evidence" of Bush being behind 9/11 and, likely, the last December's tragic tsunami...

        White House pushes for it, because they don't want America to appear as xenophobic, as it, sadly, is... From September 12th, 2001 Bush kept saying, that we are not at war with neither Islam nor Arabs. The 99% of the opposition to the "ports deal" is ro

          • Why does someone get such a benefit of doubt just because they are elected to a position?

            Everyone does. Presumption of innocence, remember?

            "Oh sure, he's just trying to improve america's image so people don't think we're being xenophobic."

            You can't deny Bush's efforts in that direction. His speeches and directives were protecting Muslims and Arabs in this country since Sep 12, 2001. Heck, Michael Moore even made a movie about it... :-)

    • Where do you buy your gasolene? I am sure none of that money makes it back to Muslim countries.
    • Let's repeat that: the Israelis aren't just fine in tech industries. While there's quite a bit of cultural affinity with the US, the Israelis have a national interest which overlaps that of the US in only a few areas. Their commercial interests even less so. They have, like the French, been more than happy to sell or resell intelligence, technologies, and material to nations the US would just as soon they didn't.

      In the case of Sourcefire, I suspect the goodies that go into the US Federal Govt's version of Snort are more 'interesting' than what you and I can download. And, whether it's more interesting or not, hiding information from one's adversaries isn't all about the latest rocket science. A look at what used to be classified shows that it's what seems mundane that's the most important to hide. "When is Admiral Yamamoto's plane leaving?" "Uday is in that house." "The FBI standardized on Snort 1.5.x."

      It's nothing to transfer Sourcefire's IP, or the cubes where the work really gets done, or the sales and customer support data to Haifa or Tel Aviv.

      Compare that to P&O's sale to - in essence - the Sheik of Dubai. The infrastructure P&O runs stay in the US, the dock workers and their management up several rungs remain American. There's pissing and moaning because Al Qaeda has links in Dubai. No shit. Dubai, Singapore, Lichtenstein, to a large degree Israel, on and on... sucessful small nations have to be hard core entreprenuerial to stay afloat, which means everybody and their uncle are running contriband and shady deals through them, in addition to Costco's jugs of olive oil. Tax havens, duty free ports, and other such city-states of commerce don't stay in business by asking too many questions.

    • Re:Israelis are just fine (Score:4, Insightful)

      by goodie3shoes (573521) on Thursday March 02 2006, @09:17PM (#14839935)
      Sadly the poster's viewpoint vis a vis "muslims" reflects the Administration's victory in painting all "A-rabs" and muslims as terrorists and enemies of the USA and "freedom". Hence the reaction of the ignorant to the Dubai Ports non-issue.
    • The Port deal was much ado about nothing. The Dubai firm was not really taking over the ports so much as taking over management of a few cargo docks. They would have nothing to do with the security operations or the overall port management.

      Security operations are managed by a range of government agencies, and the overall management is usually handled by the city or county port authority.

      The Checkpoint/Snort deal is quite a bit more interesting. The likely concern is that if the US government relies on t
      • I mostly agree with what you're saying... except that Israel is in no way comparable to Dubai and your comment about "much ado about nothing."

        The US military relies on a great number of technological innovations that have come out of Israel, some of which are still sourced from there.

        I mean, come on, the US of A already sells the Israelis a variety of controlled technologies in the form of planes, tanks and missle systems.

        Any 'security' review of an Israeli company is going to get rubber stamped. At least w
          • Currently, yes. But the argument is that if some evil superpower (which, I mean, even Canada is, these days, right?) were controlling things, then the two may diverge in interesting and nuclear-proliferation-causing ways.

    • Re:Israeli Security (Score:4, Interesting)

      by chill (34294) on Thursday March 02 2006, @08:07PM (#14839579) Homepage Journal
      So you must be unaware that there are several departments in the government that are prohibited by policy from using Check Point products due to the parent company being foreign (Israeli)?

      You sound also equally unaware that the Israeli's are routinely in the top 5 countries that use gov't-sourced espionage to illegally assist native (Israeli) businesses? (France and China are two others. I can't remember the rest off the top of my head.)

      What is boils down to is Israel is more like the U.S. that almost anywhere else in when push comes to shove, they will put their best interests first and fuck everyone else and everone else's opinion.
    • Two things, what you need to understand about the Dubai Ports issue is that Dubai Ports is not directly running the US ports. What happened is that Dubai Ports recently acquired P & O, a British company with a long, long history, which had been running 6 US ports. It's as simple as that. P & O will run ports in the US and elsewhere, as it had long done. The Dubai thing will only be in name and on paper. It will continue to be a British operation. Also, Dubai did not buy a third of DaimlerChrysler,

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.