Armory - Discussion Thread

[goatpig]

Create a ticket and attach your log files:

https://support.bitcoinarmory.com/home

I created the ticket https://support.bitcoinarmory.com/home, but a confirmation letter does not come at gmail.com ...

I found in the folder of ARMORY several logs. Which of the logs I need to send?

One guy (goatpig Hero Member) says to the next thread https://bitcointalk.org/index.php?topic=902412.msg9915688#msg9915688 that my ARMORY is offline because I am from Russia. I think that guy is delirious.

Same weird guy asking for your logs -_-". And I'm only delirious on certain days of the week.

Need both armorylog.txt and armorycpplog.txt

Not sure about the confirmation email, we changed ticket engine a short time ago, and I'm not familiar with the new one yet.

I can tell from your screenshots that Armory is not online. It's in an inconsistent state (STATE != COUNTRY), or situation if you prefer, or status, or condition. Anyways, it's not online. Add your logs to the ticket and wait for instructions on that end.

At least someone got a laugh out of this.

[aks174]

Create a ticket and attach your log files:

https://support.bitcoinarmory.com/home

I created the ticket https://support.bitcoinarmory.com/home, but a confirmation letter does not come at gmail.com ...

I found in the folder of ARMORY several logs. Which of the logs I need to send?

One guy (goatpig Hero Member) says to the next thread https://bitcointalk.org/index.php?topic=902412.msg9915688#msg9915688 that my ARMORY is offline because I am from Russia. I think that guy is delirious.

Same weird guy asking for your logs -_-". And I'm only delirious on certain days of the week.

Need both armorylog.txt and armorycpplog.txt

Not sure about the confirmation email, we changed ticket engine a short time ago, and I'm not familiar with the new one yet.

I can tell from your screenshots that Armory is not online. It's in an inconsistent state (STATE != COUNTRY), or situation if you prefer, or status, or condition. Anyways, it's not online. Add your logs to the ticket and wait for instructions on that end.

At least someone got a laugh out of this.

Thank you very much. I will send both files and armorylog.txt armorycpplog.txt

[bitpop]

We were messing with his data files earlier, he probably just needs to rebuild

His Bitcoin could also be corrupt

[aks174]

We were messing with his data files earlier, he probably just needs to rebuild

His Bitcoin could also be corrupt

Most likely you're right! volume data again tripled
http://ia116.mycdn.me/image?t=3&bid=666104991112&id=666104991112&plc=WEB&tkn=VoH3CTyteNNRhQxcTIHUppeFLVA

[etotheipi]

Armory 0.93 is now in testing!   For details:  https://bitcointalk.org/index.php?topic=919202


Worry not, everyone on the Armory team is alive and well, despite the lack of updates over the last few months.  We've been working diligently on both 0.93 as well as some not-yet-public things that you'll hear about soon!  In the meantime, please help test 0.93 testing version and claim some bounties!   https://bitcointalk.org/index.php?topic=919202

I'll just reiterate two important points from that thread:

• (1) This uses a new DB engine which is not compatible with the 0.92.3 databases.  If you are short on disk space, I recommend waiting to upgrade, and/or manually deleting the 0.92 databases after you've confirmed 0.93 works for you.  Before the final release we will determine an appropriate way to automatically delete the old DBs, or at least ask the user.
• (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

 

[solex]

• (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

 

Aha. Valuable information. Great work as usual!

[cypherdoc]

what's this Bitcoin Core 0.9.4 update notification i'm getting from Ubuntu?  it's from Launchpad Bitcoin PPA.  what do we do with it?

[Carlton Banks]

what's this Bitcoin Core 0.9.4 update notification i'm getting from Ubuntu?  it's from Launchpad Bitcoin PPA.  what do we do with it?

If 0.9 still works for you, you don't need 0.9.4. It's an(other) OpenSSL libraries clanger

[btchris]

what's this Bitcoin Core 0.9.4 update notification i'm getting from Ubuntu?  it's from Launchpad Bitcoin PPA.  what do we do with it?

If 0.9 still works for you, you don't need 0.9.4. It's an(other) OpenSSL libraries clanger

To elaborate a bit, if you follow the advice next to the "News" alert at the top of every bitcointalk.org page, you don't need 0.9.4. It's a minor update whose main reason for existence is to work around the OpenSSL change mentioned in the News alert (plus a few other pretty minor bug fixes).

[mmortal03]

• (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

Aha. Valuable information. Great work as usual!

What's the ETA, given that Core 0.10 has been released?

[bitpop]

• (2) You should not upgrade to Core 0.10 without this version!.  In other words, this new version of Armory is required if you plan to use the new version of Bitcoin Core (headers-first).  Luckily, they will probably both be officially released about the same time (end of Jan 2015).

Aha. Valuable information. Great work as usual!

What's the ETA, given that Core 0.10 has been released?

Works fine now, basically rc

[cypherdoc]

Fanny problems:

http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/3/

[etotheipi]

Fanny problems:

http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/3/

Wow, epic.  Thanks for that link, I hadn't seen that yet. 

Indeed Fanny is quite a piece of malware.  To save anyone else reading the effort of finding the section:

Fanny: A computer worm that exploited what in 2008 were two zero-day vulnerabilities in Windows to self-replicate each time an infected USB stick was inserted into a targeted computer. The main purpose of Fanny was to conduct reconnaissance on sensitive air-gapped networks. After infecting a computer not connected to the Internet, Fanny collected network information and saved it to a hidden area of the USB drive. If the stick was later plugged in to an Internet-computer, it would upload the data to attacker servers and download any attacker commands. If the stick was later plugged into the air-gapped machine, the downloaded commands would be executed. This process would continue each time the stick was switched between air-gapped and Internet-connected machines.

Luckily (?!?) all this malware seems to be specifically targeted at Windows.  In fact, there's no mention of any other OSes, and many of the descriptions of the malware are extremely Windows-specific:

GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)

[mmortal03]

Fanny problems:

http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/3/

Wow, epic.  Thanks for that link, I hadn't seen that yet. 

Indeed Fanny is quite a piece of malware.  To save anyone else reading the effort of finding the section:

Fanny: A computer worm that exploited what in 2008 were two zero-day vulnerabilities in Windows to self-replicate each time an infected USB stick was inserted into a targeted computer. The main purpose of Fanny was to conduct reconnaissance on sensitive air-gapped networks. After infecting a computer not connected to the Internet, Fanny collected network information and saved it to a hidden area of the USB drive. If the stick was later plugged in to an Internet-computer, it would upload the data to attacker servers and download any attacker commands. If the stick was later plugged into the air-gapped machine, the downloaded commands would be executed. This process would continue each time the stick was switched between air-gapped and Internet-connected machines.

Luckily (?!?) all this malware seems to be specifically targeted at Windows.  In fact, there's no mention of any other OSes, and many of the descriptions of the malware are extremely Windows-specific:

GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)

It was mentioned in there or some other article that they believe a Mac OS version of some of this malware is also out there.

[marcus_of_augustus]

most hdd are first loaded with windows at the factory so if the firmware is infected anytime before linux is installed then it will still be in the firmware, unless special efforts are made to reflash the hdd firmware before installing linux.

[Newar]

The infographic shows only FAT16 and 32 are affected?

[justusranvier]

I see a potential market for actual (not soft) hardware again.

[picobit]

That's not to say it couldn't be done on Linux or Mac ... but simply those weren't the target platforms.  And this is literally the most advanced malware on the planet, so we can hope that there's a high barrier to entry to replicate this on the other OS (as I write this, I realize there's no guarantee that they haven't already...)

The only "good" thing there is to say about this in connection with Armory is that these guys are professionals with huge budgets.  They are not going to expose themselves by stealing our meagre bitcoin stashes.  That gives us a short respite, at least until this malware leaks into the hands of the common criminals.  Who will probably mainly go after the home banking password.

[Newar]

Maybe time to chuck in this again:

Tx signing via minimodem
https://bitcointalk.org/index.php?topic=735111.0

Can of course be used with any sort of data you need to send / receive from the air-gapped system.

[goatpig]

Maybe time to chuck in this again:

Tx signing via minimodem
https://bitcointalk.org/index.php?topic=735111.0

Can of course be used with any sort of data you need to send / receive from the air-gapped system.

We have someone looking at it. No ETAs, but we are working the code.