No. None of the data in the blockchain is ever executed, so even if there is a virus there, it cannot do anything to Core nor anything to your computer as it is never actually run.

Mining used to be such that everyone who ran a node could mine. However the difficulty has significantly increased since those times and made it extremely uneconomical for people with just nodes to mine. They would be using their CPUs or GPUs to mine, and with the current difficulty, the probability that someone CPU or GPU mining will find a block is extremely low. As such, the return on that is very low and does not offset the cost of electricity, so people no longer CPU and GPU mine. You can still do so if you want to, you just won't find any blocks or make any money if you are mining with a pool.

The number of miners or the decentralization of mining has nothing to do with how quickly transactions are "processed" (I assume you mean confirmed when you say "processed"). The protocol adjusts the difficulty (aka amount of work required to mine a block) so that blocks are produced every ten minutes, on average. This is the same regardless of whether everyone with a node is CPU mining and difficulty is low or whether all miners use ASICs in large data centers.

Your transaction spends from a very long chain of unconfirmed transactions. Your transaction cannot confirm until the transactions that it spends from confirm as well. However this may take a while and the transactions may also simply never confirm.

Inbound connections are only made after nodes know about your node and attempt to make a connection to it. You shouldn't expect to get many (or any) inbound connections until your node has been up for a few days. It takes time for nodes to learn about your node and for the DNS seeder to learn about your node and decide that it is worthy of being given to other nodes for connections.

The bitnodes.21.co node is just a crawler and it makes temporary connections to see if your node is up. It isn't an actual nodes and other nodes don't use them to get nodes to connect to.

It's actually not because of randomness. People have been intentionally embedding viruses (or their signatures) in the blockchain so that antivirus software are triggered.

The walletrbf=1 option sets RBF for transactions made by the wallet. Createrawtransaction is not part of the wallet, so this option doesn't affect it. In createrawtransaction, there's an optional sequence field that you can set when specifying the inputs. To set a transaction to Opt into RBF, you need to set the sequence for at least one input to be 4294967293 or lower.

Do you have a log from a time that you saw this issue?

Also, it looks like you might have some corrupted blocks on disk as the dbLog.txt says that there is a merkle root mismatch. The only fix for corrupted blocks is to re-sync the entire blockchain.

Can you please post your log files?

What version of Armory are you using? What version of Bitcoin Core?

Because all software has bugs and Armory doesn't have a lot of developers. There are only 3 developers that actively work on Armory, and only one does so full time. This means that there is a lack of testing and review so bugs usually slip through into releases.

It sounds like you have a text file with base64 encoded data inside of it. Unfortunately I don't know of any wallets that make backups with Base 64 encoded data. Do you have any idea what wallet you used in 2013 that may have produced such a backup? I don't think Bitcoin Core will make such backups.

In general ASIC miners draw probably 2 to 3 times more power than your normal desktop (1600 watt ASIC PSUs vs 500 watt desktop PSUs). However an ASIC can mine thousands of times faster than a desktop can. For example, the Antminer S9 has a 1600 watt PSU and mines at 13.5 TH/s while a super high end desktop with multiple GPUs might be able to pull off a few GH/s at best.

But in order for segwit to even activate, 95% of the hashrate has to be signalling for segwit.

If BIP 148 activates, then 100% of miners on the BIP 148 chain will, at the very least, be signalling for segwit. All miners who aren't will be forked off of the BIP 148 chain.

Why? There's no logic in not mining SW if you were already supporting it after it activates. A miner would be losing money if they didn't support segwit. Also, why would there be a market for non segwit mining? Segwit being active doesn't preclude non-segwit transactions from being included in blocks. For those who don't support segwit at all and don't want it activated, then they would be using another chain entirely which is not a problem for the chain with segwit activated.

Also, another thing to note is that stuff like Compact Blocks and XThin blocks would help to mitigate such an attack. Since many of the transactions in the block will already be known to nodes, nodes will know about the transactions already so they already have the witnesses and don't need to get the transactions from the block. They will just rebuild the block using the transactions from their mempool which will have the witnesses so they will recognize that the block is valid.

Unless humans are actively monitoring their pool and watching what blocks are received, what blocks are mined, whether their node is accepting or rejecting some blocks, etc., that won't happen. In order for such a thing to happen, humans must be involved, and I would surprised if pool operators are actually that attentive to that sort of information.

How so?

We have had the infrastructure to broadcast headers only since 0.10.0.

You can broadcast a block with invalid data for every soft fork Bitcoin has ever had (assuming you send a valid header first). For every single soft fork that Bitcoin has had, post fork you could always create a block which non-upgraded nodes would accept but upgraded ones wouldn't. This didn't apply for when headers first didn't exist, but headers first broadcasting has existed for the OP_CLTV and OP_CSV soft forks. With these soft forks (and all previous ones), you could create a block which has a valid header and invalid data (include an invalid transaction), and with headers first, performed the attack described by Quickseller. There's nothing different or special about segwit that allows this. In fact, with segwit, the impact of such an attack is slightly reduced (very slightly). With segwit, the block is actually invalidated before being written to the disk (because the witness commitment wouldn't match). With all other soft forks, the block would be invalidated after being written to disk when transactions are being validated.

But this attack assumes that there are 51% of miners who are not enforcing segwit. This is one reason why there's an activation threshold that requires 95% of the hashrate to signal that they are enforcing the segwit rules.

Also, such an attack is possible for any soft fork, not just segwit. But again, that is why soft forks still require 95% to activate.

That shouldn't be possible.

The chain split could happen, but not the re-org, I think. This is because the SW miners and nodes will have received the block with invalid signatures, saved it to disk, and marked it as invalid. It should remember that a block with the hash of the invalid block was invalid. Then when the malicious miner tries to broadcast it again with valid signature data, the SW miners and nodes will see the block, see that the block hash is that of one it marked invalid, and ignore the block.

No.

You will need to copy the blocks and chainstate folders.

No. The scriptsig and witness are two separate things. The data that goes in the witness is the data that would go in the scriptsig if a witness output were a normal p2pkh or p2sh output. In this example transaction, if the output it is spending from was a pay-to-witness-pubkey-hash (p2wpkh), then the data that is in the scriptsig would be found in the witness. However, since the output is p2pkh, the data currently in the scriptsig would remain where it is even after segwit activates.

Yes. It is still part of the transaction. The transaction format has been extended for segwit.

Suppose that the example transaction you posted were spending from a p2wpkh output instead of a p2pkh output. The transaction would look like this:
I have bolded the parts that have changed. The scriptsig is now empty, and what was in the scriptsig is now placed after the outputs. That field after the outputs is the witness. There is also a 0x0001 after the version number which lets us know that there is a witness field after the outputs.

The data in the witness is not counted as part of the 1 MB block. The transaction is still verified as it normally would be since any node that can understand segwit will require that the transactions it receives are in the segwit serialization format. This means that it must receive the witnesses or the transaction will be considered invalid. The same goes with blocks; all transactions in a block that have witnesses must be in the segwit serialization format otherwise the block will be considered invalid.

They will look like they do now, but transactions that have witnesses will be in the segwit serialization format.

Yes. After segwit activates, the amount of space that a block can take up is 4 MB.

The BIPs contain all of this information with some examples too. Segwit is specified by BIPs 141, 143, and 144

Yes.

All nodes (and miners are a subset of nodes) validate transactions according to the consensus rules. They check that the transactions that a transaction spends from exists in the blockchain. They also check that the transaction is allowed to spend the outputs that it is spending. Nodes will check that a transaction is not attempting to spend from a transaction which was already spent from before (i.e. a double spend). The blockchain has nothing to do with the validity or legitimacy of transactions (besides that all transactions in the blockchain must be valid). A transactions validity is determined by what outputs a transaction is spending from and whether it is allowed to spend those outputs.

The blockchain is for resolving double spends. When there are two or more transactions which spend from the same output, only one of them is allowed in the blockchain. The blockchain is for letting everyone on the network know which of those conflicting transactions is the "real" one. All of the conflicting transactions are valid transactions until one of them confirms.

Post the debug.log file. The apple crash logs are meaningless and useless.

Open the terminal and go to the folder where the .deb file is downlaoded. Then run
where <filename> is the filename of the Armory .deb file.