Brad Feld

Back to Blog

Our Government Thinks Open Source Isn’t Safe in Foreign Hands

Mar 25, 2006

Check Point and Sourcefire announced the cancellation of their deal on Thursday.  This was a very nice deal for Sourcefire and its investors, as Check Point was paying $225 million for the company.  Sourcefire had raised a total of about $33 million so the early investors, including Sierra Ventures, probably made about 15x, NEA which was a round 2 investor probably made about 10x, and Sequoia – which was a round 3 investor, probably made about 3x.

As I sit here pondering this on a Saturday morning, I’m baffled, appalled, and offended by our government’s actions in killing this deal.  I remember having similar reactions when the government was investigating the $5.5 billion acquisition of Verio (a Colorado-based ISP / hosting company) by NTT in 2000.  While I wasn’t an investor in Verio, I knew many of the people there, including several of the key investors, and couldn’t fathom why our government would get in the way of the deal. Thankfully, the Clinton administration finally greenlighted the deal and one of the huge pre-bubble crash Colorado deals got done – just in time.

I’m baffled because of the open source aspect of the situation. Sourcefire’s core products are built on top of Snort, which was created by Sourcefire’s founder Martin Roesch.  While Sourcefire has undoubtably created a significant amount of proprietary (i.e. non-open-source) code in their products, Snort is still an extremely popular and growing open source product and community.  Dear Mr. Government – this means that anyone – including the really bad nasties – can download Snort and take a look at it.  While they can’t take a look at Sourcefire’s products, as long as Sourcefire has any meaningful Snort-based code as part of their system, the thing you proport to be concerned about is irrelevant.

I’m appalled because it makes no sense to me that the US government would stand in the way of the acquisition of a US security software company by an Israeli software company.  Check Point is a well-known, publicly traded (on NASDAQ) and broadly deployed “international company” – they have a huge US presence, employ large numbers of US citizens, and – well – operate in the global software / IT marketplace.  Check Point was funded in the mid 1990’s by two prominent US VC firms – Venrock and USVP (in fact, Ray Rothrock of Venrock and Irwin Federman of USVP still sit on Check Point’s board.)  This type of protectionism is just gross to me and is potentially damaging to the venture business as foreign companies (such as those in Israel, China, and India) are natural buyers of many US-based startups, including those that have significant business with the US government.  If an Israeli-based company can’t buy a US-based security startup, why would the US government let a China-based company do this?  As a VC or an entrepreneur, if you take this out to it’s logical conclusion, you get unhappy really fast.

I’m offended because – as a jewish American and an investor in high tech companies – the notion that our government is willing to block the sale of an entrepreneurial company to an Israeli company because the Israeli company is a threat to US security makes me want to vomit.  This is the same government that recently decided to share civilian nuclear technology with India.  Now, I’m not tied up in the politics of it all, nor do I want to be, but when I step back and look at it from an entrepreneurial perspective, and think about all of the Israeli security technologies that have made their way into US products (and – in a number of cases – become meaningful US-based companies), I just feel like someone in Washington needs a major history lesson.

While Check Point and Sourcefire have put a good face on the situation, I’ve got to believe there are some very unhappy people in Maryland and on Sand Hill Road today.