|
gigabytecoin (OP)
|
 |
May 08, 2011, 07:27:23 PM |
|
Would be updating automatically, or at least informing the user that a new version of the Bitcoin client is available.
FileZilla, VLC, uTorrent, and many other open source projects do this quite nicely. Could we simply borrow their code?
Would bitcoin's decentralized nature might make this a bit more difficult?
Nobody would feel comfortable associating just one domain name with the "update notification" code I doubt, it would be too simple of an attack vector. Perhaps once we get the bitDNS and/or namecoin setup...
|
|
|
|
|
|
Matt Corallo
|
|
May 08, 2011, 07:29:23 PM |
|
Would be updating automatically, or at least informing the user that a new version is available.
FileZilla, VLC, uTorrent, and many other open source projects do this quite nicely. Could we simply borrow their code?
Would bitcoin's decentralized nature might make this a bit more difficult?
Nobody would feel comfortable associating just one domain name with the "update notification" code I doubt, it would be too simple of an attack vector. Perhaps once we get the bitDNS and/or namecoin setup...
The new distribution/download script devrandom is working on for gitian and bitcoin 0.4.0 should be able to handle such things in a couple version out. It also solves the trust issue as it requires a certain number of trusted developers to sign a new release after building it themselves deterministically before it will download and install the new version. |
|
|
|
|
BitterTea
|
|
May 08, 2011, 07:31:46 PM |
|
I strongly disagree. (on topic to another thread: does that make me an extremist?)
Automatic updating is merely yet another attack vector. I highly doubt it could be made secure. Is there any other money handling software that automatically updates?
|
|
|
|
|
|
Matt Corallo
|
|
May 08, 2011, 07:34:02 PM |
|
Automatic updating is merely yet another attack vector. I highly doubt it could be made secure. Is there any other money handling software that automatically updates?
How could you exploit a system which requires developers to sign the results with gpg? You'd have to steal the gpg keys of multiple developers. |
|
|
|
|
Garrett Burgwardt
|
|
May 08, 2011, 07:35:15 PM |
|
People should have to think about the things being added or changed in a new version so that the core of bitcoin isn't changed.
|
|
|
|
|
|
Matt Corallo
|
|
May 08, 2011, 07:39:55 PM |
|
People should have to think about the things being added or changed in a new version so that the core of bitcoin isn't changed.
That is the point of distributed signatures. Developers who are trusted by the community put their stamp of approval on changes. Any interested users can obviously still watch the changes and chose for themselves but, lets face it, 99% of users just don't care. Many of the changes are changes in tx requirements for mining and other small things that no one but small groups care about anyway. |
|
|
|
genjix
Legendary
 Offline
Activity: 1232
Merit: 1076
|
|
May 08, 2011, 08:16:46 PM |
|
apt-get
|
|
|
|
|
|
Matt Corallo
|
|
May 08, 2011, 08:19:52 PM |
|
apt-get
Have fun getting that to work while we are still on wx 2.9. Plus the recommended package will be the downloaded which checks trust on binaries before they are distributed (instead of the bitcoin binary itself). |
|
|
|
HostFat
Staff
Legendary
Offline
Activity: 4270
Merit: 1209
I support freedom of choice
|
|
May 08, 2011, 08:23:13 PM |
|
|
|
|
|
|
BitterTea
|
|
May 08, 2011, 10:53:28 PM |
|
Automatic updating is merely yet another attack vector. I highly doubt it could be made secure. Is there any other money handling software that automatically updates?
How could you exploit a system which requires developers to sign the results with gpg? You'd have to steal the gpg keys of multiple developers. I responded before I saw your post. Do you have details on the implementation you describe? |
|
|
|
|
|
gigabytecoin (OP)
|
|
May 09, 2011, 04:14:32 AM |
|
I just thought of a potential problem the open sourced bitcoin community might face... How many people currently have to "ok" a release? What if tomorrow the value of BTC jumped up to $100,000 USD/BTC and Gavin decided he now wanted to "round" every transaction down and send the remainder to his own account (like the plot from "office space"). No offense to Gavin, but most everybody has their price.  |
|
|
|
|
njloof
Member
Offline
Activity: 73
Merit: 10
|
|
May 09, 2011, 05:35:00 AM |
|
What if tomorrow the value of BTC jumped up to $100,000 USD/BTC and Gavin decided he now wanted to "round" every transaction down and send the remainder to his own account (like the plot from "office space").
OK, but the transaction record is public. That hack would make for some interesting reading on blockexplorer.com. |
|
|
|
|
|
gigabytecoin (OP)
|
|
May 09, 2011, 05:52:02 AM |
|
What if tomorrow the value of BTC jumped up to $100,000 USD/BTC and Gavin decided he now wanted to "round" every transaction down and send the remainder to his own account (like the plot from "office space").
OK, but the transaction record is public. That hack would make for some interesting reading on blockexplorer.com. Sure, but the damage would have already been done. One could (in theory, if (s)he were in charge of releases)... 1) Round up (or even direct the entire transaction amount) to his/her bitcoin address. 2) Sell as many bitcoins as they possibly could on any/every market within 24 hours. 3) (OPTIONAL) DDOS the bitcoin.org forums for another few days until their payments came through. As of right now, that person could probably steal a few hundred thousand USD. In the not too distant future, that person could feasibly steal millions of dollars, in less than a day... I regrettably imagine that there are already some people with similar plans. |
|
|
|
|
|
wumpus
|
|
May 09, 2011, 06:29:48 AM |
|
I don't agree. The agency managing the automatic updates can instantly transform the network into whatever they want. They would be pretty much like the Fed.
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts. |
|
|
HostFat
Staff
Legendary
Offline
Activity: 4270
Merit: 1209
I support freedom of choice
|
|
May 09, 2011, 06:43:14 AM |
|
Anyway, every p2p network works better if it has every clients updated  |
|
|
|
|
Matt Corallo
|
|
May 09, 2011, 08:56:04 AM |
|
I responded before I saw your post. Do you have details on the implementation you describe?
Current build instructions are at https://gist.github.com/806265. The download/install/etc script is still a WIP, but you'd have to ask devrandom for more details on that. Current signed copy of 0.3.21 is available on request (signatures in bitcoin-release repository of devrandom on github). |
|
|
|
|
BitterTea
|
|
May 09, 2011, 02:01:41 PM |
|
Well, I am not opposed to an automatic update system as long as all of the current developers agree that there aren't any security concerns, it is optional, and the user is prompted to update.
|
|
|
|
|
|
M4v3R
|
|
May 09, 2011, 03:22:57 PM |
|
Google Chrome auto-updates without user knowing, and while many would argue that's a privacy breach, etc. etc. blah blah blah, no one can argue that Chrome has most up-to-date installs from all browsers. And because Bitcoin handles money, in my opinion it SHOULD auto-update in this manner, because if (when) we discover a hole in the protocol/client, it can take ages before everybody updates to new version.
Of course it could be done in way that an experienced user could turn it off, and there also could be stable and dev channels, just like Chrome does.
|
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5376
Merit: 13399
|
|
May 14, 2011, 05:24:47 AM |
|
Automatic updates make things way too centralized, IMO.
Gavin should have an alert key, though, and an alert should be issued for every new version.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
kiba
Legendary
Offline
Activity: 980
Merit: 1020
|
|
May 14, 2011, 06:42:17 AM |
|
Google Chrome auto-updates without user knowing, and while many would argue that's a privacy breach, etc. etc. blah blah blah, no one can argue that Chrome has most up-to-date installs from all browsers. And because Bitcoin handles money, in my opinion it SHOULD auto-update in this manner, because if (when) we discover a hole in the protocol/client, it can take ages before everybody updates to new version.
Of course it could be done in way that an experienced user could turn it off, and there also could be stable and dev channels, just like Chrome does.
Right...so: 1. Outdated clients are potential attack vector. 2. Somebody mimicking Gavin is also an attack vector. |
|
|
|
|
