[eeZi]

His point is that a properly built proprietary product is better than a hacked together open source project.

Active and transparent patching does not improve the code quality.

[melted]

How do you know a proprietary product is "properly built"?

[jospoortvliet]

Especially considering, unlike those proprietary products, our open source product and the engineers we pay to work on it are under constant and public scrutiny thanks to availability of the source.

Honestly, I think you should not even consider trusting a proprietary product with your most important private data. There's no guarantee it isn't full of back doors and you can't audit the code or pay somebody to do it - some companies would even sue you if you try (see the Oracle debacle some weeks ago).

[eeZi]

I don't agree with him, I just understand his point. Actually, I wouldn't really trust either product at this point - there have been too many vulnerabilities in OwnCloud for my taste, but buying a proprietary application is not an alternative either for my personal use.

[jospoortvliet]

https://www.youtube.com/watch?v=iUMsPppwIH4&index=5&list=PLt... might bring some confidence. We hear from other security experts that we're considered an example in how we handle security.