The 8gb usb was formatted in windows fat32 i believe so will linux recognise it.
Actually linux recognizes all file systems. Just windows is capable of detecting windows-filesystems only. Forgot to say will a VPN on the host system affect the virtual guest system in anyway?
Yes, your whole traffic will be routed through the VPN (assuming you simply bridged your VM). But this shouldn't be a problem. Did you try what HCP mentioned? Getting the nano s into bootloader mode while uprgrading / attached to the VM (choosing the bootloader nano s as USB device) ? What happens? Also, how did you get the .appimage 'working' ? Was just something misconfigured or did you change something (which you eventually shouldn't have changed) ? |
|
|
|
Yeah my goal is to update the firmware of the ledger nano s and access the wallet too.
Then a virtual machine is more handy IMO. Ok virtualbox is for the public and vmware is for companies?
There are modules inside of virtualbox which are for non-commercial use (e.g. USB3.0). But since your usecase is non-commercial, everything is fine. [...] it comes down to ease of use?
I wouldn't call one easier to use than the other. If I take the virtual machine on host computer route then what are these extra configurations required to get usb to work?
The best would be if you start setting up a virtual machine, install ledger live and then check whether it works or not. You may have to install the guest addition (can be done via virtualbox itself) to get interfaces or a better resolution working. Just download it and set it up. And if it doesn't work somehow, we will gladly assist you further. |
|
|
|
It's actually weird, the website is working as well as the link on "website" button.
I meant that i currently can not visit that URL because i am at work. And no, it's not open-source product
Alright. Then don't expect someone to download it. It is way too easy to get malware into the google playstore. If you open source it, you probably will gain a big user base. Closed source? Nope. |
|
|
|
|
About which wallet are you talking ?
Core does not redownload all blocks each time you start it up (would take several days on each startup?)
However, when you start up core, it downloads the new blocks (newly mined after you shut down your blocks the last time).
Can you manually verify that the blocks are saved in the datadir and that the config of core does indeed point towards this directory ?
|
|
|
|
|
Currently, i can't visit your website. Therefore excuse the question if it is answered on your website:
Is your wallet open-source ?
|
|
|
|
Please note that VirtualBox isn't likely to be as reliable as running a Live USB distro in terms of USB communication... the reason being that virtualbox still needs to communicate with USB devices via your Main OS, which can often cause issues.
With the correct add-on to virtual box (which is only allowed for non-commercial use), USB communication works without a problem for me. Did you experience problems already ? If so, generally with USB devices or specifically with the nano s / trezor ?
OP, it might be useful if you explain what you exactly want to achieve with your virtual machine / linux live distro. Do you only want to update the firmware of your nano s ? Or do you also want to use it for accessing your wallet / spending coins ? This topic is going on for almost 3 weeks now. You really don't need more than 30 minutes to accomplish everything. I think a virtual machine should work fine (never tested it with a hardware wallet; but USB is always working fine for me). It just needs some configuration. Booting a live linux does also work like a charm. There are tons of tutorials available on the internet. Some tools to create such a bootable USB with persistence have also been already mentioned by HCP and me. I, personally, would choose the linux live distro (just a personal opinion). The general workflow is: - Create bootable USB (see HCP's link to tutorial)
- Boot the USB (maybe you need to set boot-order in BIOS, or access boot menu with F8 when booting)
- Download ledger live for linux (the *.AppImage), follow ledger's tutorial.
- Run ledger live and connect your nano S
- Update firmware
- Profit.
If you have any questions, feel free to ask. But this really is no magic at all. [/list] |
|
|
|
I mean, you printed it out. So you probably had to type the seed into your computer, right? That itself is a potential attack vector, easily through a keylogger.
It sure is but even if he didn't print it out and was infected with a keylogger his seed could still have gotten stolen because some keyloggers also take periodic screenshots of your screen and send the pictures to the attacker.
You guys are complicating this too much. This might be a very common attack vector for good desktop wallets. But gaining access to funds stored in jaxx is way easier. It is literally just one command to extract the mnemonic. It is stored in a sqlite database (Windows: C:\Users\USERNAME\AppData\Roaming\Jaxx\Local Storage). It can be extracted with: sqlite> select value from ItemTable where key="mnemonic";
Even though the mnemonic is encrypted with AES.. this is quite useless because EVERY mnemonic on EVERY computer is encrypted the same way (same key, same IV)... Which makes it senseless to encrypt it if every person knows how to decrypt every other persons mnemonic. For the sake of completeness: KEY = "6Le0DgMTAAAAANokdfEial"
IV = "mHGFxENnZLbienLyALoi.e"
So.. you basically just need less than 60 seconds access to the computer to gain access to the mnemonic. Doesn't matter if you can simply use that computer while the person owning that wallet is away, or via some malware. You don't need any administrative privileges. Just standard user privileges the wallet is running with. But hey.. Jaxx claims this is not a problem at all. Because.. with a desktop wallet your funds are always as secured as your computer is... makes sense, doesn't it?  I mean.. if i let someone use my computer for less than a minute without internet access and without giving him the ability to insert an USB or similar.. my funds would be at risks with every wallet, right? RIGHT? (Of course not!)Jaxx is a joke. |
|
|
|
Got you. But human greed and social engineering do not follow mathematical models.
[...]
But if you create 100 than the greed will be 100 time less and people will not like to risk their jobs/career for that small amount.
That's true. But you can't social engineer some information out of someone who doesn't has the desired information (in this case: the private key(s)) The employees of binance (or any other exchange) do definitely not have the access to the cold wallet private key. That would be a big blunder. You'd need to invest quite some time and effort to gain access to the private keys (circumventing physical / digital security measurements etc. ). And in this case, it again doesn't matter whether it is just 1 or 100 private keys. |
|
|
|
Great, cheers. Is it possible to get persistence in a virtualbox?
Sure. You don't even need to actively activate persistence. In virtualbox you generate a virtual disk which then is the 'hard drive' of your virtual machine. So, you don't need any 'persistence feature' additionally. |
|
|
|
My ticket showed the status Open before. Now it shows Solved. I didn't receive any funds back btw.
Maybe you stressed them too much and they don't feel like helping you fixing YOUR mistake ?  |
|
|
|
Da du an einen Shop transferiert hast, hast du ja eh keine Kontrolle über die private keys. Da ist es völlig normal, dass der Shop seine coins zusammenführt. Hast du denn etwas gutgeschrieben bekommen ? Wenn nicht, dann schreib doch mal den Support an. Oder war das so ein ominöser darknet scam market?  |
|
|
|
Ok can you please guide me on how to create a live distro with persistence memory. Also how do I use the terminal in latest linux mint cinnamon distro, what commands do I put in there to access the ledger live as inputting the command chmod +x ledger-live-*.AppImage doesnt work straight away. Newbie question.
There are multiple tools available which can do this for you. One would be LinuxLive USB Creator for example. It works with any distro you prefer. Afterwards you first need to download the .appimage. Then open a terminal and navigate into the folder where you downloaded it into (usually in the Downloads folder in your home directory) with: Then give ledger live execution permission: chmod +x Filename.AppImage Then you can run it by entering: I would use electrum but im sure it doest do firmware updates right only ledger live correct?
Yes, updates only work with ledger live. I thought when you mentioned that it is quite a hassle to do this every time (download ledger live onto linux etc..) you meant you want to access your coins from it. Sorry, i might have misunderstood you. Windows 7 is supported till 2020 I believe and im sure till then it is more secure than windows 10 as I hear win 10 collects data from its users in which windows 7 does not do.
It is definitely less secure than windows 10. Windows 7 is missing whole security concepts which are present in windows 10. While it is true that windows 10 is collecting more data for 'enhancing user experience', it is still far more secure than windows 10. Just because the extended support of Win7 is running until 2020 it doesn't mean that it can compete with Win10 security-wise. |
|
|
|
I appreciate the quick response, seems like the Copper membership was a bit misleading, when it stated "may"
May i ask which thread / site you are referring to ? |
|
|
|
Look at this: | Activity | Max recipients | Max recipients if whitelisted | Max PMs per hour | Max PMs per hour if whitelisted | Max PMs per day | Max PMs per day if whitelisted | | 0 | 2 | 10 | 1 | 40 | 2 | 120 | | 15 | 3 | 10 | 10 | 40 | 15 | 120 | | 30 | 5 | 10 | 10 | 40 | 30 | 120 | | 100 | 7 | 14 | 20 | 80 | 150 | 600 | | 250 | 15 | 30 | 120 | 120 | 300 | 1200 | | 500 | 30 | 30 | 120 | 120 | 1200 | 1200 |
Y ou are automatically whitelisted if you buy a copper membership. You don't need to wear the copper membership, just own it. You can also be whitelisted for free by any staff member and a few non-staff, but we're going to need some reason to think that you actually deserve it. Do not ask me for free whitelisting. Whitelisting is a not a license to spam. You will be immediately banned if you're found spamming, even if you bought a copper membership (and you will not be refunded). combined with this: By popular demand, newbies can now pay to have some of their restrictions lifted. If you pay the fee, you become a Copper Member, and you can post images. That's the main point of this: allowing newbies to post images. Additionally (and these might change depending on how things go), Copper Members currently have these bonuses:
- Some of the same permissions as Member-rank members, such as reduced signature styling restrictions. (But none of the PM-related restrictions are currently lifted, such as the style limit or per-hour PM limit.)
[...]
The PM limit is going to be raised as you increase in rank. Your copper membership won't lift these limits. |
|
|
|
Am besten fängst du mit ein paar grundlegenden informationen an: - Welches Betriebssystem nutzt du ?
- Was nutzt du für ein sender wallet ? Ein web wallet ?
- Was nutzt du als receiving wallet ?
- Wieviel hattest du auf deinem alten wallet vor dem transfer (0.03545 oder mehr) ?
- Kannst du verifizieren, dass 1B3VvMiNSrju22EUhQb5e7GWS1nXQ4CQqK auch wirklich von deinem receiving wallet stammt ?
Die BTC kamen bei 1B3VvMiNSrju22EUhQb5e7GWS1nXQ4CQqK an, wurden dann aber rund 2 Stunden später weiter transferiert. Da es so klingt als hättest du deine ganzen coins an 1 Adresse gesendet, nehme ich an, dass du ein web wallet verwendest. Stimmt das? Wenn ja, welches ? Wenn du diese Fragen beantworten könntest, würde es uns helfen den Vorgang nachzuvollziehen. |
|
|
|
But i didn't set any passphrase on my Jaxx too..
On windows, you don't need any passphrase to access the private keys. If you have access to the computer, you get access to the private key. The passphrase / pin protection of jaxx on windows is a gimmick, but doesn't do anything. The sensitive information is stored unencrypted as plain text on your computer.. That's the sad part about jaxx.. |
|
|
|
Accessing private keys - outside of the automated process - can only be done with a lot of work / security measurements. This isn't like the cases in which a (Fork)coin was sent to the wrong chain, the funds have moved already. So there's no need for private keys to the address OP send his funds to. You are right. I should have expressed my self more precisely: Accessing private keys / initiate transactions - outside of the automated process - can only be done with a lot of work / security measurements. Even tho no direct access to private keys is necessary, the employee still need some way to 'access' them. Even when they are not able to directly 'view' or 'copy' them, if they can initiate transactions, they have kind of an 'indirect' access to them (which is enough to steal funds for example). I am sure employers can't simply initiate random transaction. Therefore, regarding security measurements, the same applies. Edit: Aww, sweet you. Thanks for trying to make me a legendary. Unfortunately the bitcointalk.org god doesn't want to gift me legendary status with ~900 activity. But still appreciate it  |
|
|
|
yes i also tried typing but still no buttons appeared.
Did you try to resize the textbox?? HOWEVER, I think I accidentally found a solution for you... click the textbox resize button... and drag it up to shrink the vertical size of the textbox:
|
|
|
|
Just a small information: Even if the email address in the sender field would be exactly the same as stated on a legit site, you could not be sure that it is really coming from them. Emails can be spoofed. Anyone can send mails which appear to be sent from " trump@i.suck", " support@electrum.org", etc.. That's not always possible, but in most cases this can be achieved. The sender field of an email does never guarantee you that it is really coming from this person / company. The only way to verify it, is to use some form of authentication (e.g. PGP signed message with known public key of sender/receiver). |
|
|
|
A web wallet would be fine, wont store much of any crypto. I would store abit here and there. Just need a few web wallets and spread out the risk.
If you want to minimize the risk, don't use a web wallet. Spreading your 'little' funds between multiple web wallets is way worse than storing all of your coins on a desktop-/hardware wallet. If you really want to use a web wallet, use a reputable one. But if you do not necessarily need to use a web wallet, you might just state why you think that a web wallet is most suitable for you, and we probably will find a way better alternative. |
|
|
|
|
Show Posts
