Church software should be open source

So you have the BIG idea that the Church or community needs to develop. Discuss that idea here. Maybe you just want to make a suggestion on a new forum topic. Let us know.
User avatar
AdrianLP-p40
Member
Posts: 92
Joined: Mon Mar 12, 2007 11:29 am
Location: Kingston, Ontario, Canada
Contact:

Postby AdrianLP-p40 » Mon Feb 04, 2008 6:34 am

tomw wrote:Contributions does not equal open source. The Church could enlist people to help work on code without that code being open sourced.


For several reasons I don't think that is the same thing.

Besides, I've never been inivted, and I'd have looked the code over at least once before now if it was open source.

User avatar
WelchTC
Senior Member
Posts: 2088
Joined: Wed Sep 06, 2006 7:51 am
Location: Kaysville, UT, USA
Contact:

Postby WelchTC » Mon Feb 04, 2008 6:50 am

AdrianLP wrote:For several reasons I don't think that is the same thing.

Besides, I've never been inivted, and I'd have looked the code over at least once before now if it was open source.


You can look all you want. We use Nagios, we use java, we use struts, hibernate, etc. There is a ton of open source code we use.

We have not invited developers to help on software we are building yet as we are in the process of ensuring that we have the processes in place to protect data. For example with MLS, there is no way for us to limit access to a developer from getting into confidential information within the MLS system. So if we were to open the code up to MLS and ask for help, everyone could see sensitive data. Now you may be tempted to say that the community would help protect that data and you would be right but what happens while that is being developed? You have a huge security hole. So we do have work being done internally to deal with these issues so that we can invite members to help work on projects...whether they be open source or not.

Tom

User avatar
AdrianLP-p40
Member
Posts: 92
Joined: Mon Mar 12, 2007 11:29 am
Location: Kingston, Ontario, Canada
Contact:

Postby AdrianLP-p40 » Mon Feb 04, 2008 6:56 am

tomw wrote:We have not invited developers to help on software we are building yet as we are in the process of ensuring that we have the processes in place to protect data. For example with MLS, there is no way for us to limit access to a developer from getting into confidential information within the MLS system. So if we were to open the code up to MLS and ask for help, everyone could see sensitive data. Now you may be tempted to say that the community would help protect that data and you would be right but what happens while that is being developed?


Do you mean the confidential information of a live MLS database? If you're storing confidential data in the source, someone is probably doing something wrong :)

User avatar
WelchTC
Senior Member
Posts: 2088
Joined: Wed Sep 06, 2006 7:51 am
Location: Kaysville, UT, USA
Contact:

Postby WelchTC » Mon Feb 04, 2008 8:17 am

AdrianLP wrote:Do you mean the confidential information of a live MLS database? If you're storing confidential data in the source, someone is probably doing something wrong :)

No, not in the source. In the data files. But if we release the code to MLS, we have to release how to access the data files. So anyone who grabs the source could get access to the data files through the source.

Tom

User avatar
AdrianLP-p40
Member
Posts: 92
Joined: Mon Mar 12, 2007 11:29 am
Location: Kingston, Ontario, Canada
Contact:

Postby AdrianLP-p40 » Mon Feb 04, 2008 8:21 am

tomw wrote:No, not in the source. In the data files. But if we release the code to MLS, we have to release how to access the data files. So anyone who grabs the source could get access to the data files through the source.


Is there anything that can't get without an admin account? As district clerk, I personally, can access pretty much everything anyway.

And yes I realise not everyone has district clerk access.

You could of course make it open source, but leave the class(es) or library that handles data file access I/O closed source. That would solve the situation. Making public the API for said class would not reduce security.

User avatar
WelchTC
Senior Member
Posts: 2088
Joined: Wed Sep 06, 2006 7:51 am
Location: Kaysville, UT, USA
Contact:

Postby WelchTC » Mon Feb 04, 2008 8:30 am

AdrianLP wrote:Is there anything that can't get without an admin account? As district clerk, I personally, can access pretty much everything anyway.

Yes, there is quite a bit and also many people have access to MLS within a ward or stake. EQ presidencies, HPGL, RS Presidencies, WML, clearks, bishoprics, etc.

You could of course make it open source, but leave the class(es) or library that handles data file access I/O closed source. That would solve the situation. Making public the API for said class would not reduce security.

Now you are starting to see the kind of work we need to do before we can get people involved. We need to create API's. This is the stage we are in at the Church.

Tom

User avatar
AdrianLP-p40
Member
Posts: 92
Joined: Mon Mar 12, 2007 11:29 am
Location: Kingston, Ontario, Canada
Contact:

Postby AdrianLP-p40 » Mon Feb 04, 2008 8:33 am

tomw wrote:Now you are starting to see the kind of work we need to do before we can get people involved. We need to create API's. This is the stage we are in at the Church.


I'm a bit surprised the data source IO handler(s) weren't modularised from the beginning.

maethows
New Member
Posts: 30
Joined: Sat Jan 27, 2007 8:09 am

Postby maethows » Mon Feb 04, 2008 12:38 pm

AdrianLP wrote:I'm a bit surprised the data source IO handler(s) weren't modularised from the beginning.


That depends on what the business requirements were during the design phase. There may be some modularization already, but the APIs were never designed to be used by third-parties, thus security controls or new API wrappers may need to be developed for such use (if third-party development is ever added to the list of business requirements).

Now, we could get into a security-through-obscurity discussion on why the format of the data files themselves is a security control. There can be ways of securely storing data locally with multiple users (e.g., random secret key used for encryption/decryption streams; the secret key is encrypted by each user's password; logging in as a valid user with a valid password permits MLS to unlock the secret key) without feeling like we gave the keys to the kingdom away when others learn of the format or process. But changes here could be a major undertaking, where any perceived benefits would be outweighed by the development, implementation, support, and hassle costs.


Return to “Ideas & Suggestions”

Who is online

Users browsing this forum: No registered users and 1 guest