Thanks to Geffy, I've been able to start using Subversion to manage my source code - this little blog may not seem like much, but with its MVC structure, is composed of over 50 PHP and JavaScript files.

As part of this, you can now access the source code using the Collaboa tool. Obviously, things such as usernames and passwords have been removed; but the potential for finding logic flaws still remains. I won't pretend I understood everything in the book (Ok - probably about 5%), but a paragraph from Bruce Schneier's Applied Cryptography sticks in my mind:

"If I take a letter, lock it in a safe, hide the safe somewhere in New York, and then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism--and you still can't open the safe and read the letter, that's security."