We have reason to suspect that there is a malicious BTSX client being injected when people try to download from the the non-https version of bitshares-x.info.
Wow! That would require someone to actually be attempting man-in-the-middle attacks on the users who are downloading from bitshares-x.info. That is pretty amazing if true, since it would be quite a bit of effort for someone to go through to attack BitShares users (BitShares is getting people's attention
I don't know how much you guys are prioritizing security features internally, but I think they are really important. We still don't have:
- Ability to sign and verify messages using TITAN accounts from the GUI client.
- Cold storage with offline transaction signing. I should be able to create a transaction and generate the bundle of all data necessary from my hot client, store it on a flash drive, move it over to another offline computer running a live Linux environment, get the cold client to sign the transaction and store it back on the flash drive, take it back to the hot client and have it broadcast the transaction to the network.
- Usable multisig. Not just escrows, but also something like this and this.
These three features are more important to me than voting, on-ramps, or even lightweight clients.