yeah i really should make it a non executable folder also, it’s a decent safety measure when there isn’t anything that should run from there… anyways
doubt it will ever save me from anything tho… but the future is a tricky beast.
the auto updating containers is what gets me worried… sure its kinda isolated, but really it isn’t the advantages of paravirtualization is that it basically goes direct to hardware, and thus all of a sudden the VM / container is running directly next to your kernel… yay
not like its worrying enough that somebody could replace the container or add some sort of hidden code inside it, giving them the ability to make a botnet or worse out of the entire storj network until discovered…
O.o i know it’s an issue with most auto updated software, but storj is kinda new so it will be prone to make old mistakes the big older corps have learned the hard way and is mostly forgotten by now…
It’s a challenge similar to illegal content on block chains that will reside on any full node. I’ve thought about this as well. At this point I don’t see a simple way to protect against it. Perhaps you could do something by measuring file entropy to detect whether it properly encrypted and reject pieces that fall below a certain threshold. But you obviously want to be very careful with that, since you don’t want to reject anything valid.
agreed, its doubtful that it can be prevented, it’s simply a fundamental about how it works…
but one can make it very difficult for unrelated software to get access to it and execute it…
the primary target of that code would in general be the container in which the storagenode runs… so from how i see it, then it would be about “containing” that no pun intended…
but doing such things comes at a performance loss.
maybe the storjlings should just add a big red button inside the container… if anyone gets into it, then they cannot resist pushing it and then that sets off the alarm … muahhaha my devious plans are taking form…
I was thinking of something like public key validation of stored data. The Storj network could/should require that all data to be stored passes a public key validation procedure such that no unecrypted data would be accepted for Ingress to a node.
I do think the bigger storj gets the bigger the target for hackers get as well, So its probably better if were ahead of the curve then to be behind it and have them already planning a way to attack. Its just a matter of when and how at this point.
There might be a way to demonstrate to a reasonable level of certainty that this is the case, but you can’t definitively prove a negative. Ergo, you can’t prove that the SNO doesn’t have the key.
The simplest counter-example is the case where the SNO is the customer in the first place.
One can prove that data file B is encrypted with public key Z … so the proof would come down to traceability and proof that a given public key was used by any customer (but not a particular customer).
That’s immaterial to the data contained within the network.
The problem with storing unencrypted data or even allowing unencrypted user data onto the network is accessibility of the unencrypted data via an external observer or eavesdropper. If all data on the network can be proven to be encrypted via public key validation and the network algorithm can be shown to not allow any unencrypted user data… then any unencrypted illegal content must have been placed there by “not the network” … and any encrypted illegal content found via exploration of customer end points must be both inaccessible to the SNO as well as not the network’s problem.
There’s no way to definitively prove that the content is inaccessible to the SNO. We can conclude that it’s unlikely to be accessible, but not that it’s inaccessible. That’s my point.
These days it’s pretty hard to determine which those are. It’s a double edged sword. Many of the big names have had vulnerabilities that could be exploited to gain access to the underlying system. since anti-virus has the tendency to dig deep into the OS and get priority access to everything, when it’s compromised, the entire system is.
Because of this I’m still opting for Microsoft Defender + good security practices.
I think Microsoft Defender is underappreciated. It’s actually pretty good.
AV-Test gives it highest marks on all but one category.
Additionally they give it a top product label.
It catches the most common viruses at 100% rates. The only downside is that MS is slightly slower on 0-day vulnerability protection.
And it does this while impacting the system performance at half the rate of the average anti virus solution.
In fact the best argument against using it is that you don’t want everyone relying on the same AV software as it would then become the target to test all your attacks against. This is a valid argument, though currently the stats say we don’t really have to worry about that just yet.
I don’t think that’s what hes saying at all there is absolutely nothing that is guaranteed to protect you. For a virus scanner program that is free and it comes with Windows is better the most virus scanner programs that cost you money which doesn’t mean its better.
Additionally you have no idea what other AVs are doing with your data. There have been reports of e.g. Avast collecting (basically unrelated) user data. Especially those free AVs might sell off data like browser history etc…
I don’t want that. So I stick with MS and opt out of as much as I can. MS can already collect all my data no matter if I use their virus scanner or someone else’s.
At the end of the day, the biggest security issue is me anyway… Clicking the wrong link, opening some stupid email, executing the wrong file. You can always hope that your AV protects you from those mistakes but no AV recognizes all viruses.
Most AV does that these days though and that includes Microsoft Defender. As for it taking time… is it being good or simply inefficient? There is a lot of AV software that doesn’t catch more than the average AV, but is a lot slower with scanning. I just like that with Defender being part of the OS, I’m not giving any additional party privileged access to my machine and it’s usually out of the way. Though I have seen the process go haywire from time to time and consume 30+% CPU over an extended period of time. It’s definitely not perfect, but what is…?