[center]Join the NEMwork![/center]
I'm offering my services for installing, tuning, hardening, monitoring, updating, keeping in sync, your NIS on a dedicated server.
I'll be configuring node auto-boot and auto-harvesting at start so that you don't need to do anything if your VPS is rebooted.
I own the infrastructure to monitor if NIS is running and is properly synchronized.
You don't need to trust me or the hoster: with remote harvesting your private key never leaves your computer.
Group buy is possible: one NIS can harvest for more than one account.
Your VPS address will be yourname.nemwork.net so you can easily remember it.
Pricing
Low cost VPS for 0.041 BTC/month
Locations:
Los Angeles (try it: rigel2.nemwork.net)
Zurich
Full speed VPS for 0.064 BTC/month
Locations:
Amsterdam
London
New York
San Francisco
Singapore (try it: rigel6.nemwork.net)
No registration needed: if you are interested just send BTC to 1Q5g6maD5f5bjJeZ1kiY7pEeKsxmZeW9FW and respond in this thread or PM me.
I'm confident node rewarding program will cover the cost: [url=https://forum.ournem.com/general-discussion/proposed-usage-for-unclaimed-socks/]https://forum.ournem.com/general-discussion/proposed-usage-for-unclaimed-socks/
Locations and pricing may change over time.
Obviously, after launch I'll be accepting only NEM 
[center]Join the NEMwork![/center]
I'm offering my services for installing, tuning, hardening, monitoring, updating, keeping in sync, your NIS on a dedicated server.
I'll be configuring node auto-boot and auto-harvesting at start so that you don't need to do anything if your VPS is rebooted.
I own the infrastructure to monitor if NIS is running and is properly synchronized.
You don't need to trust me or the hoster: with remote harvesting your private key never leaves your computer.
Group buy is possible: one NIS can harvest for more than one account.
Your VPS address will be yourname.nemwork.net so you can easily remember it.
Pricing
Low cost VPS for 0.041 BTC/month
Locations:
Los Angeles (try it: rigel2.nemwork.net)
Zurich
Full speed VPS for 0.064 BTC/month
Locations:
Amsterdam
London
New York
San Francisco
Singapore (try it: rigel6.nemwork.net)
No registration needed: if you are interested just send BTC to 1Q5g6maD5f5bjJeZ1kiY7pEeKsxmZeW9FW and respond in this thread or PM me.
I'm confident node rewarding program will cover the cost: [url=https://forum.ournem.com/general-discussion/proposed-usage-for-unclaimed-socks/]https://forum.ournem.com/general-discussion/proposed-usage-for-unclaimed-socks/
Locations and pricing may change over time.
Obviously, after launch I'll be accepting only NEM
Interesting.
I've actually joked about hosting NIS becoming an actual business model but it seems it's actually happening 
Prices seem very reasonable as their about what a VPS costs anyway, even if noone is maintaining it for you.
2 things:
1. Could you maybe give a bit of background about yourself ? Like are you a sysadmin by trade ?
2. People WILL have to trust you regardless of you not having access to their priv-keys. It is true that you can't steal their funds because you simply won't have access to their accounts BUT you could feed them wrong data (txs that really don't exist for example) which could very well lead to losses.
Can't wait to see how this turns out !
1. Could you maybe give a bit of background about yourself ? Like are you a sysadmin by trade ?
I'm a happy Linux user since 1995 and a professional system administrator since 2005.
I passed RHCSA and RHCE Red Hat certification exams; I gave proof of it to Rockethead.
I'm an initial stakeholder of NEM and I'm testing the software since august; I also discovered a critical bug: https://forum.ournem.com/alpha-launch-discussion/duplicated-transactions/
I published the safe way to run NIS and NCC (one user per service) and to start them automatically at boot: https://forum.ournem.com/technical-discussion/secure-nis-and-ncc-setup-on-linux/
I encountered different problems in this months on my VPS and I've developed scripts and strategies to monitor and solve them automatically or semi-automatically.
In particular, I've studied remote harvesting and wrote a description of it before developers disclosed much details about it: https://forum.ournem.com/technical-discussion/nis-restart-remote-harvesting/msg8904/#msg8904
I know how to capture remote harvesting keys and how to configure NIS to automatically start harvesting with them after a restart.
I'm not asking for community funds; I think my future customers will get node rewards and my fees will be covered by it.
Anyway my fees are just a couple of euro more than the price of the VPS asked by the hoster; my first goal is helping people who want to run their own NIS but have no skills to do it.
Rockethead knows my real name... If I scam you, ask him.
2. People WILL have to trust you regardless of you not having access to their priv-keys. It is true that you can't steal their funds because you simply won't have access to their accounts BUT you could feed them wrong data (txs that really don't exist for example) which could very well lead to losses.
You are right; I see no way to avoid it.
Thanks for the offer, we'll definitely think about that.
2. People WILL have to trust you regardless of you not having access to their priv-keys. It is true that you can't steal their funds because you simply won't have access to their accounts BUT you could feed them wrong data (txs that really don't exist for example) which could very well lead to losses.
You are right; I see no way to avoid it.
Customers could check a block explorer (or any other indepentend "NIS source") to make sure you don't fake stuff. This could be automated, too.
Interesting.
I've actually joked about hosting NIS becoming an actual business model but it seems it's actually happening :)
Prices seem very reasonable as their about what a VPS costs anyway, even if noone is maintaining it for you.
2 things:
2. People WILL have to trust you regardless of you not having access to their priv-keys. It is true that you can't steal their funds because you simply won't have access to their accounts BUT you could feed them wrong data (txs that really don't exist for example) which could very well lead to losses.
this is why i think allowing users to input multiple IP addresses could be of huge benefit. you connect to one NIS and NCC checks that
nis against two others. if the data of one is incorrect, NCC switches to one of the other two until the 3rd is correct. if 2 of 3 dont match, NCC disallows transactions unless you manually allow one of them. also you have the benefit that if your main one goes offline, you have two back ups.
Yes, as we discussed that on telegram, this is the best way to do it, but it means that there have to be several public NIS services.
The more sophisticated and convenient remote NIS becomes the less incentive there is for people to run NIS or themselves which weakens the network. It's a great feature and unfortunately still necessary for things like mobile apps but we have to keep in mind that people are supposed to give back to the network as well and not just consume it.
This is epsecially for people running with desktops and latptops that can easily handle NIS + NCC. You can't runna full node on a mobile device, that's just not an option so you have to use a remote one. But where you can run it people should run it.
The more sophisticated and convenient remote NIS becomes the less incentive there is for people to run NIS or themselves which weakens the network. It's a great feature and unfortunately still necessary for things like mobile apps but we have to keep in mind that people are supposed to give back to the network as well and not just consume it.
This is especially for people running with desktops and latptops that can easily handle NIS + NCC. You can't runna full node on a mobile device, that's just not an option so you have to use a remote one. But where you can run it people should run it.
as long as the majority set up their own nis, or lease their own dedicated nis, it shouldnt be a problem right? and if there is only 1 nis for every 3 people using nem would the network not still be fairly rock solid? its estimated that there are between what, 500k-2m people using bitcoin and only around 5-6k nodes right?.. if bitcoin were to run on a 3 users to one node basis, would that not mean there would be an order of magnitude more nodes than there are currently?
i can see a point in the future where "nis sharing" becomes a thing.. where 1 person is incentavized to "lend" out their nis to two other people, for instance, mobile app users.
i can see a point in the future where "nis sharing" becomes a thing.. where 1 person is incentavized to "lend" out their nis to two other people, for instance, mobile app users.
You have no easy way to lend out your NIS only to selected people. If your NIS is accessible from others, it is accesslible by anyone.
You can only decide the key your node is booted with and the keys that will harvest with your node.
@pat:
I think the people with high amount of NEM will always rather run their own NIS. And the people who want to try it out or use it not often will use remote NIS. Im not afraid. But of course we have to make sure the network is strong enough.
And For the mobile app it really should be implemented to always check more than one NIS. That is a great way to run a thin client and still be secure. Awesome!
@rigel:
That is true. So we need to implement some kind of optional authentication.
@pat:
I think the people with high amount of NEM will always rather run their own NIS. And the people who want to try it out or use it not often will use remote NIS. Im not afraid. But of course we have to make sure the network is strong enough.
And For the mobile app it really should be implemented to always check more than one NIS. That is a great way to run a thin client and still be secure. Awesome!
@rigel:
That is true. So we need to implement some kind of optional authentication.
You can't put any kind of wall infront of a nis or it becomes worthless not only to an ncc that want's to use it but to the entire network (much like when port 7890 is closed)
I don't think the first iteration of the app will check multiple NIS but ways to make it more secure can surely be talked about for further releases.
Normal talking to a NIS (getting blockchain information etc. - the normal p2p stuff) =/= connecting a NCC to it, right?
You also can configure the number of NCCs which are allowed to connect, right? So why shouldn't there be a way to have an authentication in front of it when you want to connect an NCC to NIS?
I think the first iteration of the app SHOULD check multiple NIS. More security from the beginning on = less scam = less FUD for NEM.
Normal talking to a NIS (getting blockchain information etc. - the normal p2p stuff) =/= connecting a NCC to it, right?
No, not right. At least not necessarily. A core dev would have to answer for specifics but using a remote NIS isn't really "connecting" to a NIS. You just use that NIS for calls instead of your local one. Those calls will prob be different from the calls that are used to disitrbute information over the network but I wouldn't be 100% sure about it.
You also can configure the number of NCCs which are allowed to connect, right? So why shouldn't there be a way to have an authentication in front of it when you want to connect an NCC to NIS?
I think the first iteration of the app SHOULD check multiple NIS. More security from the beginning on = less scam = less FUD for NEM.
Let's assume for a second that ncc uses totally different calls than what is used for normal operation of the network i.e. distributing information (or not) - totally possible I'm just saying I wouldn't be so sure about it.
It's not THAT easy to put a proper authentication infront of a subset of an API especially if there is no authentication system at all to begin with. It's not rocket science but it's still a lot of work. Work that would currently be better utilized elsewhere.
I understand that some problems sound super simple and so do the solutions "just query multiple NIS", "just put authentication infront of it" but the reality is often a little different especially in this field.
Something else.
The idea of putting authentication infront of NIS is imho not a good one in general. You fire up the app and you can't do squat unless you've already "rented" a NIS somewhere ? How worthless of an app will that be ?
I suppose there would then be something like "Use a payed NIS to make sure you're safe" (which isn't even true because you can pay to get scammed).
Best way for now imho is to give users a list of NIS to select from and make them aware of the implications. It's not ideal or secure but it's what we're working with right now. p2p just isn't ready for mobile yet, at least notif you're dealing with this amount of data and crapy networks all over the world.
Let's assume for a second that ncc uses totally different calls than what is used for normal operation of the network i.e. distributing information (or not) - totally possible I'm just saying I wouldn't be so sure about it.
It's not THAT easy to put a proper authentication infront of a subset of an API especially if there is no authentication system at all to begin with. It's not rocket science but it's still a lot of work. Work that would currently be better utilized elsewhere.
A second thought: it is possible to limit some APIs using a transparent reverse proxy (DNAT + nginx), but I don't know how NIS will behave seeing all incoming connections coming from local IP address.
My point is: I think it would be very selfish to do so... You will be earning NEM from your NIS by node rewarding program, why cant you consider it a public utility and let everyone use it?
Let's assume for a second that ncc uses totally different calls than what is used for normal operation of the network i.e. distributing information (or not) - totally possible I'm just saying I wouldn't be so sure about it.
It's not THAT easy to put a proper authentication infront of a subset of an API especially if there is no authentication system at all to begin with. It's not rocket science but it's still a lot of work. Work that would currently be better utilized elsewhere.
A second thought: it is possible to limit some APIs using a transparent reverse proxy (DNAT + nginx), but I don't know how NIS will behave seeing all incoming connections coming from local IP address.
My point is: I think it would be very selfish to do so... You will be earning NEM from your NIS by node rewarding program, why cant you consider it a public utility and let everyone use it?
That actually reminds me...there are some calls already that only avaiable localy. Together with the fact that you can add "local" ips on the configuration file that would actually be a way to limit calls to specific nodes (as long as IP is known and static).
So possiblity is theoretically there but would need to be extended.
I'm with rigel though, NIS should be open and public.
And this is already possible because you can configure how many NCCs are allowed to connect...
Btw: I read that it is possible, but does anybody know how? :)
And this is already possible because you can configure how many NCCs are allowed to connect...
Btw: I read that it is possible, but does anybody know how? :)
C:\Users\<yourUserName>\Desktop\package\nis\config.properties
# NIS configuration (remove bold hashes to autoboot. change private key to change account that boots the node.)
#nis.bootKey = #0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
#nis.bootName = kodtycoon
# Maximum number of unlocked accounts.
# Keep the value within sane range, too big might cause problems for all harvesting accounts.
nis.unlockedLimit = 3 << change that to allow x connections to your nis. set one if you only want yourself to be able to connect. iirc, bloodyrookie mentiond before that it can go higher than 3 but its better for the network if 3 is the limit.
Ok I thought that this is it, but for my cubie this is set to 1 (nis.unlockedLimit = 1) but still other people could connect to my NIS and use it for doing transactions. So… is that a bug?