Licensing issue (commercial vs non-commercial)

fhightower / ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

GNU Lesser General Public License v3.0

157 stars 39 forks source link

Licensing issue (commercial vs non-commercial) #79

Closed ghost closed 4 years ago

ghost commented 4 years ago

The data seems to use data from Malpedia: https://github.com/fhightower/ioc-finder/blob/d102d92f132105c2a30faeffe9d441e41bff2e8b/ioc_finder/data_lists.py#L2384 (btw I guess that the regex'ed data is copied from https://github.com/certtools/malware_name_mapping/blob/master/malpedia.csv) But Malpedia data's license is CC BY-NC-SA 3.0 see https://malpedia.caad.fkie.fraunhofer.de/usage/tos The license defined in the repository here is the MIT-License They are not compatible at least in terms of commercial use. I also don't see Malpedia honored anywhere.

cc @danielplohmann

fhightower commented 4 years ago

@wagner-certat : Thanks for pointing this out. I'll remove the data from malpedia.

I'm going to drop support for parsing malware names anyway (see https://github.com/fhightower/ioc-finder/issues/68) as it should really be done elsewhere.

ghost commented 4 years ago

I think it's totally fine to (optionally) pull in the names (on demand) from an external source and point out the divergent license. That's how I do it here: https://github.com/certtools/intelmq/tree/develop/contrib/malware_name_mapping#malpedia-rules

fhightower commented 4 years ago

Thanks for the input! I'm going to remove parsing for malware names, but that's a really helpful example. Thanks for sharing it.