Slashdot Mirror
Feds Kill Check Point's Sourcefire Bid
Caffeinated Geek writes to tell us The Register is reporting that Check Point Software has removed their bid to buyout rival software company Sourcefire following objections from the FBI and the Pentagon to the Treasury's Committee on Foreign Investments. From the article: "Federal agency objections to the security software tie-up center on the implementation of Sourcefire's anti-intrusion software 'Snort' by the Bureau and Department of Defense, AP reports. In private meetings between the panel and Check Point, FBI and Pentagon officials took exception to letting foreigners acquire the sensitive technology."
'Check Point says the two companies will find ways round the roadblock. CEO Gil Shwed said: "We've decided to pursue alternative ways for Check Point and Sourcefire to partner in order to bring to market the most comprehensive security solutions."'
:)
So, they can't merge, but the items in question will be shared anyway.. so much for regulation and oversight
{} ------ When I think of a good sig, I'll put it here
http://www.snort.org/
Isn't snort open source? What am I missing?
It is about support contracts and how much information about DoD infrastructure they want a foreign firm to have. This is far more of a serious and legitimate issue than the sale of the operation of a few cargo cranes to a Dubai firm.
The issue is that the DoD is very serious about controlling the amount of access foreigners have to their infrastructure and information on that infrastructure. I have it on very good authority that some DoD divisions are moving away (at a cautious rate) from Microsoft technologies precisely due to their difficulty in avoiding having their tech support calls routed outside the US. However, this is probably all I can say on this board.
LedgerSMB: Open source Accounting/ERP
I'll bet their objections stem more from the realization that a lot of organizations download the latest rules and trust them blindly, installing them automatically. It is pretty trivial to create a server-side filter to provide "custom" rules based on the client or requesting IP address, thus "infiltrating" a particular organization.
After all, VRT-certified rules require a subscription and how many places have the expertiese and time to validate them?
I figure someone at the Pentagon asked the simple question "Hey, do we use Snort?" and got the answer "Yeah, it is everywhere. Why?" and just about had heart failure.
-Charles
Learning HOW to think is more important than learning WHAT to think.
I work for a very large MSSP, and this makes me quite sad.
Sad, because Snort's source code is not exactly a mystery. And Check Point's technology already does a much better job at preventing intrusions, since it is a firewall and Snort is a really shitty IPS. (All IPS are shitty, sorry. I like Snort for IDS, really) My sadness here is deep and mournful.
I'm also really disappointed, because I hate Sourcefire. I was really looking forward to Check Point reigning in their way-out-of-line sales guys. More than that, tech support at Sourcefire (all 3 guys!) sucks, 'cause they're all arrogant pricks who don't really give a shit about the customer, and honestly believe their code is perfect and never has problems. Actually, that sums up SF pretty well. Check Point, for all their problems, actually listens when we complain, which is nice, though getting things fixed is an ungodly slow process.
Oh well. Fuckin' government.
So um, anyone have a problem with the fact that Checkpoint NGX is closed source firewall software, that quite a few government sites use? It doesn't bother them that there could be a backdoor waiting for the "secret Israeli shutdown code" in every Checkpoint firewall in the world?
Casca
I really am frustrated that we've allowed the Feds this power -- there really is no Constitutional or reasonable allowance for letting them disturb trade. The "secrets" everyone is so adamant in protecting are already all over the world, almost nothing is secret anymore.
The reason I am frustrated is not just because the Feds attempt to use security as a reason for trade barriers, but because it also seems to leave me with the opinion that such coercion could have underlying cronyist reasons. I don't like giving powers and rights up to the Feds when I don't know who is truly profiting from these actions. There are a lot of global motivators hidden in the closet, and we don't have an open book to the finances of those in power.
I don't trust anyone with securing the borders anymore, not when they do it with trade barriers rather than a real defense of our land and only our land. I prefer isolationism of government -- keeping our government only in our sight, away from prying and entangling and financing others. I prefer open trade -- no tariffs, no embargoes, no taxes, no favoritism, no protectionism and no limits to what people can sell and buy.
The ports issue was blown way out of purportion. The ports themselves were not being taken over, just the operation of a few cargo cranes.
Here it is not about the technology and control thereof. It is about ensuring that the DoD, FBI, etc. don't have to provide sensitive information about their infrastructure to foreign firms as a part of technical support.
I have it on good authority that some branches of the DoD are moving away from Microsoft software because they keep getting their tech support calls routed to India and they *require* support from engineers in the US.
LedgerSMB: Open source Accounting/ERP
Ok, so sourcefire, a company that offers a few services and oversees an opensource project (but doesnt own) is a security sensitive matter? Last I checked, snort contributers come from many countries besides the US. Not to mention the signatures!
But when the UAE, a nation with strong direct terrorist ties, is interested in aquiring 6 major US sea ports, the fed tries to give it to them with no oversight and sneak it under our noses in violation of federal law.
The CIFUS board passed the UAE deal without investigation but block sourcefire without merrit. Talk about a double standard!
I mean.... sourcefire is based in OpenSource.... there is no closing that lid.
NO SIG
If the issue is really preventing snort technology from falling into foreign hands, then shouldn't someone tell them that snort is opensource, and already in the hands of those nasty foreign devils?
"We are all geniuses when we dream"
- E.M. Cioran
The GPL only requires that you provide source code if you provide the binary. So if you do a version for $SecretAgency, with $SecretStuff in it, then you only have to provide the source to $SecretAgency. Not to the general public.
Best Slashdot Co
Source fire is NOT Snort boneheads.
And the reason the FBI, Pentagon objected is obvious.
Too many eggs in one companies basket.
If you pwn the firewall, you may not pwn the IDS too.
These objections make complete sense to me.
Move along, nothing to see here.
Ah, yes, nothing like some good old xenophobia, mixed with a nice measure of nationalism. You just can't trust those foreigners - many don't even speak English, or have funny skin colours, or similar things. The government is really just protecting you from these traitors, citizen.
quidquid latine dictum sit altum videtur.
they *require* support from engineers in the US.
Even if the engineers aren't citizens of the U.S. Got to love that.
"Hello? Tech support in north korea? I have a problem with this encryption that is not exportable outside the us, and..."
Slow Down, Cowboy! It's been 60 minutes since you last successfully posted a comment.
reminds me of a toon at a local newspaper here:
scene: night time, husband and wife in bed (please dont stretch your imaginations)
Husband: ah, now that we know for sure that the Dubai company isnt handling the US ports, I can get a sound sleep.
Wife: Yes, Its good and heartening that the DHS still oversees security.
They pause, give a shocked and scared-to-death look.
I guess Check Point Software will have to resort to the second option to snort.
I work for the gubment, and I can tell you.
There is the hugest need for assh()le to elbow road maps here.
Geesh, what's next, Exporting Knoppix will be illegal?
Good point, if it the could was not Open Source, so, thus rendering their claim of concern mute.
Um.. I think Sourcefire does own the patents on Snort.
This makes less sense than it seems. Sure, all the comments make sense of things, but one thing doesn't fall into line. Why is the government stopping this sale when they could just as easily take the open source code, mangle it for their own, and carry on with their own internal protection software? Its obviously not rocket science, and makes sense to keep security development internal when its that sensitive.
This really smells like interference for reasons that are not floating on the surface. Only time and investigative measures will tell for certain, but I suspect we should all be wearing tin foil hats when we read this story.
Support NYCountryLawyer RIAA vs People
Dan Brown must be jizzing his pants "adapting" this news story for his next book.
"Made up/misattributed quote that makes me look smart. I am on
First of all UAE is our partner in fighting terrorism. Unless of course, your just racist by nature, then that wouldn't matter to you. Second, it was not ports being sold to the UAE corp, it was the terminals which operate in those ports. Those terminals are actually leased, not owned by those corps, even if that corp built the facility. The actual owner is the government and they get all the toys at the end of the lease, which they turn around and lease yet again.
Same thing at airports. Hangers or terminals maybe built and paid for by corporations or individuals, but at the end of the lease, the airport authority (usually state but could be county or city) has ownership of those structures.
Dammy
http://www.ussliberty.org/
And?... nothing. Crypto was removed from the munitions list years ago wan't it? It's been about 10 years since I have done crypto work and I haven't kept up on the munitions list status. Even if it is still on the list, why would it matter? If it is a vetted algorithim and implimentation, having the source code would do nothing to help the enemy state anyway. The only reason something like keeping the code out of forign hands would work is if the "security" of the product was enforced by "obscurity". Age old problem, and stupid implimentation if it is.
.gov version of Snort has some hooks that allow it to work with some .gov developed software to identify traffic of a certain nature outside the realm of the intrusion detection rules built in, or pass off data streams to a seperate node for follow-on processing like decryption and such.
My guess is that the
And?... nothing. Crypto was removed from the munitions list years ago wan't it?
No.
Slow Down, Cowboy! It's been 60 minutes since you last successfully posted a comment.
I have read more BS in these threads than anywhere else in recent memory.
So, I'll in you on the truth.
Foreign nations are actively seeking to get their hands into US classified govt sites, to get the underlying information which they want DESPERATELY. Israel, France, China, Russia - they are the most aggressive.
A few years back I was working for DOD. Someone was trying to make a sales pitch for equipment they wanted to sell us, for use in classified environments. They claimed to be a US company.
My boss asked me to look into the company and get back to him. It took a few hours, but I found exactly what I think he already suspected.
The company was a US company in name only. The entire company was infested at the upper levels by former intelligence personnel from one of the above countries already mentioned. Most of their company also, was in this foreign country too. Only a small amount of sales ppl actually were in the US for the company.
They made a huge amount of factual misrepresentations, trying to trick us.
When the US govt says no, there is normally a reason behind it, or active intelligence efforts supporting their rationale. Don't believe some moronic reporter with shit for brains that is labelling something as "protectionism".
Snort is an Open Source program, which means that it's source code is already available to the Chinese, Iranians and anyone else who wants it. I assume that Sourcefire's closed source products are based in one way or another on the technology in Snort, which makes it very difficult to understand the FBI and Pentagon's objections other than in the context of an anti-Israel political decision.
I geuss the FBI has the resources to hunt down and entrap Jewish political lobbyists but not to catch terrorists or say anything about a terrorist supporting Arab state taking over the country's ports.
Woopty Doo Basil, what does it all mean?!
But when the UAE, a nation with strong direct terrorist ties, is interested in aquiring 6 major US sea ports, the fed tries to give it to them with no oversight and sneak it under our noses in violation of federal law.
Are you on the same planet we are? I'd have to say no, considering the UAE is one of the friendliest nations. Considering the US Navy stops there on average 400 times per year for shore leave, they can't be all bad. And that's a fact. Get rid of your stereotyping, and you may learn something.
{} ------ When I think of a good sig, I'll put it here
Check out the posters "home URL" .... http://www.landofisrael.info/
BTW, Johothan Pollard is/was a traitor.
Well, since it's still on the list, it's still as moronic a regulation now as it was 10 years ago when I stopped tinkering with crypto.
All these foreigners collect dollars by selling products/services, and when they try to use these dollars - with the Dubai ports deal or this case - they are rejected by the US Government.
So essentially foreigners are stuck with 'funny money' which they cannot use as true currency. Sooner or later they will wake up, sell dollars en masse and opt for another currency after they realize they have been had. They've been giving us commodities and services while we give them monopoly money.
2 years and no mod points. Join reddit. Because openness is good.
Yes... security... stop the sale. But AT&T, SBC, MCI - you guys go ahead and buy each other up all you want. Monopoly good. But WHOA - you're putzing with some OSS stuff we use! Bad company! NO PURCHASE FOR YOU!
Excuse my speling.
Making The Bar Project
Two legitimate companies should not be bound by countries. I think this is dumb.
[%] Cingular Ringtones
Does this mean the US Government is going to remove all of their installations of Check Point FW-1?! 70% of the agencies I have worked for or audited here in DC use Check Point / Nokia solutions. Did they forget about the boxes?
the DOD and FBI can not trust the Mossad these days to protect there interrest.
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
Soucefire's largest customer: US Federal Government. Owning the company means knowing exactly where it's installed, details of some of those installs, who supports it, where the boxes were shipped, etc....
I believe this is the info that they didn't want falling into foreign hands -- not anything snort specific. Crap, the intrusion sensors and defense center all run linux with some custom bits -- that part's not voodoo.
This will great for the value of Sourcefire. Image if the Feds said that your company was too valuable to them to sell to a foreign country. Woot! That will be several hundred million extra, please.
Snort is now a national asset.
I am jealous, I want to write a national asset of mine own so that the feds can block its sale to a Canadian Homebrew Club.
I think you underestimate just how much I just dont care.
I mean a company that produces a lions share of the firewalls that are used by DoD surely already has access to infrastructure information. What further information would they get if they had IDS technology too?
http://www.ussliberty.org/
Israel stabs you in the back and then expects you to participate in the cover-up.
Create an American based company and then buy the other two. Or simply merge them and set up shop here.
BTW. What does the government have against an Israeli company. I thought we were friends with them. Might bit strange. Im sure they will find a way arround this.
Procrastinating life a way at a rapid rate of speed.
Great, after that whole Dubai business, now this too. Is America slipping back towards the old days of anti-globalism where everyone is afraid to "let them foreigners who steal our jobs in"? Funny how both the Dubai business and this ended up being resolved by the company in question being forced to give up essentially. Especially weird considering how the Dubai company insisted that they would not fold several times, then they did... Then this company folds without even hesitation. Food for thought, eh? In the end though, the thing that scares me is that in this global economy, it could kill us in the future to become too xenophobic.
Will someone teach the government what "open sourse" and "oss" mean. Not the meaning of the words or letters but the Ideals.
Don't let the government that ANYONE can "get this technology" by downloading the source code.
http://www.snort.org/dl/
Yikes.. looks like were too busy listening to Suzie Q's phone calls to Julie.
Of course, the mitigating factor would be the other staff who might notice 'something fishy'.
The grass is only greener, if you don't take care of your own lawn.
If this is true this was VERY VERY POOR spying :
Quote " The company was a US company in name only. The entire company was infested at the upper levels by former intelligence personnel from one of the above countries already mentioned. Most of their company also, was in this foreign country too. Only a small amount of sales ppl actually were in the US for the company."
So I guess this is not what was happenning, or else they are VERY STUPID spies. I am not a spy but what I would do is the following : create 2 US based company for spying. One I would fill up of former intelligence operative as to make it "within sight". This would be my decoy. The other one would be a normal foreign based company, or even with only 1 or two "in the know" only. Result : your chef see the decoy but ignore the non decoy.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Because it's obvious that none of the 300 million people in the US are security risks? Because it's impossible for a non-US attacker to get a plane ticket to the US and get a job at a call center?
I think they are still on the munitions list, but I think that there are provisions made which allows their export under most circumstances. IANAL though.
LedgerSMB: Open source Accounting/ERP
In a spirit of cooperation and maintaining appropriate foriegn relations, we could consent to releasing... ...his body, after he dies of old age in prison.
Sorry, Pollard is a traitor and people who support Pollard are more interested in supporting other countries than the US. They are
supporters of treason.
The fear at the time was that the states would erect trade barriers between each other. Thus, only the federal government was able to restrict trade between states, and [sarcasm]they would NEVER abuse that power, would they?[/sarcasm].
HTML really needs a <sarcasm> tag.
Don't piss off The Angry Economist
I have owned snort.net for some time now, hoping to find a way to use it to help the snort community.
I have no other relation to Snort project, but Marty seems to be satisfied with me having it... I am kind of pleased since I have known Checkpoint to be a Big Scary Company. Who might come after me with lawyers... good intentions aside...
Anyways glad to see that will not be an issue
Fred Trotter
They are not. All you are supposed to do is ask if the support engineer is a US citizen. If he is not then they need to transfer you to one. Get done by several aggeneiges other than but including DOD and for all support venders.
Whenever you see the word "foreigners" in statements like this, put the word "blacks" in instead. Then see how you feel about it.
The main reason for the restrictions on crypto export are nothing to do with security through obscurity. They are about try to restrict other, possibly hostile countries from obtaining technology which could restrict US snooping. (Not neccessarily a bad thing with so many spare nukes in the world / Russia)
I remember hearing a story regarding public key cryptography actually being invented by GCHQ (British Govt Snooping Dept). The maths geek in question however then surpressed his research until somebody else realised how to do it so we could snoop on others more easily. The main difference between this and the US approach is that the american approach tries to get some benefit while denying that benefit to anyone else.
GCHQ like snooping on everyone so this was not in their interest. Maybe now the US govt like snooping on their own population so much they will adopt a similar approach. Maybe they already have, or maybe they just ask GCHQ to do it for them.
I dont read
I understand what the governments reasons were for having crypto on the munitions list, but it is still a dumb reason. The math is fairly simple for quite a few of the algorithms and there are people outside the U.S. who can code, so making it so U.S. companies can't sell their software outside the U.S. is stupid.
As to my security through obscurity comment, it had nothing to do with crypto being on the munitions list, but with FBI/DOD having extensions and additional code tied into the software which they wouldn't want others who weren't cleared to know to have access to, but that the company providing support needed to know.
Whoohoo. Crack smoking mods. Since the parent is the only post stating this viewpoint, how can it be redundant? Overrated? Maybe. Redundant? Hardly.
Since the issue is mostly that the US gov is using snort and is at risk, how about not using snort anymore? Seriously they are preventing the sale of private companies because they are to lazy to seek alternative solutions. Please don't reply to this post with 'snort is free and open source!' the US gov has money, and will license the code if needed to any solution that they need or request copies (Like microsoft vs china)
Believe me, if I started murdering people, there would be none of you left.
Ah, yes, nothing like some good old xenophobia, mixed with a nice measure of nationalism. You just can't trust those foreigners - many don't even speak English, or have funny skin colours, or similar things. The government is really just protecting you from these traitors, citizen.
An equally predictable reflex reaction of a liberal recklessly discounting legitimate threats and cheering for the next terror attack
an ill wind that blows no good
So, let me get this straight:
Cargo ports, which can be used to smuggle weapons, people, and WMD into our country, being sold to nations with ties to terrorism: OK.
Selling an intrusion detection software company to a legitimate and prestigious security firm from an allied nation: Not OK.
Nice to see the Republifundies have their priorities straight.
Maybe they should just sell it to the Carlyle Group. We all know they have NO ties to terrorist organizations, war profiteers, or career criminals.
WTF are you talking about? The port operator has ZERO to do with security! Security is run by the FBI, Homeland security, and the Coast Guard, not by the operators. If being unloaded later in the day is the way to get around security then there IS no security, because as we keep preaching security by obscurity is no security at all. You either have a secure process which doesn't require the participation of the shipper, or you don't have security.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Snort may be open sourced but that doesn't mean that DOD doesn't have closed source modules attaching to open source code. Checkpoint will then know exactly which functions are open source code and which are proprietary because DOD will call up and ask why certian things aren't working properly. You can't give this information to foriegn countries because it's against our national interests. However, I am deeply surprised how poorly investigated our intelligence staff has become. John Walker associates now teach Naval officer's children and control which colleges accept them.
Remember what happened when the feds banned export of 40+ bit crypto? RSA and other US companies went offshore to develop it and sell it. The non-US companies just invented their own and only US corporations were hurt because they couldn't protect their own offshore assets with strong crypto. The US wasn't any more secure because of this crypto ban. It was head-in-the-sand we're-smarter-than-the-rest-of-the-world old time thinking.
Check Point firewalls protect the vast majority of large US corporations. Why doesn't the US government want US corporations to be more secure? CP has the wherewithall to develop this technology on their own. Heck, they invented and patented the stateful firewall! It's just faster to buy the people and put them on your payroll.
What a bunch of clueless lusers.
Not the point. They are a huge customer of Microsoft's and they require (for whatever reason) support by U.S.-based staff. Certainly the Federal Government spends enough hard-earned taxpayer dollars on Microsoft that this shouldn't be a problem. However, if it's true that Microsoft is unwilling to meet their customers' requirements, then they should lose the business just like any other uncooperative vendor.
The real issue is that someone in a foreign country is not subject to United States law. That's a big deal, since if it can be shown that a Microsoft employee did something illegal he can be prosecuted. If the employee in question is in India, it's pretty much impossible to do anything about it.
The higher the technology, the sharper that two-edged sword.
Even if the engineers aren't citizens of the U.S. Got to love that.
Are you honestly that clueless?
The FBI, DoD, etc. often require US citizens for the support as well. In fact, for some projects you have to have security clearance to offer tech support, since you might have to be disclosed some sensitive infrastructure information.
The GP poster had it dead on.
There's good reason for concern.
An Israeli company in charge of US law enforcement wiretapping got caught selling wiretap info to drug dealers in LA. The FBI was also worried that Federal wiretap information was being supplied to the Mossad.
Israel has figured out that the best way to spy on everybody else is to be the country making all the security hardware and software. Brilliant.
It would behoove all companies to do due diligence as to exactly what connections the companies running their security hardware and software have to government agencies - either through the employment histories of the company officers or through government funding sources as is the case with many Israeli companies. Industrial espionage is a state-sponsored activity in many countries.
I wouldn't touch CheckPoint with a ten foot pole after this.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
The main factor for Check Point's acquisition was for the RNA technology and the way that the rest of SourceFire's products fit into a centralized management architecture (like Check Point's). Check Point's firewalls have been doing IPS/IDS firewalling for some time. Now combine the existing technology with SourceFire's passive IDS approach and you have quite an interesting technology. Check Point is constantly pushing the envelope and it would have been exciting to see what this would have brought.
As far as all the "US gov't doesn't use Check Point" consider this: one of Check Point's largest customers is the U.S. Army. So we can pretty much put that to rest.
Let's put another one to rest: this whole "Check Point sucks because its all closed source and they make money" is tiring. While yes Check Point's security applications are closed source, the development platform for all the apps is Linux. Check Point's own hardened Linux version SecurePlatform is available at no extra cost, is supported without extra cost and is the preferred platform. Download a version and see for yourself http://www.vmware.com/vmtn/appliances/. You'll see that Check Point makes extensive use of OSS, and even contributes back to the community from what I hear.
Check Point is a strong advocate for Open Source where it makes sense, and I don't think they need to apologize for being profitable when US based companies like Cisco and Microsoft make billions off the crap they have slopped together.
This whole Israeli "back door" thing is ridiculous, and stings of anti-semetic conspiracy. Israel has consistently been the US's most staunch ally (when allowed). What possible benefit would Israel or Check Point gain by allowing a backdoor to be widely distributed throughout the world? Think about it, Check Point has been in business for 13+ years, and has hundreds of thousands of Internet perimeter firewalls out there in operation. Don't you think that if there was a deliberate back door that it would have been found by now. Yeah those crazy Jews are out for world domination again. Ridiculous.
It is no secret that Check Point is run by mad scientists who make great product, but don't have a clue when it comes to running a business (well maybe just the bribing part). Could it be that Check Point maybe didn't grease Washington the way it should have? Could it be that Sam Nunn being on the board of directors for direct competitor of Sourcefire and Check Point's might have had something to do with this? Could it be that market powerhouses like Cisco who spend more money on marketing the mythical "self-defending network" than actually fixing their sh!t helped put a stop to this?
Follow the money. It was big businees and big Bush that killed this deal. And yes Check Point is a $Billion+ company so I'm sure they will survive (sniff sniff), but how does this play into the mythical "global free market" we keep hearng about? Is protecting stagnant companies like ISS and Cisco what is really best for the security market and the rest of us?
The interesting part is to predict now what the full range of effects of a dollar collapse will be.
The israelis have been busted multiple times messing with equipment sold to US govt and law enforcement.
Look at AMDOCs and Comverse Infosystems.
While snort is open source, Sourcefire retains EDITORIAL control over what goes into the source tree and complete control over the closed source sections of code in their appliances.
This is not about technology but about what potentially could be backdoor'd - just like how the israelis got busted wiretapping the wiretap equipment supplied by Comverse.
This country is BUILT by foreigners...
The reason I am not afraid of foreigners is cause I do not think I am dumber than them... You may have a good reason to be afraid of them, perhaps?
Xenophobic cake-tart that you are...
Let us list the 'aliens' that gave you the Bomb (THE Bomb...)
Einstein, Rutherford, Niels Bohr, Max Born, Chadwick, Marie Curie, Enrico Fermi, Max Planck...
Directly worked for US:
Chadwick, Compton, Bohrs (both dad and son), Einstein, Fermi, Frisch, Eddie Teller (Dr. Strangelove prototype...), von Neumann, Wigner, just off the top of my head.
The FBI, DoD, etc. often require US citizens
Perhaps that's precisely the reason FBI etc. were in such a deep ass on 9/11
You all do realize that while Snort is open source, Source Fire is a for profit company that makes commercial, non-open source software, albeit in support of Snort.
This country is BUILT by foreigners...
...that earned their citizenship . ;)
If I really am talking out of my ass...explain it to me with respect so I'll at least pull my ears out to listen.
You are a moron. You think Israel needs to do industrial espionage on the US... Where do you think things like Centrino, most WiFi and new WiMax ASICs are designed? They are designed in Israel. Or things like the Arrow antiballistic missile. Or the high power laser anti misile systems....
You are totally out of touch with the reality of the past 10 years. Most of the advanced stuff people in the US are using are not only manufactured elsewhere, but also designed elsewhere.
And, yes, the US Government is acutely aware of this. As a result they are only just beginning to make changes to increase the security of their suppy chain. It will be hard to do and probably will never see the levels seen in the '50s and '60s. Expect to see more of this (DoD and FBI vetos of corporate mergers and aquisitions) in the future.
The Feds, INSPECT (some) cargo, and the tend to 'oversee' some aspects of the physical security. However that oversight is bureaucratic in nature.
The grass is only greener, if you don't take care of your own lawn.