trezor / trezor-mcu Goto Github PK

:lock: Don't use this repo, use the new monorepo instead:

Home Page: https://github.com/trezor/trezor-firmware

License: GNU Lesser General Public License v3.0

Makefile 0.85% C 91.37% Python 2.39% Shell 1.04% C++ 2.50% Assembly 0.42% Perl 0.40% Dockerfile 0.33% Mako 0.67% Nix 0.03%

bitcoin trezor hardware wallet open-source embedded arm

trezor-mcu's Introduction

TREZOR One Bootloader and Firmware

https://trezor.io/

How to build the TREZOR bootloader, firmware and emulator

Ensure that you have Docker installed. You can follow Docker's installation instructions.

Clone this repository:

git clone https://github.com/trezor/trezor-mcu.git`
cd trezor-mcu

Use the build.sh command to build the images.

to build bootloader 1.6.0 and firmware 1.7.0:
```
./build.sh bl1.6.0 v1.7.0
```
to build latest firmware from master:
```
./build.sh
```
to build the emulator from master:
```
./build.sh EMU
```
to build the emulator for version 1.7.0:
```
./build.sh EMU v1.7.0
```

Build results are stored in the build/ directory. File bootloader-<tag>.bin represents the bootloader, trezor-<tag>.bin is the firmware image, and trezor-emulator-<tag>.elf is the emulator executable.

You can use TREZOR_OLED_SCALE environment variable to make emulator screen bigger.

How to get fingerprint of firmware signed and distributed by SatoshiLabs?

Pick version of firmware binary listed on https://wallet.trezor.io/data/firmware/1/releases.json
Download it: wget -O trezor.signed.bin https://wallet.trezor.io/data/firmware/1/trezor-1.6.1.bin
Compute fingerprint: tail -c +257 trezor.signed.bin | sha256sum

Step 3 should produce the same sha256 fingerprint like your local build (for the same version tag). Firmware has a special header (of length 256 bytes) holding signatures themselves, which must be avoided while calculating the fingerprint, that's why tail command has to be used.

How to install custom built firmware?

WARNING: This will erase the recovery seed stored on the device! You should never do this on TREZOR that contains coins!

Install python-trezor: pip install trezor (more info)
trezorctl firmware_update -f build/trezor-TAG.bin

Building for development

If you want to build device firmware, make sure you have the GNU ARM Embedded toolchain installed. You will also need Python 3.5 or later and pipenv.

If you want to build the emulator instead of the firmware, run export EMULATOR=1 TREZOR_TRANSPORT_V1=1
If you want to build with the debug link, run export DEBUG_LINK=1. Use this if you want to run the device tests.
When you change these variables, use script/setup to clean the repository

To initialize the repository, run script/setup
To initialize a Python environment, run pipenv install
To build the firmware or emulator, run pipenv run script/cibuild

If you are building device firmware, the firmware will be in firmware/trezor.bin.

You can launch the emulator using firmware/trezor.elf. To use trezorctl with the emulator, use trezorctl -p udp (for example, trezorctl -p udp get_features).

trezor-mcu's People

Contributors

Stargazers

Watchers

Forkers

redpola ddworken esuncloud therob3000 didtoo akatopaz darrenturn90 ot4me gpl-trezor rfree cyrozap opentrezor schildbach jpochyla jhoenicke propulsions hematuba kefkius elm4ever u20024804 hno mazaclub romanz jisqyv bgok subtly aussiehash darkskiez pepeanguita youareageologist cafxx rebroad linagee chutzpah-sexy axic ondrejsika klao dashpay bitcartel chainsquad daira nn1k1kvn slavik0329 revler1082 mrudtf duckybsd chaeplin ecdsa snipa22 nining anfauglith peterzen deosai wangnan31415926 seciot shariarislam mickayz bellmoney cryptcoin-junkey cy99 ryanborgeson dinkin fujicoin phutchins vertcoin-project bofhbug kevin-chau mikalv targhee jpz iota-trezor sunnipaul takeratta romanornr mattnnz vischub gyldcs zulucrypto ivanahepjuk mizunashi brianpugh gertjaap jnnabugwu r3sult bulozb leo121 xaxuke zhangyongjiang jcjcomeon solipsis variousforks arlm-keller thelennt ifarhankhan achow101 yate exeabyss xiaolongde davidftv adamhickerson

trezor-mcu's Issues

Decryption doesn't work for non-trezor encrypted messages

I get a bad nonce error about decrypting a message encrypted with Electrum in its encrypt message screen.

I believe Electrum does the same as bitcoind so I'd like to understand what's wrong here.

Thanks.

Initialize while waiting after wrong PIN

When TREZOR is waiting for PIN matrix after repeated wrong PIN attempts, and computer stops communication, starts another communication and sends Initialize, TREZOR replies with PIN request and starts counting down again, even when Initialize shouldn't get PIN request.

Also, maybe more importantly, even when the computer correctly sends the PIN, the countdown starts again, as if the previous request didn't run.

Examples, using python-trezor and forking

Put STAGE_2 after confirmations

The "STAGE_2" streaming can take a long time, especially with really big previous transactions. Would it be possible to put the STAGE_2 after the confirmations? So rather than "wait a long time - confirm - wait a long time", the scenario would be "confirm - wait a long time".

This might probably not be possible, I am just interested why :)

GetPublicKey - show_display feature

Show on display feature for GetPublicKey message (similar to GetAddress).

indicate lock / unlock state on TREZOR screen + hold confirm button to lock

motivation: TREZOR's should display it's state securely, not rely on software, locking by holding confirm button for 1 second in idle state is 10x more convenient then locking through browers, mainly when the mytrezor other wallet is not shown. Also we don't want to rely on specific wallet implementation to do this right.
optionally this feature could be turned on / off in settings
optionally there could be two types (locked / unlocked) of screen savers sets by user not one

Protocol failure message - how to recover?

I'm trying to implement wallet recovery in electrum.

Electrum currently bombs out if it gets a Failure message when recovering a wallet when going through the trezor recovery steps of entering 24 words. If I enter a misspelt word or the wrong word, I get a "Wrong word retyped" or "Word not found in wordlist" error. Protcol-wise, what should I do to say "OK" and be able to continue? The current loop in client.py, call() around line 164 is raising an exception via callback_Failure. I would like to be able to re-attempt that word. Is this possible? I really hope it is - simply abandoning the user after they've entered 20 words and mistyped the 21st is not very friendly.

In a similar vein, if the user cancels their pin entry, I get an exception. I'd like to be able to re-implement callback_Failure and return an "OK; ignore it" message. At present, in order to not bother the Electrum user with unwanted exceptions, I'm overriding callback_Failure and throwing a SilentException (defined in Electrum) in order to unwind the stack. The caller in Electrum catches the exception and displays it to the user, unless it's a SilentException, in which case it's just swallowed. This works but is a tedious workaround to the fact that the call() function / the protocol seems to require an exception to be thrown in case of failure because there is no other way of unwinding the stack because there is no "OK; failure acknowleged" protocol message that the device will accept after it sends a failure message. Am I missing something? I hope my question is clear.

use static ram for entropy source?

Can trezor wallet copy idea from mycelium entropy and use static ram for entropy source? This would be another way of avoiding dependence on /dev/random on naughty computer.

From https://mycelium.com/assets/entropy/me.html :

"When Mycelium Entropy is inserted into a USB port, it takes the contents of its microcontroller’s built-in static RAM as the primary source of entropy. This method is based on the paper by D.E. Holcomb, W.P. Burleson, and K. Fu: Power-up SRAM State as an Identifying Fingerprint and Source of True Random Numbers (IEEE Transactions on Computers, vol. 58, issue 9, 2009; DOI: 10.1109/TC.2008.212). Their results were confirmed by analysing the raw data collected from the Mycelium Entropy microcontroller.

The paper gives a conservative estimate that 32 bits of SRAM contain at least one bit of entropy on power-up. (The actual ratio is closer to 22:1.) The device collects 24 kbytes of raw data. This is estimated to have more than 6144 bits of entropy, or 24 times more than required.

Multiple health checks are run on the SRAM data to confirm its randomness."

abstract at

http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.164.6432

and full paper at

http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=795F927399F2A2B140FBDBCDC009BDEE?doi=10.1.1.164.6432&rep=rep1&type=pdf

Double size of the font for some information shown on display

It would be nice to have some crucial information shown on the display by a larger (double sized) font. For example during the recovery phase, the number of the word should be larger for easier read.

I understand, that the firmware can have just a single font for limited memory space - to scale font using double pixels for each axis is also an acceptable solution.

Seed words should be also larger or at least shown by capitals

v1.3.1 or previous versions fingerprints not matching with releases.json

Building trezor-mcu as instructed gives different fingerprints than what's listed on https://mytrezor.com/data/firmware/releases.json
The json says v1.3.1 fingerprint is 8030e257fc4c75a8f4a0325f8ea37428dd8fc68a5f9ec5f8e2d1a0de328860cc
and my local build gives 7f55513a8d5ab1ebdd125a123c96cc230ed976993943007d7f2b31e23c05a630

Reduce flash erase cycles?

The number of Flash erase cycles is limited. Usually 10,000 cycles are guaranteed; I can't find the number the STM32F2 guarantees. For TREZOR this mainly concerns the PIN failure counter. This must be updated twice for every PIN that was entered. During this process the TREZOR has to clear the complete configuration sector and write it again. So after 5,000 PIN entries the flash may stop working, which means that the TREZOR is broken.

My suggestion would be to reserve a big block (say 4096 bytes) in the metadata area just for the PIN failure counters (or just use the full second metadata block). The format could be as follows. The block stores 1024 uint32. The first non-zero entry defines the PIN failure counter, the following entries are 0xffffffff (the initial value after an erase). The PIN failure counter is 0xffffffff for 0 failures, 0xfffffffe for 1 failures 0xfffffffc for 2 failures and so on. The reason for this format is that one can set a bit to 0 but not to 1 without erasing the flash block.

So the PIN code would find the first non-zero entry. This is interpreted as a failure counter. Inverting it will give the number of seconds to wait :). Then shift it left by one bit and write the result back (check for 0, to avoid setting the failure count to 0 after the 31st try (although this will not happen before the year 2150 anyway)). Then ask for the PIN. If PIN was entered correct write a 0 to this value. This will select the next uint32 containing a 0xffffffff on the next PIN entry. If the last entry in the PIN data block was written, erase and rewrite the config block.

Maybe I'm a bit paranoid, but I'm currently writing it on a laptop with a four year old SSD that will probably stop working in the next few weeks and is already causing the whole system to hang for several seconds on every write access.

Estimate tx fee for multisig tx

Currently tx fee estimation does not work very well for multisig transactions.

Bootloader exceeds 32kb

I can't find way or previous commits to go down below 32kb with bootloader. I have tried several ways to compile, it appears that trezor-crypto is too big even compiling with USE_PRECOMPUTED_CP=0

PIN delay increase may be at risk

Moved from Reddit forum:
I was just wondering, when the TREZOR is in hostile hands, is it possible to disable memory writing (by a hardware hack or suppling a limited voltage/current), so the delay can not be written or to power down the TREZOR just before the delay is written?
A possible solution would be to always write the delay increase to memory (and verify the write is successful), if correct PIN is given, reset the pin delay by writing 0 seconds after the first write. This is a crucial part of the TREZOR security that needs to be working as advertised.

It looks like a possible weakness in protect.c:
Put something like this before line 164:

wait = storage_getPinFails();
storage_increasePinFails();
if (wait >= storage_getPinFails()) {
     fsm_sendFailure(FailureType_Failure_PinInvalid, "Device PIN Failure");
     return false;
}

...and something has to be done so getPinFails always reads from flash (perhaps with parameter if slow), not just the buffer.
And remove line 169 could probably fix the issue (make it more fail-safe).

P.S. Should line 317 in storage.c not be (although you can do without the boolean altogether (but that would probably make a firmware update more difficult)):

storage.has_pin_failed_attempts = false;

Bitcoin string in transactionMessageSign

The magic string for signing messages with altcoins requires the coin name to be used instead of Bitcoin.

Trezor repeatedly asks for the same transactions on sending

If I am sending a transaction that spends more outputs of the same transaction, the previous transaction gets streamed to TREZOR repeatedly for every output, even when it's not necessary, which slows the signing

Extreme (but real) example:

I have received a transaction with 200 outputs, each to the same receiving address. When I want to spend the transaction now, for all of the 200 outputs, the previous transaction (which is the same) is streamed to TREZOR, with all the 200 outputs! So instead of necessary 200 outputs streamed to TREZOR, I am now streaming 200*200=40.000 outputs, over and over again.

TREZOR should remember, which previous transactions were "checked" already.

Test recovery with initialized device

same as standard recovery from user's point of view
device will not store the seed, but shows "Recovery seed checked." // "Recovery seed mismatch."

Feature to make sure, that the seed works. Will be used before wiping the device before sending it for RMA etc.

Modulo bias when dealing with random numbers

There are a couple of instances of code similar to the following:

j = random32() % 24;

This should not be used as it creates a tiny bias towards lower numbers (which numbers obviously depends on the divisor used).

More info on this type of issue can be found here: http://stackoverflow.com/a/10984975

VerifyMessage should also display address

If we want to have verification on trezor, it makes no sense to just show the message. Assuming compromised PC, attacker can send his own address and signature, defying the purpose of verification on trezor.

Docker Deterministic Build Fails

Using OSX Kitematic, the build fails. There is no /output/ folder or binary generated

bash-4.3$ git tag
v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.3.4
bash-4.3$ git checkout v1.3.4
Note: checking out 'v1.3.4'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

  git checkout -b <new-branch-name>

HEAD is now at db93a50... update trezor-crypto
bash-4.3$ ./firmware-docker-build.sh v1.3.4
Sending build context to Docker daemon 1.333 MB
Step 0 : FROM ubuntu:14.04
 ---> 0a17decee413
Step 1 : ENV GCC_ARM_VERSION 4.9.3.2015q2-1trusty1
 ---> Running in c027487a9a52
 ---> 2ed75ee62628
Removing intermediate container c027487a9a52
Step 2 : RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB
 ---> Running in 226c1723c603
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.a19MRlw41Y --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB
gpg: requesting key A3421AFB from hkp server keyserver.ubuntu.com
gpg: key A3421AFB: public key "Launchpad PPA for Terry Guo" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
 ---> 4db2e7600427
Removing intermediate container 226c1723c603
Step 3 : RUN gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --fingerprint FE324A81C208C89497EFC6246D1D8367A3421AFB
 ---> Running in 1742e18f0173
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
pub   1024R/A3421AFB 2012-09-03
      Key fingerprint = FE32 4A81 C208 C894 97EF  C624 6D1D 8367 A342 1AFB
uid                  Launchpad PPA for Terry Guo

 ---> b7bb499ad881
Removing intermediate container 1742e18f0173
Step 4 : RUN echo "deb http://ppa.launchpad.net/terry.guo/gcc-arm-embedded/ubuntu trusty main" >> /etc/apt/sources.list && apt-get update
 ---> Running in 663a81663d04
Ign http://ppa.launchpad.net trusty InRelease
Ign http://archive.ubuntu.com trusty InRelease
Get:1 http://ppa.launchpad.net trusty Release.gpg [316 B]
Get:2 http://archive.ubuntu.com trusty-updates InRelease [64.4 kB]
Get:3 http://ppa.launchpad.net trusty Release [15.1 kB]
Get:4 http://archive.ubuntu.com trusty-security InRelease [64.4 kB]
Get:5 http://ppa.launchpad.net trusty/main amd64 Packages [508 B]
Hit http://archive.ubuntu.com trusty Release.gpg
Get:6 http://archive.ubuntu.com trusty-updates/main Sources [301 kB]
Get:7 http://archive.ubuntu.com trusty-updates/restricted Sources [4513 B]
Get:8 http://archive.ubuntu.com trusty-updates/universe Sources [176 kB]
Get:9 http://archive.ubuntu.com trusty-updates/main amd64 Packages [799 kB]
Get:10 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [22.7 kB]
Get:11 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [421 kB]
Get:12 http://archive.ubuntu.com trusty-security/main Sources [123 kB]
Get:13 http://archive.ubuntu.com trusty-security/restricted Sources [3230 B]
Get:14 http://archive.ubuntu.com trusty-security/universe Sources [35.4 kB]
Get:15 http://archive.ubuntu.com trusty-security/main amd64 Packages [448 kB]
Get:16 http://archive.ubuntu.com trusty-security/restricted amd64 Packages [19.4 kB]
Get:17 http://archive.ubuntu.com trusty-security/universe amd64 Packages [151 kB]
Hit http://archive.ubuntu.com trusty Release
Get:18 http://archive.ubuntu.com trusty/main Sources [1335 kB]
Get:19 http://archive.ubuntu.com trusty/restricted Sources [5335 B]
Get:20 http://archive.ubuntu.com trusty/universe Sources [7926 kB]
Get:21 http://archive.ubuntu.com trusty/main amd64 Packages [1743 kB]
Get:22 http://archive.ubuntu.com trusty/restricted amd64 Packages [16.0 kB]
Get:23 http://archive.ubuntu.com trusty/universe amd64 Packages [7589 kB]
Fetched 21.3 MB in 54s (393 kB/s)
Reading package lists...
 ---> 06c0669f6097
Removing intermediate container 663a81663d04
Step 5 : RUN apt-get install -y build-essential git python
 ---> Running in cea45a3c0c68
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
  binutils ca-certificates cpp cpp-4.8 dpkg-dev fakeroot g++ g++-4.8 gcc
  gcc-4.8 git-man krb5-locales libalgorithm-diff-perl
  libalgorithm-diff-xs-perl libalgorithm-merge-perl libasan0 libasn1-8-heimdal
  libatomic1 libc-dev-bin libc6-dev libcloog-isl4 libcurl3-gnutls libdpkg-perl
  libedit2 liberror-perl libfakeroot libfile-fcntllock-perl libgcc-4.8-dev
  libgmp10 libgomp1 libgssapi-krb5-2 libgssapi3-heimdal libhcrypto4-heimdal
  libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libidn11
  libisl10 libitm1 libk5crypto3 libkeyutils1 libkrb5-26-heimdal libkrb5-3
  libkrb5support0 libldap-2.4-2 libmpc3 libmpfr4 libpython-stdlib
  libpython2.7-minimal libpython2.7-stdlib libquadmath0 libroken18-heimdal
  librtmp0 libsasl2-2 libsasl2-modules libsasl2-modules-db libstdc++-4.8-dev
  libtimedate-perl libtsan0 libwind0-heimdal libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 linux-libc-dev make manpages
  manpages-dev openssh-client openssl patch python-minimal python2.7
  python2.7-minimal rsync xauth xz-utils
Suggested packages:
  binutils-doc cpp-doc gcc-4.8-locales debian-keyring g++-multilib
  g++-4.8-multilib gcc-4.8-doc libstdc++6-4.8-dbg gcc-multilib autoconf
  automake1.9 libtool flex bison gdb gcc-doc gcc-4.8-multilib libgcc1-dbg
  libgomp1-dbg libitm1-dbg libatomic1-dbg libasan0-dbg libtsan0-dbg
  libquadmath0-dbg gettext-base git-daemon-run git-daemon-sysvinit git-doc
  git-el git-email git-gui gitk gitweb git-arch git-bzr git-cvs git-mediawiki
  git-svn glibc-doc krb5-doc krb5-user libsasl2-modules-otp
  libsasl2-modules-ldap libsasl2-modules-sql libsasl2-modules-gssapi-mit
  libsasl2-modules-gssapi-heimdal libstdc++-4.8-doc make-doc man-browser
  ssh-askpass libpam-ssh keychain monkeysphere ed diffutils-doc python-doc
  python-tk python2.7-doc binfmt-support openssh-server
Recommended packages:
  ssh-client
The following NEW packages will be installed:
  binutils build-essential ca-certificates cpp cpp-4.8 dpkg-dev fakeroot g++
  g++-4.8 gcc gcc-4.8 git git-man krb5-locales libalgorithm-diff-perl
  libalgorithm-diff-xs-perl libalgorithm-merge-perl libasan0 libasn1-8-heimdal
  libatomic1 libc-dev-bin libc6-dev libcloog-isl4 libcurl3-gnutls libdpkg-perl
  libedit2 liberror-perl libfakeroot libfile-fcntllock-perl libgcc-4.8-dev
  libgmp10 libgomp1 libgssapi-krb5-2 libgssapi3-heimdal libhcrypto4-heimdal
  libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libidn11
  libisl10 libitm1 libk5crypto3 libkeyutils1 libkrb5-26-heimdal libkrb5-3
  libkrb5support0 libldap-2.4-2 libmpc3 libmpfr4 libpython-stdlib
  libpython2.7-minimal libpython2.7-stdlib libquadmath0 libroken18-heimdal
  librtmp0 libsasl2-2 libsasl2-modules libsasl2-modules-db libstdc++-4.8-dev
  libtimedate-perl libtsan0 libwind0-heimdal libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 libxext6 libxmuu1 linux-libc-dev make manpages
  manpages-dev openssh-client openssl patch python python-minimal python2.7
  python2.7-minimal rsync xauth xz-utils
0 upgraded, 83 newly installed, 0 to remove and 7 not upgraded.
Need to get 48.7 MB of archives.
After this operation, 171 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libroken18-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [40.0 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libasn1-8-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [161 kB]
Get:3 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libkrb5support0 amd64 1.12+dfsg-2ubuntu5.1 [30.4 kB]
Get:4 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libk5crypto3 amd64 1.12+dfsg-2ubuntu5.1 [79.8 kB]
Get:5 http://archive.ubuntu.com/ubuntu/ trusty/main libkeyutils1 amd64 1.5.6-1 [7318 B]
Get:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libkrb5-3 amd64 1.12+dfsg-2ubuntu5.1 [262 kB]
Get:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libgssapi-krb5-2 amd64 1.12+dfsg-2ubuntu5.1 [113 kB]
Get:8 http://archive.ubuntu.com/ubuntu/ trusty/main libidn11 amd64 1.28-1ubuntu2 [93.0 kB]
Get:9 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libhcrypto4-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [83.9 kB]
Get:10 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libheimbase1-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [28.9 kB]
Get:11 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libwind0-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [47.8 kB]
Get:12 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libhx509-5-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [104 kB]
Get:13 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libkrb5-26-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [196 kB]
Get:14 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libheimntlm0-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [15.2 kB]
Get:15 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libgssapi3-heimdal amd64 1.6~git20131207+dfsg-1ubuntu1.1 [89.8 kB]
Get:16 http://archive.ubuntu.com/ubuntu/ trusty/main libsasl2-modules-db amd64 2.1.25.dfsg1-17build1 [14.9 kB]
Get:17 http://archive.ubuntu.com/ubuntu/ trusty/main libsasl2-2 amd64 2.1.25.dfsg1-17build1 [56.5 kB]
Get:18 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libldap-2.4-2 amd64 2.4.31-1+nmu2ubuntu8.2 [153 kB]
Get:19 http://archive.ubuntu.com/ubuntu/ trusty/main librtmp0 amd64 2.4+20121230.gitdf6c518-1 [57.5 kB]
Get:20 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libcurl3-gnutls amd64 7.35.0-1ubuntu2.5 [165 kB]
Get:21 http://archive.ubuntu.com/ubuntu/ trusty/main libedit2 amd64 3.1-20130712-2 [86.7 kB]
Get:22 http://archive.ubuntu.com/ubuntu/ trusty/main libxau6 amd64 1:1.0.8-1 [8376 B]
Get:23 http://archive.ubuntu.com/ubuntu/ trusty/main libxdmcp6 amd64 1:1.1.1-1 [12.8 kB]
Get:24 http://archive.ubuntu.com/ubuntu/ trusty/main libxcb1 amd64 1.10-2ubuntu1 [38.0 kB]
Get:25 http://archive.ubuntu.com/ubuntu/ trusty/main libx11-data all 2:1.6.2-1ubuntu2 [111 kB]
Get:26 http://archive.ubuntu.com/ubuntu/ trusty/main libx11-6 amd64 2:1.6.2-1ubuntu2 [560 kB]
Get:27 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libxext6 amd64 2:1.3.2-1ubuntu0.0.14.04.1 [28.8 kB]
Get:28 http://archive.ubuntu.com/ubuntu/ trusty/main libxmuu1 amd64 2:1.1.1-1 [11.0 kB]
Get:29 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libasan0 amd64 4.8.4-2ubuntu1~14.04 [63.0 kB]
Get:30 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libatomic1 amd64 4.8.4-2ubuntu1~14.04 [8650 B]
Get:31 http://archive.ubuntu.com/ubuntu/ trusty/main libgmp10 amd64 2:5.1.3+dfsg-1ubuntu1 [218 kB]
Get:32 http://archive.ubuntu.com/ubuntu/ trusty/main libisl10 amd64 0.12.2-1 [419 kB]
Get:33 http://archive.ubuntu.com/ubuntu/ trusty/main libcloog-isl4 amd64 0.18.2-1 [57.5 kB]
Get:34 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libgomp1 amd64 4.8.4-2ubuntu1~14.04 [23.1 kB]
Get:35 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libitm1 amd64 4.8.4-2ubuntu1~14.04 [28.6 kB]
Get:36 http://archive.ubuntu.com/ubuntu/ trusty/main libmpfr4 amd64 3.1.2-1 [203 kB]
Get:37 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libquadmath0 amd64 4.8.4-2ubuntu1~14.04 [126 kB]
Get:38 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libtsan0 amd64 4.8.4-2ubuntu1~14.04 [94.7 kB]
Get:39 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libpython2.7-minimal amd64 2.7.6-8ubuntu0.2 [308 kB]
Get:40 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python2.7-minimal amd64 2.7.6-8ubuntu0.2 [1185 kB]
Get:41 http://archive.ubuntu.com/ubuntu/ trusty/main libmpc3 amd64 1.0.1-1ubuntu1 [38.4 kB]
Get:42 http://archive.ubuntu.com/ubuntu/ trusty-updates/main openssl amd64 1.0.1f-1ubuntu2.15 [489 kB]
Get:43 http://archive.ubuntu.com/ubuntu/ trusty-updates/main ca-certificates all 20141019ubuntu0.14.04.1 [189 kB]
Get:44 http://archive.ubuntu.com/ubuntu/ trusty-updates/main krb5-locales all 1.12+dfsg-2ubuntu5.1 [13.2 kB]
Get:45 http://archive.ubuntu.com/ubuntu/ trusty/main libsasl2-modules amd64 2.1.25.dfsg1-17build1 [64.3 kB]
Get:46 http://archive.ubuntu.com/ubuntu/ trusty/main manpages all 3.54-1ubuntu1 [627 kB]
Get:47 http://archive.ubuntu.com/ubuntu/ trusty-updates/main openssh-client amd64 1:6.6p1-2ubuntu2.3 [564 kB]
Get:48 http://archive.ubuntu.com/ubuntu/ trusty-updates/main rsync amd64 3.1.0-2ubuntu0.1 [283 kB]
Get:49 http://archive.ubuntu.com/ubuntu/ trusty/main xauth amd64 1:1.0.7-1ubuntu1 [25.8 kB]
Get:50 http://archive.ubuntu.com/ubuntu/ trusty-updates/main binutils amd64 2.24-5ubuntu14 [2076 kB]
Get:51 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libc-dev-bin amd64 2.19-0ubuntu6.6 [68.9 kB]
Get:52 http://archive.ubuntu.com/ubuntu/ trusty-updates/main linux-libc-dev amd64 3.13.0-66.108 [775 kB]
Get:53 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libc6-dev amd64 2.19-0ubuntu6.6 [1910 kB]
Get:54 http://archive.ubuntu.com/ubuntu/ trusty-updates/main cpp-4.8 amd64 4.8.4-2ubuntu1~14.04 [4597 kB]
Get:55 http://archive.ubuntu.com/ubuntu/ trusty/main cpp amd64 4:4.8.2-1ubuntu6 [27.5 kB]
Get:56 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libgcc-4.8-dev amd64 4.8.4-2ubuntu1~14.04 [1687 kB]
Get:57 http://archive.ubuntu.com/ubuntu/ trusty-updates/main gcc-4.8 amd64 4.8.4-2ubuntu1~14.04 [5049 kB]
Get:58 http://archive.ubuntu.com/ubuntu/ trusty/main gcc amd64 4:4.8.2-1ubuntu6 [5098 B]
Get:59 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libstdc++-4.8-dev amd64 4.8.4-2ubuntu1~14.04 [1052 kB]
Get:60 http://archive.ubuntu.com/ubuntu/ trusty-updates/main g++-4.8 amd64 4.8.4-2ubuntu1~14.04 [15.0 MB]
Get:61 http://archive.ubuntu.com/ubuntu/ trusty/main g++ amd64 4:4.8.2-1ubuntu6 [1490 B]
Get:62 http://archive.ubuntu.com/ubuntu/ trusty/main make amd64 3.81-8.2ubuntu3 [119 kB]
Get:63 http://archive.ubuntu.com/ubuntu/ trusty/main libtimedate-perl all 2.3000-1 [37.2 kB]
Get:64 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libdpkg-perl all 1.17.5ubuntu5.4 [179 kB]
Get:65 http://archive.ubuntu.com/ubuntu/ trusty/main xz-utils amd64 5.1.1alpha+20120614-2ubuntu2 [78.8 kB]
Get:66 http://archive.ubuntu.com/ubuntu/ trusty-updates/main patch amd64 2.7.1-4ubuntu2.3 [86.4 kB]
Get:67 http://archive.ubuntu.com/ubuntu/ trusty-updates/main dpkg-dev all 1.17.5ubuntu5.4 [726 kB]
Get:68 http://archive.ubuntu.com/ubuntu/ trusty/main build-essential amd64 11.6ubuntu6 [4838 B]
Get:69 http://archive.ubuntu.com/ubuntu/ trusty/main libfakeroot amd64 1.20-3ubuntu2 [25.4 kB]
Get:70 http://archive.ubuntu.com/ubuntu/ trusty/main fakeroot amd64 1.20-3ubuntu2 [55.0 kB]
Get:71 http://archive.ubuntu.com/ubuntu/ trusty/main liberror-perl all 0.17-1.1 [21.1 kB]
Get:72 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git-man all 1:1.9.1-1ubuntu0.1 [698 kB]
Get:73 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git amd64 1:1.9.1-1ubuntu0.1 [2627 kB]
Get:74 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-perl all 1.19.02-3 [50.0 kB]
Get:75 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-xs-perl amd64 0.04-2build4 [12.6 kB]
Get:76 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-merge-perl all 0.08-2 [12.7 kB]
Get:77 http://archive.ubuntu.com/ubuntu/ trusty/main libfile-fcntllock-perl amd64 0.14-2build1 [15.9 kB]
Get:78 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libpython2.7-stdlib amd64 2.7.6-8ubuntu0.2 [1869 kB]
Get:79 http://archive.ubuntu.com/ubuntu/ trusty/main libpython-stdlib amd64 2.7.5-5ubuntu3 [7012 B]
Get:80 http://archive.ubuntu.com/ubuntu/ trusty/main manpages-dev all 3.54-1ubuntu1 [1820 kB]
Get:81 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python2.7 amd64 2.7.6-8ubuntu0.2 [196 kB]
Get:82 http://archive.ubuntu.com/ubuntu/ trusty/main python-minimal amd64 2.7.5-5ubuntu3 [27.5 kB]
Get:83 http://archive.ubuntu.com/ubuntu/ trusty/main python amd64 2.7.5-5ubuntu3 [134 kB]
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
dpkg-preconfigure: unable to re-open stdin: 
Fetched 48.7 MB in 2min 28s (328 kB/s)
Selecting previously unselected package libroken18-heimdal:amd64.
(Reading database ... 11541 files and directories currently installed.)
Preparing to unpack .../libroken18-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libroken18-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libasn1-8-heimdal:amd64.
Preparing to unpack .../libasn1-8-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libasn1-8-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libkrb5support0:amd64.
Preparing to unpack .../libkrb5support0_1.12+dfsg-2ubuntu5.1_amd64.deb ...
Unpacking libkrb5support0:amd64 (1.12+dfsg-2ubuntu5.1) ...
Selecting previously unselected package libk5crypto3:amd64.
Preparing to unpack .../libk5crypto3_1.12+dfsg-2ubuntu5.1_amd64.deb ...
Unpacking libk5crypto3:amd64 (1.12+dfsg-2ubuntu5.1) ...
Selecting previously unselected package libkeyutils1:amd64.
Preparing to unpack .../libkeyutils1_1.5.6-1_amd64.deb ...
Unpacking libkeyutils1:amd64 (1.5.6-1) ...
Selecting previously unselected package libkrb5-3:amd64.
Preparing to unpack .../libkrb5-3_1.12+dfsg-2ubuntu5.1_amd64.deb ...
Unpacking libkrb5-3:amd64 (1.12+dfsg-2ubuntu5.1) ...
Selecting previously unselected package libgssapi-krb5-2:amd64.
Preparing to unpack .../libgssapi-krb5-2_1.12+dfsg-2ubuntu5.1_amd64.deb ...
Unpacking libgssapi-krb5-2:amd64 (1.12+dfsg-2ubuntu5.1) ...
Selecting previously unselected package libidn11:amd64.
Preparing to unpack .../libidn11_1.28-1ubuntu2_amd64.deb ...
Unpacking libidn11:amd64 (1.28-1ubuntu2) ...
Selecting previously unselected package libhcrypto4-heimdal:amd64.
Preparing to unpack .../libhcrypto4-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libhcrypto4-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libheimbase1-heimdal:amd64.
Preparing to unpack .../libheimbase1-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libheimbase1-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libwind0-heimdal:amd64.
Preparing to unpack .../libwind0-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libwind0-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libhx509-5-heimdal:amd64.
Preparing to unpack .../libhx509-5-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libhx509-5-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libkrb5-26-heimdal:amd64.
Preparing to unpack .../libkrb5-26-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libkrb5-26-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libheimntlm0-heimdal:amd64.
Preparing to unpack .../libheimntlm0-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libheimntlm0-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libgssapi3-heimdal:amd64.
Preparing to unpack .../libgssapi3-heimdal_1.6~git20131207+dfsg-1ubuntu1.1_amd64.deb ...
Unpacking libgssapi3-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Selecting previously unselected package libsasl2-modules-db:amd64.
Preparing to unpack .../libsasl2-modules-db_2.1.25.dfsg1-17build1_amd64.deb ...
Unpacking libsasl2-modules-db:amd64 (2.1.25.dfsg1-17build1) ...
Selecting previously unselected package libsasl2-2:amd64.
Preparing to unpack .../libsasl2-2_2.1.25.dfsg1-17build1_amd64.deb ...
Unpacking libsasl2-2:amd64 (2.1.25.dfsg1-17build1) ...
Selecting previously unselected package libldap-2.4-2:amd64.
Preparing to unpack .../libldap-2.4-2_2.4.31-1+nmu2ubuntu8.2_amd64.deb ...
Unpacking libldap-2.4-2:amd64 (2.4.31-1+nmu2ubuntu8.2) ...
Selecting previously unselected package librtmp0:amd64.
Preparing to unpack .../librtmp0_2.4+20121230.gitdf6c518-1_amd64.deb ...
Unpacking librtmp0:amd64 (2.4+20121230.gitdf6c518-1) ...
Selecting previously unselected package libcurl3-gnutls:amd64.
Preparing to unpack .../libcurl3-gnutls_7.35.0-1ubuntu2.5_amd64.deb ...
Unpacking libcurl3-gnutls:amd64 (7.35.0-1ubuntu2.5) ...
Selecting previously unselected package libedit2:amd64.
Preparing to unpack .../libedit2_3.1-20130712-2_amd64.deb ...
Unpacking libedit2:amd64 (3.1-20130712-2) ...
Selecting previously unselected package libxau6:amd64.
Preparing to unpack .../libxau6_1%3a1.0.8-1_amd64.deb ...
Unpacking libxau6:amd64 (1:1.0.8-1) ...
Selecting previously unselected package libxdmcp6:amd64.
Preparing to unpack .../libxdmcp6_1%3a1.1.1-1_amd64.deb ...
Unpacking libxdmcp6:amd64 (1:1.1.1-1) ...
Selecting previously unselected package libxcb1:amd64.
Preparing to unpack .../libxcb1_1.10-2ubuntu1_amd64.deb ...
Unpacking libxcb1:amd64 (1.10-2ubuntu1) ...
Selecting previously unselected package libx11-data.
Preparing to unpack .../libx11-data_2%3a1.6.2-1ubuntu2_all.deb ...
Unpacking libx11-data (2:1.6.2-1ubuntu2) ...
Selecting previously unselected package libx11-6:amd64.
Preparing to unpack .../libx11-6_2%3a1.6.2-1ubuntu2_amd64.deb ...
Unpacking libx11-6:amd64 (2:1.6.2-1ubuntu2) ...
Selecting previously unselected package libxext6:amd64.
Preparing to unpack .../libxext6_2%3a1.3.2-1ubuntu0.0.14.04.1_amd64.deb ...
Unpacking libxext6:amd64 (2:1.3.2-1ubuntu0.0.14.04.1) ...
Selecting previously unselected package libxmuu1:amd64.
Preparing to unpack .../libxmuu1_2%3a1.1.1-1_amd64.deb ...
Unpacking libxmuu1:amd64 (2:1.1.1-1) ...
Selecting previously unselected package libasan0:amd64.
Preparing to unpack .../libasan0_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libasan0:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libatomic1:amd64.
Preparing to unpack .../libatomic1_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libatomic1:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libgmp10:amd64.
Preparing to unpack .../libgmp10_2%3a5.1.3+dfsg-1ubuntu1_amd64.deb ...
Unpacking libgmp10:amd64 (2:5.1.3+dfsg-1ubuntu1) ...
Selecting previously unselected package libisl10:amd64.
Preparing to unpack .../libisl10_0.12.2-1_amd64.deb ...
Unpacking libisl10:amd64 (0.12.2-1) ...
Selecting previously unselected package libcloog-isl4:amd64.
Preparing to unpack .../libcloog-isl4_0.18.2-1_amd64.deb ...
Unpacking libcloog-isl4:amd64 (0.18.2-1) ...
Selecting previously unselected package libgomp1:amd64.
Preparing to unpack .../libgomp1_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libgomp1:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libitm1:amd64.
Preparing to unpack .../libitm1_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libitm1:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libmpfr4:amd64.
Preparing to unpack .../libmpfr4_3.1.2-1_amd64.deb ...
Unpacking libmpfr4:amd64 (3.1.2-1) ...
Selecting previously unselected package libquadmath0:amd64.
Preparing to unpack .../libquadmath0_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libquadmath0:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libtsan0:amd64.
Preparing to unpack .../libtsan0_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libtsan0:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package libpython2.7-minimal:amd64.
Preparing to unpack .../libpython2.7-minimal_2.7.6-8ubuntu0.2_amd64.deb ...
Unpacking libpython2.7-minimal:amd64 (2.7.6-8ubuntu0.2) ...
Selecting previously unselected package python2.7-minimal.
Preparing to unpack .../python2.7-minimal_2.7.6-8ubuntu0.2_amd64.deb ...
Unpacking python2.7-minimal (2.7.6-8ubuntu0.2) ...
Selecting previously unselected package libmpc3:amd64.
Preparing to unpack .../libmpc3_1.0.1-1ubuntu1_amd64.deb ...
Unpacking libmpc3:amd64 (1.0.1-1ubuntu1) ...
Selecting previously unselected package openssl.
Preparing to unpack .../openssl_1.0.1f-1ubuntu2.15_amd64.deb ...
Unpacking openssl (1.0.1f-1ubuntu2.15) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20141019ubuntu0.14.04.1_all.deb ...
Unpacking ca-certificates (20141019ubuntu0.14.04.1) ...
Selecting previously unselected package krb5-locales.
Preparing to unpack .../krb5-locales_1.12+dfsg-2ubuntu5.1_all.deb ...
Unpacking krb5-locales (1.12+dfsg-2ubuntu5.1) ...
Selecting previously unselected package libsasl2-modules:amd64.
Preparing to unpack .../libsasl2-modules_2.1.25.dfsg1-17build1_amd64.deb ...
Unpacking libsasl2-modules:amd64 (2.1.25.dfsg1-17build1) ...
Selecting previously unselected package manpages.
Preparing to unpack .../manpages_3.54-1ubuntu1_all.deb ...
Unpacking manpages (3.54-1ubuntu1) ...
Selecting previously unselected package openssh-client.
Preparing to unpack .../openssh-client_1%3a6.6p1-2ubuntu2.3_amd64.deb ...
Unpacking openssh-client (1:6.6p1-2ubuntu2.3) ...
Selecting previously unselected package rsync.
Preparing to unpack .../rsync_3.1.0-2ubuntu0.1_amd64.deb ...
Unpacking rsync (3.1.0-2ubuntu0.1) ...
Selecting previously unselected package xauth.
Preparing to unpack .../xauth_1%3a1.0.7-1ubuntu1_amd64.deb ...
Unpacking xauth (1:1.0.7-1ubuntu1) ...
Selecting previously unselected package binutils.
Preparing to unpack .../binutils_2.24-5ubuntu14_amd64.deb ...
Unpacking binutils (2.24-5ubuntu14) ...
Selecting previously unselected package libc-dev-bin.
Preparing to unpack .../libc-dev-bin_2.19-0ubuntu6.6_amd64.deb ...
Unpacking libc-dev-bin (2.19-0ubuntu6.6) ...
Selecting previously unselected package linux-libc-dev:amd64.
Preparing to unpack .../linux-libc-dev_3.13.0-66.108_amd64.deb ...
Unpacking linux-libc-dev:amd64 (3.13.0-66.108) ...
Selecting previously unselected package libc6-dev:amd64.
Preparing to unpack .../libc6-dev_2.19-0ubuntu6.6_amd64.deb ...
Unpacking libc6-dev:amd64 (2.19-0ubuntu6.6) ...
Selecting previously unselected package cpp-4.8.
Preparing to unpack .../cpp-4.8_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking cpp-4.8 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package cpp.
Preparing to unpack .../cpp_4%3a4.8.2-1ubuntu6_amd64.deb ...
Unpacking cpp (4:4.8.2-1ubuntu6) ...
Selecting previously unselected package libgcc-4.8-dev:amd64.
Preparing to unpack .../libgcc-4.8-dev_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libgcc-4.8-dev:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package gcc-4.8.
Preparing to unpack .../gcc-4.8_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking gcc-4.8 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package gcc.
Preparing to unpack .../gcc_4%3a4.8.2-1ubuntu6_amd64.deb ...
Unpacking gcc (4:4.8.2-1ubuntu6) ...
Selecting previously unselected package libstdc++-4.8-dev:amd64.
Preparing to unpack .../libstdc++-4.8-dev_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking libstdc++-4.8-dev:amd64 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package g++-4.8.
Preparing to unpack .../g++-4.8_4.8.4-2ubuntu1~14.04_amd64.deb ...
Unpacking g++-4.8 (4.8.4-2ubuntu1~14.04) ...
Selecting previously unselected package g++.
Preparing to unpack .../g++_4%3a4.8.2-1ubuntu6_amd64.deb ...
Unpacking g++ (4:4.8.2-1ubuntu6) ...
Selecting previously unselected package make.
Preparing to unpack .../make_3.81-8.2ubuntu3_amd64.deb ...
Unpacking make (3.81-8.2ubuntu3) ...
Selecting previously unselected package libtimedate-perl.
Preparing to unpack .../libtimedate-perl_2.3000-1_all.deb ...
Unpacking libtimedate-perl (2.3000-1) ...
Selecting previously unselected package libdpkg-perl.
Preparing to unpack .../libdpkg-perl_1.17.5ubuntu5.4_all.deb ...
Unpacking libdpkg-perl (1.17.5ubuntu5.4) ...
Selecting previously unselected package xz-utils.
Preparing to unpack .../xz-utils_5.1.1alpha+20120614-2ubuntu2_amd64.deb ...
Unpacking xz-utils (5.1.1alpha+20120614-2ubuntu2) ...
Selecting previously unselected package patch.
Preparing to unpack .../patch_2.7.1-4ubuntu2.3_amd64.deb ...
Unpacking patch (2.7.1-4ubuntu2.3) ...
Selecting previously unselected package dpkg-dev.
Preparing to unpack .../dpkg-dev_1.17.5ubuntu5.4_all.deb ...
Unpacking dpkg-dev (1.17.5ubuntu5.4) ...
Selecting previously unselected package build-essential.
Preparing to unpack .../build-essential_11.6ubuntu6_amd64.deb ...
Unpacking build-essential (11.6ubuntu6) ...
Selecting previously unselected package libfakeroot:amd64.
Preparing to unpack .../libfakeroot_1.20-3ubuntu2_amd64.deb ...
Unpacking libfakeroot:amd64 (1.20-3ubuntu2) ...
Selecting previously unselected package fakeroot.
Preparing to unpack .../fakeroot_1.20-3ubuntu2_amd64.deb ...
Unpacking fakeroot (1.20-3ubuntu2) ...
Selecting previously unselected package liberror-perl.
Preparing to unpack .../liberror-perl_0.17-1.1_all.deb ...
Unpacking liberror-perl (0.17-1.1) ...
Selecting previously unselected package git-man.
Preparing to unpack .../git-man_1%3a1.9.1-1ubuntu0.1_all.deb ...
Unpacking git-man (1:1.9.1-1ubuntu0.1) ...
Selecting previously unselected package git.
Preparing to unpack .../git_1%3a1.9.1-1ubuntu0.1_amd64.deb ...
Unpacking git (1:1.9.1-1ubuntu0.1) ...
Selecting previously unselected package libalgorithm-diff-perl.
Preparing to unpack .../libalgorithm-diff-perl_1.19.02-3_all.deb ...
Unpacking libalgorithm-diff-perl (1.19.02-3) ...
Selecting previously unselected package libalgorithm-diff-xs-perl.
Preparing to unpack .../libalgorithm-diff-xs-perl_0.04-2build4_amd64.deb ...
Unpacking libalgorithm-diff-xs-perl (0.04-2build4) ...
Selecting previously unselected package libalgorithm-merge-perl.
Preparing to unpack .../libalgorithm-merge-perl_0.08-2_all.deb ...
Unpacking libalgorithm-merge-perl (0.08-2) ...
Selecting previously unselected package libfile-fcntllock-perl.
Preparing to unpack .../libfile-fcntllock-perl_0.14-2build1_amd64.deb ...
Unpacking libfile-fcntllock-perl (0.14-2build1) ...
Selecting previously unselected package libpython2.7-stdlib:amd64.
Preparing to unpack .../libpython2.7-stdlib_2.7.6-8ubuntu0.2_amd64.deb ...
Unpacking libpython2.7-stdlib:amd64 (2.7.6-8ubuntu0.2) ...
Selecting previously unselected package libpython-stdlib:amd64.
Preparing to unpack .../libpython-stdlib_2.7.5-5ubuntu3_amd64.deb ...
Unpacking libpython-stdlib:amd64 (2.7.5-5ubuntu3) ...
Selecting previously unselected package manpages-dev.
Preparing to unpack .../manpages-dev_3.54-1ubuntu1_all.deb ...
Unpacking manpages-dev (3.54-1ubuntu1) ...
Selecting previously unselected package python2.7.
Preparing to unpack .../python2.7_2.7.6-8ubuntu0.2_amd64.deb ...
Unpacking python2.7 (2.7.6-8ubuntu0.2) ...
Selecting previously unselected package python-minimal.
Preparing to unpack .../python-minimal_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python-minimal (2.7.5-5ubuntu3) ...
Selecting previously unselected package python.
Preparing to unpack .../python_2.7.5-5ubuntu3_amd64.deb ...
Unpacking python (2.7.5-5ubuntu3) ...
Processing triggers for ureadahead (0.100.0-16) ...
Processing triggers for mime-support (3.54ubuntu1.1) ...
Setting up libroken18-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libasn1-8-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libkrb5support0:amd64 (1.12+dfsg-2ubuntu5.1) ...
Setting up libk5crypto3:amd64 (1.12+dfsg-2ubuntu5.1) ...
Setting up libkeyutils1:amd64 (1.5.6-1) ...
Setting up libkrb5-3:amd64 (1.12+dfsg-2ubuntu5.1) ...
Setting up libgssapi-krb5-2:amd64 (1.12+dfsg-2ubuntu5.1) ...
Setting up libidn11:amd64 (1.28-1ubuntu2) ...
Setting up libhcrypto4-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libheimbase1-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libwind0-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libhx509-5-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libkrb5-26-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libheimntlm0-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libgssapi3-heimdal:amd64 (1.6~git20131207+dfsg-1ubuntu1.1) ...
Setting up libsasl2-modules-db:amd64 (2.1.25.dfsg1-17build1) ...
Setting up libsasl2-2:amd64 (2.1.25.dfsg1-17build1) ...
Setting up libldap-2.4-2:amd64 (2.4.31-1+nmu2ubuntu8.2) ...
Setting up librtmp0:amd64 (2.4+20121230.gitdf6c518-1) ...
Setting up libcurl3-gnutls:amd64 (7.35.0-1ubuntu2.5) ...
Setting up libedit2:amd64 (3.1-20130712-2) ...
Setting up libxau6:amd64 (1:1.0.8-1) ...
Setting up libxdmcp6:amd64 (1:1.1.1-1) ...
Setting up libxcb1:amd64 (1.10-2ubuntu1) ...
Setting up libx11-data (2:1.6.2-1ubuntu2) ...
Setting up libx11-6:amd64 (2:1.6.2-1ubuntu2) ...
Setting up libxext6:amd64 (2:1.3.2-1ubuntu0.0.14.04.1) ...
Setting up libxmuu1:amd64 (2:1.1.1-1) ...
Setting up libasan0:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libatomic1:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libgmp10:amd64 (2:5.1.3+dfsg-1ubuntu1) ...
Setting up libisl10:amd64 (0.12.2-1) ...
Setting up libcloog-isl4:amd64 (0.18.2-1) ...
Setting up libgomp1:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libitm1:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libmpfr4:amd64 (3.1.2-1) ...
Setting up libquadmath0:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libtsan0:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up libpython2.7-minimal:amd64 (2.7.6-8ubuntu0.2) ...
Setting up python2.7-minimal (2.7.6-8ubuntu0.2) ...
Linking and byte-compiling packages for runtime python2.7...
Setting up libmpc3:amd64 (1.0.1-1ubuntu1) ...
Setting up openssl (1.0.1f-1ubuntu2.15) ...
Setting up ca-certificates (20141019ubuntu0.14.04.1) ...
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
Setting up krb5-locales (1.12+dfsg-2ubuntu5.1) ...
Setting up libsasl2-modules:amd64 (2.1.25.dfsg1-17build1) ...
Setting up manpages (3.54-1ubuntu1) ...
Setting up openssh-client (1:6.6p1-2ubuntu2.3) ...
Setting up rsync (3.1.0-2ubuntu0.1) ...
 Removing any system startup links for /etc/init.d/rsync ...
update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match rsync Default-Stop values (none)
 Adding system startup for /etc/init.d/rsync ...
   /etc/rc0.d/K20rsync -> ../init.d/rsync
   /etc/rc1.d/K20rsync -> ../init.d/rsync
   /etc/rc6.d/K20rsync -> ../init.d/rsync
   /etc/rc2.d/S20rsync -> ../init.d/rsync
   /etc/rc3.d/S20rsync -> ../init.d/rsync
   /etc/rc4.d/S20rsync -> ../init.d/rsync
   /etc/rc5.d/S20rsync -> ../init.d/rsync
invoke-rc.d: policy-rc.d denied execution of restart.
Setting up xauth (1:1.0.7-1ubuntu1) ...
Setting up binutils (2.24-5ubuntu14) ...
Setting up libc-dev-bin (2.19-0ubuntu6.6) ...
Setting up linux-libc-dev:amd64 (3.13.0-66.108) ...
Setting up libc6-dev:amd64 (2.19-0ubuntu6.6) ...
Setting up cpp-4.8 (4.8.4-2ubuntu1~14.04) ...
Setting up cpp (4:4.8.2-1ubuntu6) ...
Setting up libgcc-4.8-dev:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up gcc-4.8 (4.8.4-2ubuntu1~14.04) ...
Setting up gcc (4:4.8.2-1ubuntu6) ...
Setting up libstdc++-4.8-dev:amd64 (4.8.4-2ubuntu1~14.04) ...
Setting up g++-4.8 (4.8.4-2ubuntu1~14.04) ...
Setting up g++ (4:4.8.2-1ubuntu6) ...
update-alternatives: using /usr/bin/g++ to provide /usr/bin/c++ (c++) in auto mode
Setting up make (3.81-8.2ubuntu3) ...
Setting up libtimedate-perl (2.3000-1) ...
Setting up libdpkg-perl (1.17.5ubuntu5.4) ...
Setting up xz-utils (5.1.1alpha+20120614-2ubuntu2) ...
update-alternatives: using /usr/bin/xz to provide /usr/bin/lzma (lzma) in auto mode
Setting up patch (2.7.1-4ubuntu2.3) ...
Setting up dpkg-dev (1.17.5ubuntu5.4) ...
Setting up build-essential (11.6ubuntu6) ...
Setting up libfakeroot:amd64 (1.20-3ubuntu2) ...
Setting up fakeroot (1.20-3ubuntu2) ...
update-alternatives: using /usr/bin/fakeroot-sysv to provide /usr/bin/fakeroot (fakeroot) in auto mode
Setting up liberror-perl (0.17-1.1) ...
Setting up git-man (1:1.9.1-1ubuntu0.1) ...
Setting up git (1:1.9.1-1ubuntu0.1) ...
Setting up libalgorithm-diff-perl (1.19.02-3) ...
Setting up libalgorithm-diff-xs-perl (0.04-2build4) ...
Setting up libalgorithm-merge-perl (0.08-2) ...
Setting up libfile-fcntllock-perl (0.14-2build1) ...
Setting up libpython2.7-stdlib:amd64 (2.7.6-8ubuntu0.2) ...
Setting up libpython-stdlib:amd64 (2.7.5-5ubuntu3) ...
Setting up manpages-dev (3.54-1ubuntu1) ...
Setting up python2.7 (2.7.6-8ubuntu0.2) ...
Setting up python-minimal (2.7.5-5ubuntu3) ...
Setting up python (2.7.5-5ubuntu3) ...
Processing triggers for libc-bin (2.19-0ubuntu6.6) ...
Processing triggers for ca-certificates (20141019ubuntu0.14.04.1) ...
Updating certificates in /etc/ssl/certs... 173 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
Processing triggers for ureadahead (0.100.0-16) ...
 ---> f34f5f36d268
Removing intermediate container cea45a3c0c68
Step 6 : RUN apt-get install -y gcc-arm-none-eabi=$GCC_ARM_VERSION
 ---> Running in ac85e9f1035c
Reading package lists...
Building dependency tree...
Reading state information...
E: Version '4.9.3.2015q2-1trusty1' for 'gcc-arm-none-eabi' was not found
The command '/bin/sh -c apt-get install -y gcc-arm-none-eabi=$GCC_ARM_VERSION' returned a non-zero code: 100
Unable to find image 'trezor-mcu-build:latest' locally
Pulling repository docker.io/library/trezor-mcu-build
Error: image library/trezor-mcu-build:latest not found
---------------------
Firmware fingerprint:
./firmware-docker-build.sh: line 19: sha256sum: command not found

Trying again ....

bash-4.3$ ./firmware-docker-build.sh v1.3.4
Sending build context to Docker daemon  1.34 MB
Step 0 : FROM ubuntu:14.04
 ---> 0a17decee413
Step 1 : ENV GCC_ARM_VERSION 4.9.3.2015q2-1trusty1
 ---> Using cache
 ---> 2ed75ee62628
Step 2 : RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB
 ---> Using cache
 ---> 4db2e7600427
Step 3 : RUN gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --fingerprint FE324A81C208C89497EFC6246D1D8367A3421AFB
 ---> Using cache
 ---> b7bb499ad881
Step 4 : RUN echo "deb http://ppa.launchpad.net/terry.guo/gcc-arm-embedded/ubuntu trusty main" >> /etc/apt/sources.list && apt-get update
 ---> Using cache
 ---> 06c0669f6097
Step 5 : RUN apt-get install -y build-essential git python
 ---> Using cache
 ---> f34f5f36d268
Step 6 : RUN apt-get install -y gcc-arm-none-eabi=$GCC_ARM_VERSION
 ---> Running in 73be42ecc791
Reading package lists...
Building dependency tree...
Reading state information...
E: Version '4.9.3.2015q2-1trusty1' for 'gcc-arm-none-eabi' was not found
The command '/bin/sh -c apt-get install -y gcc-arm-none-eabi=$GCC_ARM_VERSION' returned a non-zero code: 100
Unable to find image 'trezor-mcu-build:latest' locally
Pulling repository docker.io/library/trezor-mcu-build
Error: image library/trezor-mcu-build:latest not found
---------------------
Firmware fingerprint:
./firmware-docker-build.sh: line 19: sha256sum: command not found

Incorrect usage of memset in fsm.c?

I'm trying to compile the firmware with GCC 5.1 and it complained about the following in
fsm.c:798:

memset(resp->address, sizeof(resp->address), 0);
memset(&(resp->message), sizeof(resp->message), 0);

Looks like the arguments order has been mixed up?

The code is dual-licensed till Mon Jan 26 22:03:33 2015+0100

Despite you rewritten and backdated the commit that changed licenses, the fact remains that up until "40efef" you published code on GPL license.

You still do use code that you released as GPL, AINAL but probably you are now required to keep publishing all modifications of this code as GPL too.

Could you please reverse this license change, and if not then fix the licenses in files that are derived work from your GPL code, as it (AFAIK) is GPL as well?

(Personally I do not support licensing, but if you start it by switching to less free Microsoft license then you should play by the rules of that game)

Bootloader: Show hash of the firmware in the unofficial warning screen

That allows one to upload and use their own custom built firmware without being worried that it's been replaced with an evil firmware. (Currently there is no way to tell them apart, because they show the same warning, without hash).

More detailed commit messages

Hi,

First of all: thanks a lot for your really great work!

I would like to help development and also spend some time to learn the code/improve the trezor firmware... I'm not really good at C, but from time to time I try to improve my knowledge about it and also want to understand the changes of the trezor firmware...

Therefore it would be great, if you could describe the changes in the commit message a bit more detailed, so it would be easier to follow... F.e. I cannot understand anything what this commit does: f344ec9

I just want to help to improve trezor, which is really a great product!
Thanks!

Make movement of gears less jerky

When signing big transactions the gears do not turn smoothly. Make them move less jerky.

Please merge branch ed25519

Please merge branch ed25519 to the master so it can be used in production devices for SSH authentication.

Release tag v1.3.0 is missing

Since the license change disaster, the v1.3.0 tag is missing. I suggest adding it back as the same commit hash from before the license change. It should be commit b5eecb3.

gcc-arm-none-eabi apt-get install

Running ./firmware-docker-build.sh currently outputs the following error:

E: Version '4.9.3.2014q4-0trusty12' for 'gcc-arm-none-eabi' was not found

(Linux Ubuntu 14.04 LTS)

Unable to send transaction from Trezor with 2.3.2.2

Recently I have upgraded from Electrum 2.0 which worked fine to 2.3.2.2 and since then, I am unable to send transactions. When I submit a transaction, it asks for a confirmation and then the error message pops up, saying Got <class 'trezorlib.messages_pb2.PublicKey'>, expected (<class 'trezorlib.messages_pb2.Success'>,)
The old 2.0 version still works fine though.

Note that I have the same problem with regular Electrum and I've submited the issue here: spesmilo/electrum#1353
Since I'm not sure if it will get into electrum-ltc code after it will be fixed there, I'm also submiting the issue here. Feel free to close it if you feel it's a duplicate.

The font could be improved to be less ambiguous

For instance the combination of letters "cl" is pretty close to a "d" which is a problem when the mnemonic words are to be written on the recovery sheet.

I hope there is enough room to give legs to the "l" for instance.

Undefined behavior in debug.c

I am slowly reviewing the code for Trezor and found an issue. The oledDebug function in debug.c has this code:

static const char *lines[8] = {0, 0, 0, 0, 0, 0, 0, 0};
...
for (i = 0; i < 7; i++) {
    lines[i] = lines[i + 1];
}

When i is 7, the code will read from lines[8], which is out of bounds. When an array subscript is out of bounds it results in undefined behavior, so anything could happen. The variable i should not be allowed to reach 7 in this loop.

I don't think this is a security issue.

{ and } gets rendered as ✔ and ✖

All { and } are rendered as ✔ and ✖

That is including naming the device or signing/verifying

Suggestion: Ethereum support

Hello,
I want to start discussion about implementing needed changes to have Ethereum support.
There does not need to be too many changes I think.

We should be easily able to reuse whole BIP32 tree with secp256k1 signatures.
Main difference in key/address is that ETH is using 20 char addresses, so there is little change in address generation.

And there is different transaction format.
Ethereum have just 1 unified transaction format with simple structure.

I have already forgot most of my C++ knowledge so I cannot simply update firmware myself.

Regarding transaction costs, I suggest to let that part in caller app responsibility - same as preparing raw transaction object.

Few relevant links to ETH implementation:
JS code of generating address from privkey https://github.com/ConsenSys/eth-lightwallet/blob/master/lib/keystore.js#L149
Whole eth-lightwallet is also using BIP32, so it can be used as reference to simply rewrite these few needed parts to cpp. If it is even needed and we are not doing it on client from received pubkey.

And for example transaction format in cpp https://github.com/ethereum/libethereum/blob/6d65d5d1412013381324826ea583e8b3fa9f5f3c/libethcore/Transaction.cpp#L33
There is sign function on line 111.

After creating and signing transaction which could be all done offline, standard operation would be to transfer it to full node by for example simple RPC call https://github.com/ethereum/wiki/wiki/JSON-RPC#eth_sendrawtransaction

show passphrase on Trezor

Instead of typing the passphrase twice each time, user should enter the passphrase only once.

User should be able to show the passphrase on TREZOR instead on PC

Display mBTC/bits

Title says it all

Verify seed checksum

Verify mnemonic seed checksum on start (and maybe before each critical operation). Halt if checksum is invalid.

Initialize while listing seeds for device setup doesn't return features

(similar to issue #67)

When the device is listing seed words in device setup, computer should be able to reset the device with Initialize message.

It doesn't work and the Initialize never returns any features. The computer is expecting them and hangs.

Example in python, similar to examples in #67

https://gist.github.com/runn1ng/d4cbd29452ed81501c39

(run with _un_initialized device)

apt-key adv command in dockerfile might be unsafe

From:
https://github.com/trezor/trezor-mcu/blob/master/Dockerfile#L7

The following excerpt might be unsafe.

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys FE324A81C208C89497EFC6246D1D8367A3421AFB

Because of a gnupg bug. gpg --recv-keys/--refresh-keys ignores a given long id, uses short ID instead:
http://bugs.g10code.com/gnupg/issue1340

As a fix you could check that you got the correct key by running:

gpg --fingerprint FE324A81C208C89497EFC6246D1D8367A3421AFB

and break on non-zero exit codes.

Using M of N paper backup seeds to restore TREZOR (SSSS)

Enable option of fragmented seed backups, e.g. 2-of-3 seed backup and so on.

Return error on SignIdentity when not initialized

before asking for confirming the action.

Versioning of submodule

I appreciate all the efforts put by contributors to improve trezor-mcu. However, it would be a good idea to maintain a versioning of the trezor-mcu repo, in synch with a versioning of the submodules, like trezor-crypto, trezor-qrenc and trezor-common. At the moment, because of recent changes in the submodules, it is impossible for the community to independently verify the signature of release 1.3.1.

Change outputs with PAYTOSCRIPTHASH script type

In firmware/signing.c - specifically, here - there's nothing that sets is_change if the output's script type is PAYTOSCRIPTHASH.

Is it possible to use P2SH addresses as change addresses?

1.3.1 installed on production mytrezor.com, 1.2.1 still appearing on test.mytrezor.com

Hi,

Anybody has the same problems?

I installed 1.3.1 on the production backend, looks fine, also in the advanced tab I can see 1.3.1 (also after dis/reconnecting).

But when I switch to test.mytrezor.com, I still get the warning that 1.2.1 is installed and I should upgrade?

I cleared my cache and dis/reconnected.

allow core entropy entry through pin pad

Rather than trust host computer for source of entropy, allow user to generate entropy via alternative means (eg diceware, flipping coins, or however).

The entropy would be entered via the scrambled pin mechanism. If we just use digits 1-8, 256 bits would be 32 entries, or 128 bits would be 16. A bit of a pain, but not too bad. The entropy entry could be repeated to ensure no mistakes.

(For stylepoints, trezor could add a "hexadecimal pin pad" to slyly hint that only 3l1te experts should be using this feature.)

After the entropy entry the 3*x word passphrase would be calculated and displayed to user as usual. The user could can now either

-- throw away the entropy seed, and do future restores with current mechanism
-- or keep the entropy seed, and do future restores with extra secure mechanism of re-entering same entropy via keypad, so even if host computer is compromised the original entropy is maintained, and we don't leak down to 24 factorial, or however many if an attacker gains a scrambled word list.

As a side note on naming, I would refer to "core entropy seed" described above, versus "stretched entropy seed" which is encoded by the pass phrase that is usually referred to as the seed.

For everyone who has ever wondered if /dev/random is back doored on their system, the trezor now presents an irresistible value proposition.

originally submitted to trezor/python-trezor#44

UPDATE:

When I posted this I thought trezor only used external entropy, from connected (possibly backdoored) computer.

I've since learned Trezor already uses both internal and external entropy.

I still think this would be good to have, but less urgent.

Anyways: this is needed if you trust neither the connected computer, nor the trezor's hardware entropy, from being backdoored.

UPDATE 2:

One can of course, always add entropy by selecting a passphrase with as many bits as one wants.

This is however cumbersome compared to specifying the additional entropy at startup, and then only needing to remember a pin.

Also the passphrase gets entered on an insecure computer, so there's that.

Breadcrumb for starting task:

https://www.reddit.com/r/TREZOR/comments/2ewgt4/right_now_do_we_have_to_trust_trezor/ckjqthj

UPDATE:

A good case for why one might want just seed phrase and pin (and not secondary passphrase) is here:

https://standardcrypto.wordpress.com/2016/01/19/if-you-cant-provision-a-good-hiding-place-for-your-hardware-wallet-seed-phrase-maybe-you-dont-need-to-back-it-up-in-the-first-place-use-multiple-wallets-plus-pin-instead/

Reason 1: compatibility with other HW wallets, like ledger wallet.
Reason 2: 2nd factor pin is secure against hacked computer, because scrambled. secondary passphrase is not secure against hacked computer.

ETA for 1.3.1

Hi,

do you have already an ETA for firmware 1.3.1?

Also it would be nice to create milestones and associate the tickets with them...

Thanks a lot for your really great work!

turn off screensaver on Initialize message
turn on screensaver on ClearSession
turn on screensaver after 10 minutes of inactivity
turn off screensaver on keypress

Deterministic builds: Replace custom Docker build with Gitian or a similar system

Title says its all.

After Setup, confirm that user wrote down the seed

Let user confirm that he really knows the seed, use one of many solutions:

a) Let him re-write some word from the seed (position provided by TREZOR)
b) Let him choose position of word displayed on TREZOR (safer, does not leak word to computer)
... etc

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.