This really is not possible. Everything has to be on the customer's side. I can't explain *why*, but please assume so. Do other Linux based "boxes" (think google enterprise search, tivo, vmware vmtn images ... etc) employ any techniques to protect their stuff from preying eyes ?
On Jan 18, 2008 6:30 PM, Paul Krizak <[EMAIL PROTECTED]> wrote: > If it's a web interface...why not just host the website at your own > office? Why is it necessary that the box be localized on somebody's > internal network? If you're planning to connect it via wifi, then > you're already conceding that bandwidth isn't going to be a huge > concern, so rather than invest in a bunch of boxes that you ship to > remote sites, why not invest that money in a beefy server (perhaps with > Virtualization to containerize the individual servers) and a nice hefty > internet uplink. Then your customers never have to touch the physical > boxes -- their only interface to your code and data is via the web, > which is how you're intending the data to be manipulated anyway. > > Paul Krizak 7171 Southwest Pkwy MS B400.2A > Advanced Micro Devices Austin, TX 78735 > Linux/Unix Systems Engineering Desk: (512) 602-8775 > Silicon Design Division Cell: (512) 791-0686 > > > Ahmed Kamal wrote: > > oh! No, the hardware is *not* my concern. It's the data! Let me quickly > > recap. Let's try points this time > > > > - The Linux system I build will be on someone else's network (mostly > > other potentially hostile companies) > > - The system provides a web interface to a database that users should > > access & use > > - The users should not be able to steal/mount the disk, to dump my > > database or look at my code > > - I know such setup will never be 100% secure, I just need to make > > stealing the data as hard as possible > > > > Hope that's clear. I apologize if I was not too clear earlier > > > > On Jan 18, 2008 5:46 PM, J E <[EMAIL PROTECTED] > > <mailto:[EMAIL PROTECTED]>> wrote: > > > > > > On Jan 18, 2008, at 10:27 AM, John Summerfield wrote: > > > > > Ahmed Kamal wrote: > > >> Perhaps I misused the word "kiosk" and was not clear describing > the > > >> role of > > >> the nodes. They will not be on my network. They will be on > someone > > >> else's > > >> network (some other company, or some other organization). The > nodes > > >> will be > > >> providing network services (Custom databases, accessible through > a > > >> browser), > > >> sometimes some ldap services. > > >> Again, the people around the machine should use it as intended, > no > > >> one > > >> should be able to steal/mount the disk to dump data (at least > not > > >> easily) > > > > > > I think we need better information about the problem you're > trying > > > to solve. > > > > > > Agreed. If your main worry is that the hardware will be stolen, > cheap > > hardware abounds in the marketplace. I'd not invest heavily in > systems > > that aren't going to be monitored - probably better to treat them as > > throwaways if you aren't going to lock them in some form of cabinet. > > And don't rule out hardware terminal servers like those available > from > > HP starting at $200. > > > > If it's the data that you are worried about, the fact that you have > to > > ask how best to protect it should tell you that doing it with local > > storage is probably a very bad idea. > > > > jef > > > > _______________________________________________ > > rhelv5-list mailing list > > rhelv5-list@redhat.com <mailto:rhelv5-list@redhat.com> > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > rhelv5-list mailing list > > rhelv5-list@redhat.com > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > _______________________________________________ > rhelv5-list mailing list > rhelv5-list@redhat.com > https://www.redhat.com/mailman/listinfo/rhelv5-list >
_______________________________________________ rhelv5-list mailing list rhelv5-list@redhat.com https://www.redhat.com/mailman/listinfo/rhelv5-list
