Bitcoin Forum
December 15, 2017, 12:41:29 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Armory (online) outbound traffic to external machines  (Read 377 times)
brddd
Newbie
*
Offline Offline

Activity: 1


View Profile
March 02, 2014, 07:30:42 PM
 #1

Hello,

I'm running an online version of Armory 0.90-beta on Mac OS with a watch-only wallet.    Being the paranoid type, especially with an increase of bitcoin related malware on Mac OS, I installed Little Snitch, a firewall that monitors all inbound and outbound traffic.

I was surprised to see more than expected outbound traffic, and one of them is slightly suspicious:

mts1.google.com TCP 80
www.google.com TCP 80
id.google.ca TCP 80
--> unclear why Google is involved?

bitcoinarmory.com TCP 80
bitcoinarmory.com TCP 443
->  checking for updates?

malsup.github.io TCP 443
-> This one looks questionable.   There is javascript code hosted here.   If this is needed why is it not embedded in the source instead of relying on code from an external source?   If this site was hacked, potentially harmful javascript code would be executed

From some tests if I deny any of these sites, Armory fails to come online.   Should it not just connect to the local Bitcoin-Qt instance and use it for transaction processing?

I'll do some digging in the source and do some packet captures when I get a chance.    Meanwhile, can anyone give some insight on this?  Thanks.
1513341689
Hero Member
*
Offline Offline

Posts: 1513341689

View Profile Personal Message (Offline)

Ignore
1513341689
Reply with quote  #2

1513341689
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513341689
Hero Member
*
Offline Offline

Posts: 1513341689

View Profile Personal Message (Offline)

Ignore
1513341689
Reply with quote  #2

1513341689
Report to moderator
1513341689
Hero Member
*
Offline Offline

Posts: 1513341689

View Profile Personal Message (Offline)

Ignore
1513341689
Reply with quote  #2

1513341689
Report to moderator
1513341689
Hero Member
*
Offline Offline

Posts: 1513341689

View Profile Personal Message (Offline)

Ignore
1513341689
Reply with quote  #2

1513341689
Report to moderator
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
March 04, 2014, 02:18:59 AM
 #2

In order to help diagnose problems, Armory will by default, ping google to check for availability of outbound internet connection.  If google.com can't be reached, Armory will go into offline mode.  As a backup, it will check microsoft.com, as well, but only if google can't be reached.

Armory will also contact bitcoinarmory.com, which may forward a github link with new-version information.   It is just a text file that contains signed version information (we commit the changelog to versions.txt in the master branch, and Armory uses that to identify when new versions are available).

Either or both of these can be disabled using:

--skip-online-check
--skip-version-check

If you are using tor, you'll have to skip online check anyways, as that will always fail when using tor proxies. 

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!