[Bitcoin-development] Safe auto-updating
Daniel F
nanotube at gmail.com
Mon Aug 5 15:54:02 UTC 2013
If you want package authentication, you should at least throw in some
digital signing, not just a checksum. With a compromised host, both the
checksum and binaries can be changed undetectably, but if there's a
signature made by a key that is not kept on the host, there's no way to
fake a valid binary.
There may be other issues people would want to bring up, but surely just
a checksum is not sufficient.
on 08/05/2013 10:39 AM Wendell said the following:
> For usability purposes, we at Hive would like to have an
> auto-updater
in our wallet app.
>
> What is a safe way to do this? I understand that Bitcoin-QT lacks
> such
an updater for security reasons... Has been thought out in more detail
since that decision was made?
>
> We have been toying around with the idea of placing one server
> behind
a Tor hidden service, whose only function is to output a checksum of the
update package. The theory is that if it is well-secured, it will at
least be immune to tampering at the physical hosting level.
>
> Any thoughts or advice about any of this?
> -wendell
>
> grabhive.com | twitter.com/grabhive | gpg: 6C0C9411
>
>
>
> ------------------------------------------------------------------------------
> Get your SQL database under version control now!
> Version control is standard for application code, but databases havent
> caught up. So what steps can you take to put your SQL databases under
> version control? Why should you start doing it? Read more to find out.
> http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
More information about the bitcoin-dev
mailing list