Author: Mike Hearn 2013-05-07 09:17:17
Published on: 2013-05-07T09:17:17+00:00
The signatures for verifying the integrity of mirrors are mostly security theater as they are not checked by many and the identities of signers/developers are obtained from the same website that serves the binary, making it less secure. The verify-bitcoin.sh script is used to check the signatures but it's not reliable enough. On Android, the Bitcoin Wallet app is protected by various measures such as only accepting updates signed by the same key as the original, being at the top of the Play Store search results, and a theoretically capable threshold RSA library. MacOS X binaries are signed under the legal identity of the Bitcoin Foundation and unsigned binaries will not run by default on 10.8. Windows antivirus companies operate binary whitelisting to fight polymorphic viruses. However, Linux has the worst situation of all, with man-in-the-middle attacks and patches being common, thus needing a health warning on the website.
Updated on: 2023-06-06T16:15:41.536316+00:00