Right, the auto update / push feature "vulnerability" makes sense now, even though, by downloading it, you are already trusting a binary and/or source code, otherwise Bitcoin wouldn't exist, if there was no trust for the first place, no one would ever use it, so it's not introducing a "vulnerability" per se, if you already installed it, you have made a conscious choice for trusting it.
But since the client would be using only official repos (as most coins are using), and the binaries are downloaded from the same place, doesn't it make sense to have the check for a changelog or news about versions of it, like the recent changes that had vulnerabitilies fixed? this way people would decide whether to download or install it by themselves. Like it or not, even being open source, the source is already centralized either on github or sourceforge, if you want to see it that way.
And even further, only conscious users check the MD5 signature of binaries when downloading them, or decide to build from the source themselves, which is the minority, but most non-techie users don't.
Another thing, right now, it's not always possible use the bleeding edge compiled version of bitcoin-qt for testing purposes, because would be a hassle for core developers to keep with nightlies. Of course, reading git status is simple (with their public API), if the client makes this check on-demand by the user, it can be possible, or after a big commit that changes the inner workings a lot, like Firefox Aurora. You are mistaking a decentralized NETWORK (that Bitcoin is and will always be) with a centralized distribution of binaries, thats a formal fallacy that it will always be decentralized.
Topic: Implementation of push / auto update feature on bitcoin (per configuration) - page 2. (Read 2594 times)
September 13, 2013, 10:39:12 PM
September 13, 2013, 07:39:10 PM
"Auto update" is categorically not the same as manual updates.
Bitcoin is an autonomous peer to peer system. It's security, its promises of non-inflation, everything that makes it valuable depends on someone not being able to just flip a switch and redefine it. As you say, "there's no excuse" to introduce that kind of vulnerability. Bitcoin was invented to remove the requirement for that kind of trust, and if you're willing to have that kind of trust you can build systems which are much more efficient than Bitcoin.
Someone with the ability to just push auto updates would be an extreme danger to the network, and that ability would be a potential danger to those who possess it by virtue of making them an attractive target. If the core developers start telling you that you need developer controlled automatic update you can assume that we've somehow been compromised.
There are certainly things that can be done to facilitate smoother updates and we should do them: For example, deploying the gitian updater tool for users to use which checks the gitian signatures and saves them some website clicking would be a nice improvement and would strictly reduce vulnerability. (since not that many users bother to check the signatures today when they update)
Any system which would run _automatically_ if any were to exist at all, however, should only work on a long randomized time delay to allow review and alarm if there is a problem and should support negative acknowledgements, the keys for which could be spread fairly liberally.
So go ahead with your "16 coins" run autoupdates for 15 of them. Bitcoin is a decenteralized system and is staying that way.
Bitcoin is an autonomous peer to peer system. It's security, its promises of non-inflation, everything that makes it valuable depends on someone not being able to just flip a switch and redefine it. As you say, "there's no excuse" to introduce that kind of vulnerability. Bitcoin was invented to remove the requirement for that kind of trust, and if you're willing to have that kind of trust you can build systems which are much more efficient than Bitcoin.
Someone with the ability to just push auto updates would be an extreme danger to the network, and that ability would be a potential danger to those who possess it by virtue of making them an attractive target. If the core developers start telling you that you need developer controlled automatic update you can assume that we've somehow been compromised.
There are certainly things that can be done to facilitate smoother updates and we should do them: For example, deploying the gitian updater tool for users to use which checks the gitian signatures and saves them some website clicking would be a nice improvement and would strictly reduce vulnerability. (since not that many users bother to check the signatures today when they update)
Any system which would run _automatically_ if any were to exist at all, however, should only work on a long randomized time delay to allow review and alarm if there is a problem and should support negative acknowledgements, the keys for which could be spread fairly liberally.
So go ahead with your "16 coins" run autoupdates for 15 of them. Bitcoin is a decenteralized system and is staying that way.
September 13, 2013, 07:15:11 PM
Auto update = one man controlls the network
where do you get your client btw? isn't from the same place you get the source? your comment makes no sense
September 13, 2013, 06:39:46 PM
Auto update = one man controlls the network
September 13, 2013, 06:29:54 PM
We are in 2013, in the era of "browser apps" and self updating software, and all coins, even though coded in C++, have no reason to not have an auto update / push update feature for critical bugs / exploits / etc. How many people get stuck and clueless about new versions, since the Qt client have no "check for new version" button, unless they check the forums? It's understandable, for a pool owner, to not have auto updating software because it can break everything, so it could be disabled. But for the end user, there's no excuse.
Coin developers should try to get to a consensus and implement a simple hash version checking against the tags on github / sourceforge for example, at least to warn users about new versions (and even a distributed changelog / news about the new version, take a look at Filezilla that is open source)
Imagine having 16 coin clients installed on the computer, and manually having to check for new versions for each one? An auto-update makes sense doesn't it?
Coin developers should try to get to a consensus and implement a simple hash version checking against the tags on github / sourceforge for example, at least to warn users about new versions (and even a distributed changelog / news about the new version, take a look at Filezilla that is open source)
Imagine having 16 coin clients installed on the computer, and manually having to check for new versions for each one? An auto-update makes sense doesn't it?
Jump to: