HACKER Q&A
📣 gitgud

Why is “Open VPN” so aggressive against reading the source code?


So, I was installing "Open VPN" and thought it was an Open-Source VPN server. You can apparently access the source code from they're release tar-balls, as described on [1] their website.

But during the installation process, I noticed a weird [2] license clause that kind of scared me:

    3. You agree not to reverse engineer,
    decompile, disassemble, modify, translate,
    make any attempt to discover the source code
    of this software, or create derivative works
    from this software.
They're essentially saying you cannot see how this works... which is very worrying for an application that basically funnels ALL network traffic through...

Do you think they're concealing some kind of exploit or tracking software? ... or am I just being paranoid?

[1] https://openvpn.net/source-code/

[2] https://openvpn.net/license/

  👤 pabs3 Accepted Answer ✓
Looks like the source code is under a much more open license:

https://github.com/OpenVPN/openvpn/blob/master/COPYING

👤 rwdim
It says you can’t derive the source from the binaries. It does not limit you from reading the source, but it does stop you from creating another product from the source that will compete.

Pretty standard, IMHO

👤 em10fan
There is an open source version AND a commercial version, which extends it.

The binaries they provide the latter, which are are commercially licensed and include proprietary parts, bound by those terms.