Church software should be open source

So you have the BIG idea that the Church or community needs to develop. Discuss that idea here. Maybe you just want to make a suggestion on a new forum topic. Let us know.
brannonking
New Member
Posts: 8
Joined: Mon Jan 29, 2007 6:40 pm
Location: Logan

Church software should be open source

#1

Post by brannonking »

I think the church should make all its software open source projects. I'm sure a lot of members would contribute if they could. It would increase the security of the software to have more eyes look at it. It would also be a very noble thing to do -- producing religious organization software that other churches could use. Many fear it would be a security breech. That is not true, as other open source software projects have proven.
User avatar
thedqs
Community Moderators
Posts: 1042
Joined: Wed Jan 24, 2007 8:53 am
Location: Redmond, WA
Contact:

#2

Post by thedqs »

The only problem is that the church encrypted data stream that MLS uses to send updates, could potentially be hacked and then false information could be uploaded to the servers, effectively ruining the entire chruch database. I support some of the projects but not all for the reasons of privacy and security in those cases.
- David
brannonking
New Member
Posts: 8
Joined: Mon Jan 29, 2007 6:40 pm
Location: Logan

uh, proprietary encryption?

#3

Post by brannonking »

thedqs wrote:The only problem is that the church encrypted data stream that MLS uses to send updates, could potentially be hacked and then false information could be uploaded to the servers, effectively ruining the entire chruch database. I support some of the projects but not all for the reasons of privacy and security in those cases.
If exposing the MLS source gives away the encryption key we're in trouble anyway. Having Firefox open source doesn't invalidate the HTTPS protocol or the SSL encryption it uses. Encrypted data is not the same thing as software source code.
User avatar
WelchTC
Senior Member
Posts: 2085
Joined: Wed Sep 06, 2006 8:51 am
Location: Kaysville, UT, USA
Contact:

Issues...

#4

Post by WelchTC »

The biggest problem with open sourcing programs at the Church revolve around privacy to data. Unlike many open source programs, many of the Church programs are built around and deal with very sensitive data. So if the Church were to ever open source some program like MLS, it would be wrapped around a lot of security and policies that could be strictly monitored in an effort to ensure the data is available to only those who should have access to it. Currently many of the programs don't have the measures in place that would allow us to open up the code.

Tom
User avatar
thedqs
Community Moderators
Posts: 1042
Joined: Wed Jan 24, 2007 8:53 am
Location: Redmond, WA
Contact:

#5

Post by thedqs »

brannon01 wrote:If exposing the MLS source gives away the encryption key we're in trouble anyway. Having Firefox open source doesn't invalidate the HTTPS protocol or the SSL encryption it uses. Encrypted data is not the same thing as software source code.

I know the encryption wouldn't be affected, RSA public-private keys are almost impossible to break. The problem I was pointing out was the transfer protocol to church headquarters. Firefox is open source so I could look at firefox's code and get the HTTP transfer protocal and create a program that emulates Firefox (ie. The webserver believes it is intereacting with Firefox) so I could do the same with MLS, (Church HQ believes that it is interacting with a real MLS when really it is a malicious 3rd party).

Hope that explains what I meant.
- David
james_francisco
Member
Posts: 77
Joined: Thu Feb 08, 2007 9:42 am
Location: Arizona

#6

Post by james_francisco »

For clarity, I have several philosophical objections to the whole idea of open source. Some of it is a "you get what you pay for" philosophy and much of the rest is that I don't see open source projects or software as being particulary cost-effective when both front-end and back-end costs are concerned. that comes from direct experience with ROI comparisons of open source and a commercial learning management system. In the context of the Church, I think that making internal application development projects open source represents too great a risk to the security and integrity of the member and financial data of the Church.

James Francisco
JamesAnderson
Senior Member
Posts: 773
Joined: Tue Jan 23, 2007 2:03 pm

#7

Post by JamesAnderson »

There are some good points there.

As far as risks to security, etc., that is probably relative, since the software is only the raw code that calls the data, not the actual data itself. There are alot of ways to secure the data that are separate from the open source application being used as it is.

On 'You get what you pay for', may be true in some cases, but if the open source software isn't good or at least working on getting good or better, then no one is interested, and the whole project will often fail because of that.

In the music recording industry I've seen both good and bad open source projects that create little software plugins for various music recording platforms. Almost always the good ones get alot of attention, while the bad ones get used by a few for a short time, then are brushed aside.
User avatar
WelchTC
Senior Member
Posts: 2085
Joined: Wed Sep 06, 2006 8:51 am
Location: Kaysville, UT, USA
Contact:

#8

Post by WelchTC »

Let's not let this discussion get bogged down into a debate over open source vs proprietary software. These issues tend to be polarizing and argumentative. The facts are that there are great things about both sides. The Church utilizes many open source components in our software stack and will continue to do so. This web site is built upon a lot of open source. At the same time the Church purchases a lot of commercial software.

One last thing is that I want to remind everyone that the Church is lead by Revelation, and not by public opinion. If everyone says that we should open source MLS but the leaders in charge feel it is not the right thing to do, that is the direction we will take. We see these forums as a great source of ideas, data, input, etc. in helping make decisions but it is by no means the only input we listen to. ;)

Tom
russellhltn
Community Administrator
Posts: 34418
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#9

Post by russellhltn »

I think one of my concerns about Open Source software is adherence to policy. Some of the quirks that one may find and want to change may be there by design. While most of us would understand why MLS won't let you select a child or a woman for Bishop, not all such things are as well known. It's happened a few times that someone has come up on the clerk's list and ask why they can't put so and so on in a given position and the answer that has come back is "that's not the right way - go read the CHI". Don't believe me? Pop quiz: What limitations are on the calling of Primary President? Besides being an adult? If you don't know, then I've proven my point.

That not an insurmountable obstacle, but something to consider. (Will we need to add RTCHI to our acronym list?)

My 2¢. :rolleyes:
michaelcox
Member
Posts: 89
Joined: Sun Feb 18, 2007 12:51 am
Location: Southern Utah, USA
Contact:

#10

Post by michaelcox »

RussellHltn wrote: Pop quiz: What limitations are on the calling of Primary President? Besides being an adult?
She has to be a female.

I like your pop quizes RussellHtn.
Thanks,

Michael H. Cox
Locked

Return to “Ideas & Suggestions”