Topic: Auto update (Read 8283 times)
What about storing the update hash in the bitcoin journal?
Not without the user's permission. Some packages are not updated automaticly for similar reasons.
That's easy - just make Bitcoin come with a Debian VM.
Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client.
Not without the user's permission. Some packages are not updated automaticly for similar reasons.
Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client.
Unless you run Windows.
Also, if someone maintained a package and submitted it to distributions, it would already be auto-updated without the need to build it into the client.
I can see this as a security risk if the updater were able to be set to automatic. Invariablely, some users will disregard the risks in the ongoing absolute trust of a particular server, and enough might be able to break the system if some cracker were to be able to compromise that trusted server and replace the client download with a compromised client with malware. Even if that only lasted for a short time.
That's why crypto-signed updates have existed in software systems for over a decade. You don't need to trust the server, if you have a public key stored locally. Fedora, Ubuntu, Debian etc. sign all their binary software packages with GPG, as an example.
Eventually bitcoin will catch up with the times
Even without auto-updates, this is a serious vulnerability with the packages on bitcoin.org. Posting SHA1 sums is useless without a cryptographic signature of some sort.I agree with creighto, I think at most the client should give a notification that there is a new version available, but I don't like the idea of auto-updating.
People who don't download and install update is at a security risk. There will be many more security risk incurred from outdated clients than there are in an unlikely hacking attack. It's a tradeoff.
I was thinking of automatic updating being off by default (but checking being on by default). Update user verification is useless for me because I always click yes - It's rare that the update server is being played with, but even if it were, I would not be able to tell.
How about using TLS for authenticating the update server?
How about using TLS for authenticating the update server?
I agree with creighto, I think at most the client should give a notification that there is a new version available, but I don't like the idea of auto-updating.
Since there can be important security updates and a lot of people don't check the site, the Bitcoin client should have an optional auto-updater (on by default), with "how often?" options ranging from each five minutes to each day and an option to install without asking (only security updates or all updates?)
I can see this as a security risk if the updater were able to be set to automatic. Invariablely, some users will disregard the risks in the ongoing absolute trust of a particular server, and enough might be able to break the system if some cracker were to be able to compromise that trusted server and replace the client download with a compromised client with malware. Even if that only lasted for a short time. If the client were to ever include an update notification function, I disagree that it should *ever* update without user verification. Even a normal client modified to send a copy of your wallet.dat file to a particular email address would screw a lot of people over in a hurry.
+1, updating from existing clients would be a useful feature.
Since there can be important security updates and a lot of people don't check the site, the Bitcoin client should have an optional auto-updater (on by default), with "how often?" options ranging from each five minutes to each day and an option to install without asking (only security updates or all updates?)
Jump to: