Hi!
Don't worry!
First, the dev team has already fixed this in 7.0. I hope the new stable release is ready soon and everybody upgrades.
Secondly, I won't be saying anything that can help an attacker exploit the vuln.
I will talk about many aspects of Bitcoin, and only one of them being the existence of DoS vulnerabilities, past heists in the ecosystem, and how Bitcoin has managed to handle them.
I will also talk about scalability, which has always been my deepest concern.
The conference titled "Bitcoin, Mavepay and the future of crytprocurrencies" is scheduled for Thursday 14:20 local time, Buenos Aires, Argentina at Ekoparty. Obviously I will also talk about my own proposals (Mavepay).
Come to Buenos Aires!
Juliano Rizzo and Thai Duong will be talking about CRIME, a devastating vulnerability they found in SSL!
Best regards,
Sergio.
Topic: Security 'expert' clams bitcoin vulnerability. Presenting at Ekoparty Conf. (Read 2104 times)
September 18, 2012, 09:23:49 AM
September 17, 2012, 05:21:27 PM
I trust that Sergio is working with bitcoin's best interests and there is nothing to fear, but this thread reminds me of someone who claimed to have found a vulnerability several months back on some website, but I don't remember what (or if anything) became of it.
September 17, 2012, 05:20:49 PM
Uh-oh. I'm not going to make any transactions, so that the chain rollback (if it happens) will be less painful. Hopefully the nosedive doesn't occur this time.
Here is Gavin's description of a serious vs critical vulnerability. https://bitcointalksearch.org/topic/critical-versus-serious-vulnerabilities-88892
September 17, 2012, 05:14:35 PM
He said he is only doing a partial disclosure and not a full disclosure. I imagine he will do a full disclosure after the conference and will talk to Gavin.
I am guessing he just wants some credit for discovering this vulnerability.
I am guessing he just wants some credit for discovering this vulnerability.
September 17, 2012, 05:06:39 PM
i would guess he is disclosing
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2012-3789
which is fixed in all recent versions of bitcoin. since he disclosed it responsibly and it has been fixed i do not mind that he now takes credit for his discovery publicly.
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2012-3789
which is fixed in all recent versions of bitcoin. since he disclosed it responsibly and it has been fixed i do not mind that he now takes credit for his discovery publicly.
September 17, 2012, 05:05:11 PM
Wonder why he wouldn't informed the developers here:
https://bitcointalksearch.org/user/sergiodemianlerner-24826
https://bitcointalksearch.org/user/sergiodemianlerner-24826
Maybe he did and they're keeping quiet.
Or maybe he's lying lol
September 17, 2012, 05:04:59 PM
Wonder why he wouldn't informed the developers here:
https://bitcointalksearch.org/user/sergiodemianlerner-24826
https://bitcointalksearch.org/user/sergiodemianlerner-24826
I just asked him.
September 17, 2012, 05:02:43 PM
Wonder why he wouldn't informed the developers here:
https://bitcointalksearch.org/user/sergiodemianlerner-24826
https://bitcointalksearch.org/user/sergiodemianlerner-24826
September 17, 2012, 05:01:34 PM
Uh-oh. I'm not going to make any transactions, so that the chain rollback (if it happens) will be less painful. Hopefully the nosedive doesn't occur this time.
September 17, 2012, 04:57:04 PM
.
September 17, 2012, 04:49:31 PM
Quote
Sergio Demian Lerner
@SDLerner
At #Ekoparty Security Conference, I'll give a sneak peek (not the full disclosure) of AVALANCHE, a #Bitcoin vulnerability I found.
@SDLerner
At #Ekoparty Security Conference, I'll give a sneak peek (not the full disclosure) of AVALANCHE, a #Bitcoin vulnerability I found.
http://twitter.com/SDLerner/status/247725013975834624
Jump to: