Being open source does not mean every user is a coder (I am, but still) so I guess the point that “you can just roll out your own client” is a little off.
But why is satoshi integrating this on the server in the first place? I say that the libbitcoin / bitcoinUI separation is starting to be really important. Put the messaging system on IRC on the UI, make the UI smart enough to stop, block, maim, impair the server running beneath it if certain messages signed with certain keys appear. But DON’T make the server respond to anything outside local GUI control, just because that is too dangerous and in the end does more harm than good.
This way, average users will have the upgrade notices and the generators stopped and whatnot when needed, but those of us running services over bitcoin will not loose shop because of that. Also, if the key gets compromised, the network still runs without worries, and a simple GUI change will unblock everyone.
For server admins, why not a mailing list for update announces? That would certainly be enough for most.
If you’re so paranoid that you’re getting hysterical over this, then surely you’re paranoid enough that if a warning message displays on the status bar, you’ll check the website and forum.
I think if another bug like the overflow bug occurs, it’s important that automated websites stop trading until their admins can check out what’s going on and decide what to do. If you decide it’s a false alarm and want to take your chances, you can use the “-disablesafemode” switch.
33,225 total views, 15 views today
https://bitcointalk.org/index.php?topic=898.msg11074#msg11074