Big picture/mid-term I think air-gaps and zero-trust ecosystem components are the only solution. (zero-trust meaning like real-time auditability, or type 2/type 3 exchanges based on atomic-swap, trustless escrow etc).
Need a mass-production and air-drop of trezors :) There is one more problem address-substitution via untrusted network/user and weak site with 1mil lines of swiss-cheese security app-store. So some kind of address authentication TOFU. Aside from X509 bloatware which could be extended from payment protocol to do that, I'd argue for a native simple TOFU format like Alan Reiner's multiplier * base approach (where base is the TOFU handle). And/or something like the IBE address proposal (which gives a bandwidth efficiently SPV queryable way to check if funds received). Worst case if weil-pairing gets broken it auto-devolves to the current status quo. Btw not to reignite the stealth vs reusable address bike shedding, but contrarily I was thinking it maybe actually better to try to rebrand address as "invoice number". People understand double paying an invoice is not a good idea. And if they receive the same invoice twice they'll query it. Adam On Wed, Apr 16, 2014 at 11:41:48AM +0200, Wladimir wrote: > On Wed, Apr 16, 2014 at 10:45 AM, Melvin Carvalho > <[1]melvincarva...@gmail.com> wrote: > > XP with a trezor would work fine tho? > > Probably - but that's a very rare edge case. People that are security > conscious enough to buy a Trezor will not run XP. Also I don't dare to > say that there is not some way to sociaal-engineer the user with > malware on a compromised OS even with a trezor. > Maybe: for 0.9.2 add a warning message and push people to upgrade > (either to Win8.1 or something else), then in the next major release > 0.10.0 drop XP support completely. > Wladimir > >References > > 1. mailto:melvincarva...@gmail.com >------------------------------------------------------------------------------ >Learn Graph Databases - Download FREE O'Reilly Book >"Graph Databases" is the definitive new guide to graph databases and their >applications. Written by three acclaimed leaders in the field, >this first edition is now available. Download your free book today! >http://p.sf.net/sfu/NeoTech >_______________________________________________ >Bitcoin-development mailing list >Bitcoin-development@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bitcoin-development ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
