-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cristian Rodríguez wrote:
| Kim Groneman escribió:
|> Three reasons. First PHPBB is the closest open source product
|> available but history has shown that security and features in PHPBB is
|> significantly lacking compared with the closed source products being
|> used.
|
| While I indeed agree that PHPbb security history is nothing to be happy
| with, I'm sorry to tell you that "closed source" products dont it
| better, at all, do you want a simple proof eh ?
[...]
Well you could, indeed, try to make your point in a slightly less
offensive way ;)
My personal opinion is that there is no silver bullet option. All
candidate web forum software packages are written in PHP and, as such,
have a rather high potential of security issues (compared to, say,
running something in a JVM that can easily be locked down with access
rules and has a much better record in terms of security).
We already have discussed whether we should go with an opensource
solution instead, for obvious reasons, and if there had been a good
opensource candidate in terms of features, support and security, we
would have given it a preference, for the same obvious reasons.
Point is, the people who run it should be the people who decide on the
software they want to use. Kim's point below is a very valid one IMO.
|> Third is pure supportability. vBulletin is fully supported by the
|> company that owns it for updates/security/etc. which is extremely
|> important in an environment like this where you want optimal up time.
|
| That's a valid point.
|
|> You'll notice that the existing boards that are coming together for
|> this project are all using closed source product for their forums.
|
| Because probably they don't know anything better. ;-)
Note that you didn't propose an alternative that would have the same
feature set as vBulletin or IPB :)
phpBB really has a terrible security record.
cheers
- --
~ -o) Pascal Bleser