Difference between revisions of "SNOWMAN"
| Line 25: | Line 25: | ||
=== Mainframe? === |
=== Mainframe? === |
||
Who wouldn't want to run an IBM mainframe in their compute environment. I'll put together a (almost) one click deployment tool to build one. |
Who wouldn't want to run an IBM mainframe in their compute environment. I'll put together a (almost) one click deployment tool to build one. |
||
| + | |||
| + | Maybe we'll even get to the point of running it on a machine with a CPU manufactured by IBM. I've got an Apple Xserve G5 for that. |
||
=== Astonishingly encrypted === |
=== Astonishingly encrypted === |
||
Revision as of 06:26, 16 April 2015
SNOWMAN? WTF?
s spiffy n NSA resistant o OpenStack driven w windows-inclusive m mainframe-with-a-click a astonishlingly-encrypted n next-generation-computing-environment
We get a theme song for free this way. And we also get a mascot, even though Olaf is just about my least favorite part of that movie.
Spiffy/scrappy/shiny/whatevs
It'll be cool when it's working. And it's scrappy because it's built entirely from second-hand stuff. As for shiny... it's got some copper, silicon, chromed, and silver painted hardware...
NSA resistant
The idea here is that an adversary with NSA's capabilities will not be able to intercept or corrupt computation within the environment. (Denial of service is another thing, but turning the power off at the panel coming into the house is hard for a residential person to protect against. Lots of solar panels might do it.) Here are the capabilities we'll assume an NSA sort of adversary to have:
OpenStack driven
OpenStack is the leading open cloud platform (as this is being written.) It's also what my employer pays me to work with.
Windows-inclusive
Gotta run on (at least some) Windows. Hyper-V is actually a pretty decent tool.
Mainframe?
Who wouldn't want to run an IBM mainframe in their compute environment. I'll put together a (almost) one click deployment tool to build one.
Maybe we'll even get to the point of running it on a machine with a CPU manufactured by IBM. I've got an Apple Xserve G5 for that.
Astonishingly encrypted
Crypto. Wherever we can cram it in! On the bits written to our disks. On the wires between our compute nodes. Between the VMs and their hypervisors. Between CPUs and RAM (OK, that might be a stretch.) IPSEC, LUKS, BitLocker, SSH, TLS, DNSSEC, and on and on.
Next generation
The hardware may be 2-3 (or more) generations old, but the software is all top notch. And super flexible. And (hopefully) reasonably robust.
SNOWMAN's adversaries
- Universe's trend toward entropy: broken capacitors, unplugged cables, etc. Not a terribly active opponent.
- Human error. Lots of that in the universe, I think.
- Law enforcement sorts who can get warrants to remove hard drives, computers, and other hardware
- NSA or equivalent, able to insert wiretaps on all network communications. Lots and lots of compute available, but no magic ability to factor large prime numbers. No quantum computers of greater than 2 qubits computing capacity.