Bitcoin Forum
March 19, 2024, 05:19:01 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 [209] 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 521670 times)
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 04, 2014, 08:15:04 PM
 #4161

---

ok, got it.

but i have to say, this whole section on your website needs to be re-written and clarified if you want to stop getting these questions:

...

Yes, that should still work for the regular non-offline-bundle installers.  And it was supposed to work with the debs inside the bundle, but it seems that I make the bundles before I sign the .debs (so the bundle ends up with the non-signed version).  But the whole tar.gz list gets signed anyway, so the dpkg-sig signature is redundant, and the fact that I screwed up the redundant sig is what threw you off.  It's better to use the hash list anyway, since it covers all the files in the .tar.gz, not just the Armory installer itself.

I'd like to make this simpler, but there's just so many OSes, so many signature layers, and a complex web of operations performed to make sure everything is consistent (such as making sure that the installers are signed before making the hashes file, which needs to be signed, before creating the announce digest, that needs to be signed, so the secure downloader gets the right file with a valid signature.  I wish we could just use the secure downloader for everything, but the fact is that people have to somehow verify the first version of Armory that they get, which requires the GPG stuff.  


no worries.  it's just that devs use a different language sometimes  Wink  for instance, i think adding these words to what you said would make it clearer:

"But the signed hashes list is better, since the hash list covers every file in the .tar.gz, not just the .deb."
"I'm sure that in 20 years there will either be very large transaction volume or no volume." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710825541
Hero Member
*
Offline Offline

Posts: 1710825541

View Profile Personal Message (Offline)

Ignore
1710825541
Reply with quote  #2

1710825541
Report to moderator
1710825541
Hero Member
*
Offline Offline

Posts: 1710825541

View Profile Personal Message (Offline)

Ignore
1710825541
Reply with quote  #2

1710825541
Report to moderator
redphlegm
Sr. Member
****
Offline Offline

Activity: 246
Merit: 250


My spoon is too big!


View Profile
October 06, 2014, 02:48:12 PM
 #4162

Not sure if I found a bug or not but it sure seems like something that shouldn't work the way it does. Here's my scenario:

I use an old, offline machine running linux just for the purposes of offline signing for a couple Armory wallets. All was fine and dandy until I forgot the encryption passphrase for one of them. Not to worry though, right? Because I have the paper backup. So with that encrypted wallet for which I couldn't remember the encryption passphrase still in the list, I "recovered" the same wallet using the root key paper backup. It then gave me 3 options: to cancel, merge, or overwrite (with the text for "merge" saying that it would create a new passphrase). I chose the merge option. It then proceeded to "calculate new addresses" which was pretty processor intensive and ran for about 5-7 minutes. I didn't figure this was an issue and that it was a one-time thing so I didn't think much of it. Then I tried to spend from the wallet. I generated the transaction on an online computer, saved the tx file, loaded the tx file for signing on the offline computer, and then it did the same long processing activity (probably about 5 minutes) and it was finally signed. Saved the signed tx file, went to online computer, broadcast, and it went on without a hitch.

I haven't tried again as I don't have any reason to spend / send again but I'm wondering if I will have to deal with the 5-minute processing every time because I have a "merged" wallet with the passphrase changed.

And now that I think about it, what is the difference, on an offline machine, between a "merged" wallet and an "overwritten" wallet with a new encryption? Seems a bit redundant since the addresses, amounts, and transaction history aren't tracked.

Whiskey Fund: (BTC) 1whiSKeYMRevsJMAQwU8NY1YhvPPMjTbM | (Ψ) ALcoHoLsKUfdmGfHVXEShtqrEkasihVyqW
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
October 06, 2014, 02:59:02 PM
 #4163

Not sure if I found a bug or not but it sure seems like something that shouldn't work the way it does. Here's my scenario:

I use an old, offline machine running linux just for the purposes of offline signing for a couple Armory wallets. All was fine and dandy until I forgot the encryption passphrase for one of them. Not to worry though, right? Because I have the paper backup. So with that encrypted wallet for which I couldn't remember the encryption passphrase still in the list, I "recovered" the same wallet using the root key paper backup. It then gave me 3 options: to cancel, merge, or overwrite (with the text for "merge" saying that it would create a new passphrase). I chose the merge option. It then proceeded to "calculate new addresses" which was pretty processor intensive and ran for about 5-7 minutes. I didn't figure this was an issue and that it was a one-time thing so I didn't think much of it. Then I tried to spend from the wallet. I generated the transaction on an online computer, saved the tx file, loaded the tx file for signing on the offline computer, and then it did the same long processing activity (probably about 5 minutes) and it was finally signed. Saved the signed tx file, went to online computer, broadcast, and it went on without a hitch.

I haven't tried again as I don't have any reason to spend / send again but I'm wondering if I will have to deal with the 5-minute processing every time because I have a "merged" wallet with the passphrase changed.

And now that I think about it, what is the difference, on an offline machine, between a "merged" wallet and an "overwritten" wallet with a new encryption? Seems a bit redundant since the addresses, amounts, and transaction history aren't tracked.

In wallets that are encrypted (should be most of them) it sometimes generates all the addresses from the public keys when it doesn't have your password to generate the private keys with it.  In that case, it marks all the private keys to be calculated next time you unlock the wallet, which could be a lot of keys.  But once it is done, or won't need to do it again so each subsequent unlock should be much faster

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Moria843
Sr. Member
****
Offline Offline

Activity: 442
Merit: 250


Found Lost beach - quiet now


View Profile
October 06, 2014, 05:22:18 PM
 #4164

With the news on USB firmware hacks I was wondering if I should add a 3.5" floppy to my online computer to transfer from my cold storage old XP computer that already has a floppy. Would it be safer?

Hot time, summer in the city, back of my mine getting hot & gritty!!!
bitpop
Legendary
*
Offline Offline

Activity: 2912
Merit: 1060



View Profile WWW
October 06, 2014, 08:05:31 PM
 #4165

With the news on USB firmware hacks I was wondering if I should add a 3.5" floppy to my online computer to transfer from my cold storage old XP computer that already has a floppy. Would it be safer?

Those have firmware too

2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1060



View Profile
October 06, 2014, 09:06:23 PM
 #4166

Those have firmware too
Floppy firmware Huh

The problem is paucity of computers that still have the floppy drive interfaces. Physical drives and disks are quite easy to get on the secondary market.

Obviously, using an USB-attached floppy drive will put you back in square one.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
bitpop
Legendary
*
Offline Offline

Activity: 2912
Merit: 1060



View Profile WWW
October 06, 2014, 09:09:37 PM
 #4167

Those have firmware too
Floppy firmware Huh

The problem is paucity of computers that still have the floppy drive interfaces. Physical drives and disks are quite easy to get on the secondary market.

Obviously, using an USB-attached floppy drive will put you back in square one.


Oh internal floppy, do you even have a floppy header?

2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1060



View Profile
October 06, 2014, 09:27:59 PM
 #4168

Oh internal floppy, do you even have a floppy header?
Internal or external. It doesn't matter, lots of laptops had it as an option for "universal drive bay" or "expansion docking bay". On desktop motherboards it is nowadays available through the http://en.wikipedia.org/wiki/Low_Pin_Count bus instead of the historical "IBM PC-compatible" cable.


Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Moria843
Sr. Member
****
Offline Offline

Activity: 442
Merit: 250


Found Lost beach - quiet now


View Profile
October 06, 2014, 09:40:50 PM
 #4169

Those have firmware too
Floppy firmware Huh

The problem is paucity of computers that still have the floppy drive interfaces. Physical drives and disks are quite easy to get on the secondary market.

Obviously, using an USB-attached floppy drive will put you back in square one.


Oh internal floppy, do you even have a floppy header?
Would be using old IDE/ATA interface, not USB. Sure floppy has firmware, but I doubt the BadUSB problem attacks IDE/ATA firmware or if the old firmware was even writeable.

My cold storage XP computer already has a floppy and I have a PCI to IDE controller card that will allow me to interface an old floppy (I have several sitting around) to my on-line computer. Floppies would be used to transfer signature files. Just wondering if the old technology might be less susceptible to hacks like BadUSB.

Hot time, summer in the city, back of my mine getting hot & gritty!!!
bitpop
Legendary
*
Offline Offline

Activity: 2912
Merit: 1060



View Profile WWW
October 06, 2014, 09:45:57 PM
 #4170

Man that shit is old. Maybe sata to sd is a better option.

Moria843
Sr. Member
****
Offline Offline

Activity: 442
Merit: 250


Found Lost beach - quiet now


View Profile
October 06, 2014, 09:55:43 PM
 #4171

It is old. But it's spare parts I have laying around. Saw a 60 Minutes where they're still using 8" floppies in ICBM launch bunkers. Why - because they're controllers cannot be be hacked. That's what made me wonder about this option.

Hot time, summer in the city, back of my mine getting hot & gritty!!!
2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1060



View Profile
October 06, 2014, 10:35:31 PM
 #4172

Would be using old IDE/ATA interface, not USB. Sure floppy has firmware, but I doubt the BadUSB problem attacks IDE/ATA firmware or if the old firmware was even writeable.

My cold storage XP computer already has a floppy and I have a PCI to IDE controller card that will allow me to interface an old floppy (I have several sitting around) to my on-line computer. Floppies would be used to transfer signature files. Just wondering if the old technology might be less susceptible to hacks like BadUSB.
You seem to be confused. Floppies have no firmware neither in the drive nor in the controller. It is all hard-wired logic sequencers. Moreover normal floppies never used IDE/ATA interface or anything similar, those were for hard drives. Fortunately the connectors won't fit, so there's no possibility of damage. Lots of even fairly modern motherboards will support floppy connected via the LPC as a last-resort recovery from a locked-out administrator access to the IPMI, AMT or similar pre-boot low-level interfaces. It is frequently not even described in the regular documentation.

There are some extremely rare IDE-attached floppy-like drives like:
http://en.wikipedia.org/wiki/Floptical
http://en.wikipedia.org/wiki/SuperDisk
http://en.wikipedia.org/wiki/Zip_drive
http://en.wikipedia.org/wiki/Sony_HiFD
http://en.wikipedia.org/wiki/Caleb_UHD144
but those aren't real floppies and do have firmware. Although they are so rare, that one can probably assume that nobody would bother to hack them.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Adrian-x
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000



View Profile
October 06, 2014, 10:58:28 PM
 #4173

Every time I updated Armory (windows 64 bit version) my antivirus software quarantines “guardian.exe”  I wasn’t able to find a satisfactory explanation as to its function.

can anyone shed some light on the following questions:

What does it do? Why does Armory need it?
My Armory seems to functions just fine without it, is there anything I should know or be concerned about? 
Is it safe to ask my antivirus to ignore this file?

Thanks,

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
Moria843
Sr. Member
****
Offline Offline

Activity: 442
Merit: 250


Found Lost beach - quiet now


View Profile
October 06, 2014, 11:28:30 PM
 #4174

Would be using old IDE/ATA interface, not USB. Sure floppy has firmware, but I doubt the BadUSB problem attacks IDE/ATA firmware or if the old firmware was even writeable.

My cold storage XP computer already has a floppy and I have a PCI to IDE controller card that will allow me to interface an old floppy (I have several sitting around) to my on-line computer. Floppies would be used to transfer signature files. Just wondering if the old technology might be less susceptible to hacks like BadUSB.
You seem to be confused. Floppies have no firmware neither in the drive nor in the controller. It is all hard-wired logic sequencers. Moreover normal floppies never used IDE/ATA interface or anything similar, those were for hard drives. Fortunately the connectors won't fit, so there's no possibility of damage. Lots of even fairly modern motherboards will support floppy connected via the LPC as a last-resort recovery from a locked-out administrator access to the IPMI, AMT or similar pre-boot low-level interfaces. It is frequently not even described in the regular documentation.

There are some extremely rare IDE-attached floppy-like drives like:
http://en.wikipedia.org/wiki/Floptical
http://en.wikipedia.org/wiki/SuperDisk
http://en.wikipedia.org/wiki/Zip_drive
http://en.wikipedia.org/wiki/Sony_HiFD
http://en.wikipedia.org/wiki/Caleb_UHD144
but those aren't real floppies and do have firmware. Although they are so rare, that one can probably assume that nobody would bother to hack them.

You're right. I was looking at my old "Super I/O" card that states it "contains a Floppy Disk Controller" and thought this was an IDE/ATA interface but guess that's different.
It states:
» Supports two 360K / 720K / 1.2M / 1.44M / 2.88M floppy disk drives
» Enhanced digital data separator
» 3-Mode drives supported
But, it's definitely not USB since it has the old parallel ribbon cable connectors that connect to the old 3.5" floppy drives.

Hot time, summer in the city, back of my mine getting hot & gritty!!!
goatpig
Moderator
Legendary
*
Offline Offline

Activity: 3640
Merit: 1345

Armory Developer


View Profile
October 06, 2014, 11:47:10 PM
 #4175

Every time I updated Armory (windows 64 bit version) my antivirus software quarantines “guardian.exe”  I wasn’t able to find a satisfactory explanation as to its function.

can anyone shed some light on the following questions:

What does it do? Why does Armory need it?
My Armory seems to functions just fine without it, is there anything I should know or be concerned about? 
Is it safe to ask my antivirus to ignore this file?

Thanks,


If you use auto managed bitcoind, it will be ran monitor the bitcoind instance spawned by Armory. If Armory was to crash, it will kill that bitcoind instance and exit.

etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
October 07, 2014, 12:50:09 AM
 #4176

Every time I updated Armory (windows 64 bit version) my antivirus software quarantines “guardian.exe”  I wasn’t able to find a satisfactory explanation as to its function.

can anyone shed some light on the following questions:

What does it do? Why does Armory need it?
My Armory seems to functions just fine without it, is there anything I should know or be concerned about? 
Is it safe to ask my antivirus to ignore this file?

Thanks,


If you use auto managed bitcoind, it will be ran monitor the bitcoind instance spawned by Armory. If Armory was to crash, it will kill that bitcoind instance and exit.

More specifically, if Armory runs Bitcoin Core for you in the background, sometimes it will leave Bitcoin Core running in the background if Armory crashes.  guardian.exe is a very short program with the sole purpose of killing Bitcoin Core if Armory fails to close it.  It was especially important on Windows where Armory would mysteriously fail to close Core even on a clean shutdown. 

If you quarantine guardian.exe and don't allow it to run, you'll be fine.  But you might occasionally start Armory and it will tell you Core is already running, even though you never started it.  You'll have to go into the task manager and kill it manually.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Adrian-x
Legendary
*
Offline Offline

Activity: 1372
Merit: 1000



View Profile
October 07, 2014, 12:55:32 AM
 #4177

thanks etotheipi and goatpig,

Occasionally I feel armory didn’t close properly as Armory has to re index the internal database on reboot. Not sure as this hasn’t happened with 0.92.3 yet but would that be related?

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1060



View Profile
October 07, 2014, 01:12:42 AM
Last edit: October 07, 2014, 04:03:14 AM by 2112
 #4178

You're right. I was looking at my old "Super I/O" card that states it "contains a Floppy Disk Controller" and thought this was an IDE/ATA interface but guess that's different.
It states:
» Supports two 360K / 720K / 1.2M / 1.44M / 2.88M floppy disk drives
» Enhanced digital data separator
» 3-Mode drives supported
But, it's definitely not USB since it has the old parallel ribbon cable connectors that connect to the old 3.5" floppy drives.
Yep, you are good to go and as safe as the US ICBM operators. Although if I remember correctly the ICBM operators are required to sit on their chairs (with rails instead of rollers) and wear seat-belts (chairbelts?) when swapping floppies.

Important edit for the beginners:

1) Do not allow any of the computers to boot off of the floppy or CD-ROM. Always remember to immediately remove the floppy or CD-RW used to exchange the data between the computers, lest you forget and reboot the machine accidentally.

2) Do not install any additional drivers that might have came with the PCI board or the laptop expansion bay. The added device should be recognized by the OS itself. If the device isn't auto-recognized then it also isn't really safe. There were well-know vendors who inadvertently distributed viruses/trojans/bad OS patches on their pressed driver CD-ROMs.

I apologize for not putting this disclaimer when writing the original message.



Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
etotheipi (OP)
Legendary
*
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
October 07, 2014, 02:50:17 AM
 #4179

Sorry for the delay guys.  First, my release script was broken, and I wasn't able to sign the 0.92.3 tag before making the full release.  I had planned to do it the next day.  The next day my primary hard-drive died before I could complete the process.  D'oh!

Anyways, I got everything sorted out now and I just pushed the tag v0.92.3.  That should complete the release.  Future releases should have the signed tag pushed at the same time the signed installers are uploaded to S3.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
paranoidx
Full Member
***
Offline Offline

Activity: 146
Merit: 100


View Profile
October 07, 2014, 04:00:29 AM
 #4180

Okay, tried to update armory through the .deb file 13.10.
I'm running Linux Mint 16 petra.

it gave me an error and told me I had to run sudo apt-get install -f from the terminal.
It wouldn't let me open a terminal window, so I restarted the system.

Instead of booting to the Linux Mint logon screen, it now gives me the Ubuntu 13.10 startup screen but never gets to logon.

I went into linux mint recovery and did the sudo apt0get install -f from there, but rebooting  the system still gives me a stuck screen that shows ubuntu 13.10.

Any ideas?
Pages: « 1 ... 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 [209] 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!