Questions about running a node

[pat_13b]

Hi,

I posted this topic in the beginners section but didn't receive much advice other than being advised to run a virtual machine. Could you guys help me understand this:

I would like to run a bitcoin node and I'm also considering using bitcoin core 0.15. I feel like they have good development but my understanding is that if every node is running the same software, then it leaves the network vulnerable to attacks if there is a vulnerability in that particular software. So, my questions here are:
1. Should I only run a node if I have an educated opinion about protocol development? i.e. if there is a proposed change and I don't know precisely if the proposal is a good thing for the network, would I be inhibiting the network?
2. Should I consider running node software that ISN'T core, so as to "decentralise" the network in that regard?
3. What are those alternatives called?


My computer is only a relatively new build and I can see no evidence of any viruses,malware etc., however I do use it for general internet browsing and it's basically impossible to know if my computer is infected. If I was to run a bitcoin core node and utilise the core wallet:
 - What procedure do you recommend to scan my computer for viruses/malware? Is a reinstall of windows sufficient? Is it more secure to run linux as a second operating system for this purpose?
 - (although I don't see this scenario occurring for a little while) Is it possible to use the funds in that wallet away from home? (i.e. using a phone app or something?)
 - As I have been advised to use a virtual machine: If my local computer is affected by some type of virus, wouldn't the virtual machine also be vulnerable?

I look forward to hearing from you.
Thanks and kind regards,
Pat

[achow101]

1. Should I only run a node if I have an educated opinion about protocol development?

No. Anyone and everyone should be running nodes.

i.e. if there is a proposed change and I don't know precisely if the proposal is a good thing for the network, would I be inhibiting the network?

Given that most protocol changes are soft forks, you would not be inhibiting the network. If a hard fork were proposed, you should continue running your node until you have studied the hard fork proposal enough to understand what it is doing and its ramifications before you upgrade to software that supports such a hard fork. Having node operators be critical about changes that are happening is a good thing and helps with the Bitcoin network's robustness.

2. Should I consider running node software that ISN'T core, so as to "decentralise" the network in that regard?

You should consider it, but there are very few alternatives to Bitcoin Core.

However different implementations of the consensus rules is not necessarily a good thing. All implementations must be bug-for-bug compatible with each other, and that is unlikely to happen given different implementations and languages. It is likely better for the network for all nodes to be simultaneously taken down (which is what would happen if everyone ran the same software) rather than it partitioned and the blockchain accidentally forked (which could happen with different implementations).

3. What are those alternatives called?

I only know of two other full node implementations: btcd and bcoin.

- What procedure do you recommend to scan my computer for viruses/malware? Is a reinstall of windows sufficient? Is it more secure to run linux as a second operating system for this purpose?

Running a anti-malware scanning software should be sufficient. If you are feeling particularly paranoid, then reinstall your operating system. Note that Windows 10 itself relays a lot of data back to Microsoft, so you should disable those settings.

- (although I don't see this scenario occurring for a little while) Is it possible to use the funds in that wallet away from home? (i.e. using a phone app or something?)

You could set up some sort of remote access (e.g. SSH, Remote Desktop, Teamviewer) and access your computer from your phone to spend your coins.

- As I have been advised to use a virtual machine: If my local computer is affected by some type of virus, wouldn't the virtual machine also be vulnerable?

Generally, no. A virus needs access to your wallet files. With a virtual machine, your wallet files are stored in a virtual machine disk file, which makes it harder for a virus to access the file and steal it. While they could do that, I find it unlikely to happen.

[pat_13b]

Excellent. Thank you for your comprehensive reply.

[aleksej996]

Is it more secure to run linux as a second operating system for this purpose?

It is always more secure to run Linux then Windows. You should definitely upgrade to Linux as soon as you can. You can use a Virtual Machine if you really need some windows program, but you have open source alternatives for almost all software.

As I have been advised to use a virtual machine: If my local computer is affected by some type of virus, wouldn't the virtual machine also be vulnerable?

Achow101 gave a great response to almost all your questions, but I think he misunderstood what you asked here. You asked if infection of your local (I assume you mean, what is called a host) system would leave a virtual machine that is running on the system vulnerable. The answer is yes, absolutely. The protection from a Virtual Machine goes the other way around. If the VM is infected, your host could still be secure, if the VM software doesn't not contain any vulnerabilities.

[meliodas]

In order to become one of the bitcoin community, I believe that one must also have the knowledge about computer or any computer related background for him or her not to have a hard time in using and gaining bitcoin. It needs to be a requirement.

[ranochigo]

Is it more secure to run linux as a second operating system for this purpose?

It is always more secure to run Linux then Windows. You should definitely upgrade to Linux as soon as you can. You can use a Virtual Machine if you really need some windows program, but you have open source alternatives for almost all software.

While Linux is definitely more secure, there really isn't any need to install Windows. For most people, Windows is still more comfortable and easy to use. If you were to ask someone to switch to Linux, the UI and functions would all be vastly different. I don't see a problem as long as you don't run any suspicious apps or go to any random website. If you patch your computer regularly, it would be rather secure, given that Wannacry infections was also due to users not patching their computers.

In order to become one of the bitcoin community, I believe that one must also have the knowledge about computer or any computer related background for him or her not to have a hard time in using and gaining bitcoin. It needs to be a requirement.

I really don't want to go offtopic. I didn't have knowledge about computers nor Bitcoin when I first entered and I learned it through the community here. We are all here to learn. Kindly refrain from commenting if you are not going to address anything in the thread.

[aleksej996]

While Linux is definitely more secure, there really isn't any need to install Windows. For most people, Windows is still more comfortable and easy to use. If you were to ask someone to switch to Linux, the UI and functions would all be vastly different. I don't see a problem as long as you don't run any suspicious apps or go to any random website. If you patch your computer regularly, it would be rather secure, given that Wannacry infections was also due to users not patching their computers.

I would challenge that it is easier for people to use Windows. Every new version of Windows makes users adjust and learn again how to use it and most of the things new versions of Windows implement in their GUI is from Linux distributions. Since Linux distros are usually open source, GUI gets developed by the people, for the people. There is no limitation nor a reason to not have at least one Linux GUI that can be easy for new users to use, just like Windows. And I know that many were developed to look like Windows for people to make a switch, but it proved to be not as important to new users as other advancements that a new different GUI brings. So in short, if there was something good about Windows, Linux would implement it, but if there is something good about Linux, Windows will not implement it is quickly, since they don't make decisions about quality, but what makes them most money. They have a monopoly, so the free market rules don't apply to Windows, but still apply to Linux distros. Windows doesn't have to care about giving better software, they have no competition.

As for the security, there are a lot of 0-days in Windows due to corporate priorities and closed source. And when it comes to Wannacry, a lot of users still use XP, that didn't get the patches as Windows ditched it. You can use Windows very conservatively and still get malware and since you mentioned Wannacry, it is one of the examples. It spread across the LAN network as a worm using exploits discovered by NSA and leaked by ShadowBrokers. The whole structure is broken and hopeless. There shouldn't be a place for closed source software on such a low level like an operating system.

[ranochigo]

Every new version of Windows makes users adjust and learn again how to use it and most of the things new versions of Windows implement in their GUI is from Linux distributions.

But they don't really have to make any changes to their installed programs or any files. Especially for programs with only Windows implementation, some don't run well in Wine and VMs are rather resource intensive.

And I know that many were developed to look like Windows for people to make a switch, but it proved to be not as important to new users as other advancements that a new different GUI brings. So in short, if there was something good about Windows, Linux would implement it, but if there is something good about Linux, Windows will not implement it is quickly, since they don't make decisions about quality, but what makes them most money. They have a monopoly, so the free market rules don't apply to Windows, but still apply to Linux distros. Windows doesn't have to care about giving better software, they have no competition.

I would say that most Linux distros that have been extensively tested do not have the same UI as Windows. It's not easy for people to compile apps from scratch for applications that have not been pre compiled.

As for the security, there are a lot of 0-days in Windows due to corporate priorities and closed source.

Open sourced=/ No exploits. Even if its open sourced, it is still possible to have zero day exploits (Heartbleed).

And when it comes to Wannacry, a lot of users still use XP, that didn't get the patches as Windows ditched it.

Which every user was given a chance to upgrade. It isn't fair to blame Microsoft for not releasing patches for them since they have already dropped the support for a long time.

You can use Windows very conservatively and still get malware and since you mentioned Wannacry, it is one of the examples. It spread across the LAN network as a worm using exploits discovered by NSA and leaked by ShadowBrokers. The whole structure is broken and hopeless. There shouldn't be a place for closed source software on such a low level like an operating system.

A patch was released pretty fast after the exploit. Isn't it up to the user to update it or not?

↓ touché

[aleksej996]

I agree that there are apps only available for Windows obviously, but you do have the alternatives for the most popular ones. There is a huge range of open source programs, it is hard to find things that you don't have an open source program for it. An average user wouldn't have that much trouble switching to Linux and would experience giant safety, privacy and stability improvements. VMs are resource intensive, but again, depends on what you are using it for. I do understand why people that use specific resource intensive tasks on Windows don't switch, but for most of the users, not really a big deal, but a benefit for the society would be huge. It is just marketing that is really keeping users away. After all, there would be a lot more open source programs as well if people used Linux, it is just that it is hard to take over the monopoly, but it is mostly just head games for the most users.

I am not sure what you are talking about compiling apps. My point is that not only are there many alternatives for Windows programs, but there are no GUI problems either, as Windows will implement most of these changes that popular Linux GUIs have anyway, it is just that here you will have the benefits of them first.

Of course that there are many vulnerabilities in open source software, I see many Linux ones, even OpenBSD ones popping up. This is very apparent with the rise of Android, as it is based on Linux and most users are becoming Android users, even taking away from Windows. I wouldn't be surprised that Android has more users then Windows (after all, who doesn't have a smart phone these days) and still it has far less vulnerabilities, even tho it is a lot more interesting for a hacker to have your smart phone then your PC, as it is more used by you then an other device. However, Android is based on Linux and there is no doubt that open source programs, especially Linux, is far more secure then closed source ones. In theory and now with the many years of Android era, in practice as well. Most vulnerabilities in Android end up being in closed sourced apps.

I don't blame Microsoft for anything. I think Bill Gates is dope. I see their place in this industry dieing, it was a good run tho. However, the fact is that the idea is simply bad, the closed sourced OS idea, at least it is for today's standards. It is always users faults, you can't blame even the governments for anything, it is the people that are always the problem, as a whole. Few bad apples can't do much damage, it is the vast majority that is held accountable for everything.

Sure, the patch came out pretty fast, but they are selling two contradictory things with their OS. You can't have both security and the ability to never do anything with your system. The point is that if you want security, Linux is a better option then doing patching your Windows and if you do patch your Windows, then you are having a similar amount of inconvenience as just switching to Linux. It really takes a short time to be adjusted to Linux and you only have to do it once, then you are set for life.

I am obviously not payed by Linux or nothing I can't be, it is an open source project. I can't be closed minded about it as I have used Windows for decades like everybody else that uses Linux. I simply made a switch and it really is a lot better, it is simply the truth. I can't imagine leaving Linux anymore, it is so much better, Windows doesn't even seem like an OS to me anymore. It really doesn't. You have no control over it, you can't do nothing with it. It is like using an online wallet in Bitcoin for me, it is simply not a wallet anymore.