The point I’d like to make here is that Google may be phasing out Windows 7, not because of any inherent security flaws, but that it’s possible that licensing and maintenance costs are the driving factor to phasing out Windows. Perhaps Google feels that it could spend less effort maintaining internal security by using a Linux or Unix-based OS.

Related posts:

1. More on Client Platform Security
2. Google Wave
3. On the Security of Client Platforms

UPDATE: It seems I may be re-evaluating my choice of OpenSolaris vs. Nexenta. I’ve experienced a lot of issues with SMB/CIFS authentication on OpenSolaris, and have not been able to get it to work properly. I’ve also had a reply from a commenter assuring me as to the stability of Nexenta 3. I’ll post again once I’ve re-evaluated my choice of SAN OS.

A few months ago I wrote¹ about a new home server I was setting up. I designed the server from ground up to handle VMware ESXi 4.0. When I built it I did not build in data redundancy, as I had two mismatched drives (a 1.5TB and a 1TB). Also, because I was relatively new to ESXi, I created the datastore with default block sizes, limiting me to 256GB virtual disk file sizes. I used Ubuntu Linux to link the virtual disks together with Logical Volume Manager (LVM), and create one big mount for my data storage. Unfortunately, the 2.5TB volume is now full.

With a full server volume, nothing would seem more obvious than to go out and buy more storage. So, I went out and bought two 1.5TB disks (I don’t believe that 2TB drive sizes have hit the optimal price point yet). On my way home however, I realized that I now have the capacity for almost 5.5TB of storage. If one physical drive were to crash, I would not only lose the data that was on that drive, I would also lose my entire dataset. LVM does not handle missing drives, so the entire logical volume, with all my data on it, would be gone. This is far too much risk, and I decided to build in data redundancy.

With that in mind, I began to consider various options. The motherboard’s BIOS supports RAID 1,0, 10, and 5. Of those options, I would prefer a RAID5 configuration, as it offers the best capacity/redundancy ratio. Unfortunately however, I’ve already got ESXi installed on the existing 1.5TB drive, and the data between it and the second drive must remain intact. I don’t know how well ESXi would handle a sudden BIOS change to a RAID configuration. Also, after some reading, I found that it was likely that drivers would be required in the OS install to support the RAID configuration. There are too many unknown variables to risk my data with a BIOS RAID configuration change.

The next option I considered was a software level RAID5 implementation, one where I’d have a virtual machine handle the RAID5 control. Unfortunately however, this approach also has its drawbacks. RAID5 requires 3 drives of the same size to setup. I have 3 1.5TB drives right now, but one of them is full of data, including my ESXi host install. I would have to create a deteriorated RAID5 array with two drives, install another physical drive for the ESXi host install, import my original ESXi host configuration to the new host install, move my data to the new array, then move the actual client OS virtual disk to the new physical drive. After that point I could wipe the original 1.5TB and add it to the RAID5 array. I would be left with the 1TB to use for other purposes. During this whole process praying that something does not mess up the LVM i the Linux install. All in all, a very messy endeavor. Too much risk, both with the data itself as well as with the host/client OS installations.

Since a RAID configuration seemed to be out, I looked for other ‘outside-the-box’ solutions. Obviously it would have to be a disk/file level solution, as LVM with virtual disks wasn’t going to cut it. Then I remembered looking at ZFS² (a file system format) a couple years ago. ZFS offers great data redundancy for little disk cost, flexibility, compression, good performance, and a host of other things (things most non-technical people wouldn’t care about). The stability of the filesystem has come a long way since I first looked at it (it was more proof of concept at the time), to the point where I would trust my data with it. ZFS seemed to fit my current needs and network conditions perfectly.

Now that I’d decided on ZFS as my new network storage solution, I had to decide how I was going to implement it. Because it was developed by SUN Microsystems, there are licensing quirks that have kept it from being incorporated into the Linux kernel. There is however, an implementation via the FUSE project. I could potentially install it into my Ubuntu media server virtual machine, and have a relatively easy transition. After some investigation however, I felt that ZFS-fuse was still too much of a hack for me to trust my data with.

The only other real ZFS options were FreeBSD, OpenSolaris, and a project called Nexenta³. Nexenta is a Gnome (Ubuntu-like) user land built around the OpenSolaris kernel. This initially attracted me quite a bit, as it seemed to perhaps be the easiest way forward. Two things kept me back however. One, the version of Nexenta that offers deduplication support for ZFS is currently labeled beta. Two, because it was built around the OpenSolaris kernel, there would be a lot more hacking required if I was going to try to replicate my Ubuntu media serving services. At this point I realized that it would be easiest to keep my Ubuntu media server, and just point its data volumes to another VM’s network share, as though the other VM was a SAN. So, I decided that Nexenta was more than I needed, and that it was targeting a different person than I. Add to that the lack of deduplication, and Nexenta was out.

The other two ZFS options were OpenSolaris and FreeBSD. Since I’m a Max OS X (built around BSD Unix) power user, it seemed the most attractive option. On doing some analysis however, it seemed that OpenSolaris had better support and a better-performing ZFS implementation. Consequently, I’ve decided to go the OpenSolaris route for my virtual SAN.

I’ll post Part 2 over the next week or so. Part 2 will cover the actual implementation (still in progress), and some of the challenges encountered.

Related posts:

1. Update re: ESXi & ZFS Storage
2. VMWare ESXi as a Media Server

While an OS itself can be secure as a rock, there is always a human factor involved. Even the most intelligent individual makes foolish decisions and actions at times. It is very difficult to protect the user from him/herself. It is very difficult to explain that some emails requesting their information are legitimate, and others are not. Or that some website popups only look like an application window, and are not to be clicked on.

These days, attackers find information more valuable than random destruction and wreaking havoc among systems. Consequently, the majority of attacks are designed to infiltrate and recover information, while doing their best not to alert the user. After all, why turn off the information hose as long as it’s producing information?

Consequently, one of our primary concerns should be the interaction the user makes with their computing device. If it is not possible to easily educate them on legitimate activities or requests vs. illegitimate ones, make it easy for them to understand how to control what is happening. For instance, even when they provide an administrator password to a seemingly legitimate prompt, there should be no lasting, hard to control activity. For example, an application editing the Windows Registry should not be permitted to alter settings outside the application scope (sandboxing). An educated user is a safer user. We need to do more to educate our users on the safe usage of computers, and teach them how to discern legitimate activity from illegitimate. I also believe that the OS has a place in educating the user to an extent, and providing them with easy to understand control over changes they’ve made/approved.

Windows 7 has improved the control over this particular example, but unfortunately at the expense of user understanding and interaction. Linux, Unix, and OS X on the other hand, sandbox applications and their configurations, requiring minimal administrator level permissions. Consequently, the user has to very explicitly and conscientiously make a decision whenever an application requires an administrator permission level. The controls to manage any permanent changes are very easy to use in OS X. A user deletes an application, and it no longer is capable of executing. There are no core registry changes that the user needs to be concerned about removing. Configurations are in individual text files, specific to each application. I digress however.

I do not run antivirus on my Macs. However, I run a network firewall (LittleSnitch) that informs me of network traffic going in & out. Just because my OS provides fewer attack venues, and is fairly secure, does not protect me from accidentally/foolishly approving a change which will transmit my personal information.

Related posts:

1. On the Security of Client Platforms
2. Google Wave Robots
3. Extracting Exchange Contacts from iPhone

Realizing this, one needs to shift their perception of how to view client platform security. Theoretical analysis is good. However, practical application is what should define security evaluation. Which platform is more secure in practice? Anyone can justify any OS’s security. However, the proof is in the pudding. For example, Unix has been used for government/financial servers for a long time. Windows Server has been used, and I would argue that the Windows servers have proved themselves much more vulnerable over an extended period. Just ask any system administrator.

Take a look at Linux. If there is any platform with serious potential vulnerability, it would be Linux. Since the code is so open, and written by so many uncoordinated, imperfect people, there is vast potential for holes. However, in practical usage, it is one of the most secure platforms available. When holes are found, they are quickly patched by the open source community. Most Linux users are reasonably tech-savvy, and don’t fall for many of the same social engineering tricks that Windows users do. It is arguably a secure platform.

This also leads to another point. The bigger the target, the more attackers will aim at it. Just because you are a smaller target does not mean you are less secure. Even if you are more vulnerable, the fact that you are being attacked less provides security. I for one do not want to be the tank shot at on the battlefield. I’d prefer to be the sniper, vulnerable, but inconspicuous and hardly fired upon.

Articles such as the recent PCWorld piece¹ hyping how the iPhone was first to fall in the PWN2OWN contest, and how the Macs and iPhones are no less vulnerable than Windows, are worthless drivel. One needs to accept that everything can be broken. Even RSA1024 was recently broken². However, the fact that a platform was broken/hacked (by methods devised in the months prior) does not mean it is less secure in practical usage. I have yet to have one of my Mac installations infected or broken, while the Windows 7 install (which I only use to manage home servers or test a site in IE) has been attacked twice, and infected once.

Let’s stop defending our idealistic points and accept reality shall we? Mac, Linux, and Unix are all platforms that can be violated. However, in practical usage, they are more secure than the Microsoft Windows platform.

Related posts:

1. More on Client Platform Security
2. Some Perspective on Google Ditching Windows
3. Linux Alternatives to the iPad

The article makes a number of interesting observations, particularly about hardware manufacturers and suppliers. It also makes mention of a number of upcoming hardware designs and the features they will bring. I’d recommend reading the piece, even if just for the factual knowledge it contains.

I’m afraid however, that I have to disagree with the author. In my opinion, I don’t believe that 2010 is the year of the Linux tablet. As a matter of fact, I don’t think that any Linux device will ever out-iPad the iPad. Linux aficionados have been proclaiming the ‘year of Linux’ on desktops for as far back as I can remember. Every year, every distribution, Linux fans rejoice and proclaim that the end is nigh for Microsoft and Apple domination, and that Linux is going to take over the world. Why? Because they believe that ‘free’ will triumph over commercial.

The author summarizes my perspective exactly (though completely unintended) in a later paragraph, where he says ‘In my opinion, Linux won’t offer this kind of magic. To bring magic like Apple does, Linux and the companies bringing Linux have to act like Apple. That means secrecy, a closed development model, a one-size-fits-all solution and one and only one manufacturer / organization which oversees hardware, software, marketing and the developer community. Not going to happen for free software and Linux!’ If we break down this statement meaningfully, we see that that in order to bring an almost perfect user experience, one needs to have a closed development model, and a single manufacturer designing both the hardware AND software. He continually pushes Android, an flavor of Linux being driven by a company (Google) with a lot of money behind it, and a development structure (management) that is not available in a community driven environment.

The author highlights another perspective I share (again, unintentionally I’m sure), when he states that ‘Android is much more popular, and the magic comes from Google, Google marketing Android at big device manufacturers and the platform being ‘pretty open’. Also, in contrary to my limited view, Google understood the issue about marketing and education. That’s why, in advent of the ballot screen, they ran huge adds outside on busstops, along highways and buildings at least in NL and UK and they even bought their own front page add on free newspapers read by millions of Dutch readers.’ It’s funny how advertising is so important even for something free. He realizes that the idealistic nature of Linux (free) is not merely enough to make people want it. Money (and lots of it) must be spent in order for something to be adopted. Nothing in life is free, and unfortunately, the majority of the Linux community seem to miss that fact.

The author concludes with a short(sighted) paragraph, stating that ‘Android on the tablet will be what Windows was on the desktop. But it will be easier for other Linux to co-exist with Android than with Windows, so for those who like to tinker the feature is pretty bright.’ But I thought that Linux by its very nature was supposed to be open, so that it can coexist easily with everything? Therefore, it shouldn’t be easier to code for Linux rather than Windows. Unfortunately, developers tend to code more for the platforms that make them money (but hey, everything in life should be free right? ), and the majority of developers will tend to code for the Windows desktop OS. Also, I think it is very short-sighted to conclude that Microsoft will not be targeting the tablet market as well.

This post may come across a little bit harsh toward Linux. However, the fact remains that without proper guidance/direction in the development of a Linux tablet OS, and proper marketing, Linux will never succeed. For this ‘free’ operating system to succeed, money, and lots of it, must be spent. The only problem is that it is not the general Linux community who will pay for it. Rather, it will be (is) big corporations (see Google) who fork out tons of money. It just seems that the Linux community does not get this fact, or, if they do, do not care about freeloading the money to support their dream of a ‘free’ OS.

Related posts:

1. Microsoft vs. iPad
2. Apple iPad
3. Thoughts on the iPad

Enter ESXi. Virtualized machines brings me the ability to leave a media server up and running while I add, build, or reconfigure other machines, without the expense of all the hardware. It also brings all those machines into a single console, making it really convenient for me to manage. Along with that, I can now easily allocate more storage to the virtual machine as I have need!

Of course, this presented a problem. There is a lot of data that needed to be migrated. 1TB on the iMac, 320GB + 500GB + 160GB + 160GB on the existing media server, 160GB on the other MacBook Pro, and ~100GB on my MacBook Pro. How do you migrate all this data over? I budgeted for 1 new hard drive, but not more than one.

I purchased new server components (see below) on Boxing Day, and spent about ~$600 on what would have been an ~$830 server.

Components:

• Motherboard: Asus P5Q Pro Turbo
• CPU: Intel E7500 Boxed (mid-late 2009 versions have VT-x, a requirement for 64bit host VM’s)
• Ram: 4GB OCZ DDR2 800
• Hard-drive: WD 1.5TB
• Case: Antec P183
• PSU: Antec TruePower 650 New
• Video Card: Asus EAH4350 (Asus motherboard doesn’t have on-board video)
• NIC: Intel EXPI9301CT (Required, as ESXi 4 didn’t support the integrated Atheros-based NIC)

I began the new ESXi build by assembling the new hardware. As I wasn’t installing from USB and instead opted for the lower-hassle CD installation method, I borrowed a CD drive from my spare hardware box (I also borrowed keyboard/mouse/monitor). When I tried to boot ESXi for the first time, it informed me that the integrated NIC was not compatible. I nipped out to Canada Computers and purchased a new one, and the installation proceeded smoothly from that point on. Once installation was completed, I enabled SSH to ESXi by doing the following:

1. alt-f1 (Note: As pointed out below, you will not see your typing on this screen, just trust us, it is there).
2. unsupported
3. root pw
4. vi /etc/inetd.conf
5. delete the “#” from ssh
6. services.sh restart

I rebooted the machine, and went to my Windows box (no Mac ESXi/vSphere client yet) to manage the server. (If you haven’t installed the vSphere client yet, you can download it by going to your ESXi installation’s IP in your web browser) I setup a new VM for Ubuntu Linux 9.10, allocating 16GB to the VM hard drive, and configuring it with thin provisioning (dynamically expands). All my data would be on a second virtual drive. I then proceeded to install Ubuntu and install all the updates. Now it was time to add space for my data.

It was at this point that I hit a snag. VMware ESXi only supports 256GB virtual disks. I have terabytes of data, so how am I supposed to store all this information?

Enter LVM (Logical Volume Manager). LVM is a great technology that has seen a lot of use in Linux, allowing you to create volumes that span multiple hard-drives/partitions. I added 5 256GB thin provisioned disks to the Ubuntu installation, and proceeded to mount them as a single ext3 volume under /mnt/Shares. I set the volume to auto-mount on reboot in my /etc/fstab file, and proceeded to create the directories inside /mnt/Shares that would serve up my data. You can see a list of my shares below.

• Backup (To be used for Time Machine)
• Data (To be used for miscellaneous data, like eBooks)
• Movies
• Music
• Photos (Will contain an rsync-ed folder of my Adobe Lightroom photos, as well as a folder for miscellaneous images (scans, etc))
• Software (Will contain a copy of my software. I have directories created Windows and Mac, and the respective software in each)
• TV

The next interesting bit. How to actually share these shares. Obviously I don’t want to just open everything up to the world, and I also happen to have a multi-platform environment here, with Windows clients, Mac clients, and my landlord’s Linux clients. I elected to share all the shares using AFP (for my Macs), and the Movies, TV, and Software directories via SMB (for my Windows clients and the Linux clients). I created a user account called ‘main’ for my use, ‘kidd’ for my landlord, and ‘visitor’ for any guests that may be over. All three are password protected. ‘main’ has access to all shares, ‘kidd’ has access to Movies, TV, and Software, and ‘visitor’ has access to Movies and TV.

I shared the AFP shares to my Macs using a custom-compiled version of netatalk, following the great tutorial here. SMB configuration was fairly straightforward, and everything went well. I copied over as much data as possible (from the old server), before running out of disk space. At this point, I copied over data from the iMac 1TB into the now-empty old server, and popped the 1TB drive into the server. At this point I ran into the second snag. ESXi did not want to format the drive! I did some digging, and found that it was due to having been formatted as GUID before (in the Mac). I used dd to wipe out the first and last sectors of the drive, and tried to create a new partition via fdisk as per these instructions. Again, no go. After several attempts, I discovered that immediately after creating the partition table with fdisk, I had to reboot before using the vmkfstools command to create a datastore. After rebooting the server, I was able to format the drive appropriately. I logged into the Windows GUI console and deleted the new datastore. I then added the drive to the existing datastore, and fired up Ubuntu. I created several more 256GB thin-provisioned disks, and added them to the LVM.

I’ve installed ‘forked-daapd’ as a service on Ubuntu. This allows me to open Front Row and select the server as a source. I’ve also ‘tightvncserver’ set to run on startup, and have advertised the service in Avahi/Bonjour. This allows me to see the ‘Share Screen…’ button in OS X finder, and control the MediaServer via Screen Sharing, rather than a dedicated VNC client.

It’s been a great experiment, and now a great production home-media server. I’m looking forward to setting up my lab environment in other VM’s on ESXi. Feel free to leave me any questions/comments below that you might have on the process.

Related posts:

1. ESXi, ZFS, and Home Server Data Storage – Part 1
2. Update re: ESXi & ZFS Storage
3. Thoughts on the iPad