Subject: Re: Open-sourcing business operations code?
From: Ben_Tilly@trepp.com
Date: Mon, 30 Oct 2000 16:25:47 -0500


Russell Nelson wrote:
> I'm working with a vendor on his proprietary POS program.  He's open
> to the idea of running it under Linux; no problem there.  Since they
> solely use the program in-house, they seem like a perfect case for
> freeing their software.  He's wondering, though, if anyone else has
> done this.  They're a Microsoft shop, so they're not at all familiar
> with this open source stuff.  Anybody have any experience with a
> retail vendor open-sourcing their business operations code?

One concern that I would address up front is security.

The second that you take closed source software open, it becomes much
easier for outsiders to look for holes.  Long-term open-source may be
good for security.  But short-term it definitely is an increased risk.
Doubly so when (as in this case) there are opportunities for theft if
mistakes are found.

So before they take it open, make sure that you have looked into
security.  Even if you don't do a full security audit, at least check
that passwords are not left in the code, standard encryption has been
used in appropriate places, etc.  Otherwise the consequences could be
sudden and drastic.

Insert analogies to spring cleaning as you feel appropriate. :-)

Cheers,
Ben