Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 32 subscribers
  • Views 42731 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Source Code for Open Source components?

Simon Matthews

I am wondering where I would be able to download all the source code for all the open source software (including Sophos' modifications) used in the XG Firewall.



This thread was automatically locked due to age.
  • 0

    Hey,

    I am no expert in this, but i don't think Sophos would give the source code for their Firewall. That would defeat the purpose of firewall security if the source code was available to everyone. 

    They are giving it for free for Home users and that doesn't mean that its Open Source. 

    Yes, they probably are using a Linux kernel but that doesn't mean that the firewall source code is open source. 

  • 0

    Simon,

    as Tom wrote, you cannot get Sophos XG source code. Even if XG uses open source packaged, they are then modified and re-compiled by their Engineers. This sort of information is not released by any SW House.

    Regards

  • 0 in reply to lferrara

    I did not request the Sophos XG proprietary source code. I requested the Open Source code they use and they modifications made to it. This is a legal requirement, depending on the license. This is definitely something release by most software devs. Yes there are companies that have attempted to get away with using GPL (or equivalent licensed) software without distributing the source and the changes made e.g. Fortinet, but I would hope Sophos would be better than that

  • 0 in reply to Simon Matthews

    Hey Simon,

    Ok, maybe i can understand that they might tell you what open source code they used but how can they tell you what modifications they made to the code. That would make the sophos product a lot weaker and insecure for all of their customers. So i don't think they have to give the information about the modifications they made. 

  • 0

    Hi Simon ,

    The modifications used cannot be shared, as it is a security based company. We do not share the source code as there are copyright and exploitation concerns and could be easily misused.

  • 0 in reply to Aditya Patel

    If the modifications are to GPL licensed software, then a poor excuse like "copyright and exploitation concerns" are worthless. Since you are selling/publicly releasing the software it is a requirement that you make the modifications available to your end-users.

    www.gnu.org/.../gpl-2.0.en.html

  • 0 in reply to tom greene

    tom greene said:

    Hey Simon,

    Ok, maybe i can understand that they might tell you what open source code they used but how can they tell you what modifications they made to the code. That would make the sophos product a lot weaker and insecure for all of their customers. So i don't think they have to give the information about the modifications they made. 

    Should I modify the Sophos XG software so that it doesn't require registration (crack it) and then sell it under a different name? That would be fine according to you because in this reality, of yours, software licenses are worthless. If they are willing to ignore the license terms of Open Source software, why should anyone care about their copyright?

  • 0 in reply to Simon Matthews

    Hey Simon,

    Man, Chill out. Again, I am no expert but lets assume for a minute that you are legally correct, that Sophos has to give you the modified source code, what makes you think they would. I think its a battle not worth fighting. 

  • +1

    Hello Simon,

    I am also not a licensing software expert, but the download link is for you still available on https://www.sophos.com/en-us/mysophos/my-account/network-protection/download-installers.aspx 

     

    alda

     

     

  • 0 in reply to alda

    That is exactly what I was asking for! Thanks alda. I still have a problem though... it seems that the link to download it is dead. Comes up with a 404.

    Hopefully the Sophos team can fix that for us.