Bitcoin Core is the mit of the Bitcoin network. This means that you retain all rights to your bitcoins code and that nobody else may reproduce, distribute, or create derivative works from your work. The firmware is closed license, and it will stay this way because of NDAs with secure chip manufacturers. You gpl backpedal on what's already released. I woke up and saw this, then spent the money on bitcoins.
bitcoin conference mexico city В»
I can't find it on opensource. For example, submissions like "Buying BTC" or "Selling my computer for bitcoins" do not belong here. It kind of defeats the purpose of using free software when you use a nonfree OS. With Bitcoin, you can be your own bank. No, GitHub does not require you to apply any particular type of license to your software. The BSD and MIT licenses are my favorites because they're simple and you don't need a lawyer to fully comprehend your responsibilities - you can concentrate on coding.
no servers can be used exiting bitcoins В»
Now I don't feel safe that my wallet can be backed up if you guys decide to call it quits. You know license got fucked here? Using proprietary software may license result in hijacking of the whole bitcoin network if significant portion of people would use such gpl client. It is a step back. A hardware wallet is a pretty expensive contraption to use to bitcoins sign once. Hundreds mit, thousands or hundreds, it actually does not matter. So if tomorrow someone finds a vulnerability in the firmware, it's up to the trezor guys gpl patch bitcoins and no one else can assist by forking mit sending a pull requests, since doing so will break the new license agreement.
bitcoin latest block foundations В»
I only bought this because it was open source and would keep improving over time. It was crap when I got it and it was just becoming useful when you pull a stunt like this! One can attempt to get the devices seized on import if you claim the device violates your rights. I just purchased, and received mine. I was about to set the damn thing up.
Anyone know if they have a return policy? I'm interested in this as well. Just ordered one a few days ago and it's yet to arrive. Now I don't want it. Honestly, I'd recommend they switch it back, make sure their trademarks are solid. They've done nothing to stop knock offs at this point. They have angered their customer base. Trademark protection is probably more than sufficient in these cases - particularly when coupled with reputation. Agreed - I think they should be pursuing damage control here.
Either way, they're just not handling this properly. Switching from lpglv3 to shared source is a slap in the fact and possibly a licensing violation if others have contributed code.
Either way, they shouldn't be revoking access to previous code by rewriting the last 6 months of history to include a licensing change. BWallet didn't infringe on any of their trademarks. I'm not sure why that would protect them. What i am suggesting is that they should be holding customers with brand loyalty - protect the brand at all cost. What they have done has hurt the brand potentially costing them more sales that Bwallet would have.
Remember when Linus moved Linux into Microsoft restrictive Licence and eventually Linux exploded in popularity kernel: However, any clone is going to happen regardless of the license.
Similar to other clones, I assume. If another firm can make money making clones, why can't you too? Do remember that imitation is the best form of flattery. Changing the license like this starts to hint at the untrustworthiness of SatoshiLabs, regretfully.
Releasing cheaper hardware without support is not a viable option in my opinion. SL would just make themselves look like an assholes in case any serious security flaw discovered in future.
Just look at Microsoft with their XP support. Delivering updates to some customers, while withholding them from others. Not the best PR move ever I'd say. I was considering getting one, but now will not. Protection against cheap knockoffs is not a valid excuse.
Developers may not distribute or modify the code for commercial or non-commercial purposes. Yeah, this is not acceptable. Security risk or not, modified alternatives should be allowed. That is supposed to be why we were paying "extra" for the development. This is a ridiculous overreaction that makes me regret that I bought a Trezor. This is unacceptable even as an interim measure.
Trezor had all the signs of being FLOSS, but instead they lock down their code as much as possible while still being able to claim "open-source". I like your thinking, but the license they choose doesn't seem to be open source at all. I can't find it on opensource. Has anyone checked with github if Trezor is paying for a company hosting option? The free one was only available for open source code IIRC. The GitHub ToS states the following https: We claim no intellectual property rights over the material you provide to the Service.
Your profile and materials uploaded remain yours. However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories. I suppose you can fork a Ms-RSL licensed work. However, I'm not really sure why you'd want to!
No, GitHub does not require you to apply any particular type of license to your software. You're under no obligation to choose a license. It's your right not to include one with your code or project, but please be aware of the implications. Generally speaking, the absence of a license means that the default copyright laws apply. This means that you retain all rights to your source code and that nobody else may reproduce, distribute, or create derivative works from your work.
Hmm, the force push of their repository causes that the whole souce code needs to be reviewed again for back doors and security holes. That's really a punch in the face of all the volunteers who already reviewed the code. You can just file compare the lastes force-pushed master with your local master, no need to review all the commits. Not that i endorse such force-pushing, but the work for reviewers is not that much. And if only one line of code changed, you can easily publish your findings and the trezor-project would be dead.
If they wanted it for themselves only they should have never said anything would be open source, they have choose exactly the opposite. Way to completely screw what is otherwise a decent, albeit overpriced product.
I said before that the TREZOR isn't yet the mass-adoption hardware wallet device Bitcoin needs, but changing licensing terms like that will precisely hurt their business among the enthusiasts that once supported them.
Just threw my trezor in the toilet pissed on it and flushed it. Anyone know a good plumber in the Palo alto area? Holy shit never doing business with these guys. They clearly don't understand software a a service or as a product. Putting your perceived competition in the spotlight brings them recognition and a great deal of publicity.
Neither of which they may have a budget for. And their work is really apriciated. When did Ledger go open source? The firmware is closed source, and it will stay this way because of NDAs with secure chip manufacturers.
We do have very precise specifications , which will be the base of a future certification proving that the chip does what it is supposed to do. Not even the long run. If they don't reverse this decision within the next 48 hours I think their reputation will be in the gutter. How can we trust you if you are not open source.
I buy Trezor for the reliability and service, I wouldn't buy a clone. Now I don't feel safe that my wallet can be backed up if you guys decide to call it quits. You know what is sad? That Satoshi Labs changed the license Now that is irony.
Why change the license when you can't enforce it and the damage is already done? You know who got fucked here? Ugh, I was thinking of buying another Trezor, but now I'm wondering what to do with the one I have. Had been considering buying one for a while. Now I never will. I picture SL throwing an infant-style tantrum: Way to cut off your nose to spite your face, SatoshiLabs.
A beautiful company has forever turned ugly in only the span of a day. Did you really think you could so easily and sneakily put the genie back in the bottle? What a foolish move this was and will forever damage your reputation. SL most likely someone from legal leaned on someone with publish access, IMO went back and edited the git history to make it seem like the trezor firmware was reliscenced back in August with an extremely restrictive licence, forbidding any modification to the source, even if those mods are not shared.
If someone else will fix the bug, it will be illegal under e. USA's law point of view for them to publish the fix, and for you to use that fix. Just check out for more free alternative in a year or so. I mean check regularly any security news. If you have huge stash, I would distribute it among trezors, and few airgapped cold-storage computers and paper wallets. Are you saying it's illegal to distribute a patch to the Trezor source code under the new license?
What sentence in the new license led you to that conclusion? The patch does not need to contain any lines of code from the copyrighted work, it could just be some instructions to insert or remove particular lines of code, so I would think it should be legal. People could apply the patch themselves and compile the firmware and use it on their own Trezor.
I don't know, I hadn't noticed that clause. Now that you point it out, it does seem like patching the source code is probably not allowed. That license would actually hamper security audits of the code! You wouldn't be allowed to edit the code to get it to run in a simulator or anything like that, unless you requested special permission from SatoshiLabs.
I wonder how long their copyright lawyer looked up from having his face in an ashtray before he drunkenly suggested that license. I honestly suspect they deliberately chose the most restrictive license they could find and still claim "open source" on arguable grounds, admittedly, I don't think it's open source at all and the absolute worst part is that any sufficiently motivated chinese company could trivially re-implement this code by their own programmers but it absolutely fucks FOSS enthusiasts who play by the rules.
You typically have a couple of days to a week to decide you want to cancel your purchase. I suggest retuning it without opening it. A long time ago, a boy named SL went to the beach and spent a long time building a sand castle.
SL said that other children could help improve the design of the sand castle, and he would appreciate people to review the sandcastle's design and point out problems, and that the sand castle design was free for everyone to use. Everyone liked the sand castle and its design.
But then SL saw some Chinese boys and girls building a similar sandcastle with his plans and SL got upset. Yesterday, SL decided to try to rewrite the history of the world to say that many of his earlier sand castle designs were not copyable, even though those designs were already released to the public.
SL found all the old sand castle plans from the last six months, and even though they were dated in the past, he erased the old rules with his pencil and wrote in the new rules. The other boys and girls noticed him doing this because they have memories. It was obvious to everyone that he was trying to rewrite history and to restrict the use of his sandcastle designs, and SL lost some friends that day.
No, the license of the firmware doesn't inherently affect how secure the device is. Even under the new license, you are still free to read all of source code of the firmware and audit it for bugs, or pay professionals to do that.
However, it is likely that the number of people reviewing the code and submitting bug fixes will go down due to the restrictive license, so that could inadvertently make it less secure. I'm not sure how many people were reviewing it before though, maybe it was a small number. If you follow any of the above links, respect the rules of reddit and don't vote or comment. Thanks for the update. Was planning to see if trezor can be used. It is absolutely useless now.
How is this crap allowed on github? This is clearly against the spirit of that site. I'll never buy one and was considering it , now, but still: The github homepage says "Powerful collaboration, code review, and code management for open source and private projects. It's a good summary of what they do, though Github wants to move beyond hosting just open source software - they think they're building a tool that could be leveraged for more.
And as a technicality, if I post code on Github or Google Code without a license, then you don't have the right to use my code, even if you can see it unless their TOS makes you grant a default license otherwise.
I still appreciate your hard work and great products and respect your decision here. I am still happy that the code is publicly viewable and can be verified, and I appreciate the work you have done developing BIPs. Don't pay too much attention to the haters here guys. I think a lot of Redditors actually understand that China was going to do this, and no doubt SL was fully aware this was going to eventually happen, but the route they are taking is the wrong one. They should instead slightly lower their fees, the individuals that want the official product may be happier in larger numbers to buy the more secure device for a slightly lower price.
This would probably hurt the Chinese manufacturers more than the route they are currently taking, which only encourages abandonment of SL. They can only charge a premium effectively for so long Was their plan all along when this started to happen to try to backdate a license change and abandon the open source route?
I think that's why people are quick to call them "liars", if they intended to do this from the beginning, why say it is going to be open source at all? Can the fallout from this lead to any possible insecurities in my existing Trezor and access to the private keys held within? Honestly that's all I really care about.
Sure it sucks they made a bad call under the pressure of a dirty knock-off, but I've already bought one and have felt secure with it until now It affects security in the sense that now no one can make any modifications to the source outside of trezor employees.
So if tomorrow someone finds a vulnerability in the firmware, it's up to the trezor guys to patch it and no one else can assist by forking and sending a pull requests, since doing so will break the new license agreement.
Even more than what others have said, if I want to modify Trezor code in a team setting to test it on device for security flaws eg - disable stack protection and see effects in device memory , I'm violating the new license. This license tramples on developer users and freedoms alike. It's pure garbage that strips most of the benefits of free software with no place in Bitcoin.
Licence changes, in a way that can only described as hostile? Clones with less security? Supercookies bound to my wallet? I'll stay far away from Trezor and any clones for a good while. This transforms into some weird and unneeded drama-trainwreck. Also, I guess that whole situation proves Bitcoin is leaving the nerd basements, and entering the real world. With all its joys. First, my point is they tried to do it retro active by removing their newest code changes and added a license change to a previous tagged version.
Looks a little shady. Second, this is a bait an switch. I bought my Trezor under the impression I could modify the firmware and then run my modified version on my device. That is no longer the case under new license. Go and find the latest gpl based version. They published it and so you can keep using that one under the proper license. You can do it withour problems, the only change is that you cannot sell things with your own firmware Use of this site constitutes acceptance of our User Agreement and Privacy Policy.
Bitcoin comments other discussions 1. Log in or sign up in seconds. Submit link NOT about price. Submit text NOT about price. Bitcoin subscribe unsubscribe , readers 17, users here now Bitcoin is the currency of the Internet: You can also explore the Bitcoin Wiki: Only requests for donations to large, recognized charities are allowed, and only if there is good reason to believe that the person accepting bitcoins on behalf of the charity is trustworthy.
News articles that do not contain the word "Bitcoin" are usually off-topic. This subreddit is not about general financial news.
Submissions that are mostly about some other cryptocurrency belong elsewhere. Promotion of client software which attempts to alter the Bitcoin protocol without overwhelming consensus is not permitted. No referral links in submissions. No compilations of free Bitcoin sites. Trades should usually not be advertised here.
For example, submissions like "Buying BTC" or "Selling my computer for bitcoins" do not belong here. New merchants are welcome to announce their services for Bitcoin, but after those have been announced they are no longer news and should not be re-posted. Aside from new merchant announcements, those interested in advertising to our audience should consider Reddit's self-serve advertising system.
Do not post your Bitcoin address unless someone explicitly asks you to. Be aware that Twitter, etc. Related communities Sorted roughly by decreasing popularity. Welcome to Reddit, the front page of the internet. Become a Redditor and subscribe to one of thousands of communities. This is an archived post. You won't be able to vote or comment. Here is wikipedia on the new license: Want to add to the discussion?
But it may be a nice homework. First-gen metal Trezor owner here and OS developer. Yep that's the standard I was thinking of. In practice attacker still needs to know PIN and physical proximity to device to be able to obtain trace to exploit the side channel One can measure timing from the host PC which is assumed to be compromised otherwise there is no need for the hardware wallet. Libsecpk1 is believed to be. One can measure timing from the host PC which is assumed to be compromised You can measure time on the compromised PC, but in such case you'd need many signatures to be measured, one would not be nearly enough.
A hardware wallet is a pretty expensive contraption to use to only sign once. IANAL, but this is my understanding of the situation as it is basically contract law. The difference in this case is that they aren't fixing a silly mistake. Git truly is a masterpiece.
Can you not see the impression that creates? I guess you still can somehow fetch it from the git repo git fetch origin 40efefcaccc2efdb7a6d92d15f? I am not sure. You can also specify only a SHA1 commit: It had to be done on the server, I made a correct fork here: I see there are now two problems regarding this action: What a bad move.
Didn't they really think about the consequences? You don't have to trust anything - you can run your own blackbox tests Blackbox tests are great, and I use them often at work. You had a spotless reputation, skill and experience. Burn in Hell SatoshiLabs! I'm guessing we're stuck but probably worth some cursory research at least. Seems like a terrible way to build trust with a community of magical internet money users.
I'm of the other camp. Please consider Dude's wisdom as a consumer. I'm fan of time traveling sci-fis. Of course I meant Feb. I purchased one a little over a month ago. Seemed like a great idea at the time. Forgive me, I meant to imply that in my usage of quotes around "open-source": This is no longer about Github or MS or source code. Instead of listing the names of the 17 authors, the BTC License lists the address of a single bitcoin wallet.
Contribute to bitcoin development by creating an account on GitHub. Bitcoin is an innovative payment network and a new kind of money. Find all you need to know and get started with Bitcoin on bitcoin. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software" , to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, The development around the Decentralized Conglomerate DC , which is basically an idea that has existed since BitShares launched last October on OpenLedger, a universal shared platform based on the BitShares 2.
Bitcoin Core is the reference client of bitcoin. Initially, the software was published by Satoshi Nakamoto under the name Bitcoin , and later renamed to Bitcoin Core to distinguish it from the network. For this reason, it is also known as the Satoshi client. It is the reference implementation for bitcoin nodes, which form the bitcoin Cryptocurrencies like Bitcoin enable open, trustless digital payments and contracts.
In the spirit of the Internet's wide reach, this technology, and the people behind it, have the potential to impact billions of people and Der Index beendete den Handelstag mit mius 1,1 Prozent bei Aktuelle Indikationen am heutigen Tue, 16 Jan Belfrics Global, a Malaysian based bitcoin technology provider just received the Sandbox license from the Central Bank of Bahrain CBB to launch a cryptocurrency exchange in the country.
The license received makes Belfrics one of the pioneering cryptocurrency exchange in the Middle East. This allows the company to roll out its bitcoin exchange as it capitalizes on the growing global appetite for cryptocurrency trading.