There has never been a more eloquent argument in favor of open-source than a closed-source project like this one, that tries to portray itself as a harmless, useful library for everyman.
First argument: people will be willing to use it. Consider what you're offering -- a closed-source library that manages people's financial transactions. You may or may not be surprised to hear that people are reluctant to trust closed-source libraries that process financial transactions, account details, and patterns of economic behavior.
Second argument: open-source libraries are more likely to be successfully scrutinized for security flaws, and repaired in advance of exploitation. An irony of open-source is that over time it becomes more secure, not less, indeed one often-heard explanation for Windows' notorious insecurity is that it is closed-source, so the first revelation of a vulnerability is, not when errors are noticed by routine scans of source code, but when they're exploited in the wild.
Third argument: people will be able to see how your code works. This isn't a license to steal, it's a way for people to find out if your code meets their needs and behaves as they expect (or as accounting standards require).
I once debugged an accounting package that had a weird error -- two runs on the same transaction database never produced the same outcome. After a lot of back and forth, I got the developer to open the source, and discovered that his way of rounding off to the nearest penny was to generate a random binary number -- if 0, round down, if 1, round up. It was breathtakingly stupid, and we would never have solved it without seeing the source.
Fourth argument -- you can't arbitrarily shut down users of your library. An open-source library survives the extinction of its source or a change in policy. A closed-source library can't do that in any meaningful sense.
That should do. :)
1. This makes sense and is what I thought would be my biggest hurdle. Thankfully, this has never really been an issue. A lot of people are surprisingly willing to trust their finances to a third-party they don’t know that well.
2. I agree, although I think it’s even more valuable to have professionals audit the source code. Both together is probably optimal for security.
3. I realize that, in the example you cite, it was helpful to have the source open, but in the case of a (usually) consumer product, I don’t think this argument holds much weight. Iron Money mainly targets young singles and couples who want their finances on the iOS devices and Macs, and having it be open-source rarely plays into the decision to purchase.
4. I agree. I don’t think Iron Money is really marketed as a closed-source library, but the point stands. In any case, I would probably open the source if the service was shut down.
Thanks for taking the time to write up your thoughts; they definitely provide food for thought.
Lots of people trust closed source applications though. QuickBooks, Turbotax ..
Your point is still valid, though I don't know what the exact differences between Iron Money and (say QuickBooks) are.
