I think these 12 hours is a real problem for following reasons:
1) The fix concerned security and as such it had to be adopted immediately. Someone citing "emergency" character should understand this is rather aggravating circumstance, not an excuse.
2) They must have had the sources before released binaries. What was the reason/purpose for not disclosing them for 12 hours? It had to be done intentionally. Are there better and worse players, some who award the security and the rest that do not?
3) Do you think an exchange or any other serious company can work straight with binaries, especially unsigned? Aren't their operators supposed to audit the sources?
4) How much can a crypto change it's value within 12 hours? Can you imagine such a rapid change while all your assets are frozen and you can't do nothing because all major exchanges disabled your wallets? Isn't it like someone deleted your Bitcoin by erasing it's value while locking it "temporary"?
I have not yet got involved in BTC vs. BTU discussion till now and my opinion is not partial for that.
Did BTU team give any explanation for that what has happened? Did they encounter HDD failure?
Do they find such a practice normal and are going to exercise it in the future?
1) The fix concerned security and as such it had to be adopted immediately. Someone citing "emergency" character should understand this is rather aggravating circumstance, not an excuse.
2) They must have had the sources before released binaries. What was the reason/purpose for not disclosing them for 12 hours? It had to be done intentionally. Are there better and worse players, some who award the security and the rest that do not?
3) Do you think an exchange or any other serious company can work straight with binaries, especially unsigned? Aren't their operators supposed to audit the sources?
4) How much can a crypto change it's value within 12 hours? Can you imagine such a rapid change while all your assets are frozen and you can't do nothing because all major exchanges disabled your wallets? Isn't it like someone deleted your Bitcoin by erasing it's value while locking it "temporary"?
I have not yet got involved in BTC vs. BTU discussion till now and my opinion is not partial for that.
Did BTU team give any explanation for that what has happened? Did they encounter HDD failure?
Do they find such a practice normal and are going to exercise it in the future?
I agree they should not have released a binary based upon code not in the public git repository. That was a mistake.
The git commit/push should have taken place before they released the binary.
It was a mistake and it was corrected. For people like me who only build from git, that means we had to wait, though honestly - the git repo had been updated by the time I found out about it and I suspect that is the case for many people.
Yeah, releasing a closed source patch doesn't really make much sense as it can't be properly audited by the community. Definitely an interesting choice in the way it was deployed.
