Author: Daniel Stadulis 2017-09-11 17:43:52
Published on: 2017-09-11T17:43:52+00:00
In a Bitcoin-dev thread, Matt Corallo expressed concern over altcoins that run old versions of Bitcoin Core. This makes it difficult to disclose issues without putting people at risk, including some DoS issues that are preventing the release of the alert key. Anthony Towns suggested a responsible disclosure timeline which could include reporting the vulnerability privately and sharing details amongst a trusted group before releasing patches. However, Alex Morcos pointed out that there are many altcoin developers and it is difficult to know who to tell and who not to. Additionally, good security for Bitcoin is not defined by constant upgrading, as one of the security considerations for Bitcoin is knowing that the definition of money hasn't changed. Finally, Simon Liu raised concerns about vulnerabilities in Bitcoin that have been fixed but not publicly disclosed. He asked if anyone keeps track of security-related bugs and patches and whether such lists can be shared with other developers.
Updated on: 2023-06-12T18:40:46.374125+00:00