Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1TKXNW-0007Ow-Jm for bitcoin-development@lists.sourceforge.net; Sat, 06 Oct 2012 16:37:26 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.223.175 as permitted sender) client-ip=209.85.223.175; envelope-from=gmaxwell@gmail.com; helo=mail-ie0-f175.google.com; Received: from mail-ie0-f175.google.com ([209.85.223.175]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1TKXNV-0004D1-PK for bitcoin-development@lists.sourceforge.net; Sat, 06 Oct 2012 16:37:26 +0000 Received: by mail-ie0-f175.google.com with SMTP id c13so6770462ieb.34 for ; Sat, 06 Oct 2012 09:37:20 -0700 (PDT) MIME-Version: 1.0 Received: by 10.50.236.66 with SMTP id us2mr4018492igc.8.1349541440436; Sat, 06 Oct 2012 09:37:20 -0700 (PDT) Received: by 10.64.34.4 with HTTP; Sat, 6 Oct 2012 09:37:20 -0700 (PDT) Date: Sat, 6 Oct 2012 12:37:20 -0400 Message-ID: From: Gregory Maxwell To: Bitcoin Development , electrum.desktop@gmail.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.2 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.4 AWL AWL: From: address is in the auto white-list X-Headers-End: 1TKXNV-0004D1-PK Subject: [Bitcoin-development] Electrum security model concerns X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Oct 2012 16:37:26 -0000 I'm concerned about how the particular security model of electrum is being described; or rather=E2=80=94 not being described. The electrum webs= ite appears to have no security discussion beyond platitudes like "Secure: Your private keys are not shared with the server. You do not have to trust the server with your money.", "No scripts: Electrum does not download any script at runtime. A compromised server cannot compromise your client." Claims like "You do not have to trust the server with your money" are factually incorrect. What I would expect is a proper discussion, like "Understanding the bitcoinj security model": http://code.google.com/p/bitcoinj/wiki/SecurityModel (which I don't agree with completely=E2=80=94 as it makes some claims which are known to b= e false=E2=80=94 wrt detecting double spends, but it does give a reasonable overview), and avoidance of broad claims which will result in misunderstandings that result in users engaging in riskier behaviors which they could avoid if they better understood the security of the software they're running.