Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It would only make sense to open source something like that if people would actually go work on it. There may be lots of security flaws in the system but it's not guaranteed that open sourcing it will result in a fast fix from the community. This isn't OpenSSL.

A better approach might be to just budget for and pay a team of good developers a market wage to make it better.



The logic is different: if public money paid for the code, the code shoupd be public.

So paid developers work on, but the end result is publically avaliable.


I see, that's fair.


That's exactly my thinking.


To be fair OpenSSL was mostly ignored by industry and the community until heartbleed.

“At the time of the Heartbleed attack, the OpenSSL website listed just 15 active developers, most of whom contributed to the project on a volunteer basis. But not all changes to the OpenSSL software are written by these 15 people. Rather, these developers help to filter and organize suggested changes from a larger community of people who make occasional contributions.”

https://www.vox.com/2014/6/19/18076318/heartbleed

If you want the government to have more competitive Federal salaries for developers then write your Senators.

As a note, I’ve seen some truly awful software written by highly paid devs, so, just paying more won’t necessarily fix the problem.


> As a note, I’ve seen some truly awful software written by highly paid devs, so, just paying more won’t necessarily fix the problem.

High pay is necessary, but not sufficient.

With high pay, you MAY get a good product — if you attract competent people on all levels.

With low pay, the mind-numbing godawfulness of the end result, if it's ever delivered, is practically guaranteed.


Sometimes, the high pay is to offset the terrible nature of the work, not to attract better developers, e.g. having to work on the terrible ad-hoc, micro-managed code of many previous devs.


https://www.gov.uk/ is substantially if not entirely open-source, and this appears to have had benefits above and beyond "community contributions".

[ EDIT ] And, contra to your apparent contrasting of "open source" and "paid developers", gov.uk is both.


Re: your edit, I am also baffled by this idea that open source and paid developers cannot exist.

In this case it's the government which technically doesn't have to actually make money (budgets, tho), but it can work in non-governmental situations too. Maybe via consulting/support on the technology, grants/donations (OpenSSL, now), maybe just making it open to foster contributions and long-term maintenance[0]. Maybe the actual software isn't the company's main focus and open-sourcing the code is just a way of ensuring accountability and quality. IME, people are actually far more conscientious when they know they code/docs could be read by anyone for all time... even if it probably won't.

[0] I'll grant that this is probably quite rare. That's not the point... the point is that there are many potential reasons for open-sourcing.


While it is true that there are more developers paid to work on proprietary software than on open source, there are lots of open source paid jobs out there. Some are listed on the FOSSjobs site and resources wiki. There are also a number of them in the monthly "Who is hiring?" threads here on HN.

https://www.fossjobs.net/ https://github.com/fossjobs/fossjobs/wiki/Resources




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: