Author Topic: Bitshares needs a secure operating system (Linux distro)  (Read 1951 times)

0 Members and 1 Guest are viewing this topic.

Offline JoeyD

Maintaining an up to date secure custom linux distro livecd might not be the smallest task ever.

Livecds are probably the most easily secured right now, but the suggested virtualmachine-route might be a more sustainable one in the future.

EDIT
Hmm, my mind is playing tricks on me, I thought I saw an elaborate post about lxc (linux containers), didn't think I was looking that much at virtualmachines that I'm starting to see them everywhere.

I love it, but how hard is it, exactly, to make a secure linux distro?  I'm assuming it is no simple task, but then again I am not a byte-master either.

Big warning up front I am most certainly not an expert in computer security. One of the primary reasons for me to work with linux is because I don't want to deal with windows security issues, which at the moment is still the largest target (and most insecure by design).

Creating custom linux distros is actually very easy and there are even websites that let you pick options from a list and it will spit out your custom distro. The problem lies in the secure bit. You have to trust whoever is making the distro or the cd-images. Not only do they have to be trustworthy, but also have the ability to guarantee their own security, no easy feat.

Best option short term I think would be to pick one livecd and then publish a set of packages for that livecd that can be loaded onto an usb-stick and installed that way.

Another option would be to publish a virtual-machine image of a secure distro with a shasum, so that people know that at the moment the image is started it's secure. Someone more knowledgeable than me would have to pitch in to say if a virtual-machine can be sufficiently protected from the host-machine it's running on.

In short creating linux distros and livecd-images is easy as pie, guaranteeing security is not easy, but at the very least not as impossible as on MSWindows (closed source and uncountable so-called "features", obligatory government back-doors etc).
« Last Edit: April 12, 2014, 06:44:13 am by JoeyD »

Offline fuzzy

Maintaining an up to date secure custom linux distro livecd might not be the smallest task ever.

Livecds are probably the most easily secured right now, but the suggested virtualmachine-route might be a more sustainable one in the future.

EDIT
Hmm, my mind is playing tricks on me, I thought I saw an elaborate post about lxc (linux containers), didn't think I was looking that much at virtualmachines that I'm starting to see them everywhere.

I love it, but how hard is it, exactly, to make a secure linux distro?  I'm assuming it is no simple task, but then again I am not a byte-master either.
WhaleShares==DKP; BitShares is our Community! 
ShareBits and WhaleShares = Love :D

Offline JoeyD

Maintaining an up to date secure custom linux distro livecd might not be the smallest task ever.

Livecds are probably the most easily secured right now, but the suggested virtualmachine-route might be a more sustainable one in the future.

EDIT
Hmm, my mind is playing tricks on me, I thought I saw an elaborate post about lxc (linux containers), didn't think I was looking that much at virtualmachines that I'm starting to see them everywhere.
« Last Edit: April 11, 2014, 04:02:26 pm by JoeyD »

Offline liondani

  • Hero Member
  • *****
  • Posts: 3737
  • Inch by inch, play by play
    • View Profile
    • My detailed info
  • BitShares: liondani
  • GitHub: liondani
Do you think it's a good idea to develop a secure Linux distro specifically for Bitshares, Keyhotee, and other apps which can be built around it?

I think something based on Chromium OS, but which has uses decentralized cloud storage such as MaidSafe is the way to go. It could be a live CD.

Could it work? Or is it a bad idea?

+papperwallet tool, +ready to mine PTS, + general crypto tools, +armory wallet for pts, +++++++++
think it is a very good idea !!!

Offline santaclause102

  • Hero Member
  • *****
  • Posts: 2486
    • View Profile
Quote
Linux distro specifically for Bitshares, Keyhotee, and other apps which can be built around it?

What specifically would be different?

Offline luckybit

  • Hero Member
  • *****
  • Posts: 2921
    • View Profile
  • BitShares: Luckybit
Do you think it's a good idea to develop a secure Linux distro specifically for Bitshares, Keyhotee, and other apps which can be built around it?

I think something based on Chromium OS, but which has uses decentralized cloud storage such as MaidSafe is the way to go. It could be a live CD.

Could it work? Or is it a bad idea?
https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads