MysteryMiner
Legendary
Offline
Activity: 1498
Merit: 1042
Death to enemies!
|
|
May 17, 2019, 07:23:57 AM |
|
As you note, the windows signatures mean essentially nothing-- anyone can get one and there is no real way to verify them. You could very likely get one called "Bitcoin Foundation", at most you'd just have to incorporate an entity with that name. The recommended procedure is to check the GPG signatures and keys, which have been consistently the same since 2013 or so. So does PGP signatures. In that matter both PGP and Digital signatures in Windows are same. You must verify the signature and make sure it is signed by known trusted key. Windows is more complicated in this matter because it have trusted root CAs but the final certificate in chain of "trust" still have the hash that can be compared, it is only hidden few clicks deep. TrueCrypt managed this very good back in its days. I think Bitcoin must do the same and stick with one root CA and one signing entity that is well established and known. Windows signed executables only stops Windows shouting "UNSAFE!" at you.
The only reason is to make inexperienced people feel comfortable, the Windows system is broken, as you already know.
Wrong. Signatures are mandatory only for kernel-mode drivers. The warning when launching executables coming from internet is dependent on NTFS alternate streams feature to indicate it come from network and all it does is check presence, absence or validity of digital signature and display warning screen that is ignored by most users anyway. And no, Windows is not nearly as broken as majority of computer users are. I verify any software by all means possible before proceeding. The Digital signatures tab is not very important, but the change of signers raised some alarm to me.
|
bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3074
|
|
May 17, 2019, 12:12:47 PM |
|
As you note, the windows signatures mean essentially nothing-- anyone can get one and there is no real way to verify them. You could very likely get one called "Bitcoin Foundation", at most you'd just have to incorporate an entity with that name. The recommended procedure is to check the GPG signatures and keys, which have been consistently the same since 2013 or so. So does PGP signatures. In that matter both PGP and Digital signatures in Windows are same. You must verify the signature and make sure it is signed by known trusted key. kind of agree, trusting the Bitcoin Foundation people was a bad move in retrospect. But the Bitcoin developers are doing it themselves now anyway, it's not obvious what you're asking for that would actually improve anything. Unless you want to actually time-travel back to 2014 to undo the decision to let Bitcoin Foundation handle the signing keys? Windows signed executables only stops Windows shouting "UNSAFE!" at you.
The only reason is to make inexperienced people feel comfortable, the Windows system is broken, as you already know.
Wrong. Signatures are mandatory only for kernel-mode drivers. The warning when launching executables coming from internet is dependent on NTFS alternate streams feature to indicate it come from network and all it does is check presence, absence or validity of digital signature and display warning screen that is ignored by most users anyway. 1. I didn't mention whether signatures are mandatory for installing, just that Windows warns about unsigned packages 2. Then you said the same thing, that Windows warns about unsigned packages the change of signers raised some alarm to me.
You're a bit confused about this problem. In fact, very confused. Everything you're saying suggests you undertand exactly what's happened, and what matters, and why. But you're still saying that the parts that don't matter are a problem? If you want two things that are mutually irreconcilable, it's impossible to be satisfied. You're going to be frustrated, and it will never end. Good luck.
|
Vires in numeris
|
|
|
MysteryMiner
Legendary
Offline
Activity: 1498
Merit: 1042
Death to enemies!
|
|
May 17, 2019, 04:48:55 PM |
|
I am not that involved in bitcoin community anymore since bitcointalk is teaming full of noobs, libturds, speculative traders and incomprehensible millenials from India. I did not notice that Bitcoin Foundation had some trouble. I stopped dealing attention since Mt.Gox goatsed their users, and I lost my 2 US cents, 10 eurocents and 0.01 BTC
Maybe publish somewhere info not only about PGP signatures but Digital sigantures as well, including certifikate fingerprint and root and intermediate authorities? TrueCrypt did that and it worked well, Bitcoin devs also should do the same. This could have saved me some time when upgrading Bitcoin, since everything checked out on my imaginary "Legit" checklist, except for windows siganture.
|
bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
|
|
|
hayteehem
Newbie
Offline
Activity: 1
Merit: 0
|
|
May 19, 2019, 10:16:12 PM |
|
Can someone please explain this to me
|
|
|
|
Last of the V8s
Legendary
Offline
Activity: 1652
Merit: 4392
Be a bank
|
|
May 19, 2019, 10:21:42 PM |
|
|
|
|
|
Artemis3
Legendary
Offline
Activity: 2030
Merit: 1563
CLEAN non GPL infringing code made in Rust lang
|
|
May 23, 2019, 02:11:13 PM Last edit: May 23, 2019, 02:30:38 PM by Artemis3 |
|
The thing with systemd is not simply "learning" things, but the fact that its so buggy and bloated and the main developer doesn't really care. most Ubuntu or Mint users aren't going to notice the kinds of bugs it has, and they're equally unlikely to appreciate the poor design philosophy behind systemd In fact I'm avoiding all his projects (don't need any of them), he tends to keep that same mindset in all his works.
sure, but convincing people to ditch systemd for OpenRC is one thing, getting them to configure jack audio and eudev is just more on top, it may be all too much for some people. Building up the ecosystem around well designed alternatives to invasive Red Hat products is important to keep Linux going in the direction of good quality software engineering. Corporate software is basically attacking Linux with these bad quality system components (and in other ways too, arguably), so sure, start with yourself. But we really have to make the most convincing case to ditch this crappy stuff to those who otherwise wouldn't care. Oh, everyone is free to choose, i'm all in for defending this freedom of choice. To me dumping pulseaudio was very simple: Just make a decent asoundrc (either user or systemwide). Alsa can do its own software mixing for output AND input, it can even do fancier stuff such as a global equalizer or you can make virtual devices with your favorite LADSPA plugins. pcm.!default { type asym playback.pcm "plug:dmix" capture.pcm "plug:dsnoop" hint { show on description "Default ALSA" } } Pulseaudio like systemd does have some interesting features, but they are rarely needed for most users (such as a network audio device). Indeed most audio professionals stick with jackd, but honestly alsa itself will do for most needs. One glaring exception is bluetooth compression codecs, luckily i don't even use bluetooth. Avahi i have never used in my life, and the systemd talk has been already made. I think he is now involved in a fourth project but i forgot about it. I'm on Artix and eudev is in use, the distro maintainers (all two of them) did all the work for me . There are various DAW oriented distros that include jackd, and iirc they even ditch pulseaudio in the debian/ubuntu based ones. Artix does come with pulseaudio but i quickly got rid of it. There is apulse for the rare program demanding it (Skype?).
But we really have to make the most convincing case to ditch this crappy stuff to those who otherwise wouldn't care.
I guess the simplest way is: Bad:Good:trouble is there aren't many non-systemd Linux distros, and Devuan is probably gonna be the most user friendly of them all (Gentoo isn't really user friendly). There must be some more I didn't mention Actually, its much simpler, just visit Distrowatch and do this custom search. 81 results and counting...
|
█████████████████████████ ██████████████████████████ ██████████████████████████ ███████████████████████████ | BRAIINS OS+| | AUTOTUNING MINING FIRMWARE| | Increase hashrate on your Bitcoin ASICs, improve efficiency as much as 25%, and get 0% pool fees on Braiins Pool | |
|
|
|
pooya87
Legendary
Offline
Activity: 3500
Merit: 10700
|
|
May 24, 2019, 03:13:49 AM |
|
Use SHA-2 and PGP to check the authenticity of Bitcoin releases, that method comes with at least some guarantees (using the fingerprint to id the PGP key is possibly not reliable any more though, there should be a t-shirt with the Wladimir van der Laan PGP public key + expiry date printed all over it IMO, or at least till PGP updates their standard for fingerprinting public keys)
there is no need for an upgrade to PGP standard as long as SHA-1 hashes that are used for PGP fingerprints is strong (2^160) against second preimage attacks (not to be confused with collision which SHA-1 is no longer strong against). so as long as the long form of the hashes (the whole 20 bytes) is used, everything is safe.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
gmaxwell (OP)
Staff
Legendary
Offline
Activity: 4200
Merit: 8442
|
|
June 02, 2019, 10:57:15 AM |
|
Please do not quote the entire gigantic OP just to write "When LN?"
|
|
|
|
jnano
Member
Offline
Activity: 301
Merit: 74
|
|
June 17, 2019, 10:55:11 PM |
|
As far as I can see there are no write caching improvements in this version. Is there anything being worked on or planned? The last change was #11658, which was only a minor upgrade.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
June 18, 2019, 06:53:36 AM |
|
As far as I can see there are no write caching improvements in this version. Is there anything being worked on or planned? The last change was #11658, which was only a minor upgrade. What exactly makes you think that there is room for easy improvement in that area? More important things are underway anyway.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
jnano
Member
Offline
Activity: 301
Merit: 74
|
|
June 18, 2019, 11:49:04 AM |
|
More important that's related to this?
I don't know if the details are easy, but the high-level concept is simple: allow to cache whole chainstate in memory, flush lazily.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
June 18, 2019, 03:29:52 PM |
|
More important that's related to this? I don't know if the details are easy, but the high-level concept is simple: allow to cache whole chainstate in memory, flush lazily.
We already have better caching than anything you will think of. Increase dbcache to whatever you can afford.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
jnano
Member
Offline
Activity: 301
Merit: 74
|
|
June 18, 2019, 06:24:09 PM Last edit: June 18, 2019, 06:38:25 PM by jnano |
|
dbcache doesn't help, possibly because pruned mode adds flushing (maybe also other things in play). A previous discussion here. This may not be so much of an issue on SSDs, but on HDDs, the current roundabout solution for long IBD syncs is to use a RAM drive, effectively doing the caching externally.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
June 19, 2019, 08:08:28 AM |
|
dbcache doesn't help, possibly because pruned mode adds flushing (maybe also other things in play). A previous discussion here. This may not be so much of an issue on SSDs, but on HDDs, the current roundabout solution for long IBD syncs is to use a RAM drive, effectively doing the caching externally. Stop using HDDs, problem solved and no dev-time gets wasted.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
jnano
Member
Offline
Activity: 301
Merit: 74
|
|
June 19, 2019, 11:04:45 AM |
|
If you want to continue, I've replied here, to keep it concentrated under a dedicated thread.
|
|
|
|
stevrev
|
|
June 30, 2019, 11:58:12 AM |
|
what is the purpose of Bitcoin Core?
|
|
|
|
Carlton Banks
Legendary
Offline
Activity: 3430
Merit: 3074
|
|
June 30, 2019, 02:17:58 PM |
|
what is the purpose of Bitcoin Core?
it's software. - Bitcoin is a network
- BTC currency is sent between nodes on the Bitcoin network
- Bitcoin Core is the software that lets your computer get onto the Bitcoin network (to send and receive Bitcoin/BTC)
|
Vires in numeris
|
|
|
bL4nkcode
Copper Member
Legendary
Offline
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
|
|
June 30, 2019, 11:55:38 PM |
|
what is the purpose of Bitcoin Core?
Except that you're running the most secured BTC wallet, the main purpose is to support the whole bitcoin network when running them and keeping them updated (blocks) on someone's device.
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
July 04, 2019, 11:49:49 PM |
|
what is the purpose of Bitcoin Core?
Except that you're running the most secured BTC wallet, the main purpose is to support the whole bitcoin network when running them and keeping them updated (blocks) on someone's device. It's the reference implementation even though many try to avoid that label.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
Amph
Legendary
Offline
Activity: 3206
Merit: 1069
|
|
July 11, 2019, 10:40:26 AM |
|
something wrong, i can't connect anymore, after i closed bitcoin core, it remain at 13 days behind...
|
|
|
|
|