09:47:45 <ErCiccione> I'm noticing a spike of people claiming their antivirus is flagging both GUI and CLI. Much more thant the other releases
09:50:15 <ErCiccione> Would make sense to have the miner in an external binary that we call from GUI and CLI? At least the antivirus would remove/flag only the miner. I think the problem is getting worse,
09:53:49 <selsta> afaik block verification code also gets flagged
09:53:58 <selsta> so that won’t help
09:56:10 <selsta> we are thinking of getting a windows certificate for the GUI
09:59:47 <ErCiccione> Really? I didn't know that. The certificate could be a good idea. Contacting AV companies didn't really work.
10:00:32 <selsta> but that’s also not a 100% solution
10:00:33 <fluffypony> I don't know if it's feasible to strip out mining code and put it in a totally separate binary
10:01:00 <selsta> I’ve seen other binaries getting flagged too (not monerod)
10:01:51 <ErCiccione> I haven't tested the last binaries, so i honestly don't know. I'm just afrai a lot of people downloaded the GUI and deleted it right after because of their AV
10:02:59 <ErCiccione> I'm considering making a blog post about it. I think there should be some kind of "official" warning about the problem
10:03:24 <moneromooo> That's totally abuse of power. Feel free to post about this and slag them off.
10:04:04 <moneromooo> "List of lazy AV vendors who stomp on people just because it's easier than having to do actual work separating the wheat from the chaff".
10:04:13 <ErCiccione> yeah i will probably write something later today. But the problem stands. moneromooo what do you think about the miner in a separate binary?
10:04:30 <moneromooo> Or, more cynically, "List of AV vendors who got leaned on to include monero" :)
10:04:36 <moneromooo> Sucks.
10:04:52 <moneromooo> It'll get flagged anyway, so how would it help ?
10:05:36 <ErCiccione> People would still be able to use a wallet. Often flagged binaries get simply deleted without prompting the user for an action
10:06:13 <ErCiccione> but in any case, if the miner is not the only thing to get flagged, it wouldn't solve the problem
10:06:40 <moneromooo> Oh great. Only works for people using a stranger's node. No thanks.
10:07:39 <ErCiccione> what do you mean? If the binary get removed they cannot use anybody's node
10:07:46 <moneromooo> Though... I suppose it's technically better. Though it does create an incentive to use a stranger's node rather than investigate.
10:08:06 <moneromooo> Why not ? The AV can't scan what's running on another machine.
10:08:14 <selsta> Like I said, there is no proof that monerod is the only thing that gets flagged.
10:08:29 <selsta> I have seen monero-blockchain-export get flagged which should not include a miner?
10:08:55 <moneromooo> It probably includes it, the miner's in cryponote_basic.
10:09:44 <ErCiccione> Yeah that's what i mean, i remembered both being flagged in past
10:09:55 <ErCiccione> (both daemon and wallet)
10:10:09 <selsta> I think the best chance we have is using code certificates and asking AV companies to ignore them
10:10:21 <selsta> but they don’t play well together with reproducible builds
10:12:02 <fluffypony> fwiw there are AV vendors that had Bitcoin flagged for ages
10:12:06 <fluffypony> probably some that still do
10:12:27 <selsta> Windows Defender is the one we should care about
10:13:19 <ErCiccione> I think i contacted them some time ago, but didn't get an answer back
10:13:23 <moneromooo> That's the MS one, right ? MS who are now shipping adware with windows, making an anti malware program... Guess it doesn't detect the adware, right ?
10:13:31 <selsta> ErCiccione: did you submit it here? https://www.microsoft.com/en-us/wdsi/filesubmission
10:13:53 <selsta> yep, that’s the default one
10:14:06 <selsta> and I didn’t even figure out how to disable it in a VM
10:14:10 <ErCiccione> Yeah, i wrote some kind of report in an issue, wait a sec
10:15:08 <ErCiccione> https://github.com/monero-project/monero-gui/issues/1747
10:15:17 <ErCiccione> the answer is not visible anymore
10:15:29 <ErCiccione> the report was here: https://www.microsoft.com/en-us/wdsi/submission/9db5c5c0-5f43-419a-bf93-452f06341a8f
10:15:59 <selsta> yep, that’s why I suggested a cert so that we have better chances
10:16:49 <selsta> still sucks, MS flagging software and then asking for $$$ to get a certificate
10:17:18 <ErCiccione> MS are being moneygrabbing assholes? no way
10:17:18 <ErCiccione> :p
10:19:10 <moneromooo> If anyone writes to them, you could make the point that flagging it is putting their users at risk, since they'll have to run it while flagged, which means they won't be able to make the difference between the real monerod and an infected one.
10:19:59 <selsta> probably impossible to talk to a real person there anyway
10:25:55 <rbrunner> If we had any mining / PoW hash related code in a separate DLL, and that gets quarantined or deleted outright, wouldn't that mean nothing could get verified anymore?
10:26:10 <fluffypony> depends
10:26:16 <fluffypony> if the signature is on block validation code then yes
10:26:22 <fluffypony> if it's only on the actual mining code then no
10:26:38 <fluffypony> I wonder if it's not on the PoW function in general
10:26:59 <rbrunner> That would also be my guess
10:28:37 <rbrunner> I doubt anyway that we are anywhere near the top of the AV vendors' list of "people to try not to hurt". (Also known as "Who gives a fuck about those people?")
10:32:31 <fluffypony> "we'd better not anger that fluffypony guy, he'll say mean things about us on Twitter"
11:12:11 <dEBRUYNE> Just to jump in, I've seen multiple reports where other binaries also get flagged
11:12:24 <dEBRUYNE> Not only monerod and monero-wallet-cli/monero-wallet-gui
11:12:32 <dEBRUYNE> E.g. the spent tool would also get flagged
11:12:35 <dEBRUYNE> Or the blockchain prune tool
11:23:00 <fluffypony> ah yeah then it's definitely a more generic signature
11:23:00 <fluffypony> so dumb
11:25:31 <dEBRUYNE> Separating the code seems tedious and of little benefit to be honest
11:25:35 <dEBRUYNE> I'd try to go the cert route first
11:26:54 <moneromooo> I don't think it'd be tedious.
11:36:16 <rbrunner> Well, establishing the library / DLL through "make" changes maybe not, but making the system work even if the DLL goes missing maybe yes (if even feasible)
11:37:28 <Inge-> Is there still some ideological reason to keep them together?
11:39:35 <rbrunner> Almost everything is kept together. That's why they are all big single binaries. Less chances for something go wrong, no "DLL hell", less attack surface for DLL hijacking, etc.
11:43:18 <fluffypony> Inge-: the architecture we inherited was a little monolithic, so some of it is just historical
11:43:27 <fluffypony> it's a billion times better now than it used to be
11:44:44 <Inge-> I guess the actual mining code HAS to be present in general in order to validate transactions?
11:45:24 <moneromooo> For blocks only.
11:48:15 <Inge-> *blocks
12:04:21 <moneromooo> Does anyone have windows and xmrig ?
12:04:33 <moneromooo> If so, does it get blackballed ?
12:07:28 <fluffypony> just submit xmrig to virustotal and see?
12:08:11 <moneromooo> Not interested enough to work out how to do that, so nevermind.
12:09:45 <fluffypony> oh you just upload the binary to https://www.virustotal.com
12:10:19 <fluffypony> https://www.virustotal.com/gui/url/19bd35c31403e0dfe548103f1c70f0d71fff0aae84ba55395fed18c4cf062413/detection
12:10:52 <fluffypony> https://www.virustotal.com/gui/url/6abbc1997fe1d0effef6d2cc38e3fa3a10f977e091aa6f09f4976518ab0ef40d/detection
12:11:04 <fluffypony> those are the two xmrig Windows downloads
12:11:47 <fluffypony> and the actual binary
12:11:49 <fluffypony> https://www.virustotal.com/gui/file/236d040eef470e53d16c5619daa4a9a2d096e7bea215466c7f845f7786301a47/detection
12:11:58 <fluffypony> https://www.virustotal.com/gui/file/d79462f8bf5a3c2571bbac460d3b67200108cc701cca685d8a645c46b9efa735/detection
12:12:06 <fluffypony> both gcc and msvc are total pools of red
12:41:42 <sech1> xmrig is totally blackballed everywhere, you can't even download it from github without jumping through some hoops
12:48:32 <rbrunner> I guess that's the price of success, if your coin and its PoW algorithm are so good the whole world wants to go for it, including shady people ...
12:55:12 <fluffypony> rbrunner: I think it's more a product of eschewing ASICs, so it becomes something that malware uses
12:55:41 <fluffypony> ie. it's not Monero itself that's being targeted, it's malware that mines Monero, often by just including Monero / xmrig / whatever binaries in the malware package
12:55:53 <fluffypony> (because malware authors are lazy and just shell out for everything)
12:56:07 <rbrunner> Yeah, depending on the definition of "good" eschewing ASICs is part of it.
12:57:13 <rbrunner> Right, not Monero per se is targeted by the malware, but mining any old worthless shitcoin would not be worth the bother for the criminals, right?
12:58:01 <rbrunner> Anyway, maybe better to smalltalk about this over in #monero ...
19:21:16 <hyc> hmmmm. something broken in monerod start_mining:
19:21:22 <hyc> start_mining <address>
19:21:31 <hyc> 2020-06-02 19:20:30.360 E Exception at [console_handler], what=Tx not found in txpool:
19:23:15 <selsta> release binaries?
19:23:53 <hyc> yeah
19:23:57 <hyc> restarting monerod cleared it
19:27:49 <hyc> must be a bogus block somewhere
19:27:59 <hyc> 2020-06-02 19:26:59.054 E Exception at [core::handle_incoming_block()], what=Tx not found in txpool:
19:29:28 <hyc> daemon miner is making no progress after that occurs. "show_hr" rate output stops.
19:30:51 <hyc> if you stop_mining, cannot start_mining again.
19:30:56 <moneromooo> Even after restarting the daemon ? I'd expect this to be due to the "pool txes sorted by fee/byte" map, which is in RAM so can get out of sync on error causing a db txn abort.
19:31:57 <hyc> after restarting daemon, start_mining works. until that error message occurs, then it stops.
19:33:14 <moneromooo> Can you restart with --log-level 2,*thro*:ERROR till it does it again ? I can mine fine here, no such error.
19:33:26 <hyc> ok
19:35:01 <moneromooo> And print_pool_sh before the error, and after the error
19:35:08 <hyc> getting swamped with output
19:35:27 <moneromooo> --log-level 1,*pool*:DEBUG
19:36:11 <hyc> a bit better
19:36:26 <moneromooo> And a mdb_dump of txpool_meta before and after the error would also help.
19:39:00 <hyc> getting the before may be difficult, I dunno when it's going to happen
19:39:37 <moneromooo> Fair. Sounded like you got it again a few minutes after restart, but maybe it was freak chance.
19:39:50 <hyc> yeah, it isn't happening at the moment
19:51:13 <hyc> still not happening, I've turned logging back off
20:05:21 <hyc> shit. of course it happened now
20:13:46 <hyc> what logs I got https://paste.centos.org/view/03101bb0
20:14:44 <hyc> txpool_meta dump https://paste.centos.org/view/937df9aa
20:16:01 <hyc> in the log, error seems to show at line 124
20:16:43 <hyc> maybe earlier at line 60
20:36:19 <niocbrrrrrr> I have 2 machines with windows defender  the one with monero did not flag 0.16.0 when I installed it  I did however add it to the exclusions list just in case
20:36:22 <niocbrrrrrr> same for WOW
20:36:54 <niocbrrrrrr> on my mining machine I was able to download xmrig with no problem
20:37:45 <niocbrrrrrr> not sure if any part of it was flagged by defender
20:39:09 <niocbrrrrrr> both windows 10
22:26:30 <selsta> iDunk: do you remember if the QR code PR was working on Windows?
22:26:36 <selsta> I don’t remember what we ended up with.
22:27:32 <iDunk> IIRC, you reverted... something, because it broke... something else.
22:29:11 <iDunk> Ah, it broke UTF-8 paths on Windows, so I think you reverted it to your original commit (i.e. not working on Windows).
22:33:13 <selsta> so https://github.com/monero-project/monero/pull/6488#issuecomment-622505062 would work but it’s quite ugly
22:34:47 <iDunk> That works, and I don't think it affects any console i/o but the display of the qr code.
22:35:22 <iDunk> However, it should probably be tested with several locales.