Title: Auto update Post by: ilovebitcoin on August 20, 2010, 03:23:00 PM Since there can be important security updates and a lot of people don't check the site, the Bitcoin client should have an optional auto-updater (on by default), with "how often?" options ranging from each five minutes to each day and an option to install without asking (only security updates or all updates?)
Title: Re: Auto update Post by: jgarzik on August 20, 2010, 06:59:03 PM +1, updating from existing clients would be a useful feature. Title: Re: Auto update Post by: MoonShadow on August 20, 2010, 07:24:14 PM Since there can be important security updates and a lot of people don't check the site, the Bitcoin client should have an optional auto-updater (on by default), with "how often?" options ranging from each five minutes to each day and an option to install without asking (only security updates or all updates?) I can see this as a security risk if the updater were able to be set to automatic. Invariablely, some users will disregard the risks in the ongoing absolute trust of a particular server, and enough might be able to break the system if some cracker were to be able to compromise that trusted server and replace the client download with a compromised client with malware. Even if that only lasted for a short time. If the client were to ever include an update notification function, I disagree that it should *ever* update without user verification. Even a normal client modified to send a copy of your wallet.dat file to a particular email address would screw a lot of people over in a hurry. Title: Re: Auto update Post by: aceat64 on August 20, 2010, 07:47:18 PM I agree with creighto, I think at most the client should give a notification that there is a new version available, but I don't like the idea of auto-updating.
Title: Auto update Post by: ilovebitcoin on August 20, 2010, 07:49:47 PM I was thinking of automatic updating being off by default (but checking being on by default). Update user verification is useless for me because I always click yes - It's rare that the update server is being played with, but even if it were, I would not be able to tell.
How about using TLS for authenticating the update server? Title: Re: Auto update Post by: kiba on August 20, 2010, 07:51:53 PM I agree with creighto, I think at most the client should give a notification that there is a new version available, but I don't like the idea of auto-updating. People who don't download and install update is at a security risk. There will be many more security risk incurred from outdated clients than there are in an unlikely hacking attack. It's a tradeoff. Title: Re: Auto update Post by: jgarzik on August 20, 2010, 08:25:11 PM I can see this as a security risk if the updater were able to be set to automatic. Invariablely, some users will disregard the risks in the ongoing absolute trust of a particular server, and enough might be able to break the system if some cracker were to be able to compromise that trusted server and replace the client download with a compromised client with malware. Even if that only lasted for a short time. That's why crypto-signed updates have existed in software systems for over a decade. You don't need to trust the server, if you have a public key stored locally. Fedora, Ubuntu, Debian etc. sign all their binary software packages with GPG, as an example. Eventually bitcoin will catch up with the times :) Even without auto-updates, this is a serious vulnerability with the packages on bitcoin.org (http://www.bitcoin.org/). Posting SHA1 sums is useless without a cryptographic signature of some sort. Title: Re: Auto update Post by: ilovebitcoin on August 20, 2010, 08:56:36 PM Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client.
Title: Re: Auto update Post by: Insti on August 20, 2010, 09:22:22 PM Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client. Unless you run Windows. Title: Re: Auto update Post by: MoonShadow on August 20, 2010, 09:31:12 PM Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client. Not without the user's permission. Some packages are not updated automaticly for similar reasons. Title: Re: Auto update Post by: ilovebitcoin on August 20, 2010, 09:40:17 PM Not without the user's permission. Some packages are not updated automaticly for similar reasons. That's easy - just make Bitcoin come with a Debian VM. Title: Re: Auto update Post by: LZ on September 02, 2010, 11:15:43 PM What about storing the update hash in the bitcoin journal?
|