1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <startithub@gmail.com>) id 1Vdln6-0006Lf-TL
for bitcoin-development@lists.sourceforge.net;
Tue, 05 Nov 2013 18:55:52 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 74.125.82.178 as permitted sender)
client-ip=74.125.82.178; envelope-from=startithub@gmail.com;
helo=mail-we0-f178.google.com;
Received: from mail-we0-f178.google.com ([74.125.82.178])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1Vdln5-00025n-Uy
for bitcoin-development@lists.sourceforge.net;
Tue, 05 Nov 2013 18:55:52 +0000
Received: by mail-we0-f178.google.com with SMTP id q59so3851444wes.37
for <bitcoin-development@lists.sourceforge.net>;
Tue, 05 Nov 2013 10:55:45 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.194.21.131 with SMTP id v3mr7987758wje.44.1383677745727;
Tue, 05 Nov 2013 10:55:45 -0800 (PST)
Received: by 10.216.208.67 with HTTP; Tue, 5 Nov 2013 10:55:45 -0800 (PST)
In-Reply-To: <CAJHLa0MO9Q7D_9xmXPYKrebC7sMLoZtJ4epFSk36e8mMNMSKGg@mail.gmail.com>
References: <CABT1wWkOukEzxK5fLbnA4ZgJGN1hb_DMteCJOfA13FE_QZCi=Q@mail.gmail.com>
<20131105170541.GA13660@petertodd.org>
<20131105171445.GA13710@petertodd.org>
<CABT1wW=XgDfxfxMxyjcNhtNTzXkGLtgSLz3JJcUAq9ywgpymyg@mail.gmail.com>
<CANEZrP0itd3xW7yyg9FBJVuJNttcmMhnqWGOaWxjz37ATrR8qA@mail.gmail.com>
<CADre0dm0PGARSXXdwoa1ZOnpbEw_bx0aKP17q4PSFLTayyoRJw@mail.gmail.com>
<CAJHLa0MO9Q7D_9xmXPYKrebC7sMLoZtJ4epFSk36e8mMNMSKGg@mail.gmail.com>
Date: Tue, 5 Nov 2013 19:55:45 +0100
Message-ID: <CADre0dm_j68pN9Ov45kd47Y2DLnnfNiyocMvaUtgE=CJPUTUiA@mail.gmail.com>
From: Alessandro Parisi <startithub@gmail.com>
To: Jeff Garzik <jgarzik@bitpay.com>
Content-Type: multipart/alternative; boundary=047d7b5d64f2848fdc04ea729418
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(startithub[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information. [URIs: bitpay.com]
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1Vdln5-00025n-Uy
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP proposal - patch to raise selfish
mining threshold.
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2013 18:55:53 -0000
--047d7b5d64f2848fdc04ea729418
Content-Type: text/plain; charset=ISO-8859-1
Thank you very much for your fair response, Sir;
this means that anytime a bug is found in Bitcoin protocol, chances are
that it would take a lot more time to get fixed
2013/11/5 Jeff Garzik <jgarzik@bitpay.com>
> On Tue, Nov 5, 2013 at 1:07 PM, Alessandro Parisi <startithub@gmail.com>
> wrote:
> > I agree with Ittay: when bugs are found, they must be fixed ASAP,
> expecially
> > when they affect a sensitive sw such as Bitcon; in IT security, every
> flaw
> > that is exploitable in abstract, is going to be exploited in real,
> sooner or
> > later, also taking into account the increasing parallel computing power;
> > beware of false sense of security
>
> That is quite ignorant. Bitcoin is far more complex than standard IT
> security "fix ASAP" mantra. Distributed consensus is a new field of
> computer science, and blindly applying standard logic to bitcoin will
> quickly result in large problems.
>
> Every fix has the chance of changing the game theory or economics of
> bitcoin. A change to the core consensus protocol within bitcoin --
> mining -- is even more game-theory- and economically-critical to the
> core system. Changes thus have more impact, where any change
> potentially reduces bitcoin's value to zero in the worst case.
>
> Bitcoin is akin to medical device or avionics software. We cannot
> just change at will, without significant research, analysis and
> testing. "It is a bug, it must be fixed ASAP" is ignorant and
> dangerous.
>
> Further, this is at present a THEORETICAL problem, and the solution
> presented has some obvious flaws, that would make our current, WORKING
> SYSTEM more fragile, and less secure.
>
> --
> Jeff Garzik
> Senior Software Engineer and open source evangelist
> BitPay, Inc. https://bitpay.com/
>
--047d7b5d64f2848fdc04ea729418
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Thank you very much for your fair response, Sir;<div style=
>this means that anytime a bug is found in Bitcoin protocol, chances are th=
at it would take a lot more time to get fixed</div><div class=3D"gmail_extr=
a">
<br><br><div class=3D"gmail_quote">2013/11/5 Jeff Garzik <span dir=3D"ltr">=
<<a href=3D"mailto:jgarzik@bitpay.com" target=3D"_blank">jgarzik@bitpay.=
com</a>></span><br><blockquote class=3D"gmail_quote" style=3D"margin:0 0=
0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im">On Tue, Nov 5, 2013 at 1:07 PM, Alessandro Parisi <<a =
href=3D"mailto:startithub@gmail.com">startithub@gmail.com</a>> wrote:<br=
>
> I agree with Ittay: when bugs are found, they must be fixed ASAP, expe=
cially<br>
> when they affect a sensitive sw such as Bitcon; in IT security, every =
flaw<br>
> that is exploitable in abstract, is going to be exploited in real, soo=
ner or<br>
> later, also taking into account the increasing parallel computing powe=
r;<br>
> beware of false sense of security<br>
<br>
</div>That is quite ignorant. =A0Bitcoin is far more complex than standard =
IT<br>
security "fix ASAP" mantra. =A0Distributed consensus is a new fie=
ld of<br>
computer science, and blindly applying standard logic to bitcoin will<br>
quickly result in large problems.<br>
<br>
Every fix has the chance of changing the game theory or economics of<br>
bitcoin. =A0A change to the core consensus protocol within bitcoin --<br>
mining -- is even more game-theory- and economically-critical to the<br>
core system. =A0Changes thus have more impact, where any change<br>
potentially reduces bitcoin's value to zero in the worst case.<br>
<br>
Bitcoin is akin to medical device or avionics software. =A0We cannot<br>
just change at will, without significant research, analysis and<br>
testing. =A0 "It is a bug, it must be fixed ASAP" is ignorant and=
<br>
dangerous.<br>
<br>
Further, this is at present a THEORETICAL problem, and the solution<br>
presented has some obvious flaws, that would make our current, WORKING<br>
SYSTEM more fragile, and less secure.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
Jeff Garzik<br>
Senior Software Engineer and open source evangelist<br>
BitPay, Inc. =A0 =A0 =A0<a href=3D"https://bitpay.com/" target=3D"_blank">h=
ttps://bitpay.com/</a><br>
</font></span></blockquote></div><br></div></div>
--047d7b5d64f2848fdc04ea729418--
|
