Comment by jonotrain
10 years ago
Hey mariusz - interesting ideas. for the first, I was new to coding when i started this project, so i dont really know how people go about sharing their code. I imagine I could put it on github or something like that - but I'm a little apprehensive that someone might be able to find a way to do something malicious to the site if they were to know its inner workings. So I'm not sure - I too think about the posterity of the library, though.
As for the second idea, the forum exists for librarians to share any sorts of discoveries they make in or thoughts they have about the library. But I would never say there could be a page with nothing interesting on it! After staring at these pages for a possibly unhealthy length of time, I can tell you that there's something interesting to be found in all of them.
and keep in mind what Borges said: "In truth, the Library includes all verbal structures, all variations permitted by the twenty-five orthographical symbols, but not a single example of absolute nonsense. It is useless to observe that the best volume of the many hexagons under my administration is entitled The Combed Thunderclap and another The Plaster Cramp and another Axaxaxas mlö. These phrases, at first glance incoherent, can no doubt be justified in a cryptographical or allegorical manner; such a justification is verbal and, ex hypothesi, already figures in the Library. I cannot combine some characters - dhcmrlchtdj - which the divine Library has not foreseen and which in one of its secret tongues do not contain a terrible meaning. No one can articulate a syllable which is not filled with tenderness and fear, which is not, in one of these languages, the powerful name of a god."
Putting the code up on, say, GitHub would also help with stopping people from doing malicious things to the site, because people aren't always mean and villainous, they can be nice as well and help out. One of the benefits is people fixing your code for you!
If you're worried that somebody will do something malicious... what is there that one could maliciously do? As long as you don't have, for example, credit cards on there, not much to steal then. Perhaps somebody is malicious enough to decide to take down your website for their perverse pleasure, in that case anybody can have their own, local copy of the library in case the internet-facing one goes down.
EDIT: What I meant and managed to completely fail to convey well in the first paragraph is that by obscuring the code, the vulnerabilities that you're afraid of people finding don't go away. And people can find them nonetheless. By opening the code, other people can fix vulnerabilities, etc. But keeping this paragraph in mind, to relate it to the others, seeing as how your library still exists, nobody seems to have bothered to try to destroy the library in the first place using their own means, so what difference will putting the source up make? :)
tl;dr: Security by obscurity? For shame. Put the source on GitHub! There's nothing to lose, and everything to gain. :)