Presented at DEF CON 13 (2005)
July 30, 2005, 5 p.m.
Do you think that all those tools you download for security testing are free? Well, they may be free of cost for some uses, but the licenses of many tools commonly used by the security community are getting more restrictive and complicated. This interactive discussion will look at the current state of security tool licensing and also look at where this field may be headed. Specific examples of license restrictions in many commonly used tools will be presented in order to illustrate the current trends and also help tool users in the audience navigate the bumpy road of security licensing issues and stay on the right side of the law. Also discussed will be possible actions for tool users, tool authors, and others to make tool licensing simpler in the future.
- Senior System Security Engineer
Chuck Willis received his M.S. in Computer Science from the University of Illinois at Urbana-Champaign in 1998. After graduation, he spent five years conducting computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Following a brief foray into security software engineering, Chuck is now conducting Penetration Testing and Vulnerability Assessments as a security contractor. Chuck has previously spoken at the Black Hat Briefings USA and the IT Underground security conference in Europe. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner. Chuck's past presentations are available on his Web site at http://www.securityfoundry.com/