
Open Source Personal Finance Manager - chevreuil
http://seeker89.github.io/cozy-pfm/
======
zx2c4
First OSS PFM?

Really?

[http://skrooge.org/](http://skrooge.org/)
[http://www.gnucash.org/](http://www.gnucash.org/)
[http://kmymoney2.sourceforge.net/](http://kmymoney2.sourceforge.net/) ...

~~~
benibur
all those are desktop applications and don't all get your data back
automatically from your bank...

Here we speak of an open source alternative to Mint, not to Money :-)

~~~
FedRegister
I had a bank that frequently double-charged me for services and threw my
balance below zero. I wouldn't trust their records of what I spent for
anything.

------
Jun8
But I _would_ give my bank credentials to Zuckerberg (say we meet at a
restaurant in Palo Alto and he asks for it). The asymmetry of the situation
means that he will lose much more than the meager amount in my account if he
steals the money. So that questions is rather silly.

I understand that the question really means "give you credentials to
Facebook", where Facebook is proxy to any big company. This is a harder
question, but one that I face often in practice, giving out bank account info,
SSID number, credit card numbers, etc. The answer, evidently (since I and
millions of other people do give this information out) is yes. The above
answer still applies, these companies still stand to lose more than me if this
information leaks or they mismanage it.

In summary, the richer and visible an entity (real or corporate) is the better
I feel about providing sensitive information, if it should be provided. This
means that teh sort of main message used here ("would you give your account
info to") is irrelevant. Being open source is a huge step up, but for the
general public either it doesn't mean much or else is a detriment, since the
thinking is that, if it's open, "hackers" can also see the code and find ways
to exploit it.

So how can a small startup ever compete with large established companies,
since this creates a chicken and egg problem?

~~~
jmathai
I spent the better part of a year and a half on the premise that consumers
care about data ownership. Spoiler alert, they don't. It's a similar concept
in terms of what hackers tend to value.

There is a (small) niche of people that care about this stuff. But I can't
help but feel that we, as hackers, try to communicate why others should care.
Perhaps they should, I don't know. But what I do know is that they don't.

We end up wasting precious time and energy trying to convince someone who
blatantly trusts Facebook that they should not. And we use phrases like "a
company that's business is to sell your data".

I agree completely with you and after having worked at a large company
(Yahoo!) on their security team I can confidently say that your data is safer
with a large company than on some small or even self hosted software.

I'm not trying to convince hackers not to hack. I'm saying to not waste time
convincing the general population. Scratch your itch and find the niche that
actually cares about what you're building and talk their language.

------
jeremysmyth
First? What about [http://www.gnucash.org/](http://www.gnucash.org/) or any of
the others?

~~~
berkut
Missing the "Cloud - based" part I think...

I agree with the idea of a free/open finance manager - definitely when it
connects to the bank through online services.

I wrote a GPL'd finance app for OS X a few years ago, and tried to add online
banking support, but other than OFX HTTP download, there didn't seem to be any
standard specification for it at the time other than screen-scraping, which I
don't think counts, so I didn't bother, given it would be different for each
bank.

Another issue is that my bank would give abbreviated/limited names and
descriptions of the data, which meant that there needed to be a "post import"
step to tidy the data up to make it meaningful which was annoying.

I don't know what the state of things is now...

~~~
FedRegister
The last place I want my personal finance details is in "the cloud".

~~~
lambda
This is an open source project designed to be hosted on one of the "personal
cloud" platforms that you can run yourself on your own hardware, or if you
want, run on a VPS that you trust. That eliminates many of the concerns that
people generally have about "the cloud," while still giving you the
convenience of having it web-accessible from anywhere you want to check it.

~~~
FedRegister
Or I can use X11 forwarding over SSH to access GNUcash from my desktop which
seems a lot safer than hoping that whatever VPS I have on the Internet is
magically secure.

------
RexRollman
Nice but I _really_ dislike the website for this. I don't know if there is a
term for that design but I hope it doesn't become popular.

~~~
pbreit
I might give Zuck my bank credentials but I would have no trust whatsoever in
some random .cc site (whose demo doesn't work).

~~~
benibur
yep, but it is open and you can self host your Cozy. So far you can't say the
same of FB :-)

------
josephagoss
I know this sounds pedantic and distracts from your software, but that's
because the website really distracts. With any service or product, make the
focus on that thing instead of the website taking the limelight, because even
if it works you still steal focus.

------
skimmas
That question that is now left unanswered is: "Do you trust yourself and your
server enough to keep your bank account info?

oh wait... before that... do you trust your own bank? Sometimes I have my
doubts.

------
Procrastes
I was just mulling over this same problem last week. This approach is a big
improvement over giving Mint or Wave (or their scraping partners) my
credentials.

Last I looked GnuCash didn't support any online banking except HCBI (Germany).
So beyond the simple online finance manager functions, maybe it would be worth
thinking of re-purposing this as a banking transaction aggregator that could
feed GnuCash or Ledger or whatever. That would give it a better focus on the
value for me, at least.

What I would really like to see is a startup or open source project that can
sell banks on a standard API with granular OAUTH and drive that difficult
adoption cycle. Something in the spirit of the German HCBI, but built on REST
with the ability to limit an app's access to read-only, get balance and get
transaction options.

------
misnome
Does GnuCash not count?

~~~
brockers
...or kmymoney?

~~~
brockers
...or grisbi?

~~~
benibur
On your desktop, they counted. But in the cloud, as an open alternative to
Mint, they don't :-)

The value here is that you can get your bank informations, aggregated on you
personal server, for free and on a platform you can hack...

------
nilkn
> So, would I give my bank credentials to a company of which business model is
> to sell its user's data?

I think this sentence is poorly written. I'd replace "of which" with "whose"
and "user's" with "users'".

------
rlvesco7
This sounds awesome. I've been looking to build an alternative to Mint, but
getting banking data (in an automated way) has always been a pain. I look
forward to trying it out.

~~~
mason55
Yeah Mint has so many flaws and warts but without the backend integrations it
would be very tough to create a competitor.

There was a good article a couple of years back about why Wesabe lost to
Mint[1], written by one of the Wesabe co-founders. The biggest issue according
to him was that they chose to write their own integrations instead of
partnering with Yodlee.

Since that time, Mint has left the Yodlee platform, but it gave them a first-
mover advantage that no one has been able to overcome.

[1] [http://blog.precipice.org/why-wesabe-lost-to-
mint/](http://blog.precipice.org/why-wesabe-lost-to-mint/)

~~~
smackfu
And Mint was purchased by Intuit, which already had the backend integrations
for years due to Quicken.

~~~
iaskwhy
Keep in mind Mint is somewhat restricted to US. There might be a market for
similar apps for other regions.

------
michaelrhansen
demo link appears to not work - blank screen

~~~
Jake232
Also seeing this.

Google Chrome Version 31.0.1650.57 OS X

------
jiggy2011
I opened the page and saw "Would you give your bank credentials to Mark
Zuckerberg?" and waiting for something to happen. About 10 seconds later I
figured I should try scrolling.

------
forkrulassail
That title is such a lie.

------
Uchikoma
Gnucash comes to mind.

