A wind of change is blowing inside the bitcoin community.
For many many years the dominant ideology in bitcoin community was that open source software such as bitcoin is “secure”, and that you need to trust the infinite wisdom of the crowd who will find all the bugs and fix them, the wisdom of the anonymous founder of bitcoin who predicted all the attacks in advance, the wisdom of bitcoin developers, etc.
At the same time the bitcoin community carefully avoided to engage with security professionals, university professors and other experts. External criticism was not well received, people were misled and badly informed on 51% attacks. Technology push dominated and technical issues such as bitcoin speed or crypto issues were systematically swept under the carpet. Bitcoin system and network has remained in a state of systemic chronic under-development. Press and the media were poorly informed about the issues and sometimes focusing on fake security problems which do not have the slightest practical importance (for example when miners are assumed to be innocent and are never trying to do any harm). In bitcoin journalism, serious security issues are typically discussed only after it was too late, after bitcoins have been stolen. What about preventive security engineering?
In private sector people spend billions on security and they frequently fail to secure their systems. Now in bitcoin, a bunch of people who are not paid for their efforts will make it secure?
Things are changing. There are very strong signals that shoddy security, minimizing the risks, poor security expertise, bad software, bad security engineering practices, and avoiding to talk about serious security problems (or exaggerating less essential problems) will no longer be tolerated. An open reflection about how to secure bitcoin engaging serious security professionals has started. There is a new C4 consortium which includes people like Peter Todd who have in the past criticized a lot the careless attitude of others in bitcoin community. They are developing standards or professional and ethical behaviour(!). It looks like a genuine effort to improve the security culture in bitcoin.
A big day for bitcoin!