Bitcoin Forum
July 21, 2017, 04:53:44 AM *
News: The warning which may be displayed by Bitcoin Core about unknown versions is related to BIP91, and can be safely ignored.
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 [219] 220 221 222 223 224 225 226 227 228 229 230 231 232 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 504692 times)
mmortal03
Legendary
*
Offline Offline

Activity: 1536


View Profile
February 17, 2015, 12:12:22 AM
 #4361

  • (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

Aha. Valuable information. Great work as usual!

What's the ETA, given that Core 0.10 has been released?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1500612824
Hero Member
*
Offline Offline

Posts: 1500612824

View Profile Personal Message (Offline)

Ignore
1500612824
Reply with quote  #2

1500612824
Report to moderator
bitpop
Legendary
*
Offline Offline

Activity: 2100


https://keybase.io/bitpop


View Profile WWW
February 17, 2015, 12:32:06 AM
 #4362

  • (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

Aha. Valuable information. Great work as usual!

What's the ETA, given that Core 0.10 has been released?

Works fine now, basically rc

Reputation  |  PGP  |  DigitalOcean  |  TorGuard  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Bitmessage: BM-2cXN9j8NFT2n1FxDVQ6HQq4D4MZuuaBFyb
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
February 17, 2015, 01:45:56 AM
 #4363

Fanny problems:

http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/3/
etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
February 17, 2015, 03:13:56 AM
 #4364


Wow, epic.  Thanks for that link, I hadn't seen that yet. 

Indeed Fanny is quite a piece of malware.  To save anyone else reading the effort of finding the section:

Quote
Fanny: A computer worm that exploited what in 2008 were two zero-day vulnerabilities in Windows to self-replicate each time an infected USB stick was inserted into a targeted computer. The main purpose of Fanny was to conduct reconnaissance on sensitive air-gapped networks. After infecting a computer not connected to the Internet, Fanny collected network information and saved it to a hidden area of the USB drive. If the stick was later plugged in to an Internet-computer, it would upload the data to attacker servers and download any attacker commands. If the stick was later plugged into the air-gapped machine, the downloaded commands would be executed. This process would continue each time the stick was switched between air-gapped and Internet-connected machines.

Luckily (?!?) all this malware seems to be specifically targeted at Windows.  In fact, there's no mention of any other OSes, and many of the descriptions of the malware are extremely Windows-specific:

Quote
GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
mmortal03
Legendary
*
Offline Offline

Activity: 1536


View Profile
February 17, 2015, 03:42:53 AM
 #4365


Wow, epic.  Thanks for that link, I hadn't seen that yet. 

Indeed Fanny is quite a piece of malware.  To save anyone else reading the effort of finding the section:

Quote
Fanny: A computer worm that exploited what in 2008 were two zero-day vulnerabilities in Windows to self-replicate each time an infected USB stick was inserted into a targeted computer. The main purpose of Fanny was to conduct reconnaissance on sensitive air-gapped networks. After infecting a computer not connected to the Internet, Fanny collected network information and saved it to a hidden area of the USB drive. If the stick was later plugged in to an Internet-computer, it would upload the data to attacker servers and download any attacker commands. If the stick was later plugged into the air-gapped machine, the downloaded commands would be executed. This process would continue each time the stick was switched between air-gapped and Internet-connected machines.

Luckily (?!?) all this malware seems to be specifically targeted at Windows.  In fact, there's no mention of any other OSes, and many of the descriptions of the malware are extremely Windows-specific:

Quote
GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)



It was mentioned in there or some other article that they believe a Mac OS version of some of this malware is also out there.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2324



View Profile
February 17, 2015, 05:28:23 AM
 #4366

most hdd are first loaded with windows at the factory so if the firmware is infected anytime before linux is installed then it will still be in the firmware, unless special efforts are made to reflash the hdd firmware before installing linux.

Newar
Legendary
*
Offline Offline

Activity: 1218


https://gliph.me/hUF


View Profile
February 17, 2015, 07:08:35 AM
 #4367

The infographic shows only FAT16 and 32 are affected?

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
February 17, 2015, 07:17:11 AM
 #4368

I see a potential market for actual (not soft) hardware again.
picobit
Hero Member
*****
Offline Offline

Activity: 547


Decor in numeris


View Profile
February 17, 2015, 08:01:43 AM
 #4369

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)

The only "good" thing there is to say about this in connection with Armory is that these guys are professionals with huge budgets.  They are not going to expose themselves by stealing our meagre bitcoin stashes.  That gives us a short respite, at least until this malware leaks into the hands of the common criminals.  Who will probably mainly go after the home banking password. Smiley
Newar
Legendary
*
Offline Offline

Activity: 1218


https://gliph.me/hUF


View Profile
February 17, 2015, 04:03:25 PM
 #4370

Maybe time to chuck in this again:

Tx signing via minimodem
https://bitcointalk.org/index.php?topic=735111.0

Can of course be used with any sort of data you need to send / receive from the air-gapped system.

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
goatpig
Moderator
Legendary
*
Offline Offline

Activity: 1554

Armory Developer


View Profile
February 17, 2015, 04:24:17 PM
 #4371

Maybe time to chuck in this again:

Tx signing via minimodem
https://bitcointalk.org/index.php?topic=735111.0

Can of course be used with any sort of data you need to send / receive from the air-gapped system.

We have someone looking at it. No ETAs, but we are working the code.

Moria843
Sr. Member
****
Offline Offline

Activity: 404


Found Lost beach - quiet now


View Profile
February 17, 2015, 05:48:27 PM
 #4372

I thought turning off all autorun/start functions on my hot and cold computer protected me.

I agree this exploit probably isn't being wasted on us.

Does anyone produce a "secure" USB drive or a drive whose firmware is read only?

Hot time, summer in the city, back of my mine getting hot & gritty!!!
Adrian-x
Legendary
*
Offline Offline

Activity: 1358



View Profile
February 17, 2015, 06:15:37 PM
 #4373

I thought turning off all autorun/start functions on my hot and cold computer protected me.

I agree this exploit probably isn't being wasted on us.

Does anyone produce a "secure" USB drive or a drive whose firmware is read only?

I'm glad my offline backup never has internet assess, the question is now can I repurpose the machine at some later date without compromising my passwords and seeds? 

Thank me in Bits 12MwnzxtprG2mHm3rKdgi7NmJKCypsMMQw
Rampion
Legendary
*
Offline Offline

Activity: 1106


View Profile
February 19, 2015, 03:41:10 PM
 #4374

Oops, I just updated to Bitcoin Core 0.10.0 and fired up Armory 0.92.3, it looks stuck on "building databases"... Did I screw up?

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
February 19, 2015, 03:54:53 PM
 #4375

Oops, I just updated to Bitcoin Core 0.10.0 and fired up Armory 0.92.3, it looks stuck on "building databases"... Did I screw up?

Use the secure downloader to grab 0.92.99.7-testing.  It's a release candidate and should be officially renamed to 0.93 tomorrow (or latest Monday).

You'll wipe the DBs, but the rebuild is super fast!  Thank goatpig for that Smiley

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Rampion
Legendary
*
Offline Offline

Activity: 1106


View Profile
February 19, 2015, 03:59:06 PM
 #4376

Oops, I just updated to Bitcoin Core 0.10.0 and fired up Armory 0.92.3, it looks stuck on "building databases"... Did I screw up?

Use the secure downloader to grab 0.92.99.7-testing.  It's a release candidate and should be officially renamed to 0.93 tomorrow (or latest Monday).

You'll wipe the DBs, but the rebuild is super fast!  Thank goatpig for that Smiley

OK, will do that... BTW, Armory 0.92.3 finally built the database and displayed the correct balance, so I guess is somewhat compatible with BC 0.10.0

goatpig
Moderator
Legendary
*
Offline Offline

Activity: 1554

Armory Developer


View Profile
February 19, 2015, 04:00:29 PM
 #4377

Oops, I just updated to Bitcoin Core 0.10.0 and fired up Armory 0.92.3, it looks stuck on "building databases"... Did I screw up?

Use the secure downloader to grab 0.92.99.7-testing.  It's a release candidate and should be officially renamed to 0.93 tomorrow (or latest Monday).

You'll wipe the DBs, but the rebuild is super fast!  Thank goatpig for that Smiley

OK, will do that... BTW, Armory 0.92.3 finally built the database and displayed the correct balance, so I guess is somewhat compatible with BC 0.10.0

I will crash if you receive blocks out of order while it is running. It should resume properly after a restart though.

Rampion
Legendary
*
Offline Offline

Activity: 1106


View Profile
February 19, 2015, 04:00:52 PM
 #4378

Don't see 0.92.99.7-testing, it says last update retrieved 4 months ago, maybe because I have my system set up to run through Tor?

EDIT: I managed to reactivate secure download by tweaking the "privacy setting", but i see 0.92.99.7 only on Windows - I'm a mac user.

etotheipi
Legendary
*
Offline Offline

Activity: 1428


Core Armory Developer


View Profile WWW
February 19, 2015, 04:16:07 PM
 #4379

Don't see 0.92.99.7-testing, it says last update retrieved 4 months ago, maybe because I have my system set up to run through Tor?

EDIT: I managed to reactivate secure download by tweaking the "privacy setting", but i see 0.92.99.7 only on Windows - I'm a mac user.

Oh, the navigation system for that is a mess, and I've been meaning to rework it.  Select an earlier version of OSX than the latest.  You should then see it.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Rampion
Legendary
*
Offline Offline

Activity: 1106


View Profile
February 19, 2015, 04:20:05 PM
 #4380

Don't see 0.92.99.7-testing, it says last update retrieved 4 months ago, maybe because I have my system set up to run through Tor?

EDIT: I managed to reactivate secure download by tweaking the "privacy setting", but i see 0.92.99.7 only on Windows - I'm a mac user.

Oh, the navigation system for that is a mess, and I've been meaning to rework it.  Select an earlier version of OSX than the latest.  You should then see it.

Yep, I see it if I select as an OSX version 10.9.4 or lower... If I select 10.10 only 0.91.2 appears (?)

Pages: « 1 ... 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 [219] 220 221 222 223 224 225 226 227 228 229 230 231 232 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!