Message-ID: <54DF5FF6.4010000@jrn.me.uk>
Date: Sat, 14 Feb 2015 14:47:18 +0000
From: Ross Nicoll <jrn@jrn.me.uk>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: bitcoin-development@lists.sourceforge.net
References: <20150212064719.GA6563@savin.petertodd.org>	<CANEZrP2uVT_UqJbzyQcEbiS78T68Jj2cH7OGXv5QtYiCwArDdA@mail.gmail.com>	<CAE28kUQ87jWhq1p6RK1eKEuEP1ERxN_P2SS0=YsFEGAqRyMPLA@mail.gmail.com>	<CANEZrP2H2T2QFZceCc=YzwwiApJy7kY7FN0LoAZODGbW12SYsw@mail.gmail.com>	<CAE28kURa8g3YTPi-GHKAt4v0csxXe=QhGhV3aQcDZGSr=Lb7RQ@mail.gmail.com>	<CANEZrP2hAUsRfeXUo-DLiiRmG5uJcwFuP4=o1S6Fb7ts5Ud=bw@mail.gmail.com>	<CADJgMztrzMh8=Y6SD-JV1hpTTbGB8Y2u=59bQhGtF6h3+Ei_Ew@mail.gmail.com>	<356E7F6E-300A-4127-9885-2183FB1DE447@gmail.com>	<54DCECE4.3020802@riseup.net>	<CAJfRnm4OBEJPW-6CiY5fQ1kUYppDnTtZfLF_YpBEaB8ovzx9og@mail.gmail.com>	<54DCFBB5.3080202@gmail.com>
	<54DD003E.2060508@riseup.net>	<CAJfRnm5d2WcZw3eRjN-cLajwTM0iF_o7OCPc+dkv+s-p3e9nLg@mail.gmail.com>	<54DD046B.3070507@riseup.net>
	<CAJfRnm7GUA8XJEtFhQyJBj54qcdhLXGm+iof=7fr_its3DJZGw@mail.gmail.com>
In-Reply-To: <CAJfRnm7GUA8XJEtFhQyJBj54qcdhLXGm+iof=7fr_its3DJZGw@mail.gmail.com>
Content-Type: multipart/alternative;
	boundary="------------050505060006010909060304"
Subject: Re: [Bitcoin-development] replace-by-fee v0.10.0rc4
Precedence: list

This is a multi-part message in MIME format.
--------------050505060006010909060304
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Arriving slightly late to the discussion, apologies.

Personally I wouldn't have written that patch, but I know development of
hostile patches happens out of sight, and if it can be written, we have
to presume it will be written eventually. I'd have preferred a patch
that only replaced non-final txes, which is the use-case I have for
transaction replacement, but that's easy to add back in.

I'm certainly not terribly convinced of the security of vanilla
zero-confirmation transactions myself, for reasons including but not
limited to this case. I also think it's important to understand that
people do make irrational decisions, and trusting network security on
everyone behaving perfectly rationally is not a workable model either.

TLDR; me too

Ross

On 12/02/15 20:36, Allen Piscitello wrote:
> You keep making moral judgements.  Reality is, if you live in a world with
> arsonists, you need to have a building that won't catch on fire, or has
> fire extinguishers in place.  Do not depend on arsonists ignoring you
> forever as your security model.  Penetration testing to know what
> weaknesses exist, what limitations exist, and what can be improved is
> essential.  Keeping your head in the sand and hoping people choose to do
> the right thing only ends one way.
>
> On Thu, Feb 12, 2015 at 1:52 PM, Justus Ranvier <justusranvier@riseup.net>
> wrote:
>
> On 02/12/2015 07:47 PM, Allen Piscitello wrote:
> >>> Nothing will stop that.  Bitcoin needs to deal with those issues,
> >>> not stick our heads in the sand and pretend they don't exist out of
> >>> benevolence. This isn't a pet solution, but the rules of the
> >>> protocol and what is realistically possible given the nature of
> >>> distributed consensus.  Relying on altruism is a recipe for
> >>> failure.
>
> If there's a risk of fire burning down wooden buildings, pass out fire
> extinguishers and smoke detectors, not matches.
>
> The latter makes one an arsonist.
>
>>
>>
>>
------------------------------------------------------------------------------
>> Dive into the World of Parallel Programming. The Go Parallel Website,
>> sponsored by Intel and developed in partnership with Slashdot Media, is
>> your
>> hub for all things parallel software development, from weekly thought
>> leadership blogs to news, videos, case studies, tutorials and more.
Take a
>> look and join the conversation now. http://goparallel.sourceforge.net/
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>
>
>
>
------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media,
is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJU31/yAAoJEJFC5fflM8475YIIAI7nxgxUdkKiMePMqtvPOi25
U+WCxjvIK0ZRTAV30POC7fKLT2mK0gPusSS7LtNJpPKvpC98VcSD5HWE49K80Yo9
9+QI7X7xBau1jjLo+27uOex0bJ6JwP1DSMpC12AQbMmi4FnyG+M5FMkr5/OnSxeF
cd4lT2UF7yTJPRy0+A9LwertL5Sv1yeOJJ9jtWuXgixapmHN+1Zm2VkGnur55V64
vnonlixlUMwnZNxDVoRhjTWm1P/lmCejvmvTRvcBomUlAEgRQF4TtF4YMBYXS97S
5WYrxOHLgTfTWr3FJuOnd+CVBRgZGw3u30ktaSErelyMG19lJOusBPdHTQFkV30=
=eWPj
-----END PGP SIGNATURE-----


--------------050505060006010909060304
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<html>
  <head>
    <meta content=3D"text/html; charset=3Dwindows-1252"
      http-equiv=3D"Content-Type">
  </head>
  <body text=3D"#000000" bgcolor=3D"#FFFFFF">
    <br>
    -----BEGIN PGP SIGNED MESSAGE-----<br>
    Hash: SHA1<br>
    <br>
    Arriving slightly late to the discussion, apologies.<br>
    <br>
    Personally I wouldn't have written that patch, but I know
    development of hostile patches happens out of sight, and if it can
    be written, we have to presume it will be written eventually. I'd
    have preferred a patch that only replaced non-final txes, which is
    the use-case I have for transaction replacement, but that's easy to
    add back in.<br>
    <br>
    I'm certainly not terribly convinced of the security of vanilla
    zero-confirmation transactions myself, for reasons including but not
    limited to this case. I also think it's important to understand that
    people do make irrational decisions, and trusting network security
    on everyone behaving perfectly rationally is not a workable model
    either.<br>
    <br>
    TLDR; me too<br>
    <br>
    Ross<br>
    <br>
    On 12/02/15 20:36, Allen Piscitello wrote:<br>
    <span style=3D"white-space: pre;">&gt; You keep making moral
      judgements.=A0 Reality is, if you live in a world with<br>
      &gt; arsonists, you need to have a building that won't catch on
      fire, or has<br>
      &gt; fire extinguishers in place.=A0 Do not depend on arsonists
      ignoring you<br>
      &gt; forever as your security model.=A0 Penetration testing to know
      what<br>
      &gt; weaknesses exist, what limitations exist, and what can be
      improved is<br>
      &gt; essential.=A0 Keeping your head in the sand and hoping people
      choose to do<br>
      &gt; the right thing only ends one way.<br>
      &gt;<br>
      &gt; On Thu, Feb 12, 2015 at 1:52 PM, Justus Ranvier
      <a class=3D"moz-txt-link-rfc2396E" href=3D"mailto:justusranvier@ris=
eup.net">&lt;justusranvier@riseup.net&gt;</a><br>
      &gt; wrote:<br>
      &gt;<br>
      &gt; On 02/12/2015 07:47 PM, Allen Piscitello wrote:<br>
      &gt; &gt;&gt;&gt; Nothing will stop that.=A0 Bitcoin needs to deal
      with those issues,<br>
      &gt; &gt;&gt;&gt; not stick our heads in the sand and pretend they
      don't exist out of<br>
      &gt; &gt;&gt;&gt; benevolence. This isn't a pet solution, but the
      rules of the<br>
      &gt; &gt;&gt;&gt; protocol and what is realistically possible
      given the nature of<br>
      &gt; &gt;&gt;&gt; distributed consensus.=A0 Relying on altruism is =
a
      recipe for<br>
      &gt; &gt;&gt;&gt; failure.<br>
      &gt;<br>
      &gt; If there's a risk of fire burning down wooden buildings, pass
      out fire<br>
      &gt; extinguishers and smoke detectors, not matches.<br>
      &gt;<br>
      &gt; The latter makes one an arsonist.<br>
      &gt;<br>
      &gt;&gt;<br>
      &gt;&gt;<br>
      &gt;&gt;
-------------------------------------------------------------------------=
-----<br>
      &gt;&gt; Dive into the World of Parallel Programming. The Go
      Parallel Website,<br>
      &gt;&gt; sponsored by Intel and developed in partnership with
      Slashdot Media, is<br>
      &gt;&gt; your<br>
      &gt;&gt; hub for all things parallel software development, from
      weekly thought<br>
      &gt;&gt; leadership blogs to news, videos, case studies, tutorials
      and more. Take a<br>
      &gt;&gt; look and join the conversation now.
      <a class=3D"moz-txt-link-freetext" href=3D"http://goparallel.source=
forge.net/">http://goparallel.sourceforge.net/</a><br>
      &gt;&gt; _______________________________________________<br>
      &gt;&gt; Bitcoin-development mailing list<br>
      &gt;&gt; <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:Bitco=
in-development@lists.sourceforge.net">Bitcoin-development@lists.sourcefor=
ge.net</a><br>
      &gt;&gt;
      <a class=3D"moz-txt-link-freetext" href=3D"https://lists.sourceforg=
e.net/lists/listinfo/bitcoin-development">https://lists.sourceforge.net/l=
ists/listinfo/bitcoin-development</a><br>
      &gt;&gt;<br>
      &gt;&gt;<br>
      &gt;<br>
      &gt;<br>
      &gt;<br>
      &gt;
-------------------------------------------------------------------------=
-----<br>
      &gt; Dive into the World of Parallel Programming. The Go Parallel
      Website,<br>
      &gt; sponsored by Intel and developed in partnership with Slashdot
      Media, is your<br>
      &gt; hub for all things parallel software development, from weekly
      thought<br>
      &gt; leadership blogs to news, videos, case studies, tutorials and
      more. Take a<br>
      &gt; look and join the conversation now.
      <a class=3D"moz-txt-link-freetext" href=3D"http://goparallel.source=
forge.net/">http://goparallel.sourceforge.net/</a><br>
      &gt;<br>
      &gt;<br>
      &gt; _______________________________________________<br>
      &gt; Bitcoin-development mailing list<br>
      &gt; <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:Bitcoin-d=
evelopment@lists.sourceforge.net">Bitcoin-development@lists.sourceforge.n=
et</a><br>
      &gt;
      <a class=3D"moz-txt-link-freetext" href=3D"https://lists.sourceforg=
e.net/lists/listinfo/bitcoin-development">https://lists.sourceforge.net/l=
ists/listinfo/bitcoin-development</a></span><br>
    <br>
    -----BEGIN PGP SIGNATURE-----<br>
    Version: GnuPG v1<br>
    <br>
    iQEcBAEBAgAGBQJU31/yAAoJEJFC5fflM8475YIIAI7nxgxUdkKiMePMqtvPOi25<br>
    U+WCxjvIK0ZRTAV30POC7fKLT2mK0gPusSS7LtNJpPKvpC98VcSD5HWE49K80Yo9<br>
    9+QI7X7xBau1jjLo+27uOex0bJ6JwP1DSMpC12AQbMmi4FnyG+M5FMkr5/OnSxeF<br>
    cd4lT2UF7yTJPRy0+A9LwertL5Sv1yeOJJ9jtWuXgixapmHN+1Zm2VkGnur55V64<br>
    vnonlixlUMwnZNxDVoRhjTWm1P/lmCejvmvTRvcBomUlAEgRQF4TtF4YMBYXS97S<br>
    5WYrxOHLgTfTWr3FJuOnd+CVBRgZGw3u30ktaSErelyMG19lJOusBPdHTQFkV30=3D<br=
>
    =3DeWPj<br>
    -----END PGP SIGNATURE-----<br>
    <br>
  </body>
</html>

--------------050505060006010909060304--