Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Do hackers prevent the release of source code? 3

Submitted by
HotdogsFolks
HotdogsFolks writes "I've been considering releasing the source code from one of my job websites under the GPL licence for quite some time now. It's a fully functioning, everything-you-could-possibly-want system, so I'm happy to give it away to save people from having to write a similar system from scratch.

The only thing holding me back is the cycle of security patches I'll no doubt find myself in once the bad guys start analysing my code.

I'm not a security expert — I code for fun — so I'm not totally confident I'd be able to spot security issues even if I analysed my code myself.

What would you do if you were in my shoes? How do I get my software out there in the least painful way possible?"
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Do hackers prevent the release of source code?

Comments Filter:
  • As you say, you're "not a security expert", and you seem to be under the mistaken impression that keeping the source closed will compensate for that.

    Realize that vulnerabilities will be found, regardless of how open or closed the software is. If you didn't code with security in mind, there are probably an untold number just waiting to be discovered.

    Open sourcing your software would probably be a good idea - you might just attract a few security-conscious developers to the project.
    • As you say, you're "not a security expert", and you seem to be under the mistaken impression that keeping the source closed will compensate for that.

      Realize that vulnerabilities will be found, regardless of how open or closed the software is. If you didn't code with security in mind, there are probably an untold number just waiting to be discovered.

      That sounds like FUD.

      It should be much easier to find holes with source code or a local copy of the system available to look at and play with. Being open would very likely make holes get found faster, by both good guys and bad guys. Breaking in using a hole is extra work after finding it, but then so it fixing the hole.

      Maybe find a group of interested people who do know about security, and offer to privately give them copies under GPL or whatever, with the *request* (can't be a demand) that they help fi

I've got all the money I'll ever need if I die by 4 o'clock. -- Henny Youngman

Working...