Updates #1744

Merged
merged 10 commits into from Feb 21, 2017

Conversation

7 participants
@moneromooo-monero
Contributor

moneromooo-monero commented Feb 18, 2017

No description provided.

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Feb 18, 2017

Contributor

DO NOT MERGE YET

Contributor

moneromooo-monero commented Feb 18, 2017

DO NOT MERGE YET

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Feb 18, 2017

Contributor

Aaaaaand I uploaded an old version. Fixing...

Contributor

moneromooo-monero commented Feb 18, 2017

Aaaaaand I uploaded an old version. Fixing...

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Feb 18, 2017

Contributor

STILL DO NOT MERGE YET

Contributor

moneromooo-monero commented Feb 18, 2017

STILL DO NOT MERGE YET

@NanoAkron

This comment has been minimized.

Show comment
Hide comment
@NanoAkron

NanoAkron Feb 18, 2017

Contributor

So there's an interesting philosophical point here - we use an adversarial system to achieve consensus on the network's transaction record system (the blockchain) to prevent censorship. Yet here a three letter agency need only attack the single source of software updates to gain control.

Is there a way we can safely distribute or validate the correctness of our software in a censorship resistant manner?

Contributor

NanoAkron commented Feb 18, 2017

So there's an interesting philosophical point here - we use an adversarial system to achieve consensus on the network's transaction record system (the blockchain) to prevent censorship. Yet here a three letter agency need only attack the single source of software updates to gain control.

Is there a way we can safely distribute or validate the correctness of our software in a censorship resistant manner?

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Feb 19, 2017

Contributor

It already does. pigeons will work on reproducible builds. As for the rest, we'd need to make sure it's hard to sybil. This all sounds a bit like "wouldn't it be nice if we all had flying cars". Sure, but you might notice the reason it's not there yet isn't that nobody realized it was a good idea (and I'm not sure about the flying cars one).

So, maybe, but not now.

Contributor

moneromooo-monero commented Feb 19, 2017

It already does. pigeons will work on reproducible builds. As for the rest, we'd need to make sure it's hard to sybil. This all sounds a bit like "wouldn't it be nice if we all had flying cars". Sure, but you might notice the reason it's not there yet isn't that nobody realized it was a good idea (and I'm not sure about the flying cars one).

So, maybe, but not now.

@moneromooo-monero

This comment has been minimized.

Show comment
Hide comment
@moneromooo-monero

moneromooo-monero Feb 19, 2017

Contributor

Update to match URLs being less canonical than I'd want them.

STILL DO NOT MERGE Can be merged now.

Contributor

moneromooo-monero commented Feb 19, 2017

Update to match URLs being less canonical than I'd want them.

STILL DO NOT MERGE Can be merged now.

@fluffypony

Reviewed

moneromooo-monero added some commits Feb 16, 2017

util: add a vercmp function to compare version numbers
It is simple, supports simple x.y.z type numeric versions,
and does not attempt any kind of validation
core: display any fork warning at startup too
This is a good time for the operator to be around and see it
Optionally query moneropulse DNS records to check for updates
It just checks and prints a message if there is a new version
for now.
@fluffypony

Re-reviewed

@fluffypony fluffypony merged commit a5a0a3c into monero-project:master Feb 21, 2017

0 of 10 checks passed

buildbot/monero-static-debian-armv8 Build done.
Details
buildbot/monero-static-freebsd64 Build done.
Details
buildbot/monero-static-osx-10.10 Build done.
Details
buildbot/monero-static-osx-10.11 Build done.
Details
buildbot/monero-static-osx-10.12 Build done.
Details
buildbot/monero-static-ubuntu-i686 Build done.
Details
buildbot/monero-static-dragonflybsd-amd64 Build started.
Details
buildbot/monero-static-ubuntu-amd64 Build started.
Details
buildbot/monero-static-win32 Build started.
Details
buildbot/monero-static-win64 Build started.
Details

fluffypony added a commit that referenced this pull request Feb 21, 2017

Merge pull request #1744
a5a0a3c core: updates can now be downloaded (and SHA256 hash checked) (moneromooo-monero)
216f062 util: add a SHA256 function (moneromooo-monero)
4bf7849 mlog: only silence errors for net by default, not net.* (moneromooo-monero)
d282cfc core: test key images against validity domain (moneromooo-monero)
efb72e7 http_client: add a couple consts (moneromooo-monero)
f640512 Optionally query moneropulse DNS records to check for updates (moneromooo-monero)
e3cae4a core: display any fork warning at startup too (moneromooo-monero)
969ad71 dns_utils: fix first checked DNS entry being ignored (moneromooo-monero)
08c3f38 util: add a vercmp function to compare version numbers (moneromooo-monero)
e8a7525 dns_utils: factor TXT record loading code from checkpoint code (moneromooo-monero)
@fluffypony

This comment has been minimized.

Show comment
Hide comment
@fluffypony

fluffypony Feb 21, 2017

Collaborator

@NanoAkron they don't need to just compromise the website. They'd also have to compromise the hashes, which are GPG signed by me (on the website) and also in a DNSSEC-signed record (which is what the updater uses). Compromising my GPG key wouldn't compromise the website or the DNSSEC-signed record. Compromising the DNSSEC-signed record wouldn't compromise the website or my GPG key.

It would be nice if someone built a tool / hosted a site (eventually) that checked if the GPG-signed hashes correctly use my signature, and if the hashes match those in the DNSSEC-signed records.

Collaborator

fluffypony commented Feb 21, 2017

@NanoAkron they don't need to just compromise the website. They'd also have to compromise the hashes, which are GPG signed by me (on the website) and also in a DNSSEC-signed record (which is what the updater uses). Compromising my GPG key wouldn't compromise the website or the DNSSEC-signed record. Compromising the DNSSEC-signed record wouldn't compromise the website or my GPG key.

It would be nice if someone built a tool / hosted a site (eventually) that checked if the GPG-signed hashes correctly use my signature, and if the hashes match those in the DNSSEC-signed records.

+ for(const auto& in: tx.vin)
+ {
+ CHECKED_GET_SPECIFIC_VARIANT(in, const txin_to_key, tokey_in, false);
+ if (!(rct::scalarmultKey(rct::ki2rct(tokey_in.k_image), rct::curveOrder()) == rct::identity()))

This comment has been minimized.

@daira

daira May 18, 2017

👍

@iridiumblue

This comment has been minimized.

Show comment
Hide comment
@iridiumblue

iridiumblue May 24, 2017

Wow - this is what a billion-dollar act of integrity looks like.

Respect.

Wow - this is what a billion-dollar act of integrity looks like.

Respect.

@nfd9001

This comment has been minimized.

Show comment
Hide comment
@nfd9001

nfd9001 May 24, 2017

Badass! Thanks.

nfd9001 commented May 24, 2017

Badass! Thanks.

@stefek99

This comment has been minimized.

Show comment
Hide comment
@stefek99

stefek99 Jun 6, 2017

I do not fully understand the mechanism and / or implications.

Arrived here via blog some time ago: https://getmonero.org/2017/05/17/disclosure-of-a-major-bug-in-cryptonote-based-currencies.html

Now I'm looking at https://cryptonotestarter.org/inner.html and https://github.com/cryptonotefoundation/cryptonote

Latest commit 8edd998 on Jan 18, 2016

I should probably notify them and request update.

stefek99 commented Jun 6, 2017

I do not fully understand the mechanism and / or implications.

Arrived here via blog some time ago: https://getmonero.org/2017/05/17/disclosure-of-a-major-bug-in-cryptonote-based-currencies.html

Now I'm looking at https://cryptonotestarter.org/inner.html and https://github.com/cryptonotefoundation/cryptonote

Latest commit 8edd998 on Jan 18, 2016

I should probably notify them and request update.

@stefek99 stefek99 referenced this pull request in cryptonotefoundation/cryptonote Jun 6, 2017

Open

DISCLOSURE OF A MAJOR BUG IN CRYPTONOTE BASED CURRENCIES #39

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment