> Umbrel partnered with The Bitcoin Machines to offer a plug-and-play all-aluminum node and server combo.


I guess we're just going to ignore the fact that, while adding NextCloud and other unrelated apps to Umbrel, they *still* haven't addressed the security issues, which they themselves state are so big, that it's not recommended to put actual money on an Umbrel node?



Interesting page. The "over-the-air" update thing, I'm not familiar with it, but does it mean auto-updating somehow? Either way it looks bad indeed. And the hardcoded password one also looks bad, that's not the kind of tradeoff for convenience that I think ever makes sense (mainly because it has a global effect, i.e. attackers know all have it).

The root thing may or may not be terrible I guess it depends on details of set up.

@waxwing Yeah, hardcoded passwords is a no-go. They already do OTA updates (it's just downloading Docker containers), but there's no signature validation apparently.

All in all, I have no idea why they would build *anything* else on top of this, before addressing the fact that it's still not ready for actual money, while everyone's already using it with actual money.


@waxwing Then again, they also thought that CC licenses are "good enough" for software, and that the best business model for a personal bitcoin node would be to make the software (that ties together nothing but free software) non-free, and selling OEM licenses to hardware vendors.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!