February 14, 2008
I would love to share all the wonderful feedback, but instead, I’ll share some of the excellent questions (and more elaborate answers) that were asked of Scout:
What are the security pitfalls, i.e. can someone simply write a ‘rm -rf’ plugin?
To answer that, let’s look at the architecture of Scout first:
The security measures needed for Scout are the same as for any other software. In fact, in some ways, it’s easier to be more secure – the plugins are relatively few lines of code and easy to review. For a more closed environent, you can create a copy of the plugin code and host it on one of your own servers (a plugin is plain text).
Is Scout open source?
The Scout client is completely open source. The gem is a normal Ruby gem, open for development, and distributed under the MIT and/or Ruby License (whichever you prefer). The Scout Plugins people write are also completely open, in fact, they are surrounded and fostered by a community that encourages branching, fixes, and general open-ness.
The Server, where you aggregate your data, do reporting, and in general, collect information about your account is not open-source. We maintain the server, and keep all your data safe and sound.
When does it launch?
We’re doing the plumbing now – account subscriptions, a new home page, privacy policies, backup procedures, etc. We’ve recognized that lots of people are anxious to get going and we’re working to get it ready for public use as fast as possible.