Dear All,
As You know, the recent nation-sponsored attacks used a bunch of libraries. However, nobody investigated yet the license terms. Here is a short list, based on the feedbacks we might update this article
Duqu:
modified LZO for .zdata: LZO and the LZO algorithms and implementations are distributed under the terms of the GNU General Public License (GPL) .
Flame:
putty -MIT license
libbz2 – BSD-style license
zlib – very permissive license http://www.gzip.org/zlib/zlib_license.html
SQLite – public domain
Lua – MIT license
As we are after a long-long day of serious problems, let’s go for some nice and easy point.
So our questions is: Please, Dear Authors of Duqu (whoever they are), hand over the source code of Duqu (or Beacon/NYT), as it contains GPL code.
The source code can be sent to duqusubmit@crysys.hu.
Discussion on the topic is highly welcome.
Thank you for your attention.
b.
Disclaimer: This post is for fun, don’t take it too seriously, but the questions are still valid. This post is a personal post of one of the Lab members and does not reflect the view of any organization.