Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bitcoin's Software Gets Security Fixes, New Features

Posted by Unknown on from the don't-modify-that-transaction dept.

itwbennett (1594911) writes "The software driving Bitcoin's network was upgraded Wednesday, with security fixes addressing a problem that defunct bitcoin exchange Mt. Gox blamed for losing nearly half a billion dollars worth of bitcoins. The latest version of bitcoin's software, 0.9.0, contains more than a half dozen fixes for transaction malleability, according to the release notes for the software. Bitcoin Core also contains a new feature for payment requests. Previously, merchants couldn't attach a note describing an invoice, and people also could not supply a refund address to a merchant. The latest version automatically supplies a refund address." This wouldn't have prevented the Mt. Gox implosion since they weren't using the reference implementation. The foundation also renamed the software to "Bitcoin Core" to avoid confusion between Bitcoin-the-network and Bitcoin-the-reference-implementation,

7 of 173 comments (clear)

  1. Let me be the first to say by Anonymous Coward · · Score: 4, Funny

    Thanks, Dorian!

  2. Re:LOL .. 0.9.0? by Jeremi · · Score: 5, Insightful

    Do people expect someone to take seriously a piece of software to manage financial transactions with a version like that?

    Apparently people do take it seriously, so it looks like the answer is yes.

    Staying in the 0.x range for a long time is typical for open-source software -- a lot of packages don't go to 1.0 until they have been in use for many years. It doesn't necessarily imply anything bad (or good) about the reliability of the software.

    If BitCoin was commercial software, no doubt it would be up to Version 7 Professional Platinum Collector's Edition now... but then again, if it was commercial software, it would probably be closed source, and therefore nobody would trust it enough to use it, and we wouldn't be having this conversation.

    --


    I don't care if it's 90,000 hectares. That lake was not my doing.
  3. Re:LOL .. 0.9.0? by Animats · · Score: 5, Informative

    The base Bitcoin technology is surprisingly good. Nobody has been able to double-spend yet. The "mallability" bug has to do with programs which incorrectly decide a transaction didn't go through and redo it.

    Most of Bitcoin's problems aren't with the software. Bitcoin's irrevocable money sends to anonymous remote parties are the con man's dream. At last, you can rip people off without ever giving them enough info to find you. That's why Bitcoin is such a scumbag magnet.

    Mt. Gox's problems stem from a combination of incompetence and criminal activity. They're not technical. Karpeles was running a business that handled a billion dollars a year without an accountant, a controller, an inside auditor, an outside auditor, or a compliance officer. You can't do that and succeed. You have to have enough separation of functions that no employee can steal without detection. Mt. Gox didn't have that. Probably so that Karpeles could steal.

  4. Re:LOL .. 0.9.0? by IamTheRealMike · · Score: 4, Insightful

    The point of using such a version number is exactly to remind people that Bitcoin is new and experimental. It's quite possible to understand that something is a risky experiment, yet still take it seriously - these two things are not incompatible.

    But, hey, if you want to put your money into a currency which is still getting bug fixes, go right ahead. That's your choice.

    Banks and governments routinely have to upgrade banknotes and other forms of security on their own money, which you can see as "fixing bugs" in the sense that the ability to counterfeit is a bug. Development never really stops, so a 0.9 vs 1.0 is an entirely arbitrary line in the sand.

  5. Re:What? by pla · · Score: 5, Informative

    Are you fucking kidding me? Bug fixes for a currency?

    Why? The Federal reserve calls these "Quantitative Easing". We've had three major patches in as many years, along with quite a few minor updates to those outside the normal update release cycle.

  6. Re:LOL .. 0.9.0? by DaveV1.0 · · Score: 4, Informative

    Because it is generally accepted that the three digit version number system works as major.minor.patch_level. A 0 major version level means the software is still in beta and not fit for production use.

    Does that answer your question, Trolio?

    --
    There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
  7. Re:What? by TheCarp · · Score: 4, Interesting

    Um actually I believe you mean the treasury calls this "A new series". You know, like that line of purple spooge they put across some of the new bills.

    Turns out, older series of the "Cash" currency had bugs which allowed for unscrupulous parties to make copies and double spend. So the treasury has released a patch, which is rolled out as they get their hands on older series bills and destroy them to be replaced by the new ones.

    Don't get me wrong, I am ready willing and able to get into some fed hate, but, this is just a better example.

    --
    "I opened my eyes, and everything went dark again"