>> (p.1)
    Author Topic: US Computer Emergency Readiness Team nist.gov publish 2year old bitcoin vulns  (Read 1254 times)

    • julz (OP)
    Legendary
    *
    Offline Offline

    Activity: 1092
    Merit: 1001



    View Profile
    August 14, 2012, 12:03:26 AM
    Last edit: August 14, 2012, 03:32:44 AM by julz
     #1
    http://www.us-cert.gov/cas/bulletins/SB12-226.html

    http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5139

    which references the discussion thread: https://bt.irlbtc.com/view/822.0


    Why now?  Is it standard practice to release such old warnings?

    With wording like:
    "allows remote attackers to bypass intended economic restrictions and create many bitcoins via a crafted Bitcoin transaction."
    and
    "Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service"

    It's potentially damaging If people don't notice how old it is I would have thought.
    @electricwings   BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd

  • niko
    Hero Member
    *****
    Offline Offline

    Activity: 756
    Merit: 501


    There is more to Bitcoin than bitcoins.


    View Profile
    August 14, 2012, 12:20:09 AM
     #2
    Good catch, julz. I have mixed feelings about this, but currently lean towards "great!" - essentially, a US government agency is recommending Bitcoin users to upgrade to the latest clients. 
    Bitcoin is listed there with the likes of Cisco. I like.
    They're there, in their room.
    Your mining rig is on fire, yet you're very calm.

  • rjk
    Sr. Member
    ****
    Offline Offline

    Activity: 462
    Merit: 250


    1ngldh


    View Profile
    August 14, 2012, 12:21:34 AM
     #3
    Those CVE numbers were issued a while back, but I guess they only just got around to publishing the actual vulnerability?
    Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!

  • BkkCoins
    Hero Member
    *****
    Offline Offline

    Activity: 784
    Merit: 1009


    firstbits:1MinerQ


    View Profile WWW
    August 14, 2012, 02:53:32 AM
     #4
    Maybe it took 2 years for the bureaucracy to decide that Bitcoin was ok for them to comment on or publish about. That could be a good sign. Or it's part of a new ramping up of disinformation against Bitcoin.
    Klondike Design (store) - Klondike OS ASIC Mining Platform - Development Donations Appreciated.

  • niko
    Hero Member
    *****
    Offline Offline

    Activity: 756
    Merit: 501


    There is more to Bitcoin than bitcoins.


    View Profile
    August 14, 2012, 04:24:46 AM
     #5
    Quote from: BkkCoins on August 14, 2012, 02:53:32 AM
    Maybe it took 2 years for the bureaucracy to decide that Bitcoin was ok for them to comment on or publish about. That could be a good sign. Or it's part of a new ramping up of disinformation against Bitcoin.

    NIST is about as close as you can get to a "friendly government" in the US. Their findings are of course in the public domain, but also - unlike many other agencies - in most cases directly applicable to real life.

    Unless new information emerges soon, I'd call this a good sign, even if it's slow and confusing in some ways.
    They're there, in their room.
    Your mining rig is on fire, yet you're very calm.
    Pages: [1]
      Print  
Page 1
Viewing Page: 1

IRLBTC™ © 2025 IRLBTC.com