swartzfeger
|
|
January 02, 2014, 09:24:27 AM |
|
One thing that hasn't been mentioned (I don't think), how are we going to vet/verify future client downloads?
As much as I don't share some users' level of conviction when it comes to user adoption vs. difficulty (I think this is rickyjames point), regular users having to worry about 1) brain wallet, 2) clunky client installer PLUS having to verify SHA256 for every update might drive people away.
|
|
|
|
landomata
Legendary
Offline
Activity: 2184
Merit: 1000
|
|
January 02, 2014, 09:28:11 AM |
|
One thing that hasn't been mentioned (I don't think), how are we going to vet/verify future client downloads?
As much as I don't share some users' level of conviction when it comes to user adoption vs. difficulty (I think this is rickyjames point), regular users having to worry about 1) brain wallet, 2) clunky client installer PLUS having to verify SHA256 for every update might drive people away.
I also think a permanent solution should be found for the above issues.
|
|
|
|
BitThink
Legendary
Offline
Activity: 882
Merit: 1000
|
|
January 02, 2014, 09:31:29 AM |
|
One thing that hasn't been mentioned (I don't think), how are we going to vet/verify future client downloads?
As much as I don't share some users' level of conviction when it comes to user adoption vs. difficulty (I think this is rickyjames point), regular users having to worry about 1) brain wallet, 2) clunky client installer PLUS having to verify SHA256 for every update might drive people away.
I also think a permanent solution should be found the above issues. To be honest, if the quality of software and all the ecosystem does not improve significantly, people will go away very soon. Now I guess most people here are attracted by the insanely fast growing price. Once it is stabilized, we will see more and more complains about the user experience. For example, could you imagine an organization having millions of dollars does not have a reliable downloading service for frequent software upgrading? Is it so expensive to get a reliable VPS and setup a downloading server, or simply as a temporary solution just pay dropbox to get an official account with larger bandwidth?
|
|
|
|
bitcoinpaul
|
|
January 02, 2014, 09:34:05 AM |
|
Fears of downloading a hacked client are true for every cryptocurrency.
But we can do better!
|
|
|
|
CoinBuzz
|
|
January 02, 2014, 09:35:52 AM |
|
Guys, i was away from NXT for some times.
What did happened?
Should i do something to my coins or account ?
Any news?
Get the right (!) client 0.4.8 zip file (compare with hash) and transfer your coins to a newly generated account asap. From where? what happened ?
|
|
|
|
ImmortAlex
|
|
January 02, 2014, 09:36:11 AM |
|
46.19.137.116 NRS (0.4.9e) @ NCC-1701-D Jean-Luc?
|
|
|
|
NxtChoice
|
|
January 02, 2014, 09:36:24 AM |
|
The first good news is that my Raspberry Pi node ran more than 20 hours without crashing, but the second not so good news is that it seems that the unlocked account disappeared. I unlocked two accounts to forge and confirmed from the API "getState" that the numberOfUsers was 2, however now the numberOfUsers was 0. What's the problem? BTW, one account earned 1 Nxt.
|
|
|
|
BitThink
Legendary
Offline
Activity: 882
Merit: 1000
|
|
January 02, 2014, 09:37:26 AM |
|
One thing that hasn't been mentioned (I don't think), how are we going to vet/verify future client downloads?
As much as I don't share some users' level of conviction when it comes to user adoption vs. difficulty (I think this is rickyjames point), regular users having to worry about 1) brain wallet, 2) clunky client installer PLUS having to verify SHA256 for every update might drive people away.
I also think a permanent solution should be found the above issues. To be honest, if the quality of software and all the ecosystem does not improve significantly, people will go away very soon. Now I guess most people here are attracted by the insanely fast growing price. Once it is stabled, we will see more and more complains about the user experience. Fears of downloading a hacked client are true for every cryptocurrency. As a currency with cap more than 1 million, I don't think setting up a dedicate server for downloading is too expensive to be feasible.
|
|
|
|
|
wesleyh
|
|
January 02, 2014, 09:39:38 AM |
|
I've sent them an email, perhaps others can do the same.
I believe the hoster won't tell u the name of the guy. The victims could report this case to the police, just to see what the result will be. At least it should get shut down.
|
|
|
|
landomata
Legendary
Offline
Activity: 2184
Merit: 1000
|
|
January 02, 2014, 09:43:00 AM |
|
As a currency with cap more than 1 million, I don't think setting up a dedicate server for downloading is too expensive to be feasible.
Auto update clients direct from the blockchain...this was planned from the beginning...lets just expedite the roll out.
|
|
|
|
swartzfeger
|
|
January 02, 2014, 09:45:44 AM |
|
To be honest, if the quality of software and all the ecosystem does not improve significantly, people will go away very soon. Now I guess most people here are attracted by the insanely fast growing price. Once it is stabilized, we will see more and more complains about the user experience.
I didn't intend my post to be a cry of 'the sky is falling' (nor do I think you're saying that). I don't think the situation is dire, or even serious -- the way the community came together was awesome. Nexern's client should be here soon, development appears to be going well on all fronts -- things seem to be looking up. Heck, NXT took a tumble after December 26 but the interest here grew. I'm as optimistic as ever. Still... I don't want to have to fuck with hash checks with every update. At all. There's no openssl gui for OS X (that I know of), and having to head to the terminal every time I download... ok, who am I kidding, I'll do it, but regular users? We don't want to check our cars for hidden GPS trackers, or bombs, or cut break lines every time we want to drive. Get in, turn the key, go.
|
|
|
|
mcjavar
|
|
January 02, 2014, 09:47:58 AM |
|
As a currency with cap more than 1 million, I don't think setting up a dedicate server for downloading is too expensive to be feasible.
Auto update clients direct from the blockchain...this was planned from the beginning...lets just expedite the roll out. C-f-B?
|
|
|
|
wesleyh
|
|
January 02, 2014, 09:50:06 AM |
|
To be honest, if the quality of software and all the ecosystem does not improve significantly, people will go away very soon. Now I guess most people here are attracted by the insanely fast growing price. Once it is stabilized, we will see more and more complains about the user experience.
I didn't intend my post to be a cry of 'the sky is falling' (nor do I think you're saying that). I don't think the situation is dire, or even serious -- the way the community came together was awesome. Nexern's client should be here soon, development appears to be going well on all fronts -- things seem to be looking up. Heck, NXT took a tumble after December 26 but the interest here grew. I'm as optimistic as ever. Still... I don't want to have to fuck with hash checks with every update. At all. There's no openssl gui for OS X (that I know of), and having to head to the terminal every time I download... ok, who am I kidding, I'll do it, but regular users? We don't want to check our cars for hidden GPS trackers, or bombs, or cut break lines every time we want to drive. Get in, turn the key, go. There's a free utility called "hash-drop" find it in the mac app store. For my auto-updating mac app client, I'll also be adding functionality to check the sha256 before it's installed.
|
|
|
|
S3MKi
Legendary
Offline
Activity: 1540
Merit: 1016
|
|
January 02, 2014, 09:51:02 AM |
|
will source code publish tomorrow?
|
|
|
|
EvilDave
|
|
January 02, 2014, 09:51:35 AM |
|
EpicThomas <> EvilDave, sorry my error, just was confused by a screen where EpicThomas quotes the EvilDave message.
No problem, sent u a PM to say no hard feelings. BTW, just need to say in public how impressed I am by the speedy and effective response of the NXT community to this issue. Good work, guys ! Onwards and upwards.....
|
|
|
|
wesleyh
|
|
January 02, 2014, 09:52:59 AM |
|
@ CFB - is there a maximum limit for a password? Could I use a 1024 character pass for example? (random data)
|
|
|
|
|
BitThink
Legendary
Offline
Activity: 882
Merit: 1000
|
|
January 02, 2014, 09:53:21 AM |
|
Fears of downloading a hacked client are true for every cryptocurrency.
As a currency with cap more than 1 million, I don't think setting up a dedicate server for downloading is too expensive to be feasible. Let us assume that the dedicated server for downloading the latest client is in place... wouldn't/shouldn't you still run the checksum comparisons to be safe? What I am trying to say is that the requirement/suggestion that NXT users become familiar with security guidelines SHOULD NOT be considered a negative aspect of NXT. Yes, you are right. It's still safer to check it every time, but the point is if we downloaded a fake client from the official website, we know where to complain and who needs to be blamed. Now the file is scattered everywhere and no one can be trusted.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 02, 2014, 09:54:20 AM |
|
As a currency with cap more than 1 million, I don't think setting up a dedicate server for downloading is too expensive to be feasible.
Auto update clients direct from the blockchain...this was planned from the beginning...lets just expedite the roll out. C-f-B? Aye, it was planned. But now my team doesn't work on the client anymore. Other client devs should decide where to store client binaries.
|
|
|
|
|