Bitcoin's Software Gets Security Fixes, New Features

itwbennett (1594911) writes "The software driving Bitcoin's network was upgraded Wednesday, with security fixes addressing a problem that defunct bitcoin exchange Mt. Gox blamed for losing nearly half a billion dollars worth of bitcoins. The latest version of bitcoin's software, 0.9.0, contains more than a half dozen fixes for transaction malleability, according to the release notes for the software. Bitcoin Core also contains a new feature for payment requests. Previously, merchants couldn't attach a note describing an invoice, and people also could not supply a refund address to a merchant. The latest version automatically supplies a refund address." This wouldn't have prevented the Mt. Gox implosion since they weren't using the reference implementation. The foundation also renamed the software to "Bitcoin Core" to avoid confusion between Bitcoin-the-network and Bitcoin-the-reference-implementation,

Re:LOL .. 0.9.0?

[Jeremi]

Do people expect someone to take seriously a piece of software to manage financial transactions with a version like that?

Apparently people do take it seriously, so it looks like the answer is yes.

Staying in the 0.x range for a long time is typical for open-source software -- a lot of packages don't go to 1.0 until they have been in use for many years. It doesn't necessarily imply anything bad (or good) about the reliability of the software.

If BitCoin was commercial software, no doubt it would be up to Version 7 Professional Platinum Collector's Edition now... but then again, if it was commercial software, it would probably be closed source, and therefore nobody would trust it enough to use it, and we wouldn't be having this conversation.

Re:LOL .. 0.9.0?

[Animats]

The base Bitcoin technology is surprisingly good. Nobody has been able to double-spend yet. The "mallability" bug has to do with programs which incorrectly decide a transaction didn't go through and redo it.

Most of Bitcoin's problems aren't with the software. Bitcoin's irrevocable money sends to anonymous remote parties are the con man's dream. At last, you can rip people off without ever giving them enough info to find you. That's why Bitcoin is such a scumbag magnet.

Mt. Gox's problems stem from a combination of incompetence and criminal activity. They're not technical. Karpeles was running a business that handled a billion dollars a year without an accountant, a controller, an inside auditor, an outside auditor, or a compliance officer. You can't do that and succeed. You have to have enough separation of functions that no employee can steal without detection. Mt. Gox didn't have that. Probably so that Karpeles could steal.

Re:What?

[pla]

Are you fucking kidding me? Bug fixes for a currency?

Why? The Federal reserve calls these "Quantitative Easing". We've had three major patches in as many years, along with quite a few minor updates to those outside the normal update release cycle.