[clug] Using Ext2/3/4 filesystem on Windows

[steve jenkin]

George,

Always a good question - thanks for asking. “More than Security” is the short answer.

Some comments below.

All suggestions or war-stories from people that have done this “in anger” most welcome.

Or pointers to people / reports where it’s been done.

cheers
steve


> On 8 Oct 2019, at 17:16, George at Clug via linux <linux at lists.samba.org> wrote:
> 
> Steve,
> 
> What is the issue that you want to solve?
> 
> Is the question about security or about reliability?
> 
> I am not sure what it is that you are asking. 
> 
> You mentioned "security" and when it comes to security three things come to mind for me.
> 1) Nothing is "secure", and never consider anything to be secure, it is just some things are less secure than others.
> 2) People are the biggest security risk, whether intentional or unintentionally. 
> 3) The more people who have access the less secure it is, connect anything to the Internet and every one in the world [who have internet] potentially has access.
> 
> George.

————

George,

I want to experiment with Winders as a VM guest connected to a node-based filesystem.

Why? Because I want to better understand how to do it and the problems surrounding & doing it.

It’s such an obvious ‘fleet’ config, I’ve wondered for some years why it isn’t the norm - even using "Hyper-V”, though Linux or NetBSD offer significant remote control advantages, including “lightweight” and “minimal footprint”.

Specifically POSIX node-style filesystem because:

	- some interesting things are not just possible with nodes, but become very easy to implement.
		DeDupe & snapshots spring to mind.
	- being “Not Microsoft” changes the Attack Surface and provides protections just by breaking the usual software chain.
	- if using SAMBA on a linux instance, a whole different class of logging, monitoring, checking & prevention is possible

It’s not “Security” I’m particularly interested in, there are much richer Design and Admin related fields to explore.

How do you think Google runs millions of machines in 10MW-50MW data centres with such high (apparent) availability and high machine::staff ratios? Nobody has come close before to doing what they do.

AWS proves both “A Good Idea” and “Can be done from scratch by others”.

Can GOOG’s approach be extended to large (100k-1M) fleets of desktops?

Can that same approach allow per-user Customisation, data privacy & access control + logging & audit trails?
How well can that distributed fleet be instrumented and be automatically monitored for “red flags” of any sort?

Can this approach be made immune to “authorised super-user” compromise?
One Rogue Admin can ruin your whole day.
In 1989 “Plan 9” (Bells Labs) had a nice solution to this problem - ‘operators’ were able to backup & restore any data, but couldn’t read or write it, at least on-line. The next step would’ve been checksummed and encrypted off-line data - still an unsolved problem if you add requirement ‘must be able to retrieve data if some key material is lost’.

Why does every Govt Agency maintain its own ICT Desktop Admin team, build its own images and attempt to keep their own patch-version “clean” while they all track the (same) latest exploits & patches? Doesn’t seem warranted or efficient to me.

This is done without any objective measures of group performance using multiple relevant IT & Business measures?
Nobody knows what ‘best practice’ looks like and who’s doing it.
How is that A Good Idea in todays’ 100% reliance on computers, networking and remote data?

With no  full-Govt, 100% coverage Audit possible by the ANAO, that it isn’t done or mentioned is one of Life’s Mysteries to me.
What isn't measured, you can’t examine or improve. 

Thanks very much for your 3-point rundown on “Security”, it’s quite concise and apposite.
Appreciate your time & effort in doing that for me.

I was first cleared to “Top Secret,-ve vet" in 1979.
“Security” is a topic I’ve worked with in detail across many roles & orgs, it’s far from my sole interest though.

“Security” is one of a surprising number of “Dimensions” organisations need to not just do “good enough” on, but get as close to 100% correct as possible - in the same way that Airlines need to be ‘perfect’ across many dimensions simultaneously.

All these various types of ‘event' can be expressed in a common unit of impact or value:

	- Dollars per hour per event

That’s a harder task, but connects with ‘decision makers’ in visceral way.
In 2001 I discovered the power of giving ‘decision makers’ good & accessible real-time insight into systems where their, not my, arses were on the line. In 2 hours, we got a major upgrade approved without a big drama.
The boss knew the data, recognised the problem & its downstream impact himself and made the upgrade happen.
We lucked out in what we asked for - only squeaked through on our Big Day, but didn’t fail - a big win for him & the org.

Computing is a “Performance Discipline” - it requires “doing it for real” to be both competent and knowledgeable.
Same as you’d want in a surgeon, dentist or aircraft pilot… Good practitioners,  not just “knows the theory”.

So, I want to experiment with this config to discover more about doing it - what looks easy from the outside (in blissful ignorance) is _always_ filled with tricky and hard problems when you dig in and actually try to implement…

I’m not going to build & run some massive fleet of Desktops, but at least when I talk about it, I can be informed across the many conflicting requirements and measurement/ control Dimensions.

steve

--
Steve Jenkin, IT Systems and Design 
0412 786 915 (+61 412 786 915)
PO Box 38, Kippax ACT 2615, AUSTRALIA

mailto:sjenkin at canb.auug.org.au http://members.tip.net.au/~sjenkin