I just got aware of a website called www.sorryopenerp.com which makes OpenERP not look too good. At fist sight the most vulnerable points being
- OE transmits infos about your database to the OpenERP.com servers constantly (which might be considered as behavior of spyware).
- it is called to be not stable (due to being updated all the time still with the risk of not working as planned after that.)
- something called floating point calculation (which as I understand can lead to calculation errors easily)
not sure whether this is a marketing attack by SAP or anything to worry about. Would be interesting to hear some opinions about this here.Due to lack of expertise I can't really verify all this so I'd like to hear what you people think.And maybe also what the company OpenERP thinks.
If it's an attack or not finally that doesn't matter, everything has pro and cons. Finally if you don't like how it works you just don't use it.
I think that it's only something that show the cons, the system is not perfect, but as opensource you can fix it to make what you want.
Finding problems is not really important, the important part is trying to find solutions to that problems.
It isn't anonymous.
The whois information shows it is by openlabs - an ex-partner of OpenERP.
Very interesting that 'employees' of a company who's website states "Openlabs is an active member of the openerp community, and reputed for its deep understanding of the framework and offers development, customisation, & support services" is involved in such a discrediting campaign.
Seems they want the work that comes with being an 'active member of the OpenERP community' but also want to spread FUDD about OpenERP.
It is a bad choice for ANY company to engage in such tactics - whether OpenERP for 'sorry sap' or OpenLabs employees for 'sorry openerp'.
Why not just stand on your strengths?
The only valid areas that bothered me initially was the plain text passwords for users. Meaning that if your database was hacked, you would have all your users passwords available in plaintext. But with one module, you can hash or encrpyt. I am not sure which they use in OpenERP.
Just needs the person installing to be prompted if they want their user account passwords encrpyting and the pros / cons of doing so. Otherwise people may expose an install to the internet, which I would say is not secure.
Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!
About This Community
|Asked: 7/15/13, 2:04 AM|
|Seen: 2864 times|
|Last updated: 3/16/15, 8:10 AM|