On Wed, Aug 20, 2014 at 08:24:33AM +0200, Wladimir wrote:
On Wed, Aug 20, 2014 at 3:26 AM, Troy Benjegerdes ho...@hozed.org wrote:
If bitcoin wants to become irrelevant, then by all means, continue to
depend on github and all the unknown attack surface it exposes.
Those of us that do
Gerrit is free if you can afford the admin(s) to maintain it.
http://code.google.com/p/gerrit/wiki/ShowCases
And yes, I'm volunteering to get paid to be the admin, especially if you
want a 'painless' log in with a github account feature, because it will
be very painful for me to unroll the
On Fri, Aug 22, 2014 at 09:20:11PM +0200, xor wrote:
On Tuesday, August 19, 2014 08:02:37 AM Jeff Garzik wrote:
It would be nice if the issues and git repo for Bitcoin Core were not
on such a centralized service as github, nice and convenient as it is.
Assuming there is a problem with that
I think it's a little disingenuous to talk about encrypting the P2P protocol
as a security improvement, when all the organized crime agencies need to do is
borrow a Fedex/UPS truck and deliver some laptops to Github employees and they
can insert whatever monitoring/0-day they want.
Encryption is
On Sat, Aug 23, 2014 at 8:17 AM, Troy Benjegerdes ho...@hozed.org wrote:
On Fri, Aug 22, 2014 at 09:20:11PM +0200, xor wrote:
On Tuesday, August 19, 2014 08:02:37 AM Jeff Garzik wrote:
It would be nice if the issues and git repo for Bitcoin Core were not
on such a centralized service as
Hi Mike,
thanks for your assessment.
Please find my replies in-line:
Misbehaving addresses can have their connecting difficulty
scaled up, which should make it uneconomic to try to DoS the usage of
Tor exit nodes for connecting to Bitcoin.
You can't solve DoS by requiring all clients
On 23 August 2014 12:38, Pieter Wuille pieter.wui...@gmail.com wrote:
That allows using github as easy-access mechanism for people to
contribute and inspect, while having a higher security standard for
the actual changes done to master.
I'd also like to point out the obvious: git uses the
Since when? This has been a recognized approach since people called it
hashcash ([1] - before cryptocurrencies were even invented).
I only know of one site that worked the way you propose: TicketMaster, a
long time ago. They used it as a less harsh form of blocking for IPs that
they strongly
On Sat, Aug 23, 2014 at 1:38 PM, Pieter Wuille pieter.wui...@gmail.com
wrote:
Note that we're generally aiming (though not yet enforcing) to have
merges done through the github-merge tool, which performs the merge
locally, shows the resulting diff, compares it with the merge done by
github,
On Tuesday, August 19, 2014 07:40:39 PM Jeff Garzik wrote:
Encryption is of little value if you may deduce the same information
by observing packet sizes and timings.
Instead of spawning a discussion whether this aspect is a reason to NOT
encrypt, you should do the obvious:
Fix that as well.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/23/2014 04:17 PM, xor wrote:
On Tuesday, August 19, 2014 07:40:39 PM Jeff Garzik wrote:
Encryption is of little value if you may deduce the same
information by observing packet sizes and timings.
Instead of spawning a discussion whether
On Sat, Aug 23, 2014 at 10:32:15AM -0400, Peter Todd wrote:
On Sat, Aug 23, 2014 at 01:17:01AM -0500, Troy Benjegerdes wrote:
This is why I clone git to mercurial, which is generally designed around the
assumption that history is immutable. You can't rewrite blockchain history,
and we
On Sat, Aug 23, 2014 at 04:50:30PM +, Justus Ranvier wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 08/23/2014 04:17 PM, xor wrote:
On Tuesday, August 19, 2014 07:40:39 PM Jeff Garzik wrote:
Encryption is of little value if you may deduce the same
information by observing
Not to mention encrypting basically non-sensitive inter-node traffic is
almost completely worthless in providing anonymity anyway...
Recall that P2P connections carry Bloom filters too, which are not public
information.
On Saturday, August 23, 2014 6:44:15 PM Mike Hearn wrote:
Not to mention encrypting basically non-sensitive inter-node traffic is
almost completely worthless in providing anonymity anyway...
Recall that P2P connections carry Bloom filters too, which are not public
information.
As soon as
I want go give a bit of an outsiders perspective. I thoroughly understand
the concepts of bitcoin and am a professional programmer, but have never
taken the time to compile my own copy of bitcoin core.
I have looked at the pull requests on Github many times. I have cloned the
repo to my own
On Sat, Aug 23, 2014 at 1:36 PM, Paul Rabahy prab...@gmail.com wrote:
I want go give a bit of an outsiders perspective. I thoroughly understand
the concepts of bitcoin and am a professional programmer, but have never
taken the time to compile my own copy of bitcoin core.
I have looked at the
On Sat, Aug 23, 2014 at 12:44:14PM -0500, Troy Benjegerdes wrote:
What I would really like is a frontend and/or integration to Git/Mercurial that
uses Bitcoin transactions *as* the signature, which has the nice side effect
of
providing timestamps backed by the full faith and credit of a
On Sat, Aug 23, 2014 at 07:02:55PM +, Luke Dashjr wrote:
On Saturday, August 23, 2014 6:44:15 PM Mike Hearn wrote:
Not to mention encrypting basically non-sensitive inter-node traffic is
almost completely worthless in providing anonymity anyway...
Recall that P2P connections carry
19 matches
Mail list logo
