Alternatives To SourceForge For Open Sourced Projects? 10
Bowie J. Poag asks: "I'd like to start another project, but I don't want my work hosted on SourceForge due to security concerns. Specifically, I'm looking for someplace I can develop ideas with a small team of people in complete privacy without having details of our development process on display to the general public. Are there other project hosting services available to the community?"
Odd thing to post coming from poster (Score:3)
1. They call it co-location, or a dedicated server. I hope you didn't think it would be free?
2. What security concerns do you have with SourceForge exactly? (see next comment...)
3. I find it interesting this question was posted, comming from Bowie. We all know he had a big falling out with VA (Sourceforge is run by VA) and also we know he is bitter. (that whole tiles thing) I don't see why he had to include the poke at Sourceforge, from what I can tell, they are doing a great service to the community.
4. Did you try Area 51? That is Andover's dealie. See how private they are, though I think they are the same as SourceForge.
5. Xnot also runs a code thing that is less popular and can probably be made secure (maybe it would seperate them from the rest of the "code-houses" crowd.
Reading over my post, I think there is more on topic than off, hopefully Bowie will respond to a few of my points though...perhaps even in a polite way.
-Davidu
Re:Why bother with Open Source (Score:2)
1) Being first to market.
2) No way of enforcing NDA's (read: too poor to afford a lawyer, and too poor to afford the defense of that NDA)
3) Prevents rumormongering.
4) Allows people to concentrate on development versus concentrating on public relations crap.
5) If the idea turns out to be bad, great, nobody will know you were doing something stupid. If your idea turns out to already exist, great, you wont be sued for patent infringement. No one will even know you existed or did the work in the first place...
I could go on, but you get the point. Silence means security.
Bowie J. Poag
Well... (Score:1)
What's S12? (Score:1)
-russ
Linuxave has free hosting (Score:1)
However, Sourceforge provides mailing lists, bug tracking, compilation, and other features that Linuxave does not.
DSL/Cable Modem (Score:2)
Then get them to give you an account. If it really is a smaller group, and you trust them, a single user account with ssh access should be enough. You shouldn't even need to have root access. If you want to do the web thing, you will need root access to install apache with the ssl stuff, so you can have a private password protected area. If you get a domain name and map it to the box, apache can give a separate web page based on the URL you are using to connect, so you don't even have to interfere with the donor's web site if they are running one.
If someone has access to machines outside the firewall at their workplace, they can put it there, but without talking it over with the company people it's kind of illigit. Not that it hasn't been done.
I gave a friend of mine root access to my cable modem box, and he did half a web-based startup off of it, through a round or two of funding and lots of users. I never noticed because I have this expensive connection I share with my roommates and yet we are all at work or school all our waking hours and we never get to use it, because non of us have a life. Start-up dude never even told me, because they had all these non-disclosure secrecy agreements everyone was bound by. Months and months later, after I was seeing this company on subway advertisement, My friend mentions to me "Oh yeah, you know blahblah.com ? That's the secrete startup I'm doing. All the foo services have been running on your machine until recently. Thanks." It was kind of weird. I'm glad someone got some use out of that cable modem.
Anyway. You can do the CVS through the ssh connection too -- it involves setting the environment variable CVS_RSH to ssh, and it's in the cvs manual.
What about asynchrony.com??? (Score:1)
https://www.asynchrony.com/
Why bother with Open Source (Score:2)
--
Alternatives to SourceForge + Some clarifications (Score:3)
My concern rests mainly with the need to have a large array of resources available to developers, while still preserving some degree of "radio silence" while the development process occurs. Some things (even some projects) obviously benefit from having a worldwide audience that can propose solutions or correct problems. However, there are some things, ideas mainly, which need a degree of secrecy in order to grow to maturity.
While SourceForge does offer the resource end of the equation, having your project on SourceForge is admittedly anything but low-profile. For some of us, this is a problem. This is also what I meant by "security concerns", by the way. I'm sure VA does a good job of handling machine security (they did while I was working with them at least), but thats not what I'm referring to here. I'm talking about security within an individual project, hosted by a larger entity.
If we want to dig up System 12 as an example, consider this: We had something on the order of 15,000 people sniffing around and speculating on what we were doing before we even had anything tangible to share. We watched the logs daily, and parsed them for unusual referrals..Some of them pointing directly back to people within large orginazations we had no dealings with at all. We thought it was amusing at the time, but personally, I didn't like the idea that we were being periodically watched by different companies.
(Admittedly, we did place some little pieces of eye-candy out for public view, but I'll take the blame for that mistake. If I could go back and do it all differently, I would have kept the lid on that project air-tight.. Only myself, and the people working on it would know, until we were ready.)
Anyway, nuff about S12. Onto the problem at hand:
By saying "We don't wany anyone to know or hear about what we're doing until its done" isn't illegal, nor is it morally wrong or at odds with the spirit of the GPL. So long as in the end, when the final product is complete and the source for it has been made available to the public, everything's fine.
Im just wondering if such a place exists. A tall order, sure, a big box with a wide pipe, and total secrecy for a dozen people for a finite period of time. But thats why I wrote Ask Slashdot in the first place.
(PS.. Yes, I dont like VA. Thats obvious. However, im not going to edge my bias into the discussion lets keep the conversation constructive here.)
Bowie J. Poag
Re:Odd thing to post coming from poster (Score:1)
I did.
1) I've got a co-lo already, but its not powerful enough to do what need to do. While I do have a little nest egg over at MetaLab/UNC, I wouldn't dare move everybody and their uncle over there to work on something. They've already been extraordinarrily generous to me already.
2) In short: idea security, not project security.
Im sure VA keeps a tidy ship when it comes to their community-inhabited boxes.
3) I wasn't trying to poke fun them by pointing out something they can't exactly offer.
4) Being out of the public eye also means being out from under the gaze of companies like VA, Andover, or any other business offering hosting space.
5) XNot seems a good candidate, but I need to hear more.
Bowie J. Poag