Hi Eric,
> Many other projects have been on the receiving end of this misperception, and it has in fact caused material harm to the community
Without getting in unnecessarily re-opening old wounds, if you have examples of what has caused material harm to the community, it can be interesting to share.
From experience with second-layers, as soon as you start to have many codebases affected by a vuln, it's another kind of dynamics so good to draw lessons.
> I don't know what precipitated this change, but props to you all for stepping up.
About the timing, among many factors, the bitcoin whitepaper assignment legal issue is hopefully less a concern now so some competent people have more time to handle that job of publicly disclosing security bugs. In addition, the bitcoin open-source landscape has more resources (for the best and worst) than 10 years ago. From sharing beers with Amir not so lately, it wasn't that +10 years ago. I know he was kicked-off from the original sec list, though I'm not sure the reasons are well-known.
Best,
Antoine
Le jeudi 4 juillet 2024 à 02:13:15 UTC+1, Eric Voskuil a écrit :
> The project has historically done a poor job at publicly disclosing security-critical bugs, whether externally reported or found by contributors. This has led to a situation where a lot of users perceive Bitcoin Core as never having bugs. This perception is dangerous and, unfortunately, not accurate.
I have to say this is one of the most compelling statements I've seen from the bitcoind/Bitcoin Core team in over 10 years. Many other projects have been on the receiving end of this misperception, and it has in fact caused material harm to the community. I don't know what precipitated this change, but props to you all for stepping up.
Best,Eric
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/46a677b3-3838-4a2d-b8d3-8c0e05e4139dn%40googlegroups.com.