MultiBit - page 30. | Bitcointalksearch.org

jim618

legendary

Activity: 1708

Merit: 1066

Quote from: Grouver (BtcBalance) on February 08, 2013, 11:01:56 AM

All remaining Dutch translations just got approved by me.
These will be included in next update wich is probably coming upcoming week.

Thanks for that Grouver !
Yes I am aiming for the next live release on Monday, all being well.

jim618

legendary

Activity: 1708

Merit: 1066

Quote from: gabbynot on February 08, 2013, 10:58:53 AM

Is there any way to do some sort of reset/rescan? I have a few transactions that have been stuck at "seen by 1 peer. Not seen in chain" status for awhile. Also, my BTC balance shown is 4x higher than it should be for whatever reason.

I'm using the Mac 0.4.19 version.

Thanks!

Hi Gabbynot,

Yes there is a rescan option in the menu option "Tool | Reset blockchain and transaction"
The help for it is here:

https://multibit.org/help_resetBlockchain.html

If I use it I normally take it back to the transaction previous to the one that was causing trouble.

Grouver (BtcBalance)

hero member

Activity: 530

Merit: 500

All remaining Dutch translations just got approved by me.
These will be included in next update wich is probably coming upcoming week.

gabbynot

sr. member

Activity: 341

Merit: 250

Is there any way to do some sort of reset/rescan? I have a few transactions that have been stuck at "seen by 1 peer. Not seen in chain" status for awhile. Also, my BTC balance shown is 4x higher than it should be for whatever reason.

I'm using the Mac 0.4.19 version.

Thanks!

jim618

legendary

Activity: 1708

Merit: 1066

Hi J180,

Is the wallet.dat you are opening a Bitcoin-QT wallet ? I.e. From the main Satoshi cient ?
The format of the wallets is different between clients - you can only open MultiBit wallets in MultiBit.

J180

full member

Activity: 121

Merit: 100

I am using windows xp. When I try to open my old wallet.dat it just gives a "com.google.protobuf...." error message.

jim618

legendary

Activity: 1708

Merit: 1066

Hi ZoladkowaGorzka,

At the moment the wallets in MultiBit are 'random key' wallets rather than deterministic. Each key is derived from a random number i.e. there is no master private key (like in Electrum and Armory).

The individual private keys you can export into a file using Tools | Export Private Keys.

BIP32 / Hierarchical Deterministic wallets (which will have a master private key) are on the roadmap but they will be a while yet.

ZoladkowaGorzka

full member

Activity: 149

Merit: 100

Quote from: jim618 on January 30, 2013, 06:19:42 AM

Quote from: ZoladkowaGorzka on January 30, 2013, 05:37:01 AM

Is there a limit for generated addresses in wallet?

There is no fixed limit to the number of generated addresses in a wallet no. With the test code I make it a bit easier to add more than 1 by have a selector for 1, 5, 20, 100 addresses.

The limit is reality is probably to do with how quickly transactions are processed and screen refreshes. This is a bit unknown.
The current code is probably ok up to wallets of, say, 1000 addresses but I expect there would be some snags larger than that as it is unexplored territory.

Are you planning creating option of exporting/showing master private key? Or is there such option already?

Mike Hearn

legendary

Activity: 1526

Merit: 1134

Java makes no difference to viruses that spread via email, I don't know why this comes up.

Java is not a security issue for an app like MultiBit, it's as simple as that.

lenny_

legendary

Activity: 1036

Merit: 1000

DARKNETMARKETS.COM

Quote from: jim618 on January 30, 2013, 11:13:15 AM

Oracle is doing a terrible job keeping people informed about Java vulnerabilities and patching them. I think they are intentionally dragging their feet so that everyone switches it off in browsers etc (then they don't have to support it).

Nowadays, you don't need to even switch if off yourself in your browser. Mozilla Firefox is disabling Java addon competely by default, as soon as it is installed:
https://addons.mozilla.org/en-US/firefox/blocked/p182

jim618

legendary

Activity: 1708

Merit: 1066

Hi Grouver,

I appreciate your concern but it's more work (and more ongoing work as it makes support trickier).
It is tricky enough supporting Win/ Linux/ Mac as it is.
It is a Java program using a Java library after all. The installer is Java too.

If you didn't want it on your machine you could have both MultiBit and a Java runtime on a USB stick.
Or put MultiBit and a Java runtime in a disk/ TruCrypt volume that you only opened when you wanted to run MultiBit.

Grouver (BtcBalance)

hero member

Activity: 530

Merit: 500

Quote from: jim618 on January 30, 2013, 11:13:15 AM

Quote from: Grouver (BtcBalance) on January 30, 2013, 10:02:09 AM

So whats about the hundreds of different viruses you can get via an email that may infect you if your Java is not updated then?
Am I missing something here?

You are correct but I think you are talking about another attack.
Imagine you have an attachment called:

aFunnyPic.jpg.exe
or
aFunnyPic.jpg.jar

and have the setting on to not to see extensions you know about.

Then these look like:

aFunnyPic.jpg

If you double click it to open it, the exe/jar will try to open (well, maybe, I guess it depends on your mail program/ system settings).
If you run a process on your machine then it can do something.
You basically don't want any code you don't know about running on your machine.

Oracle is doing a terrible job keeping people informed about Java vulnerabilities and patching them. I think they are intentionally dragging their feet so that everyone switches it off in browsers etc (then they don't have to support it).

Thats what I mean yes.
So thats why I prefer to not use Java since virus scanners usually lack behind the new virusses that are spread via email.
It normally take them 2 or even 5 days to figure out how to detect the virus and to update there virus database.
Thats why I would like to see an version of Multibit where I don't need to install Java but where its just strapped in when Multibit starts.

jim618

legendary

Activity: 1708

Merit: 1066

Quote from: Grouver (BtcBalance) on January 30, 2013, 10:02:09 AM

So whats about the hundreds of different viruses you can get via an email that may infect you if your Java is not updated then?
Am I missing something here?

You are correct but I think you are talking about another attack.
Imagine you have an attachment called:

aFunnyPic.jpg.exe
or
aFunnyPic.jpg.jar

and have the setting on to not to see extensions you know about.

Then these look like:

aFunnyPic.jpg

If you double click it to open it, the exe/jar will try to open (well, maybe, I guess it depends on your mail program/ system settings).
If you run a process on your machine then it can do something.
You basically don't want any code you don't know about running on your machine.

Oracle is doing a terrible job keeping people informed about Java vulnerabilities and patching them. I think they are intentionally dragging their feet so that everyone switches it off in browsers etc (then they don't have to support it).

Grouver (BtcBalance)

hero member

Activity: 530

Merit: 500

So whats about the hundreds of different viruses you can get via an email that may infect you if your Java is not updated then?
Am I missing something here?

jim618

legendary

Activity: 1708

Merit: 1066

Yeah - I was going to follow up on Mike's point too:

Java in browser = switch it off to stop random code running in your browser.

A signed Java application running on your machine = you are only running code you know about.

Mike Hearn

legendary

Activity: 1526

Merit: 1134

As I pointed out before, Java is only a security issue when it's exposed to random untrusted code, like via a web browser plugin.

jim618

legendary

Activity: 1708

Merit: 1066

Quote from: Grouver (BtcBalance) on January 30, 2013, 05:53:08 AM

Hi Jim.
I would like to come back to the Java requirement issue.
We all know an outdated version of Java can get you infected really easy by for instance an infected email.
Since this virus could infect you with a keylogger it could intercept the password of your Multibit wallet.
This reminds me to Mike his suggestion: https://bitcointalksearch.org/topic/m.1241820

Is there any process on this important (if you ask me) subject?

Thanks.

Hi Grouver,

I had a look at the Jet website and it is a possibility as it is free for non-commercial use.
I haven't taken it any further though.

It would be important I guess if you had an outright ban on Java running on machines (say in a corporate environment).
A keylogger would be a threat to any Bitcoin wallet should it get onto your machine.

Hardware wallets (like Trezor) might help in this regard as the authorization is on the device.
But TBH if your machine isn't secure it's pretty difficult to defend against.

jim618

legendary

Activity: 1708

Merit: 1066

Quote from: ZoladkowaGorzka on January 30, 2013, 05:37:01 AM

Is there a limit for generated addresses in wallet?

There is no fixed limit to the number of generated addresses in a wallet no. With the test code I make it a bit easier to add more than 1 by have a selector for 1, 5, 20, 100 addresses.

The limit is reality is probably to do with how quickly transactions are processed and screen refreshes. This is a bit unknown.
The current code is probably ok up to wallets of, say, 1000 addresses but I expect there would be some snags larger than that as it is unexplored territory.

Grouver (BtcBalance)

hero member

Activity: 530

Merit: 500

Hi Jim.
I would like to come back to the Java requirement issue.
We all know an outdated version of Java can get you infected really easy by for instance an infected email.
Since this virus could infect you with a keylogger it could intercept the password of your Multibit wallet.
This reminds me to Mike his suggestion: https://bitcointalksearch.org/topic/m.1241820

Is there any process on this important (if you ask me) subject?

Thanks.

ZoladkowaGorzka

full member

Activity: 149

Merit: 100

Is there a limit for generated addresses in wallet?

Topic: MultiBit - page 30. (Read 336316 times)