search

Bitmessage / PyBitmessage

Reference client for Bitmessage: a P2P encrypted decentralised communication protocol:
https://bitmessage.org/wiki/Main_Page
Other
2.82k stars 575 forks source link

Peter Surda (Peter Šurda) poses a significant threat to Bitmessage. #2141

Closed ghost closed 1 year ago

ghost commented 1 year ago

Recently, Peter Surda (Peter Šurda) @PeterSurda merged a pull request into Bitmessage despite my strong opposition. He completely ignored my objections and merged an anonymous pull request that adds a "chat screen" to Bitmessage.

It's worth noting that Peter Surda was also responsible for a ZeroDay vulnerability in Bitmessage, and he's now taking on an authoritarian role, merging pull requests even when there's strong opposition.

Recently, I discovered that the namecoin.py file was attempting to steal the Namecoin wallet, and others on Reddit reported similar attempts.

Although Namecoin does not work with Bitmessage, access to the Namecoin wallet has been attempted several times.

I am requesting that the id/ namespace and all Namecoin-related code be removed from Bitmessage immediately until this is thoroughly investigated.

The previous ZeroDay exploit was found at https://thehackernews.com/2018/02/bitmessage-bitcoin-hackers.html.

It's also worth noting @dmp1ce, who was heavily involved in Namecoin development but refused to continue supporting Bitmessage on Arch Linux.

I strongly urge Peter Surde (Peter Šurda) @PeterSurda to resign from the Bitmessage organization immediately and without delay, and to hand over ownership of this repository to none other than @dmp1ce, who is more than qualified to oversee Bitmessage development.

Additionally, I am requesting that @g1itch, who is Ukrainian (involved in the neo-nazi bandera movement) and has made several fraudulent attempts to hijack Bitmessage, be permanently barred from this organization.

If @PeterSurda attempts to remove this issue, it will be reposted to BitcoinTalk.

PeterSurda commented 1 year ago

SPAM.

dmp1ce commented 1 year ago

I hope the politics gets worked out here guys. I'm happy to maintain a package on the AUR if Python is updated but I cannot oversee development on the project.

PeterSurda commented 1 year ago

@dmp1ce It's difficult to port to python3 without compromising code quality, and most developers are working on other things, so it's progressing slowly.