[Owasp-leaders] Open Source Project Ideas

Christian Heinrich christian.heinrich at owasp.org
Sun Aug 28 17:59:59 EDT 2011


Arturo,

On Wed, Aug 17, 2011 at 11:51 PM, Arturo 'Buanzo' Busleiman
<buanzo at buanzo.com.ar> wrote:
> - From following that link, and reading the license: http://portswigger.net/burp/eula-free.html I
> don't see any item in there that suggests that the license follows any of the four freedoms as
> defined by any free software license, nor any other freedom-based open source license.
>
> the license actually puts limits on the user.
>
> So I guess no..

Burp was cited within
https://lists.owasp.org/pipermail/global_conference_committee/2011-June/001641.html
as a "Sort of Free Project(s)" along with Snort.

Their main difference with Sourcefire is that Dafydd is the sole
employee of Port Swigger (i.e. a much smaller player) who I suspect
would reinvest the licensing income from Burp back into its
development.  I will address Snort separately.

There was considerable interest in a free Burp tutorial in Australia
compared to the other sessions held at that event due to its
popularity i.e.
https://lists.owasp.org/pipermail/owasp-australia/2010-August/000291.html.
 Maybe a comparsion between webscrab and ZAP could be presented by
Dafydd which results in input to their respective roadmap of upcoming
features?

That stated, perhaps inviting Dafydd to present on his success and
lessons learnt in building a community which contributes to Burp in
light of their commercial offering might be of interest to some OWASP
Project Leaders who aspire to work on their OWASP Project full-time?

I am against vendors full stop but there has been some interest from
other Project Leaders in pursuing this as a sustaining development
model and therefore they should not be restricted in learning about
their options.  This also avoids the accusation that these are sales
pitches.


--
Regards,
Christian Heinrich
http://www.owasp.org/index.php/user:cmlh


More information about the OWASP-Leaders mailing list