Bitcoin Forum
January 19, 2020, 01:22:54 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Bitcoin Core 0.18.0 Released  (Read 3122 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (10 posts by 10 users deleted.)
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2940
Merit: 3049



View Profile
May 16, 2019, 08:16:49 AM
Merited by Foxpup (4), dbshck (4), bones261 (2), ETFbitcoin (1), pooya87 (1)
 #21

Why the Windows binaries are signed by different signer and root authority? First it was Bitcoin Foundation, now it is bitcoincoresigningsomething.org

I can get my own certificate for bitcoin-something named entity and sign malicious bitcoin executables that steal coins. Get your shit right! Settle once and forever on single entity that is signing binaries and stick with that!

As you note, the windows signatures mean essentially nothing-- anyone can get one and there is no real way to verify them.  You could very likely get one called "Bitcoin Foundation", at most you'd just have to incorporate an entity with that name.  The recommended procedure is to check the GPG signatures and keys, which have been consistently the same since 2013 or so.

Back when windows and windows AV started punishing software for not purchasing a cert the Bitcoin Foundation offered to take care of it.  They went on to exploit the author indication to make people believe they were responsible for releasing Bitcoin... not really a great outcome. They subsquiently went up in a ball of cretinous glory. Several of them ending up in prison, others backing an obvious scammer.

Eventually the certificate expired, as all centralized certs eventually do. It was replaced with a key assigned to an entity that doesn't do anything else, to hopefully reduce the odds of future stupidity.

Regardless, you're still best off checking the PGP signatures.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1579440174
Hero Member
*
Offline Offline

Posts: 1579440174

View Profile Personal Message (Offline)

Ignore
1579440174
Reply with quote  #2

1579440174
Report to moderator
1579440174
Hero Member
*
Offline Offline

Posts: 1579440174

View Profile Personal Message (Offline)

Ignore
1579440174
Reply with quote  #2

1579440174
Report to moderator
Carlton Banks
Legendary
*
Offline Offline

Activity: 2604
Merit: 2165



View Profile
May 16, 2019, 11:21:21 AM
Last edit: May 18, 2019, 01:13:32 PM by Carlton Banks
Merited by Foxpup (2), ETFbitcoin (1)
 #22

Why the Windows binaries are signed by different signer and root authority? First it was Bitcoin Foundation, now it is bitcoincoresigningsomething.org

I can get my own certificate for bitcoin-something named entity and sign malicious bitcoin executables that steal coins. Get your shit right! Settle once and forever on single entity that is signing binaries and stick with that!

Windows signed executables only stops Windows shouting "UNSAFE!" at you.

The only reason is to make inexperienced people feel comfortable, the Windows system is broken, as you already know.

Use SHA-2 and PGP to check the authenticity of Bitcoin releases, that method comes with at least some guarantees (using the fingerprint to id the PGP key is possibly not reliable any more though, there should be a t-shirt with the Wladimir van der Laan PGP public key + expiry date printed all over it IMO, or at least till PGP updates their standard for fingerprinting public keys)

Vires in numeris
MysteryMiner
Legendary
*
Offline Offline

Activity: 1260
Merit: 1008


Show middle finger to system and then destroy it!


View Profile
May 17, 2019, 07:23:57 AM
Merited by dbshck (4)
 #23

Quote
As you note, the windows signatures mean essentially nothing-- anyone can get one and there is no real way to verify them.  You could very likely get one called "Bitcoin Foundation", at most you'd just have to incorporate an entity with that name.  The recommended procedure is to check the GPG signatures and keys, which have been consistently the same since 2013 or so.
So does PGP signatures. In that matter both PGP and Digital signatures in Windows are same. You must verify the signature and make sure it is signed by known trusted key. Windows is more complicated in this matter because it have trusted root CAs but the final certificate in chain of "trust" still have the hash that can be compared, it is only hidden few clicks deep. TrueCrypt managed this very good back in its days. I think Bitcoin must do the same and stick with one root CA and one signing entity that is well established and known.
Quote
Windows signed executables only stops Windows shouting "UNSAFE!" at you.

The only reason is to make inexperienced people feel comfortable, the Windows system is broken, as you already know.
Wrong. Signatures are mandatory only for kernel-mode drivers. The warning when launching executables coming from internet is dependent on NTFS alternate streams feature to indicate it come from network and all it does is check presence, absence or validity of digital signature and display warning screen that is ignored by most users anyway.

And no, Windows is not nearly as broken as majority of computer users are.

I verify any software by all means possible before proceeding. The Digital signatures tab is not very important, but the change of signers raised some alarm to me.

Do not trust commercial VPN to save You from oppressive government! Get VPN service offered by a real cyber-dissenter https://bitcointalk.org/index.php?topic=4426691.0

1PG5HMwN51j8xYHKVFv9h1Tw4Jzc3fWXw3
Carlton Banks
Legendary
*
Offline Offline

Activity: 2604
Merit: 2165



View Profile
May 17, 2019, 12:12:47 PM
 #24

Quote
As you note, the windows signatures mean essentially nothing-- anyone can get one and there is no real way to verify them.  You could very likely get one called "Bitcoin Foundation", at most you'd just have to incorporate an entity with that name.  The recommended procedure is to check the GPG signatures and keys, which have been consistently the same since 2013 or so.
So does PGP signatures. In that matter both PGP and Digital signatures in Windows are same. You must verify the signature and make sure it is signed by known trusted key.
kind of agree, trusting the Bitcoin Foundation people was a bad move in retrospect. But the Bitcoin developers are doing it themselves now anyway, it's not obvious what you're asking for that would actually improve anything. Unless you want to actually time-travel back to 2014 to undo the decision to let Bitcoin Foundation handle the signing keys? Huh


Quote
Windows signed executables only stops Windows shouting "UNSAFE!" at you.

The only reason is to make inexperienced people feel comfortable, the Windows system is broken, as you already know.
Wrong. Signatures are mandatory only for kernel-mode drivers. The warning when launching executables coming from internet is dependent on NTFS alternate streams feature to indicate it come from network and all it does is check presence, absence or validity of digital signature and display warning screen that is ignored by most users anyway.

1. I didn't mention whether signatures are mandatory for installing, just that Windows warns about unsigned packages
2. Then you said the same thing, that Windows warns about unsigned packages


the change of signers raised some alarm to me.

You're a bit confused about this problem. In fact, very confused.

Everything you're saying suggests you undertand exactly what's happened, and what matters, and why. But you're still saying that the parts that don't matter are a problem? If you want two things that are mutually irreconcilable, it's impossible to be satisfied. You're going to be frustrated, and it will never end. Good luck.

Vires in numeris
MysteryMiner
Legendary
*
Offline Offline

Activity: 1260
Merit: 1008


Show middle finger to system and then destroy it!


View Profile
May 17, 2019, 04:48:55 PM
 #25

I am not that involved in bitcoin community anymore since bitcointalk is teaming full of noobs, libturds, speculative traders and incomprehensible millenials from India. I did not notice that Bitcoin Foundation had some trouble. I stopped dealing attention since Mt.Gox goatsed their users, and I lost my 2 US cents, 10 eurocents and 0.01 BTC

Maybe publish somewhere info not only about PGP signatures but Digital sigantures as well, including certifikate fingerprint and root and intermediate authorities? TrueCrypt did that and it worked well, Bitcoin devs also should do the same. This could have saved me some time when upgrading Bitcoin, since everything checked out on my imaginary "Legit" checklist, except for windows siganture.

Do not trust commercial VPN to save You from oppressive government! Get VPN service offered by a real cyber-dissenter https://bitcointalk.org/index.php?topic=4426691.0

1PG5HMwN51j8xYHKVFv9h1Tw4Jzc3fWXw3
hayteehem
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
May 19, 2019, 10:16:12 PM
 #26

Can someone please explain this to me
Last of the V8s
Legendary
*
Offline Offline

Activity: 1344
Merit: 2784


Be a bank


View Profile
May 19, 2019, 10:21:42 PM
 #27

Can someone please explain this to me
Start here https://twitter.com/lopp/status/932350908461133825
Any questions? Ask here https://bitcointalk.org/index.php?board=39.0

Artemis3
Hero Member
*****
Offline Offline

Activity: 532
Merit: 720


★777Coin.com★ Fun BTC Casino!


View Profile WWW
May 23, 2019, 02:11:13 PM
Last edit: May 23, 2019, 02:30:38 PM by Artemis3
 #28

The thing with systemd is not simply "learning" things, but the fact that its so buggy and bloated and the main developer doesn't really care.

most Ubuntu or Mint users aren't going to notice the kinds of bugs it has, and they're equally unlikely to appreciate the poor design philosophy behind systemd


In fact I'm avoiding all his projects (don't need any of them), he tends to keep that same mindset in all his works.

sure, but convincing people to ditch systemd for OpenRC is one thing, getting them to configure jack audio and eudev is just more on top, it may be all too much for some people. Building up the ecosystem around well designed alternatives to invasive Red Hat products is important to keep Linux going in the direction of good quality software engineering.

Corporate software is basically attacking Linux with these bad quality system components (and in other ways too, arguably), so sure, start with yourself. But we really have to make the most convincing case to ditch this crappy stuff to those who otherwise wouldn't care.

Oh, everyone is free to choose, i'm all in for defending this freedom of choice.

To me dumping pulseaudio was very simple: Just make a decent asoundrc (either user or systemwide). Alsa can do its own software mixing for output AND input, it can even do fancier stuff such as a global equalizer or you can make virtual devices with your favorite LADSPA plugins.

Code:
pcm.!default {
    type asym
    playback.pcm "plug:dmix"
    capture.pcm "plug:dsnoop"
    hint {
        show on
        description "Default ALSA"
    }
}

Pulseaudio like systemd does have some interesting features, but they are rarely needed for most users (such as a network audio device). Indeed most audio professionals stick with jackd, but honestly alsa itself will do for most needs. One glaring exception is bluetooth compression codecs, luckily i don't even use bluetooth.

Avahi i have never used in my life, and the systemd talk has been already made. I think he is now involved in a fourth project but i forgot about it.

I'm on Artix and eudev is in use, the distro maintainers (all two of them) did all the work for me Smiley. There are various DAW oriented distros that include jackd, and iirc they even ditch pulseaudio in the debian/ubuntu based ones. Artix does come with pulseaudio but i quickly got rid of it. There is apulse for the rare program demanding it (Skype?).



But we really have to make the most convincing case to ditch this crappy stuff to those who otherwise wouldn't care.

I guess the simplest way is:


Bad:
  • Fedora
  • Centos
  • Ubuntu
  • Mint

Good:
  • Devuan
  • um, Gentoo

trouble is there aren't many non-systemd Linux distros, and Devuan is probably gonna be the most user friendly of them all (Gentoo isn't really user friendly). There must be some more I didn't mention

Actually, its much simpler, just visit Distrowatch and do this custom search. 81 results and counting...

pooya87
Legendary
*
Offline Offline

Activity: 1890
Merit: 2247


Remember tonight for it's the beginning of forever


View Profile
May 24, 2019, 03:13:49 AM
 #29

Use SHA-2 and PGP to check the authenticity of Bitcoin releases, that method comes with at least some guarantees (using the fingerprint to id the PGP key is possibly not reliable any more though, there should be a t-shirt with the Wladimir van der Laan PGP public key + expiry date printed all over it IMO, or at least till PGP updates their standard for fingerprinting public keys)

there is no need for an upgrade to PGP standard as long as SHA-1 hashes that are used for PGP fingerprints is strong (2^160) against second preimage attacks (not to be confused with collision which SHA-1 is no longer strong against). so as long as the long form of the hashes (the whole 20 bytes) is used, everything is safe.

gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2940
Merit: 3049



View Profile
June 02, 2019, 10:57:15 AM
 #30

Please do not quote the entire gigantic OP just to write "When LN?"
jnano
Member
**
Offline Offline

Activity: 287
Merit: 53


View Profile
June 17, 2019, 10:55:11 PM
 #31

As far as I can see there are no write caching improvements in this version. Is there anything being worked on or planned?

The last change was #11658, which was only a minor upgrade.



Lauda
Legendary
*
Offline Offline

Activity: 2464
Merit: 2270


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile
June 18, 2019, 06:53:36 AM
 #32

As far as I can see there are no write caching improvements in this version. Is there anything being worked on or planned?

The last change was #11658, which was only a minor upgrade.
What exactly makes you think that there is room for easy improvement in that area? More important things are underway anyway.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
jnano
Member
**
Offline Offline

Activity: 287
Merit: 53


View Profile
June 18, 2019, 11:49:04 AM
 #33

More important that's related to this?

I don't know if the details are easy, but the high-level concept is simple: allow to cache whole chainstate in memory, flush lazily.
Lauda
Legendary
*
Offline Offline

Activity: 2464
Merit: 2270


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile
June 18, 2019, 03:29:52 PM
 #34

More important that's related to this?
I don't know if the details are easy, but the high-level concept is simple: allow to cache whole chainstate in memory, flush lazily.
We already have better caching than anything you will think of. Increase dbcache to whatever you can afford.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
jnano
Member
**
Offline Offline

Activity: 287
Merit: 53


View Profile
June 18, 2019, 06:24:09 PM
Last edit: June 18, 2019, 06:38:25 PM by jnano
 #35

dbcache doesn't help, possibly because pruned mode adds flushing (maybe also other things in play). A previous discussion here.

This may not be so much of an issue on SSDs, but on HDDs, the current roundabout solution for long IBD syncs is to use a RAM drive, effectively doing the caching externally.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2159

Use SegWit and enjoy lower fees.


View Profile WWW
June 18, 2019, 07:36:03 PM
 #36

This may not be so much of an issue on SSDs, but on HDDs, the current roundabout solution for long IBD syncs is to use a RAM drive, effectively doing the caching externally.

In my experience, HDD alone is sufficient for IBD as long as the HDD is used exclusively for IBD.

In your case, IBD most likely is very slow because  it's also used for Windows OS which is have intensive I/O usage compared with Linux or older Windows OS.

Lauda
Legendary
*
Offline Offline

Activity: 2464
Merit: 2270


Exchange Bitcoin quickly-https://blockchain.com.do


View Profile
June 19, 2019, 08:08:28 AM
 #37

dbcache doesn't help, possibly because pruned mode adds flushing (maybe also other things in play). A previous discussion here.

This may not be so much of an issue on SSDs, but on HDDs, the current roundabout solution for long IBD syncs is to use a RAM drive, effectively doing the caching externally.
Stop using HDDs, problem solved and no dev-time gets wasted.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
jnano
Member
**
Offline Offline

Activity: 287
Merit: 53


View Profile
June 19, 2019, 11:04:45 AM
 #38

If you want to continue, I've replied here, to keep it concentrated under a dedicated thread.
stevrev
Sr. Member
****
Offline Offline

Activity: 589
Merit: 252



View Profile
June 30, 2019, 11:58:12 AM
 #39

what is the purpose of Bitcoin Core?

Carlton Banks
Legendary
*
Offline Offline

Activity: 2604
Merit: 2165



View Profile
June 30, 2019, 02:17:58 PM
 #40

what is the purpose of Bitcoin Core?


it's software.

  • Bitcoin is a network
  • BTC currency is sent between nodes on the Bitcoin network
  • Bitcoin Core is the software that lets your computer get onto the Bitcoin network (to send and receive Bitcoin/BTC)

Vires in numeris
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!