elective-stereophonic
elective-stereophonic
A longer reply to Jeff Garzik
Please login or register.

Login with username, password and session length
Advanced search  

News:

Latest Nxt Client: Nxt 1.11.15

Pages: [1] 2 3 ... 8  All

Author Topic: A longer reply to Jeff Garzik  (Read 18321 times)

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
A longer reply to Jeff Garzik
« on: September 16, 2014, 01:59:57 pm »

Yesterday Nxt got an attention of Jeff Garzik who is one of Bitcoin core devs. Taking aside the real motives behind the tweet (https://twitter.com/jgarzik/status/511566276255154177) I want to reply to his suggestion to use Gitian for building Nxt binaries.

Gitian was created by Bitcoin devs to provide a deterministic way to build Bitcoin core software. The software is written in C++ which is compiled into assembly code and can't be easily reverted back into the source. Usage of Gitian requires a user to put trust into parties that verify source code, but this is a wrong way from my point of view (and PoV of suspect #1 on the role of Satoshi Nakamoto - http://nakamotoinstitute.org/trusted-third-parties/, - btw). A much better way is to use languages/technologies that preserve 100% of "open-sourceness" of the code. It's Java, C#, JavaScript to name a few. Programs written in these languages can be translated back into the source code (if obfuscation is not used).

Jeff says that "bytecode implants [into Java binaries] are trivial" but can't explain how it's even possible in real-world scenario. All that I got on my direct answer is a reply that looks as an attempt to derail the conversation. This is sad, Jeff, public figures like you shouldn't behave this way.

Regarding "users do /not/ build the binaries" (https://twitter.com/jgarzik/status/511868652648288256), check the archive, it contains the complete source code with the libraries and the building script. Those who trust Jean-Luc (lead Nxt dev) need just to check the hash of the archive. The binaries used by them can be easily decompiled should a question related to the original source code arise. Those who don't trust can build the binaries by themselves.

PS: Bitcoin has become too centralized. It asks you to trust GHash. It asks you to trust Gitian validators. Time to move from medieval epoch to a truly open world. Use Java/C#, they are as fast as C++ but are much more secure.
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #1 on: September 16, 2014, 02:02:11 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?
Logged

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #2 on: September 16, 2014, 02:24:27 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #3 on: September 16, 2014, 02:32:24 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.

But right now we are forced to trust Jean-Luc. I'd rather trust a multisig then a single sig.
Logged

Come-from-Beyond

  • Hero Member
  • *****
  • Karma: +794/-671
  • Offline Offline
  • Posts: 4013
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #4 on: September 16, 2014, 02:50:22 pm »

Easy money - https://twitter.com/jgarzik/status/511887784324251649

Just bet with Jeff on any amount that he won't find any backdoor in current version of NRS within a reasonable timeframe.
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #5 on: September 16, 2014, 03:06:00 pm »

Why ARE you pushing back so hard on this? This kind of transparency is a complete no brainer.... Seriously, what gives man?
Logged

Damelon

  • Administrator
  • Hero Member
  • *****
  • Karma: +792/-54
  • Offline Offline
  • Posts: 2314
    • View Profile
    • Nxt Inside
Re: A longer reply to Jeff Garzik
« Reply #6 on: September 16, 2014, 03:19:11 pm »

Easy money - https://twitter.com/jgarzik/status/511887784324251649

Just bet with Jeff on any amount that he won't find any backdoor in current version of NRS within a reasonable timeframe.

Is there a reason nót to have "Multiple devs must publicly verify (w/ PGP) build output matches source"?
Logged
Member of the Nxt Foundation | Donations: NXT-D6K7-MLY6-98FM-FLL5T
Join Nxt Slack! https://nxtchat.herokuapp.com/
Founder of Blockchain Workspace | Personal Site & Blog

kLee

  • Full Member
  • ***
  • Karma: +24/-4
  • Offline Offline
  • Posts: 115
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #7 on: September 16, 2014, 03:26:58 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.
I thought your issue was decentralisation. Now it is insecure practices?
Why insecure?
Logged

MrV777

  • Hero Member
  • *****
  • Karma: +112/-4
  • Offline Offline
  • Posts: 982
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #8 on: September 16, 2014, 03:31:49 pm »

Easy money - https://twitter.com/jgarzik/status/511887784324251649

Just bet with Jeff on any amount that he won't find any backdoor in current version of NRS within a reasonable timeframe.

Is there a reason nót to have "Multiple devs must publicly verify (w/ PGP) build output matches source"?

+1
I would think we could have multiple devs verify a build (providing PGP too to verify it is them), when I new version comes out in the forums.
Logged
NXT: NXT-BK2J-ZMY4-93UY-8EM9V
NXT nodes: 209.222.98.250, 216.155.128.10

devphp

  • Hero Member
  • *****
  • Karma: +87/-14
  • Offline Offline
  • Posts: 1229
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #9 on: September 16, 2014, 03:32:14 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.
I thought your issue was decentralisation. Now it is insecure practices?
Why insecure?

Klee, CN coins will be massively inflationary for years, and most anonymity obsessed individuals have been using Bitcoin mixers just fine. CN anonymity is just hype, Monero fans won't bring enough buyers to their rows and will end up holding the bag, run before it's too late! :)
Logged

kLee

  • Full Member
  • ***
  • Karma: +24/-4
  • Offline Offline
  • Posts: 115
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #10 on: September 16, 2014, 03:34:56 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.
I thought your issue was decentralisation. Now it is insecure practices?
Why insecure?

Klee, CN coins will be massively inflationary for years, and most anonymity obsessed individuals have been using Bitcoin mixers just fine. CN anonymity is just hype, Monero fans won't bring enough buyers to their rows and will end up holding the bag, run before it's too late! :)
The speculation side looks good for the moment - I don't plan to stay long term in them ;)
Logged

ChuckOne

  • Hero Member
  • *****
  • Karma: +293/-17
  • Offline Offline
  • Posts: 3450
  • ☕ NXT-4BTE-8Y4K-CDS2-6TB82
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #11 on: September 16, 2014, 04:16:09 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.

But right now we are forced to trust Jean-Luc. I'd rather trust a multisig then a single sig.

We are not. Just read the source.
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #12 on: September 16, 2014, 04:18:00 pm »

So are you saying it is absolutely impossible to have multiple devs sign off on a build before it is released to the public?

It's possible, but it would mean that devs endorse insecure practices. Look around to see the result of trusting 3rd parties like govt.

But right now we are forced to trust Jean-Luc. I'd rather trust a multisig then a single sig.

We are not. Just read the source.

If you had read any of the concerns you should know that does not solve the problem at hand.
Logged

ChuckOne

  • Hero Member
  • *****
  • Karma: +293/-17
  • Offline Offline
  • Posts: 3450
  • ☕ NXT-4BTE-8Y4K-CDS2-6TB82
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #13 on: September 16, 2014, 04:23:42 pm »

If you had read any of the concerns you should know that does not solve the problem at hand.

Neither does sig or multisig or whateversig.

Btw. I was reponding to your statement: "But right now we are forced to trust Jean-Luc." That is plain wrong.
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #14 on: September 16, 2014, 04:25:05 pm »

Of course it is. How is work checked by multiple independent parties not more secure then a single entity posting whatever they wish? Have I stepped into the twilight zone here?
Logged

ChuckOne

  • Hero Member
  • *****
  • Karma: +293/-17
  • Offline Offline
  • Posts: 3450
  • ☕ NXT-4BTE-8Y4K-CDS2-6TB82
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #15 on: September 16, 2014, 04:27:00 pm »

Of course it is. How is work checked by multiple independent parties not more secure then a single entity posting whatever they wish? Have I stepped into the twilight zone here?

Who are those independent parties going to be?
Logged

_mr_e

  • Hero Member
  • *****
  • Karma: +88/-18
  • Offline Offline
  • Posts: 956
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #16 on: September 16, 2014, 04:28:31 pm »

Of course it is. How is work checked by multiple independent parties not more secure then a single entity posting whatever they wish? Have I stepped into the twilight zone here?

Who are those independent parties going to be?

I have no idea. That's part of coming up with a solid and safe build process.
Logged

k_day

  • Full Member
  • ***
  • Karma: +12/-0
  • Offline Offline
  • Posts: 149
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #17 on: September 16, 2014, 04:30:25 pm »

Gotta say, pretty surprising to see a BTC dev acting like that. It is fair to raise concerns and point out flaws, but yelling #scam and spreading FUD is some newbie level bitcointalk stuff.
Logged
NXT --> NXT-BY7Y-UB4X-6Z3C-8PP3V

k_day

  • Full Member
  • ***
  • Karma: +12/-0
  • Offline Offline
  • Posts: 149
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #18 on: September 16, 2014, 04:31:40 pm »

I guess we can safely say BTC won't be joining the SuperNET?  :)
Logged
NXT --> NXT-BY7Y-UB4X-6Z3C-8PP3V

Jacinto

  • Hero Member
  • *****
  • Karma: +55/-20
  • Offline Offline
  • Posts: 662
    • View Profile
Re: A longer reply to Jeff Garzik
« Reply #19 on: September 16, 2014, 04:34:53 pm »

Of course it is. How is work checked by multiple independent parties not more secure then a single entity posting whatever they wish? Have I stepped into the twilight zone here?

Who are those independent parties going to be?

I have no idea. That's part of coming up with a solid and safe build process.

Why not you, mr_e? you seem to be too concerned about this problem. It is on your hand to solve it (partially at least)

I guess we can safely say BTC won't be joining the SuperNET?  :)

Thanks, You made my day  :D
Logged
BCNext son.
Pages: [1] 2 3 ... 8  All
 

elective-stereophonic
elective-stereophonic
assembly
assembly