Question:

Ubuntu bitcoin PPA

Oliver: 5 weeks ago

Since bitcoin is a software package that involves "real" money (inasmuch as any currency is "real"), I know there are major incentives for unscrupulous people to build backdoors into software related to bitcoin. For example, consider the current warning in IRC#bitcoin: "...All keys generated with brainwallet.org should be considered compromised" (a backdoor was apparently built into that software though I don't have specific details).

So as I consider building a second bitcoin node for myself (my first (https://bitcoin.stackexchange.com/a/36145/3005) was in Arch using an official package), this time in Linux Mint 17.1 (based on Ubuntu 14.04) using an unofficial bitcoin PPA (https://launchpad.net/~bitcoin/+archive/ubuntu/bitcoin), I'm taking careful note of the warning that I usually dismiss without much of a second thought for using Debian/Ubuntu/Mint PPAs: "You can update your system with unsupported packages from this untrusted PPA by adding ppa:bitcoin/bitcoin to your system's Software Sources." (emphasis not in original)

And so before I use this PPA myself, I thought I would ask here if anyone else has used this PPA (that was only recently revised by Matt Corallo on 2015-02-18), and if you found any specific problems with it?

As I think about using it myself, I wonder if I should look at the MD5 checksum and/or diff of the source files used in the PPA as compared with those of the original Bitcoin Core sources. I don't know; maybe that's being too paranoid, but I'm wondering if others have used this PPA and if so, if they compared it with the original upstream sources.

I considered asking this question at https://askubuntu.com/, but I think it's better suited to this Q/A community because it's less about Ubuntu (I think this PPA could be used in many different distros that are all based on Ubuntu like my Mint distro) and more about Bitcoin.

Answer:
Emma: 5 weeks ago

https://bitcoin.org/en/download has binaries you can download and verify.
They're probably the safest to use, apart from building from source.

Building bitcoin from source also has become a lot easier with the past releases, I've had similar horrors as you with building other software from source and upgrading, but looking at how it has evolved for bitcoin I'd say the future looks bright.

PS. That PPA is also recommended on https://bitcoin.org/en/download and I've used it in the past, without any problems, though I can't say anything about how safe it is, but like @Murch pointed out he's at least not a completely random person but someone who worked a lot on bitcoin core.