Improve Security on Free Software

Improve Security on Free Software

I'm relatively new on Free Software, is very dificult to me using free software developing tools because I have learned developing with the Microsoft's tools from the beginning.

Then a teacher showed to us about the free software alternatives for developing and I was interested on them. One of my worries about the free software is this:

If I get for free all the source code of an application (like the database connection, encryptation algorythms, functionality) developed for my clients, everybody could know how this application works and maybe how to hack it!

I think is O.K. with generic libraries or applications that do not need of security and private infromation but what about the other ones?

If there are any documentation about this or a design way to maintain the user information secure, please share it with me.

wig's picture
Submitted by wig on

The user information, the private information, and other information of the client should not depend on the source code being open to look at.

If a program is well made - which can be checked if 1) the source is open and 2) you have the knowledge - the user data and configuration should be stored in a safe way, on a safe place. Config data might be in a protected directory, passwords be scrambled in the database etc.

If you use free software for in-house development, and you wish to share the code, just take care not to share your data and the configuration of your production environment.

We do development on a second database (free software - so no extra license needed), with a set of "fake" data. From this environment we share code to external and/or we share code to our production environment. So if something go wrong, we might only "lose" this fake data and configuration.

Good luck with your further discovery and use of free software.