Pages:
Author

Topic: Armory - Discussion Thread - page 91. (Read 521829 times)

legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
November 11, 2013, 03:12:27 PM
ok working on the online box now

"the bitcoin software appears to be installed now but needs to be closed for armory to work, close it now?

click ok, click try again

"the bitcoin software does not seem to be installed, change your settings..."

wtaf?  you just shut it down...good grief

I go to settings and point it to the bitcoin directory on my D drive, same message
legendary
Activity: 1764
Merit: 1002
November 11, 2013, 02:32:26 PM
why do i seem to be stuck at 98% "scanning transaction history" after a fresh install of 0.88.1 onto Ubuntu 13.10 with bitcoind in the background?

16GB RAM, 64 bit, 750 GB SSD.
legendary
Activity: 1593
Merit: 1004
November 08, 2013, 07:15:51 PM
Well put.
legendary
Activity: 2126
Merit: 1001
November 08, 2013, 06:07:30 PM
Not to be a d$%k but you said "So, the internal wallet-encryption is either secure enough, or it is not."  That really does not make sense to me.  A lot of people like to say your data is "secure" but really it's only secure because no one has found a way around it YET.  Then one day we hear on the news that all our credit card numbers are stolen.  At that point it went from "secure enough" to "not."  And it changed in a flash.
I would not want to be the mark of someone far smarter and depraved than me when they obsolete the word secure for my thumb drive.

Well, that's two different kinds of "security":

1) is "low level, algorithm security". Like, if the keys in the wallet file are encrypted via AES, ECDSA or similar, with xy bits and z rounds, I consider it secure.

2) is, totally independent, "high level, operation security". No matter how good 1) is, once I use "asdf" as password, or my supersecure password is stolen via keylogger or rubberhose attack, my funds are gone.

You are talking about 2). In the case you mention, most often servers are hacked (which is an entirely different attack vector than the walletstuff) and the data is stolen right out of the ram, or unencrypted active partition, or similar. 1) isn't even active in that case.
I talk about 1). I want (and am sure) the parameters and algorithms which encrypt the sensitive parts of the wallet to be sound, and to be resistant against brute-force attacks of a large scale attacker for many years. That's all 1) has to do. And it's most definitely not the solution against other, higher-level attacks.

And, as a note: I have long passphrase(s) or real random passwords for my wallets, have the long-term wallet rar-password-encrypted, and finally all wallets or the rar file in a password manager, encrypted with a long masterpassword. With that, I feel reasonably secure in the means of 1) to spread that file for backup. Against 2), I use different passwords, for example. So when one password and its wallet are cleared out, I wouldn't lose all of my wallets.

..and then let's get 3) in the mix: Backup all of that mess securely, but redeemable in case something happens to me :-)

Ente

Ente
legendary
Activity: 1593
Merit: 1004
November 08, 2013, 02:46:01 PM
Nah, I don't know, guys.. The point of an offline wallet is that the privkeys nor the wallet password is never present on the online computer.
Sure, you can encrypt the wallet once again with truecrypt, ssl or rar. But then, would you send someone to the battlefield with two bullet-proof vests?
Should he use two different passwords? So he has a greater risk of mixing them up or forgetting one? Or shall he use the same password twice, so the "outer" encryption is the only one needed to break?

So, the internal wallet-encryption is either secure enough, or it is not. And with the encryption set to need lots of ram (against GPU-bruteforcing), and knowing Alans level of quality-of-work, I lean out of the window to say that shall be enough.
BUT, don't forget you add other risks by having a plain (encrypted) wallet visible: People see it's a wallet (filename and contents), and they even see the public keys. This might, in a worst case scenario, lead to attacks (computational or physical) which wouldn't happen if the wallet was encrypted in "diary.rar".

###############


Alan, any thoughts on that?

I have a general wallet question, which is partly about BIP32, and partly how Armory will implement it.

1) As I understand it, a seed creates a tree, where each branch itself may form a new branch or whole tree, so to speak. With that, will Armory allow to create multiple "wallets" from one single seed?
Right now I use several wallets, for bookkeeping and not mixing up inputs/outputs of different categories. So it would be important that change addresses and inputs only mix within one "wallet" or "wallettree" or whatever it would be called.

With security in mind:
2) From knowing the "public key seed" (or similar) and one single private key, all private keys may be reconstructed. I guess from the "public key seed" and one public address all public addresses may be reconstructed as well then.
Is there anything I have to take care of in reality? As long as I only use regular Armory functions (sending and receiving) and don't export stuff and don't share my wallet file, nothing evil should happen? Is there anything to extract from the wallet file without knowing the encryption password?
3) I.e., is the "public key seed" encrypted too?

And, finally:
4) In case I can haz several "wallets" in one file, from one seed: Can I have several, different passwords for each "wallet"?

To make sense of all this:
Imagine I now have three wallets. One is my unencrypted playmoney, one is my regular funds, one is my long-term savings (with watch-only wallet), one is funds I manage for mom and grandpa. I don't want to lose all of those in case a keylogger steals my one password. I don't want my long-term savings on my online computer altogether.
Will I be able to have all this from one seed, with the new wallet format?

This would be a huge selling point for me, and differentiate Armory even more as a pro wallet, focusing on security and advanced features.

Ente

Ente

Not to be a d$%k but you said "So, the internal wallet-encryption is either secure enough, or it is not."  That really does not make sense to me.  A lot of people like to say your data is "secure" but really it's only secure because no one has found a way around it YET.  Then one day we hear on the news that all our credit card numbers are stolen.  At that point it went from "secure enough" to "not."  And it changed in a flash.
I would not want to be the mark of someone far smarter and depraved than me when they obsolete the word secure for my thumb drive.
legendary
Activity: 1148
Merit: 1018
November 08, 2013, 10:50:51 AM
If you're going to go through all the trouble of setting up an offline computer it's just silly to put your wallet into an online computer.

Exactly. For the money you use often you should already have an encrypted "hot" wallet in an online computer - the question is: how much are you willing to risk online? Is like having an X amount of cash in your pockets while you take a walk at night - how dangerous or safe is that walk (or how dangerous or safe is your neighborhood) depends on how security conscious you are with your computer, but the risk by being online, bigger or smaller, ALWAYS exists.

The only purpose of an offline wallet is precisely to reduce to the minimum the risk of having your cash in your pocket while you take a walk, if you bring that wallet online you are just defeating its primary purpose.
legendary
Activity: 2126
Merit: 1001
November 08, 2013, 07:26:43 AM
Nah, I don't know, guys.. The point of an offline wallet is that the privkeys nor the wallet password is never present on the online computer.
Sure, you can encrypt the wallet once again with truecrypt, ssl or rar. But then, would you send someone to the battlefield with two bullet-proof vests?
Should he use two different passwords? So he has a greater risk of mixing them up or forgetting one? Or shall he use the same password twice, so the "outer" encryption is the only one needed to break?

So, the internal wallet-encryption is either secure enough, or it is not. And with the encryption set to need lots of ram (against GPU-bruteforcing), and knowing Alans level of quality-of-work, I lean out of the window to say that shall be enough.
BUT, don't forget you add other risks by having a plain (encrypted) wallet visible: People see it's a wallet (filename and contents), and they even see the public keys. This might, in a worst case scenario, lead to attacks (computational or physical) which wouldn't happen if the wallet was encrypted in "diary.rar".

###############


Alan, any thoughts on that?


Ente
legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
November 07, 2013, 10:06:01 PM
very good, thank you
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
November 07, 2013, 09:40:36 PM
If you're going to go through all the trouble of setting up an offline computer it's just silly to put your wallet into an online computer.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
November 07, 2013, 08:25:36 PM
ok, but it is encrypted right?  as long as I never enter my password on a possibly keylogged box nobody can use it

That's like putting on your new bullet-proof vest then walking upright into an open field in a warzone.  You risk getting shot, and if you do you might survive, but if your vest (password) isn't high quality or the person happens to be using something like an anti-tank weapon (a lot of computing power to break your password), you might get screwed despite your nifty vest.  Why even risk it?
legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
November 07, 2013, 08:20:31 PM
ok, but it is encrypted right?  as long as I never enter my password on a possibly keylogged box nobody can use it
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
November 07, 2013, 08:02:45 PM
want to make sure I got this straight

created an encrypted wallet on an offline machine

made a backup of it on a USB stick

is it safe now to use that stick for other stuff, plug into internet connected machines, because it is encrypted right?

I wouldn't, it's not worth the risk.  Just spend a few bucks and get a dedicated USB key for your wallet.  There's no point in making a wallet on an offline machine and then sticking it into your online machine.
legendary
Activity: 3318
Merit: 4606
diamond-handed zealot
November 07, 2013, 06:44:37 PM
want to make sure I got this straight

created an encrypted wallet on an offline machine

made a backup of it on a USB stick

is it safe now to use that stick for other stuff, plug into internet connected machines, because it is encrypted right?
legendary
Activity: 980
Merit: 1008
November 07, 2013, 05:23:34 AM
I'm running Armory 0.89.99-5-beta (7cd98b1a282438fc060ecc84305e20f5b0970142 on the "testing" branch) and the "Spendable/Maximum Funds" number doesn't include the coins in my offline wallet. It only counts the coins in my online "pocket change" wallet. If I double click the offline/watching-only wallet, I can see the correct amount for "Spendable/Maximum Funds", but they are not included in the main window.

Here's the log:

Code:
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: free -m
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: ['cat', '/proc/cpuinfo']
2013-11-07 11:06 (INFO) -- armoryengine.py:782 -
2013-11-07 11:06 (INFO) -- armoryengine.py:783 -
2013-11-07 11:06 (INFO) -- armoryengine.py:784 -
2013-11-07 11:06 (INFO) -- armoryengine.py:785 - ************************************************************
2013-11-07 11:06 (INFO) -- armoryengine.py:786 - Invoked: /home/rune/Programming/BitcoinArmory/ArmoryQt.py
2013-11-07 11:06 (INFO) -- armoryengine.py:787 - ************************************************************
2013-11-07 11:06 (INFO) -- armoryengine.py:788 - Loading Armory Engine:
2013-11-07 11:06 (INFO) -- armoryengine.py:789 -    Armory Version        : 0.89.99.5
2013-11-07 11:06 (INFO) -- armoryengine.py:790 -    PyBtcWallet  Version  : 1.35
2013-11-07 11:06 (INFO) -- armoryengine.py:791 - Detected Operating system: Linux
2013-11-07 11:06 (INFO) -- armoryengine.py:792 -    OS Variant            : Ubuntu-13.04-raring
2013-11-07 11:06 (INFO) -- armoryengine.py:793 -    User home-directory   : /home/rune
2013-11-07 11:06 (INFO) -- armoryengine.py:794 -    Satoshi BTC directory : /home/rune/.bitcoin/
2013-11-07 11:06 (INFO) -- armoryengine.py:795 -    Armory home dir       : /home/rune/.armory/
2013-11-07 11:06 (INFO) -- armoryengine.py:796 - Detected System Specs    :
2013-11-07 11:06 (INFO) -- armoryengine.py:797 -    Total Available RAM   : 5.83 GB
2013-11-07 11:06 (INFO) -- armoryengine.py:798 -    CPU ID string         : Intel(R) Core(TM)2 Quad  CPU   Q9550  @ 2.83GHz
2013-11-07 11:06 (INFO) -- armoryengine.py:799 -    Number of CPU cores   : 4 cores
2013-11-07 11:06 (INFO) -- armoryengine.py:800 -    System is 64-bit      : True
2013-11-07 11:06 (INFO) -- armoryengine.py:801 -    Preferred Encoding    : UTF-8
2013-11-07 11:06 (INFO) -- armoryengine.py:802 -
2013-11-07 11:06 (INFO) -- armoryengine.py:803 - Network Name: Main Network
2013-11-07 11:06 (INFO) -- armoryengine.py:804 - Satoshi Port: 8333
2013-11-07 11:06 (INFO) -- armoryengine.py:805 - Named options/arguments to armoryengine.py:
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     leveldbDir      : DEFAULT
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     skipVerCheck    : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     satoshiPort     : DEFAULT
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     settingsPath    : /home/rune/.armory/ArmorySettings.txt
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     logFile         : /home/rune/.armory/ArmoryQt.py.log.txt
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     nettimeout      : 2
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     rescan          : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     doDebug         : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     datadir         : DEFAULT
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     netlog          : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     keypool         : 100
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     testnet         : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     rpcport         : DEFAULT
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     satoshiHome     : DEFAULT
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     forceOnline     : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     logDisable      : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     offline         : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     mtdebug         : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     rebuild         : False
2013-11-07 11:06 (INFO) -- armoryengine.py:807 -     interport       : 8223
2013-11-07 11:06 (INFO) -- armoryengine.py:808 - Other arguments:
2013-11-07 11:06 (INFO) -- armoryengine.py:811 - ************************************************************
2013-11-07 11:06 (INFO) -- armoryengine.py:1017 - C++ block utilities loaded successfully
2013-11-07 11:06 (INFO) -- armoryengine.py:13324 - Using the asynchronous/multi-threaded BlockDataManager.
2013-11-07 11:06 (INFO) -- armoryengine.py:13325 - Blockchain operations will happen in the background. 
2013-11-07 11:06 (INFO) -- armoryengine.py:13326 - Devs: check TheBDM.getBDMState() before asking for data.
2013-11-07 11:06 (INFO) -- armoryengine.py:13327 - Registering addresses during rescans will queue them for
2013-11-07 11:06 (INFO) -- armoryengine.py:13328 - inclusion after the current scan is completed.
2013-11-07 11:06 (INFO) -- armoryengine.py:11424 - Using settings file: /home/rune/.armory/ArmorySettings.txt
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1510 - loadWalletsAndSettings
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1557 - Loading wallets...
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1605 - Number of wallets read in: 2
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1610 -    Wallet (6QZdwscT):    "offline (Watch)                 "   (No Encryption)
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1610 -    Wallet (2uyc3aSdm):   "new pocket change               "   (Encrypted)
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1188 - Setting up networking...
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1241 - Internet connection is Available: True
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1242 - Bitcoin-Qt/bitcoind is Available: 0
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1243 - The first blk*.dat was Available: True
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1244 - Online mode currently possible:   0
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1251 - startBitcoindIfNecessary
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1282 - setSatoshiPaths
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: ['whereis', 'bitcoind']
2013-11-07 11:06 (INFO) -- armoryengine.py:10944 - "whereis" returned: ['/usr/bin/bitcoind', '/usr/bin/X11/bitcoind']
2013-11-07 11:06 (INFO) -- armoryengine.py:10834 - Found bitcoind in the following places:
2013-11-07 11:06 (INFO) -- armoryengine.py:10836 -    /usr/bin/bitcoind
2013-11-07 11:06 (INFO) -- armoryengine.py:10836 -    /usr/bin/bitcoind
2013-11-07 11:06 (INFO) -- armoryengine.py:10836 -    /usr/bin/X11/bitcoind
2013-11-07 11:06 (INFO) -- armoryengine.py:10838 - Using: /usr/bin/bitcoind
2013-11-07 11:06 (INFO) -- armoryengine.py:10990 - Reading bitcoin.conf file
2013-11-07 11:06 (INFO) -- armoryengine.py:11016 - Setting permissions on bitcoin.conf
2013-11-07 11:06 (INFO) -- armoryengine.py:11071 - Called startBitcoind
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: ['/usr/bin/bitcoind', '-datadir=/home/rune/.bitcoin/']
2013-11-07 11:06 (INFO) -- armoryengine.py:11112 - PID of bitcoind: 16908
2013-11-07 11:06 (INFO) -- armoryengine.py:11113 - PID of armory:   16883
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: ['python', '/home/rune/Programming/BitcoinArmory/guardian.py', '16883', '16908']
2013-11-07 11:06 (INFO) -- ArmoryQt.py:775 - setupUriRegistration
2013-11-07 11:06 (INFO) -- armoryengine.py:602 - Executing popen: gconftool-2 --get /desktop/gnome/url-handlers/bitcoin/command
2013-11-07 11:06 (INFO) -- armoryengine.py:11274 - Creating proxy in SDM: host=127.0.0.1, port=8332
2013-11-07 11:06 (INFO) -- ArmoryQt.py:4218 - Dashboard switched to auto-InitSync
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:InitializingLongTime
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:NewUserInfo
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Offline"
2013-11-07 11:06 (INFO) -- ArmoryQt.py:531 - Usermode: Advanced
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1021 - Changing usermode:
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1022 -    From: Advanced
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1030 -      To: Advanced
2013-11-07 11:06 (INFO) -- armoryengine.py:10747 - Signature on signed data block is GOOD!
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1160 - Latest versions:
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1161 -    Satoshi: 0.8.1
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1162 -     Armory: 0.88
2013-11-07 11:06 (INFO) -- ArmoryQt.py:1171 - You are running the latest version!
2013-11-07 11:06 (WARNING) -- armoryengine.py:11197 - Overriding not-available message. This should happen 0-5 times
2013-11-07 11:06 (WARNING) -- armoryengine.py:11197 - Overriding not-available message. This should happen 0-5 times
2013-11-07 11:06 (WARNING) -- armoryengine.py:11197 - Overriding not-available message. This should happen 0-5 times
2013-11-07 11:06 (INFO) -- ArmoryQt.py:4218 - Dashboard switched to auto-InitSync
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:InitializingDoneSoon
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:NewUserInfo
2013-11-07 11:06 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Offline"
2013-11-07 11:07 (INFO) -- ArmoryQt.py:4499 - Starting load blockchain
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1305 - loadBlockchainIfNecessary
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1351 - Setting netmode: 1
2013-11-07 11:07 (INFO) -- armoryengine.py:12343 - Setting online mode: True (wait=False)
2013-11-07 11:07 (INFO) -- armoryengine.py:13264 - Go online requested
2013-11-07 11:07 (INFO) -- armoryengine.py:12785 - Called __startLoadBlockchain()
2013-11-07 11:07 (INFO) -- ArmoryQt.py:4327 - Dashboard switched to "Scanning" mode
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:ScanWithWallets
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:NewUserInfo
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Scanning"
2013-11-07 11:07 (INFO) -- armoryengine.py:10354 - Connection initiated.  Start handshake
2013-11-07 11:07 (INFO) -- ArmoryQt.py:4327 - Dashboard switched to "Scanning" mode
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:ScanWithWallets
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:Auto, State:NewUserInfo
2013-11-07 11:07 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Scanning"
2013-11-07 11:07 (INFO) -- armoryengine.py:10443 - Received version message from peer:
2013-11-07 11:07 (INFO) -- armoryengine.py:10444 -    Version:     70001
2013-11-07 11:07 (INFO) -- armoryengine.py:10445 -    SubVersion:  /Satoshi:0.8.5/
2013-11-07 11:07 (INFO) -- armoryengine.py:10446 -    TimeStamp:   1383818871
2013-11-07 11:07 (INFO) -- armoryengine.py:10447 -    StartHeight: 268386
2013-11-07 11:07 (INFO) -- armoryengine.py:10625 - Handshake finished, connection open!
2013-11-07 11:07 (INFO) -- armoryengine.py:10747 - Signature on signed data block is GOOD!
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1160 - Latest versions:
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1161 -    Satoshi: 0.8.1
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1162 -     Armory: 0.88
2013-11-07 11:07 (INFO) -- ArmoryQt.py:1171 - You are running the latest version!
2013-11-07 11:07 (INFO) -- ArmoryQt.py:4419 - Satoshi Version: Curr: 805000, Latest: 801000
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 1.3
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 3.1
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 5.6
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 11.3
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 18.0
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 26.1
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 32.3
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 40.0
2013-11-07 11:08 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 46.4
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 52.8
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 62.1
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 67.4
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 76.3
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 85.2
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 89.4
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 7.4
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 18.9
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 34.8
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 49.2
2013-11-07 11:09 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 63.6
2013-11-07 11:10 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 79.2
2013-11-07 11:10 (INFO) -- armoryengine.py:12296 - Reading blockchain, pct complete: 95.0
2013-11-07 11:10 (INFO) -- ArmoryQt.py:4317 - Dashboard switched to fully-online mode
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull1
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Online"
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull2
2013-11-07 11:10 (INFO) -- ArmoryQt.py:4317 - Dashboard switched to fully-online mode
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull1
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Online"
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull2
2013-11-07 11:10 (INFO) -- ArmoryQt.py:1777 - Syncing wallet: 6QZdwscT
2013-11-07 11:10 (INFO) -- ArmoryQt.py:1777 - Syncing wallet: 2uyc3aSdm
2013-11-07 11:10 (INFO) -- ArmoryQt.py:1789 - Current block number: 268386
2013-11-07 11:10 (INFO) -- ArmoryQt.py:4317 - Dashboard switched to fully-online mode
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull1
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Online"
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull2
2013-11-07 11:10 (INFO) -- ArmoryQt.py:4317 - Dashboard switched to fully-online mode
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull1
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3633 - Switching Armory functional mode to "Online"
2013-11-07 11:10 (INFO) -- ArmoryQt.py:3691 - Switching Armory state text to Mgmt:User, State:OnlineFull2
2013-11-07 11:11 (INFO) -- ArmoryQt.py:4633 - New Block! : 268387
2013-11-07 11:11 (INFO) -- ArmoryQt.py:4657 - Current block number: 268387
2013-11-07 11:15 (INFO) -- armoryengine.py:10747 - Signature on signed data block is GOOD!
2013-11-07 11:15 (INFO) -- ArmoryQt.py:1171 - You are running the latest version!
2013-11-07 11:15 (INFO) -- ArmoryQt.py:4419 - Satoshi Version: Curr: 805000, Latest: 801000
legendary
Activity: 2126
Merit: 1001
November 06, 2013, 06:05:54 PM
Ente, that's why we invented this thing called a trusted platform module which lets us do crypto operations in a boxed, temper resistant environment.

Oh wow, here comes the next, even more polarizing topic! :-)
Nah, I'm no friend of TPMs in their current state. Or, maybe, I lost track of the actual current state. Did "roll your own CA into your TPM" ever materialize?
In fact, by now with the latest revelations I trust software much more than hardware. Be it a TPM or a PRNG. And even with software I am careful, I only use stuff Schneier was involved with for years now.

Ente
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
November 06, 2013, 02:25:04 PM
No matter how you look at it, Armory (and the decentralized Bitcoin concept) is that your computer holds the private keys.  No matter what kind of toppings you put on it, at some point your system decrypts the private key and uses it to sign a transaction.  Therefore, you can require as many devices as you want, in any complicated scheme you want, but unless there's a server somewhere holding they key, etc, it's not going to help.  Your computer still holds all the data needed to decrypt the single key needed to move the funds. (this is also why removable-media DRM keeps failing -- at some point, your computer or DVD drive has to decrypt the data and send the unencrypted results to the TV/monitor -- that process cannot only be intercepted, but also run in a VM and analyzed to excrutiating detail to reverse engineer the algorithms)

However, when I finally implement multi-sig, you will have actual 2FA -- the network acts as the "server" which requires two signatures from two different keys to move the coins.  And those keys can be be created completely separately, no located on the same device, thus requiring multiple devices to be compromised to get the signatures needed.

Until then, there really are no multi-factor solutions for a decentralized, run-locally app like Armory.
legendary
Activity: 905
Merit: 1012
November 06, 2013, 01:45:08 PM
Ente, that's why we invented this thing called a trusted platform module which lets us do crypto operations in a boxed, temper resistant environment.
hero member
Activity: 763
Merit: 500
November 06, 2013, 01:34:41 PM
Hmm fair enough, right now I have it enabled on top of my keepass database.  If anything it provides some protection against key loggers as if my password is logged the hacker then only logs the OTP password I use on my database to open it which would do him no good.
legendary
Activity: 2126
Merit: 1001
November 06, 2013, 01:29:26 PM
The problem with a local wallet is: No matter how well you protect it, be it 2FA or a DNA sample of the owner: Once you do a transaction, you have to unlock it, and that's exactly the moment the malware steals your coins.
Well, we could go on and have individual 2FA keys for every address. Then you can only lose that address you just unlocked. Technically, this would be possible. But then, instead of having a second device for the 2FA, why not have a watching only wallet on your computer and the whole wallet on your second device, to begin with?

Ente
cp1
hero member
Activity: 616
Merit: 500
Stop using branwallets
November 06, 2013, 12:29:06 PM
The OTP's I know from Google Authenticator are six-digit codes, so they certainly can't be used if an attacker has access to your wallet, as he would only need to try one million combinations.

Hopefully it would be used along with your password, instead of stand alone which would be silly.  But the main problem is they'd have access to your secret if they had access to your wallet.
Pages:
Jump to: