Pages:
Author

Topic: The Most Important Bitcoin Client Feature IMHO... - page 2. (Read 3634 times)

hero member
Activity: 755
Merit: 515
People should have to think about the things being added or changed in a new version so that the core of bitcoin isn't changed.
That is the point of distributed signatures.  Developers who are trusted by the community put their stamp of approval on changes.  Any interested users can obviously still watch the changes and chose for themselves but, lets face it, 99% of users just don't care.  Many of the changes are changes in tx requirements for mining and other small things that no one but small groups care about anyway. 
sr. member
Activity: 406
Merit: 256
People should have to think about the things being added or changed in a new version so that the core of bitcoin isn't changed.
hero member
Activity: 755
Merit: 515
Automatic updating is merely yet another attack vector. I highly doubt it could be made secure. Is there any other money handling software that automatically updates?
How could you exploit a system which requires developers to sign the results with gpg?  You'd have to steal the gpg keys of multiple developers.
sr. member
Activity: 294
Merit: 252
I strongly disagree. (on topic to another thread: does that make me an extremist?)

Automatic updating is merely yet another attack vector. I highly doubt it could be made secure. Is there any other money handling software that automatically updates?
hero member
Activity: 755
Merit: 515
Would be updating automatically, or at least informing the user that a new version is available.

FileZilla, VLC, uTorrent, and many other open source projects do this quite nicely. Could we simply borrow their code?

Would bitcoin's decentralized nature might make this a bit more difficult?

Nobody would feel comfortable associating just one domain name with the "update notification" code I doubt, it would be too simple of an attack vector. Perhaps once we get the bitDNS and/or namecoin setup...
The new distribution/download script devrandom is working on for gitian and bitcoin 0.4.0 should be able to handle such things in a couple version out.  It also solves the trust issue as it requires a certain number of trusted developers to sign a new release after building it themselves deterministically before it will download and install the new version.
sr. member
Activity: 280
Merit: 252
Would be updating automatically, or at least informing the user that a new version of the Bitcoin client is available.

FileZilla, VLC, uTorrent, and many other open source projects do this quite nicely. Could we simply borrow their code?

Would bitcoin's decentralized nature might make this a bit more difficult?

Nobody would feel comfortable associating just one domain name with the "update notification" code I doubt, it would be too simple of an attack vector. Perhaps once we get the bitDNS and/or namecoin setup...
Pages:
Jump to: