Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UFsEM-0001Ms-38 for bitcoin-development@lists.sourceforge.net; Wed, 13 Mar 2013 20:24:58 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.215.51 as permitted sender) client-ip=209.85.215.51; envelope-from=gmaxwell@gmail.com; helo=mail-la0-f51.google.com; Received: from mail-la0-f51.google.com ([209.85.215.51]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UFsEL-0002T9-BO for bitcoin-development@lists.sourceforge.net; Wed, 13 Mar 2013 20:24:58 +0000 Received: by mail-la0-f51.google.com with SMTP id fo13so1644022lab.38 for ; Wed, 13 Mar 2013 13:24:50 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.152.134.164 with SMTP id pl4mr18928723lab.54.1363206290626; Wed, 13 Mar 2013 13:24:50 -0700 (PDT) Received: by 10.112.96.164 with HTTP; Wed, 13 Mar 2013 13:24:50 -0700 (PDT) In-Reply-To: <16B6728E-4220-4DA6-B740-FA38A7C19CCB@thelibertyportal.com> References: <201303131256.30144.luke@dashjr.org> <20130313175825.GA21242@vps7135.xlshosting.net> <16B6728E-4220-4DA6-B740-FA38A7C19CCB@thelibertyportal.com> Date: Wed, 13 Mar 2013 13:24:50 -0700 Message-ID: From: Gregory Maxwell To: Matthew Mitchell Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UFsEL-0002T9-BO Cc: "bitcoin-development@lists.sourceforge.net" Subject: Re: [Bitcoin-development] 0.8.1 ideas X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Mar 2013 20:24:58 -0000 On Wed, Mar 13, 2013 at 1:10 PM, Matthew Mitchell wrote: > Why would it be a difficulty in getting people to update away from 0.7 an= d earlier? How long would that roughly take? If people are hesitant to upda= te, imagine if a more serious vulnerability is found. It could be disastrou= s. The development community backports critical fixes which makes updating instead of upgrading possible, but that still is not free. Many people are carrying patches against Bitcoin which require integration and time for testing=E2=80=94 even if its just an update. Small behavior changes can still break things for the users. For example, a major mining pool lost well over 1000 BTC when upgrading to 0.8 because the reindex interacted poorly with their pool server software and caused them to pay people 25 BTC per share, an update or upgrade is just a risky even whos risk can be minimized if its done at your own pace. Sometimes when there is a vulnerability what people will do is isolate their production nodes from the internet using upgraded nodes, so they avoid touching the production systems. Other times the vulnerability is only a DOS attack so they ignore it unless the attack happens, or only applies to something else they don't care about. Another point is that if everyone instantly upgrades in response to developers claim that an urgent is needed (as opposed to implementing other workarounds) then the security of the system much more obviously reduces to the ability to compromise a developer=E2=80=94 something no one should want. When roll outs take time there is more time for review to catch things, fewer nodes harmed by an introduced flaw, etc.