6
2
I came across this statement from a SolidCoin developer:
Can anyone explain this statement?
[06:48] gavinandresen: I came here to ask RealSolid to be responsible and report problems or vulnerabilities to the core bitcoin dev team before releasing code that fixes the exploit (because releasing code tells the hackers what to attack). RealSolid, I'll ask again: are you willing to do that?
The user "Gavin" asked RealSolid to first report vulnerabilities and only then fix them, because "releasing code tells the hackers what to attack". The conversation is archived in this chat transcript.
It might be best to quote from the original transcript to allow people behind firewalls who can't access the link, and link decay to be able to answer – Gary Rowe – 2011-09-05T08:21:40.957
@Gary - right you are. Done. – ripper234 – 2011-09-05T08:29:50.623
I reformatted the post to put the focus on the actual question rather than the chat transcript and the two participants. If I missed any of the salient points, feel free to edit them back in. – Robert Cartaino – 2011-09-07T16:41:47.367
2This is not a Bitcoin question (and hardly a question at all). It's about security in software development. Plus, I'm not sure discussing about how valid what somebody said is, is appropriate on a Q&A website. Such a discussion would be more appropriate on a forum. – David Ammouial – 2011-09-07T17:10:37.437