On Fri, Jul 01, 2011 at 11:06:56AM -0400, Gavin Andresen wrote:I just voted as well and now - with some extra votes in the meantime -
> > Not sure about OS differentiation, seems...wrong? Maybe disabled by
> > default on bitcoind but on by default on bitcoin?
>
> OK. I mis-remembered the poll:
> http://forum.bitcoin.org/index.php?topic=4392.0
>
> On by default 8 (20%)
> Off by default 22 (55%)
> On by default in the GUI, off by default in bitcoind 10 (25%)
it's 9 / 22 / 13. So exactly 50/50 between off (22) and some form of on
(9 + 13).
I'm in favor of turning it on by default in the GUI and leaving it off
in bitcoind.
I don't like UPnP much, I find it exemplifies exactly what is wrong with
computer security today: Convenience trumps security almost every time.
BUT: I don't think this is the moment to fight UPnP. It's the standard
mechanism in use today to let a computer behind a NAT accept incoming
connections. The user has already made the decision in regards to
convenience over security. By enabling UPnP (or by buying a product that
does this automatically) they are saying: I want it to "just work"
instead of having fine-grained but more complicated control.
Bitcoin is a P2P application and as such should use this
mechanism. I think it's pretty clear that participating in a P2P network
requires one to receive messages from other peers. At least no one seems
to be concerned that Bitcoin (by default!) listens on port 8333. So I
think it's only logical to extend that to work behind NATs as well