public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Bitcoin Development <bitcoin-development@lists.sourceforge.net>,
	electrum.desktop@gmail.com
Subject: [Bitcoin-development] Electrum security model concerns
Date: Sat, 6 Oct 2012 12:37:20 -0400	[thread overview]
Message-ID: <CAAS2fgTVp7PhdJMfz-huyOsp=6Ca9wH6cVkedMgntXnK+ZpDXg@mail.gmail.com> (raw)

I'm concerned about how the particular security model of electrum is
being described; or rather— not being described.  The electrum website
appears to have no security discussion beyond platitudes like "Secure:
Your private keys are not shared with the server. You do not have to
trust the server with your money.", "No scripts: Electrum does not
download any script at runtime. A compromised server cannot compromise
your client."

Claims like "You do not have to trust the server with your money" are
factually incorrect.

What I would expect is a proper discussion, like "Understanding the
bitcoinj security model":
http://code.google.com/p/bitcoinj/wiki/SecurityModel  (which I don't
agree with completely— as it makes some claims which are known to be
false— wrt detecting double spends, but it does give a reasonable
overview),  and avoidance of broad claims which will result in
misunderstandings that result in users engaging in riskier behaviors
which they could avoid if they better understood the security of the
software they're running.



             reply	other threads:[~2012-10-06 16:37 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-10-06 16:37 Gregory Maxwell [this message]
2012-10-08 11:52 ` [Bitcoin-development] Electrum security model concerns Mike Hearn
2012-10-09  3:22   ` Gregory Maxwell
2012-10-10 11:19     ` Mike Hearn
2012-10-10 14:06       ` Gary Rowe
2012-10-10 15:23       ` Gregory Maxwell
2012-10-10 15:55         ` Mike Hearn
2012-11-15 23:45 ` Gregory Maxwell
2012-11-16 15:59   ` Mike Hearn
2012-11-16 17:44     ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAAS2fgTVp7PhdJMfz-huyOsp=6Ca9wH6cVkedMgntXnK+ZpDXg@mail.gmail.com' \
    --to=gmaxwell@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=electrum.desktop@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox