Bitcoin Forum
December 05, 2016, 08:39:25 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 [103] 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 ... 232 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 481818 times)
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 01:20:32 PM
 #2041

Where have your screen keyboard posts gone, etotheipi? Anyway here is an idea, how about the kind of trick implemented by banks: produce an encrypted wallet and a list of symbols using a passphrase, print out the list in paper, each time when the user wants to access the wallet, he is prompted to pick a certain series of symbols from the paper, what do you think?

What do you mean?  It's one page back:  https://bitcointalk.org/index.php?topic=56424.msg1761230#msg1761230

As for your idea:  I think there's some good ideas out there, but I think they're not much benefit over the existing version.  Yes, you can make it harder it for someone to share their passphrase if you use symbols, or textures, etc.  But I don't think it's worth the effort.  With my limited time, I have to pick and choose my battles wisely, and I don't think that one is one I want to battle Undecided


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
1480927165
Hero Member
*
Offline Offline

Posts: 1480927165

View Profile Personal Message (Offline)

Ignore
1480927165
Reply with quote  #2

1480927165
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480927165
Hero Member
*
Offline Offline

Posts: 1480927165

View Profile Personal Message (Offline)

Ignore
1480927165
Reply with quote  #2

1480927165
Report to moderator
1480927165
Hero Member
*
Offline Offline

Posts: 1480927165

View Profile Personal Message (Offline)

Ignore
1480927165
Reply with quote  #2

1480927165
Report to moderator
1480927165
Hero Member
*
Offline Offline

Posts: 1480927165

View Profile Personal Message (Offline)

Ignore
1480927165
Reply with quote  #2

1480927165
Report to moderator
oakpacific
Hero Member
*****
Offline Offline

Activity: 798


View Profile
April 09, 2013, 01:29:21 PM
 #2042

Where have your screen keyboard posts gone, etotheipi? Anyway here is an idea, how about the kind of trick implemented by banks: produce an encrypted wallet and a list of symbols using a passphrase, print out the list in paper, each time when the user wants to access the wallet, he is prompted to pick a certain series of symbols from the paper, what do you think?

What do you mean?  It's one page back:  https://bitcointalk.org/index.php?topic=56424.msg1761230#msg1761230

As for your idea:  I think there's some good ideas out there, but I think they're not much benefit over the existing version.  Yes, you can make it harder it for someone to share their passphrase if you use symbols, or textures, etc.  But I don't think it's worth the effort.  With my limited time, I have to pick and choose my battles wisely, and I don't think that one is one I want to battle Undecided



Well, what I actually meant is it maybe effective against the keyloggers, seeing that you are actually interested in doing something with that.

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 01:32:11 PM
 #2043

Where have your screen keyboard posts gone, etotheipi? Anyway here is an idea, how about the kind of trick implemented by banks: produce an encrypted wallet and a list of symbols using a passphrase, print out the list in paper, each time when the user wants to access the wallet, he is prompted to pick a certain series of symbols from the paper, what do you think?

What do you mean?  It's one page back:  https://bitcointalk.org/index.php?topic=56424.msg1761230#msg1761230

As for your idea:  I think there's some good ideas out there, but I think they're not much benefit over the existing version.  Yes, you can make it harder it for someone to share their passphrase if you use symbols, or textures, etc.  But I don't think it's worth the effort.  With my limited time, I have to pick and choose my battles wisely, and I don't think that one is one I want to battle Undecided



Well, what I actually meant is it maybe effective against the keyloggers, seeing that you are actually interested in doing something with that.

Oh, well for that the scrambled keyboard would seem to be the best solution, since it works with existing password systems.  The symbols technique would require creating a new password-based system... or at least new interfaces to create it.  

I guess the metric to use would be how much extra data does a really smart keylogger have to collect to circumvent this?  Screenshots after every keypress?  At this point, it's no longer a keylogger and just a virus, which if it's this smart, it can just wait until your wallet is unlocked and extract the encryption key from RAM Sad  

PS - Note that if you use the "dynamic" keyboard, the {shift} key is scrambled with everything else, and the keys re-randomize with every key press.  If you use the simple scrambled keyboard (which is randomized once), then something that records mouse click locations gets:

(1) Pressing the shift key is not obscured, so you lose one bit per character to the keylogger, which can now see "UULULLLU" where "U" is uppercase/shifted, "L" is lowercase/unshifted.   This is likely not enough to brute-force your passphrase, but it's still information leakage, and might make the difference between a weak-but-prohibitive passphrase, and one that is worth brute-forcing.
(2) If you have repeated letters in the passphrase, you further lose a little information with the simple keyboard.  i.e. if your passphrase is "9999999", then the recorder sees that your password is 7 instances of the same character.  

For the dynamic keyboard, repeated letters and shift presses, all look like different letters, to anything recording mouse-click locations.  It's optimal "scrambling", though I truly believe that anything in place that could exploit the simple keyboard, has enough to take your coins, anyway.

Presumably, what you suggested would provide similar benefits as the dynamic keyboard gives you, which is producing a "code" which doesn't have repeated characters and which does not have the equivalent of "shift" presses.  My point is that the dynamic keyboard achieves that for you.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 02:41:59 PM
 #2044

By the way, I just merged the managesatoshi branch, along with the frag/unfrag scripts into the testing branch.  This is a much better place to have people test it!

I think I'm going to try to get a Troubleshooting page up before release, and link to it in the program.  In all the testing so far, a couple problems keep popping up over and over.  Especially the corrupted database issue (which, it turns out, is caused by incompatible versions of BDB ... mostly a Linux problem using the PPA). 

Also, I found out that there is an option when running bitcoind, "-dbcache=<X, in MB>" where X is how much extra RAM you want to allocate for blockchain processing.  Increasing this value speeds up that initial download quite considerably.  I was already detecting system RAM, so I put in a condition to allocate an extra GB if you have 5+ GB of RAM, or 2GB if you have 10+ GB.   On my system, that initial download is probably twice as fast with the 2GB option.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
oakpacific
Hero Member
*****
Offline Offline

Activity: 798


View Profile
April 09, 2013, 03:34:29 PM
 #2045

Thanks Alan, your point about virus just getting keys from RAM makes sense.

Quote
Presumably, what you suggested would provide similar benefits as the dynamic keyboard gives you, which is producing a "code" which doesn't have repeated characters and which does not have the equivalent of "shift" presses.  My point is that the dynamic keyboard achieves that for you.
That being said, I think it would be much easier to pick symbols from a paper and input them then using a dynamic keyboard....

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 07:28:37 PM
 #2046

Thanks Alan, your point about virus just getting keys from RAM makes sense.

Quote
Presumably, what you suggested would provide similar benefits as the dynamic keyboard gives you, which is producing a "code" which doesn't have repeated characters and which does not have the equivalent of "shift" presses.  My point is that the dynamic keyboard achieves that for you.
That being said, I think it would be much easier to pick symbols from a paper and input them then using a dynamic keyboard....


I'm not sure I see the difference.  I'm using a 80-character alphabet of "symbols" to represent my password (they just happen to be the same symbols I have on my keyboard).  And I'm displaying those symbols on the screen.  The downside is those symbols are chosen by the user, and have this "shift" key artifact that reduces entropy if someone measures the shift key presses.  And if they have lots of duplicate characters.

But those "weaknesses" are solved by the dynamic keyboard.  I think the only difference is what it "looks" like.  And in the end, using my way (dynamically-changing keyboard), the person still has the option to type it in if they don't really care.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
bit365
Sr. Member
****
Offline Offline

Activity: 336


View Profile
April 09, 2013, 10:51:16 PM
 #2047

Is there a way to save an image file of a QR code?

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 09, 2013, 11:02:31 PM
 #2048

Is there a way to save an image file of a QR code?

Not without taking a screenshot.  Though I was close to figuring out how to put images on the clipboard, but I never quite got it to work.

On the other hand, screenshots aren't so bad.  Both windows and linux, you should be able to <alt>-printscrn or <ctrl>-printscrn and it will put the window in focus on your clipboard which you can then copy into another application.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
bit365
Sr. Member
****
Offline Offline

Activity: 336


View Profile
April 09, 2013, 11:22:34 PM
 #2049

Is there a way to save an image file of a QR code?

Not without taking a screenshot.  Though I was close to figuring out how to put images on the clipboard, but I never quite got it to work.

On the other hand, screenshots aren't so bad.  Both windows and linux, you should be able to <alt>-printscrn or <ctrl>-printscrn and it will put the window in focus on your clipboard which you can then copy into another application.

Will do. Thanks.

oakpacific
Hero Member
*****
Offline Offline

Activity: 798


View Profile
April 10, 2013, 03:04:33 AM
 #2050

Thanks Alan, your point about virus just getting keys from RAM makes sense.

Quote
Presumably, what you suggested would provide similar benefits as the dynamic keyboard gives you, which is producing a "code" which doesn't have repeated characters and which does not have the equivalent of "shift" presses.  My point is that the dynamic keyboard achieves that for you.
That being said, I think it would be much easier to pick symbols from a paper and input them then using a dynamic keyboard....


I'm not sure I see the difference.  I'm using a 80-character alphabet of "symbols" to represent my password (they just happen to be the same symbols I have on my keyboard).  And I'm displaying those symbols on the screen.  The downside is those symbols are chosen by the user, and have this "shift" key artifact that reduces entropy if someone measures the shift key presses.  And if they have lots of duplicate characters.

But those "weaknesses" are solved by the dynamic keyboard.  I think the only difference is what it "looks" like.  And in the end, using my way (dynamically-changing keyboard), the person still has the option to type it in if they don't really care.

Ah, the difference is that it's easier to input with keyboard than with mouse. Smiley

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 10, 2013, 08:58:09 PM
 #2051

Update,

(1) 0.87.9X hasn't gone so smoothly.  It looks like most of the problems are unicode-related (and one bitcoin.conf file problem).  I was planning to fully upgrade Armory to be unicode-friendly with the new wallets, and most people can avoid using unicode in most fields until then... except with this new version.  I have to get some unicode fixes in there, as there's quite a few people who aren't able to use the new version without it!  Hopefully that will resolve a bunch of the problems I've been observing in testing.

(2) I released a signed, 0.87.95 offline bundle, which works for Armory GUI, but not the frag-unfrag scripts.  I included them, but it turns out I made a git merge error and they don't work!  However, I merged things into testing, which includes this, and I'l re-release the offline bundle along with the unicode fixes.

P.S. -- Geezuz, what a day on Gox! 


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
13Charlie
Full Member
***
Offline Offline

Activity: 214



View Profile
April 10, 2013, 09:26:14 PM
 #2052

P.S. -- Geezuz, what a day on Gox! 


Not ignoring anyone. . . . . Yet
Tip Jar - 18YWB8cQ8vb5s7PTGvxu1E6DqmQV3Srj2W
picobit
Hero Member
*****
Offline Offline

Activity: 547


Decor in numeris


View Profile
April 11, 2013, 10:29:05 AM
 #2053

Did you really mean to post that very relevant picture in this thread?  And if you think this is a ride, try a real crash!  The price "crashed" down to what it was four days ago.  How dramatic!   Wink
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 11, 2013, 03:53:39 PM
 #2054

Did you really mean to post that very relevant picture in this thread?  And if you think this is a ride, try a real crash!  The price "crashed" down to what it was four days ago.  How dramatic!   Wink

Indeed.  I have suspected for a while that the run-up was a bubble, though I expected it to persist a bit longer.  All this media attention came in only last week, and thought there was going to be another couple weeks of people pouring into the system.  Maybe there still will be.  But I'm not afraid of the price "reverting to the mean", only the ensuing media attention which going to cast it into a poor light.  And it's partly justified -- people are going mental, and panicking, and our poor little infrastructure can't handle it!

For reference... 2 months ago I was at about 2,000 downloads/month.  Now I've gotten 2,000 downloads in the last 2-4 days!  I'm also getting a lot more emails and postings about it.  Obvioulsy no one else can respond to the emails, but I request some help responding to postings in the Armory subforum.  I'm going to try to resist the urge to respond to these things immediately, and give others a chance to help me, first.  I'm going to focus on coding Smiley

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
April 11, 2013, 04:26:53 PM
 #2055

I don't think this is a bubble in the classic sense. It's trying to be an adoption curve, but the infrastructure for moving from traditional currencies into bitcoin just can't keep up with demand and isn't scaling quickly enough.

At the moment it's incredibly difficult to buy bitcoins even though many people want to, due to limitations of the legacy financial system.
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 11, 2013, 04:34:33 PM
 #2056

I don't think this is a bubble in the classic sense. It's trying to be an adoption curve, but the infrastructure for moving from traditional currencies into bitcoin just can't keep up with demand and isn't scaling quickly enough.

At the moment it's incredibly difficult to buy bitcoins even though many people want to, due to limitations of the legacy financial system.

Just like in 2011, I'm pretty certain the this event is just the system reverting to mean.  I don't know what the mean is, but it wouldn't surprise me if $266/BTC was $100 real-value + $166 speculator-mania.  If you look at the 2011 bubble, there was actually a fairly smooth growth curve that persisted, underneath the 1,000% bubble.  I'm expecting to see the same thing happen here, but with a "higher" mean, because there was actually a lot of real growth of Bitcoin, underneath the speculation.   I just don't think the real growth reached $250/BTC yet. 




Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
April 11, 2013, 05:02:36 PM
 #2057

The thing about high exchange rates is that they tend to promote real growth. The last set of numbers which BitPay posted showed the order volume they were processing growing at a rate several times faster than the exchange rate was increasing, which is a direct reflection of real economic growth. If we end up spending a prolonged period down at about half the ATH the merchant adoption rate will probably slow.
wachtwoord
Legendary
*
Offline Offline

Activity: 1484



View Profile WWW
April 11, 2013, 05:03:57 PM
 #2058

I don't think this is a bubble in the classic sense. It's trying to be an adoption curve, but the infrastructure for moving from traditional currencies into bitcoin just can't keep up with demand and isn't scaling quickly enough.

At the moment it's incredibly difficult to buy bitcoins even though many people want to, due to limitations of the legacy financial system.

Just like in 2011, I'm pretty certain the this event is just the system reverting to mean.  I don't know what the mean is, but it wouldn't surprise me if $266/BTC was $100 real-value + $166 speculator-mania.  If you look at the 2011 bubble, there was actually a fairly smooth growth curve that persisted, underneath the 1,000% bubble.  I'm expecting to see the same thing happen here, but with a "higher" mean, because there was actually a lot of real growth of Bitcoin, underneath the speculation.   I just don't think the real growth reached $250/BTC yet. 


Intrinsic value isn't limited to current applicability but also the (discounted) worth of the future applications. Just like companies are valued on the discounted value of their future cash flows. Of course the future cash flows are uncertain until they are actually reported. This is also true for Bitcoin. I however believe the future applicability and usage is quite likely to be quite large (it isn't very useful to try to be more accurate).

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
April 11, 2013, 06:19:27 PM
 #2059

Non-US Users.  Please help me test!  Need unicode/non-en-us users to try it.

Armory 0.87.97-testing!  All testing releases are signed!

The new auto-bitcoind stuff came with a host of critical unicode issues.  In the past, such issues were simply annoying, but didn't actually prevent users from using Armory.  Now it did.  I have upgraded the critical paths to handle unicode, and added warnings for everything else.   One exception to unicode handling is that you cannot use unicode in your bitcoin.conf username or password, and only in Windows!  (it works fine in Linux)  Otherwise, I'm hoping this will go a lot better than before!

See the call for testing help:  
https://bitcointalk.org/index.php?topic=156250.msg1655941#msg1655941

Improvements from 0.87.95:

-Unicode issues addressed
-New offline bundle for Ubuntu 64-bit
-Frag/unfrag scripts bundled properly now in the offline bundle, I think
-Fixed a problem with existing, partial bitcoin.conf files.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
picobit
Hero Member
*****
Offline Offline

Activity: 547


Decor in numeris


View Profile
April 11, 2013, 06:30:26 PM
 #2060

What is the status with respect to testing under MacOS?  Should I build from source, and manage bitcoind/bitcoin-qt myself?
Pages: « 1 ... 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 [103] 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 ... 232 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!