Maybe the only way to get useful code that starts off secure is to start it open source? That way, even if it takes "forever", there's no profit motive or need to rush into adoption...
I'm trusting for-profit software less and less and less by the decade.
There are open-source videoconferencing solutions floating around on the Internet.
But they don't have the traction of the videochat-as-a-service options because those options have financial incentive to set up servers, configure them, solve those parts of the puzzle for users, make onboarding frictionless, etc.
I'm afraid I don't think open source would be a panacea for this problem, because if there's one thing we've observed from the world of open-source and online software, it's that most users adopting an open-source solution have to become their own sysadmin too, and a lot of otherwise-competent hackers are profoundly bad at the ever-moving arms race that is "hosting a secure software service online." Distributing the security maintenance burden doesn't make it easier to solve.
We could get there if, hypothetically, companies cared enough about security to demand that all the software running on (at least) the client machines and (ideally) the service-provider's servers was open-source so they could trust the security model via an audit by their own eyeballs. Then closed-source operations would lose out in the marketplace to open-source outfits because enterprise would only do business with the open-source ones.
Very much agree. Look at email, a system with far fewer real-time performance demands, excellent fault and outage tolerance, and many excellent open-source mail transfer agents.
What percent of the internet user base runs their own email server? What percent of even news.yc readers do?
Maybe the only way to get useful code that starts off secure is to start it open source? That way, even if it takes "forever", there's no profit motive or need to rush into adoption...
I'm trusting for-profit software less and less and less by the decade.