Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WaNfz-0005FN-3n for bitcoin-development@lists.sourceforge.net; Wed, 16 Apr 2014 11:06:47 +0000 X-ACL-Warn: Received: from mout.perfora.net ([74.208.4.194]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WaNfx-0008Uk-Pc for bitcoin-development@lists.sourceforge.net; Wed, 16 Apr 2014 11:06:47 +0000 Received: from netbook (c107-70.i07-27.onvol.net [92.251.107.70]) by mrelay.perfora.net (node=mrus4) with ESMTP (Nemesis) id 0Lfkck-1XK9w21q82-00obuH; Wed, 16 Apr 2014 07:06:37 -0400 Received: by netbook (Postfix, from userid 1000) id C06492E04CC; Wed, 16 Apr 2014 13:06:29 +0200 (CEST) Received: by flare (hashcash-sendmail, from uid 1000); Wed, 16 Apr 2014 13:06:27 +0200 Date: Wed, 16 Apr 2014 13:06:27 +0200 From: Adam Back To: Wladimir Message-ID: <20140416110627.GA8131@netbook.cypherspace.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Hashcash: 1:20:140416:laanwj@gmail.com::xIVfMufQ1h5+S5NA:07oDk X-Hashcash: 1:20:140416:melvincarvalho@gmail.com::S95gjtXomBriggGo:0000000000000 00000000000000000000000027Fu X-Hashcash: 1:20:140416:bitcoin-development@lists.sourceforge.net::yQJTj1CfZcKto g5D:000000000000000000000W0f X-Hashcash: 1:20:140416:adam@cypherspace.org::Lj81i4vIfZVXGSTU:00000000000000000 0000000000000000000000002dFk X-Provags-ID: V02:K0:M9g9UAKZdrh0VcDJ6lwCMA1OV9e7loQmDVzxCkxCqZV lRz8q+Ae8zUQP2fVv+JxUk1E20GyVpbapM3O2Dw1OsHFhDNkau 9pTjzVB8i6mFJrPpkpze/uI9jL30CkMrsKC2Q6tr7kdrPSie8m SWgyF1cmA6AkApGvMzH5KBOpcxGkpaHkV+u01pDriIg3F8dxLH ib3MS6ZTZULKTQAYM3YO1Yajx324kqNTrwveSWnAEUInikfs7t PwknkN6VbLiXbZ4uJl/AdgZ08khlCBplPkP5rYhJR/nmG2NueD pJVO6VjRTci/lpoDXrEWPa5YBwGjtprDxCR7nzYFgWChy8wkxK DHdoyqHbUIjfiPhrI0dugro2trrJtPbHn/x5jKRp/ X-Spam-Score: -0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [74.208.4.194 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1WaNfx-0008Uk-Pc Cc: Bitcoin Dev Subject: [Bitcoin-development] mid-term bitcoin security (Re: Warning message when running wallet in Windows XP (or drop support?)) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2014 11:06:47 -0000 Big picture/mid-term I think air-gaps and zero-trust ecosystem components are the only solution. (zero-trust meaning like real-time auditability, or type 2/type 3 exchanges based on atomic-swap, trustless escrow etc). Need a mass-production and air-drop of trezors :) There is one more problem address-substitution via untrusted network/user and weak site with 1mil lines of swiss-cheese security app-store. So some kind of address authentication TOFU. Aside from X509 bloatware which could be extended from payment protocol to do that, I'd argue for a native simple TOFU format like Alan Reiner's multiplier * base approach (where base is the TOFU handle). And/or something like the IBE address proposal (which gives a bandwidth efficiently SPV queryable way to check if funds received). Worst case if weil-pairing gets broken it auto-devolves to the current status quo. Btw not to reignite the stealth vs reusable address bike shedding, but contrarily I was thinking it maybe actually better to try to rebrand address as "invoice number". People understand double paying an invoice is not a good idea. And if they receive the same invoice twice they'll query it. Adam On Wed, Apr 16, 2014 at 11:41:48AM +0200, Wladimir wrote: > On Wed, Apr 16, 2014 at 10:45 AM, Melvin Carvalho > <[1]melvincarvalho@gmail.com> wrote: > > XP with a trezor would work fine tho? > > Probably - but that's a very rare edge case. People that are security > conscious enough to buy a Trezor will not run XP. Also I don't dare to > say that there is not some way to sociaal-engineer the user with > malware on a compromised OS even with a trezor. > Maybe: for 0.9.2 add a warning message and push people to upgrade > (either to Win8.1 or something else), then in the next major release > 0.10.0 drop XP support completely. > Wladimir > >References > > 1. mailto:melvincarvalho@gmail.com >------------------------------------------------------------------------------ >Learn Graph Databases - Download FREE O'Reilly Book >"Graph Databases" is the definitive new guide to graph databases and their >applications. Written by three acclaimed leaders in the field, >this first edition is now available. Download your free book today! >http://p.sf.net/sfu/NeoTech >_______________________________________________ >Bitcoin-development mailing list >Bitcoin-development@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bitcoin-development