Licenses under the hood

We recently had a Tweet (thanks @larsw!) about the licenses related to libraries used by Crypteron for its security agents. The issue at hand was that we weren’t attributing and distributing the appropriate licenses for each of the underlying libraries we used. This was a problem and we wanted to resolve this as soon as possible.

Background

Some background is useful here. Our security agents are distributed via NuGet and Maven but they had previously been distributed directly to customers as a .zip file. Those .zip file packages contained the licenses but, when we switched to NuGet and Maven-based distributions, the licenses were skipped. We intend to fix that in future binaries but we’re also putting up a dedicated page where these licenses will always be documented.

Why include as source?

The libraries we use are popular so there is a chance that our customers are already using them within their applications but with potentially incompatible, untested or buggy versions. For greater stability and developer experience we wanted to avoid the DLL-version-matching game altogether, and thus included the libraries as source. This meant that we couldn’t use some libraries and had to settle for libraries with licenses that allowed us to do so Lastly, to avoid namespace conflicts between our embedded version of the library and the same library linked internally, we modified the source for the embedded libraries to relocate their namespaces into the root Crypteron namespace.

Standard disclaimer: Engineering has nothing to hide but our lawyers specifically prohibit reverse engineering our commercial product(s).

Crypteron ❤ open source

We love open sourced products as well as quality closed source products. Crypteron has both open sourced as well as closed source projects. Take a look at CloudMedic at cloudmedic.io. It’s a bootstrapped starter healthcare app secured by CipherDB and the source code is on GitHub. We did this because we feel Healthcare IT needs a big push, so we’re doing what we can to facilitate that.

Individually too, our founders and developers have contributed to many projects – be it EntityFramework, BouncyCastle, AngularJS, Stripe, Avro, Orchard, WordPress plugins, Windows Elliptic Curve Cryptography (not open-sourced obviously but finding defects) or even the Linux kernel.

Give it a shot

If you haven’t yet, I’d like to invite you to give Crypteron a try. We have a free Developer Plan and we think you’ll like what you see!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Recent blog posts

Migrating existing live data into Crypteron

You’re already live in production. And you have sensitive in the clear. Read this article to see how Crypteron can help.

Encryption, Entity Framework and Projections

Projections in Entity Framework live outside the entity lifecycle. Read more to learn how your can use Crypteron to secure such data.

PCI DSS and key rotations simplified

PCI compliance requires data encryption keys to be changed frequently. Here is how you can do it easily.

Your data-center is not secure and what you can do about it

There is no secure perimeter anymore. Neither in your corporate network nor in your data center. Fight a winning battle armed with self-protecting data rather than a losing one trying to protecting the infrastructure.

Introducing the Crypteron Startup Innovators Program

Qualifying startups get up to 50% off all plans. Tell us how you’re changing the world and the our Startup Innovators Program will support your journey.

6 encryption mistakes that lead to data breaches

If encryption is so unbreakable, why do businesses and governments keep getting hacked? Six common encryption mistakes that lead to data breaches.

Announcing the new Crypteron Community Edition

Starting today you can now sign up for the Crypteron Community Edition for free with no performance limitations.

Data breach response – One click to save your business

Get breathing room – when you need it the most. Respond to a data breach with a single click.

Why We Need Proper Data-At-Rest Encryption: 191M U.S. Voters’ Data Exposed

Adding security at the application level is a large step forward in protecting data from the constant threat of data breaches

How to encrypt large files

CipherStor is blazingly fast! Here we show how to use it within your data-flow pipeline to maintain high performance when encrypting large files.

Licenses under the hood

by Sid Shetye time to read: 2 min
0