• Forum has been upgraded, all links, images, etc are as they were. Please see Official Announcements for more information

Will Masternodes be safe ?

Icebucket

Active member
I posted a question regarding this on Bitcointalk forum and did not get any real answers, So I would like to get your take on this.

Currently we have a number of people trying to set up masternodes and some of them might lack the right knowledge of security.
Im concerned if there would be lets say 1/3 of total masternodes set up on unsecured computers.
Would that not affect the total network safety?

I did suggest that someone with the right knowledge could mod PIMP getpimp.org/‎
with the right security measures built into it to try making the network safer.

Then miners (who are the most likely to have 1000+ DRK) could set up safe masternodes on their miners.
And also people that are not mining could use the same operating system on their dedicated servers.

This might strengthen the whole network and make it easy for all to update if there would be found any vulnerability like heartbleed in the future.


Im not a programmer myself so I dont know how one would go about this, but I wanted to throw this out there.
 
I don't believe, though I'm not technical and can only think logically, that there is any danger to the network. People running masternodes are at risk of losing their coin to thievery or their node could be shut down with DDOS attacks. But neither of those on their own would cause any network insecurity. It just would lower the functionality of the network, or scare people off of making a masternode.
 
The threats from insecure masternodes are:

- potential theft of the masternode's wallet
- masternode being compromised by an attacker (e.g. backdoor installed), and used to mount attacks on the network

The kinds of attacks on the network from compromised masternodes include denial-of-service attacks on Darksend transactions, and logging/de-anonymisation of Darksend transaction details.

I think there is merit to releasing an official OS image for running masternodes. There are drawbacks, for example if a large number of masternodes are running the exact same image and a vulnerability is found, all those masternodes are effectively compromised.

Best solution IMO is to release an official hardened OS image, and also to encourage masternode operators with sysadmin experience to roll their own instead of using the official image.
 
The threats from insecure masternodes are:
Best solution IMO is to release an official hardened OS image, and also to encourage masternode operators with sysadmin experience to roll their own instead of using the official image.

+1
 
Ok was reading over the Masternode Payments post again, and in the end Evan mentions creating a Ubuntu image.
https://darkcointalk.org/threads/darkcoin-update-masternode-requirements-masternode-payments.225/

"We will be working on creating AWS AMI’s for you to use as well as Ubuntu ISO images for you to setup a server, you will still be responsible for making sure the host is secure and firewall rules are complete based on your specific configuration. When these are created we will put out additional information on what you will need to do after installation."

So I guess he already thought of this :)
 
I officially in the mastenode runner-up club !! have my DRK hot and ready. Now for the hard part...
 
Wow, I wonder how you'd attach a backdoor to the node. I guess if you run even one port open, your whole system is open. I never actually understood why it wouldn't be?
 
Back
Top