-
ErCiccione
I'm noticing a spike of people claiming their antivirus is flagging both GUI and CLI. Much more thant the other releases
-
ErCiccione
Would make sense to have the miner in an external binary that we call from GUI and CLI? At least the antivirus would remove/flag only the miner. I think the problem is getting worse,
-
selsta
afaik block verification code also gets flagged
-
selsta
so that won’t help
-
selsta
we are thinking of getting a windows certificate for the GUI
-
ErCiccione
Really? I didn't know that. The certificate could be a good idea. Contacting AV companies didn't really work.
-
selsta
but that’s also not a 100% solution
-
fluffypony
I don't know if it's feasible to strip out mining code and put it in a totally separate binary
-
selsta
I’ve seen other binaries getting flagged too (not monerod)
-
ErCiccione
I haven't tested the last binaries, so i honestly don't know. I'm just afrai a lot of people downloaded the GUI and deleted it right after because of their AV
-
ErCiccione
I'm considering making a blog post about it. I think there should be some kind of "official" warning about the problem
-
moneromooo
That's totally abuse of power. Feel free to post about this and slag them off.
-
moneromooo
"List of lazy AV vendors who stomp on people just because it's easier than having to do actual work separating the wheat from the chaff".
-
ErCiccione
yeah i will probably write something later today. But the problem stands. moneromooo what do you think about the miner in a separate binary?
-
moneromooo
Or, more cynically, "List of AV vendors who got leaned on to include monero" :)
-
moneromooo
Sucks.
-
moneromooo
It'll get flagged anyway, so how would it help ?
-
ErCiccione
People would still be able to use a wallet. Often flagged binaries get simply deleted without prompting the user for an action
-
ErCiccione
but in any case, if the miner is not the only thing to get flagged, it wouldn't solve the problem
-
moneromooo
Oh great. Only works for people using a stranger's node. No thanks.
-
ErCiccione
what do you mean? If the binary get removed they cannot use anybody's node
-
moneromooo
Though... I suppose it's technically better. Though it does create an incentive to use a stranger's node rather than investigate.
-
moneromooo
Why not ? The AV can't scan what's running on another machine.
-
selsta
Like I said, there is no proof that monerod is the only thing that gets flagged.
-
selsta
I have seen monero-blockchain-export get flagged which should not include a miner?
-
moneromooo
It probably includes it, the miner's in cryponote_basic.
-
ErCiccione
Yeah that's what i mean, i remembered both being flagged in past
-
ErCiccione
(both daemon and wallet)
-
selsta
I think the best chance we have is using code certificates and asking AV companies to ignore them
-
selsta
but they don’t play well together with reproducible builds
-
fluffypony
fwiw there are AV vendors that had Bitcoin flagged for ages
-
fluffypony
probably some that still do
-
selsta
Windows Defender is the one we should care about
-
ErCiccione
I think i contacted them some time ago, but didn't get an answer back
-
moneromooo
That's the MS one, right ? MS who are now shipping adware with windows, making an anti malware program... Guess it doesn't detect the adware, right ?
-
selsta
-
selsta
yep, that’s the default one
-
selsta
and I didn’t even figure out how to disable it in a VM
-
ErCiccione
Yeah, i wrote some kind of report in an issue, wait a sec
-
ErCiccione
-
ErCiccione
the answer is not visible anymore
-
ErCiccione
-
selsta
yep, that’s why I suggested a cert so that we have better chances
-
selsta
still sucks, MS flagging software and then asking for $$$ to get a certificate
-
ErCiccione
MS are being moneygrabbing assholes? no way
-
ErCiccione
:p
-
moneromooo
If anyone writes to them, you could make the point that flagging it is putting their users at risk, since they'll have to run it while flagged, which means they won't be able to make the difference between the real monerod and an infected one.
-
selsta
probably impossible to talk to a real person there anyway
-
rbrunner
If we had any mining / PoW hash related code in a separate DLL, and that gets quarantined or deleted outright, wouldn't that mean nothing could get verified anymore?
-
fluffypony
depends
-
fluffypony
if the signature is on block validation code then yes
-
fluffypony
if it's only on the actual mining code then no
-
fluffypony
I wonder if it's not on the PoW function in general
-
rbrunner
That would also be my guess
-
rbrunner
I doubt anyway that we are anywhere near the top of the AV vendors' list of "people to try not to hurt". (Also known as "Who gives a fuck about those people?")
-
fluffypony
"we'd better not anger that fluffypony guy, he'll say mean things about us on Twitter"
-
dEBRUYNE
Just to jump in, I've seen multiple reports where other binaries also get flagged
-
dEBRUYNE
Not only monerod and monero-wallet-cli/monero-wallet-gui
-
dEBRUYNE
E.g. the spent tool would also get flagged
-
dEBRUYNE
Or the blockchain prune tool
-
fluffypony
ah yeah then it's definitely a more generic signature
-
fluffypony
so dumb
-
dEBRUYNE
Separating the code seems tedious and of little benefit to be honest
-
dEBRUYNE
I'd try to go the cert route first
-
moneromooo
I don't think it'd be tedious.
-
rbrunner
Well, establishing the library / DLL through "make" changes maybe not, but making the system work even if the DLL goes missing maybe yes (if even feasible)
-
Inge-
Is there still some ideological reason to keep them together?
-
rbrunner
Almost everything is kept together. That's why they are all big single binaries. Less chances for something go wrong, no "DLL hell", less attack surface for DLL hijacking, etc.
-
fluffypony
Inge-: the architecture we inherited was a little monolithic, so some of it is just historical
-
fluffypony
it's a billion times better now than it used to be
-
Inge-
I guess the actual mining code HAS to be present in general in order to validate transactions?
-
moneromooo
For blocks only.
-
Inge-
*blocks
-
moneromooo
Does anyone have windows and xmrig ?
-
moneromooo
If so, does it get blackballed ?
-
fluffypony
just submit xmrig to virustotal and see?
-
moneromooo
Not interested enough to work out how to do that, so nevermind.
-
fluffypony
oh you just upload the binary to
virustotal.com
-
fluffypony
-
fluffypony
-
fluffypony
those are the two xmrig Windows downloads
-
fluffypony
and the actual binary
-
fluffypony
-
fluffypony
-
fluffypony
both gcc and msvc are total pools of red
-
sech1
xmrig is totally blackballed everywhere, you can't even download it from github without jumping through some hoops
-
rbrunner
I guess that's the price of success, if your coin and its PoW algorithm are so good the whole world wants to go for it, including shady people ...
-
fluffypony
rbrunner: I think it's more a product of eschewing ASICs, so it becomes something that malware uses
-
fluffypony
ie. it's not Monero itself that's being targeted, it's malware that mines Monero, often by just including Monero / xmrig / whatever binaries in the malware package
-
fluffypony
(because malware authors are lazy and just shell out for everything)
-
rbrunner
Yeah, depending on the definition of "good" eschewing ASICs is part of it.
-
rbrunner
Right, not Monero per se is targeted by the malware, but mining any old worthless shitcoin would not be worth the bother for the criminals, right?
-
rbrunner
Anyway, maybe better to smalltalk about this over in #monero ...
-
hyc
hmmmm. something broken in monerod start_mining:
-
hyc
start_mining <address>
-
hyc
2020-06-02 19:20:30.360 E Exception at [console_handler], what=Tx not found in txpool:
-
selsta
release binaries?
-
hyc
yeah
-
hyc
restarting monerod cleared it
-
hyc
must be a bogus block somewhere
-
hyc
2020-06-02 19:26:59.054 E Exception at [core::handle_incoming_block()], what=Tx not found in txpool:
-
hyc
daemon miner is making no progress after that occurs. "show_hr" rate output stops.
-
hyc
if you stop_mining, cannot start_mining again.
-
moneromooo
Even after restarting the daemon ? I'd expect this to be due to the "pool txes sorted by fee/byte" map, which is in RAM so can get out of sync on error causing a db txn abort.
-
hyc
after restarting daemon, start_mining works. until that error message occurs, then it stops.
-
moneromooo
Can you restart with --log-level 2,*thro*:ERROR till it does it again ? I can mine fine here, no such error.
-
hyc
ok
-
moneromooo
And print_pool_sh before the error, and after the error
-
hyc
getting swamped with output
-
moneromooo
--log-level 1,*pool*:DEBUG
-
hyc
a bit better
-
moneromooo
And a mdb_dump of txpool_meta before and after the error would also help.
-
hyc
getting the before may be difficult, I dunno when it's going to happen
-
moneromooo
Fair. Sounded like you got it again a few minutes after restart, but maybe it was freak chance.
-
hyc
yeah, it isn't happening at the moment
-
hyc
still not happening, I've turned logging back off
-
hyc
shit. of course it happened now
-
hyc
-
hyc
-
hyc
in the log, error seems to show at line 124
-
hyc
maybe earlier at line 60
-
niocbrrrrrr
I have 2 machines with windows defender the one with monero did not flag 0.16.0 when I installed it I did however add it to the exclusions list just in case
-
niocbrrrrrr
same for WOW
-
niocbrrrrrr
on my mining machine I was able to download xmrig with no problem
-
niocbrrrrrr
not sure if any part of it was flagged by defender
-
niocbrrrrrr
both windows 10
-
selsta
iDunk: do you remember if the QR code PR was working on Windows?
-
selsta
I don’t remember what we ended up with.
-
iDunk
IIRC, you reverted... something, because it broke... something else.
-
iDunk
Ah, it broke UTF-8 paths on Windows, so I think you reverted it to your original commit (i.e. not working on Windows).
-
selsta
-
iDunk
That works, and I don't think it affects any console i/o but the display of the qr code.
-
iDunk
However, it should probably be tested with several locales.