A Penny For Your Thoughts: Compatability of Open Source and my (future) Startup
But I can't seem to get rid of one last concern: user security.
[Note: I won't go into too much detail about what my future startup will be because a) at this point I'm honestly just not comfortable doing so, and b) leaving such variables undefined means others with similar concerns but different startups can gain more from this discussion.]
Among other things, my startup will involve such "features" as user login (id/password), user-to-user communication (not just text but files, etc. as well), and user storage (again, files etc.). In essence, given the nature of my startup, user security will be a big issue for buyers, as well it should be.
So, the ultimate question becomes: Is it possible to release all code as open source without risking security issues? Or should I just release all code unrelated to security as open source? If the latter, how can I be certain which code could risk security if released open source and which code would not?
Thanks in advance for all comments.
3 comments
[ 3.5 ms ] story [ 16.4 ms ] threadOn an unrelated note, "Penny for your thoughts" would be an awesome name for a micropayment startup.
Kliment
Yeah, that's probably what I'll do. Obviously, I have little experience with security coding...probably should've figured that. Humor the ignorant by answering another question, if you (or anyone else) would: what seem to be the primary reasons 'security by obscurity' fails so often? I can surmise, of course, that the cleverness of the many outweighs the cleverness of the few...especially when compounded with the depth and breadth of testing of the many vs. the few. Anything beyond that?
If it's any in-cent-ive (oooh I like that pun :D), should you respond to this question as well, I hereby release any and all intellectual property rights I hold (i.e., none) over the phrase "Penny For Your Thoughts" should you want to ever use it.