Pages:
Author

Topic: This message was too old and has been purged - page 3. (Read 9288 times)

legendary
Activity: 1778
Merit: 1043
#Free market
February 06, 2015, 07:27:44 AM
#60
However why not "make" this bug and "turn off" some bitcoin node? I think it will be a valid proof. What do you think guys ?

That's exactly what your not supposed to do when trying to disclose a bug.

http://mashable.com/2013/08/18/facebook-hacker-zuckerberg-timeline/

I know , but  if he gets permission I think that is the best idea for prove he has right.
legendary
Activity: 2087
Merit: 1015
February 06, 2015, 07:24:50 AM
#59
However why not "make" this bug and "turn off" some bitcoin node? I think it will be a valid proof. What do you think guys ?

That's exactly what your not supposed to do when trying to disclose a bug.

http://mashable.com/2013/08/18/facebook-hacker-zuckerberg-timeline/
sr. member
Activity: 490
Merit: 250
I don't really come from outer space.
February 06, 2015, 06:56:57 AM
#58
However why not "make" this bug and "turn off" some bitcoin node? I think it will be a valid proof. What do you think guys ?

As long as he gets permission from the node operator first, I think that's an excellent idea.
legendary
Activity: 1778
Merit: 1043
#Free market
February 06, 2015, 05:41:06 AM
#57
However why not "make" this bug and "turn off" some bitcoin node? I think it will be a valid proof. What do you think guys ?
hero member
Activity: 764
Merit: 500
I'm a cynic, I'm a quaint
February 06, 2015, 04:47:41 AM
#56
Even though he has sent the bug to gmaxwell to be reviews, why did he already get a negative trust ?

Self-proclaimed internet-sheriff's blind anger. Questionable behaviour, I agree.

Speaking about questionable behaviour... To me "Hey, I found a critical bug. I will inform you about it for BTC10" sounds an awful lot like "Hey, I can break your legs. For $2000 I won't".

No, because then he'd be saying if you don't pay me the 10 btc I'm going to start shooting down every node I see until it's fixed.

Rather he simply wants to be compensated for his time spent digging into the code and finding a vulnerability.


To those who believe the Bitcoin Foundation should not offer these bounties I ask why does the EFF offer bounties and prizes?



Edit: Has gmaxwell verified the claim sent by PM yet?

I realise that, which is why I said "sounds an awful lot like". Obviously he wants compensation for his work, which is alright. He's just not packaging his request that nicely. He's obviously rubbing people the wrong way. If he were to present it nicer he would be more likely to get what he wantstm.

Also the EFF offers those bounties to give people an incentive to go out and find issues. Evil-Knievel doesn't need such an incentive. He goes out looking with no prospect of a reward, only to request it upon finding something.

It's like finding someone's wallet. If you return it do you demand $10? Or do you just give it back and accept whatever reward they give? And how does that change if the owner put out posters offering a reward for finding their wallet?

Anyway, bottom line is that if he found an issue he deserves something. But there's no obligation for anyone to give him what he deserves.
full member
Activity: 224
Merit: 100
February 06, 2015, 03:17:04 AM
#55


Edit: Has gmaxwell verified the claim sent by PM yet?

I don't think so it has been verified yet. All I see is a negative trust back in 2013 March by gmaxwell himself for a similar claim.
So I am confused about the whole situation right now.
legendary
Activity: 2087
Merit: 1015
February 06, 2015, 02:50:33 AM
#54
Even though he has sent the bug to gmaxwell to be reviews, why did he already get a negative trust ?

Self-proclaimed internet-sheriff's blind anger. Questionable behaviour, I agree.

Speaking about questionable behaviour... To me "Hey, I found a critical bug. I will inform you about it for BTC10" sounds an awful lot like "Hey, I can break your legs. For $2000 I won't".

No, because then he'd be saying if you don't pay me the 10 btc I'm going to start shooting down every node I see until it's fixed.

Rather he simply wants to be compensated for his time spent digging into the code and finding a vulnerability.


To those who believe the Bitcoin Foundation should not offer these bounties I ask why does the EFF offer bounties and prizes?



Edit: Has gmaxwell verified the claim sent by PM yet?
hero member
Activity: 764
Merit: 500
I'm a cynic, I'm a quaint
February 06, 2015, 02:45:19 AM
#53
Even though he has sent the bug to gmaxwell to be reviews, why did he already get a negative trust ?

Self-proclaimed internet-sheriff's blind anger. Questionable behaviour, I agree.

Speaking about questionable behaviour... To me "Hey, I found a critical bug. I will inform you about it for BTC10" sounds an awful lot like "Hey, I can break your legs. For $2000 I won't".
legendary
Activity: 1330
Merit: 1009
February 05, 2015, 10:46:45 AM
#52
Sent pm Wink
legendary
Activity: 2422
Merit: 1451
Leading Crypto Sports Betting & Casino Platform
February 05, 2015, 10:07:52 AM
#51
You'd expect that something as big as bitcoin with an entire foundation behind it would have at least a small bug bounty. Yet we get to hear that no one cared enough to create one.
legendary
Activity: 1260
Merit: 1168
February 05, 2015, 10:04:19 AM
#50
This message was too old and has been purged
full member
Activity: 182
Merit: 100
February 05, 2015, 09:51:32 AM
#49
Even though he has sent the bug to gmaxwell to be reviews, why did he already get a negative trust ?
legendary
Activity: 1778
Merit: 1043
#Free market
February 05, 2015, 09:34:13 AM
#48
@gmaxwell , can you tell if Evil-Knievel has right or not ? Thanks for the attention.
newbie
Activity: 58
Merit: 0
February 05, 2015, 07:50:12 AM
#47
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

If you feel strongly about this, then you should start one.  The only reason that a strong bounty system doesn't exist is because nobody has bothered creating one.  It's an open system, feel free to be the guy that is responsible for creating and maintaining a reliable and trustworthy bounty program.

I feel strongly about being shocked. However as I don't use bitcoin anymore, except transitionally to buy NXT and MAIDSAFE, I'll leave the implementation of a bounty system to those who are invested in bitcoin and who would like to see the code analyzed with a fine-tooth comb.

but I tell ya....I'm shocked!   Grin
hero member
Activity: 715
Merit: 500
February 04, 2015, 06:25:14 PM
#46
Malleability was known about from very early on.  It wasn't addressed because there weren't any "random users" that felt it was important enough to address.

That's the point of a bounty program, to find exploits of known bugs.  I'm also really surprised there isn't a bug bounty program in place.  The Foundation would be able to easily organize something like this with the most exposure.  We are past the "everybody needs to contribute" days, need to be more organized for mass adoption.
legendary
Activity: 1470
Merit: 1004
February 04, 2015, 05:27:50 PM
#45
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

If you feel strongly about this, then you should start one.  The only reason that a strong bounty system doesn't exist is because nobody has bothered creating one.  It's an open system, feel free to be the guy that is responsible for creating and maintaining a reliable and trustworthy bounty program.

That's BS.  Why wouldn't the "Foundation" have one?

"The Foundation" is simply a private club of bitcoin enthusiasts. There is nothing official about them.  You are welcome to start your own club and call it "The Bitcoin Association" if you want.  Unless you are a member of their club, they are not beholden to any of your personal interests.  If you want them to have a bounty program, then join their club and campaign for it.

You expect random users to start an important security related program for BTC?

Yes.  The bitcoin system is decentralized and open.  There is no "Bitcoin Company".  If anything ever gets done in the bitcoin community, it is only because a random user decided that it needed to be done, so they did it.

Perhaps we wouldn't have issues like malleability if the Foundation was more proactive about this kind of stuff.

Malleability was known about from very early on.  It wasn't addressed because there weren't any "random users" that felt it was important enough to address.

I guess they can discuss it at their Caribbean retreat Roll Eyes meanwhile hacks continue.

It's their retreat. They can discuss whatever they want.  Meanwhile, you are welcome to sit on your whining butt and continue to complain to the universe about how it doesn't operate the way you want it to.

Thank you for the lessons wise one, until now I thought Bitcoin was a company run by the Foundation who was orchestrating Malleability hacks on exchanges.  I guess I should get off my whinny butt, after all, I've been here longer than you and haven't had the severely limited time to reach Legendary status. 
legendary
Activity: 3472
Merit: 4801
February 04, 2015, 11:57:36 AM
#44
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

If you feel strongly about this, then you should start one.  The only reason that a strong bounty system doesn't exist is because nobody has bothered creating one.  It's an open system, feel free to be the guy that is responsible for creating and maintaining a reliable and trustworthy bounty program.

That's BS.  Why wouldn't the "Foundation" have one?

"The Foundation" is simply a private club of bitcoin enthusiasts. There is nothing official about them.  You are welcome to start your own club and call it "The Bitcoin Association" if you want.  Unless you are a member of their club, they are not beholden to any of your personal interests.  If you want them to have a bounty program, then join their club and campaign for it.

You expect random users to start an important security related program for BTC?

Yes.  The bitcoin system is decentralized and open.  There is no "Bitcoin Company".  If anything ever gets done in the bitcoin community, it is only because a random user decided that it needed to be done, so they did it.

Perhaps we wouldn't have issues like malleability if the Foundation was more proactive about this kind of stuff.

Malleability was known about from very early on.  It wasn't addressed because there weren't any "random users" that felt it was important enough to address.

I guess they can discuss it at their Caribbean retreat Roll Eyes meanwhile hacks continue.

It's their retreat. They can discuss whatever they want.  Meanwhile, you are welcome to sit on your whining butt and continue to complain to the universe about how it doesn't operate the way you want it to.
legendary
Activity: 1470
Merit: 1004
February 04, 2015, 11:46:53 AM
#43
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

If you feel strongly about this, then you should start one.  The only reason that a strong bounty system doesn't exist is because nobody has bothered creating one.  It's an open system, feel free to be the guy that is responsible for creating and maintaining a reliable and trustworthy bounty program.

That's BS.  Why wouldn't the "Foundation" have one?  You expect random users to start an important security related program for BTC?  Perhaps we wouldn't have issues like malleability if the Foundation was more proactive about this kind of stuff.  I guess they can discuss it at their Caribbean retreat Roll Eyes meanwhile hacks continue.
legendary
Activity: 3472
Merit: 4801
February 04, 2015, 09:25:14 AM
#42
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

If you feel strongly about this, then you should start one.  The only reason that a strong bounty system doesn't exist is because nobody has bothered creating one.  It's an open system, feel free to be the guy that is responsible for creating and maintaining a reliable and trustworthy bounty program.
newbie
Activity: 58
Merit: 0
February 04, 2015, 07:25:22 AM
#41
Evil-K has found hard bugs before, he's proven he's capable. I think he should have been taken very seriously from the beginning.

On another note, I'm really shocked that there isn't a strong bounty system in place for catching bugs in the bitcoin code-base.  shocked!  If bitcoiner's wanted serious hard looks at the code, then IMO they'd consider looking into implementing a rewards/bounty program.

Pages:
Jump to: