On Wed, Mar 13, 2013 at 1:10 PM, Matthew Mitchell <matthewmitch...@thelibertyportal.com> wrote: > Why would it be a difficulty in getting people to update away from 0.7 and > earlier? How long would that roughly take? If people are hesitant to update, > imagine if a more serious vulnerability is found. It could be disastrous.
The development community backports critical fixes which makes updating instead of upgrading possible, but that still is not free. Many people are carrying patches against Bitcoin which require integration and time for testing— even if its just an update. Small behavior changes can still break things for the users. For example, a major mining pool lost well over 1000 BTC when upgrading to 0.8 because the reindex interacted poorly with their pool server software and caused them to pay people 25 BTC per share, an update or upgrade is just a risky even whos risk can be minimized if its done at your own pace. Sometimes when there is a vulnerability what people will do is isolate their production nodes from the internet using upgraded nodes, so they avoid touching the production systems. Other times the vulnerability is only a DOS attack so they ignore it unless the attack happens, or only applies to something else they don't care about. Another point is that if everyone instantly upgrades in response to developers claim that an urgent is needed (as opposed to implementing other workarounds) then the security of the system much more obviously reduces to the ability to compromise a developer— something no one should want. When roll outs take time there is more time for review to catch things, fewer nodes harmed by an introduced flaw, etc. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
