Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: awesomeami on April 08, 2014, 11:29:01 PM



Title: Is that OpenSSL bug enough for using bitcoin alert?
Post by: awesomeami on April 08, 2014, 11:29:01 PM
https://en.bitcoin.it/wiki/Alerts

Cause I think there are many (I think even 1K users with BTC1 are "many") using bitcoin core 0.9.1 that doesn't read (this forum/reddit daily/are busy right now ...) or understand what is going on.
And if they are unlucky/stupid to have just everything in 1 wallet ...



Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: roslinpl on April 09, 2014, 09:46:04 AM
well I think most of the users who have 0.9.0 read this forum ...

but who knows ;) perhaps they should be warned.


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: turvarya on April 09, 2014, 09:49:52 AM
well I think most of the users who have 0.9.0 read this forum ...

but who knows ;) perhaps they should be warned.
"I think" and "most" are not good keywords, when it Comes to Security ;)

So, in my opinion it is definitly a reason to use the Alert.


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: roslinpl on April 09, 2014, 10:08:41 AM
well I think most of the users who have 0.9.0 read this forum ...

but who knows ;) perhaps they should be warned.
"I think" and "most" are not good keywords, when it Comes to Security ;)

So, in my opinion it is definitly a reason to use the Alert.

So why wont use it? :)  any why  it is not yet done?


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: blacksails on April 09, 2014, 12:20:58 PM
I believe this is a situation where that would be good. I mean, why have the function, just to not use it?
It could save many people from losing their money.


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: escrow.ms on April 09, 2014, 12:30:56 PM
I believe this is a situation where that would be good. I mean, why have the function, just to not use it?
It could save many people from losing their money.

Because it's an indirect exploit, hackers are not going to target individuals they will attack sites/servers etc (Mostly Linux) and alert feature is useless unless they are using alert-notify function and windows IIS is not vulnerable

Correct me If i am wrong.


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: blacksails on April 09, 2014, 12:38:32 PM
I believe this is a situation where that would be good. I mean, why have the function, just to not use it?
It could save many people from losing their money.

Because it's an indirect exploit, hackers are not going to target individuals they will attack sites/servers etc (Mostly Linux) and alert feature is useless unless they are using alert-notify function and windows IIS is not vulnerable

Correct me If i am wrong.
They will probably mainly attack servers, however, there could be attacks against private persons as well.
I assumed that there would come up as a pop up window? I only know about alerts from Litecoin-QT.


Title: Re: Is that OpenSSL bug enough for using bitcoin alert?
Post by: TookDk on April 09, 2014, 12:42:55 PM
I believe this is a situation where that would be good. I mean, why have the function, just to not use it?
It could save many people from losing their money.

Because it's an indirect exploit, hackers are not going to target individuals they will attack sites/servers etc (Mostly Linux) and alert feature is useless unless they are using alert-notify function and windows IIS is not vulnerable

Correct me If i am wrong.
They will probably mainly attack servers, however, there could be attacks against private persons as well.
I assumed that there would come up as a pop up window? I only know about alerts from Litecoin-QT.

doge-qt used the alert when the blockchain forked 1 month ago, the alert said "Upgrade immediately to version 1.6".
Very nice feature (if used).