Moneydance - Cross-Platform Personal Finance

sreilly self-promotes: "Moneydance 2003 has just been released for Linux, Mac OS X, and Windows. This program is a completely cross-platform replacement for Quicken or MS Money. This is the first time that online banking and online bill payment has been available in a made-for-Linux application. It also has features that aren't available in Quicken such as an extension mechanism that lets developers easily add and distribute new features to the program."

Worried?

[Musashi Miyamoto]

I don't know why, but for some reason I feel uneasy about having an open-source finance program. Especially one that accesses my account information across the Internet.

I know that I shouldn't feel that way, but I don't like the idea of easy access to the code. I know "security through obscurity" isn't security, but "security through obscurity and good coding" is probably better than "security though good coding" alone.

Thoughts?

Impressive

[gmhowell]

Slashdotted with 2 comments. Look, if you are promoting your own project, there is no excuse for a slashdotting. Be prepared next time you submit your PR piece.

So, since the homepage refused my connection:

Can I install the client on multiple machines without an additional license? Does it work with Bank of America seemlessly (ie, I don't have to futz about with dl'ing the transactions manually). Can I import Quicken 2003 data? How much does it cost? What libraries did you use for the cross platform work?

Re:Worried?

[Mortice]

Thoughts?

I think that since it's not open source, you just wasted your time.

Re:Why not use Gnucash?

[AngryPuppy]

Bill payment and downloading transactions from my bank... I can't get to their site right now, but I understand from the original post that this is the first Linux based financial app that will let you do the two activities I listed.

Re:Thanks but no thanks

[bmongar]

I'm not going to trust my personal finances to a company that refuses to release their code under the GPL

So you don't use banks or credit cards then? Because I don't know of a bank or credit card company that has opened up their software.

Intuit

[0x7F]

For those of us who dislike Intuit's DRM [slashdot.org], this sounds like a great alternative to one of their products. The fact that it runs on GNU/Linux is a nice bonus, too.

I hope they follow up with some nice tax software, so they can really hit Intuit where it counts.

Re:Thanks but no thanks

[sporty]

It was funny. I was on bugtraq, and someone posted some code, showing how a system (freebsd at the time), could be exploited. Iditoically enough, I trusted the source after giving it a quick look and ran it. Somehow, I missed something.. a call to drop to the shell and execute a ping -f.

So tell me. Do you go through the pains of examining the source of every application you use?

But would you say, someone would eventually catch it in code? Sure, it'd a good argument. After all, web servers, name servers, XFree86... they have bugs, people catch them.

So here's my next question. There's one fundamental difference. If everyone ran a tampered copy of other free softwares, the damage would be minimal compared to say, transmitting your financial information to a server in Java (the island, not the language). After all, after I realized what that bugtraq code did, I killed the app. No permanent reprecussions.

Do you trust MS to not transmit your financial information when you do a software update? Do you use a machine with no net connection to prevent your financial info from spreading around? ANd if it did spread out once using GPL softare, who's fault is it?

Opensource isn't a panacea. It's a methodology. It's a way of making software secure over time, if people can contribute. It's about anyone going in and making improvements to their copy, or hell.. breaking it. It's not about instantaneous security. After all, did you audit your last linux install to maek sure it doesn't transmit your shadow file off to Alan Cox, since he's become a nut and hates all linux users now? (Not really.. but you get the idea).

Re:Worried?

[Diphthong]

I know "security through obscurity" isn't security, but "security through obscurity and good coding" is probably better than "security though good coding" alone.

Well, sort of... but obscurity does not generally lend itself to good coding. (That argument is a very slippery off-topic slope so I'll stop now.)

When it comes to a financial app, whether it goes on the 'net or not, I very much do not want obscurity -- otherwise I might end up installing something that both does my taxes and mucks with reserved sectors of my hard drive.

Re:Worried? (only if I would use it)

[frovingslosh]

but "security through obscurity and good coding" is probably better than "security though good coding" alone.

Thoughts?

Just the opposite. Security through good open code, that can be reviewed by people who understand this and confirm that there is real security is much more secure that "I've written good code, trust me" type code. The bad guys who want your data, you bank accounts and your identity are not going to be stopped from reverse engineering the code by an EULA. If an EULA only stops honest people from checking the validity of the code, then one has to ask "why have it?".

Re:Thanks but no thanks

[dreamchaser]

Translation: I don't want to pay anyone for their hard work in putting together any piece of cross platform software.

Seriously, software and politices are NOT the same thing. People need to grow up a little. I could maybe see the arguement of wanting to see the source, but free as in beer and speech just shows what you are really after; a free ride.

In Java

[Euphonious Coward]

Now I remember why I didn't try it before.

It's written in Java, which means, by my experience, it will tend to get stuck in infinite loops, consume all of RAM, and (thereby) crash my other programs. People tell me that's the various JVMs' fault, not the language's, but I haven't discovered yet how to apply that fact usefully.

Are there any successful Free Software projects written in Java and popular outside of Java development shops? (I don't mean that question rhetorically -- post 'em if you got 'em.)

Re:Thanks but no thanks

[ColdGrits]

"I'll wait until something free (as in beer and speech) before I think it's secure enough for my data, thanks."

Well write one and release it then.

Go on, if it is that easy to do, DO IT.

I dare you.

Put your money where your mouth is and develop/release such a program.

I won't pay bills online ...

[MisanthropicProggram]

from clarkhoward.com - an Atlanta based consumer advocate -

" Depending on who you sign up with, fees range from free to $10 a month. Use a service that stands behind its electronic payment, such as paying late fees and handling problems with vendors if you made the payment several days before the due date. When you figure the cost of the check, stamp and envelope for every transaction, a small monthly fee is worth it. "

I, on the other hand, don't trust anyone. I have to put my signature on everything - even if it takes more time out of my life! It's the same when you use a debit card. If you want to dispute the charges, for whatever reason, the cash is gone from your account until the dispute is resolved - if ever. This is unlike a credit card where the credit card company takes the risk. With online bill paying or debit cards, you take all the risk. So, if someone rips you off, well, you eat it!!

In short you're risking, although unlikely,an event of having a very bad situation of having too much cash taken out of your account, or having a bogus charge against your account and having limited recourse to get the money back.

Re:I won't pay bills online ...

[Anonymous Coward]

You're always risking something.

If you open a chequing account you run the risk of someone forging a check.

If you have a credit card you run the risk of someone using it without your permission.

If you keep your money in a paper bag under the mattress you run the risk of the boogeyman coming to steal it.

Re:Thanks but no thanks

[timmyf2371]

Have you ever downloaded any app from Sourceforge or the like? If so, were you familiar with the company?

Why wait until something is free as in beer? Do you not believe in rewarding coders for their work?

I take it as you are a GPL promoter that you have read and understood the entire source code for the GNU/Linux distro which you use and every app which you use. If not, why not? Who knows what kind of data your distro may be sending back to the vendor?

Have you ever shopped online? A lot of the shopping carts on ecommerce sites are also proprietary. How do you know that the vendor of the shopping cart doesn't know all your shopping habits?

Tim

Re:How new is this version?

[Evangelion]

Has anybody tried compiling GNUCash under cygwin?

I checked around for that -- there have been various attempts, but I don't know of anyone who as succeded with it. The other option I was looking into was running it remotely on a seperate Linux box using cygwin's xserver, but I need to set it up, and I'm not sure it's worth the electricity for one application.

Regarding your other question, the documentation is at gnucash.org...

"Currently implemented and supported are the XML file backend, which stores GnuCash data in its native XML file format, and the Postgres SQL backend, which supports multiple simultaneous users of GnuCash."

Re:Why not use Gnucash?

[slide-rule]

If there's a walk-through or tutorial guide on setting up gnucash for [preferrably simple-style] personal finances, please post. I've looked for something several times and haven't found any useful references. The recent 1.8 looks fairly close to my needs, but I simply don't have brainpower to invest in figuring out a workable setup on my own. (Yes, the irony of that statement vs. my running two dual boot linux boxes isn't lost on me...where you think my time goes? ;-) Something like a "MS Money user's survival guide to gnucash" (or the like for quicken users) would probably go a long way to help gain some adoption.

Re:Thanks but no thanks

[_Sprocket_]

Opensource isn't a panacea. It's a methodology. It's a way of making software secure over time, if people can contribute.

Indeed. You are completely on the mark with this point. The Open Source methodology isn't a silver bullet. It is no talisman. It is no guarantee to secure systems.

But. This methodology is a first step towards peer review. It is a part of a proven process. So while its not pixie dust, it is a good move.

Re:Who still balances their checkbook?

[cr0sh]

I do - and it still matters.

I cannot tell you the number of times I have balanced my checkbook and came across double-entries on the bank statement, from the same place, nearly at the same time - like they ran the card through twice! If I was looking at this online, I may not see this discrepancy (unless I looked really close).

I currently use the Checkfree software for all of this, but they recently moved to Quicken, so if the damn Moneydance website ever comes up - I want to see how it compares - in the meantime, I will probably end up installing Quicken.

I have thought that maybe I should go back to doing all of this "by hand" - but I love to pay my bills via electronic means. Most solutions for Linux (like GNUcash), since they don't offer EBT transactions (yet), mean you have to do double entry (once for the online payment, like through the bank, and once in the money program). Double entry can and will trip you up, though - which can be a bad thing at the end of the month (nothing like finding out you have a negative balance because you double entered, or entered incorrectly, your paycheck amount).

I have been trying to come up with a different method to allow me to do online paying without double entry - I was thinking something like a backwards method, where you keep your receipts, then when you "balance", you go through the online statement and compare the receipts to the statement, those that match do one thing, those that don't (or seem like theres a double) do another - but this seems like a large kludge that probably would have problems as well.

All I want is a simple program that replicates the account activity page on my checkbook, allows bill paying from it, and has a few simple reports - nothing fancy. Checkfree's original software, while only allowing comms via a modem, was just that simple program - perfect for what I needed. Now it is going away (like I knew it would eventually). I can only hope the special version of Quicken they sent out is simple as well - I guess I will find out this weekend.

Oh, by the way - one other thing you find out when you balance your account are the number of transactions that *don't* get reported to your account. Many times, you might buy something, and due to one reason or another, the transaction never gets sent to your account - so, free stuff (or at least until they figure it out, which I have yet to encounter)! One of my friends got a free computer system this way (ok, that is on the extreme end - most of the time for me it has been small gas and food purchases)...

Re:Thanks but no thanks

[tunah]

I'm not going to trust my personal finances to a company that refuses to release their code under the GPL.

If you had said "under a {free|open source} licence", then that would have been an extreme, but reasonable, position. To specify the GPL specifically is religious nonsense. You might prefer to buy from a company that GPLs, but to say that software with some other free license is less trustworthy is absurd - the choice of free license is irrelevant to you if you don't plan to release changes to the software.

Re:Tracking money is wrong.

[The AtomicPunk]

Don't live so close to the edge. It's a lot easier.

Yeah, some people have no choice, but 98% of the people out there do, and 98% of those live on (or over) the edge. I can't tell you how many idiots I've worked with that made 6 figures that live paycheck to paycheck because they have no concept of not indulging their every whim and desire.

(sorry, impersonal rant :))