No Security subforum ? | Bitcointalksearch.org

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

Quote from: BadBitcoin (James Sutton) on July 31, 2012, 06:40:59 PM

Quote from: niko on July 31, 2012, 05:40:58 PM

Quote from: error on July 31, 2012, 04:13:57 PM

Quote from: niko on July 31, 2012, 02:46:22 PM

As for the "enterprise" level discussion, perhaps it's better if they keep it between themselves?

If your security measures rely on keeping them secret, they aren't good security measures.

They shouldn't rely on secrecy, but should be discussed on a need-to-know basis between service providers, or between customers and providers. I think that's common sense. Anyhow, it wouldn't hurt to have the board. Everyone can decide if and how much they would be sharing there.

what you just said is that you rely on secrecy, a completely open and transparent security solution allows for open source collaboration on fixing any holes, regardless of the sensitivity of your situation.

There are more whitehats on here than blackhats, and those whitehats are generally better at their job, too.

Then why are zero-day exploits usually not discussed in public boards? I thought a reasonable thing to do is to notify the dev team first, no?

BadBitcoin (James Sutton)

donator

Activity: 452

Merit: 252

Quote from: niko on July 31, 2012, 05:40:58 PM

Quote from: error on July 31, 2012, 04:13:57 PM

Quote from: niko on July 31, 2012, 02:46:22 PM

As for the "enterprise" level discussion, perhaps it's better if they keep it between themselves?

If your security measures rely on keeping them secret, they aren't good security measures.

They shouldn't rely on secrecy, but should be discussed on a need-to-know basis between service providers, or between customers and providers. I think that's common sense. Anyhow, it wouldn't hurt to have the board. Everyone can decide if and how much they would be sharing there.

what you just said is that you rely on secrecy, a completely open and transparent security solution allows for open source collaboration on fixing any holes, regardless of the sensitivity of your situation.

There are more whitehats on here than blackhats, and those whitehats are generally better at their job, too.

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

Quote from: error on July 31, 2012, 04:13:57 PM

Quote from: niko on July 31, 2012, 02:46:22 PM

As for the "enterprise" level discussion, perhaps it's better if they keep it between themselves?

If your security measures rely on keeping them secret, they aren't good security measures.

They shouldn't rely on secrecy, but should be discussed on a need-to-know basis between service providers, or between customers and providers. I think that's common sense. Anyhow, it wouldn't hurt to have the board. Everyone can decide if and how much they would be sharing there.

error

hero member

Activity: 588

Merit: 500

Quote from: niko on July 31, 2012, 02:46:22 PM

As for the "enterprise" level discussion, perhaps it's better if they keep it between themselves?

If your security measures rely on keeping them secret, they aren't good security measures.

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

Quote from: Transisto on July 27, 2012, 02:30:20 PM

Given the nature of the beast, I'm surprised we don't have one already.

I would add to it a sub "personal computer security" for general use bitcoin.

And a more enterprise level sub for web-services dealing with bitcoins transactions.

I was to post this there but found no places to post it.
"OAuth 2.0 and the Road to Hell" http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

A personal security sub makes sense. Unfortunately, lots of useful information is already scattered around the forum.
As for the "enterprise" level discussion, perhaps it's better if they keep it between themselves?

dree12

legendary

Activity: 1246

Merit: 1076

Hmm, maybe a general security subforum of Bitcoin Discussion? I think I'll add that to my thread on proposed subfora.

Transisto

donator

Activity: 1731

Merit: 1008

Given the nature of the beast, I'm surprised we don't have one already.

I would add to it a sub "personal computer security" for general use bitcoin.

And a more enterprise level sub for web-services dealing with bitcoins transactions.

I was to post this there but found no places to post it.
"OAuth 2.0 and the Road to Hell" http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/

Topic: No Security subforum ? (Read 991 times)