Security is probably irrelevant, since the server farm probably has a given level of security to start with. In closed cases like these, firewalling and host restriction usually makes nfs secure. Well, relatively. Security concerns also bog down high performance servers. Coda smacks my bitch up tho. A non-sucking nfs. With fault handling, redundancy, good performance, a light kernel footprint... drool. It would be cool for/. to go for it but it ain't gonna happen, too beta still... and seeing as this place is just another corporate shop now, they can't take risks.
I'm thinking about doing this with an old Sun 3/50. Rip out the old power supply, layout a PC supply in its place, get an integrated PC motherboard (ether+IDE+USB+vid) and slap an HD behind the power supply, if there's any space. Now if I can only figure out how to drive that beautiful 19" mono ECL monitor...;-)
I can't think of any way of allowing expansion, and I've already looking into building a PC with a VME backplane, it seems nobody uses those things anymore (too slow..? Too much physical distance?) You *can* get a PC board to fit a VME backplane with PCI mezzanines. A very odd take on SMP with several VME cards I suppose.. reminisicient of an old SPARCCenter maybe.
> I'm no lawyer, but is typing in an URL illegal ? I'm probably wrong, but cracking passwords and the like *is* illegal, this is just typing an URL... maybe I'm far too optimistic.
I don't know - I'm not of the legal bent either. But telnetting to a host and trying to break in is illegal, right? And 'telnet www.hotmail.com 80' will give you essentially the same thing... so a suitably inspired lawyer might be able to make a case that way. Pushing things to extremes, I thought of a ridiculous defence along the lines of "I was just varying the electrical potential in this copper, yer honor, how was I supposed to know I was launching those nukes..."
I'd don't particularily trust the courts or the legal system, so I usually err on the side of paranoid, but that's just me.
Microsoft is obviously aware of the problem, and their lawyers will hunt you to the end of the earth.. nobody can get into Hotmail except for those who hack in. This is an *easy* way to keep track of IP's that break in.
This has been done on a card before. Novell had one, so did Digital Research.
You put the card in, it simulates a hard drive during boot, but can't be "altered". Usually, it'd go after a specially-configured Novell server to load apps.
Now that you mention it I remember a similar project in the Etherboot distribution - you can build a "FlashCard" which resides in an ISA slot, and contains an EEPROM that can be flashed with a BootROM. It's meant for testing Etherboot before you burn it onto 20 EPROM chips but it'll work for anything that wants to take control after the motherboard BIOS, in the same manner as IDE controllers and so on get called to do their thing. My knowledge of prioritization and contention is sketchy here, tho... whoever goes first wins the privelege of booting or what?
Some of us already have that:) Nettrom (the Netwinder's firmware) supports lots of nifty options for loading kernels. I hear it's modeled after Sun's booting firmware. I guess what I'm saying is that it exists (and has for quite a while) -- but I don't know if it exists on PC hardware yet.
Yes, I've been enlightened too =) I've been playing with Net/Etherboot for a while and Sun has had this kind of functionality for about 15 years. See my post below "Idea for minimal BIOS architecture" which addresses the problem of motherboard-specific code.. well, kinda.
I think we can do without a Forth interpreter in the EPROM tho, right?;-)
Two decades of PC has shown that the BIOS is one of the more common show-stoppers that one can run into, so the goal of future designs should be to minimize the BIOS to a high extent. I can't think of anything wrong with sticking the kernel right into the BIOS. How much does 8 megs of flash cost these days? That's plenty for the foreseeable future, including modules and OS bloat.
BIOS needs to be divided in half, both parts flashable. The first part is responsible for bringing the motherboard up into a sane state, and the second part loads the kernel from flash. We don't care about PCI and everything else since it's assumed that the kernel will take care of those devices. At least they've been brought into minimal sanity by the BIOS, which probably only needs to make sure that RAM is okay and a few other things.
So, BIOS1 runs and sanitizes the motherboard. BIOS2 copies a kernel from flash into RAM. If either of them fails, we fall back to a simple public-domain or copyleft BIOS that is smart enough to boot from a floppy or IDE HD. I'm not naive enough to suggest that the machine will be in any state to load a protected-mode OS with the memory controller in some kind of crazy acid trip and everything else, but we have BIOS1 to worry about the strange PC stuff.
BIOS2 might as well be 32-bit (i.e. BIOS1 does the dirty work and leaves with the system in nice, clean protected mode), and serves only to copy the next image from flash (into the flat memory we now have), which is either a kernel or BIOS3, a smart BIOS that runs in RAM from the start and acts like Open Firmware or whatever. This is completely optional and would be at the level of LILO on the usual PC. I'm thinking along the lines of sun* bootprompt (I'm fond of sun3's bootprompt, sick isn't it... =)
A couple of poorly thought-out things that just came to me.. I know the kernel-in-flash idea isn't new but maybe arranging it this way is.
Slashdot Mirror
Security is probably irrelevant, since the server farm probably has a given level of security to start with. In closed cases like these, firewalling and host restriction usually makes nfs secure. Well, relatively. Security concerns also bog down high performance servers. Coda smacks my bitch up tho. A non-sucking nfs. With fault handling, redundancy, good performance, a light kernel footprint... drool. It would be cool for /. to go for it but it ain't gonna happen, too beta still... and seeing as this place is just another corporate shop now, they can't take risks.
czesc ;-)
I'm thinking about doing this with an old Sun 3/50. Rip out the old power supply, layout a PC supply in its place, get an integrated PC motherboard (ether+IDE+USB+vid) and slap an HD behind the power supply, if there's any space. Now if I can only figure out how to drive that beautiful 19" mono ECL monitor... ;-)
I can't think of any way of allowing expansion, and I've already looking into building a PC with a VME backplane, it seems nobody uses those things anymore (too slow..? Too much physical distance?) You *can* get a PC board to fit a VME backplane with PCI mezzanines. A very odd take on SMP with several VME cards I suppose.. reminisicient of an old SPARCCenter maybe.
> I'm no lawyer, but is typing in an URL illegal ? I'm probably wrong, but cracking passwords and the like *is* illegal, this is just typing an URL... maybe I'm far too optimistic.
I don't know - I'm not of the legal bent either. But telnetting to a host and trying to break in is illegal, right? And 'telnet www.hotmail.com 80' will give you essentially the same thing... so a suitably inspired lawyer might be able to make a case that way. Pushing things to extremes, I thought of a ridiculous defence along the lines of "I was just varying the electrical potential in this copper, yer honor, how was I supposed to know I was launching those nukes..."
I'd don't particularily trust the courts or the legal system, so I usually err on the side of paranoid, but that's just me.
Logging in now is a BAD idea.
Microsoft is obviously aware of the problem, and their lawyers will hunt you to the end of the earth.. nobody can get into Hotmail except for those who hack in. This is an *easy* way to keep track of IP's that break in.
It's too late for me but maybe not for you..
You put the card in, it simulates a hard drive during boot, but can't be "altered". Usually, it'd go after a specially-configured Novell server to load apps.
Now that you mention it I remember a similar project in the Etherboot distribution - you can build a "FlashCard" which resides in an ISA slot, and contains an EEPROM that can be flashed with a BootROM. It's meant for testing Etherboot before you burn it onto 20 EPROM chips but it'll work for anything that wants to take control after the motherboard BIOS, in the same manner as IDE controllers and so on get called to do their thing. My knowledge of prioritization and contention is sketchy here, tho... whoever goes first wins the privelege of booting or what?
Yes, I've been enlightened too =) I've been playing with Net/Etherboot for a while and Sun has had this kind of functionality for about 15 years. See my post below "Idea for minimal BIOS architecture" which addresses the problem of motherboard-specific code.. well, kinda.
I think we can do without a Forth interpreter in the EPROM tho, right? ;-)
Two decades of PC has shown that the BIOS is one of the more common show-stoppers that one can run into, so the goal of future designs should be to minimize the BIOS to a high extent. I can't think of anything wrong with sticking the kernel right into the BIOS. How much does 8 megs of flash cost these days? That's plenty for the foreseeable future, including modules and OS bloat.
BIOS needs to be divided in half, both parts flashable. The first part is responsible for bringing the motherboard up into a sane state, and the second part loads the kernel from flash. We don't care about PCI and everything else since it's assumed that the kernel will take care of those devices. At least they've been brought into minimal sanity by the BIOS, which probably only needs to make sure that RAM is okay and a few other things.
So, BIOS1 runs and sanitizes the motherboard. BIOS2 copies a kernel from flash into RAM. If either of them fails, we fall back to a simple public-domain or copyleft BIOS that is smart enough to boot from a floppy or IDE HD. I'm not naive enough to suggest that the machine will be in any state to load a protected-mode OS with the memory controller in some kind of crazy acid trip and everything else, but we have BIOS1 to worry about the strange PC stuff.
BIOS2 might as well be 32-bit (i.e. BIOS1 does the dirty work and leaves with the system in nice, clean protected mode), and serves only to copy the next image from flash (into the flat memory we now have), which is either a kernel or BIOS3, a smart BIOS that runs in RAM from the start and acts like Open Firmware or whatever. This is completely optional and would be at the level of LILO on the usual PC. I'm thinking along the lines of sun* bootprompt (I'm fond of sun3's bootprompt, sick isn't it... =)
A couple of poorly thought-out things that just came to me.. I know the kernel-in-flash idea isn't new but maybe arranging it this way is.