This is an article about my philosophy on research. I recently shared all my research notes around blockchain security completely open source on Github, following my presentation on the subject at DerbyCon 2017. This is why I think this should be the future of research, and why I will continue to do so with my own research…
The open source research philosophy
No one person can know everything about any one subject. As the saying goes, “it takes a village”.
Linux is the open source standard that we hold up as the pinnacle of accomplishment in the field, with thousands of contributors and users. But it’s not the only example. There are entire programming languages built open source. The container management system is almost entirely open source, with projects like Kubernetes and Moby (formerly Docker) showing huge levels of success and equally substantial levels of contribution from the community! All it takes is one look at the trending projects on GitHub and you can see just how much of an impact open source has had on our world today.
I believe this same philosophy that has elevated software to where it is today can and should be applied to research as well.
In security we talk about “shifting to the left”, which basically means that we should be moving security processes earlier into the development life cycle. I believe the same idea needs to be applied to research as well. By moving collaboration earlier in the research cycle, the output at the end of that research is greater than it would have been if developed in isolation.
If we seek to truly understand something, it must be together.
I may know a few things about security, but I’m not an expert in everything (hint: no one is). But if I combine my knowledge in a few areas of security with someone else’s knowledge in other areas, we come out stronger together, with a greater understanding of security as a whole than we ever had in isolation.
This is what I hope to accomplish by publishing all my research open source- a greater body of knowledge that benefits everyone, built up by a community rather than in isolation.
Call to action
If you see something broken, fix it through a pull request! (Here’s a great guide on contributing to open source projects: https://opensource.guide/how-to-contribute/)