Author: Anthony Towns 2017-09-12 03:37:03
Published on: 2017-09-12T03:37:03+00:00
In an email conversation, Alex Morcos discussed the issue of disclosing security vulnerabilities in altcoins. He noted that it is difficult to determine which altcoin developers are trustworthy enough to disclose the information to. However, he suggests that publicly disclosing the vulnerability would be better than keeping it unrevealed and allowing attackers to take advantage of users who haven't upgraded. Morcos also argues that good security for Bitcoin is not defined by constant upgrading. Upgrading has its benefits but one of the security considerations for Bitcoin is knowing that the definition of money hasn't changed. He suggests putting more effort into backporting fixes/workarounds to avoid changing software and discloses which patches have a security impact. He notes that if altcoin maintainers find it difficult to keep track of Bitcoin-core updates, they should contribute back to their upstream to make their job easier or help with backports. He adds that providing valuable information to the market about altcoins that are unable to keep up with security fixes is important.
Updated on: 2023-05-20T03:49:59.494547+00:00