Bitcoin Forum
December 07, 2019, 10:00:04 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 »
  Print  
Author Topic: Armory - Discussion Thread  (Read 520954 times)
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 01, 2014, 07:40:15 PM
 #4141

I managed to create a situation where Armory 0.92.1 will perform a full blockchain scan every time the program is loaded.

I run bitcoind on a different (virtual) machine than Armory.

When I use NFS to share the blockchain directory, everything works.

Since both the bitcoind VM and the Armory VM are running on the same host, I tried moving the blockchain directory to the host and sharing it with both via 9pfs. The bitcoind VM gets read-write access, and the Armory VM gets read-only access.

Armory will perform a successful scan of the blockchain.

When I close it and open it up again, I get a

"Block file is in the wrong network!  MagicBytes: 00000000" error and it starts over from the beginning.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
pitiflin
Hero Member
*****
Offline Offline

Activity: 980
Merit: 507



View Profile
October 01, 2014, 09:07:05 PM
 #4142

Stupid (maybe not) question.

I want to update Armory, should I update Bitcoin Core as well?


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
bitpop
Legendary
*
Offline Offline

Activity: 2548
Merit: 1045


https://keybase.io/bitpop


View Profile WWW
October 01, 2014, 09:20:33 PM
 #4143

Stupid (maybe not) question.

I want to update Armory, should I update Bitcoin Core as well?

You don't have to but latest core is more critical than latest armory

Reputation  |  PGP  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
pitiflin
Hero Member
*****
Offline Offline

Activity: 980
Merit: 507



View Profile
October 01, 2014, 09:45:02 PM
 #4144

Stupid (maybe not) question.

I want to update Armory, should I update Bitcoin Core as well?

You don't have to but latest core is more critical than latest armory

Thanks Smiley


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
segeln
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
October 02, 2014, 11:02:55 AM
 #4145

when will 0.92.2 be out of testing?
I ask this question again
Hope I and cypherdoc get an answer
bitpop
Legendary
*
Offline Offline

Activity: 2548
Merit: 1045


https://keybase.io/bitpop


View Profile WWW
October 02, 2014, 11:06:21 AM
 #4146

when will 0.92.2 be out of testing?
I ask this question again
Hope I and cypherdoc get an answer

I don't think there's bugs so it doesn't really matter. Armory just likes to call everything testing.

Reputation  |  PGP  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 02, 2014, 12:14:45 PM
 #4147

http://www.wired.com/2014/10/code-published-for-unfixable-usb-attack/

https://github.com/adamcaudill/Psychson
segeln
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
October 02, 2014, 12:17:00 PM
 #4148

when will 0.92.2 be out of testing?
I ask this question again
Hope I and cypherdoc get an answer

I don't think there's bugs so it doesn't really matter. Armory just likes to call everything testing.
Thanks,hope you are right
segeln
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
October 02, 2014, 12:24:26 PM
 #4149

are only USB sticks right from the factory affected or old used ones as well?
As I understand it,USB Sitcks in use cannot get compromised
chrisrico
Hero Member
*****
Offline Offline

Activity: 496
Merit: 500


View Profile
October 02, 2014, 01:29:04 PM
 #4150

are only USB sticks right from the factory affected or old used ones as well?
As I understand it,USB Sitcks in use cannot get compromised

Nope, the whole reason why this is such a bad exploit is that most USB devices (not just flash drives) can have their firmware reprogrammed via software.
Perlover
Full Member
***
Offline Offline

Activity: 159
Merit: 100


View Profile
October 02, 2014, 02:17:50 PM
 #4151

I don't know somebody wrote to here or not.
But i think the Armory and other programs could have a potential vulnerability.

For example what if your computer with installed Armory (watch-only wallet mode) is infected and trojan/virus which modifies a receiving address in Armory's interface? How can i trust to my online watch-only computer that all generated addresses are my addresses? What if trojan/virus modifies installed DLLs/Shared libraries of Armory and substitute watch-only generated addresses or seed to hacker things? If i will send to money to generated address how can i sure that this address is my address for private key at offline computer? :-/

What do developers think about this?
segeln
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
October 02, 2014, 02:58:29 PM
 #4152

are only USB sticks right from the factory affected or old used ones as well?
As I understand it,USB Sitcks in use cannot get compromised

Nope, the whole reason why this is such a bad exploit is that most USB devices (not just flash drives) can have their firmware reprogrammed via software.
that is indeed a bad exploit.
What about antimalware/antiviruses programs like Norton,kaspersky,avira.Mc affee?
Could they detect those malicious software,when they are widespread and known ?
justusranvier
Legendary
*
Offline Offline

Activity: 1400
Merit: 1006



View Profile
October 02, 2014, 03:11:35 PM
 #4153

What about antimalware/antiviruses programs like Norton,kaspersky,avira.Mc affee?
Could they detect those malicious software,when they are widespread and known ?
No.

USB firmware exploits happen outside the control of the CPU and any software that may be running on it.

For now, you should probably use CD-Rs to move unsigned transactions across the air gap discard them after each use.

There might not be any exploitable CD drive firmware vulnerabilities that can be triggered by malicious data on a disc. Maybe.
SimonBelmond
Full Member
***
Offline Offline

Activity: 226
Merit: 100



View Profile
October 02, 2014, 03:13:49 PM
 #4154

I don't know somebody wrote to here or not.
But i think the Armory and other programs could have a potential vulnerability.

For example what if your computer with installed Armory (watch-only wallet mode) is infected and trojan/virus which modifies a receiving address in Armory's interface? How can i trust to my online watch-only computer that all generated addresses are my addresses? What if trojan/virus modifies installed DLLs/Shared libraries of Armory and substitute watch-only generated addresses or seed to hacker things? If i will send to money to generated address how can i sure that this address is my address for private key at offline computer? :-/

What do developers think about this?

I jsut double check the address before broadcasting. That's more or less all I can do. Of course you could take appart the unsigned and signed transaction before broadcasting. However, as long as I don't hear anything else I consider it safe enough...
segeln
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
October 02, 2014, 03:43:04 PM
 #4155

What about antimalware/antiviruses programs like Norton,kaspersky,avira.Mc affee?
Could they detect those malicious software,when they are widespread and known ?
No.

USB firmware exploits happen outside the control of the CPU and any software that may be running on it.

For now, you should probably use CD-Rs to move unsigned transactions across the air gap discard them after each use.

There might not be any exploitable CD drive firmware vulnerabilities that can be triggered by malicious data on a disc. Maybe.
thanks,justusranvier
Newar
Legendary
*
Offline Offline

Activity: 1358
Merit: 1000


https://gliph.me/hUF


View Profile
October 02, 2014, 03:59:37 PM
 #4156

What about antimalware/antiviruses programs like Norton,kaspersky,avira.Mc affee?
Could they detect those malicious software,when they are widespread and known ?
No.

USB firmware exploits happen outside the control of the CPU and any software that may be running on it.

For now, you should probably use CD-Rs to move unsigned transactions across the air gap discard them after each use.

There might not be any exploitable CD drive firmware vulnerabilities that can be triggered by malicious data on a disc. Maybe.

There's audio too, easier on the planet: https://bitcointalk.org/index.php?topic=735111.0

OTC rating | GPG keyid 1DC91318EE785FDE | Gliph: lightning bicycle tree music | Mycelium, a swift & secure Bitcoin client for Android | LocalBitcoins
cypherdoc
Legendary
*
Offline Offline

Activity: 1764
Merit: 1002



View Profile
October 02, 2014, 04:01:24 PM
 #4157

Stupid (maybe not) question.

I want to update Armory, should I update Bitcoin Core as well?

You don't have to but latest core is more critical than latest armory

so latest Bitcoin Core is compatible with ARmory 0.92.1?
bitpop
Legendary
*
Offline Offline

Activity: 2548
Merit: 1045


https://keybase.io/bitpop


View Profile WWW
October 02, 2014, 04:39:19 PM
 #4158

Stupid (maybe not) question.

I want to update Armory, should I update Bitcoin Core as well?

You don't have to but latest core is more critical than latest armory

so latest Bitcoin Core is compatible with ARmory 0.92.1?

Yeah the bitcoin rpc i dont think ever had deprecation

Reputation  |  PGP  |  Ethereum Classic
Bitcoin: 3DSh6AnmvBpDJFUz2mnLirMLmTMcFs9nDm
Perlover
Full Member
***
Offline Offline

Activity: 159
Merit: 100


View Profile
October 03, 2014, 04:10:20 PM
 #4159

I jsut double check the address before broadcasting. That's more or less all I can do. Of course you could take appart the unsigned and signed transaction before broadcasting. However, as long as I don't hear anything else I consider it safe enough...
I am about getting from Armory the address for receiving bitcoins. It's not neeeded for broadcasting...
As i think you about a sending of bitcoins...
Ente
Legendary
*
Offline Offline

Activity: 2126
Merit: 1001



View Profile
October 03, 2014, 08:42:43 PM
 #4160

I don't know somebody wrote to here or not.
But i think the Armory and other programs could have a potential vulnerability.

For example what if your computer with installed Armory (watch-only wallet mode) is infected and trojan/virus which modifies a receiving address in Armory's interface? How can i trust to my online watch-only computer that all generated addresses are my addresses? What if trojan/virus modifies installed DLLs/Shared libraries of Armory and substitute watch-only generated addresses or seed to hacker things? If i will send to money to generated address how can i sure that this address is my address for private key at offline computer? :-/

What do developers think about this?

I totally agree on that.
So, I try to pay a bitcoin to my landlord.
How do I get his adress? Via his website, or mail, or I noted it down in my Armory adressbook.
All of these can be easily replaced, without noticing, by malware.
Malware might also change stuff so the change adress isn't mine, but his. Not sure about that though.

That is no Armory-specific or even Bitcoin-specific problem. Same problem arises with regular bank account transfer, if I don't know the account details by heart.

The only thing Armory can secure, and does so well, is that you only lose that one transaction. As soon as your landlord kicks your butt, you know something is wrong with your computer. All other coins should still be safe on the offline computer.

Please, someone tell me what I overlooked here?

Ente
Pages: « 1 ... 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 [208] 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!