Jump to content
Jaspreet Singh

Open Sourcing Enpass

Recommended Posts

Hello @Jaspreet Singh,

Thanks for sharing your thoughts and writing in. At the moment we don't have plans to open source code of Enpass.

We do keep discussing about the Enterprise edition and various possible scenarios for that (online vs offline) and it would be great for us to have your inputs on the same as a user.

Cheers!

Share this post


Link to post
Share on other sites

I'd like to know what you, Jespreet, expects the benefits of this to be.

A lot of people misunderstand "open source" to mean free, which is of course wrong. Open source software can be free, but it doesn't have to be. One isn't related to the other. More importantly, asking people to give away their hard work for nothing is a bit brash. On the other hand, open sourcing Enpass can make a lot of sense if the idea is to allow anyone who has the technical skills to audit the software, thereby giving Enpass' security related claims a "community approved" stamp. Besides actually making Enpass more secure, this can also be used as a marketing instrument.

I'd vote for this request if the idea is about community auditing, and strictly against it if it's the first (I want the people behind my security solutions to be well funded). Can't say where I stand if the idea is something else.

Anyway, I think the post should describe what the idea behind it is. Just asking for "open source" isn't really enough IMHO.

Edited by Unsay
  • Like 2

Share this post


Link to post
Share on other sites

Hey @Hemant Kumar 

Thx for writing back. Let me float a raw idea, where you can split the application into core and UI. Now core part is opensource and you keep the UI closed source.

Core:

  • Database
  • Encryption code
  • Authentication (Most important: This should pop up UI to enter master password and grant temporary access to UI without revealing master password)

Let me know if you get the gist; ping me back if something is unclear

Thx

 

Hey @Unsay

Never asked to make it free.

I hope @Hemant Kumar makes allot of money B|B|B|

thx

  • Like 1

Share this post


Link to post
Share on other sites

Hi @Jaspreet Singh,

Core part of Enpass is already open source. We use SQLCipher as our database and it in turns uses OpenSSL crypto library for encryption. Both SQLCipher and OpenSSL are open source. Enpass is only a UI that triggers core SQLCipher operations and provides functionality to enhance user experience using platform specific apis (Fingerprint etc.). Following links might be helpful 

https://github.com/sqlcipher/sqlcipher

https://www.enpass.io/security/

Cheers!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...