I am starting a distribution that will have bespoke applications as part of it. They will be social applications. Would I be right in my thinking that closed source would add a hurdle to any would be hacking?

Also, a broader question. When I persue application developers to produce these applications. Should I only chose developers that have some idea of security measures? I was thinking I'd only have to pay a once of payment. Now the more I think about hacking I have to think of retaining a developer. I'm not sure how to budget for that.

Edit: Apologies. Wrong forum. Should be in Security. Mods please move if possible.

Hacking, as in modifying the code? Yes, closing the source would be a barrier for modifications in general. So doing that will also hinder improvement.

If you mean as in adding "security", no, that would actually reduce security (confidentiality, availability, integrity) by preventing proper peer review and coordinated development. That is really an old topic that was done and settled back in the 1990s. So were other forms of security through obscurity.

What is your real reason for asking it now?

Confidentiality, availability, and integrity are not a destination, but a continuous process. That's cliche, but in general keeping it simple as possible, removing compex and / or extraneous parts will go a long way in that direction. Also, coding style matters. Clean, easy-to-read code will get you further in that direction, too. An additional reason for requiring clean, easy-to-read code is that code is read many more times than it is written or even modified so an investment in writting it cearly in the beginning will pay for itself many times over during the life of the code base.

Thanks. That's clear enough.

Oh. I went to a website after a google search and gave me lots of imformation that was of no use to me. If it was'nt for that I wouldnt have botherd with the second question at all.