đź“… Original date posted:2014-05-19
đź“ť Original message:On Mon, May 19, 2014 at 1:01 PM, Justus Ranvier <justusranvier at gmail.com> wrote:
> YOU can make promises about YOUR future behavior. So can everyone else.
>
> The rest of the community can keep track of which developers will and
> will not make promises about what changes they will and will not
> attempt to implement in Bitcoin, and they can use that information to
> make informed decisions about which software they will choose to support.
I promise that if bad people show up with a sufficient pointy gun that
I'll do whatever they tell me to do. I'll make bad proposals, submit
backdoors, and argue with querulous folks on mailing lists, diverting
them from real development and review work, all as commanded. Maybe
I'll try to sneak out a warning of some kind, maybe... but with my
life or my families or friends lives on the line— probably not.
... and I think that anyone who tells you otherwise probably just
hasn't really thought it through. So what is the point of commitments
like that? People change, people go crazy, people are coerced. Crap
happens, justifications are made, life goes on— or so we hope.
What matters is building infrastructure— both social and technical—
that is robust against those sorts of failures. If you're depending on
individual developers (including anonymous parties and volunteers) to
be somehow made more trustworthy by some promises on a mailing list
you've already lost.
If you care about this you could instead tell us about how much time
you promise to spend reviewing technical work to make sure such
attacks cannot be successful, regardless of their origins. Where are
your gitian signatures? I think thats a lot more meaningful, and it
also improves security for everyone involved since knowing that such
attacks can not succeeded removes the motivation for ever trying.
A lot of what Bitcoin is about, for me at least, is building systems
which are as trustless as possible— ruled by unbreakable rules
embodied in the software people chose to use out of their own free
will and understanding. Or at least thats the ideal we should try to
approximate. If we're successful the adhomenim you've thrown on this
list will be completely pointless— not because people are trusted to
not do evil but because Bitcoin users won't accept technology that
makes it possible.
So please go ahead and assume I'm constantly being evil and trying to
sneak something in... the technology and security can only be better
for it, but please leave the overt attacks at the door. Think
gentleman spies, not a street fighting death match. The rude attacks
and characterizations just turn people off and don't uncover actual
attacks. Maybe the informal guideline should be one flame-out
personal attack per cryptosystem you break, serious bug you uncover,
or impossible problem you solve. :)
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 15:21:47
in reply to nevent1q…td4z
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetPublished at
2023-06-07 15:21:47Event JSON
{
"id": "fa20602800f93db2cc14b78f424989531261618fc318412db2c9aeb106779cea",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686151307,
"kind": 1,
"tags": [
[
"e",
"eb271ca824362a49a4ff532cb8985e408bc039c4af8ff285b3addc300ead7727",
"",
"root"
],
[
"e",
"1faa360a40fcbe799e9c5f59c9df00b02a358e033c673cd06c2da73441745d87",
"",
"reply"
],
[
"p",
"b2b39b6f2c86908d3da9f500193abd5757b21cac328f838800a48c4d557c10dd"
]
],
"content": "📅 Original date posted:2014-05-19\n📝 Original message:On Mon, May 19, 2014 at 1:01 PM, Justus Ranvier \u003cjustusranvier at gmail.com\u003e wrote:\n\u003e YOU can make promises about YOUR future behavior. So can everyone else.\n\u003e\n\u003e The rest of the community can keep track of which developers will and\n\u003e will not make promises about what changes they will and will not\n\u003e attempt to implement in Bitcoin, and they can use that information to\n\u003e make informed decisions about which software they will choose to support.\n\nI promise that if bad people show up with a sufficient pointy gun that\nI'll do whatever they tell me to do. I'll make bad proposals, submit\nbackdoors, and argue with querulous folks on mailing lists, diverting\nthem from real development and review work, all as commanded. Maybe\nI'll try to sneak out a warning of some kind, maybe... but with my\nlife or my families or friends lives on the line— probably not.\n\n... and I think that anyone who tells you otherwise probably just\nhasn't really thought it through. So what is the point of commitments\nlike that? People change, people go crazy, people are coerced. Crap\nhappens, justifications are made, life goes on— or so we hope.\n\nWhat matters is building infrastructure— both social and technical—\nthat is robust against those sorts of failures. If you're depending on\nindividual developers (including anonymous parties and volunteers) to\nbe somehow made more trustworthy by some promises on a mailing list\nyou've already lost.\n\nIf you care about this you could instead tell us about how much time\nyou promise to spend reviewing technical work to make sure such\nattacks cannot be successful, regardless of their origins. Where are\nyour gitian signatures? I think thats a lot more meaningful, and it\nalso improves security for everyone involved since knowing that such\nattacks can not succeeded removes the motivation for ever trying.\n\nA lot of what Bitcoin is about, for me at least, is building systems\nwhich are as trustless as possible— ruled by unbreakable rules\nembodied in the software people chose to use out of their own free\nwill and understanding. Or at least thats the ideal we should try to\napproximate. If we're successful the adhomenim you've thrown on this\nlist will be completely pointless— not because people are trusted to\nnot do evil but because Bitcoin users won't accept technology that\nmakes it possible.\n\nSo please go ahead and assume I'm constantly being evil and trying to\nsneak something in... the technology and security can only be better\nfor it, but please leave the overt attacks at the door. Think\ngentleman spies, not a street fighting death match. The rude attacks\nand characterizations just turn people off and don't uncover actual\nattacks. Maybe the informal guideline should be one flame-out\npersonal attack per cryptosystem you break, serious bug you uncover,\nor impossible problem you solve. :)",
"sig": "b0c434d668295937e487eb9ed568ac6cd0f25e72448d7bd235ce9c7b42f5c358d7167e73658f374d3d4b3473245c1c32f98bb5fc806ce6d0f8a77d051a84bc06"
}