Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

2

what about SorryOpenERP.com?

v7
By
gunnar
on 7/15/13, 2:04 AM 2,872 views

I just got aware of a website called www.sorryopenerp.com which makes OpenERP not look too good. At fist sight the most vulnerable points being

  1. OE transmits infos about your database to the OpenERP.com servers constantly (which might be considered as behavior of spyware).
  2. it is called to be not stable (due to being updated all the time still with the risk of not working as planned after that.)
  3. something called floating point calculation (which as I understand can lead to calculation errors easily)

not sure whether this is a marketing attack by SAP or anything to worry about. Would be interesting to hear some opinions about this here.Due to lack of expertise I can't really verify all this so I'd like to hear what you people think.And maybe also what the company OpenERP thinks.

The authors of the campaign are related to the Tryton fork: it used to include a page explaining the advantages of Tryton over OpenERP, but it's been taken out from the site now. However, it's not sponsored by the Tryton Foundation, as stated in the site's disclaimer. Probably it's just a bad taste joke.

Daniel Reis
on 7/15/13, 5:46 AM

if you see this as a bad joke I assume you don't agree. So would you say the 3 examples I have posted here are not true (for example OE submitting information to OpenERP servers)? And somebody who is frustrated just spreads some lies to destroy OE reputation? I have never seen such in the opensource world till today though. Unless maybe one would be very frustrated about a company using the label opensource to disguise it's real (evil) intentions. Of course there can be just crazy people out there ... would you categorize this as that ... 'some crazy or frustrated guy letting go his anger'?

gunnar
on 7/15/13, 6:33 AM
2

Grover Menacho

--Grover Menacho--
2523
| 5 7 8
La Paz, Bolivia
--Grover Menacho--

Systems Engineer + MBA

Grover Menacho
On 7/15/13, 2:17 AM

If it's an attack or not finally that doesn't matter, everything has pro and cons. Finally if you don't like how it works you just don't use it.

I think that it's only something that show the cons, the system is not perfect, but as opensource you can fix it to make what you want.

Finding problems is not really important, the important part is trying to find solutions to that problems.

I agree everything has pros and cons. And the fact that the sorry openerp campaign is anonymous doesn't really let you take it for 100%. But even if the issues are true for 50% there would be much in it to let you step away from implementing OE though. Especially the transmission of data without consent of the user is something I think is not tolerable. Ubuntu (another company driven open source project) does it too by the way (unitys lense).

gunnar
on 7/15/13, 3:36 AM

At the moment I didn't see a code that is allowed to send my info to OpenERP servers. Maybe there are, i'll need to check it. At first I though that it was a revenge because in the past sorrysap.com was against sap too and it was controlled by OpenERP founder. http://v6.openerp.com/node/1291

GH Mediacloud, Grover Menacho
on 7/15/13, 11:05 AM

hi Gover, this link should be where the code is https://bazaar.launchpad.net/~openerp/openobject-addons/trunk/view/head:/mail/update.py#L31

gunnar
on 7/16/13, 1:42 AM

http://help.openerp.com/question/23304/worried-about-the-sorryopenerp-campaign/

Rohit Pawar
on 7/18/13, 8:58 AM
1
User
On 7/15/13, 9:04 PM

It isn't anonymous.

The whois information shows it is by openlabs - an ex-partner of OpenERP.

See

http ://openlabs.co.in/article/sorry-openerp-campaign-official-statement

http ://openlabs.co.in/article/why-openlabs-not-open-erp-partner

Very interesting that 'employees' of a company who's website states "Openlabs is an active member of the openerp community, and reputed for its deep understanding of the framework and offers development, customisation, & support services" is involved in such a discrediting campaign.

Seems they want the work that comes with being an 'active member of the OpenERP community' but also want to spread FUDD about OpenERP.

It is a bad choice for ANY company to engage in such tactics - whether OpenERP for 'sorry sap' or OpenLabs employees for 'sorry openerp'.

Why not just stand on your strengths?

ok, so we have an idea where it comes from. But that does not give us any idea how reasonable the allegations are or not. I think the campaign starters have choosen a bad form by being so openly unfriendly. Because it makes it somewhat easy to discredit them as just some madheads throwing mud. I think it would be interesting to look behind that and deal with the facts they present (OpenERP S.A. might see it as 'so called facts' maybe), but if the allegations are (or at least in part) not correct it should be easy to disprove them.

gunnar
on 7/16/13, 5:56 AM

It's open source, all the code is there. If there was any major issues, I'd guarantee the other companies or partners would have something to say. Like I said, yes the passwords are plaintext, but there is a module for that. Let's face it, something like OpenERP should never be exposed to the internet without proper security checks first and a lot of testing. If anyone just installs any software, exposes it to the internet without any checks or testing first are just foolish anyway.

dave ellis
on 7/16/13, 8:04 AM
gunnar
on 7/16/13, 8:56 AM

I think the more interesting discussion is going on here: http://help.openerp.com/question/23304/worried-about-the-sorryopenerp-campaign/

Rohit Pawar
on 7/18/13, 8:58 AM
0
dave ellis
On 7/15/13, 5:41 AM

The only valid areas that bothered me initially was the plain text passwords for users. Meaning that if your database was hacked, you would have all your users passwords available in plaintext. But with one module, you can hash or encrpyt. I am not sure which they use in OpenERP.

Just needs the person installing to be prompted if they want their user account passwords encrpyting and the pros / cons of doing so. Otherwise people may expose an install to the internet, which I would say is not secure.

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

5 follower(s)

Stats

Asked: 7/15/13, 2:04 AM
Seen: 2872 times
Last updated: 3/16/15, 8:10 AM