OSDev.org

My understanding of an online OS is portability. Online storage and software, but the client still suplys the computing power.

You have this very basic system on an usb key or simular, which you plug into what ever computer with internet you feel like. Then it figures out the setup of the computer, connects to the server and requires what is needed to get the basic OS running on this specific computer.

Then further on, when you needs fx. a text editor, it requires that and so on.

Basicly, you got your desktop in your pocket and you are not loading a whole lot of stuff that you dont need, before you need it.

I realize that in reality this is no easy task and that there is more to it than this, but as i see it this is the basic concept.

Zacariaz wrote:My understanding of an online OS is portability. Online storage and software, but the client still suplys the computing power.

You have this very basic system on an usb key or simular, which you plug into what ever computer with internet you feel like. Then it figures out the setup of the computer, connects to the server and requires what is needed to get the basic OS running on this specific computer.

Then further on, when you needs fx. a text editor, it requires that and so on.

Basicly, you got your desktop in your pocket and you are not loading a whole lot of stuff that you dont need, before you need it.

I realize that in reality this is no easy task and that there is more to it than this, but as i see it this is the basic concept.

Same here, except you assume that the computer runs AtlantisOS (for my case) but doesn't even know you as a user. You can then use the system physically for computing even though you don't have a local account, with all your global requests. You don't have a separate work account, you login at work, f.ex.

You can of course take along an AtlantisOS installation with programs and data but your applications and data can be stored online - so all you need is the uplink.

The whole idea of having being able to read(word documents, spreadsheets, etc...) and your data from anyway in the world at anytime (if you kept a computer in your back pocket all of the time) is a good idea, but as solar said, I'm worried about, the information getting into the wrong hands,

For example, if you keep identification stuff(i'e like bank account numbers, credit card numbers) in the application (I say application because, it only ever going to be an application not an OS. moreover we still need to 'operate' things like graphics card, keyboards, mouses, etc. locally and in a traditional sence, is not an OS), I can only imagine what terrorist would do with that information.

I used to do alot of 'cracking' and have come to the harsh reality that there is NO modern encryption scheme/algorithm that is 100% secure. People are already figuring out ways to crack electron encryption.

I would NEVER trust my data on someone elses server that can be accessed anywhere. The whole point is to be able to provide high portability through remote connectivity. Even if everyone got a different password hash on the server, it can still be cracked, and if not, it can at least be physically broken into.

I prefer my data within arms reach or behind a lock and key.

The good old 3-attempts-then-you're-banned trick works

This can be flawed though, you could try logging in as all of the admins 3 times so all their accounts become banned and nobody can log in to reset it.

I hate the idea of Web OS's.. Totally unrealistic and trivialize the work involved with creating an actual operating system.

Just a group of silly amateurs using interpreted languages...

oooo ouch. =)
nice right hook to the OOS dever's ego.

MessiahAndrw wrote:The good old 3-attempts-then-you're-banned trick works

This can be flawed though, you could try logging in as all of the admins 3 times so all their accounts become banned and nobody can log in to reset it.

IP ban them then. Or MAC-ban them (if applicable).

Use something that identifies the user and ban that.


As for the everything-is-crackable, every security application is built up from building blocks such as one-way hashes, encryption mechanisms (symmetric and asymmetric) and random number generators, plus a few more specific mechanisms. The trick is that you make it computationally infeasible to retrieve the password, and you make it impossible to circumvent the security.If you have a steel door with a huge lock that is in normal hinges visible on the outside, nobody will bother with the lock.

The problem that makes the "everything is crackable" widespread is that you can't test programs for being secure in this sense, at least, not feasibly.

IP banning is a joke. That's what IP spoofing is used for...

MAC address banning works decent, until the person figures out how to spoof the MAC as well.

and 'one way' hashes have been getting cracked for quite a few years now.

MD5 ring any bells?

01000101 wrote:IP banning is a joke. That's what IP spoofing is used for...

MAC address banning works decent, until the person figures out how to spoof the MAC as well.

and 'one way' hashes have been getting cracked for quite a few years now.

MD5 ring any bells?

How was MD5 cracked? It was reduced to insufficient by a new method of finding collisions and by computers having become a lot faster, with much more memory to boot.

What's the whole point of a hash? Making it computationally infeasible to find a collision but make it very quick to convert any thing into a hash.

IP banning after 3 goes works pretty decently. IP spoofing is detectable.

IP banning truely is a joke -- and you dont need IP spoofing to get around it -- all you have to do is reset your internet connection (which happens quite commonly anyway -- even with an always-on connection)

not to mention that several people are probably using that same IP address (ISPs give multiple people the same IP address, to get around the limited pool of addresses, and at a place of employment, or school, most likely everyone there is using the same IP address...)