We recently had a Tweet (thanks @larsw!) about the licenses related to libraries used by Crypteron for its security agents. The issue at hand was that we weren’t attributing and distributing the appropriate licenses for each of the underlying libraries we used. This was a problem and we wanted to resolve this as soon as possible.
Background
Some background is useful here. Our security agents are distributed via NuGet and Maven but they had previously been distributed directly to customers as a .zip file. Those .zip file packages contained the licenses but, when we switched to NuGet and Maven-based distributions, the licenses were skipped. We intend to fix that in future binaries but we’re also putting up a dedicated page where these licenses will always be documented.
Why include as source?
The libraries we use are popular so there is a chance that our customers are already using them within their applications but with potentially incompatible, untested or buggy versions. For greater stability and developer experience we wanted to avoid the DLL-version-matching game altogether, and thus included the libraries as source. This meant that we couldn’t use some libraries and had to settle for libraries with licenses that allowed us to do so Lastly, to avoid namespace conflicts between our embedded version of the library and the same library linked internally, we modified the source for the embedded libraries to relocate their namespaces into the root Crypteron namespace.
Standard disclaimer: Engineering has nothing to hide but our lawyers specifically prohibit reverse engineering our commercial product(s).
Crypteron ❤ open source
We love open sourced products as well as quality closed source products. Crypteron has both open sourced as well as closed source projects. Take a look at CloudMedic at cloudmedic.io. It’s a bootstrapped starter healthcare app secured by CipherDB and the source code is on GitHub. We did this because we feel Healthcare IT needs a big push, so we’re doing what we can to facilitate that.
Individually too, our founders and developers have contributed to many projects – be it EntityFramework, BouncyCastle, AngularJS, Stripe, Avro, Orchard, WordPress plugins, Windows Elliptic Curve Cryptography (not open-sourced obviously but finding defects) or even the Linux kernel.
Give it a shot
If you haven’t yet, I’d like to invite you to give Crypteron a try. We have a free Developer Plan and we think you’ll like what you see!
