Dashlane Publishes Its Source Code To GitHub In Transparency Push
Saturday February 4, 2023. 02:25 AM , from Slashdot
Password management company Dashlane has made its mobile app code available on GitHub for public perusal, a first step it says in a broader push to make its platform more transparent. TechCrunch reports: The Dashlane Android app code is available now alongside the iOS incarnation, though it also appears to include the codebase for its Apple Watch and Mac apps even though Dashlane hasn't specifically announced that. The company said that it eventually plans to make the code for its web extension available on GitHub too. Initially, Dashlane said that it was planning to make its codebase 'fully open source,' but in response to a handful of questions posed by TechCrunch, it appears that won't in fact be the case.
At first, the code will be open for auditing purposes only, but in the future it may start accepting contributions too --' however, there is no suggestion that it will go all-in and allow the public to fork or otherwise re-use the code in their own applications. Dashlane has released the code under a Creative Commons Attribution-NonCommercial 4.0 license, which technically means that users are allowed to copy, share and build upon the codebase so long as it's for non-commercial purposes. However, the company said that it has stripped out some key elements from its release, effectively hamstringing what third-party developers are able to do with the code.
'The main benefit of making this code public is that anyone can audit the code and understand how we build the Dashlane mobile application,' the company wrote. 'Customers and the curious can also explore the algorithms and logic behind password management software in general. In addition, business customers, or those who may be interested, can better meet compliance requirements by being able to review our code.' On top of that, the company says that a benefit of releasing its code is to perhaps draw-in technical talent, who can inspect the code prior to an interview and perhaps share some ideas on how things could be improved. Moreover, so-called 'white-hat hackers' will now be better equipped to earn bug bounties. 'Transparency and trust are part of our company values, and we strive to reflect those values in everything we do,' Dashlane continued. 'We hope that being transparent about our code base will increase the trust customers have in our product.'
Read more of this story at Slashdot.
Mar, Tue 28 - 18:03 CEST