Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Thu, Apr 17, 2014 at 12:06 AM, Gregory Maxwell gmaxw...@gmail.comwrote: Bringing the thread back on-topic: Thanks. On Wed, Apr 16, 2014 at 1:14 AM, Wladimir laa...@gmail.com wrote: Hello, Today I noticed that even my bank is warning people to not do internet banking with Windows XP. If it is no longer secure enough for online banking it's CERTAINLY not secure enough to run a wallet (for a node only it would be ok-ish as they have no keys to protect). Any opinions on what to do here? I think eventually multi-wallet support will make it so that a wallet won't be created by default. After the wallet split-off this will also be easier: - Bitcoin Core Node - Bitcoin Core Wallet The node would be as compatible as possible with any OS in existence, but the wallet can be more picky. Instead users would create-wallet, which would also give them options like using a HSM (e.g. trezor) or multisig secured wallet. HSMs complicate this; I'm not even sure how this will work, are the Trezor guys planning to contribute support for their device to wallets including Bitcoin Core? Hopefully by that time, everyone will have forgotten about XP already :) Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 16 April 2014 10:14, Wladimir laa...@gmail.com wrote: Hello, Today I noticed that even my bank is warning people to not do internet banking with Windows XP. If it is no longer secure enough for online banking it's CERTAINLY not secure enough to run a wallet (for a node only it would be ok-ish as they have no keys to protect). Any opinions on what to do here? Just warn and allow the user to continue? Redirect them to a 'Windows XP is dangerous' message on bitcoin.org? (Microsoft uses http://windows.microsoft.com/en-us/windows/end-support-help) The drawback of dropping XP support completely would be that a lot of computers (especially in China and Russia etc) are still running XP, so this could cause the network to lose nodes. XP with a trezor would work fine tho? My personal preference would be a warning, and to direct them to a free software operating system that they could upgrade to. If you're maintainer of other wallet software: how are you handling this? Are you going to drop XP support completely? If so, starting from when? Regards, Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Wed, Apr 16, 2014 at 10:45 AM, Melvin Carvalho melvincarva...@gmail.comwrote: XP with a trezor would work fine tho? Probably - but that's a very rare edge case. People that are security conscious enough to buy a Trezor will not run XP. Also I don't dare to say that there is not some way to sociaal-engineer the user with malware on a compromised OS even with a trezor. Maybe: for 0.9.2 add a warning message and push people to upgrade (either to Win8.1 or something else), then in the next major release 0.10.0 drop XP support completely. Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 4/16/2014 4:14 AM, Wladimir wrote: Hello, Today I noticed that even my bank is warning people to not do internet banking with Windows XP. If it is no longer secure enough for online banking it's CERTAINLY not secure enough to run a wallet (for a node only it would be ok-ish as they have no keys to protect). Any opinions on what to do here? Just warn and allow the user to continue? Redirect them to a 'Windows XP is dangerous' message on bitcoin.org http://bitcoin.org? (Microsoft uses http://windows.microsoft.com/en-us/windows/end-support-help) The drawback of dropping XP support completely would be that a lot of computers (especially in China and Russia etc) are still running XP, so this could cause the network to lose nodes. If you're maintainer of other wallet software: how are you handling this? Are you going to drop XP support completely? If so, starting from when? Regards, Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development I think we should get to the bottom of this. Should we assume that xp is not secure enough? What is this warning? Who is issuing this warning? -- Kevin -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. What is this warning? Windows XP is no longer maintained. Don't use such a system for protecting your money. Who is issuing this warning? Microsoft: http://windows.microsoft.com/en-us/windows/end-support-help The suggestion here is to make Bitcoin Core detect when it's running on Windows XP, and warn the user (they are likely unaware of the risks). -- Pieter -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
XP is no longer receiving security patches from Microsoft, and hasn't been for some time. There are known remote exploits that aren't going to be fixed, ever. On Apr 16, 2014 8:15 AM, Kevin kevinsisco61...@gmail.com wrote: On 4/16/2014 4:14 AM, Wladimir wrote: Hello, Today I noticed that even my bank is warning people to not do internet banking with Windows XP. If it is no longer secure enough for online banking it's CERTAINLY not secure enough to run a wallet (for a node only it would be ok-ish as they have no keys to protect). Any opinions on what to do here? Just warn and allow the user to continue? Redirect them to a 'Windows XP is dangerous' message on bitcoin.org? (Microsoft uses http://windows.microsoft.com/en-us/windows/end-support-help) The drawback of dropping XP support completely would be that a lot of computers (especially in China and Russia etc) are still running XP, so this could cause the network to lose nodes. If you're maintainer of other wallet software: how are you handling this? Are you going to drop XP support completely? If so, starting from when? Regards, Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today!http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing listBitcoin-development@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/bitcoin-development I think we should get to the bottom of this. Should we assume that xp is not secure enough? What is this warning? Who is issuing this warning? -- Kevin -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Wed, Apr 16, 2014 at 5:20 PM, Pieter Wuille pieter.wui...@gmail.comwrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. It will quickly grow extremely insecure. People will be actively analyzing patches to post-XP versions to find security problems that are patched there, to see if they can be exploited on XP. Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 4/16/2014 11:28 AM, Wladimir wrote: On Wed, Apr 16, 2014 at 5:20 PM, Pieter Wuille pieter.wui...@gmail.com mailto:pieter.wui...@gmail.com wrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com mailto:kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. It will quickly grow extremely insecure. People will be actively analyzing patches to post-XP versions to find security problems that are patched there, to see if they can be exploited on XP. Wladimir Should we then add an alert message to wallet installers such as, Such and such will not run on windows xp? -- Kevin -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 04/16/2014 09:27 AM, Kevin wrote: Should we then add an alert message to wallet installers such as, Such and such will not run on windows xp? It's not really our place to police that ... plus it's perfectly safe to be running Bitcoin Core as a full node on XP. It's just the wallet functionality that people should be careful about. We're talking about such a small intersection of people who are running XP, have systems powerful enough to run Bitcoin Core, and use the wallet functionality. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
It may not be our place to say whether XP is secure or not, but if we say that we support it then we have to run test passes against XP as a platform, and if an XP user reports a bug, then we have to do something to address it. So, it becomes a test and support issue, not a security issue. That’s why it doesn’t make sense to support an OS platform that the original vendor (MS) no longer supports themselves. On Apr 16, 2014, at 9:35 AM, Mark Friedenbach m...@monetize.io wrote: On 04/16/2014 09:27 AM, Kevin wrote: Should we then add an alert message to wallet installers such as, Such and such will not run on windows xp? It's not really our place to police that ... plus it's perfectly safe to be running Bitcoin Core as a full node on XP. It's just the wallet functionality that people should be careful about. We're talking about such a small intersection of people who are running XP, have systems powerful enough to run Bitcoin Core, and use the wallet functionality. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development signature.asc Description: Message signed with OpenPGP using GPGMail -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
We don't support XP. In fact we don't support *any* distribution, but I will assume you mean provide a binary which runs on X. Can you find any reference to Windows XP on the website? I can't. On 04/16/2014 09:41 AM, Chris Williams wrote: It may not be our place to say whether XP is secure or not, but if we say that we support it then we have to run test passes against XP as a platform, and if an XP user reports a bug, then we have to do something to address it. So, it becomes a test and support issue, not a security issue. That’s why it doesn’t make sense to support an OS platform that the original vendor (MS) no longer supports themselves. On Apr 16, 2014, at 9:35 AM, Mark Friedenbach m...@monetize.io wrote: On 04/16/2014 09:27 AM, Kevin wrote: Should we then add an alert message to wallet installers such as, Such and such will not run on windows xp? It's not really our place to police that ... plus it's perfectly safe to be running Bitcoin Core as a full node on XP. It's just the wallet functionality that people should be careful about. We're talking about such a small intersection of people who are running XP, have systems powerful enough to run Bitcoin Core, and use the wallet functionality. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
You’re right. That’s a huge oversight. I think any software product you’ve ever considered installing has a section that says “Hey, we want this much ram on your system, this much disk space, this processor, etc”. Otherwise, you’re just setting yourself up for a bad user experience from people with marginal machines. On Apr 16, 2014, at 9:44 AM, Mark Friedenbach m...@monetize.io wrote: We don't support XP. In fact we don't support *any* distribution, but I will assume you mean provide a binary which runs on X. Can you find any reference to Windows XP on the website? I can't. On 04/16/2014 09:41 AM, Chris Williams wrote: It may not be our place to say whether XP is secure or not, but if we say that we support it then we have to run test passes against XP as a platform, and if an XP user reports a bug, then we have to do something to address it. So, it becomes a test and support issue, not a security issue. That’s why it doesn’t make sense to support an OS platform that the original vendor (MS) no longer supports themselves. On Apr 16, 2014, at 9:35 AM, Mark Friedenbach m...@monetize.io wrote: On 04/16/2014 09:27 AM, Kevin wrote: Should we then add an alert message to wallet installers such as, Such and such will not run on windows xp? It's not really our place to police that ... plus it's perfectly safe to be running Bitcoin Core as a full node on XP. It's just the wallet functionality that people should be careful about. We're talking about such a small intersection of people who are running XP, have systems powerful enough to run Bitcoin Core, and use the wallet functionality. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development signature.asc Description: Message signed with OpenPGP using GPGMail -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
Not to get snarky or OS elitist but as I understand it windows security, even during its support period has been measured in low digit number of days in the year when is NOT an outstanding known remote root compromise or combination of remote user compromise + priviledge escalation. Add in phishing, watering holes, malware and the average windows computer is probably compromised a dozen times over. Apparently for sometime it was not easily possible to secure it install boot - install OS, connect to network to download security updates, IP range scanned and compromised faster than you can patch it. Adam On Wed, Apr 16, 2014 at 05:28:27PM +0200, Wladimir wrote: On Wed, Apr 16, 2014 at 5:20 PM, Pieter Wuille [1]pieter.wui...@gmail.com wrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin [2]kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Â Should we assume that xp is not secure enough? Yes. It will quickly grow extremely insecure. People will be actively analyzing patches to post-XP versions to find security problems that are patched there, to see if they can be exploited on XP. Wladimir -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Wed, Apr 16, 2014 at 05:20:41PM +0200, Pieter Wuille wrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. Do we need a similar warning for OS X 10.6? The EOL of that one is *far* less well known than XP (because of Apple's failure to communicate product lifecycles). roy What is this warning? Windows XP is no longer maintained. Don't use such a system for protecting your money. Who is issuing this warning? Microsoft: http://windows.microsoft.com/en-us/windows/end-support-help The suggestion here is to make Bitcoin Core detect when it's running on Windows XP, and warn the user (they are likely unaware of the risks). -- Pieter -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
I think a warning like this is inappropriate. There are many reasons to use an out of date operating system and high level applications like wallets need not concern themselves with the rest of the system. Maybe the wallet can scan your browser cache and tell you to stop visiting somesite.com too? It just sounds like some kind of behavior modification that's being discussed here.. not-so-subtly suggesting that users shell out money for a newer version of the operating system, just to use their bitcoin wallets in a 'blessed' configuration. This actually sounds very similar to what happens with Apple iPhones.. they somehow manage to 'invalidate' the charging cables and accessories with every major software version. One day an accessory is working fine, then after the update users get a behavior modification nag every time they use it, urging them to buy a new one. Along these same lines, might as well put a warning about the registry keys needing to be cleaned, and maybe a 'shock the money' banner[1]. You guys all know how it works with financial software - there are many organizations using decades old software (and hardware) because they know its shortcomings, they've taken care of them in a way that works them, and they don't want to start all over just for the sake of having the newest version. -Laszlo [1] http://www.buzzfeed.com/adobe/obnoxious-banner-ads-that-everyone-remembers On Apr 16, 2014, at 8:42 PM, Roy Badami r...@gnomon.org.uk wrote: On Wed, Apr 16, 2014 at 05:20:41PM +0200, Pieter Wuille wrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. Do we need a similar warning for OS X 10.6? The EOL of that one is *far* less well known than XP (because of Apple's failure to communicate product lifecycles). roy What is this warning? Windows XP is no longer maintained. Don't use such a system for protecting your money. Who is issuing this warning? Microsoft: http://windows.microsoft.com/en-us/windows/end-support-help The suggestion here is to make Bitcoin Core detect when it's running on Windows XP, and warn the user (they are likely unaware of the risks). -- Pieter -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 4/16/2014 5:10 PM, Laszlo Hanyecz wrote: I think a warning like this is inappropriate. There are many reasons to use an out of date operating system and high level applications like wallets need not concern themselves with the rest of the system. Maybe the wallet can scan your browser cache and tell you to stop visiting somesite.com too? It just sounds like some kind of behavior modification that's being discussed here.. not-so-subtly suggesting that users shell out money for a newer version of the operating system, just to use their bitcoin wallets in a 'blessed' configuration. This actually sounds very similar to what happens with Apple iPhones.. they somehow manage to 'invalidate' the charging cables and accessories with every major software version. One day an accessory is working fine, then after the update users get a behavior modification nag every time they use it, urging them to buy a new one. Along these same lines, might as well put a warning about the registry keys needing to be cleaned, and maybe a 'shock the money' banner[1]. You guys all know how it works with financial software - there are many organizations using decades old software (and hardware) because they know its shortcomings, they've taken care of them in a way that works them, and they don't want to start all over just for the sake of having the newest version. -Laszlo [1] http://www.buzzfeed.com/adobe/obnoxious-banner-ads-that-everyone-remembers On Apr 16, 2014, at 8:42 PM, Roy Badami r...@gnomon.org.uk wrote: On Wed, Apr 16, 2014 at 05:20:41PM +0200, Pieter Wuille wrote: On Wed, Apr 16, 2014 at 5:12 PM, Kevin kevinsisco61...@gmail.com wrote: I think we should get to the bottom of this. Should we assume that xp is not secure enough? Yes. Do we need a similar warning for OS X 10.6? The EOL of that one is *far* less well known than XP (because of Apple's failure to communicate product lifecycles). roy What is this warning? Windows XP is no longer maintained. Don't use such a system for protecting your money. Who is issuing this warning? Microsoft: http://windows.microsoft.com/en-us/windows/end-support-help The suggestion here is to make Bitcoin Core detect when it's running on Windows XP, and warn the user (they are likely unaware of the risks). -- Pieter -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development Okay, so how about an autoupdate function which pulls a work around off the server? Sooner or later, the vulnerabilities must be faced. -- Kevin -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On 04/16/2014 02:29 PM, Kevin wrote: Okay, so how about an autoupdate function which pulls a work around off the server? Sooner or later, the vulnerabilities must be faced. NO. Bitcoin Core will never have an auto-update functionality. That would be a single point of failure whose compromise could result in the theft of every last bitcoin held in a Bitcoin Core wallet. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
On Wed, Apr 16, 2014 at 11:39 PM, Mark Friedenbach m...@monetize.io wrote: On 04/16/2014 02:29 PM, Kevin wrote: Okay, so how about an autoupdate function which pulls a work around off the server? Sooner or later, the vulnerabilities must be faced. NO. Bitcoin Core will never have an auto-update functionality. That would be a single point of failure whose compromise could result in the theft of every last bitcoin held in a Bitcoin Core wallet. Or, even accidentally, cause a hard forking bug to be rolled out (or worsen one). -- Pieter -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Warning message when running wallet in Windows XP (or drop support?)
Bringing the thread back on-topic: On Wed, Apr 16, 2014 at 1:14 AM, Wladimir laa...@gmail.com wrote: Hello, Today I noticed that even my bank is warning people to not do internet banking with Windows XP. If it is no longer secure enough for online banking it's CERTAINLY not secure enough to run a wallet (for a node only it would be ok-ish as they have no keys to protect). Any opinions on what to do here? I think eventually multi-wallet support will make it so that a wallet won't be created by default. Instead users would create-wallet, which would also give them options like using a HSM (e.g. trezor) or multisig secured wallet. That would be a great point where, if they elect to run and ordinary unsecured wallet, and the software detects that the host is known-to-not-likely-be-secure it could whine at them and direct them to a security best practices page. Then you also avoid whining at people who never run a wallet or use a hsm making the host security somewhat moot. -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
