Thus... leave it enabled by default
Topic: Make UPNP enabled by default? - page 2. (Read 3329 times)
I agree with John Smith
Thus... leave it enabled by default
Thus... leave it enabled by default
it was a nice idea to try and work around the terrible curse of NAT, but shortly NAT wont be necessary.
Do note that I was talking about a (possibly distant) future in which NAT is no longer needed.For the problems we face NOW, UPnP is a good compromise.
The Bitcoin client is meant to open a port, as this is part of the P2P network design and strengthens the network. More connections=more trust. This I recommend enabling UPnP by default.
Counter-arguments are easy to address:
- Users can still choose to not open a Bitcoin port. Provide the -nolisten argument, which causes the client to only rely on outgoing connections and not advertise.
- Users can still choose not to use UPnP for security reasons. Disable it in your router configuration. Not enabling UPnP in Bitcoin does not provide any additional security. Trojans can still use UPnP as long as it is enabled in your router!
- UPnP should obviously be disabled when running over an overlay network such as Tor (or when a proxy is used..).
- No, UPnP does not advertise the program as a file sharing application. Non-filesharing applications such as Skype also use UPnP. But if you're worried about it you can provide the command line argument to disable UPnP (or -nolisten to not advertise at all).
screw "screwed by design" things like UPnP, IMO.
and yes, BTC network nodes compromising ease, even on small degree isn't option, IMO.
point is, UPnP isn't hot/quick/mission-critical thing in to-do/timeline, IMO and unlikely be in next one.
and yes, BTC network nodes compromising ease, even on small degree isn't option, IMO.
point is, UPnP isn't hot/quick/mission-critical thing in to-do/timeline, IMO and unlikely be in next one.
Votes aren't a good way to decide these issues. I suggest Matt just submit a pull req to enable it by default and let Gavin decide.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
Instead of talking about how great UPNP is it would be much more useful to tell everyone if you've tried it and if it worked.
It's not a feature developers are likely to use — other than to test it. It would be pretty terrible if it turned out that it had a bug which occasionally crashed bitcoin and it got enabled by default.
and as to the vulnerabilities, it allows any malicious software to open ports in your firewall whether you want them or not once its on your computer.
This "vulnerability" assumes that UPnP meant to configure firewalls, which it isn't. It's to inform a NAPT device of a port being opened. It really should be implemented by the OS's listen() function. 
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
"the future"? You mean when IPv6 has been introduced everywhere and UPNP is no longer needed?indeed.
and as to the vulnerabilities, it allows any malicious software to open ports in your firewall whether you want them or not once its on your computer.
it was a nice idea to try and work around the terrible curse of NAT, but shortly NAT wont be necessary.
Votes aren't a good way to decide these issues. I suggest Matt just submit a pull req to enable it by default and let Gavin decide.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
Instead of talking about how great UPNP is it would be much more useful to tell everyone if you've tried it and if it worked.
It's not a feature developers are likely to use — other than to test it. It would be pretty terrible if it turned out that it had a bug which occasionally crashed bitcoin and it got enabled by default.
Also, looking at the implementation it appears that it tries to use UPNP even when its not required to get the port open. Thats probably somewhat less than optimal, since the upnp traffic might make network operators mistake bitcoin for filetrading applications in the same way IRC seed makes people mistake bitcoin for a botnet.
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
"the future"? You mean when IPv6 has been introduced everywhere and UPNP is no longer needed?
Votes aren't a good way to decide these issues. I suggest Matt just submit a pull req to enable it by default and let Gavin decide.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
UPnP is a de-facto standard that's used by virtually all p2p software. The fact that it's even an option puts Bitcoin behind apps like Skype in terms of UI simplicity. It's definitely worth enabling it by default, at minimum.
UPnP is one of the most insecure networking protocols designed, any external router that supports it, is just asking for their network to be comprimized.
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
Care to elaborate on the vulnerabilities of UPnP?
As a side note - I vote yes to enabling UPnP by default
UPnP is one of the most insecure networking protocols designed, any external router that supports it, is just asking for their network to be comprimized.
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
This doesnt help or hinder bitcoin in anyway, but in the future you are far less likely to find a router that supports it inherently.
I don't know much about UPNP, does this affect TOR users at all?
I'm in favor of this, and was since the beginning, but when it was first introduced, there was a vote on these forums and the result was strongly against UPnP. Frankly Im really not sure what valid argument anyone had as if UPnP is a "security risk" (which is only sort of, remotely is) then it should be off on the router and enabling it on Bitcoin does nothing different. It would also go some way towards solving some of the connection issues (though those are mostly solved in 0.3.23 with the more aggressive connections).
Unless this has changed in the latest release(I'll check ina minute 
), why shouldn't it be enabled by default?
Many people have routers with UPNP support, and enabling it would allow new users who don't know what it is, or haven't looked in the options, to get more than 8 connections.
), why shouldn't it be enabled by default?Many people have routers with UPNP support, and enabling it would allow new users who don't know what it is, or haven't looked in the options, to get more than 8 connections.
Jump to: