mirror of
https://github.com/Ownercz/ssme-thesis.git
synced 2024-09-28 20:17:26 +02:00
Compare commits
31 Commits
Author | SHA1 | Date | |
---|---|---|---|
733d6fc55d | |||
d1dce3d75e | |||
4902cf5f58 | |||
c49235b213 | |||
9efa8db6c0 | |||
d287f1329c | |||
02a9c364c0 | |||
94536ff0ad | |||
87c3906d1e | |||
65b2309c38 | |||
f4e8e9f216 | |||
806c0f0bfc | |||
727efc771a | |||
51984f8c5b | |||
f7b18cede6 | |||
7d97e246a9 | |||
381653398b | |||
3c91fd184d | |||
b7eafdcf1c | |||
860b969e56 | |||
51c60f2015 | |||
c7db0ec104 | |||
156f7b4398 | |||
a258f2bc62 | |||
e0a7df8383 | |||
06665d5675 | |||
795999560d | |||
40b64c16d8 | |||
7d8708e8b2 | |||
538d4e5701 | |||
bb0bf203eb |
4
.gitignore
vendored
4
.gitignore
vendored
@ -24,7 +24,9 @@
|
|||||||
|
|
||||||
## Generated if empty string is given at "Please type another file name for output:"
|
## Generated if empty string is given at "Please type another file name for output:"
|
||||||
Thesis.pdf
|
Thesis.pdf
|
||||||
|
is_tisk.pdf
|
||||||
|
Prohlaseni_autora_skolniho_dila_v3.pdf
|
||||||
|
Thesis-print.pdf
|
||||||
## Bibliography auxiliary files (bibtex/biblatex/biber):
|
## Bibliography auxiliary files (bibtex/biblatex/biber):
|
||||||
*.bbl
|
*.bbl
|
||||||
*.bcf
|
*.bcf
|
||||||
|
31
Thesis.bib
31
Thesis.bib
@ -172,6 +172,14 @@ Protocol
|
|||||||
urldate = {2018-07-12}
|
urldate = {2018-07-12}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@inproceedings{javarone2018bitcoin,
|
||||||
|
author = {Javarone, Marco and Steven Wright, Craig},
|
||||||
|
year = {2018},
|
||||||
|
month = {06},
|
||||||
|
pages = {77-81},
|
||||||
|
title = {From Bitcoin to Bitcoin Cash: a network analysis},
|
||||||
|
doi = {10.1145/3211933.3211947}
|
||||||
|
}
|
||||||
|
|
||||||
@online{moneroalternativezcash,
|
@online{moneroalternativezcash,
|
||||||
author = {Zcash},
|
author = {Zcash},
|
||||||
@ -266,6 +274,13 @@ Protocol
|
|||||||
urldate = {2018-07-22}
|
urldate = {2018-07-22}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@book{dannen2017introducing,
|
||||||
|
title={Introducing Ethereum and Solidity},
|
||||||
|
author={Dannen, Chris},
|
||||||
|
year={2017},
|
||||||
|
publisher={Springer}
|
||||||
|
}
|
||||||
|
|
||||||
@article{noether2015ring,
|
@article{noether2015ring,
|
||||||
title={Ring Signature Confidential Transactions for Monero.},
|
title={Ring Signature Confidential Transactions for Monero.},
|
||||||
author={Noether, Shen},
|
author={Noether, Shen},
|
||||||
@ -308,6 +323,14 @@ Protocol
|
|||||||
urldate = {2018-07-22}
|
urldate = {2018-07-22}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@online{coinmetricsiocharts,
|
||||||
|
title={Network Data Charts},
|
||||||
|
author={CoinMetrics.io - Open source cryptoasset analytics},
|
||||||
|
year={2018},
|
||||||
|
url = {https://coinmetrics.io/charts},
|
||||||
|
urldate = {2018-07-22}
|
||||||
|
}
|
||||||
|
|
||||||
@online{seguias2018moneroa,
|
@online{seguias2018moneroa,
|
||||||
title={Monero’s Building Blocks Part 9 of 10--RingCT and Anatomy of Monero Transactions},
|
title={Monero’s Building Blocks Part 9 of 10--RingCT and Anatomy of Monero Transactions},
|
||||||
author={Seguias, Bassam El Khoury},
|
author={Seguias, Bassam El Khoury},
|
||||||
@ -484,6 +507,14 @@ isbn={978-989-758-209-7},
|
|||||||
organization={Springer}
|
organization={Springer}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@article{jaureguizar2018cryptocurrency,
|
||||||
|
title={The cryptocurrency market: A network analysis.},
|
||||||
|
author={Jaureguizar Franc{\'e}s, Carlos and Grau-Carles, Pilar and Jaureguizar Arellano, Diego},
|
||||||
|
journal={ESIC Market. Economic \& Business Journal},
|
||||||
|
volume={49},
|
||||||
|
number={3},
|
||||||
|
year={2018}
|
||||||
|
}
|
||||||
|
|
||||||
@online{monerolang2018,
|
@online{monerolang2018,
|
||||||
author = {ErCiccione},
|
author = {ErCiccione},
|
||||||
|
333
Thesis.tex
333
Thesis.tex
@ -50,13 +50,13 @@
|
|||||||
author = Bc. Radim Lipovčan,
|
author = Bc. Radim Lipovčan,
|
||||||
gender = m,
|
gender = m,
|
||||||
advisor = RNDr. Vlasta Šťavová,
|
advisor = RNDr. Vlasta Šťavová,
|
||||||
title = {Monero usage and mining from usable security view},
|
title = {Monero usage and mining from usable security point of view},
|
||||||
TeXtitle = {Monero usage and mining from usable security view},
|
TeXtitle = {Monero usage and mining from usable security point of view},
|
||||||
keywords = {Monero, usable security, cryptocurrency, mining, blockchain, Ansible, user research},
|
keywords = {Monero, usable security, cryptocurrency, mining, blockchain, Ansible, user research},
|
||||||
TeXkeywords = {Monero, usable security, cryptocurrency, mining, blockchain, Ansible, user research},
|
TeXkeywords = {Monero, usable security, cryptocurrency, mining, blockchain, Ansible, user research},
|
||||||
}
|
}
|
||||||
\thesislong{abstract}{
|
\thesislong{abstract}{
|
||||||
The goal of this thesis is to map ways of usage and mining the Monero cryptocurrency from a usable security view. The thesis also focuses on delivering best practices guidelines for typical users as well as more technically focused miners. 113 respondents participated in the user research that provided data about Monero usage habbits, technical background and wallet security. Based on this data, I created a detailed user guideline for user friendly and secure usage of the Monero cryptocurrency including key management and backup strategy. 60 miners participated in the Monero miners research that provided data about mining operations worldwide. Based on the miners data, I created a guide for an automated deployment of mining rigs using Ansible for Windows and Linux with emphasis on configuration management and regular security updates.
|
The goal of this thesis is to map ways of usage and mining the Monero cryptocurrency from a usable security view. The thesis also focuses on delivering best practices guidelines for typical users as well as more technically focused miners. 113 respondents participated in the user research that provided data about Monero usage habits, technical background, and wallet security. Based on this data, I created a detailed user guideline for user-friendly and secure usage of the Monero cryptocurrency including key management and backup strategy. 60 miners participated in the Monero miners research that provided data about mining operations worldwide. Based on the miners data, I created a guide for automated deployment of mining rigs using Ansible for Windows and Linux with emphasis on configuration management and regular security updates.
|
||||||
}
|
}
|
||||||
\thesislong{thanks}{ I would like to thank my supervisor RNDr. Vlasta Šťavová for her guidance, valuable advice, suggestions and support during writing this thesis.
|
\thesislong{thanks}{ I would like to thank my supervisor RNDr. Vlasta Šťavová for her guidance, valuable advice, suggestions and support during writing this thesis.
|
||||||
}
|
}
|
||||||
@ -294,18 +294,20 @@ The goal of this thesis is to map ways of usage and mining the Monero cryptocurr
|
|||||||
\begin{document}
|
\begin{document}
|
||||||
|
|
||||||
\chapter{Introduction}
|
\chapter{Introduction}
|
||||||
Monero project offers a decentralized and anonymous open-source cryptocurrency with regular update cycle that does not limit the user to use certain software or hardware. With such an open approach, it is often difficult for users to keep up and be aware of many choices on the client side, that can be either good or bad for them.
|
Monero project offers a decentralized and anonymous open-source cryptocurrency with a regular update cycle that does not limit the user to use certain software or hardware. With such an open approach, it is often difficult for users to keep up and be aware of many choices on the client side, that can be either good or bad for them. %ok
|
||||||
|
|
||||||
As cryptocurrency usage is rising in general, it is also more and more frequent to encounter malicious sites or software developers that aim to take control over users funds to gain an easy profit. This thesis focuses on the Monero usage and mining from usable security view to explain the current state in the Monero ecosystem and reflect the real world usage data from both users and miners surveys.
|
As cryptocurrency usage is rising in general, it is also more and more frequent to encounter malicious sites or software developers that aim to take control over users funds to gain an easy profit. This thesis focuses on the Monero usage and mining from usable security view to explain the current state in the Monero ecosystem and reflect the real-world usage data from both users and miners surveys. %ok
|
||||||
|
|
||||||
Even for regular users, the Monero learning journey usually starts with Monero features, history and development cycle as it is important to be at least familiar with the bi-annual release cycle which stands out when compared to other cryptocurrencies.% as there is a the difference between the scheduled network upgrade and cryptocurrency fork as opposed to other cryptocurrencies. %in the general meaning as well as the reason why the upgrade is done in the first place. %Main features as with each update Monero is together with competitiors and important security problems in the Monero network.x
|
The goal of this thesis is to map usage habits of Monero cryptocurrency users and miners from both technological as well as security view. Another goal is to create a detailed user guideline for user-friendly and secure usage of the Monero cryptocurrency including key management and backup strategy. For miners, the goal is to implement an automated deployment of mining rigs using one of the popular configuration management tools.
|
||||||
|
|
||||||
Moving into the client side of the Monero, thesis describes a detailed overview of wallet and its types, as well as ways how attack the wallet, followed by transaction features in the Monero and problems in Monero environment from both Monero network and Monero malware sides.
|
To find an answer to such research questions and to get real world usage data, I conducted a Monero User Research survey in which 113 participants shared their habits regarding Monero cryptocurrency. Based on the survey results and IT industry practices I proposed a Monero usage and storage best practices guide that covers the key generation, wallet management, and a secure backup scheme.
|
||||||
|
|
||||||
To get a real world usage data, I conducted a Monero User Research survey in which 113 participants shared their habbits regarding Monero cryptocurrency. Based on the survey results and IT industry practices I proposed a Monero usage and storage best practices guide that covers key generation, wallet management and a secure backup scheme.
|
|
||||||
|
|
||||||
Aside from clients, key parts of Monero are also miners and Monero network itself. As miners are the ones who verify transactions and keep the network running, it was important to describe the mining software and categories which are later used in the Monero Miners Research survey. In the survey, 60 miners shared technical information about their current mining setups. This was later reflected in the proposed guide for designing secure mining environment in which the automation was the main aspect.
|
Aside from clients, key parts of Monero are also miners and Monero network itself. As miners are the ones who verify transactions and keep the network running, it was important to describe the mining software and categories which are later used in the Monero Miners Research survey. In the survey, 60 miners shared technical information about their current mining setups. This was later reflected in the proposed guide for designing secure mining environment in which the automation was the main aspect.
|
||||||
|
|
||||||
|
The thesis describes a detailed overview of wallet and its types, as well as ways how to attack the wallet, followed by transaction features in the Monero and problems in Monero environment from both Monero network and Monero malware sides.
|
||||||
|
|
||||||
|
The thesis is divided into 10 Chapters. The first three Chapters describe Monero cryptocurrency, its development cycle, transactions in the network, wallets, multisig together with cryptocurrency competitors, problems in Monero environment and overall Monero use case. The fifth and sixth Chapters describe the Monero User Research, its results and propos a detailed guideline for best practices in Monero usage and storage. The eight and ninth Chapters describe the Monero Miners Research, its results and the design of the secure mining environment. The last Chapter covers the final conclusion.
|
||||||
|
|
||||||
|
|
||||||
\iffalse
|
\iffalse
|
||||||
Information security in cryptocurrency environment is an important aspect that differentiates its users into two groups. Those who have direct control over their funds, wallets and private keys and those who do not.
|
Information security in cryptocurrency environment is an important aspect that differentiates its users into two groups. Those who have direct control over their funds, wallets and private keys and those who do not.
|
||||||
@ -355,7 +357,7 @@ Next part of the thesis focuses on the mining side of the Monero, starting with
|
|||||||
%% místo xarchiv dát přímo odkaz na publikaci
|
%% místo xarchiv dát přímo odkaz na publikaci
|
||||||
%%
|
%%
|
||||||
%% Zpracování dat
|
%% Zpracování dat
|
||||||
%% 1. číštění dat, celkově , plně uvedeno vyplněno
|
%% 1. číštění dat, celkově, plně uvedeno vyplněno
|
||||||
%% podívat se na čas správně vyplněných
|
%% podívat se na čas správně vyplněných
|
||||||
%% právě jednou pomocí cookies, projít geolokaci dle ipiny
|
%% právě jednou pomocí cookies, projít geolokaci dle ipiny
|
||||||
|
|
||||||
@ -364,11 +366,11 @@ This Chapter is aimed as a starting point that explains terms and technology tha
|
|||||||
|
|
||||||
\textbf{Cryptocurrency} is a digital currency that is designed to use cryptography to secure and verify its transactions. Cryptocurrencies are decentralized as opposed to traditional money transaction systems used in the banks. Decentralization is established by using distributed blockchain that functions as a transaction database within the currency. First cryptocurrency available was Bitcoin \cite{farell2015analysis}.
|
\textbf{Cryptocurrency} is a digital currency that is designed to use cryptography to secure and verify its transactions. Cryptocurrencies are decentralized as opposed to traditional money transaction systems used in the banks. Decentralization is established by using distributed blockchain that functions as a transaction database within the currency. First cryptocurrency available was Bitcoin \cite{farell2015analysis}.
|
||||||
|
|
||||||
\textbf{Altcoin} is a term used for every cryptocurrency that is not Bitcoin as it is a direct concurrent for the first of the cryptocurrency.
|
\textbf{Altcoin} is a term used for every cryptocurrency that is not Bitcoin.
|
||||||
|
|
||||||
The \textbf{fork} happens when developers create a copy of existing project codebase and start their path of development with it.
|
\textbf{The fork} happens when developers create a copy of existing project codebase and start their path of development with it.
|
||||||
|
|
||||||
\textbf{The market Cap} is a total value of cryptocurrency that refers to the total number of emitted coins multiplied by the value of the coin.
|
\textbf{The market capitalization} (market cap) is a total value of cryptocurrency that refers to the total number of emitted coins multiplied by the value of the coin.
|
||||||
|
|
||||||
\textbf{The blockchain} is a technology responsible for storing every transaction that has ever been processed in the cryptocurrency, also often called as a ledger. The main purpose of the blockchain is to ensure the validity of completed transactions.
|
\textbf{The blockchain} is a technology responsible for storing every transaction that has ever been processed in the cryptocurrency, also often called as a ledger. The main purpose of the blockchain is to ensure the validity of completed transactions.
|
||||||
|
|
||||||
@ -395,7 +397,7 @@ Meaning that every single digital transaction and the exact number of coins in u
|
|||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\section{Origin and the main focus}
|
\section{Origin and the main focus}
|
||||||
Monero started its way by forking from Bytecoin, which was proof-of-concept cryptocurrency that used as first of its kind protocol called CryptoNote. CryptoNote was published by the start of the year 2014 \cite{githubbytecoin}.
|
Monero (XMR) started its way by forking from Bytecoin, which was proof-of-concept cryptocurrency that used as first of its kind protocol called CryptoNote. CryptoNote was published by the start of the year 2014 \cite{githubbytecoin}.
|
||||||
|
|
||||||
Although Bytecoin had a promising protocol aimed at privacy, there was a problem with premine, meaning that cryptocurrency at the time of publishing had already 82\% of the coins already emitted \cite{fluffyponyonbytecoin}. That was the reason why people interested in anonymous cryptocurrencies decided to create a Bytecoin fork under the name of BitMonero \cite{bitmonero}.
|
Although Bytecoin had a promising protocol aimed at privacy, there was a problem with premine, meaning that cryptocurrency at the time of publishing had already 82\% of the coins already emitted \cite{fluffyponyonbytecoin}. That was the reason why people interested in anonymous cryptocurrencies decided to create a Bytecoin fork under the name of BitMonero \cite{bitmonero}.
|
||||||
|
|
||||||
@ -431,7 +433,8 @@ To compare different cryptocurrency projects, market capitalization (market cap)
|
|||||||
\captionof{table}{Monero features in Top 5 cryptocurrencies.}
|
\captionof{table}{Monero features in Top 5 cryptocurrencies.}
|
||||||
\label{table:monero-top5}
|
\label{table:monero-top5}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
As can be seen from data in the Table \ref{table:monero-top5}, coins that are most popular by market cap metrics, are not centered around privacy. Altought it is often believed that using cryptography means anonymity, it isn't true in most cryptocurrencies especially in Bitcoin \cite{conti2018survey}.
|
As can be seen from data in the Table \ref{table:monero-top5}, coins that are most popular by market cap metrics, are not centered around privacy \cite{conti2018survey,domingues2018allvor,dannen2017introducing,javarone2018bitcoin,
|
||||||
|
jaureguizar2018cryptocurrency,miller2017empirical,coinmetricsiocharts}. Altought it is often believed that using cryptography means anonymity, it isn't true in most cryptocurrencies especially in Bitcoin \cite{conti2018survey}.
|
||||||
|
|
||||||
XRP and EOS are in a unique position compared to typical cryptocurrency as they offer a crypto platform with contracts, so privacy implementation and fungibility varies from contract to contract \cite{domingues2018allvor}.
|
XRP and EOS are in a unique position compared to typical cryptocurrency as they offer a crypto platform with contracts, so privacy implementation and fungibility varies from contract to contract \cite{domingues2018allvor}.
|
||||||
%Zdroj transaction volume: https://bitinfocharts.com/monero/
|
%Zdroj transaction volume: https://bitinfocharts.com/monero/
|
||||||
@ -443,7 +446,7 @@ XRP and EOS are in a unique position compared to typical cryptocurrency as they
|
|||||||
\newpage
|
\newpage
|
||||||
\section{Monero competitors}
|
\section{Monero competitors}
|
||||||
\label{sec:monero-timeline}
|
\label{sec:monero-timeline}
|
||||||
Monero is not the only cryptocurrency that aims at privacy and privacy features, and there are many privacy coins already in existence. Most similar to Monero is ByteCoin from which Monero was forked, but is overall unpopular due to 82\% premine. A viable alternative to Monero offers its fork Aeon that is more lightweight as opposed to Monero with slightly fewer privacy features.
|
Monero is not the only cryptocurrency that aims at privacy and privacy features, and there are many privacy coins already in existence. Most similar to Monero is ByteCoin from which Monero was forked, but is overall unpopular due to 82\% premine. A viable alternative to Monero offers its fork Aeon that is more lightweight as opposed to Monero with slightly fewer privacy features. Monero cryptocurrency compared to its competitors is in the Table \ref{table:monero-alternatives}.
|
||||||
|
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\centering
|
\centering
|
||||||
@ -514,8 +517,8 @@ Monero development cycle is based on planned network updates that occur every si
|
|||||||
\ytl{09.21.2016}{Monero v3 - transactions are split into smaller amounts}
|
\ytl{09.21.2016}{Monero v3 - transactions are split into smaller amounts}
|
||||||
\ytl{01.05.2017}{Monero v4 - the concurrent run of normal and RingCT transactions}
|
\ytl{01.05.2017}{Monero v4 - the concurrent run of normal and RingCT transactions}
|
||||||
\ytl{04.15.2017}{Monero v5 - block size update and fee algorithm adjustments}
|
\ytl{04.15.2017}{Monero v5 - block size update and fee algorithm adjustments}
|
||||||
\ytl{09.16.2017}{Monero v6 - RingCT forced on the network with ring size => 5}
|
\ytl{09.16.2017}{Monero v6 - RingCT forced on the network with ring size set to 5}
|
||||||
\ytl{04.06.2018}{Monero v7 - change of CryptoNight mining algorithm to prevent ASIC on the network, ring size set to =>7}
|
\ytl{04.06.2018}{Monero v7 - change of CryptoNight mining algorithm to prevent ASIC on the network, ring size set to set to 7}
|
||||||
\ytl{10.11.2018}{Monero v8 - enabled Bulletproofs for reduced transaction sizes, global ring size set to 11}
|
\ytl{10.11.2018}{Monero v8 - enabled Bulletproofs for reduced transaction sizes, global ring size set to 11}
|
||||||
\ytl{02.25.2019}{Monero v9 - new PoW based on Cryptonight-R, new block weight algorithm}
|
\ytl{02.25.2019}{Monero v9 - new PoW based on Cryptonight-R, new block weight algorithm}
|
||||||
\bigskip
|
\bigskip
|
||||||
@ -539,7 +542,7 @@ Updates are meant to improve and enhance the previously established codebase as
|
|||||||
\item \textbf{Transaction analysis in Monero blockchain}
|
\item \textbf{Transaction analysis in Monero blockchain}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Research published in 2017 uncovered past and present problems in anonymity with Monero transaction system. The most significant discovery was that a substantial portion of transactions used a Ring Signature of zero which caused traceability of the amount of coin in the transaction output on the blockchain \cite{moser2018empirical}.
|
\item Research published in 2017 uncovered past and present problems in anonymity with Monero transaction system. The most significant discovery was that a substantial portion of transactions used a Ring Signature of zero which caused traceability of the amount of coin in the transaction output on the blockchain \cite{moser2018empirical}.
|
||||||
\item This issue was resolved by Monero team already in 2016 with Monero v2, where Ring Signature was set to =>3 \cite{monerov2release}. Soon after the paper was released, Monero got its v6 update with enforced use of RingCT technology for all transaction outputs \cite{monerov6release}.
|
\item This issue was resolved by Monero team already in 2016 with Monero v2, where Ring Signature was set to set to 3 \cite{monerov2release}. Soon after the paper was released, Monero got its v6 update with enforced use of RingCT technology for all transaction outputs \cite{monerov6release}.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
%zdroj https://eprint.iacr.org/2017/338.pdf
|
%zdroj https://eprint.iacr.org/2017/338.pdf
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
@ -586,7 +589,7 @@ Kovri is a C++ implementation of the Internet Invisible Project (I2P) anonymous
|
|||||||
As pointed out in the Chapter \ref{sec:monero-timeline}, Monero is one of the cryptocurrencies that aim to implement as complex anonymity system as possible. Moreover, because of that not only the underlying technology of the network is different from other cryptocurrency projects but the user side as well.
|
As pointed out in the Chapter \ref{sec:monero-timeline}, Monero is one of the cryptocurrencies that aim to implement as complex anonymity system as possible. Moreover, because of that not only the underlying technology of the network is different from other cryptocurrency projects but the user side as well.
|
||||||
\section{Wallets}
|
\section{Wallets}
|
||||||
\label{sec:wallets}
|
\label{sec:wallets}
|
||||||
The essential part of every currency is the user's ability to access stored funds. In cryptocurrency, this is represented by the wallet and associated software.
|
The essential part of every currency is the user's ability to access stored funds. In cryptocurrency, this is represented by the wallet and associated software. Overview of the wallet storage methods is described in the Table \ref{table:wallettypes}.
|
||||||
|
|
||||||
Monero wallet contains information that is necessary to send and receive Monero currency. Each wallet is encrypted by the password set in the creation process. Typical wallet created using Monero software named \textit{example-wallet} consists of:
|
Monero wallet contains information that is necessary to send and receive Monero currency. Each wallet is encrypted by the password set in the creation process. Typical wallet created using Monero software named \textit{example-wallet} consists of:
|
||||||
\begin{itemize}\itemsep0em
|
\begin{itemize}\itemsep0em
|
||||||
@ -771,6 +774,9 @@ Monero client requires to be in synchronization with the network to show the cor
|
|||||||
|
|
||||||
\textbf{The remote node}, on the other hand, represents a lighter version with slightly less privacy when it comes to working with the wallet. By either choosing in GUI to connect to the remote node or running cli with parameter \textit{.\textbackslash monero-wallet-cli.exe --daemon-address node.address:port}, the client connects to the remote node and starts scanning the blockchain as if it was a local one.
|
\textbf{The remote node}, on the other hand, represents a lighter version with slightly less privacy when it comes to working with the wallet. By either choosing in GUI to connect to the remote node or running cli with parameter \textit{.\textbackslash monero-wallet-cli.exe --daemon-address node.address:port}, the client connects to the remote node and starts scanning the blockchain as if it was a local one.
|
||||||
|
|
||||||
|
Comparison of the node types can be found in the Table \ref{table:moneronodes}.
|
||||||
|
\vspace{-1em}
|
||||||
|
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\center
|
\center
|
||||||
\begin{tabular}{p{0.45\linewidth}p{0.45\linewidth}}
|
\begin{tabular}{p{0.45\linewidth}p{0.45\linewidth}}
|
||||||
@ -781,7 +787,7 @@ Default way for desktop clients & D
|
|||||||
%Time delay caused by blockchain download & No initial setup needed \\
|
%Time delay caused by blockchain download & No initial setup needed \\
|
||||||
Requires 45+ GB and connection to keep in synchronization & Requires connection to scan blockchain
|
Requires 45+ GB and connection to keep in synchronization & Requires connection to scan blockchain
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\caption{Monero node comparison.}
|
\captionof{table}{Monero node comparison.}
|
||||||
\label{table:moneronodes}
|
\label{table:moneronodes}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
\newpage
|
\newpage
|
||||||
@ -905,14 +911,14 @@ There are four main problems concerning Monero environment:
|
|||||||
Malware that encrypts user files and then demands a ransom in the form of cryptocurrency, computer and files are no longer accessible unless the user pays the required amount. During its peak time, all popular ransomware demanded payment in Bitcoin.
|
Malware that encrypts user files and then demands a ransom in the form of cryptocurrency, computer and files are no longer accessible unless the user pays the required amount. During its peak time, all popular ransomware demanded payment in Bitcoin.
|
||||||
|
|
||||||
As malware developers started to get their coins targeted by projects such as one from Netherlands' police called \textit{No More Ransom} available at \url{nomoreransom.org} \cite{martin2017don,paquet2018ransomware}.
|
As malware developers started to get their coins targeted by projects such as one from Netherlands' police called \textit{No More Ransom} available at \url{nomoreransom.org} \cite{martin2017don,paquet2018ransomware}.
|
||||||
Because of this targeting, they had to choose another cryptocurrency to solve this problem, and the solution was Monero \cite{cusack2018points}.
|
Because of this targeting, they had to choose another cryptocurrency to solve this problem, and the solution was Monero \cite{cusack2018points}. Kirk is an example of Monero malware that is included in the Figure \ref{pic:monerokirk} \cite{monerokirk}.
|
||||||
|
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\begin{center}
|
\begin{center}
|
||||||
|
|
||||||
\vspace{-0.8em}
|
\vspace{-0.8em}
|
||||||
\includegraphics[trim={0 0 0 0},clip,width=0.9\textwidth]{stf-kirk-ransomware-virus-startrek-monero-payment-demands-ransom-instructions.png}
|
\includegraphics[trim={0 0 0 0},clip,width=0.9\textwidth]{stf-kirk-ransomware-virus-startrek-monero-payment-demands-ransom-instructions.png}
|
||||||
\caption{Kirk ransomware that demands payment in Monero \protect\cite{monerokirk}.}
|
\caption{Kirk ransomware that demands payment in Monero.}
|
||||||
\vspace{-1.5em}
|
\vspace{-1.5em}
|
||||||
\label{pic:monerokirk}
|
\label{pic:monerokirk}
|
||||||
\end{center}
|
\end{center}
|
||||||
@ -941,7 +947,7 @@ Crypto-jacking a type of attack where the attacker delivers a malicious payload
|
|||||||
Crypto-jacking is becoming more frequent than ransomware as it has proven that steady but low income is more profitable than one-time payment in the form of ransomware \cite{higbee2018role}.
|
Crypto-jacking is becoming more frequent than ransomware as it has proven that steady but low income is more profitable than one-time payment in the form of ransomware \cite{higbee2018role}.
|
||||||
|
|
||||||
\subsubsection{4) Black Ruby}
|
\subsubsection{4) Black Ruby}
|
||||||
Interesting intersection of ransomware and crypto-jacking category is Black Ruby malware that combines features of both. First, it encrypts files on the target computer and then proceeds to mine Monero using XMRig at full CPU load \cite{blackruby2018}.
|
Interesting intersection of ransomware and crypto-jacking category is Black Ruby malware that combines features of both. First, it encrypts files on the target computer and then proceeds to mine Monero using XMRig (as explained in the Section \ref{cha:miningsoftware}) at full CPU load \cite{blackruby2018}.
|
||||||
|
|
||||||
\vspace{-1em}
|
\vspace{-1em}
|
||||||
\section{Monero use case}
|
\section{Monero use case}
|
||||||
@ -992,7 +998,7 @@ The significant characteristic of Monero is its anonymity, and this feature is n
|
|||||||
|
|
||||||
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
|
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data company cannot analyze them. To allow extended anonymity features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
|
||||||
\subsection{Methodology}
|
\subsection{Methodology}
|
||||||
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling. Links for the research were shared among dedicated Reddit Monero community, Facebook Monero groups as well as Cryptocurrency forums.
|
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling. Links for the research were shared among dedicated Reddit Monero community, Facebook Monero groups as well as Cryptocurrency forums. Study limitations are described in the Section \ref{cha:limitations}.
|
||||||
|
|
||||||
To reduce nonresponse rate, participants were asked only to fill out parts that were significant for them, e.g., Monero recovery part stayed hidden in the form if the user selected that he/she had never made any recovery of the seed or wallet keys in the previous part.
|
To reduce nonresponse rate, participants were asked only to fill out parts that were significant for them, e.g., Monero recovery part stayed hidden in the form if the user selected that he/she had never made any recovery of the seed or wallet keys in the previous part.
|
||||||
|
|
||||||
@ -1044,19 +1050,19 @@ Before entering the survey, each participant had to pass the bot test by enterin
|
|||||||
]
|
]
|
||||||
\addplot[1,fill=1] coordinates {(62,0) };
|
\addplot[1,fill=1] coordinates {(62,0) };
|
||||||
%{(113,0) }; absolutni cisla, potrebuje to procenta
|
%{(113,0) }; absolutni cisla, potrebuje to procenta
|
||||||
\addplot[3,fill=3] coordinates {(36,0) };
|
\addplot[4,fill=4] coordinates {(36,0) };
|
||||||
%{(67,0) };
|
%{(67,0) };
|
||||||
\addplot[4,fill=4] coordinates {(1,0) };
|
\addplot[3,fill=3] coordinates {(1,0) };
|
||||||
%{(1,0) };
|
%{(1,0) };
|
||||||
\addplot[6,fill=6] coordinates {(1,0) };
|
\addplot[6,fill=6] coordinates {(1,0) };
|
||||||
%{(1,0) };
|
%{(1,0) };
|
||||||
\legend{Valid responses [113],Partially filled [67],Too fast [1],Invalid [1]
|
\legend{Valid responses [113],Partially filled [67],Too fast response [1],Invalid [1]
|
||||||
}
|
}
|
||||||
\coordinate (A) at (200,0);% ******** start of changes ************
|
\coordinate (A) at (30,0);% ******** start of changes ************
|
||||||
\coordinate (B) at (300,8mm);
|
\coordinate (B) at (80,0);
|
||||||
\end{axis}
|
\end{axis}
|
||||||
\node at (A) {test};
|
\node at (A) {62\%};
|
||||||
\node at (B) {test 2};% ********* end of changes **********
|
\node at (B) {37\%};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Overview of respondents in the user survey dataset.}
|
\caption{Overview of respondents in the user survey dataset.}
|
||||||
\label{chart:price}\end{figure}\end{center}
|
\label{chart:price}\end{figure}\end{center}
|
||||||
@ -1244,8 +1250,8 @@ Desktop applications are used by 104 out of 113 users, making it the most freque
|
|||||||
\caption{Desktop client software.}
|
\caption{Desktop client software.}
|
||||||
\label{chart:price}\end{figure}\end{center}
|
\label{chart:price}\end{figure}\end{center}
|
||||||
\vspace{-2.25em}
|
\vspace{-2.25em}
|
||||||
\subsubsection{Monero Mobile app usage}
|
\subsubsection{Monero Mobile application usage}
|
||||||
From 113 people that filled out the survey, 53 of them stated that they use either Android or iOS app for accessing their Monero wallet. Digging deeper, out of 49 Android users, Monerujo app is used by 92\% (45 out of 49) of them, followed by other Android wallets 14\% (7 out of 49). Freewallet on Android is only used by one user (2\%) in the dataset thus following the fact the community does not like closed source software with bad history as mentioned in the Chapter \ref{cha:scamportals}.
|
From 113 people that filled out the survey, 53 of them stated that they use either Android or iOS application for accessing their Monero wallet. Digging deeper, out of 49 Android users, Monerujo application is used by 92\% (45 out of 49) of them, followed by other Android wallets 14\% (7 out of 49). Freewallet on Android is only used by one user (2\%) in the dataset thus following the fact the community does not like closed source software with bad history as mentioned in the Chapter \ref{cha:scamportals}. Detailed description of the applications is included in the Section \ref{sub:mobilewalletsoftware}.
|
||||||
|
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
@ -1494,11 +1500,11 @@ Secure transfer of funds & 53 \% & 60 \\
|
|||||||
To be paid in Monero & 44 \% & 50 \\
|
To be paid in Monero & 44 \% & 50 \\
|
||||||
Other & 00 \% & 00
|
Other & 00 \% & 00
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\caption{Reasons to use Monero.}
|
\captionof{table}{Reasons to use Monero.}
|
||||||
\label{table:monerousageresearch}
|
\label{table:monerousageresearch}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
|
||||||
This result is strongly affected by the way how participants were selected (self-selection) and from what sites they were informed about the survey (mainly Reddit Monero subreddits and Facebook Monero groups). The short overview of the preferences is shown in the Figure \ref{table:monerousageresearch} with the full text of the questions asked available in the Appendix Figure \ref{monero-user-study-pdf}.
|
This result is strongly affected by the way how participants were selected (self-selection) and from what sites they were informed about the survey (mainly Reddit Monero subreddits and Facebook Monero groups). The short overview of the preferences is shown in the Table \ref{table:monerousageresearch} with the full text of the questions asked available in the Appendix Figure \ref{monero-user-study-pdf}.
|
||||||
|
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
@ -1570,7 +1576,7 @@ Following this question, respondents were asked if they hold onto their coins fo
|
|||||||
>{\centering\arraybackslash}p{0.2\linewidth}%
|
>{\centering\arraybackslash}p{0.2\linewidth}%
|
||||||
>{\centering\arraybackslash}p{0.35\linewidth}%
|
>{\centering\arraybackslash}p{0.35\linewidth}%
|
||||||
}
|
}
|
||||||
\textbf{Usage} & \textbf{\% of users from total} & \textbf{N of users from total N=113} \\
|
\textbf{Usage} & \textbf{\% of users from total} & \textbf{N of users from total (N=113)} \\
|
||||||
Subscriptions & 15\% & 17 \\
|
Subscriptions & 15\% & 17 \\
|
||||||
Restaurants & 05\% & 06 \\
|
Restaurants & 05\% & 06 \\
|
||||||
Donations & 45\% & 51 \\
|
Donations & 45\% & 51 \\
|
||||||
@ -1581,23 +1587,23 @@ E-shops & 19\% & 22 \\
|
|||||||
Darknet markets & 18\% & 20 \\
|
Darknet markets & 18\% & 20 \\
|
||||||
Gambling sites & 03\% & 03 \\
|
Gambling sites & 03\% & 03 \\
|
||||||
Drugs & 10\% & 11 \\
|
Drugs & 10\% & 11 \\
|
||||||
Illegal usecases & 05\% & 06 \\
|
Illegal use cases & 05\% & 06 \\
|
||||||
VPN services & 35\% & 31 \\
|
VPN services & 35\% & 31 \\
|
||||||
Gift cards & 04\% & 04 \\
|
Gift cards & 04\% & 04 \\
|
||||||
Hosting and IT services & 22\% & 25 \\
|
Hosting and IT services & 22\% & 25 \\
|
||||||
Other & 00\% & 00
|
Other & 00\% & 00
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\caption{Monero usage for payments.}
|
\captionof{table}{Monero usage for payments.}
|
||||||
\label{table:moneropayusageresearch}
|
\label{table:moneropayusageresearch}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
\newpage
|
||||||
Important usage factor of a currency is where its users can pay with it. Monero has already a known reputation between darknet markets, but its mainstream usage isn't something that is advertised as its feature.
|
Important usage factor of a currency is where its users can pay with it. Monero has already a known reputation between darknet markets, but its mainstream usage isn't something that is advertised as its feature.
|
||||||
|
|
||||||
When asked about the payment options, many of the respondents 45\% (51 out of 113) selected that they use Monero as a way for donating other people, followed by paying for VPN services 35\% (31 out of 113). Although Monero features are considered ideal for black market use, only 5\% (6 out of 113) respondents revealed that they use Monero cryptocurrency in this way.%A detailed overview of payment types is available in the Appendix Figure \ref{table:moneropayusageresearch}.
|
When asked about the payment options, many of the respondents 45\% (51 out of 113) selected that they use Monero as a way for donating other people, followed by paying for VPN services 35\% (31 out of 113). Although Monero features are considered ideal for black market use, only 5\% (6 out of 113) respondents revealed that they use Monero cryptocurrency in this way.%A detailed overview of payment types is available in the Appendix Figure \ref{table:moneropayusageresearch}.
|
||||||
|
|
||||||
Perception and the reality of anonymity in cryptocurrency is an important topic in the cryptocurrency environment \cite{amarasinghe2019survey}. Although Monero is private by default, additional precautions can be made to hide users activity from the third party like using Kovri or Tor.
|
Perception and the reality of anonymity in cryptocurrency is an important topic in the cryptocurrency environment \cite{amarasinghe2019survey}. Although Monero is private by default, additional precautions can be made to hide users activity from the third party like using Kovri or Tor.
|
||||||
|
|
||||||
Among users in the dataset, Kovri 7\% (8 out of 113) or Tor 20\% (23 out of 113) is used by less than one third of the respondents in total as can be seen in the Figure \ref{table:moneropayusageresearch} .
|
Among users in the dataset, Kovri 7\% (8 out of 113) or Tor 20\% (23 out of 113) is used by less than one third of the respondents in total as can be seen in the Table \ref{table:moneropayusageresearch} .
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -1743,7 +1749,7 @@ Apart from client software that is used for accessing and making transactions in
|
|||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Wallet types usage in Monero.}
|
\caption{Wallet types usage in Monero.}
|
||||||
\label{chart:monerowalletsusagechart}\end{figure}\end{center}
|
\label{chart:monerowalletsusagechart}\end{figure}\end{center}
|
||||||
|
\newpage
|
||||||
\subsection{Monero recovery}
|
\subsection{Monero recovery}
|
||||||
For further wallet protection, the majority of users also encrypt their wallet or the datastore on which the keys reside on 78\% (88 out of 113).
|
For further wallet protection, the majority of users also encrypt their wallet or the datastore on which the keys reside on 78\% (88 out of 113).
|
||||||
|
|
||||||
@ -1862,6 +1868,7 @@ This part was answered only by those respondents that selected Yes (15 out of 11
|
|||||||
|
|
||||||
The primary cause of problems was mining malware (8) or some form of mining script (7). The main affected platform was running Windows (10), and malware was recognized mainly by slow system response (7) and high CPU usage (11).
|
The primary cause of problems was mining malware (8) or some form of mining script (7). The main affected platform was running Windows (10), and malware was recognized mainly by slow system response (7) and high CPU usage (11).
|
||||||
|
|
||||||
|
\iffalse
|
||||||
When trying to compare the security of individual wallet types, one of the important factors that determine its usability and security is wallet recovery rate. To compare the hot and cold wallet approach using the Chi-Square test, the following hypothesis was set:
|
When trying to compare the security of individual wallet types, one of the important factors that determine its usability and security is wallet recovery rate. To compare the hot and cold wallet approach using the Chi-Square test, the following hypothesis was set:
|
||||||
\begin{itemize}\itemsep0em
|
\begin{itemize}\itemsep0em
|
||||||
\item H0: There is no difference between the hot and cold wallet and their recovery rate.
|
\item H0: There is no difference between the hot and cold wallet and their recovery rate.
|
||||||
@ -1883,8 +1890,7 @@ The table with extracted values is in the Table \ref{table:user-chi}. The chi-sq
|
|||||||
\captionof{table}{Contingency Table for wallet types and recovery.}
|
\captionof{table}{Contingency Table for wallet types and recovery.}
|
||||||
\label{table:user-chi}
|
\label{table:user-chi}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
\fi
|
||||||
|
|
||||||
|
|
||||||
\subsection{Demographics}
|
\subsection{Demographics}
|
||||||
Survey participants were mainly males 44\% (50 out of 113), females 2\% (2 out of 113) represented only a small portion of the dataset, and some of the participants did not disclose their gender 54\% (61 out of 113). Most respondents in the dataset were from the age groups 25-34 29\% (33 out of 113).
|
Survey participants were mainly males 44\% (50 out of 113), females 2\% (2 out of 113) represented only a small portion of the dataset, and some of the participants did not disclose their gender 54\% (61 out of 113). Most respondents in the dataset were from the age groups 25-34 29\% (33 out of 113).
|
||||||
@ -2043,12 +2049,15 @@ Survey participants were mainly males 44\% (50 out of 113), females 2\% (2 out o
|
|||||||
\chapter{Monero Usage and Storage Best Practices}
|
\chapter{Monero Usage and Storage Best Practices}
|
||||||
Ease of use is one of the critical aspects of every cryptocurrency and although Monero can offer a wide range of privacy features it has to be usable and user-friendly to be used by a substantial margin of people. Usability in Monero is a long-term topic that sparks discussion \cite{monerolang2018}.
|
Ease of use is one of the critical aspects of every cryptocurrency and although Monero can offer a wide range of privacy features it has to be usable and user-friendly to be used by a substantial margin of people. Usability in Monero is a long-term topic that sparks discussion \cite{monerolang2018}.
|
||||||
|
|
||||||
Following scenarios represent secure and easy to use instructions for a new Monero user, based on results from Monero user research in the Chapter \ref{cha:monerousersurvey}.
|
While significant number of users reported that they perform backups of their wallet keys, many of them use hot wallet on their mobile phones which presents a security threat for their wallet.
|
||||||
|
|
||||||
|
Following scenarios represent secure and easy to use instructions for a new Monero user, based on results from Monero user research in the Chapter \ref{cha:monerousersurvey}.
|
||||||
|
\vspace{-1em}
|
||||||
\section{Generating the keys and accessing the wallet}
|
\section{Generating the keys and accessing the wallet}
|
||||||
The first challenge for Monero users is generating key pairs and accessing the wallet. This process varies from the user's platform of choice and used wallet software. As the choice of client wallet software is important for Monero users in terms of user experience and security, the following Sections are dedicated to available wallet software. %TODO je to better oproti původnímu As the choice of client wallet software is fundamental for users Monero regarding user experience and security standpoint, following sections are dedicated to available wallet software.
|
The first challenge for Monero users is generating key pairs and accessing the wallet. This process varies from the user's platform of choice and used wallet software. As the choice of client wallet software is important for Monero users in terms of user experience and security, the following Sections are dedicated to available wallet software. %TODO je to better oproti původnímu As the choice of client wallet software is fundamental for users Monero regarding user experience and security standpoint, following sections are dedicated to available wallet software.
|
||||||
\subsection{Windows and Linux platform}
|
\subsection{Windows and Linux platform}
|
||||||
The official client offers CLI and GUI wallet management and is available at \url{https://getmonero.org/downloads/}. Using this client users can generate wallet keys. Created keys are after generation saved directly into the memory of the device unless specified otherwise.
|
The official client offers CLI and GUI wallet management and is available at \url{https://getmonero.org/downloads/}. Using this client users can generate wallet keys. Created keys are after generation saved directly into the memory of the device unless specified otherwise.
|
||||||
|
\vspace{-0.9em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\begin{center}
|
\begin{center}
|
||||||
% \vspace{-0.8em}
|
% \vspace{-0.8em}
|
||||||
@ -2064,7 +2073,7 @@ The official client offers CLI and GUI wallet management and is available at \ur
|
|||||||
\begin{lstlisting}
|
\begin{lstlisting}
|
||||||
.\monero-wallet-cli.exe
|
.\monero-wallet-cli.exe
|
||||||
Monero Lithium Luna (v0.12.3.0-release)
|
Monero Lithium Luna (v0.12.3.0-release)
|
||||||
Logging to C:\...\monero-wallet-cli.log
|
Logging to C:\Users\radim\Nextcloud\ssme-thesis\cli\monero-wallet-cli.log
|
||||||
Specify wallet file name (e.g., MyWallet). If the wallet
|
Specify wallet file name (e.g., MyWallet). If the wallet
|
||||||
file is not present, it will be created.
|
file is not present, it will be created.
|
||||||
Wallet file name (or Ctrl-C to exit): ssme-thesis
|
Wallet file name (or Ctrl-C to exit): ssme-thesis
|
||||||
@ -2078,7 +2087,7 @@ Generating new wallet...
|
|||||||
\end{center}
|
\end{center}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
\vspace{-1em}
|
\vspace{-1em}
|
||||||
Security of this task depends on the origin of the software, delivery chain trust, and the users' operating system. Monero CLI and GUI binaries can be edited, and the app itself does not call any internal checking to alert the user of the unauthorized change.
|
Security of this task depends on the origin of the software, delivery chain trust, and the users' operating system. Monero CLI and GUI binaries can be edited, and the application itself does not call any internal checking to alert the user of the unauthorized change.
|
||||||
|
|
||||||
Code injection was successfully tested on GUI binary of the official Monero wallet as seen in the Figure \ref{pic:codeinjectiongui}. Although SHA256 hash is provided on the website, the user is not specifically instructed to check the hashes of the downloaded software with tools like PowerShell using \texttt{Get-FileHash ./monero-wallet-gui.exe | Format-List} command \cite{pialphapialphagammaiotaacutealphanunualpharhoovarsigma2016study}. GPG-signed list of the hashes is available on the website although there are no instructions on how to verify PGP signature itself.
|
Code injection was successfully tested on GUI binary of the official Monero wallet as seen in the Figure \ref{pic:codeinjectiongui}. Although SHA256 hash is provided on the website, the user is not specifically instructed to check the hashes of the downloaded software with tools like PowerShell using \texttt{Get-FileHash ./monero-wallet-gui.exe | Format-List} command \cite{pialphapialphagammaiotaacutealphanunualpharhoovarsigma2016study}. GPG-signed list of the hashes is available on the website although there are no instructions on how to verify PGP signature itself.
|
||||||
\vspace{-1em}
|
\vspace{-1em}
|
||||||
@ -2107,11 +2116,12 @@ There are also alternative approaches to key generation like an offline JavaScri
|
|||||||
|
|
||||||
Hardware way is considered to be in the development, but Monero compatible devices like Ledger Nano S are already on the market. The way how keys are generated in hardware wallets varies on firmware included in each device.
|
Hardware way is considered to be in the development, but Monero compatible devices like Ledger Nano S are already on the market. The way how keys are generated in hardware wallets varies on firmware included in each device.
|
||||||
|
|
||||||
In general, the wallet is required to have Monero app installed from vendors app catalog. Keys are generated on the hardware device within the app itself, and the user can only export private view key from the device to view the balance in full CLI/GUI client.
|
In general, the wallet is required to have Monero application installed from vendors application catalog. Keys are generated on the hardware device within the application itself, and the user can only export private view key from the device to view the balance in full CLI/GUI client.
|
||||||
|
|
||||||
This way, the user has private spend key always on the device, and the client PC has only private view key. To sign a transaction, the user has to confirm the transaction on the device itself meaning the hardware wallet will sign the transaction and then sends it to the Monero client. By this, in case of a security breach on the host computer, there is no Monero to steal.
|
This way, the user has private spend key always on the device, and the client PC has only private view key. To sign a transaction, the user has to confirm the transaction on the device itself meaning the hardware wallet will sign the transaction and then sends it to the Monero client. By this, in case of a security breach on the host computer, there is no Monero to steal.
|
||||||
|
|
||||||
\subsection{Wallet software for mobile devices}
|
\subsection{Wallet software for mobile devices}
|
||||||
|
\label{sub:mobilewalletsoftware}
|
||||||
|
|
||||||
Monero has wallet software available for Android as well as the iOS platform. Community recommends to use the open source ones for both platforms, as their codebase is published on GitHub and everyone can inspect the code. Another common fact for the recommended solutions is that the keypairs for the wallet are stored exclusively on the user's device and restore can be done without third-party technical support.
|
Monero has wallet software available for Android as well as the iOS platform. Community recommends to use the open source ones for both platforms, as their codebase is published on GitHub and everyone can inspect the code. Another common fact for the recommended solutions is that the keypairs for the wallet are stored exclusively on the user's device and restore can be done without third-party technical support.
|
||||||
|
|
||||||
@ -2124,11 +2134,11 @@ By this, the user does not need to save the seed, wallet keys or make any backup
|
|||||||
\textbf{Cake Wallet} represents open source Monero wallet for iOS that provides wallet generation and local key pair storage with remote node connection and synchronization \cite{cakewalletgithub}.
|
\textbf{Cake Wallet} represents open source Monero wallet for iOS that provides wallet generation and local key pair storage with remote node connection and synchronization \cite{cakewalletgithub}.
|
||||||
|
|
||||||
Guideline for secure wallet access is described in the Chapter \ref{sec:wallettypes}.
|
Guideline for secure wallet access is described in the Chapter \ref{sec:wallettypes}.
|
||||||
|
\vspace{-1.3em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\vspace{-0.75em}
|
\vspace{-0.75em}
|
||||||
\includegraphics[trim={0 1.8cm 0 0},clip,width=0.4\textwidth]{Screenshot_1542566492.png}
|
\includegraphics[trim={0 1.8cm 0 0},clip,width=0.38\textwidth]{Screenshot_1542566492.png}
|
||||||
\caption{Monerujo for Android.}
|
\caption{Monerujo for Android.}
|
||||||
\vspace{-1.5em}
|
\vspace{-1.5em}
|
||||||
\label{pic:withoutresdrawable}
|
\label{pic:withoutresdrawable}
|
||||||
@ -2142,7 +2152,7 @@ Monerojuro & Android & Open Source & Keypair is stored locally. User
|
|||||||
Monero \linebreak Wallet & Android iOS & Closed Source & Keypair in cloud storage. No control over keys. \\
|
Monero \linebreak Wallet & Android iOS & Closed Source & Keypair in cloud storage. No control over keys. \\
|
||||||
Cake Wallet & iOS & Open Source & Keypair is stored locally. User has complete control.
|
Cake Wallet & iOS & Open Source & Keypair is stored locally. User has complete control.
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\captionof{table}{List of avaiable wallets for mobile platforms.}
|
\captionof{table}{List of available wallets for mobile platforms.}
|
||||||
\label{table:monero-mobile}
|
\label{table:monero-mobile}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
|
||||||
@ -2216,10 +2226,10 @@ Following cost effectivity of individual media types together with common backup
|
|||||||
\item Located on the DVD as an encrypted file.
|
\item Located on the DVD as an encrypted file.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
\vspace{-1.5em}
|
||||||
\subsubsection{Secure Monero usage portal}
|
\subsubsection{Secure Monero usage portal}
|
||||||
As a result of this Chapter and Monero user research in the Chapter \ref{cha:monerousersurvey}, all recommendations for secure Monero usage are compiled within one website \url{https://ownercz.github.io/ssme-thesis}.
|
As a result of this Chapter and Monero user research in the Chapter \ref{cha:monerousersurvey}, all recommendations for secure Monero usage are compiled within one website \url{https://ownercz.github.io/ssme-thesis}.
|
||||||
|
\vspace{-0.5em}
|
||||||
\iffalse
|
\iffalse
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\begin{center}
|
\begin{center}
|
||||||
@ -2232,7 +2242,15 @@ As a result of this Chapter and Monero user research in the Chapter \ref{cha:mon
|
|||||||
\end{center}
|
\end{center}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
\fi
|
\fi
|
||||||
|
\section{Study limitations}
|
||||||
|
\label{cha:limitations}
|
||||||
|
When interpreting Monero user and miners research results, the following study limitations should be taken into account:
|
||||||
|
\begin{itemize}
|
||||||
|
\itemsep0em
|
||||||
|
\item Self-selection bias of respondents in the dataset, which results in a non-representative sample of the population.
|
||||||
|
\item Reporting bias of responses in the dataset, as study gathers rather sensitive questions towards security habits and backups.
|
||||||
|
\item Limited time and reach of the questionnaires in the community that has participated in this research leading to non-representative population sample.
|
||||||
|
\end{itemize}
|
||||||
\chapter{Obtaining Monero and Running the Network}
|
\chapter{Obtaining Monero and Running the Network}
|
||||||
\label{cha:obtaining}
|
\label{cha:obtaining}
|
||||||
Monero mining is a process done by miners to verify transactions on the network and add them to the blockchain together in the form of a block. This results for them in a reward in the form of new coins that are emitted as a reward for block solving.
|
Monero mining is a process done by miners to verify transactions on the network and add them to the blockchain together in the form of a block. This results for them in a reward in the form of new coins that are emitted as a reward for block solving.
|
||||||
@ -2441,7 +2459,7 @@ Having closed source code that community cannot inspect, mining software of this
|
|||||||
|
|
||||||
\section{Mining malware }
|
\section{Mining malware }
|
||||||
\vspace{-0.2em}
|
\vspace{-0.2em}
|
||||||
As Monero algorithm is designed to be memory demanding algorithm, it is suitable to mine it using both CPU and GPU as mining software offers support for both hardware components as mentioned in the Section \ref{cha:miningsoftware}.
|
As Monero algorithm is designed to be memory demanding, it is suitable to mine it using both CPU and GPU as mining software offers support for both hardware components as mentioned in the Section \ref{cha:miningsoftware}.
|
||||||
|
|
||||||
The fact that Monero can be effectively CPU mined means for malware miners much easier way how to gain any profit from infected computer as they do not need to have any specific GPU drivers or features implemented. Because of this, they are easier to deploy on a wide range of devices \cite{le2018swimming}.
|
The fact that Monero can be effectively CPU mined means for malware miners much easier way how to gain any profit from infected computer as they do not need to have any specific GPU drivers or features implemented. Because of this, they are easier to deploy on a wide range of devices \cite{le2018swimming}.
|
||||||
\vspace{-0.6em}
|
\vspace{-0.6em}
|
||||||
@ -2450,7 +2468,7 @@ When malicious software developer considers the cryptocurrency technology to bui
|
|||||||
|
|
||||||
In the case of Monero, its features are as much important for its users as for the malware developers. The main reason for using Monero is that it offers private features as well as support for mining on almost every device available \cite{eskandari2018first}.
|
In the case of Monero, its features are as much important for its users as for the malware developers. The main reason for using Monero is that it offers private features as well as support for mining on almost every device available \cite{eskandari2018first}.
|
||||||
|
|
||||||
Thanks to its features and active development, Monero is one of the most active cryptocurrencies that are used in the malware world with more than 57M USD already mined. As of 2019, Monero is identified to have the most active malware campaigns per cryptocurrency, followed by Bitcoin and zCash \cite{konoth2019malicious}.
|
Thanks to its features and active development, Monero is one of the most active cryptocurrencies that are used in the malware world with more than 57 million USD already mined. As of 2019, Monero is identified to have the most active malware campaigns per cryptocurrency, followed by Bitcoin and zCash \cite{konoth2019malicious}.
|
||||||
\vspace{-0.6em}
|
\vspace{-0.6em}
|
||||||
\subsubsection{Types of malware miners}
|
\subsubsection{Types of malware miners}
|
||||||
Main categories of malware miners are derived from the way how the unwanted software is delivered to the target device. Most common ways of ingestion are:
|
Main categories of malware miners are derived from the way how the unwanted software is delivered to the target device. Most common ways of ingestion are:
|
||||||
@ -2498,7 +2516,7 @@ Cloud mining & & &
|
|||||||
% škola > dodá Vlasta info
|
% škola > dodá Vlasta info
|
||||||
% místo interested in modern technologies >> eearly adopter OK
|
% místo interested in modern technologies >> eearly adopter OK
|
||||||
% privacy aspect vygooglit části
|
% privacy aspect vygooglit části
|
||||||
The goal of this research is to gather information on people who run mining cryptocurrency software and map their behavior regarding system administration with the emphasis on security practices. For this purpose, an online questionnaire was created and is avaiable in the Appendix Figure \ref{monero-user-study-pdf}.
|
The goal of this research is to gather information on people who run mining cryptocurrency software and map their behavior regarding system administration with the emphasis on security practices. For this purpose, an online questionnaire was created and is available in the Appendix Figure \ref{monero-user-study-pdf}.
|
||||||
|
|
||||||
To the best of my knowledge, this is the first work that studies cryptocurrency miners. Specific research questions are based on cryptocurrency mining setup patterns, used software and problematic areas regarding computer and data security in general.
|
To the best of my knowledge, this is the first work that studies cryptocurrency miners. Specific research questions are based on cryptocurrency mining setup patterns, used software and problematic areas regarding computer and data security in general.
|
||||||
|
|
||||||
@ -2527,7 +2545,7 @@ As mentioned in the Chapter \ref{cha:monerousersurvey}, the survey was not hoste
|
|||||||
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data companies cannot analyze them. To allow extended privacy features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
|
This means that data exchanged between participants and survey software stays only between these two parties, so Google or other big data companies cannot analyze them. To allow extended privacy features, Tor and proxy connections were allowed, but each participant had to solve the CAPTCHA before starting the survey.
|
||||||
%\vspace{-0.7em}
|
%\vspace{-0.7em}
|
||||||
\subsection{Methodology}
|
\subsection{Methodology}
|
||||||
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling, links for the research were shared among dedicated Reddit Monero community, Facebook Mining groups as well as Cryptocurrency forums. This form was distributed together with the Monero User Research survey in mentioned mining communities.
|
Data collection method was online only and was using the survey website software. Participants selection was based on opportunity sampling, links for the research were shared among dedicated Reddit Monero community, Facebook Mining groups as well as Cryptocurrency forums. This form was distributed together with the Monero User Research survey in mentioned mining communities. Study limitations are described in the Section \ref{cha:limitations}.
|
||||||
|
|
||||||
To reduce nonresponse rate, participants were asked only to fill out parts that were significant for them, e.g., Windows OS part stayed hidden in the form if the user selected that he/she used Linux OS only.
|
To reduce nonresponse rate, participants were asked only to fill out parts that were significant for them, e.g., Windows OS part stayed hidden in the form if the user selected that he/she used Linux OS only.
|
||||||
|
|
||||||
@ -2577,19 +2595,19 @@ Before entering the survey, each participant had to pass the bot test by enterin
|
|||||||
]
|
]
|
||||||
\addplot[1,fill=1] coordinates {(19,0) };
|
\addplot[1,fill=1] coordinates {(19,0) };
|
||||||
%{(113,0) }; absolutni cisla, potrebuje to procenta
|
%{(113,0) }; absolutni cisla, potrebuje to procenta
|
||||||
\addplot[3,fill=3] coordinates {(80,0) };
|
\addplot[4,fill=4] coordinates {(80,0) };
|
||||||
%{(67,0) };
|
%{(67,0) };
|
||||||
\addplot[4,fill=4] coordinates {(0,0) };
|
\addplot[3,fill=3] coordinates {(0,0) };
|
||||||
%{(1,0) };
|
%{(1,0) };
|
||||||
\addplot[6,fill=6] coordinates {(1,0) };
|
\addplot[6,fill=6] coordinates {(1,0) };
|
||||||
%{(1,0) };
|
%{(1,0) };
|
||||||
\legend{Valid responses [60],Partially filled [261],Too fast [0],Invalid [2]
|
\legend{Valid responses [60],Partially filled [261],Too fast [0],Invalid [2]
|
||||||
}
|
}
|
||||||
\coordinate (A) at (200,0);% ******** start of changes ************
|
\coordinate (A) at (10,0);% ******** start of changes ************
|
||||||
\coordinate (B) at (300,8mm);
|
\coordinate (B) at (60,0);
|
||||||
\end{axis}
|
\end{axis}
|
||||||
\node at (A) {test};
|
\node at (A) {19\%};
|
||||||
\node at (B) {test 2};% ********* end of changes **********
|
\node at (B) {80\%};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Overview of respondents in the miners survey dataset.}
|
\caption{Overview of respondents in the miners survey dataset.}
|
||||||
\label{chart:price}\end{figure}\end{center}
|
\label{chart:price}\end{figure}\end{center}
|
||||||
@ -2684,7 +2702,15 @@ Even through dataset cleansing, from the final 60 respondents, 15 of them chose
|
|||||||
\addplot[6,fill=6] coordinates {(31,0) };
|
\addplot[6,fill=6] coordinates {(31,0) };
|
||||||
\legend{GPU only [17],CPU and GPU [12], CPU only [2], No response [14]
|
\legend{GPU only [17],CPU and GPU [12], CPU only [2], No response [14]
|
||||||
}
|
}
|
||||||
|
\coordinate (A) at (20,0);% ******** start of changes ************
|
||||||
|
\coordinate (B) at (55,0);
|
||||||
|
\coordinate (C) at (68,0);% ******** start of changes ************
|
||||||
|
\coordinate (D) at (85,0);
|
||||||
\end{axis}
|
\end{axis}
|
||||||
|
\node at (A) {38\%};
|
||||||
|
\node at (B) {27\%};% ********* end of changes **********
|
||||||
|
\node at (C) {4\%};
|
||||||
|
\node at (D) {31\%};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Mining types comparison.}
|
\caption{Mining types comparison.}
|
||||||
\label{chart:miningtype}\end{figure}\end{center}
|
\label{chart:miningtype}\end{figure}\end{center}
|
||||||
@ -2802,9 +2828,9 @@ Majority of miners mine in their property 87\% (52 out of 60) and set up their m
|
|||||||
\node at (F) {46};% ********* end of changes **********
|
\node at (F) {46};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Mining setup preferences.}
|
\caption{Mining setup preferences.}
|
||||||
\label{chart:mininghabbits}\end{figure}\end{center}
|
\label{chart:mininghabits}\end{figure}\end{center}
|
||||||
\vspace{-2em}
|
\vspace{-2em}
|
||||||
Miners generally tend to update their rigs 70\% (42 out of 60) as well as clean them 52\% (31 out of 60) but refrain from additional infrastructure costs like buying a UPS 23\% (14 out of 60) as shown in the Figure \ref{chart:mininghabbits}.
|
Miners generally tend to update their rigs 70\% (42 out of 60) as well as clean them 52\% (31 out of 60) but refrain from additional infrastructure costs like buying a UPS 23\% (14 out of 60) as shown in the Figure \ref{chart:mininghabits}.
|
||||||
|
|
||||||
\subsubsection{Mining software}
|
\subsubsection{Mining software}
|
||||||
The choice of mining software impacts mining profitability as well as the number of shares that are donated to the developer (if any).
|
The choice of mining software impacts mining profitability as well as the number of shares that are donated to the developer (if any).
|
||||||
@ -2865,7 +2891,7 @@ As described in the Chapter \ref{cha:miningsoftware}, most popular mining softwa
|
|||||||
\node at (H) {58};% ********* end of changes **********
|
\node at (H) {58};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Mining software preference.}
|
\caption{Mining software preference.}
|
||||||
\label{chart:mininghabbits}\end{figure}\end{center}
|
\label{chart:mininghabits}\end{figure}\end{center}
|
||||||
\vspace{-2em}
|
\vspace{-2em}
|
||||||
XMRig is used less 30\% (18 out of 60), but more often in combination with other mining software like previously mentioned XMR Stak. From closed source miners, only MinerGate was mentioned 3\% (2 out of 60). A small portion of miners also solo mine 12\% (7 out of 60) using the official wallet software.
|
XMRig is used less 30\% (18 out of 60), but more often in combination with other mining software like previously mentioned XMR Stak. From closed source miners, only MinerGate was mentioned 3\% (2 out of 60). A small portion of miners also solo mine 12\% (7 out of 60) using the official wallet software.
|
||||||
|
|
||||||
@ -2878,7 +2904,7 @@ When asked about pool preferences, two larger mining pools were often mentioned
|
|||||||
\subsubsection{Windows platform}
|
\subsubsection{Windows platform}
|
||||||
Out of 60 miners in the dataset, 39 of them use Windows as their choice of OS for mining. Regarding periodic updates, only a small part of miners 26\% (10 out of 39) tend to use Windows with its default update settings (automatic restart of the OS to apply updates, unattended driver updates).
|
Out of 60 miners in the dataset, 39 of them use Windows as their choice of OS for mining. Regarding periodic updates, only a small part of miners 26\% (10 out of 39) tend to use Windows with its default update settings (automatic restart of the OS to apply updates, unattended driver updates).
|
||||||
|
|
||||||
Majority of Windows miners 59\% (23 out of 39) tend to apply updates after some time after their release and are running some kind of antivirus software with remote access enabled. There is also a part of miners in the dataset 28\% (11 out of 39) that tend to \enquote{set up and forget} with Windows update completely disabled. Setup preferences are shown in the Figure \ref{chart:windowshabbits}.
|
Majority of Windows miners 59\% (23 out of 39) tend to apply updates after some time after their release and have remote access enabled. There is also a part of miners in the dataset 28\% (11 out of 39) that tend to \enquote{set up and forget} with Windows update completely disabled. Setup preferences are shown in the Figure \ref{chart:windowshabits}.
|
||||||
|
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
@ -2949,7 +2975,7 @@ Majority of Windows miners 59\% (23 out of 39) tend to apply updates after some
|
|||||||
\node at (N) {28};% ********* end of changes **********
|
\node at (N) {28};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Windows mining setup preferences.}
|
\caption{Windows mining setup preferences.}
|
||||||
\label{chart:windowshabbits}\end{figure}\end{center}
|
\label{chart:windowshabits}\end{figure}\end{center}
|
||||||
\pagebreak
|
\pagebreak
|
||||||
\subsubsection{Linux platform}
|
\subsubsection{Linux platform}
|
||||||
While Linux is used by 33 out of 60 miners, the majority of them tend to use Ubuntu 52\% (17 out of 33) or Debian 33\% (11 out of 33). The specialized OS for mining - MineOS is used by six users, least use has community derivate from RHEL, CentOS.
|
While Linux is used by 33 out of 60 miners, the majority of them tend to use Ubuntu 52\% (17 out of 33) or Debian 33\% (11 out of 33). The specialized OS for mining - MineOS is used by six users, least use has community derivate from RHEL, CentOS.
|
||||||
@ -3016,7 +3042,7 @@ Remote management is represented mainly by SSH 67\% (22 out of 33) followed by V
|
|||||||
\node at (J) {21};% ********* end of changes **********
|
\node at (J) {21};% ********* end of changes **********
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
\caption{Linux mining setup preferences.}
|
\caption{Linux mining setup preferences.}
|
||||||
\label{chart:linuxhabbits}\end{figure}\end{center}
|
\label{chart:linuxhabits}\end{figure}\end{center}
|
||||||
\pagebreak
|
\pagebreak
|
||||||
\subsubsection{Demographics}
|
\subsubsection{Demographics}
|
||||||
Survey participants were mainly males 83\% (50 out of 60), females 3\% (2 out of 60) represented only a small portion of the dataset and some of the participants did not disclose their gender 13\% (8 out of 60). Most respondents in the dataset were from the age groups 25-34 55\% (33 out of 60) followed by 35-44 age group 20\% (12 out of 60) as well as 18-24 18\% (11 out of 60).
|
Survey participants were mainly males 83\% (50 out of 60), females 3\% (2 out of 60) represented only a small portion of the dataset and some of the participants did not disclose their gender 13\% (8 out of 60). Most respondents in the dataset were from the age groups 25-34 55\% (33 out of 60) followed by 35-44 age group 20\% (12 out of 60) as well as 18-24 18\% (11 out of 60).
|
||||||
@ -3066,7 +3092,7 @@ Survey participants were mainly males 83\% (50 out of 60), females 3\% (2 out of
|
|||||||
\coordinate (B) at (50,0);
|
\coordinate (B) at (50,0);
|
||||||
\coordinate (C) at (85,0);% ******** start of changes ************
|
\coordinate (C) at (85,0);% ******** start of changes ************
|
||||||
\end{axis}
|
\end{axis}
|
||||||
\node at (A) {44};
|
\node at (A) {11};
|
||||||
\node at (B) {33};% ********* end of changes **********
|
\node at (B) {33};% ********* end of changes **********
|
||||||
\node at (C) {12};
|
\node at (C) {12};
|
||||||
\end{tikzpicture}
|
\end{tikzpicture}
|
||||||
@ -3172,9 +3198,12 @@ Survey participants were mainly males 83\% (50 out of 60), females 3\% (2 out of
|
|||||||
\label{chart:itindustryuserresearch}\end{figure}\end{center}
|
\label{chart:itindustryuserresearch}\end{figure}\end{center}
|
||||||
|
|
||||||
\chapter{Designing Secure Mining Environment}
|
\chapter{Designing Secure Mining Environment}
|
||||||
The goal of this Chapter is to design and develop secure and reasonably easy way how to set up and run mining operations on any scale. Inspired by both results from the Monero Miners Research as well as industry standards of large scale IT operations , the main emphasis is placed on the automation and security aspect of the whole system.
|
The goal of this Chapter is to design and develop secure and reasonably easy way how to set up and run mining operations on any scale. Inspired by both results from the Monero Miners Research as well as industry standards of large scale IT operations, the main emphasis is placed on the automation and security aspect of the whole system.
|
||||||
|
|
||||||
|
Repository containing all the code from this Chapter is publicly available in the GitHub repository mentioned in the Appendix Figure \ref{cha:listofattachments}. Video showing the implementation of the system can be found in the Section \ref{cha:autoinstallprocess}.
|
||||||
\section{Automation}
|
\section{Automation}
|
||||||
Automation is a key aspect for designing and running IT operations that are secure, up-to-date, scalable and easy to maintain. To do that, the proposed mining node provisioning scheme is divided into two parts, first being OS installation with early configuration and second is the automated configuration of provisioned nodes using Ansible. Workflow is described in the Figure \ref{pict:deployment-workflow}.
|
Automation is a key aspect for designing and running IT operations that are secure, up-to-date, scalable and easy to maintain. To do that, the proposed mining node provisioning scheme is divided into two parts, first being OS installation with early configuration and second is the automated configuration of provisioned nodes using Ansible. Workflow is described in the Figure \ref{pict:deployment-workflow}.
|
||||||
|
\vspace{-2em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\center
|
\center
|
||||||
\tikzstyle{decision} = [diamond, draw, fill=blue!20,
|
\tikzstyle{decision} = [diamond, draw, fill=blue!20,
|
||||||
@ -3224,11 +3253,10 @@ Automation is a key aspect for designing and running IT operations that are secu
|
|||||||
\textbf{Hosts} file declares connection information about hosts, e.g., IP and login credentials.
|
\textbf{Hosts} file declares connection information about hosts, e.g., IP and login credentials.
|
||||||
\\
|
\\
|
||||||
\texttt{\textbf{ansible-playbook -i hosts xmr01.yml}} is a CLI command that executes \texttt{xmr01.yml} playbook file and takes connection information about hosts and groups involved from the \texttt{hosts} file.
|
\texttt{\textbf{ansible-playbook -i hosts xmr01.yml}} is a CLI command that executes \texttt{xmr01.yml} playbook file and takes connection information about hosts and groups involved from the \texttt{hosts} file.
|
||||||
\newpage
|
\vspace{-1em}
|
||||||
|
|
||||||
\section{Linux-based solution}
|
\section{Linux-based solution}
|
||||||
\subsection{Kickstart installation media}
|
\subsection{Kickstart installation media}
|
||||||
To easily scale the mining operation, every bit of the software provisioning has to be automated. This part describes a process of creating automated Centos 7 or RHEL 7 installation media with minimal package installation without GUI.
|
To easily scale the mining operation, every bit of the software provisioning has to be automated. This part describes a process of creating automated CentOS 7 or RHEL 7 installation media with minimal package installation without GUI.
|
||||||
|
|
||||||
The first step is to obtain installation media at \url{https://www.centos.org/download/}. After downloading the Minimal ISO version, extract the iso file into a separate folder. From there navigate to the \texttt{isolinux} folder and edit \texttt{isolinux.cfg} configuration file.
|
The first step is to obtain installation media at \url{https://www.centos.org/download/}. After downloading the Minimal ISO version, extract the iso file into a separate folder. From there navigate to the \texttt{isolinux} folder and edit \texttt{isolinux.cfg} configuration file.
|
||||||
|
|
||||||
@ -3242,7 +3270,7 @@ Four changes are needed to get the installation process working:
|
|||||||
\item Edit paths for the custom ISO image.
|
\item Edit paths for the custom ISO image.
|
||||||
\item Add kickstart file entry.
|
\item Add kickstart file entry.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
\vspace{-1 em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\begin{center}
|
\begin{center}
|
||||||
\begin{lstlisting}
|
\begin{lstlisting}
|
||||||
@ -3254,6 +3282,7 @@ label linux
|
|||||||
kernel vmlinuz
|
kernel vmlinuz
|
||||||
append initrd=initrd.img <@\textcolor{blue}{inst.ks=hd:LABEL=CENTOS:/ks/ks.cfg inst.stage2=hd:LABEL=CENTOS}@> quiet
|
append initrd=initrd.img <@\textcolor{blue}{inst.ks=hd:LABEL=CENTOS:/ks/ks.cfg inst.stage2=hd:LABEL=CENTOS}@> quiet
|
||||||
\end{lstlisting}
|
\end{lstlisting}
|
||||||
|
\vspace{-0.13em}
|
||||||
\caption{Customised installator entry.}
|
\caption{Customised installator entry.}
|
||||||
\label{pic:codeinjectiongui}
|
\label{pic:codeinjectiongui}
|
||||||
\end{center}
|
\end{center}
|
||||||
@ -3261,7 +3290,7 @@ label linux
|
|||||||
\subsection{Kickstart file}
|
\subsection{Kickstart file}
|
||||||
The kickstart file is a single file that contains all OS installation parameters for RHEL based operating systems \cite{van2015red}. This installation method enables automated provisioning of machines without the need for the administrator input. When the file is presented to the installer, it reads the required parameters resulting in the unattended installation process \cite{leemans2015red}.
|
The kickstart file is a single file that contains all OS installation parameters for RHEL based operating systems \cite{van2015red}. This installation method enables automated provisioning of machines without the need for the administrator input. When the file is presented to the installer, it reads the required parameters resulting in the unattended installation process \cite{leemans2015red}.
|
||||||
|
|
||||||
The created kickstart file for Centos 7 mining installation media is available in the Appendix Figure \ref{fig:kickstart}.
|
The created kickstart file for CentOS 7 mining installation media is available in the Appendix Figure \ref{fig:kickstart}.
|
||||||
|
|
||||||
\subsection{Generating ISO}
|
\subsection{Generating ISO}
|
||||||
The specific process of packaging extracted CentOS installation media back into the iso file varies by the used operating system. In both mentioned scenarios, few specific parameters have to be set:
|
The specific process of packaging extracted CentOS installation media back into the iso file varies by the used operating system. In both mentioned scenarios, few specific parameters have to be set:
|
||||||
@ -3292,7 +3321,7 @@ For creating iso image on Windows, open-source ImgBurn software was used.
|
|||||||
\caption{Boot image selection.}
|
\caption{Boot image selection.}
|
||||||
\end{center}
|
\end{center}
|
||||||
\end{subfigure}
|
\end{subfigure}
|
||||||
\label{fig:test}\caption{Ansible playbook and roles.}
|
\label{fig:test}\caption{Creation of custom CentOS installation media.}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
|
||||||
|
|
||||||
@ -3345,7 +3374,7 @@ To make Linux mining nodes updated and secure, following roles were written:
|
|||||||
The common baseline for all mining nodes that consists of the following tasks:
|
The common baseline for all mining nodes that consists of the following tasks:
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\itemsep0em
|
\itemsep0em
|
||||||
\item Ensure EPEL repo is configured or install it.
|
\item Ensure EPEL (Extra Packages for Enterprise Linux) repository is configured or install it.
|
||||||
\item Install the following packages: \texttt{htop, rsync, screen, tmux, iftop, iotop, nano, git, wget, unzip, mc}.
|
\item Install the following packages: \texttt{htop, rsync, screen, tmux, iftop, iotop, nano, git, wget, unzip, mc}.
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\subsubsection{ansible-sw-firewalld}
|
\subsubsection{ansible-sw-firewalld}
|
||||||
@ -3374,9 +3403,9 @@ This role is a fork of \texttt{ansible-role-fail2ban} that is available at \url{
|
|||||||
|
|
||||||
%TODO prolézt všechny role a zkontrolovat default vars
|
%TODO prolézt všechny role a zkontrolovat default vars
|
||||||
\subsubsection{ansible-sw-xmrstak}
|
\subsubsection{ansible-sw-xmrstak}
|
||||||
Installs software collections \texttt{centos-release-scl} package for Centos together with \texttt{cmake3, devtoolset-4-gcc*, hwloc-devel, make, \newline libmicrohttpd-devel, openssl-devel} packages used for compiling XMR-Stak from source code.
|
Installs software collections \texttt{centos-release-scl} package for CentOS together with \texttt{cmake3, devtoolset-4-gcc*, hwloc-devel, make, \newline libmicrohttpd-devel, openssl-devel} packages used for compiling XMR-Stak from source code.
|
||||||
|
|
||||||
After that, the folder structure inside the non-privileged user account is created, and XMR-Stak repo is cloned into the user directory. With appropriate permissions set, cmake compiles the source code with following flags: \texttt{cmake3 .. -DCPU\TextUnderscore{}ENABLE=ON -DCUDA\TextUnderscore{}ENABLE= OFF -DOpen CL\TextUnderscore{}ENABLE=OFF} resulting in CPU only miner for Centos \cite{xmrstakcompile}.
|
After that, the folder structure inside the non-privileged user account is created, and XMR-Stak repository is cloned into the user directory. With appropriate permissions set, cmake compiles the source code with following flags: \texttt{cmake3 .. -DCPU\TextUnderscore{}ENABLE=ON -DCUDA\TextUnderscore{}ENABLE= OFF -DOpen CL\TextUnderscore{}ENABLE=OFF} resulting in CPU only miner for CentOS \cite{xmrstakcompile}.
|
||||||
|
|
||||||
If the mining node would use GPU, appropriate drivers from AMD or Nvidia website are a prior requirement for running the miner. As GPU feature is only a flag, it can be enabled on demand in the playbook file as cmake3 flags are set as variables in the tasks file of the \texttt{ansible-sw-xmrstak} role in the Jinja2 format: \\ \texttt{cmake3 .. -DCPU\TextUnderscore{}ENABLE=\{\{ DCPU\TextUnderscore{}ENABLE \}\} -DCUDA\TextUnderscore{}ENABLE=\{\{ \newline DCUDA\TextUnderscore{}ENABLE \}\} -DOpenCL\TextUnderscore{}ENABLE=\{\{ DOpenCL\TextUnderscore{}ENABLE \}\}}
|
If the mining node would use GPU, appropriate drivers from AMD or Nvidia website are a prior requirement for running the miner. As GPU feature is only a flag, it can be enabled on demand in the playbook file as cmake3 flags are set as variables in the tasks file of the \texttt{ansible-sw-xmrstak} role in the Jinja2 format: \\ \texttt{cmake3 .. -DCPU\TextUnderscore{}ENABLE=\{\{ DCPU\TextUnderscore{}ENABLE \}\} -DCUDA\TextUnderscore{}ENABLE=\{\{ \newline DCUDA\TextUnderscore{}ENABLE \}\} -DOpenCL\TextUnderscore{}ENABLE=\{\{ DOpenCL\TextUnderscore{}ENABLE \}\}}
|
||||||
|
|
||||||
@ -3386,7 +3415,7 @@ Changes system hostname to inventory hostname set in \texttt{hosts} file using \
|
|||||||
\subsubsection{ansible-user-add}
|
\subsubsection{ansible-user-add}
|
||||||
\texttt{User-add-role} is used for creating the mining user that is not within the wheel group (unprivileged user).
|
\texttt{User-add-role} is used for creating the mining user that is not within the wheel group (unprivileged user).
|
||||||
\subsubsection{ansible-yum-cron}
|
\subsubsection{ansible-yum-cron}
|
||||||
Installs and configures automatic security updates for Centos that are daily checked against the online repository. If packages marked for security update are found, email notification to root is sent \cite{pelz2016centos}.
|
Installs and configures automatic security updates for CentOS that are daily checked against the online repository. If packages marked for security update are found, email notification to root is sent \cite{pelz2016centos}.
|
||||||
\subsubsection{ansible-yum-update}
|
\subsubsection{ansible-yum-update}
|
||||||
All packages including kernel are updated so that mining node is ready to use and won't send update notification on the next day (unless there are new updates in the meantime).
|
All packages including kernel are updated so that mining node is ready to use and won't send update notification on the next day (unless there are new updates in the meantime).
|
||||||
\subsubsection{Additional notes}
|
\subsubsection{Additional notes}
|
||||||
@ -3445,7 +3474,7 @@ Before applying roles in Ansible for Windows, unlike in Ansible with Linux machi
|
|||||||
\item Python 2: apt-get install python-winrm
|
\item Python 2: apt-get install python-winrm
|
||||||
\item Python 3: apt-get install python3-winrm
|
\item Python 3: apt-get install python3-winrm
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Centos:
|
\item CentOS:
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\itemsep0em \vspace{-0.7em}
|
\itemsep0em \vspace{-0.7em}
|
||||||
\item With EPEL enabled: yum install python2-winrm
|
\item With EPEL enabled: yum install python2-winrm
|
||||||
@ -3485,25 +3514,80 @@ The administrator can configure which updates category will be included in the u
|
|||||||
Downloads latest release of XMR-Stak from developers GitHub page, configures mining software and downloads required libraries from Microsoft site. It also creates scheduled task under the mining user to run with elevated permissions after login so that UAC can be kept enabled and the miner is running without UAC prompts.
|
Downloads latest release of XMR-Stak from developers GitHub page, configures mining software and downloads required libraries from Microsoft site. It also creates scheduled task under the mining user to run with elevated permissions after login so that UAC can be kept enabled and the miner is running without UAC prompts.
|
||||||
|
|
||||||
Also adds the exception in Windows Defender to ignore Desktop folder as a binary XMR-Stak file is considered as a malicious file for being a mining software.
|
Also adds the exception in Windows Defender to ignore Desktop folder as a binary XMR-Stak file is considered as a malicious file for being a mining software.
|
||||||
|
\newpage
|
||||||
|
\section{Automated installation process}
|
||||||
|
\label{cha:autoinstallprocess}
|
||||||
|
In order to show automated installation process for both Windows and Linux miners, both installation processes were recorded using HDMI capture card and Open Broadcaster Software (OBS). Timeline detailing installation process is available in the Figures \ref{windows-timeline} and \ref{linux-timeline}.
|
||||||
|
|
||||||
|
Video is available at \url{https://github.com/Ownercz/ssme-thesis/blob/master/video.md} .
|
||||||
|
|
||||||
|
\begin{figure}[H]
|
||||||
|
\color{gray}
|
||||||
|
\rule{\linewidth}{1pt}
|
||||||
|
\ytl{00:20}{Start of unattended Windows installation using the autounattend file}
|
||||||
|
\ytl{05:35}{Install part complete, OS first boot}
|
||||||
|
\ytl{11:07}{Windows 10 installation complete}
|
||||||
|
\ytl{11:15}{Running Ansible playbook on the Windows machine}
|
||||||
|
\ytl{13:38}{Ansible completes miner deployment and reboots the machine}
|
||||||
|
\ytl{15:17}{Ansible sets up firewall, Windows environment and reboots the machine. Miner is already running because of scheduled task after reboot}
|
||||||
|
\ytl{17:18}{Ansible updates the OS using Windows update module}
|
||||||
|
\ytl{55:24}{Ansible reboots the machine to complete the updates}
|
||||||
|
\ytl{57:25}{Ansible completes the playbook and mining machine is ready}
|
||||||
|
\bigskip
|
||||||
|
\rule{\linewidth}{1pt}%
|
||||||
|
\color{black}
|
||||||
|
\caption{Automated deployment of Windows mining machine.}
|
||||||
|
\label{windows-timeline}
|
||||||
|
\end{figure}
|
||||||
|
\pagebreak
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
\begin{figure}[H]
|
||||||
|
\begin{centering}
|
||||||
|
\includegraphics[trim={0 0 0 0},clip,width=0.95\textwidth]{Screenshot_20190303_105607.png}
|
||||||
|
\caption{Windows miner deployment.}
|
||||||
|
\label{pic:windows-mining}
|
||||||
|
\end{centering}
|
||||||
|
\end{figure}
|
||||||
|
|
||||||
|
Both installations were done using USB drive as installation source. Hardware specifications of the installation computer were CPU Intel i5 4460, 24GB of DDR3 RAM and target installation drive was 60GB Intel 330 SATA SSD.
|
||||||
|
|
||||||
|
\begin{figure}[H]
|
||||||
|
\color{gray}
|
||||||
|
\rule{\linewidth}{1pt}
|
||||||
|
\ytl{00:46}{Start of unattended Linux CentOS 7 installation using the kickstart file}
|
||||||
|
\ytl{05:06}{Install part complete, OS first boot}
|
||||||
|
\ytl{05:06}{Running Ansible playbook on the Linux machine}
|
||||||
|
\ytl{11:29}{Ansible completes the playbook and mining machine is ready}
|
||||||
|
\bigskip
|
||||||
|
\rule{\linewidth}{1pt}%
|
||||||
|
\color{black}
|
||||||
|
\caption{Automated deployment of Linux mining machine.}
|
||||||
|
\label{linux-timeline}
|
||||||
|
\end{figure}
|
||||||
|
|
||||||
\chapter{Conclusion}
|
\chapter{Conclusion}
|
||||||
Monero cryptocurrency is a large and active project that offers a wide range of applications for both users and miners. For its open-source nature, everyone can build own wallet software, miner or even a website that provides wallet and key management. Because of this, many good, but also potentially malicious applications are released to the public.
|
Monero cryptocurrency is a large and active project that offers a wide range of applications for both users and miners. For its open-source nature, everyone can build their own wallet software, miner or even a website that provides wallet and key management. Because of this, many good, but also potentially malicious applications are released to the public.
|
||||||
|
|
||||||
To address this issue, thesis provides detailed overview of Monero environment, comparison of wallet client software and exchanges, comparison of mining software and list of malicious events and software connected with Monero cryptocurrency.
|
The goal of this thesis is to map usage habits of Monero cryptocurrency users and miners from both technological as well as security view. Another goal is to create a detailed user guideline for user-friendly and secure usage of the Monero cryptocurrency including key management and backup strategy. For miners, the goal is to implement an automated deployment of mining rigs using one of the popular configuration management tools.
|
||||||
|
|
||||||
Further deepening the explanation of this issue, surveys aimed at Monero users and miners were conducted. With 173 (113 in users and 60 in miners survey) respondents in total, this provides a real Monero users sample upon which two guidelines were proposed. %First for secure usage of Monero cryptocurrency and for .
|
To address this issue, the thesis provides a detailed overview of Monero environment, comparison of wallet client software and exchanges, comparison of mining software and list of malicious events and software connected with Monero cryptocurrency.
|
||||||
|
|
||||||
Results of Monero User Research follow the way how participants were selected (by self-selection) as well as the sites they came from (Reddit, Facebook cryptocurrency groups). That meant that majority of users said they prefer Linux OS with official wallet software and also that they tend to use open-source more then closed-source software. Only a few of them used closed-source apps or website portals that can be labeled as dangerous for the user. Contrary to popular belief, respondents releaved that they use Monero for darknet markets only in 18\% (20 out of 113), in case of drugs in 10\% (11 out of 113) and for other illegal usecases in 5\% (6 out of 113).
|
For a deeper investigation of the listed issues, I have conducted surveys aimed at Monero users and miners. With 173 (113 in users and 60 in miners survey) respondents in total, this provides a real Monero users sample upon which two guidelines were proposed.
|
||||||
|
|
||||||
Monero User Research provided valuable data for Monero usage and storage best practices part of the thesis, which gives users detailed steps on how to work with the Monero cryptocurrency.
|
Results of Monero User Research follow the way how participants were selected (by self-selection) as well as the sites they came from (Reddit, Facebook cryptocurrency groups). That meant that the majority of users said they prefer Linux OS with official wallet software and also that they tend to use open-source more than closed-source software. Only a few of them used closed-source apps or website portals that can be labeled as dangerous for the user. Contrary to popular belief, respondents revealed that they use Monero for darknet markets only in 18\% (20 out of 113), in case of drugs in 10\% (11 out of 113) and for other illegal use cases in 5\% (6 out of 113).
|
||||||
|
|
||||||
|
Based on the results of the research, I formulated Monero usage and storage best practices part of the thesis, which gives users detailed steps on how to work with the Monero cryptocurrency.
|
||||||
|
|
||||||
Monero Miners Research revealed that both Windows and Linux mining operations are set up using manual deployment and updates are usually disabled or delayed. Mining software was in almost all cases open-source with XMR Stak being used the most.
|
Monero Miners Research revealed that both Windows and Linux mining operations are set up using manual deployment and updates are usually disabled or delayed. Mining software was in almost all cases open-source with XMR Stak being used the most.
|
||||||
|
|
||||||
Based on the results from the Monero Miners Research, I implemented an automated deployment system for both major platforms using unattended/kickstart installation media and Ansible. By using application deployment and configuration management tool like Ansible, miners are by this able to deploy large mining operations with correct security settings that are both secure and easy to maintain.
|
Based on the results from the Monero Miners Research, I implemented an automated deployment system for both major platforms using unattended/kickstart installation media and Ansible. By using application deployment and configuration management tool like Ansible, miners can deploy large mining operations with correct security settings that are both secure and easy to maintain.
|
||||||
|
|
||||||
As for the future work on this topic, it would be appropriate to extend current research to include other cryptocurrencies (Dash, Ethereum or Bitcoin) as well as deployment of their miners.
|
As for the future work on this topic, it would be appropriate to extend current research to include other cryptocurrencies (Dash, Ethereum or Bitcoin) as well as the deployment of their miners.
|
||||||
|
|
||||||
To make results from this thesis more open to the public, everything is published under the GitHub repository and GitHub pages website. Website links are avaiable in the Appendix Figure \ref{cha:listofattachments}.
|
To make results from this thesis more open to the public, everything is published under the GitHub repository and GitHub pages website. Website links are available in the Appendix Figure \ref{cha:listofattachments}.
|
||||||
|
|
||||||
%na zaklade motivace jsem delal toto, výsledky byly tyto, zjisteni vyzkumu users, miners a nazaklade jejich jsem udelal implementaci co se tyce future work vidim jako mozna budouci pole půsovnosti tohleto tamhleto.
|
%na zaklade motivace jsem delal toto, výsledky byly tyto, zjisteni vyzkumu users, miners a nazaklade jejich jsem udelal implementaci co se tyce future work vidim jako mozna budouci pole půsovnosti tohleto tamhleto.
|
||||||
|
|
||||||
@ -3524,7 +3608,7 @@ This work can further be extended by covering the pool operators perspective, s
|
|||||||
|
|
||||||
From miners perspective, the thesis offers the guide on how to automate deployment and configuration of mining operations. This is important as only a small fraction from both Windows and Linux miners use automation tools to deploy and manage mining rigs which can result in unwanted differences in configuration or inconsistencies across mining environment.
|
From miners perspective, the thesis offers the guide on how to automate deployment and configuration of mining operations. This is important as only a small fraction from both Windows and Linux miners use automation tools to deploy and manage mining rigs which can result in unwanted differences in configuration or inconsistencies across mining environment.
|
||||||
|
|
||||||
To make results from this thesis more open to the public, everything is published under the GitHub repository and GitHub pages website. Website links are avaiable in the Appendix Figure \ref{cha:listofattachments}.
|
To make results from this thesis more open to the public, everything is published under the GitHub repository and GitHub pages website. Website links are available in the Appendix Figure \ref{cha:listofattachments}.
|
||||||
%\noindent
|
%\noindent
|
||||||
%GitHub repository: \url{https://github.com/Ownercz/ssme-thesis}\\
|
%GitHub repository: \url{https://github.com/Ownercz/ssme-thesis}\\
|
||||||
%GitHub pages: \url{https://ownercz.github.io/ssme-thesis}
|
%GitHub pages: \url{https://ownercz.github.io/ssme-thesis}
|
||||||
@ -3553,14 +3637,13 @@ Following files are included in the attachment archive:
|
|||||||
\itemsep0em
|
\itemsep0em
|
||||||
\item \texttt{Ansible} directory containing Ansible playbook and roles for Linux and Windows miner deployment.
|
\item \texttt{Ansible} directory containing Ansible playbook and roles for Linux and Windows miner deployment.
|
||||||
\item \texttt{Cleansed} directory containing data used for Monero Users and Monero Miners survey.
|
\item \texttt{Cleansed} directory containing data used for Monero Users and Monero Miners survey.
|
||||||
\item \texttt{Kickstart} directory containing the kickstart file for Centos 7 used in unattended Centos installation.
|
\item \texttt{Kickstart} directory containing the kickstart file for CentOS 7 used in unattended CentOS installation.
|
||||||
\item \texttt{Original} directory containing unfiltered data from Monero Users and Monero Miners survey.
|
\item \texttt{Original} directory containing unfiltered data from Monero Users and Monero Miners survey.
|
||||||
\item \texttt{SQL-queries} directory containing SQL files that were used for data processing for both surveys.
|
\item \texttt{SQL-queries} directory containing SQL files that were used for data processing for both surveys.
|
||||||
\item \texttt{Unattended} directory containing the autounattend file for Windows 10 used in unattended Windows 10 installation.
|
\item \texttt{Unattended} directory containing the autounattend file for Windows 10 used in unattended Windows 10 installation.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
\chapter{Responses -- User Research}
|
||||||
\chapter{Responses Sorted by Country -- User Research}
|
|
||||||
\vspace{-1em}
|
\vspace{-1em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\center
|
\center
|
||||||
@ -3599,12 +3682,12 @@ Following files are included in the attachment archive:
|
|||||||
01 & AF & Afghanistan
|
01 & AF & Afghanistan
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\end{footnotesize}
|
\end{footnotesize}
|
||||||
\caption{Responses by country in user research.}
|
\captionof{table}{Responses by country in user research.}
|
||||||
\label{table:countries}
|
\label{table:countries}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
|
||||||
|
|
||||||
\chapter{Responses Sorted by Country -- Miners Research}
|
\chapter{Responses -- Miners Research}
|
||||||
\vspace{-2em}
|
\vspace{-2em}
|
||||||
\begin{figure}[H]
|
\begin{figure}[H]
|
||||||
\center
|
\center
|
||||||
@ -3636,7 +3719,7 @@ Following files are included in the attachment archive:
|
|||||||
01 & AU & Australia \\
|
01 & AU & Australia \\
|
||||||
01 & AF & Afghanistan \\
|
01 & AF & Afghanistan \\
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\caption{Responses by country in miners research.}
|
\captionof{table}{Responses by country in miners research.}
|
||||||
\label{table:countriesminers}
|
\label{table:countriesminers}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
|
||||||
@ -3713,60 +3796,10 @@ pwpolicy luks --minlen=6 --minquality=50 --notstrict --nochanges --notempty
|
|||||||
|
|
||||||
|
|
||||||
\center
|
\center
|
||||||
\caption{Centos 7 kickstart file.}
|
\caption{CentOS 7 kickstart file.}
|
||||||
\label{fig:kickstart}
|
\label{fig:kickstart}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
\chapter{Automated installation process}
|
\newpage
|
||||||
In order to show automated installation process for both Windows and Linux miners, both installation processes were recorded using HDMI capture card and Open Broadcaster Software (OBS). Timeline detailing installation process is avaiable in the Figures \ref{windows-timeline} and \ref{linux-timeline}.
|
|
||||||
|
|
||||||
Video is avaiable at \url{https://github.com/Ownercz/ssme-thesis/blob/master/video.md} .
|
|
||||||
|
|
||||||
\begin{figure}[H]
|
|
||||||
\color{gray}
|
|
||||||
\rule{\linewidth}{1pt}
|
|
||||||
\ytl{00:20}{Start of unattended Windows installation using the autounattend file}
|
|
||||||
\ytl{05:35}{Install part complete, OS first boot}
|
|
||||||
\ytl{11:07}{Windows 10 installation complete}
|
|
||||||
\ytl{11:15}{Running Ansible playbook on the Windows machine}
|
|
||||||
\ytl{13:38}{Ansible completes miner deployment and reboots the machine}
|
|
||||||
\ytl{15:17}{Ansible sets up firewall, Windows environment and reboots the machine. Miner is already running because of scheduled task after reboot}
|
|
||||||
\ytl{17:18}{Ansible updates the OS using Windows update module}
|
|
||||||
\ytl{55:24}{Ansible reboots the machine to complete the updates}
|
|
||||||
\ytl{57:25}{Ansible completes the playbook and mining machine is ready}
|
|
||||||
\bigskip
|
|
||||||
\rule{\linewidth}{1pt}%
|
|
||||||
\color{black}
|
|
||||||
\caption{Automated deployment of Windows mining machine.}
|
|
||||||
\label{windows-timeline}
|
|
||||||
\end{figure}
|
|
||||||
\pagebreak
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\begin{figure}[H]
|
|
||||||
\begin{centering}
|
|
||||||
\includegraphics[trim={0 0 0 0},clip,width=0.95\textwidth]{Screenshot_20190303_105607.png}
|
|
||||||
\caption{Windows miner deployment.}
|
|
||||||
\label{pic:windows-mining}
|
|
||||||
\end{centering}
|
|
||||||
\end{figure}
|
|
||||||
|
|
||||||
Both installations were done using USB drive as installation source. Hardware specifications of the installation computer were CPU Intel i5 4460, 24GB of DDR3 RAM and target installation drive was 60GB Intel 330 SATA SSD.
|
|
||||||
|
|
||||||
\begin{figure}[H]
|
|
||||||
\color{gray}
|
|
||||||
\rule{\linewidth}{1pt}
|
|
||||||
\ytl{00:46}{Start of unattended Linux Centos 7 installation using the kickstart file}
|
|
||||||
\ytl{05:06}{Install part complete, OS first boot}
|
|
||||||
\ytl{05:06}{Running Ansible playbook on the Linux machine}
|
|
||||||
\ytl{11:29}{Ansible completes the playbook and mining machine is ready}
|
|
||||||
\bigskip
|
|
||||||
\rule{\linewidth}{1pt}%
|
|
||||||
\color{black}
|
|
||||||
\caption{Automated deployment of Linux mining machine.}
|
|
||||||
\label{linux-timeline}
|
|
||||||
\end{figure}
|
|
||||||
|
|
||||||
|
|
||||||
%% Start the appendices.
|
%% Start the appendices.
|
||||||
|
@ -137,3 +137,5 @@ SELECT In_which_age_group_are_you, COUNT(*), (COUNT(*)*100)/113 FROM users GROUP
|
|||||||
SELECT Select_your_highest_achieved_level_of_education, COUNT(*), (COUNT(*)*100)/113 FROM users GROUP BY Select_your_highest_achieved_level_of_education;
|
SELECT Select_your_highest_achieved_level_of_education, COUNT(*), (COUNT(*)*100)/113 FROM users GROUP BY Select_your_highest_achieved_level_of_education;
|
||||||
SELECT Do_you_work_or_study_in_IT_related_field, COUNT(*), (COUNT(*)*100)/113 FROM users GROUP BY Do_you_work_or_study_in_IT_related_field;
|
SELECT Do_you_work_or_study_in_IT_related_field, COUNT(*), (COUNT(*)*100)/113 FROM users GROUP BY Do_you_work_or_study_in_IT_related_field;
|
||||||
|
|
||||||
|
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'yes' AND Do_you_have_a_backup_of_your_wallet LIKE 'yes';
|
@ -1,3 +1,18 @@
|
|||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'yes';
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'no';
|
||||||
|
|
||||||
|
SELECT COUNT(*) FROM users WHERE Which_type_of_wallet_do_you_use_Hot_wallet LIKE 'yes';
|
||||||
|
SELECT COUNT(*) FROM users WHERE Which_type_of_wallet_do_you_use_Cold_wallet LIKE 'yes';
|
||||||
|
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'yes' AND Which_type_of_wallet_do_you_use_Hot_wallet LIKE 'yes';
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'no' AND Which_type_of_wallet_do_you_use_Hot_wallet LIKE 'yes';
|
||||||
|
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'yes' AND Which_type_of_wallet_do_you_use_Cold_wallet LIKE 'yes';
|
||||||
|
SELECT COUNT(*) FROM users WHERE Did_you_ever_need_to_restore_your_wallet LIKE 'no' AND Which_type_of_wallet_do_you_use_Cold_wallet LIKE 'yes';
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Linux like 'yes' AND Did_you_ever_need_to_restore_your_wallet like 'yes';
|
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Linux like 'yes' AND Did_you_ever_need_to_restore_your_wallet like 'yes';
|
||||||
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Windows like 'yes' AND Did_you_ever_need_to_restore_your_wallet like 'yes';
|
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Windows like 'yes' AND Did_you_ever_need_to_restore_your_wallet like 'yes';
|
||||||
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Linux like 'yes' AND Have_you_ever_been_affected_by_malicious_software like 'yes';
|
SELECT COUNT(*) FROM users WHERE Which_platforms_do_you_use_to_access_Monero_Linux like 'yes' AND Have_you_ever_been_affected_by_malicious_software like 'yes';
|
||||||
|
@ -4,8 +4,8 @@
|
|||||||
# baseurl is the website's URL without the hostname
|
# baseurl is the website's URL without the hostname
|
||||||
|
|
||||||
# If you are building a simple GitHub user page (https://username.github.io) then use these settings:
|
# If you are building a simple GitHub user page (https://username.github.io) then use these settings:
|
||||||
url: "https://ownercz.github.io/ssme-thesis-portal"
|
url: "https://ownercz.github.io/ssme-thesis"
|
||||||
baseurl: "/ssme-thesis-portal"
|
baseurl: "/ssme-thesis"
|
||||||
|
|
||||||
# If you are building a GitHub project page then use these settings:
|
# If you are building a GitHub project page then use these settings:
|
||||||
#url: "http://username.github.io/projectname"
|
#url: "http://username.github.io/projectname"
|
||||||
@ -23,12 +23,12 @@ description: Usable security in Monero cryptocurrency
|
|||||||
|
|
||||||
# List of links in the navigation bar
|
# List of links in the navigation bar
|
||||||
navbar-links:
|
navbar-links:
|
||||||
About Me: "aboutme"
|
# About Me: "aboutme"
|
||||||
Resources:
|
# Resources:
|
||||||
- Beautiful Jekyll: "http://deanattali.com/beautiful-jekyll/"
|
# - Beautiful Jekyll: "http://deanattali.com/beautiful-jekyll/"
|
||||||
- Learn markdown: "http://www.markdowntutorial.com/"
|
# - Learn markdown: "http://www.markdowntutorial.com/"
|
||||||
- GitHub Pages: "https://pages.github.com/"
|
# - GitHub Pages: "https://pages.github.com/"
|
||||||
Author's home: "http://deanattali.com"
|
Github repo: "https://github.com/Ownercz/ssme-thesis"
|
||||||
|
|
||||||
# Image to show in the navigation bar - image must be a square (width = height)
|
# Image to show in the navigation bar - image must be a square (width = height)
|
||||||
# Remove this parameter if you don't want an image in the navbar
|
# Remove this parameter if you don't want an image in the navbar
|
||||||
@ -78,7 +78,7 @@ social-network-links:
|
|||||||
twitter: radimlipovcan
|
twitter: radimlipovcan
|
||||||
reddit: ownercz
|
reddit: ownercz
|
||||||
# google-plus: +DeanAttali
|
# google-plus: +DeanAttali
|
||||||
# linkedin: daattali
|
linkedin: lipovcan
|
||||||
# xing: yourname
|
# xing: yourname
|
||||||
# stackoverflow: "3943160/daattali"
|
# stackoverflow: "3943160/daattali"
|
||||||
# snapchat: deanat78
|
# snapchat: deanat78
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: First post!
|
|
||||||
image: /img/hello_world.jpeg
|
|
||||||
---
|
|
||||||
|
|
||||||
This is my first post, how exciting!
|
|
@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: Pirates arrrr
|
|
||||||
---
|
|
||||||
|
|
||||||
Piracy is typically an act of robbery or criminal violence at sea. The term can include acts committed on land, in the air, or in other major bodies of water or on a shore. It does not normally include crimes committed against persons traveling on the same vessel as the perpetrator (e.g. one passenger stealing from others on the same vessel). The term has been used throughout history to refer to raids across land borders by non-state agents.
|
|
@ -1,11 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: Soccer
|
|
||||||
subtitle: Best sport ever!
|
|
||||||
---
|
|
||||||
|
|
||||||
From Wikipedia:
|
|
||||||
|
|
||||||
Association football, more commonly known as football or soccer,[2] is a sport played between two teams of eleven players with a spherical ball. It is played by 250 million players in over 200 countries, making it the world's most popular sport.[3][4][5][6] The game is played on a rectangular field with a goal at each end. The object of the game is to score by getting the ball into the opposing goal.
|
|
||||||
|
|
||||||
The goalkeepers are the only players allowed to touch the ball with their hands or arms while it is in play and then only in their penalty area. Outfield players mostly use their feet to strike or pass the ball, but may use their head or torso to strike the ball instead. The team that scores the most goals by the end of the match wins. If the score is level at the end of the game, either a draw is declared or the game goes into extra time and/or a penalty shootout depending on the format of the competition. The Laws of the Game were originally codified in England by The Football Association in 1863. Association football is governed internationally by the International Federation of Association Football (FIFA; French: Fédération Internationale de Football Association) which organises a World Cup every four years.[7]
|
|
@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: Dear diary
|
|
||||||
---
|
|
||||||
|
|
||||||
What is it with that Mary girl? Dragging me to school every day. As if I had a choice. What you don't hear in those nursery rhymes is that she starves me if I don't go to school with her; it's the only way I can stay alive! I'm thinking about being adopted by Little Bo Peep, sure I may get lost, but anything is better than being with Mary and those little brats at school (shudder, shudder).
|
|
@ -1,42 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: To be
|
|
||||||
subtitle: ... or not to be?
|
|
||||||
tags: [books, shakespeare, test]
|
|
||||||
---
|
|
||||||
|
|
||||||
To be, or not to be--that is the question:
|
|
||||||
Whether 'tis nobler in the mind to suffer
|
|
||||||
The slings and arrows of outrageous fortune
|
|
||||||
Or to take arms against a sea of troubles
|
|
||||||
And by opposing end them. To die, to sleep--
|
|
||||||
No more--and by a sleep to say we end
|
|
||||||
The heartache, and the thousand natural shocks
|
|
||||||
That flesh is heir to. 'Tis a consummation
|
|
||||||
Devoutly to be wished. To die, to sleep--
|
|
||||||
To sleep--perchance to dream: ay, there's the rub,
|
|
||||||
For in that sleep of death what dreams may come
|
|
||||||
When we have shuffled off this mortal coil,
|
|
||||||
Must give us pause. There's the respect
|
|
||||||
That makes calamity of so long life.
|
|
||||||
For who would bear the whips and scorns of time,
|
|
||||||
Th' oppressor's wrong, the proud man's contumely
|
|
||||||
The pangs of despised love, the law's delay,
|
|
||||||
The insolence of office, and the spurns
|
|
||||||
That patient merit of th' unworthy takes,
|
|
||||||
When he himself might his quietus make
|
|
||||||
With a bare bodkin? Who would fardels bear,
|
|
||||||
To grunt and sweat under a weary life,
|
|
||||||
But that the dread of something after death,
|
|
||||||
The undiscovered country, from whose bourn
|
|
||||||
No traveller returns, puzzles the will,
|
|
||||||
And makes us rather bear those ills we have
|
|
||||||
Than fly to others that we know not of?
|
|
||||||
Thus conscience does make cowards of us all,
|
|
||||||
And thus the native hue of resolution
|
|
||||||
Is sicklied o'er with the pale cast of thought,
|
|
||||||
And enterprise of great pitch and moment
|
|
||||||
With this regard their currents turn awry
|
|
||||||
And lose the name of action. -- Soft you now,
|
|
||||||
The fair Ophelia! -- Nymph, in thy orisons
|
|
||||||
Be all my sins remembered.
|
|
@ -1,15 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: Flake it till you make it
|
|
||||||
subtitle: Excerpt from Soulshaping by Jeff Brown
|
|
||||||
bigimg: /img/path.jpg
|
|
||||||
tags: [books, test]
|
|
||||||
---
|
|
||||||
|
|
||||||
Under what circumstances should we step off a path? When is it essential that we finish what we start? If I bought a bag of peanuts and had an allergic reaction, no one would fault me if I threw it out. If I ended a relationship with a woman who hit me, no one would say that I had a commitment problem. But if I walk away from a seemingly secure route because my soul has other ideas, I am a flake?
|
|
||||||
|
|
||||||
The truth is that no one else can definitively know the path we are here to walk. It’s tempting to listen—many of us long for the omnipotent other—but unless they are genuine psychic intuitives, they can’t know. All others can know is their own truth, and if they’ve actually done the work to excavate it, they will have the good sense to know that they cannot genuinely know anyone else’s. Only soul knows the path it is here to walk. Since you are the only one living in your temple, only you can know its scriptures and interpretive structure.
|
|
||||||
|
|
||||||
At the heart of the struggle are two very different ideas of success—survival-driven and soul-driven. For survivalists, success is security, pragmatism, power over others. Success is the absence of material suffering, the nourishing of the soul be damned. It is an odd and ironic thing that most of the material power in our world often resides in the hands of younger souls. Still working in the egoic and material realms, they love the sensations of power and focus most of their energy on accumulation. Older souls tend not to be as materially driven. They have already played the worldly game in previous lives and they search for more subtle shades of meaning in this one—authentication rather than accumulation. They are often ignored by the culture at large, although they really are the truest warriors.
|
|
||||||
|
|
||||||
A soulful notion of success rests on the actualization of our innate image. Success is simply the completion of a soul step, however unsightly it may be. We have finished what we started when the lesson is learned. What a fear-based culture calls a wonderful opportunity may be fruitless and misguided for the soul. Staying in a passionless relationship may satisfy our need for comfort, but it may stifle the soul. Becoming a famous lawyer is only worthwhile if the soul demands it. It is an essential failure if you are called to be a monastic this time around. If you need to explore and abandon ten careers in order to stretch your soul toward its innate image, then so be it. Flake it till you make it.
|
|
@ -1,73 +0,0 @@
|
|||||||
---
|
|
||||||
layout: post
|
|
||||||
title: Test markdown
|
|
||||||
subtitle: Each post also has a subtitle
|
|
||||||
gh-repo: daattali/beautiful-jekyll
|
|
||||||
gh-badge: [star, fork, follow]
|
|
||||||
tags: [test]
|
|
||||||
---
|
|
||||||
|
|
||||||
You can write regular [markdown](http://markdowntutorial.com/) here and Jekyll will automatically convert it to a nice webpage. I strongly encourage you to [take 5 minutes to learn how to write in markdown](http://markdowntutorial.com/) - it'll teach you how to transform regular text into bold/italics/headings/tables/etc.
|
|
||||||
|
|
||||||
**Here is some bold text**
|
|
||||||
|
|
||||||
## Here is a secondary heading
|
|
||||||
|
|
||||||
Here's a useless table:
|
|
||||||
|
|
||||||
| Number | Next number | Previous number |
|
|
||||||
| :------ |:--- | :--- |
|
|
||||||
| Five | Six | Four |
|
|
||||||
| Ten | Eleven | Nine |
|
|
||||||
| Seven | Eight | Six |
|
|
||||||
| Two | Three | One |
|
|
||||||
|
|
||||||
|
|
||||||
How about a yummy crepe?
|
|
||||||
|
|
||||||
![Crepe](http://s3-media3.fl.yelpcdn.com/bphoto/cQ1Yoa75m2yUFFbY2xwuqw/348s.jpg)
|
|
||||||
|
|
||||||
Here's a code chunk:
|
|
||||||
|
|
||||||
~~~
|
|
||||||
var foo = function(x) {
|
|
||||||
return(x + 5);
|
|
||||||
}
|
|
||||||
foo(3)
|
|
||||||
~~~
|
|
||||||
|
|
||||||
And here is the same code with syntax highlighting:
|
|
||||||
|
|
||||||
```javascript
|
|
||||||
var foo = function(x) {
|
|
||||||
return(x + 5);
|
|
||||||
}
|
|
||||||
foo(3)
|
|
||||||
```
|
|
||||||
|
|
||||||
And here is the same code yet again but with line numbers:
|
|
||||||
|
|
||||||
{% highlight javascript linenos %}
|
|
||||||
var foo = function(x) {
|
|
||||||
return(x + 5);
|
|
||||||
}
|
|
||||||
foo(3)
|
|
||||||
{% endhighlight %}
|
|
||||||
|
|
||||||
## Boxes
|
|
||||||
You can add notification, warning and error boxes like this:
|
|
||||||
|
|
||||||
### Notification
|
|
||||||
|
|
||||||
{: .box-note}
|
|
||||||
**Note:** This is a notification box.
|
|
||||||
|
|
||||||
### Warning
|
|
||||||
|
|
||||||
{: .box-warning}
|
|
||||||
**Warning:** This is a warning box.
|
|
||||||
|
|
||||||
### Error
|
|
||||||
|
|
||||||
{: .box-error}
|
|
||||||
**Error:** This is an error box.
|
|
40
docs/_posts/2019-05-01-cryptocurrency.md
Normal file
40
docs/_posts/2019-05-01-cryptocurrency.md
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Cryptocurrency
|
||||||
|
subtitle: Introduction to Cryptocurrency terminology
|
||||||
|
tags: [introduction,cryptocurrency,terminology]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
Monero project offers a decentralized and anonymous open-source cryptocurrency with a regular update cycle that does not limit the user to use certain software or hardware. With such an open approach, it is often difficult for users to keep up and be aware of many choices on the client side, that can be either good or bad for them. As cryptocurrency usage is rising in general, it is also more and more frequent to encounter malicious sites or software developersthat aim to take control over users funds to gain an easy profit. This thesis focuses on the Monero usage and mining from usable security view to explain the current state in the Monero ecosystem and reflect
|
||||||
|
the real-world usage data from both users and miners surveys. The goal of this thesis is to map usage habits of Monero cryptocurrency users and miners from both technological as well as security view. Another goal is to create a detailed user guideline for user-friendly and secure usage of the Monero cryptocurrency including key management and backup strategy. For miners, the goal is to implement an automated deployment of mining rigs using one of the popular configuration management tools.
|
||||||
|
To find an answer to such research questions and to get real world usage data, I conducted a Monero User Research survey in which 113 participants shared their habits regarding Monero cryptocurrency.
|
||||||
|
|
||||||
|
Based on the survey results and IT industry practices I proposed a Monero usage and storage best practices guide that covers the key generation, wallet management, and a secure backup scheme. Aside from clients, key parts of Monero are also miners and Monero network itself. As miners are the ones who verify transactions and keep the network running, it was important to describe the mining software and categories which are later used in the Monero Miners Research survey. In the survey, 60 miners shared technical information about their current mining setups. This was later reflected in the proposed guide for designing secure mining environment in which the automation was the main aspect.
|
||||||
|
|
||||||
|
The thesis describes a detailed overview of wallet and its types, as well as ways how to attack the wallet, followed by transaction features in the Monero and problems in Monero environment from both Monero network and Monero malware sides.
|
||||||
|
|
||||||
|
The thesis is divided into 10 Chapters. The first three Chapters describe Monero cryptocurrency, its development cycle, transactions in the network, wallets, multisig together with cryptocurrency competitors, problems in Monero environment and overall Monero use case. The fifth and sixth Chapters describe the Monero User Research, its results and propos a detailed guideline for best practices in Monero usage and storage. The eight and ninth Chapters describe the Monero Miners Research, its results and the design of the secure mining environment. The last Chapter covers the final conclusion.
|
||||||
|
|
||||||
|
## 2 Cryptocurrency
|
||||||
|
This Chapter is aimed as a starting point that explains terms and technology that will occur throughout the following pages and Chapters. Although these terms provide only a short description, it is recommended for every reader to swift through them as in later pages they are discussed and used in detail thoroughly.
|
||||||
|
|
||||||
|
**Cryptocurrency** is a digital currency that is designed to use cryptography to secure and verify its transactions. Cryptocurrencies are decentralized as opposed to traditional money transaction systems used in the banks. Decentralization is established by using distributed blockchain that functions as a transaction database within the currency. First cryptocurrency available was Bitcoin.
|
||||||
|
|
||||||
|
**Altcoin** is a term used for every cryptocurrency that is not Bitcoin.
|
||||||
|
|
||||||
|
**The fork** happens when developers create a copy of existing project codebase and start their path of development with it.
|
||||||
|
|
||||||
|
**The market capitalization** (market cap) is a total value of cryptocurrency that refers to the total number of emitted coins multiplied by the value of the coin.
|
||||||
|
|
||||||
|
**The blockchain** is a technology responsible for storing every transaction that has ever been processed in the cryptocurrency, also often called as a ledger. The main purpose of the blockchain is to ensure the validity of completed transactions.
|
||||||
|
|
||||||
|
**Transactions** within cryptocurrency are processed together as blocks that are verified by miners and then added to the blockchain as a new mined block.
|
||||||
|
|
||||||
|
**The wallet** is a storage medium that holds private and public keys by which the user can access, send and receive funds. Wallet effectively does not have the coins but is rather a key to access them from the blockchain.
|
||||||
|
|
||||||
|
**The node** is a computer connected to the cryptocurrency network. The node is often referred to as a full node which means that the computer maintains a full copy of blockchain. This results in node downloading every block and transaction and checking them against cryptocurrency rules, especially whether the transaction has correct
|
||||||
|
signatures, data format and the right number of emitted coins per block.
|
||||||
|
|
||||||
|
**The mining** process is done by miners that verify transactions on the network and adds them to the blockchain together in the form of a block which results in new coins being emitted as a reward for block solving.
|
||||||
|
|
||||||
|
**Mining in pools** is the way how individual miners pool their computational resources. Due to resources pooling, there is a higher chance of solving the block, therefore gaining the reward of newly emitted coins.
|
232
docs/_posts/2019-05-02-Monero-cryptocurrency-and-usage.md
Normal file
232
docs/_posts/2019-05-02-Monero-cryptocurrency-and-usage.md
Normal file
@ -0,0 +1,232 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Monero cryptocurrency and usage
|
||||||
|
subtitle: Introduction to Monero
|
||||||
|
tags: [introduction,cryptocurrency,terminology]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
## 3 Monero Cryptocurrency
|
||||||
|
Monero is an open-source cryptocurrency that is developed under the Monero project to create a decentralized and anonymous currency. Its main goal is to make the user the one who has complete control over funds.
|
||||||
|
Meaning that every single digital transaction and the exact number of coins in users wallet cannot be traced back to the user without sharing the view key of the transaction [2]. Main distinctive points compared to other cryptocurrencies are:
|
||||||
|
|
||||||
|
- The blockchain is public, but a large part of it is encrypted.
|
||||||
|
- The sender of the transaction is hidden by using Ring Signatures
|
||||||
|
explained in the Chapter 3.5.2.
|
||||||
|
- The exact amount of transferred coins is encrypted using RingCT
|
||||||
|
as described in the Chapter 3.5.3.
|
||||||
|
- Transaction history and receiving party is hidden by the usage
|
||||||
|
of stealth addresses that are referenced in the Chapter 3.5.1.
|
||||||
|
|
||||||
|
### 3.1 Origin and the main focus
|
||||||
|
|
||||||
|
Monero (XMR) started its way by forking from Bytecoin, which was proof-of-concept cryptocurrency that used as first of its kind protocol called CryptoNote. CryptoNote was published by the start of the year 2014 [3].
|
||||||
|
Although Bytecoin had a promising protocol aimed at privacy, there was a problem with premine, meaning that cryptocurrency at the time of publishing had already 82% of the coins already emitted [4]. That was the reason why people interested in anonymous cryptocurrencies decided to create a Bytecoin fork under the name of
|
||||||
|
BitMonero [5].
|
||||||
|
Next important moment was when a significant part of the developers decided to abandon the project in favor of creating a new fork named Monero in 06.23.2014. By this action, Monero cryptocurrency was created with publicly known blockchain from the start, strictly defined goals and motivated team of developers [6].
|
||||||
|
|
||||||
|
|
||||||
|
### 3.2 Monero market cap
|
||||||
|
|
||||||
|
As Monero is often mentioned for its privacy features, decentralization
|
||||||
|
in mind and fungibility as main asset, the Table 3.1 puts Monero in
|
||||||
|
the direct comparison against the Top 5 cryptocurrencies.
|
||||||
|
To compare different cryptocurrency projects, market capitaliza-
|
||||||
|
tion (market cap) is often used as a way of ranking [7]. It indicates
|
||||||
|
the relative size of cryptocurrency by the formula:
|
||||||
|
|
||||||
|
Market Cap = Circulating Supply * Price
|
||||||
|
|
||||||
|
**Privacy** in cryptocurrency is a feature that assures that amount of
|
||||||
|
coin user owns, sends or receives cannot be seen on the blockchain.
|
||||||
|
|
||||||
|
**Decentralization** in cryptocurrency network all nodes are equals.
|
||||||
|
That means that no supernode can override how transactions are being
|
||||||
|
processed as well as there is no single entity in control.
|
||||||
|
|
||||||
|
**Fungibility** means that every coin ever emitted has the same value
|
||||||
|
as the others and cannot be traced back; thus there cannot be coin
|
||||||
|
blacklist.
|
||||||
|
|
||||||
|
### 3.4 Development cycle
|
||||||
|
|
||||||
|
Monero development cycle is based on planned network updates that
|
||||||
|
occur every six months. By this developers want to encourage work on
|
||||||
|
the project with regular updates in contrast to other cryptocurrencies
|
||||||
|
that don’t want any new hard forks in the future as it brings the danger
|
||||||
|
of splitting the coin into several versions [23].
|
||||||
|
|
||||||
|
```
|
||||||
|
03.03.2014 ······• Bytecoin - published on GitHub.
|
||||||
|
```
|
||||||
|
#### 04.17.2014 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
ByteCoin fork - the creation of BitMonero
|
||||||
|
cryptocurrency.
|
||||||
|
```
|
||||||
|
#### 07.23.2014 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
BitMonero Fork - the creation of Monero
|
||||||
|
cryptocurrency.
|
||||||
|
```
|
||||||
|
#### 03.22.2016 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Monero v2 - ring size change, block time set to 120
|
||||||
|
seconds.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
09.21.2016 ······• Monero v3 - transactions are split into smaller
|
||||||
|
amounts.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
01.05.2017 ······•
|
||||||
|
Monero v4 - the concurrent run of normal and
|
||||||
|
RingCT transactions.
|
||||||
|
```
|
||||||
|
#### 04.15.2017 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Monero v5 - block size update and fee algorithm
|
||||||
|
adjustments.
|
||||||
|
```
|
||||||
|
#### 09.16.2017 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Monero v6 - RingCT forced on the network with
|
||||||
|
ring size set to 5.
|
||||||
|
```
|
||||||
|
#### 04.06.2018 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Monero v7 - change of CryptoNight mining
|
||||||
|
algorithm to prevent ASIC on the network, ring size
|
||||||
|
set to set to 7.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
10.11.2018 ······•
|
||||||
|
Monero v8 - enabled Bulletproofs for reduced
|
||||||
|
transaction sizes, global ring size set to 11.
|
||||||
|
```
|
||||||
|
#### 02.25.2019 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Monero v9 - new PoW based on Cryptonight-R, new
|
||||||
|
block weight algorithm.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
Figure 3.1: Monero development timeline.
|
||||||
|
```
|
||||||
|
|
||||||
|
Updates are meant to improve and enhance the previously es-
|
||||||
|
tablished codebase as well as fixing already existing bugs that are
|
||||||
|
continuously being resolved. Known problems in Monero history
|
||||||
|
were:
|
||||||
|
|
||||||
|
- **Spam attack**
|
||||||
|
**-** Was aimed to oversaturate the Monero network by sending
|
||||||
|
minimal transactions and leveraging low transaction fee of
|
||||||
|
0.005 XMR. Immediate fix was established by raising the
|
||||||
|
fee to 0.1 XMR. This problem led to the implementation of
|
||||||
|
dynamic transaction fee based on the chosen transaction
|
||||||
|
priority [24].
|
||||||
|
- **Split chain attack**
|
||||||
|
**-** The successful exploit of Merkle root calculation vulnerabil-
|
||||||
|
ity led to the creation of two blocks of the same height and
|
||||||
|
hash, but with two different transactions on the end of the
|
||||||
|
block [25]. By this, two separate Monero chains were cre-
|
||||||
|
ated. The exploit could be applied to all CryptoNote based
|
||||||
|
cryptocurrencies. In the case of Monero, all transactions
|
||||||
|
were stopped on exchanges until next day, when the fix was
|
||||||
|
issued [26].
|
||||||
|
- **Transaction analysis in Monero blockchain**
|
||||||
|
**-** Research published in 2017 uncovered past and present
|
||||||
|
problems in anonymity with Monero transaction system.
|
||||||
|
The most significant discovery was that a substantial por-
|
||||||
|
tion of transactions used a Ring Signature of zero which
|
||||||
|
caused traceability of the amount of coin in the transaction
|
||||||
|
output on the blockchain [27].
|
||||||
|
**-** This issue was resolved by Monero team already in 2016
|
||||||
|
with Monero v2, where Ring Signature was set to set to
|
||||||
|
3 [28]. Soon after the paper was released, Monero got its
|
||||||
|
v6 update with enforced use of RingCT technology for all
|
||||||
|
transaction outputs [29].
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### 3.5 Transactions in Monero network
|
||||||
|
|
||||||
|
|
||||||
|
Monero uses a distributed peer-to-peer consensus network to record
|
||||||
|
transaction outputs in a blockchain. It means that balance is not stored
|
||||||
|
in a wallet, but is represented by control over outputs of transactions
|
||||||
|
accessible with wallet keys [30].
|
||||||
|
By that when a user A wants to send funds to a user B, the trans-
|
||||||
|
action happens in the way of transformation of controlled outputs in
|
||||||
|
one wallet to a new output that belongs to the other wallet. As this is
|
||||||
|
only a principle of how coins are transferred between wallets, Monero
|
||||||
|
uses additional technology to make transactions private.
|
||||||
|
|
||||||
|
#### 3.5.1 Monero wallet and stealth addresses
|
||||||
|
|
||||||
|
Monero wallet seed is 95 characters long string that consists of public
|
||||||
|
view and spend key. To send funds from one wallet to another, a
|
||||||
|
one-time public key is created, that contains senders public view and
|
||||||
|
spend key as well as randomized data.
|
||||||
|
This one-time public key is also referred to as a stealth address
|
||||||
|
and is generated and recorded as part of the transaction to set the
|
||||||
|
controller of the output of the transaction [31].
|
||||||
|
Stealth address is visible on the blockchain, by this receiving party
|
||||||
|
can scan the blockchain to find exact transaction using their private
|
||||||
|
view key. After locating transaction output, wallet software is then
|
||||||
|
able to calculate one-time private key that aligns with the one-time
|
||||||
|
public key and can spend this output using private spend key [32].
|
||||||
|
By this, no one from outside can link nor wallet addresses nor
|
||||||
|
people involved in a particular transaction by scanning the blockchain
|
||||||
|
as there is no association with receivers address.
|
||||||
|
To prove that funds were sent from one wallet to another, the sender
|
||||||
|
has to disclose transactions ID, receivers address and transactions key.
|
||||||
|
|
||||||
|
#### 3.5.2 Ring Signatures
|
||||||
|
|
||||||
|
Ring Signatures present a way to create a distinctive signature that
|
||||||
|
authorizes a transaction. The digital signature of the transaction is
|
||||||
|
compiled from the signer together with past outputs of transactions
|
||||||
|
(decoys) to form a ring where all members are equal and valid. By
|
||||||
|
that, the outside party cannot identify the exact signer as it is not clear
|
||||||
|
which input was signed by one time spend key [33].
|
||||||
|
To prevent double spend, a cryptographic key image is derived
|
||||||
|
from the spent output and is part of the Ring Signature. As each key
|
||||||
|
image is unique, miners can verify that there is no other transaction
|
||||||
|
with the same key image, thus preventing the double-spending attack
|
||||||
|
[13].
|
||||||
|
|
||||||
|
|
||||||
|
#### 3.5.3 RingCT
|
||||||
|
So far, senders anonymity is ensured by Ring Signatures, receivers
|
||||||
|
anonymity relies on stealth addresses, but the amount of Monero
|
||||||
|
transferred would be still visible on the blockchain. To hide transaction
|
||||||
|
amounts, Ring Confidential Transactions are implemented [34].
|
||||||
|
As one output cannot be spent twice, the sender has to spend entire
|
||||||
|
output in the transaction. That typically results in a transaction having
|
||||||
|
two outputs, one for the receiver and one for the original wallet, where
|
||||||
|
the excess amount of coins is returned.
|
||||||
|
To prevent manipulation during a transaction, the total input amount
|
||||||
|
must equal the output amount of coins in each transaction. As one
|
||||||
|
could exploit this by committing to value less than zero, range proofs
|
||||||
|
are there to ensure cryptographic evidence of amounts used in trans-
|
||||||
|
actions is greater than zero and falls into the valid transaction amount
|
||||||
|
range.
|
||||||
|
To confirm the transaction, the sender reveals the masked amount
|
||||||
|
of coins being sent in the transaction to the network that is later verified
|
||||||
|
by miners [35].
|
||||||
|
By that, amounts transferred between wallets in the form of outputs
|
||||||
|
of transactions are hidden, and the network can still confirm that
|
||||||
|
transaction is valid.
|
||||||
|
#### 3.5.4 Kovri
|
||||||
|
|
||||||
|
Kovri is a C++ implementation of the Internet Invisible Project (I2P)
|
||||||
|
anonymous network, that under heavy development process in the
|
||||||
|
Monero project. It aims to offer secure network transmissions where a
|
||||||
|
users IP cannot be associated with a particular transaction ID [36].
|
360
docs/_posts/2019-05-03-Moneror-usage.md
Normal file
360
docs/_posts/2019-05-03-Moneror-usage.md
Normal file
@ -0,0 +1,360 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Monero usage
|
||||||
|
subtitle: From wallets to multisig
|
||||||
|
gh-repo: daattali/beautiful-jekyll
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
tags: [wallet, storage, portals]
|
||||||
|
---
|
||||||
|
|
||||||
|
## 4 Monero Usage
|
||||||
|
|
||||||
|
As pointed out in the Chapter 3.3, Monero is one of the cryptocurren-
|
||||||
|
cies that aim to implement as complex anonymity system as possible.
|
||||||
|
Moreover, because of that not only the underlying technology of the
|
||||||
|
network is different from other cryptocurrency projects but the user
|
||||||
|
side as well.
|
||||||
|
|
||||||
|
### 4.1 Wallets
|
||||||
|
|
||||||
|
The essential part of every currency is the user’s ability to access stored
|
||||||
|
funds. In cryptocurrency, this is represented by the wallet and associ-
|
||||||
|
ated software. Overview of the wallet storage methods is described in
|
||||||
|
the Table 4.1.
|
||||||
|
Monero wallet contains information that is necessary to send and
|
||||||
|
receive Monero currency. Each wallet is encrypted by the password set
|
||||||
|
in the creation process. Typical wallet created using Monero software
|
||||||
|
named _example-wallet_ consists of:
|
||||||
|
|
||||||
|
- **example-wallet.keys file**
|
||||||
|
**-** Is an encrypted file containing private **spend key** and **view**
|
||||||
|
**key** together with **wallet address**.
|
||||||
|
**-** Keys file also contains user preferences related to transac-
|
||||||
|
tions and wallet creation height, so wallet software will
|
||||||
|
only read blockchain from the wallet creation point.
|
||||||
|
**-** Using this file, the user can restore the wallet by using the
|
||||||
|
monero-wallet-cli command:
|
||||||
|
monero-wallet-cli –generate-from-keys
|
||||||
|
- **example-wallet file**
|
||||||
|
**-** Acts as an encrypted cache for wallet software that contains:
|
||||||
|
∗ List of outputs of transactions that are associated with
|
||||||
|
the wallet, so it does not need to scan the blockchain
|
||||||
|
every time after startup.
|
||||||
|
∗ History of transactions with metadata containing trans-
|
||||||
|
action (TX) keys.
|
||||||
|
|
||||||
|
- **example-wallet.address.txt file**
|
||||||
|
**-** Stores **unencrypted** information containing generated wal-
|
||||||
|
let address.
|
||||||
|
**-** With recent address-based attacks that swap wallet ad-
|
||||||
|
dresses found in clipboard or files on the hard drive for the
|
||||||
|
attacker’s wallet address, this poses a security risk [37].
|
||||||
|
- **Mnemonic seed**
|
||||||
|
**-** Mnemonic seed is a 25-word phrase which the last word is
|
||||||
|
being used as a checksum. Together they represent a 256-bit
|
||||||
|
integer that is the accounts private spend key.
|
||||||
|
**-** By having accounts private spend key, wallet software can
|
||||||
|
derive private view key by hashing private key with Keccak-
|
||||||
|
256. That produces another 256-bit integer that represents
|
||||||
|
private view key.
|
||||||
|
**-** Both public keys are then derived from newly recovered
|
||||||
|
private keys.
|
||||||
|
|
||||||
|
Example of Monero wallet address and mnemonic seed:
|
||||||
|
|
||||||
|
- **Wallet address**
|
||||||
|
**-** 461TWLQhsxrR9dD4CXk4p1RRxAAQ3YCEDhNiGCQjj5
|
||||||
|
QA33ohhZPnCX6346EyEwC7TiRSB3XB8KgNaJ4vThd5N
|
||||||
|
pQqRkGab66
|
||||||
|
- **Mnemonic seed**
|
||||||
|
**-** serving odometer nifty flippant worry sphere were thorn
|
||||||
|
putty bogeys lyrics feast fawns input biscuit hobby outbreak
|
||||||
|
rash tucks dwelt liquid azure inexact isolated liquid
|
||||||
|
|
||||||
|
**4.1.1 Wallet types**
|
||||||
|
|
||||||
|
As Monero wallet can be represented as little as one file or 25 words,
|
||||||
|
it is rather a small piece of information which the user needs to store
|
||||||
|
in the safe place to keep account under own control. To do that, there
|
||||||
|
exist two main types of wallets:
|
||||||
|
|
||||||
|
- **Hot wallet
|
||||||
|
-** Refers to wallet software running on a computer that is
|
||||||
|
connected to the Internet, thus Monero network. By being
|
||||||
|
online, the user can verify incoming transactions, spend
|
||||||
|
from the wallet and check balance as well.
|
||||||
|
**-** As this type of wallet is not air-gapped (not connected to
|
||||||
|
the Internet), this poses an external intrusion risk.
|
||||||
|
**-** The hot wallet can also refer to web-based or exchange-
|
||||||
|
based wallet that is explained further in this Chapter.
|
||||||
|
- **View-only wallet
|
||||||
|
-** Is a wallet containing only private view key pair to see
|
||||||
|
transactions associated with the wallet.
|
||||||
|
**-** As this is a view-only wallet, the user can see incoming
|
||||||
|
transactions but is not able to spend, sign or view outgoing
|
||||||
|
transactions. That results in incorrect balance when the
|
||||||
|
wallet is used for sending funds.
|
||||||
|
- **Cold wallet
|
||||||
|
-** Is an offline solution to storing wallet seed or private keys
|
||||||
|
on storage media. Using method, media storing wallet in-
|
||||||
|
formation have no direct access to the Internet. The storage
|
||||||
|
medium can be represented by an external hard drive, air-
|
||||||
|
gapped computer as well as paper with wallet seed written
|
||||||
|
on it.
|
||||||
|
**-** That comes with increased security from the IT standpoint,
|
||||||
|
but the usability of the cryptocurrency suffers. That is mainly
|
||||||
|
due to the hassle of working with funds when the user
|
||||||
|
wants to spend them as it requires:
|
||||||
|
∗ Cold wallet imported into wallet software in the air-
|
||||||
|
gapped computer.
|
||||||
|
∗ A view-only wallet connected to the Internet.
|
||||||
|
**-** This way, the user can generate an unsigned transaction
|
||||||
|
on the view-only wallet, transfer it for signing to the air-
|
||||||
|
gapped computer and then back to submit transfer to the
|
||||||
|
Monero network.
|
||||||
|
|
||||||
|
- **Exchange hosted wallet
|
||||||
|
-** In the exchange wallet, users funds are stored under an
|
||||||
|
online account in an online exchange.
|
||||||
|
**-** As opposed to a regular wallet, there is no wallet soft-
|
||||||
|
ware or seed required as the whole balance and transaction
|
||||||
|
system is run by the third party. Funds can be controlled
|
||||||
|
through users online account that accessible by traditional
|
||||||
|
username and password.
|
||||||
|
**-** This poses a risk as the third party has complete access to
|
||||||
|
users funds and the account’s security is directly depen-
|
||||||
|
dent on exchanges security measures as Two Factor Au-
|
||||||
|
thentication (2FA) implementation, IP restriction or email
|
||||||
|
verification.
|
||||||
|
- **Web-based wallet
|
||||||
|
-** Web wallet represents server based Monero client that is
|
||||||
|
served to the user in the browser. By using a web wallet, the
|
||||||
|
user can access funds from any Internet-connected device
|
||||||
|
by sharing:
|
||||||
|
∗ Mnemonic seed or private spend and view key to send
|
||||||
|
and receive funds.
|
||||||
|
∗ Public view key and wallet address to view incoming
|
||||||
|
transactions to the wallet.
|
||||||
|
- **Hardware wallet
|
||||||
|
-** Dedicated hardware solution like Ledger Nano S is still in
|
||||||
|
its beta phase [38].
|
||||||
|
**-** Due to lack of real hardware wallet, the community around
|
||||||
|
Monero recommends as the alternative a USB drive with a
|
||||||
|
live distribution of Linux coupled with persistent storage
|
||||||
|
where Monero client and users private key pairs are stored.
|
||||||
|
**-** Although this alternate solution effectively rules out host
|
||||||
|
operating system, there is still a way to capture viable in-
|
||||||
|
formation. Especially when interacting with an untrusted
|
||||||
|
machine, where attacker captures GPU output or uses a
|
||||||
|
hardware keylogger to log the users activity.
|
||||||
|
|
||||||
|
|
||||||
|
### 4.1.2 Attacking the wallet
|
||||||
|
With the rapid expansion of cryptocurrencies from 2014 to 2018, this
|
||||||
|
area became a significant spot for malware development [39]. As there
|
||||||
|
are many attack vectors, this Section aims to give info about malicious
|
||||||
|
activities on users wallets.
|
||||||
|
|
||||||
|
|
||||||
|
Wallet thieves
|
||||||
|
|
||||||
|
Aim to compromise the system in a way that malware finds wallet
|
||||||
|
files and steals cryptographic keys or seed belonging to the wallet.
|
||||||
|
Although in Monero, keys are encrypted while stored on the disk.
|
||||||
|
When running wallet software, keys can be obtained from memory.
|
||||||
|
This attack can also be performed by distributing malicious wallet
|
||||||
|
client software.
|
||||||
|
|
||||||
|
|
||||||
|
Cloud storage
|
||||||
|
|
||||||
|
|
||||||
|
Cloud storage provides an easy way of sharing files between devices
|
||||||
|
as well as users. As the user does not need to set up the infrastructure
|
||||||
|
and the majority of the services provide free tier, it is usual for people
|
||||||
|
to take this for granted as a safe place to store files [40].
|
||||||
|
This way, the user’s security depends on the following factors:
|
||||||
|
|
||||||
|
- Wallet encryption on the file level, user password habits.
|
||||||
|
- Account security – login implementation, 2FA.
|
||||||
|
- Client application implementation for caching and data transfer.
|
||||||
|
- Vendors storage system security.
|
||||||
|
|
||||||
|
|
||||||
|
Delivery chain
|
||||||
|
|
||||||
|
|
||||||
|
Hardware wallets like Ledger are built to ensure the safety of users
|
||||||
|
coins. Therefore the owner of such a device should be pretty con-
|
||||||
|
fident when using this device that came with original undisrupted
|
||||||
|
packaging.
|
||||||
|
For this attack, malicious vendor puts pre-generated mnemonic
|
||||||
|
seed on a scratchpad. This piece of paper is made to look like an official
|
||||||
|
one-time generated secret key to the wallet for the user. This way when
|
||||||
|
|
||||||
|
|
||||||
|
Malicious seed generation
|
||||||
|
|
||||||
|
Similar to Delivery chain attack, the attacker in this scenario provides
|
||||||
|
service that offers secure seed generation to obtain seed information
|
||||||
|
belonging to the wallet. That is usually done by running a malicious
|
||||||
|
web service that offers secure seed generation for cryptocurrencies or
|
||||||
|
developing a standalone software for download.
|
||||||
|
After the user generates the seed, a package with seed data is
|
||||||
|
automatically sent to the attackers listening service and then saved
|
||||||
|
to the database. Both parties know the private information and can
|
||||||
|
spend funds from the wallet.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### 4.2 Local and remote node
|
||||||
|
|
||||||
|
To spend or view the balance in the wallet, the user is required to have
|
||||||
|
a wallet client software or use third party services to access the Monero
|
||||||
|
network. This Section covers the most common type of accessing the
|
||||||
|
funds, hot wallet in combination with official Monero client software
|
||||||
|
available athttps://getmonero.org/downloads/.
|
||||||
|
Monero client requires to be in synchronization with the network
|
||||||
|
to show the correct balance as well as to work with the funds. That is
|
||||||
|
done by either running a full local node or connecting to the remote
|
||||||
|
node.
|
||||||
|
|
||||||
|
**The node** is a part of the cryptocurrency network that keeps a
|
||||||
|
synced copy of blockchain in the local storage and provides a service
|
||||||
|
that enables clients to access the information from the blockchain file.
|
||||||
|
In Monero client software, this is represented bymonerod, a separate
|
||||||
|
daemon which synchronizes with the network.
|
||||||
|
|
||||||
|
**The local node** is the default option when running wallet soft-
|
||||||
|
ware, using monerod client downloads from Monero network the
|
||||||
|
blockchain and stores it in local storage. As of July 2018, blockchain
|
||||||
|
size is about 44.3 GB. By running local node, client can independently
|
||||||
|
verify transactions as well as blockchain state.
|
||||||
|
|
||||||
|
**The remote node** , on the other hand, represents a lighter ver-
|
||||||
|
sion with slightly less privacy when it comes to working with the
|
||||||
|
wallet. By either choosing in GUI to connect to the remote node
|
||||||
|
or running cli with parameter _.\monero-wallet-cli.exe –daemon-address
|
||||||
|
node.address:port_ , the client connects to the remote node and starts
|
||||||
|
scanning the blockchain as if it was a local one.
|
||||||
|
Comparison of the node types can be found in the Table 4.2.
|
||||||
|
|
||||||
|
**Local node Remote node**
|
||||||
|
Blockchain stored on locally Blockchain stored remotely
|
||||||
|
Observable traffic between
|
||||||
|
nodes
|
||||||
|
|
||||||
|
### 4.3 Multisig implementation
|
||||||
|
|
||||||
|
Monero started to support multisignature transactions and addresses
|
||||||
|
by 17th of December 2017 when codebase for this feature was merged
|
||||||
|
into master by Fluffypony [41]. Multisig became available in the
|
||||||
|
Lithium Luna release that was released 23rd of July 2018 [42].
|
||||||
|
Multisig in a cryptocurrency is a feature that requires the multisig
|
||||||
|
transaction to be signed by all keys that are required. For multisig, one
|
||||||
|
can create a multisig wallet that is designed as follow:
|
||||||
|
|
||||||
|
- 1-of-2
|
||||||
|
**-** Requires one of two participating parties to sign a transac-
|
||||||
|
tion.
|
||||||
|
**-** This scheme acts as a shared wallet where each of the key
|
||||||
|
holders can spend funds without the other party signing
|
||||||
|
the transaction.
|
||||||
|
- 2-of-2
|
||||||
|
**-** Requires both parties to sign a transaction.
|
||||||
|
**-** Each side has to agree to spend funds and sign the transac-
|
||||||
|
tion.
|
||||||
|
- M-of-N
|
||||||
|
**-** Requires M keys of N to sign a transaction, note that M is a
|
||||||
|
subset of N.
|
||||||
|
|
||||||
|
**4.3.1 Multisig usage**
|
||||||
|
|
||||||
|
After Lithium Luna release, only Monero wallet CLI software is ready
|
||||||
|
for processing multisig transactions. In the Figures 4.2 and 4.3 example
|
||||||
|
scheme of 2-of-2 is presented with user A as blue and user B as green
|
||||||
|
for wallet generation and transaction using Monero multisig feature.
|
||||||
|
|
||||||
|
|
||||||
|
### 4.4 Problems in Monero environment
|
||||||
|
|
||||||
|
Monero privacy features are appreciated not only by privacy savvy
|
||||||
|
users but malware, phishing, and other malicious software creators
|
||||||
|
as well.
|
||||||
|
The main reason to use Monero over other cryptocurrencies for
|
||||||
|
them is that Monero is not only harder to trace but when the attack is
|
||||||
|
implemented well, after moving funds in separate batches to multiple
|
||||||
|
wallets an over more extended period, no one will be able to associate
|
||||||
|
the coins with the malicious activity.
|
||||||
|
There are four main problems concerning Monero environment:
|
||||||
|
|
||||||
|
|
||||||
|
1) Ransomware
|
||||||
|
|
||||||
|
Malware that encrypts user files and then demands a ransom in the
|
||||||
|
form of cryptocurrency, computer and files are no longer accessible
|
||||||
|
unless the user pays the required amount. During its peak time, all
|
||||||
|
popular ransomware demanded payment in Bitcoin.
|
||||||
|
As malware developers started to get their coins targeted by projects
|
||||||
|
such as one from Netherlands’ police called No More Ransom available
|
||||||
|
atnomoreransom.org[43, 44]. Because of this targeting, they had to
|
||||||
|
choose another cryptocurrency to solve this problem, and the solu-
|
||||||
|
tion was Monero [45]. Kirk is an example of Monero malware that is
|
||||||
|
included in the Figure 4.5 [46].
|
||||||
|
|
||||||
|
Figure 4.4: Kirk ransomware that demands payment in Monero.
|
||||||
|
|
||||||
|
2) Scam portals
|
||||||
|
|
||||||
|
As mentioned in the Section Wallets 4.1, online wallets usage is a risky
|
||||||
|
thing due to entrusting user’s private keys to the third party. Users
|
||||||
|
often choose them as they are not required to have any additional
|
||||||
|
software. Due to this fact, there are more than ten domains that copy
|
||||||
|
the design, functionality, and name ofmymonero.comofficial online
|
||||||
|
wallet with added code that steals the user’s wallet data. Detailed list
|
||||||
|
of domains is available at https://www.reddit.com/r/Monero/wiki
|
||||||
|
/avoid.
|
||||||
|
Aside from direct scams, there are also services offering wallet
|
||||||
|
services which have their codebase closed and store all wallet infor-
|
||||||
|
mation. The best-known example of such service is freewallet.org,
|
||||||
|
that is strongly criticized for closed source as well as funds that are
|
||||||
|
reported as missing from user’s accounts [47].
|
||||||
|
|
||||||
|
|
||||||
|
3) Crypto-jacking attack
|
||||||
|
|
||||||
|
Crypto-jacking a type of attack where the attacker delivers a malicious
|
||||||
|
payload to the user’s computer. Rather than rendering the device
|
||||||
|
unusable either by blocking like ransomware, part of system resources
|
||||||
|
is used for mining.
|
||||||
|
|
||||||
|
Figure 4.5: Some websites openly state that they mine Monero.
|
||||||
|
|
||||||
|
Crypto-jacking is becoming more frequent than ransomware as it
|
||||||
|
has proven that steady but low income is more profitable than one-
|
||||||
|
time payment in the form of ransomware [48].
|
||||||
|
|
||||||
|
4) Black Ruby
|
||||||
|
|
||||||
|
Interesting intersection of ransomware and crypto-jacking category is
|
||||||
|
Black Ruby malware that combines features of both. First, it encrypts
|
||||||
|
files on the target computer and then proceeds to mine Monero using
|
||||||
|
XMRig (as explained in the Section 7.2) at full CPU load [49].
|
||||||
|
|
||||||
|
### 4.5 Monero use case
|
||||||
|
|
||||||
|
Aside from code quality and features, another important factor in
|
||||||
|
cryptocurrency success are the ways how users can spend the funds.
|
||||||
|
While numerous community around Monero that centers around
|
||||||
|
Reddit _/r/Monero_ created _/r/XMRtrader_ , there are also projects that
|
||||||
|
support Monero in day-to-day use like https://xmr.to/.
|
||||||
|
What is most noticeable tough, are darknet markets, that started
|
||||||
|
to support payments by Monero. This results in the rather negative
|
||||||
|
use case of the crypto as payments by Monero are not directly likable
|
||||||
|
to one’s wallet as described in the Section 3.5.2.
|
||||||
|
|
||||||
|
Although darknet markets may support Monero, a short inspection
|
||||||
|
of Top 10 markets revealed that only 5 of them list Monero as the
|
||||||
|
general way to pay. Rest of them are not forcing the sellers to use
|
||||||
|
Monero. This results at about 40% availability of Monero payment
|
||||||
|
option on these type of markets.
|
253
docs/_posts/2019-05-04-Monero-user-research.md
Normal file
253
docs/_posts/2019-05-04-Monero-user-research.md
Normal file
@ -0,0 +1,253 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Monero User Research
|
||||||
|
subtitle: Getting into users perception
|
||||||
|
tags: [research,cryptocurrency,users]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
The goal of this research is to gather information on end users behavior
|
||||||
|
regarding Monero cryptocurrency with emphasis on key management
|
||||||
|
and security practices. For this purpose, an online questionnaire was
|
||||||
|
created.
|
||||||
|
Specific survey design and research questions are based on Bitcoin
|
||||||
|
security and privacy study, typical usage patterns of cryptocurrency
|
||||||
|
users, online forums and Reddit communities centered around Mon-
|
||||||
|
ero as well as problematic areas regarding computer and data security
|
||||||
|
in general [50].
|
||||||
|
|
||||||
|
### 5.1 Research questions
|
||||||
|
|
||||||
|
The survey was designed around seven question groups. Some of them
|
||||||
|
were shown only if the participant chose the appropriate answer.
|
||||||
|
|
||||||
|
- G01 - Introductory information
|
||||||
|
- G02 - Monero usage
|
||||||
|
- G03 - Monero key and coin management
|
||||||
|
- G04 - Monero and malicious things
|
||||||
|
- G05 - Monero recovery
|
||||||
|
- G06 - Special question set for miners
|
||||||
|
- G07 - Demographics
|
||||||
|
|
||||||
|
|
||||||
|
Following this pattern, four research questions were set:
|
||||||
|
|
||||||
|
- R1: What are Monero’s main use cases? How do participants
|
||||||
|
perceive Monero’s features?
|
||||||
|
- R2: What are participant’s ways of wallet access and storage?
|
||||||
|
- R3: What security incidents have affected users? How did they
|
||||||
|
deal with them?
|
||||||
|
- R4: In case of recovery, how did they recover their keys?
|
||||||
|
|
||||||
|
### 5.2 Participants and survey’s background
|
||||||
|
|
||||||
|
The significant characteristic of Monero is its anonymity, and this
|
||||||
|
feature is not taken by community lightly. Due to this fact, the survey
|
||||||
|
was not hosted on third party servers, but instead on dedicated Virtual
|
||||||
|
Private Server (VPS) running Lime Survey self-hosted software with
|
||||||
|
HTTPS interface using signed Letsencrypt certificates [51–53].
|
||||||
|
This means that data exchanged between participants and survey
|
||||||
|
software stays only between these two parties, so Google or other big
|
||||||
|
data company cannot analyze them. To allow extended anonymity
|
||||||
|
features, Tor and proxy connections were allowed, but each participant
|
||||||
|
had to solve the CAPTCHA before starting the survey.
|
||||||
|
|
||||||
|
|
||||||
|
#### 5.2.1 Methodology
|
||||||
|
|
||||||
|
Data collection method was online only and was using the survey
|
||||||
|
website software. Participants selection was based on opportunity
|
||||||
|
sampling. Links for the research were shared among dedicated Reddit
|
||||||
|
Monero community, Facebook Monero groups as well as Cryptocur-
|
||||||
|
rency forums. Study limitations are described in the Section 6.3.
|
||||||
|
To reduce nonresponse rate, participants were asked only to fill
|
||||||
|
out parts that were significant for them, e.g., Monero recovery part
|
||||||
|
stayed hidden in the form if the user selected that he/she had never
|
||||||
|
made any recovery of the seed or wallet keys in the previous part.
|
||||||
|
The data from the respondents were collected from 11.15.2018 to
|
||||||
|
01.27.2019. The complete survey is attached in the Appendix Figure C.
|
||||||
|
|
||||||
|
### 5.3 Collected data
|
||||||
|
|
||||||
|
|
||||||
|
Before entering the survey, each participant had to pass the bot test
|
||||||
|
by entering the correct CAPTCHA, which resulted in 179 participants
|
||||||
|
of the questionnaire in total. As for survey data cleansing, following
|
||||||
|
measurements for valid dataset were taken:
|
||||||
|
|
||||||
|
1. Partially answered or unanswered questionnaires were not taken
|
||||||
|
into account (67 out of 179).
|
||||||
|
2. Respondents that filled out the survey in less than two minutes
|
||||||
|
were discarded (1 out of 179).
|
||||||
|
3. Responses with more than 4 entries with the same IP were fil-
|
||||||
|
tered (0 out of 179).
|
||||||
|
(a) In total 7 responses were sent from duplicate IP addresses.
|
||||||
|
The highest number of responses from a single IP was 3,
|
||||||
|
which belonged to MIT University.
|
||||||
|
4. Responses containing invalid answers, e.g., not using Monero
|
||||||
|
or repeating the same answer pattern in multiple submissions
|
||||||
|
(1 out of 179).
|
||||||
|
|
||||||
|
Figure 5.1: Overview of respondents in the user survey dataset.
|
||||||
|
Usinggeoiplookuppackage in Ubuntu on the filtered dataset, most of
|
||||||
|
the responses were from USA (31 out of 113), followed by the Czech
|
||||||
|
Republic (17 out of 113) and Germany (11 out of 113). Detailed list of
|
||||||
|
countries with the corresponding number of responses is available in
|
||||||
|
the Appendix Table B.1.
|
||||||
|
|
||||||
|
### 5.4 Results
|
||||||
|
|
||||||
|
|
||||||
|
Next section is based on the final filtered dataset with 113 responses
|
||||||
|
of people who voluntarily entered the research based on opportunity
|
||||||
|
sampling.
|
||||||
|
|
||||||
|
#### 5.4.1 General information
|
||||||
|
|
||||||
|
First, users were asked about their operating system preferences when
|
||||||
|
accessing Monero. Majority of users tend to access Monero using
|
||||||
|
Windows 58% (65 out of 113) or Linux 60% (68 out of 113). While
|
||||||
|
accessing Monero from mobile Android OS 43% (49 out of 113) is
|
||||||
|
primarily used. As for the Apple ecosystem, MacOS combined with
|
||||||
|
iOS was selected as used method of access only in 14% (16 out of 113)
|
||||||
|
occurences.
|
||||||
|
|
||||||
|
|
||||||
|
Monero desktop application usage
|
||||||
|
|
||||||
|
Desktop applications are used by 104 out of 113 users, making it
|
||||||
|
the most frequent means of accessing the wallet. As Monero Official
|
||||||
|
application has no other direct competitors aside from web-based
|
||||||
|
wallets, the majority of users 81% (84 out of 104) use the official
|
||||||
|
|
||||||
|
|
||||||
|
application with GUI, but there is also a notable part of the users
|
||||||
|
in the dataset that use CLI as well 53% (55 out of 104). Alternative
|
||||||
|
desktop clients, that were sometimes misinterpreted as web apps, are
|
||||||
|
used by only a few users cca 4% (5 out of 104).
|
||||||
|
|
||||||
|
Monero Mobile application usage
|
||||||
|
|
||||||
|
From 113 people that filled out the survey, 53 of them stated that
|
||||||
|
they use either Android or iOS application for accessing their Monero
|
||||||
|
wallet. Digging deeper, out of 49 Android users, Monerujo application
|
||||||
|
is used by 92% (45 out of 49) of them, followed by other Android
|
||||||
|
wallets 14% (7 out of 49). Freewallet on Android is only used by one
|
||||||
|
user (2%) in the dataset thus following the fact the community does
|
||||||
|
not like closed source software with bad history as mentioned in the
|
||||||
|
Chapter 4.4. Detailed description of the applications is included in the
|
||||||
|
Section 6.1.3.
|
||||||
|
|
||||||
|
5. Monero User Research
|
||||||
|
|
||||||
|
|
||||||
|
iOS is used by 7 out of 113 users (please note that users could check
|
||||||
|
usage of both platforms as can be visible from simply adding iOS and
|
||||||
|
Android users and comparing it to the total number of mobile users).
|
||||||
|
All of them (7) reported using the Cakewallet application. Following
|
||||||
|
the Android pattern, one user also revealed usage of Freewallet app.
|
||||||
|
|
||||||
|
Online wallet services
|
||||||
|
|
||||||
|
When asked about online wallet usage, only 24 people (out of 113)
|
||||||
|
said that they use some sort of online service with MyMonero wallet
|
||||||
|
being used the most 79% (19 out of 24).
|
||||||
|
|
||||||
|
Wallet software usage
|
||||||
|
|
||||||
|
First part of the survey shows that userbase present in the dataset is
|
||||||
|
more oriented towards open-source software in general (110 out of 113
|
||||||
|
use some form of open-source Monero client), but this is not limited to
|
||||||
|
the usage of particular OS as there are 33% (37 out of 113) of Windows
|
||||||
|
only users, 35% (40 out of 113) Linux only users and 25% (28 out of
|
||||||
|
113) users of both OS. This discovery follows the information about
|
||||||
|
Monero community as they prefer open source software (OSS) to
|
||||||
|
closed source software (CSS) because they can not personally review
|
||||||
|
for hidden features or unintentional bugs.
|
||||||
|
|
||||||
|
#### 5.4.2 Monero usage
|
||||||
|
|
||||||
|
When asked “ _What are your reasons to use Monero?_ ”, the majority of
|
||||||
|
respondents in the dataset said that they use Monero or at least are
|
||||||
|
interested in the topic because of the technology 88% (99 out of 113),
|
||||||
|
but also see it as an investment 73% (83 out of 113).
|
||||||
|
A significant portion of respondents also see Monero as a way of
|
||||||
|
secret storage of value 74% (84 out of 113) but not as much in the way
|
||||||
|
of sending money 53% (60 out of 113).
|
||||||
|
|
||||||
|
This result is strongly affected by the way how participants were
|
||||||
|
selected (self-selection) and from what sites they were informed about
|
||||||
|
the survey (mainly Reddit Monero subreddits and Facebook Monero
|
||||||
|
groups). The short overview of the preferences is shown in the Table
|
||||||
|
5.1 with the full text of the questions asked available in the Appendix
|
||||||
|
Figure C.
|
||||||
|
|
||||||
|
Transactions in the Monero network performed by respondents
|
||||||
|
can be divided into two user groups, where the first group that can
|
||||||
|
be described as active, those who make at least one transaction per
|
||||||
|
month, 50% (53 out of 107) and passive who are much less frequent
|
||||||
|
51% (54 out of 107). Detailed overview of transactions frequency in
|
||||||
|
the dataset is in the Figure 5.9.
|
||||||
|
Following this question, respondents were asked if they hold onto
|
||||||
|
their coins for a long time (often referred to as one being a HODLer).
|
||||||
|
Majority of respondents 79% (84 out of 106) said that they are, but this
|
||||||
|
statement conflicts with transaction frequency. When comparing data
|
||||||
|
of respondents that make a transaction at least every month, about
|
||||||
|
60% (34 out of 57) think that they are HODLers, this contradicts the
|
||||||
|
previously mentioned statement.
|
||||||
|
|
||||||
|
Important usage factor of a currency is where its users can pay
|
||||||
|
with it. Monero has already a known reputation between darknet
|
||||||
|
markets, but its mainstream usage isn’t something that is advertised
|
||||||
|
as its feature.
|
||||||
|
When asked about the payment options, many of the respondents
|
||||||
|
45% (51 out of 113) selected that they use Monero as a way for donating
|
||||||
|
other people, followed by paying for VPN services 35% (31 out of 113).
|
||||||
|
Although Monero features are considered ideal for black market use,
|
||||||
|
only 5% (6 out of 113) respondents revealed that they use Monero
|
||||||
|
cryptocurrency in this way.
|
||||||
|
Perception and the reality of anonymity in cryptocurrency is an
|
||||||
|
important topic in the cryptocurrency environment [54]. Although
|
||||||
|
Monero is private by default, additional precautions can be made to
|
||||||
|
hide users activity from the third party like using Kovri or Tor.
|
||||||
|
Among users in the dataset, Kovri 7% (8 out of 113) or Tor 20%
|
||||||
|
(23 out of 113) is used by less than one third of the respondents in
|
||||||
|
total as can be seen in the Table 5.2.
|
||||||
|
|
||||||
|
**5.4.3 Monero key and coin management**
|
||||||
|
|
||||||
|
Apart from client software that is used for accessing and making
|
||||||
|
transactions in Monero, wallet management is at least as important.
|
||||||
|
Main reason is that users choice of wallet storage has a direct influence
|
||||||
|
on who has access to the funds as explained along with the wallet
|
||||||
|
types in the Chapter 4.1.
|
||||||
|
|
||||||
|
#### 5.4.4 Monero recovery
|
||||||
|
|
||||||
|
For further wallet protection, the majority of users also encrypt their
|
||||||
|
wallet or the datastore on which the keys reside on 78% (88 out of
|
||||||
|
113).
|
||||||
|
A slightly higher number of users admit backing up their wallet
|
||||||
|
keys 89% (101 out of 113) while a significant number of respondents
|
||||||
|
had already needed to restore their wallet keys 44% (50 out of 113).
|
||||||
|
To complete the recovery statistics, 98% (49 out of 50) were able to
|
||||||
|
restore the keys from the backup media.
|
||||||
|
See the Figures 5.12 and 5.13 for visualization of wallet recovery
|
||||||
|
reasons and restore methods.
|
||||||
|
|
||||||
|
#### 5.4.5 Monero and malicious software
|
||||||
|
|
||||||
|
This part was answered only by those respondents that selected Yes
|
||||||
|
(15 out of 113) when asked whether they have ever been affected by
|
||||||
|
malicious software that used Monero in some way.
|
||||||
|
The primary cause of problems was mining malware (8) or some
|
||||||
|
form of mining script (7). The main affected platform was running
|
||||||
|
Windows (10), and malware was recognized mainly by slow system
|
||||||
|
response (7) and high CPU usage (11).
|
||||||
|
|
||||||
|
#### 5.4.6 Demographics
|
||||||
|
|
||||||
|
Survey participants were mainly males 44% (50 out of 113), females
|
||||||
|
2% (2 out of 113) represented only a small portion of the dataset, and
|
||||||
|
some of the participants did not disclose their gender 54% (61 out of
|
||||||
|
113). Most respondents in the dataset were from the age groups 25-34
|
||||||
|
29% (33 out of 113).
|
@ -0,0 +1,213 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Monero Usage and Storage Best Practices
|
||||||
|
subtitle: Monero best practice
|
||||||
|
tags: [usage, storage, guideline]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
Ease of use is one of the critical aspects of every cryptocurrency and
|
||||||
|
although Monero can offer a wide range of privacy features it has to be
|
||||||
|
usable and user-friendly to be used by a substantial margin of people.
|
||||||
|
Usability in Monero is a long-term topic that sparks discussion [55].
|
||||||
|
While significant number of users reported that they perform back-
|
||||||
|
ups of their wallet keys, many of them use hot wallet on their mobile
|
||||||
|
phones which presents a security threat for their wallet.
|
||||||
|
Following scenarios represent secure and easy to use instructions
|
||||||
|
for a new Monero user, based on results from Monero user research
|
||||||
|
in the Chapter 5.
|
||||||
|
|
||||||
|
### 6.1 Generating the keys and accessing the wallet
|
||||||
|
|
||||||
|
The first challenge for Monero users is generating key pairs and access-
|
||||||
|
ing the wallet. This process varies from the user’s platform of choice
|
||||||
|
and used wallet software. As the choice of client wallet software is
|
||||||
|
important for Monero users in terms of user experience and security,
|
||||||
|
the following Sections are dedicated to available wallet software.
|
||||||
|
|
||||||
|
**6.1.1 Windows and Linux platform**
|
||||||
|
|
||||||
|
The official client offers CLI and GUI wallet management and is avail-
|
||||||
|
able athttps://getmonero.org/downloads/. Using this client users
|
||||||
|
can generate wallet keys. Created keys are after generation saved
|
||||||
|
directly into the memory of the device unless specified otherwise.
|
||||||
|
<pre>
|
||||||
|
.\monero−wallet−cli.exe
|
||||||
|
Monero Lithium Luna (v0.12.3.0−release)
|
||||||
|
Logging to C:\Users\radim\Nextcloud\ssme−thesis\cli\monero−wallet−cli.log
|
||||||
|
Specify wallet file name (e.g., MyWallet). If the wallet
|
||||||
|
file is not present, it will be created.
|
||||||
|
Wallet file name (or Ctrl−C to exit): ssme−thesis
|
||||||
|
No wallet found with that name. Confirm creation of new
|
||||||
|
wallet named: ssme−thesis
|
||||||
|
(Y/Yes/N/No): Y
|
||||||
|
Generating new wallet...
|
||||||
|
</pre>
|
||||||
|
|
||||||
|
Security of this task depends on the origin of the software, delivery
|
||||||
|
chain trust, and the users’ operating system. Monero CLI and GUI
|
||||||
|
binaries can be edited, and the application itself does not call any
|
||||||
|
internal checking to alert the user of the unauthorized change.
|
||||||
|
Code injection was successfully tested on GUI binary of the official
|
||||||
|
Monero wallet as seen in the Figure 9.2. Although SHA256 hash is pro-
|
||||||
|
vided on the website, the user is not specifically instructed to check the
|
||||||
|
hashes of the downloaded software with tools like PowerShell using
|
||||||
|
Get-FileHash ./monero-wallet-gui.exe | Format-Listcommand
|
||||||
|
[56]. GPG-signed list of the hashes is available on the website although
|
||||||
|
there are no instructions on how to verify PGP signature itself.
|
||||||
|
|
||||||
|
Algorithm : SHA256
|
||||||
|
Hash : AF9324151909AC7B9BC6D622210EADFBAE5E66...
|
||||||
|
Path : ./monero−wallet−gui−original.exe
|
||||||
|
|
||||||
|
Algorithm : SHA256
|
||||||
|
Hash : DF4EC49E088284ECC78DBBD8B9CEFF00A78085...
|
||||||
|
Path : ./monero−wallet−gui−injected.exe
|
||||||
|
|
||||||
|
|
||||||
|
## 6 Monero Usage and Storage Best Practices
|
||||||
|
|
||||||
|
There are also alternative approaches to key generation like an
|
||||||
|
offline JavaScript based monero-wallet-generator that is available at
|
||||||
|
github.com/moneromooo-monero/monero-wallet-generator.
|
||||||
|
|
||||||
|
Hardware way is considered to be in the development, but Monero
|
||||||
|
compatible devices like Ledger Nano S are already on the market. The
|
||||||
|
way how keys are generated in hardware wallets varies on firmware
|
||||||
|
included in each device.
|
||||||
|
In general, the wallet is required to have Monero application in-
|
||||||
|
stalled from vendors application catalog. Keys are generated on the
|
||||||
|
hardware device within the application itself, and the user can only
|
||||||
|
export private view key from the device to view the balance in full
|
||||||
|
CLI/GUI client.
|
||||||
|
This way, the user has private spend key always on the device,
|
||||||
|
and the client PC has only private view key. To sign a transaction,
|
||||||
|
the user has to confirm the transaction on the device itself meaning
|
||||||
|
the hardware wallet will sign the transaction and then sends it to
|
||||||
|
the Monero client. By this, in case of a security breach on the host
|
||||||
|
computer, there is no Monero to steal.
|
||||||
|
|
||||||
|
|
||||||
|
#### 6.1.3 Wallet software for mobile devices
|
||||||
|
|
||||||
|
Monero has wallet software available for Android as well as the iOS
|
||||||
|
platform. Community recommends to use the open source ones for
|
||||||
|
both platforms, as their codebase is published on GitHub and everyone
|
||||||
|
can inspect the code. Another common fact for the recommended
|
||||||
|
solutions is that the keypairs for the wallet are stored exclusively on
|
||||||
|
the user’s device and restore can be done without third-party technical
|
||||||
|
support.
|
||||||
|
|
||||||
|
**Monerojuro** is an open source Android wallet application that is
|
||||||
|
available on Google Play as well as APK release at Github. By this,
|
||||||
|
users can install the application from the Google Play directly, man-
|
||||||
|
ually download the APK or compile it from source code themselves.
|
||||||
|
Wallet keys storage is based on the device only, and the application
|
||||||
|
encourages users to back up their seed [57].
|
||||||
|
|
||||||
|
**Monero Wallet** is an application released by Freewallet.org that
|
||||||
|
provides Monero wallets for both Android and iOS. Regarding overall
|
||||||
|
usability, this application is easier for an average user as it does not
|
||||||
|
present any cryptocurrency wallet terms as key, seed, etc. The user is
|
||||||
|
instead instructed to create a Freewallet account which acts as a wallet
|
||||||
|
[58].
|
||||||
|
By this, the user does not need to save the seed, wallet keys or
|
||||||
|
make any backups as key management is completely on the side of
|
||||||
|
the service provider, Freewallet.org. This fact is often emphasized in
|
||||||
|
Monero community as the user that does not control the keys does
|
||||||
|
not control the wallet. Also, the source code is not publicly available
|
||||||
|
for the community to review.
|
||||||
|
|
||||||
|
**Cake Wallet** represents open source Monero wallet for iOS that
|
||||||
|
provides wallet generation and local key pair storage with remote
|
||||||
|
node connection and synchronization [59].
|
||||||
|
Guideline for secure wallet access is described in the Chapter 4.1.1.
|
||||||
|
|
||||||
|
### 6.2 Secure storage system
|
||||||
|
|
||||||
|
Wallet keys are everything when it comes to cryptocurrency usage.
|
||||||
|
Who has the keys, controls the wallet and can view or transfer the
|
||||||
|
balance to another address. If a user loses wallet keys, Monero wallet
|
||||||
|
can still be recovered using mnemonic seed that should be saved on
|
||||||
|
another storage medium.
|
||||||
|
This Section describes possible ways of backing-up wallet keys.
|
||||||
|
Primary storage media security is compared in the Figure 4.1.3.
|
||||||
|
|
||||||
|
Data characteristics
|
||||||
|
|
||||||
|
As described in the Section 4.1, Monero wallet consists of an encrypted
|
||||||
|
wallet.keysfile that contains private spend and view keys. Size of
|
||||||
|
this file is less than a few kilobytes.
|
||||||
|
Another type of data that is presented to the user is mnemonic
|
||||||
|
seed. Seed can be used for recovery when wallet file is lost and consists
|
||||||
|
of 25 words with the last one being used for checksum.
|
||||||
|
In total, Monero wallet requires less than 8 kilobytes for key and
|
||||||
|
seed storage. This results in minimal space requirements for backup
|
||||||
|
storage media.
|
||||||
|
|
||||||
|
Backup strategy
|
||||||
|
|
||||||
|
Best practice for backups that isn’t too demanding on the user side is
|
||||||
|
the 3-2-1 strategy that is considered in the industry as a bare minimum
|
||||||
|
for keeping the data safe [60].
|
||||||
|
|
||||||
|
- 3 means having at least 3 copies of your data in total.
|
||||||
|
- 2 of them are local but stored on different media types.
|
||||||
|
**-** This can be represented as a combination of SSD and tape.
|
||||||
|
- 1 is an offsite, geographically different location.
|
||||||
|
**-** E.g., in the next building, a different facility, another city.
|
||||||
|
|
||||||
|
In short, this means when your building with external drive burns
|
||||||
|
down and your notebook gets cryptolocker on the same day, you still
|
||||||
|
have your data safe as you have them in the offsite location.
|
||||||
|
|
||||||
|
Data that users need to backup are not changing in the day to
|
||||||
|
day usage, but only when the user creates a new or an additional
|
||||||
|
wallet. Meaning that backing up the wallet does not need to be made
|
||||||
|
frequently unlike other user data that are changed frequently, e.g.,
|
||||||
|
documents. Verification, on the other hand, is more important as not
|
||||||
|
only users should back up the data, they should also be able to restore
|
||||||
|
them. For ease of use, users can verify the integrity of the backup by
|
||||||
|
actually recovering the wallet from the backup media.
|
||||||
|
|
||||||
|
|
||||||
|
6. Monero Usage and Storage Best Practices
|
||||||
|
|
||||||
|
|
||||||
|
Recommended scheme
|
||||||
|
|
||||||
|
Following cost effectivity of individual media types together with
|
||||||
|
common backup strategy:
|
||||||
|
|
||||||
|
- Total number of copies of data: 5
|
||||||
|
- The primary data source is on the client device with wallet soft-
|
||||||
|
ware. This source is then copied downstream to backup media.
|
||||||
|
- All copies of the data should be encrypted using file-level encryp-
|
||||||
|
tion regardless of the security of the device, e.g., by a popular
|
||||||
|
open-source tool like VeraCrypt.
|
||||||
|
- Local copy
|
||||||
|
**-** Located on disk with full volume encryption, e.g., by Bit-
|
||||||
|
Locker.
|
||||||
|
**-** Paper backup in a secure container at a hidden place.
|
||||||
|
- Offsite copy
|
||||||
|
**-** Located on the flash drive with full volume encryption.
|
||||||
|
**-** Located on the DVD as an encrypted file.
|
||||||
|
Secure Monero usage portal
|
||||||
|
|
||||||
|
|
||||||
|
As a result of this Chapter and Monero user research in the Chapter 5,
|
||||||
|
all recommendations for secure Monero usage are compiled within
|
||||||
|
one websitehttps://ownercz.github.io/ssme-thesis.
|
||||||
|
|
||||||
|
### 6.3 Study limitations
|
||||||
|
|
||||||
|
When interpreting Monero user and miners research results, the fol-
|
||||||
|
lowing study limitations should be taken into account:
|
||||||
|
|
||||||
|
- Self-selection bias of respondents in the dataset, which results
|
||||||
|
in a non-representative sample of the population.
|
||||||
|
- Reporting bias of responses in the dataset, as study gathers
|
||||||
|
rather sensitive questions towards security habits and backups.
|
||||||
|
- Limited time and reach of the questionnaires in the community
|
||||||
|
that has participated in this research leading to non-representative
|
||||||
|
population sample.
|
||||||
|
|
@ -0,0 +1,192 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Obtaining Monero and Running The Network
|
||||||
|
subtitle: How are coins gained
|
||||||
|
tags: [coins, network, mining, pools ]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
Monero mining is a process done by miners to verify transactions on
|
||||||
|
the network and add them to the blockchain together in the form of a
|
||||||
|
block. This results for them in a reward in the form of new coins that
|
||||||
|
are emitted as a reward for block solving.
|
||||||
|
Network speed is mainly determined by the average time between
|
||||||
|
individual blocks. This results in the transaction process that takes up
|
||||||
|
to 130s (request =<1s, broadcast =<5s and max. time between blocks
|
||||||
|
=<120 seconds). The transaction process is shown in the Figure 7.3.
|
||||||
|
|
||||||
|
Transaction request
|
||||||
|
generated by the client
|
||||||
|
transfer ADDRESS AMOUNT
|
||||||
|
|
||||||
|
Request broadcast to
|
||||||
|
network nodes, shown
|
||||||
|
showtransfers pool
|
||||||
|
|
||||||
|
Transaction is added to
|
||||||
|
the block waiting to be
|
||||||
|
mined.
|
||||||
|
|
||||||
|
Miners are verifying
|
||||||
|
transactions in the
|
||||||
|
pending block.
|
||||||
|
|
||||||
|
Every 2 minutes new
|
||||||
|
Monero block is mined
|
||||||
|
and added to the
|
||||||
|
blockchain.
|
||||||
|
|
||||||
|
Miners are rewarded by
|
||||||
|
block reward.
|
||||||
|
|
||||||
|
Receiving party’s wallet
|
||||||
|
becomes aware of the
|
||||||
|
transaction.
|
||||||
|
|
||||||
|
|
||||||
|
7. Obtaining Monero and Running the Network
|
||||||
|
|
||||||
|
### 7.1 Mining nodes
|
||||||
|
|
||||||
|
|
||||||
|
As was mentioned at the beginning of the Chapter 7, mining is the
|
||||||
|
main reason for transaction processing in Monero network, and as the
|
||||||
|
mining process has rewards for successfully solving the block, this
|
||||||
|
encourages many different entities to mine.
|
||||||
|
|
||||||
|
Mining in pools
|
||||||
|
|
||||||
|
Very often, miners combine their computational resources into one
|
||||||
|
of the pools on the network. Due to the higher total hash rate, there
|
||||||
|
is a greater chance of solving the block thus gaining the reward of
|
||||||
|
newly emitted coins. After solving each block, the reward is distributed
|
||||||
|
equally to miners connected to the pool according to PPS (per-per-
|
||||||
|
share) or PPLNS (per-per-last-number-of-shares) system [61].
|
||||||
|
As of 09.29.2018 total hash rate of the network was 577.72 Mh/s
|
||||||
|
(100%), in known pools 530.79 Mh/s (91.88%) and unknown part
|
||||||
|
of the network 46.93 Mh/s (8.12%). Unknown part represents either
|
||||||
|
pools that are not listed or solo miners on the network.
|
||||||
|
|
||||||
|
Solo mining
|
||||||
|
|
||||||
|
Represents "all or nothing" approach when it comes to the rewarding
|
||||||
|
system. As solo miner’s hash rate has to compete against all other solo
|
||||||
|
miners as well as big pools, the chance of solving the block is rather
|
||||||
|
small [62].
|
||||||
|
On the other side, when solo miner solves the block successfully,
|
||||||
|
the whole block reward is assigned to the mining address. With high-
|
||||||
|
end, multiple GPU setup, the miner can achieve about 3.2 Kh/s; this
|
||||||
|
would mean chance about 0.46 % of gaining the block reward.
|
||||||
|
|
||||||
|
Web mining
|
||||||
|
|
||||||
|
CryptoNight algorithm mining stands out above others in the way how
|
||||||
|
cryptocurrency can be mined. For Monero there are JavaScript-based
|
||||||
|
miners like CoinHive available, that results in individual websites
|
||||||
|
embedding this script and mining using the visitor’s resources.
|
||||||
|
This can result up to 300 hashes per second for users with powerful
|
||||||
|
CPUs and is a viable alternative to advertisements when visitors spend
|
||||||
|
more than 10 minutes on the website [63]. Typical examples of this
|
||||||
|
approach are warez websites offering free online movies and torrent
|
||||||
|
trackers.
|
||||||
|
|
||||||
|
Botnet mining
|
||||||
|
|
||||||
|
Using other peoples resources for mining, often also called crypto
|
||||||
|
jacking (a more broad term for hidden cryptocurrency mining without
|
||||||
|
users approval), have become increasingly popular in Monero. As the
|
||||||
|
cryptocurrency provides privacy features as well as a wide range of
|
||||||
|
mining software that is available for every major platform.
|
||||||
|
In the current cloud era of computing, this represents vast prob-
|
||||||
|
lems for both service providers and their customers. Providers experi-
|
||||||
|
ence increased power consumption, cooling requirements, customers,
|
||||||
|
on the other hand, are required to pay more for consumed system
|
||||||
|
resources [64].
|
||||||
|
|
||||||
|
Cloud mining
|
||||||
|
|
||||||
|
Represents managed services by specialists that offer mining power us-
|
||||||
|
ing cloud service providers. Due to managed service providers (MSP)
|
||||||
|
markup, this way of mining is not as profitable and not recommended
|
||||||
|
among Monero community in general.
|
||||||
|
Arrows indicate flow of the resources:
|
||||||
|
Payment for service; Payment for compute time; Delivered hashrate
|
||||||
|
|
||||||
|
|
||||||
|
### 7.2 Mining software
|
||||||
|
|
||||||
|
Official
|
||||||
|
|
||||||
|
Can be obtained at the official web of the Monero cryptocurrency
|
||||||
|
project athttps://getmonero.org/downloads/. This is an official wal-
|
||||||
|
let software that includes solo mining client and cannot be used for
|
||||||
|
pool mining.
|
||||||
|
|
||||||
|
Community-driven
|
||||||
|
|
||||||
|
Is a category that incorporates open-source mining software projects
|
||||||
|
that have source code published on the Github. Mostly used are:
|
||||||
|
|
||||||
|
- XMR Stak
|
||||||
|
**-** Consolidates CPU, AMD and Nvidia GPU mining under
|
||||||
|
one multiplatform application with integrated webserver
|
||||||
|
and autoconfiguration capability.
|
||||||
|
**-** URL:https://github.com/fireice-uk/xmr-stak
|
||||||
|
|
||||||
|
- XMRig
|
||||||
|
**-** Three separately released miners with autoconfiguration
|
||||||
|
GPU and CPU capability.
|
||||||
|
**-** AMD:https://github.com/xmrig/xmrig-amd
|
||||||
|
**-** Nvidia:https://github.com/xmrig/xmrig-nvidia
|
||||||
|
**-** CPU:https://github.com/xmrig/xmrig
|
||||||
|
- CCminer - Nvidia CUDA miner
|
||||||
|
**-** URL:https://github.com/tpruvot/ccminer/
|
||||||
|
|
||||||
|
Proprietary
|
||||||
|
|
||||||
|
Having closed source code that community cannot inspect, mining
|
||||||
|
software of this category has less reputation compared to the community-
|
||||||
|
driven. This is caused mainly by the fact that the exact produced hash
|
||||||
|
rate and client reported hash rate differed in the past at least regarding
|
||||||
|
the MinerGate miner available athttps://minergate.com/download
|
||||||
|
s/gui.
|
||||||
|
|
||||||
|
### 7.3 Mining malware
|
||||||
|
|
||||||
|
As Monero algorithm is designed to be memory demanding, it is
|
||||||
|
suitable to mine it using both CPU and GPU as mining software offers
|
||||||
|
support for both hardware components as mentioned in the Section
|
||||||
|
7.2.
|
||||||
|
|
||||||
|
The fact that Monero can be effectively CPU mined means for
|
||||||
|
malware miners much easier way how to gain any profit from infected
|
||||||
|
computer as they do not need to have any specific GPU drivers or
|
||||||
|
features implemented. Because of this, they are easier to deploy on a
|
||||||
|
wide range of devices [65].
|
||||||
|
|
||||||
|
Monero position in the malware world
|
||||||
|
|
||||||
|
When malicious software developer considers the cryptocurrency
|
||||||
|
technology to build on, cryptocurrency features are one of the most
|
||||||
|
important aspects that drive this decision.
|
||||||
|
In the case of Monero, its features are as much important for its
|
||||||
|
users as for the malware developers. The main reason for using Mon-
|
||||||
|
ero is that it offers private features as well as support for mining on
|
||||||
|
almost every device available [66].
|
||||||
|
Thanks to its features and active development, Monero is one of the
|
||||||
|
most active cryptocurrencies that are used in the malware world with
|
||||||
|
more than 57 million USD already mined. As of 2019, Monero is iden-
|
||||||
|
tified to have the most active malware campaigns per cryptocurrency,
|
||||||
|
followed by Bitcoin and zCash [67].
|
||||||
|
|
||||||
|
|
||||||
|
Types of malware miners
|
||||||
|
|
||||||
|
Main categories of malware miners are derived from the way how the
|
||||||
|
unwanted software is delivered to the target device. Most common
|
||||||
|
ways of ingestion are:
|
||||||
|
|
||||||
|
- Website with JavaScript miner software, also known as Crypto-
|
||||||
|
jacking as mentioned in the Figure 4.4.
|
||||||
|
- Exploiting vulnerabilities in the operating system or application
|
||||||
|
software.
|
||||||
|
- Bundled in legitimate software.
|
233
docs/_posts/2019-05-07-Monero-Miners-Research.md
Normal file
233
docs/_posts/2019-05-07-Monero-Miners-Research.md
Normal file
@ -0,0 +1,233 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Monero Miners Research
|
||||||
|
subtitle: Researching the miners
|
||||||
|
tags: [miners,research,terminology]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
The goal of this research is to gather information on people who run
|
||||||
|
mining cryptocurrency software and map their behavior regarding
|
||||||
|
system administration with the emphasis on security practices. For
|
||||||
|
this purpose, an online questionnaire was created and is available in
|
||||||
|
the Appendix Figure C.
|
||||||
|
To the best of my knowledge, this is the first work that studies
|
||||||
|
cryptocurrency miners. Specific research questions are based on cryp-
|
||||||
|
tocurrency mining setup patterns, used software and problematic
|
||||||
|
areas regarding computer and data security in general.
|
||||||
|
|
||||||
|
### 8.1 Research questions
|
||||||
|
|
||||||
|
The survey was designed around seven question groups. Some of them
|
||||||
|
were shown only if the participant chose the appropriate answer.
|
||||||
|
|
||||||
|
- G01 - Introductory information
|
||||||
|
- G02 - Mining setup
|
||||||
|
- G03 - Mining software
|
||||||
|
- G04 - Pool choice
|
||||||
|
- G05 - Windows platform
|
||||||
|
- G06 - Linux platform
|
||||||
|
- G07 - Demographics
|
||||||
|
|
||||||
|
|
||||||
|
Following this pattern, five research questions were set:
|
||||||
|
|
||||||
|
- R1: Who are Monero miners in general? What are their typical
|
||||||
|
mining setups?
|
||||||
|
- R2: Which types of software do participants use as operating
|
||||||
|
systems, management, and mining tools?
|
||||||
|
- R3: What security and update policies miners follow?
|
||||||
|
- R4: Do miners suffer from security incidents like compromised
|
||||||
|
mining operation? How do they deal with them?
|
||||||
|
- R5: What are the factors that affect pool choice?
|
||||||
|
|
||||||
|
### 8.2 Participants and survey’s background
|
||||||
|
|
||||||
|
As mentioned in the Chapter 5, the survey was not hosted on third
|
||||||
|
party servers, but instead on dedicated VPS running Lime Survey
|
||||||
|
self-hosted software with HTTPS interface using signed Letsencrypt
|
||||||
|
certificates.
|
||||||
|
This means that data exchanged between participants and survey
|
||||||
|
software stays only between these two parties, so Google or other
|
||||||
|
big data companies cannot analyze them. To allow extended privacy
|
||||||
|
features, Tor and proxy connections were allowed, but each participant
|
||||||
|
had to solve the CAPTCHA before starting the survey.
|
||||||
|
|
||||||
|
#### 8.2.1 Methodology
|
||||||
|
|
||||||
|
Data collection method was online only and was using the survey
|
||||||
|
website software. Participants selection was based on opportunity
|
||||||
|
sampling, links for the research were shared among dedicated Reddit
|
||||||
|
Monero community, Facebook Mining groups as well as Cryptocur-
|
||||||
|
rency forums. This form was distributed together with the Monero
|
||||||
|
User Research survey in mentioned mining communities. Study limi-
|
||||||
|
tations are described in the Section 6.3.
|
||||||
|
To reduce nonresponse rate, participants were asked only to fill
|
||||||
|
out parts that were significant for them, e.g., Windows OS part stayed
|
||||||
|
hidden in the form if the user selected that he/she used Linux OS only.
|
||||||
|
The data from the respondents were collected from 11.15.2018 to
|
||||||
|
01.27.2019. The complete survey is attached in the Appendix Figure C.
|
||||||
|
|
||||||
|
### 8.3 Collected data
|
||||||
|
|
||||||
|
|
||||||
|
Before entering the survey, each participant had to pass the bot test
|
||||||
|
by entering the correct CAPTCHA, which resulted in 323 participants
|
||||||
|
of the questionnaire in total. As for survey data cleansing, following
|
||||||
|
measurements for valid dataset were taken:
|
||||||
|
|
||||||
|
1. Partially answered or unanswered questionnaires were not taken
|
||||||
|
into account (261 out of 323).
|
||||||
|
2. Respondents that filled out the survey in less than two minutes
|
||||||
|
were discarded (0 out of 323).
|
||||||
|
3. Responses with more than four entries with the same IP were
|
||||||
|
filtered (0 out of 323).
|
||||||
|
4. Responses containing invalid answers, e.g., not using Monero
|
||||||
|
or repeating the same answer pattern in multiple submissions
|
||||||
|
(2 out of 323).
|
||||||
|
|
||||||
|
Usingg eoiplookuppackage in Ubuntu on the filtered dataset, most
|
||||||
|
of the responses were from the USA (10 out of 60) as well as from
|
||||||
|
the Czech Republic (10 out of 60) followed by Germany (6 out of 60).
|
||||||
|
Detailed list of countries with the corresponding number of responses
|
||||||
|
is available in the Appendix Table C.1.
|
||||||
|
|
||||||
|
### 8.4 Results
|
||||||
|
|
||||||
|
Upcoming pages are based on the final filtered dataset with 60 re-
|
||||||
|
sponses of people who voluntarily entered the research based on
|
||||||
|
opportunity sampling.
|
||||||
|
|
||||||
|
General information
|
||||||
|
|
||||||
|
When asked about the motivation for mining Monero, two-thirds of the
|
||||||
|
respondents 67% (40 out of 60) think about Monero as an investment,
|
||||||
|
but also as a way to gain some profit from mining cryptocurrencies
|
||||||
|
62% (37 out of 60).
|
||||||
|
Although Monero is not considered to be more profitable to mine
|
||||||
|
by the majority in the dataset 77% (46 out of 60), almost half of the
|
||||||
|
miners 47% (28 out of 60) favor this cryptocurrency due to its mining
|
||||||
|
characteristics CPU minable and the fact that they directly help to
|
||||||
|
secure the network by mining 60% (36 out of 60).
|
||||||
|
Note that the reasons for mining Monero are biased by the way
|
||||||
|
the respondents in the dataset were selected. In general, there would
|
||||||
|
be a higher percentage of the cryptocurrency miners that care only for
|
||||||
|
the profitability rather than cryptocurrency features [68].
|
||||||
|
|
||||||
|
## 8.3 Mining setup question.
|
||||||
|
|
||||||
|
|
||||||
|
Gathering information about mining setups was designed as a multiple-
|
||||||
|
choice question where every choice was described in detail as illus-
|
||||||
|
trated in the Figure 8.3.
|
||||||
|
|
||||||
|
|
||||||
|
Even through dataset cleansing, from the final 60 respondents, 15
|
||||||
|
of them chose both _Regular PC only_ and _Mining rig_ option. Therefore,
|
||||||
|
only 45 respondents are taken into account in this part.
|
||||||
|
|
||||||
|
## 8.4 Mining types comparison.
|
||||||
|
|
||||||
|
When asked about mining setup, the majority of the miners mine
|
||||||
|
on their PC 33% (15 out of 45) or also on mining rig 69% (31 out
|
||||||
|
of 45), but there is also a small portion of miners 18% (8 out of 45)
|
||||||
|
that use their employer’s hardware and electricity to run their mining
|
||||||
|
operation. On the other side, only two of the respondents mentioned
|
||||||
|
mining on a VPS instance and no one selected cloud mining or botnet
|
||||||
|
mining as their way to mine Monero.
|
||||||
|
## 8.5 Mining setup properties.
|
||||||
|
|
||||||
|
97% (58 out of 60) of respondents shared their current hashrate with
|
||||||
|
median hashrate value being 4.4Kh/s. This hashrate represents a typ-
|
||||||
|
ical setup with 5 high-performance GPUs (AMD RX 480 8GB with
|
||||||
|
800-850h/s) or 7 high-performance CPUs (AMD Ryzen 7 1700 with
|
||||||
|
600-650h/s).
|
||||||
|
Majority of miners mine in their property 87% (52 out of 60) and
|
||||||
|
set up their mining rigs 93% (56 out of 60). The operating system is not
|
||||||
|
dominant nor on the Windows side 65% (39 out of 60) nor the Linux
|
||||||
|
part 55% (33 out of 60) described in the Figure 8.5. This is mainly
|
||||||
|
because of multiplatformity of mining software and availability of
|
||||||
|
guides for mining setups.
|
||||||
|
|
||||||
|
## 8.6 Mining setup preferences.
|
||||||
|
|
||||||
|
Miners generally tend to update their rigs 70% (42 out of 60) as well
|
||||||
|
as clean them 52% (31 out of 60) but refrain from additional infras-
|
||||||
|
tructure costs like buying a UPS 23% (14 out of 60) as shown in the
|
||||||
|
Figure 8.7.
|
||||||
|
|
||||||
|
## 8.7 Mining software preference.
|
||||||
|
|
||||||
|
The choice of mining software impacts mining profitability as well as
|
||||||
|
the number of shares that are donated to the developer (if any).
|
||||||
|
As described in the Chapter 7.2, most popular mining software
|
||||||
|
falls into open source with great moderation regarding code updates
|
||||||
|
from the crypto community in general. This follows results from the
|
||||||
|
dataset where XMR Stak project, that is the most active on Github, is
|
||||||
|
also the most preferred way to run the mining operation 78% (47 out
|
||||||
|
of 60 miners).
|
||||||
|
|
||||||
|
|
||||||
|
XMRig is used less 30% (18 out of 60), but more often in combination
|
||||||
|
with other mining software like previously mentioned XMR Stak.
|
||||||
|
From closed source miners, only MinerGate was mentioned 3% (2
|
||||||
|
out of 60). A small portion of miners also solo mine 12% (7 out of 60)
|
||||||
|
using the official wallet software.
|
||||||
|
In general, miners in the dataset tend to mine in pools 83% (50 out
|
||||||
|
of 60), some of them try to combine mining approaches where the
|
||||||
|
primary way of obtaining the coins is by pool mining, but they also
|
||||||
|
try their luck with solo mining 13% (8 out of 60). True solo miner was
|
||||||
|
represented by only one specimen.
|
||||||
|
|
||||||
|
Pool choice
|
||||||
|
|
||||||
|
Pool choice itself has the biggest impact on the final payout for the
|
||||||
|
miner as described in the Chapter 7.1. This depends on the method of
|
||||||
|
reward distribution, total hashrate of the pool and minimal payout.
|
||||||
|
Note that often pools also have fees which are deducted from the
|
||||||
|
number of coins mined by the miner.
|
||||||
|
When asked about pool preferences, two larger mining pools
|
||||||
|
were often mentioned Monerooceanstream 23% (14 out of 60) and
|
||||||
|
nanopool.org 23% (14 out of 60). Important preference factors for
|
||||||
|
choosing pool were pool fees 87% (52 out of 60), pool security history
|
||||||
|
77% (46 out of 60), total hashrate 73% (44 out of 60) and minimal
|
||||||
|
payout 62%(37 out of 60). Least important are additional features to
|
||||||
|
the pool like mobile apps 23% (14 out of 60) or anti-botnet policy 35%
|
||||||
|
(21 out of 60).
|
||||||
|
|
||||||
|
Windows platform
|
||||||
|
|
||||||
|
Out of 60 miners in the dataset, 39 of them use Windows as their choice
|
||||||
|
of OS for mining. Regarding periodic updates, only a small part of
|
||||||
|
miners 26% (10 out of 39) tend to use Windows with its default update
|
||||||
|
settings (automatic restart of the OS to apply updates, unattended
|
||||||
|
driver updates).
|
||||||
|
Majority of Windows miners 59% (23 out of 39) tend to apply
|
||||||
|
updates after some time after their release and have remote access
|
||||||
|
enabled. There is also a part of miners in the dataset 28% (11 out of
|
||||||
|
39) that tend to “set up and forget” with Windows update completely
|
||||||
|
disabled. Setup preferences are shown in the Figure 8.8.
|
||||||
|
|
||||||
|
## 8.8 Windows mining setup preferences.
|
||||||
|
|
||||||
|
Linux platform
|
||||||
|
|
||||||
|
While Linux is used by 33 out of 60 miners, the majority of them tend
|
||||||
|
to use Ubuntu 52% (17 out of 33) or Debian 33% (11 out of 33). The
|
||||||
|
specialized OS for mining - MineOS is used by six users, least use has
|
||||||
|
community derivate from RHEL, CentOS.
|
||||||
|
Although information about update frequency was not submitted
|
||||||
|
by all miners, many of them 42% (14 out of 33) manage updates
|
||||||
|
manually, with only a small portion of other miners 18% (6 out of 33)
|
||||||
|
having the process automated.
|
||||||
|
Remote management is represented mainly by SSH 67% (22 out of
|
||||||
|
33) followed by VNC 9% (3 out of 33) and TeamViewer 9% (3 out of
|
||||||
|
33). Automation tools are used only by 13 miners from the dataset.
|
||||||
|
|
||||||
|
Demographics
|
||||||
|
|
||||||
|
Survey participants were mainly males 83% (50 out of 60), females
|
||||||
|
3% (2 out of 60) represented only a small portion of the dataset and
|
||||||
|
some of the participants did not disclose their gender 13% (8 out of
|
||||||
|
60). Most respondents in the dataset were from the age groups 25-34
|
||||||
|
55% (33 out of 60) followed by 35-44 age group 20% (12 out of 60) as
|
||||||
|
well as 18-24 18% (11 out of 60).
|
527
docs/_posts/2019-05-08-Designing-Secure-Mining-Environment.md
Normal file
527
docs/_posts/2019-05-08-Designing-Secure-Mining-Environment.md
Normal file
@ -0,0 +1,527 @@
|
|||||||
|
---
|
||||||
|
layout: post
|
||||||
|
title: Designing Secure Mining Environment
|
||||||
|
subtitle: Miners and Mining Operations
|
||||||
|
tags: [mining,xmr-stak,monero]
|
||||||
|
gh-badge: [star, fork, follow]
|
||||||
|
---
|
||||||
|
|
||||||
|
The goal of this Chapter is to design and develop secure and reason-
|
||||||
|
ably easy way how to set up and run mining operations on any scale.
|
||||||
|
Inspired by both results from the Monero Miners Research as well as
|
||||||
|
industry standards of large scale IT operations, the main emphasis is
|
||||||
|
placed on the automation and security aspect of the whole system.
|
||||||
|
Repository containing all the code from this Chapter is publicly
|
||||||
|
available in the GitHub repository mentioned in the Appendix Figure
|
||||||
|
A. Video showing the implementation of the system can be found in
|
||||||
|
the Section 9.5.
|
||||||
|
|
||||||
|
### 9.1 Automation
|
||||||
|
|
||||||
|
Automation is a key aspect for designing and running IT operations
|
||||||
|
that are secure, up-to-date, scalable and easy to maintain. To do that,
|
||||||
|
the proposed mining node provisioning scheme is divided into two
|
||||||
|
parts, first being OS installation with early configuration and second
|
||||||
|
is the automated configuration of provisioned nodes using Ansible.
|
||||||
|
Workflow is described in the Figure 9.1.
|
||||||
|
|
||||||
|
## 9.1 Deployment nodes workflow.
|
||||||
|
|
||||||
|
### 9.2 Ansible introduction
|
||||||
|
|
||||||
|
|
||||||
|
Ansible is an IT automation engine that in this case is used for config-
|
||||||
|
uration and application management of local mining nodes [69].
|
||||||
|
Playbook is a YAML formatted file that provides the declaration of
|
||||||
|
hosts and plays that are executed when running the playbook.
|
||||||
|
Hosts file declares connection information about hosts, e.g., IP and
|
||||||
|
login credentials.
|
||||||
|
|
||||||
|
**ansible-playbook -i hosts xmr01.yml** is a CLI command that exe-
|
||||||
|
cutesxmr01.ymlplaybook file and takes connection information about
|
||||||
|
hosts and groups involved from thehostsfile.
|
||||||
|
|
||||||
|
### 9.3 Linux-based solution
|
||||||
|
|
||||||
|
**9.3.1 Kickstart installation media**
|
||||||
|
|
||||||
|
To easily scale the mining operation, every bit of the software provi-
|
||||||
|
sioning has to be automated. This part describes a process of creating
|
||||||
|
automated CentOS 7 or RHEL 7 installation media with minimal pack-
|
||||||
|
age installation without GUI.
|
||||||
|
|
||||||
|
The first step is to obtain installation media at https://www.ce
|
||||||
|
ntos.org/download/. After downloading the Minimal ISO version,
|
||||||
|
extract the iso file into a separate folder. From there navigate to the
|
||||||
|
isolinuxfolder and editisolinux.cfgconfiguration file.
|
||||||
|
For reference,CentOS-7-x8664-Minimal-1804.isowas used in
|
||||||
|
the following steps.
|
||||||
|
|
||||||
|
Isolinux.cfg file
|
||||||
|
|
||||||
|
Four changes are needed to get the installation process working:
|
||||||
|
|
||||||
|
- timeoutproperty changed from 600 to 50 (seconds * 10).
|
||||||
|
- Change the boot menu to go straight for the install.
|
||||||
|
- Edit paths for the custom ISO image.
|
||||||
|
- Add kickstart file entry.
|
||||||
|
<pre>
|
||||||
|
<@\textcolor{blue}{timeout 50}@>
|
||||||
|
# only relevant part of the file is displayed
|
||||||
|
label linux
|
||||||
|
menu_label ^Install CentOS 7
|
||||||
|
<@\textcolor{blue}{menu_default}@>
|
||||||
|
kernel vmlinuz
|
||||||
|
append initrd=initrd.img <@\textcolor{blue}{inst.ks=hd:LABEL=CENTOS:/
|
||||||
|
ks/ks.cfg inst.stage2=hd:LABEL=CENTOS}@> quiet
|
||||||
|
</pre>
|
||||||
|
|
||||||
|
## 9.2 Customised installator entry.
|
||||||
|
|
||||||
|
The kickstart file is a single file that contains all OS installation param-
|
||||||
|
eters for RHEL based operating systems [70]. This installation method
|
||||||
|
enables automated provisioning of machines without the need for
|
||||||
|
the administrator input. When the file is presented to the installer, it
|
||||||
|
reads the required parameters resulting in the unattended installation
|
||||||
|
process [71].
|
||||||
|
|
||||||
|
The created kickstart file for CentOS 7 mining installation media
|
||||||
|
is available in the Appendix Figure F.1.
|
||||||
|
|
||||||
|
**9.3.3 Generating ISO**
|
||||||
|
|
||||||
|
The specific process of packaging extracted CentOS installation media
|
||||||
|
back into the iso file varies by the used operating system. In both
|
||||||
|
mentioned scenarios, few specific parameters have to be set:
|
||||||
|
|
||||||
|
- Boot image file/isolinux/isolinux.bin
|
||||||
|
- Updated boot information table
|
||||||
|
- Volume label for ISO9660 and UDF set toCENTOS(depends on
|
||||||
|
the configuration that is set in theisolinux.cfgfile).
|
||||||
|
|
||||||
|
Once files are prepared, packaging into the iso at Linux is done by
|
||||||
|
one-liner command:
|
||||||
|
mkisofs -o centos7.iso -b isolinux.bin -c boot.cat
|
||||||
|
-no-emul-boot -V CENTOS -boot-load-size 4 -boot-info-table
|
||||||
|
-R -J -v -T isolinux/.
|
||||||
|
|
||||||
|
After installation from the ISO that was prepared with the kickstart file,
|
||||||
|
the target machine is accepting SSH connections under root account
|
||||||
|
using password-based authentification. Without proper configuration,
|
||||||
|
this would leave machine open to brute force attempts for the root
|
||||||
|
account.
|
||||||
|
Ansible uses following set of files to provision mining nodes with
|
||||||
|
software and configuration:
|
||||||
|
<pre>
|
||||||
|
/
|
||||||
|
xmr01.yml
|
||||||
|
hosts
|
||||||
|
ansible.cfg
|
||||||
|
roles/
|
||||||
|
ansible-sw-common-apps
|
||||||
|
ansible-sw-firewalld
|
||||||
|
ansible-sw-ntp
|
||||||
|
ansible-sw-postfix
|
||||||
|
ansible-sw-sshsec
|
||||||
|
ansible-sw-xmrstak
|
||||||
|
ansible-sys-hostname
|
||||||
|
ansible-user-add
|
||||||
|
ansible-yum-cron
|
||||||
|
ansible-yum-update
|
||||||
|
</pre>
|
||||||
|
## 9.4 Ansible prepared roles.
|
||||||
|
|
||||||
|
- Xmr01.ymlrepresents a playbook file that defines what group
|
||||||
|
of nodes will be provisioned together with the list of roles that
|
||||||
|
will be applied to them.
|
||||||
|
Hostsfile contains groups of hosts with information on how
|
||||||
|
Ansible can connect to them.
|
||||||
|
- Ansible.cfgwas used only in the testing environment where
|
||||||
|
host key checking was disabled.
|
||||||
|
- Rolesfolder contains roles that are applied when running the
|
||||||
|
playbook.
|
||||||
|
|
||||||
|
To make Linux mining nodes updated and secure, following roles
|
||||||
|
were written:
|
||||||
|
|
||||||
|
ansible-sw-common-apps
|
||||||
|
|
||||||
|
The common baseline for all mining nodes that consists of the follow-
|
||||||
|
ing tasks:
|
||||||
|
|
||||||
|
1. Ensure EPEL (Extra Packages for Enterprise Linux) repository
|
||||||
|
is configured or install it.
|
||||||
|
2. Install the following packages:htop, rsync, screen, tmux,
|
||||||
|
iftop, iotop, nano, git, wget, unzip, mc.
|
||||||
|
|
||||||
|
ansible-sw-firewalld
|
||||||
|
|
||||||
|
Installs and enables the firewalld service that has default policy for
|
||||||
|
connections set to thepublic networkand accepts incoming connec-
|
||||||
|
tions only for SSH service.
|
||||||
|
|
||||||
|
ansible-sw-ntp
|
||||||
|
|
||||||
|
To report correct information through the web interface of the mining
|
||||||
|
software, the target machine has to be in sync with NTP servers to do
|
||||||
|
that role establishes the following:
|
||||||
|
|
||||||
|
1. Packagentpdateinstalled from the CentOS repository.
|
||||||
|
2. Ensures correct timezone usingtimedatectlinterface.
|
||||||
|
3. Creates daily cronjob for synchronization of system time.
|
||||||
|
|
||||||
|
ansible-sw-postfix
|
||||||
|
|
||||||
|
Sets up email gateway for correct email delivery together with internal
|
||||||
|
mail aliases mapped to a single outbound address. Email gateway can
|
||||||
|
deliver email on its own to the recipient’s server or can also act as a
|
||||||
|
relay to Gmail account that is used for sending out emails.
|
||||||
|
|
||||||
|
Using Gmail account is preferred as this solution is an Internet
|
||||||
|
Service Provider (ISP) agnostic (blocked SMTP and SSMTP commu-
|
||||||
|
nication for outbound connections at the ISP level would be a problem
|
||||||
|
for the gateway mode).
|
||||||
|
|
||||||
|
Separate Gmail account for sending out email alerts is recom-
|
||||||
|
mended as Postfix has login credentials saved in/etc/postfix/sasl
|
||||||
|
passwdfile in plaintext [70]. This can be made more secure if the
|
||||||
|
credentials file has appropriate permissions, e.g., ownership set to
|
||||||
|
root, the group to wheel and chmod changed to 0600.
|
||||||
|
|
||||||
|
ansible-sw-sshsec
|
||||||
|
|
||||||
|
Takes care about incoming SSH connections in case somebody wants
|
||||||
|
to try brute force attack on the mining machine. After a predefined
|
||||||
|
amount of failed login attempts, the incoming IP address is put into
|
||||||
|
"jail".
|
||||||
|
|
||||||
|
Under the hood, fail2ban monitors sshd log for incoming failed
|
||||||
|
attempts and after certain threshold creates a firewalld rule to block
|
||||||
|
the IP for a predefined amount of time. The default setting for this
|
||||||
|
rule is relatively strict, 3 failed attempts in 10-hour window result in a
|
||||||
|
10-hour ban for incoming connections from the IP address.
|
||||||
|
This role is a fork ofansible-role-fail2banthat is available at
|
||||||
|
https://github.com/resmo/ansible-role-fail2ban.
|
||||||
|
|
||||||
|
|
||||||
|
ansible-sw-xmrstak
|
||||||
|
|
||||||
|
Installs software collectionscentos-release-sclpackage for CentOS
|
||||||
|
together withcmake3, devtoolset-4-gcc*, hwloc-devel, make,
|
||||||
|
libmicrohttpd-devel, openssl-develpackages used for compiling
|
||||||
|
XMR-Stak from source code.
|
||||||
|
|
||||||
|
After that, the folder structure inside the non-privileged user ac-
|
||||||
|
count is created, and XMR-Stak repository is cloned into the user di-
|
||||||
|
rectory. With appropriate permissions set, cmake compiles the source
|
||||||
|
code with following flags:cmake3 .. -DCPUENABLE=ON -DCUDA ENABLE=
|
||||||
|
OFF -DOpen CLENABLE=OFFresulting in CPU only miner for CentOS
|
||||||
|
[72].
|
||||||
|
|
||||||
|
If the mining node would use GPU, appropriate drivers from AMD
|
||||||
|
or Nvidia website are a prior requirement for running the miner. As
|
||||||
|
GPU feature is only a flag, it can be enabled on demand in the play-
|
||||||
|
book file as cmake3 flags are set as variables in the tasks file of the
|
||||||
|
ansible-sw-xmrstakrole in the Jinja2 format:
|
||||||
|
cmake3 .. -DCPUENABLE={{ DCPUENABLE }} -DCUDA ENABLE={{
|
||||||
|
DCUDAENABLE }} -DOpenCLENABLE={{ DOpenCLENABLE }}
|
||||||
|
As next step, role copies over to the node CPU, pool and miner
|
||||||
|
configuration and creates a crontab entry for automatic miner start.
|
||||||
|
For the final touch, HugePages are set tovm.nrhugepages=128in/
|
||||||
|
etc/sysctl.conffor CPU mining memory allocation, and sysctl is
|
||||||
|
reloaded.
|
||||||
|
|
||||||
|
ansible-sys-hostname
|
||||||
|
Changes system hostname to inventory hostname set inhostsfile
|
||||||
|
usinghostnamectlAnsible module.
|
||||||
|
|
||||||
|
ansible-user-add
|
||||||
|
User-add-roleis used for creating the mining user that is not within
|
||||||
|
the wheel group (unprivileged user).
|
||||||
|
|
||||||
|
ansible-yum-cron
|
||||||
|
Installs and configures automatic security updates for CentOS that
|
||||||
|
are daily checked against the online repository. If packages marked
|
||||||
|
for security update are found, email notification to root is sent [73].
|
||||||
|
|
||||||
|
ansible-yum-update
|
||||||
|
All packages including kernel are updated so that mining node is ready
|
||||||
|
to use and won’t send update notification on the next day (unless there
|
||||||
|
are new updates in the meantime).
|
||||||
|
|
||||||
|
Additional notes
|
||||||
|
Roles are installed in the order specified in thexmr01.ymlfile as sys-
|
||||||
|
tem update is done as first to prevent any problems with XMR-Stak
|
||||||
|
compilation.
|
||||||
|
Using root account login on SSH is not recommended as the proper
|
||||||
|
way would be to disable root login in/etc/sshdconfigand login to
|
||||||
|
SSH using created non-privileged user account (ideally using ssh-key
|
||||||
|
based authentification).
|
||||||
|
Later if the user needs to login as user, this can be done bysu root
|
||||||
|
command. To minimize the chance of success brute force attack of the
|
||||||
|
root account using SSH, fail2ban is set to strict mode. Although this is
|
||||||
|
not the most secure way to access the system, with above settings this
|
||||||
|
acts as a middle ground between security and usability of the mining
|
||||||
|
operation.
|
||||||
|
|
||||||
|
### 9.4 Windows-based solution
|
||||||
|
|
||||||
|
9.4.1 Installation media
|
||||||
|
For Windows scenario, Windows 10 image from autumn 2018 was
|
||||||
|
used. As installation is intended to run unattended, custom media has
|
||||||
|
to be created.
|
||||||
|
|
||||||
|
There are many ways how to provision changes to original Win-
|
||||||
|
dows media, most straightforward is generating anautounattend.xml
|
||||||
|
file that covers all installation steps for Windows 10 installer.
|
||||||
|
This process of Windows image customization can be done using
|
||||||
|
Windows Assessment and Deployment Kit (Windows ADK) as it
|
||||||
|
includes Windows System Image Manager (Windows SIM) that is
|
||||||
|
an authoring tool forautounattend.xmlfiles. Using Windows ADK,
|
||||||
|
more complex Windows deployment can be achieved as the adminis-
|
||||||
|
trator can bundle applications and drivers in the image [74].
|
||||||
|
For this guide, generatingautounattend.xmlfile is based on on-
|
||||||
|
line autounattend generator tool located atwindowsafg.com. After
|
||||||
|
generating the file, a block of commands that is executed after the first
|
||||||
|
logon was added.
|
||||||
|
|
||||||
|
<pre>
|
||||||
|
<SynchronousCommand wcm:action=add>
|
||||||
|
<CommandLine>powershell−Command Set−ItemProperty−Path
|
||||||
|
HKLM:\SOFTWARE\Wow6432Node\Microsoft\ .NetFramework\v4.0.30319
|
||||||
|
−Name SchUseStrongCrypto−Value 1−Type DWord</CommandLine>
|
||||||
|
<Description>Set PowerShell ExecutionPolicy</Description>
|
||||||
|
<Order>42</Order>
|
||||||
|
<RequiresUserInput>true</RequiresUserInput>
|
||||||
|
</SynchronousCommand>
|
||||||
|
</pre>
|
||||||
|
## 9.5 .NetFramework adjustments in the Autounattend file.
|
||||||
|
|
||||||
|
|
||||||
|
For example, .NetFramework in Windows 10 doesn’t have strong
|
||||||
|
cryptography enabled for all .Net applications. Due to this, in the
|
||||||
|
default state, Powershell can’t be used for downloading updated code
|
||||||
|
that is required for setting up the environment for Ansible. To fix that,
|
||||||
|
one of the commands after the first logon is dedicated to this issue as
|
||||||
|
shown in the Figure 9.5.
|
||||||
|
|
||||||
|
After finishing the installation process and provisioning the Win-
|
||||||
|
dows environment with<FirstLogonCommands>included in the unat-
|
||||||
|
tended file, Ansible can connect to the Windows machine and set up
|
||||||
|
thing properly.
|
||||||
|
|
||||||
|
Note that installer opens RDP, WinRM, temporarily disables Win-
|
||||||
|
dows Firewall (which will be properly configured by Ansible later)
|
||||||
|
and sets up self-signed WinRM HTTPS certificate using Ansible Power-
|
||||||
|
shell fileConfigureRemotingForAnsible.ps1[75]. Mining node has
|
||||||
|
to be connected to the network to download all required files properly.
|
||||||
|
|
||||||
|
9.4.2 Ansible at Windows
|
||||||
|
|
||||||
|
Before applying roles in Ansible for Windows, unlike in Ansible with
|
||||||
|
Linux machines, environment for both Windows and Linux controller
|
||||||
|
has to be prepared [76].
|
||||||
|
**Windows** needs to have WinRM setup. This is already done as it
|
||||||
|
was part of the installation process where Ansible Powershell script
|
||||||
|
set up HTTPS WinRM environment [77].
|
||||||
|
**Linux** doesn’t have Ansible modules for Windows in default An-
|
||||||
|
sible install. Those can be installed using the package manager, e.g.:
|
||||||
|
|
||||||
|
- Ubuntu:
|
||||||
|
**-** Python 2: apt-get install python-winrm
|
||||||
|
**-** Python 3: apt-get install python3-winrm
|
||||||
|
- CentOS:
|
||||||
|
**-** With EPEL enabled: yum install python2-winrm
|
||||||
|
- Or using PIP:
|
||||||
|
**-** pip install pywinrm
|
||||||
|
|
||||||
|
|
||||||
|
9.4.3 Ansible roles
|
||||||
|
|
||||||
|
Once Ansible is ready to launchxmratwin.ymlplaybook, the following
|
||||||
|
roles are played:
|
||||||
|
|
||||||
|
|
||||||
|
9. Designing Secure Mining Environment
|
||||||
|
<pre>
|
||||||
|
/
|
||||||
|
xmratwin.yml
|
||||||
|
hosts
|
||||||
|
ansible.cfg
|
||||||
|
roles/
|
||||||
|
ansible-win-sec
|
||||||
|
ansible-win-updates
|
||||||
|
ansible-win-xmrstak
|
||||||
|
</pre>
|
||||||
|
## 9.6 Ansible roles for Windows.
|
||||||
|
|
||||||
|
|
||||||
|
ansible-win-sec
|
||||||
|
|
||||||
|
Sets up firewall rules for RDP, WinRM and XMR-Stak web interface,
|
||||||
|
enables Windows firewall for all zones.
|
||||||
|
|
||||||
|
ansible-win-updates
|
||||||
|
|
||||||
|
Windows update policy is set to download and notify for install as
|
||||||
|
Windows updates are managed by this Ansible role.
|
||||||
|
The administrator can configure which updates category will be in-
|
||||||
|
cluded in the updates, in default role install updates fromSecurityUpdates
|
||||||
|
andCriticalUpdatescategory [77]. This can be changed using vari-
|
||||||
|
ableUpdateEverythingin the playbook.
|
||||||
|
|
||||||
|
|
||||||
|
ansible-win-xmrstak
|
||||||
|
|
||||||
|
Downloads latest release of XMR-Stak from developers GitHub page,
|
||||||
|
configures mining software and downloads required libraries from
|
||||||
|
Microsoft site. It also creates scheduled task under the mining user
|
||||||
|
to run with elevated permissions after login so that UAC can be kept
|
||||||
|
enabled and the miner is running without UAC prompts.
|
||||||
|
Also adds the exception in Windows Defender to ignore Desktop
|
||||||
|
folder as a binary XMR-Stak file is considered as a malicious file for
|
||||||
|
being a mining software.
|
||||||
|
|
||||||
|
|
||||||
|
9. Designing Secure Mining Environment
|
||||||
|
|
||||||
|
### 9.5 Automated installation process
|
||||||
|
|
||||||
|
In order to show automated installation process for both Windows
|
||||||
|
and Linux miners, both installation processes were recorded using
|
||||||
|
HDMI capture card and Open Broadcaster Software (OBS). Timeline
|
||||||
|
detailing installation process is available in the Figures 9.7 and 9.9.
|
||||||
|
Video is available athttps://github.com/Ownercz/ssme-thesi
|
||||||
|
s/blob/master/video.md.
|
||||||
|
|
||||||
|
<pre>
|
||||||
|
00:20 ······• Start of unattended Windows installation using the
|
||||||
|
autounattend file.
|
||||||
|
05:35 ······• Install part complete, OS first boot.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
11:07 ······• Windows 10 installation complete.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
11:15 ······• Running Ansible playbook on the Windows machine.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
13:38 ······• Ansible completes miner deployment and reboots
|
||||||
|
the machine.
|
||||||
|
```
|
||||||
|
#### 15:17 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Ansible sets up firewall, Windows environment and
|
||||||
|
reboots the machine. Miner is already running
|
||||||
|
because of scheduled task after reboot.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
17:18 ······• Ansible updates the OS using Windows update
|
||||||
|
module.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
55:24 ······•
|
||||||
|
Ansible reboots the machine to complete the
|
||||||
|
updates.
|
||||||
|
```
|
||||||
|
#### 57:25 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Ansible completes the playbook and mining machine
|
||||||
|
is ready.
|
||||||
|
```
|
||||||
|
</pre>
|
||||||
|
## 9.7 Automated deployment of Windows mining machine.
|
||||||
|
|
||||||
|
|
||||||
|
## 9.8 Windows miner deployment.
|
||||||
|
|
||||||
|
Both installations were done using USB drive as installation source.
|
||||||
|
Hardware specifications of the installation computer were CPU Intel
|
||||||
|
i5 4460, 24GB of DDR3 RAM and target installation drive was 60GB
|
||||||
|
Intel 330 SATA SSD.
|
||||||
|
<pre>
|
||||||
|
#### 00:46 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Start of unattended Linux CentOS 7 installation
|
||||||
|
using the kickstart file.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
05:06 ······• Install part complete, OS first boot.
|
||||||
|
```
|
||||||
|
```
|
||||||
|
05:06 ······• Running Ansible playbook on the Linux machine.
|
||||||
|
```
|
||||||
|
#### 11:29 ······•
|
||||||
|
|
||||||
|
```
|
||||||
|
Ansible completes the playbook and mining machine
|
||||||
|
is ready.
|
||||||
|
```
|
||||||
|
</pre>
|
||||||
|
## 9.9 Automated deployment of Linux mining machine.
|
||||||
|
|
||||||
|
|
||||||
|
## 10 Conclusion
|
||||||
|
|
||||||
|
Monero cryptocurrency is a large and active project that offers a wide
|
||||||
|
range of applications for both users and miners. For its open-source
|
||||||
|
nature, everyone can build their own wallet software, miner or even
|
||||||
|
a website that provides wallet and key management. Because of this,
|
||||||
|
many good, but also potentially malicious applications are released to
|
||||||
|
the public.
|
||||||
|
|
||||||
|
The goal of this thesis is to map usage habits of Monero cryptocur-
|
||||||
|
rency users and miners from both technological as well as security
|
||||||
|
view. Another goal is to create a detailed user guideline for user-
|
||||||
|
friendly and secure usage of the Monero cryptocurrency including
|
||||||
|
key management and backup strategy. For miners, the goal is to im-
|
||||||
|
plement an automated deployment of mining rigs using one of the
|
||||||
|
popular configuration management tools.
|
||||||
|
|
||||||
|
To address this issue, the thesis provides a detailed overview of
|
||||||
|
Monero environment, comparison of wallet client software and ex-
|
||||||
|
changes, comparison of mining software and list of malicious events
|
||||||
|
and software connected with Monero cryptocurrency.
|
||||||
|
|
||||||
|
For a deeper investigation of the listed issues, I have conducted
|
||||||
|
surveys aimed at Monero users and miners. With 173 (113 in users
|
||||||
|
and 60 in miners survey) respondents in total, this provides a real
|
||||||
|
Monero users sample upon which two guidelines were proposed.
|
||||||
|
|
||||||
|
Results of Monero User Research follow the way how participants
|
||||||
|
were selected (by self-selection) as well as the sites they came from
|
||||||
|
(Reddit, Facebook cryptocurrency groups). That meant that the ma-
|
||||||
|
jority of users said they prefer Linux OS with official wallet software
|
||||||
|
and also that they tend to use open-source more than closed-source
|
||||||
|
software. Only a few of them used closed-source apps or website por-
|
||||||
|
tals that can be labeled as dangerous for the user. Contrary to popular
|
||||||
|
belief, respondents revealed that they use Monero for darknet markets
|
||||||
|
only in 18% (20 out of 113), in case of drugs in 10% (11 out of 113)
|
||||||
|
and for other illegal use cases in 5% (6 out of 113).
|
||||||
|
|
||||||
|
Based on the results of the research, I formulated Monero usage
|
||||||
|
and storage best practices part of the thesis, which gives users detailed
|
||||||
|
steps on how to work with the Monero cryptocurrency.
|
||||||
|
|
||||||
|
Monero Miners Research revealed that both Windows and Linux
|
||||||
|
mining operations are set up using manual deployment and updates
|
||||||
|
are usually disabled or delayed. Mining software was in almost all
|
||||||
|
cases open-source with XMR Stak being used the most.
|
||||||
|
|
||||||
|
Based on the results from the Monero Miners Research, I imple-
|
||||||
|
mented an automated deployment system for both major platforms
|
||||||
|
using unattended/kickstart installation media and Ansible. By using
|
||||||
|
application deployment and configuration management tool like An-
|
||||||
|
sible, miners can deploy large mining operations with correct security
|
||||||
|
settings that are both secure and easy to maintain.
|
||||||
|
|
||||||
|
As for the future work on this topic, it would be appropriate
|
||||||
|
to extend current research to include other cryptocurrencies (Dash,
|
||||||
|
Ethereum or Bitcoin) as well as the deployment of their miners.
|
||||||
|
To make results from this thesis more open to the public, every-
|
||||||
|
thing is published under the GitHub repository and GitHub pages
|
||||||
|
website. Website links are available in the Appendix Figure A.
|
||||||
|
|
@ -1,16 +0,0 @@
|
|||||||
---
|
|
||||||
layout: page
|
|
||||||
title: About me
|
|
||||||
subtitle: Why you'd want to go on a date with me
|
|
||||||
---
|
|
||||||
|
|
||||||
My name is Inigo Montoya. I have the following qualities:
|
|
||||||
|
|
||||||
- I rock a great mustache
|
|
||||||
- I'm extremely loyal to my family
|
|
||||||
|
|
||||||
What else do you need?
|
|
||||||
|
|
||||||
### my history
|
|
||||||
|
|
||||||
To be honest, I'm having some trouble remembering right now, so why don't you just watch [my movie](http://en.wikipedia.org/wiki/The_Princess_Bride_%28film%29) and it will answer **all** your questions.
|
|
1047
presentation/Presentation.tex
Normal file
1047
presentation/Presentation.tex
Normal file
File diff suppressed because it is too large
Load Diff
231
presentation/beamerthemefibeamer.sty
Normal file
231
presentation/beamerthemefibeamer.sty
Normal file
@ -0,0 +1,231 @@
|
|||||||
|
%%
|
||||||
|
%% This is file `beamerthemefibeamer.sty',
|
||||||
|
%% generated with the docstrip utility.
|
||||||
|
%%
|
||||||
|
%% The original source files were:
|
||||||
|
%%
|
||||||
|
%% fibeamer.dtx (with options: `class')
|
||||||
|
%%
|
||||||
|
%% Copyright 2015 Vít Novotný <witiko@mail.muni.cz>
|
||||||
|
%% Faculty of Informatics, Masaryk University (Brno, Czech Republic)
|
||||||
|
%%
|
||||||
|
%% This work is based on the (Unofficial) University of Manchester
|
||||||
|
%% Beamer Theme by Andrew Mundy <andrew.mundy@cs.man.ac.uk>.
|
||||||
|
%%
|
||||||
|
%% This work may be distributed and/or modified under the
|
||||||
|
%% conditions of the LaTeX Project Public License, either version
|
||||||
|
%% 1.3 of this license or (at your option) any later version.
|
||||||
|
%% The latest version of this license is available at
|
||||||
|
%%
|
||||||
|
%% http://www.latex-project.org/lppl.txt
|
||||||
|
%%
|
||||||
|
%% and version 1.3 or later is part of all distributions of LaTeX
|
||||||
|
%% version 2005/12/01 or later.
|
||||||
|
%%
|
||||||
|
%% This work has the LPPL maintenance status `maintained'.
|
||||||
|
%%
|
||||||
|
%% The Current Maintainer of this work is Vít Novotný (VN).
|
||||||
|
%% Send bug reports, requests for additions and questions
|
||||||
|
%% either to the fithesis discussion forum at
|
||||||
|
%%
|
||||||
|
%% http://is.muni.cz/auth/df/fithesis-sazba/
|
||||||
|
%%
|
||||||
|
%% or to the e-mail address <witiko@mail.muni.cz>.
|
||||||
|
%%
|
||||||
|
%%
|
||||||
|
%% MODIFICATION ADVICE:
|
||||||
|
%%
|
||||||
|
%% If you want to customize this file, it is best to make a copy of
|
||||||
|
%% the source file(s) from which it was produced. Use a different
|
||||||
|
%% name for your copy(ies) and modify the copy(ies); this will ensure
|
||||||
|
%% that your modifications do not get overwritten when you install a
|
||||||
|
%% new release of the standard system. You should also ensure that
|
||||||
|
%% your modified source file does not generate any modified file with
|
||||||
|
%% the same name as a standard file.
|
||||||
|
%%
|
||||||
|
%% You will also need to produce your own, suitably named, .ins file to
|
||||||
|
%% control the generation of files from your source file; this file
|
||||||
|
%% should contain your own preambles for the files it generates, not
|
||||||
|
%% those in the standard .ins files.
|
||||||
|
%%
|
||||||
|
%% The names of the source files used are shown above.
|
||||||
|
%%
|
||||||
|
\NeedsTeXFormat{LaTeX2e}
|
||||||
|
{\def\fibeamer@versiondef#1#2{
|
||||||
|
\gdef\fibeamer@version@number{#1}
|
||||||
|
\gdef\fibeamer@version@date{#2}
|
||||||
|
\gdef\fibeamer@version{#2 #1 fibeamer MU beamer theme}}
|
||||||
|
\fibeamer@versiondef{v1.1.5}{2016/06/16}}
|
||||||
|
\hypersetup{%
|
||||||
|
pdfcreator=\fibeamer@version,
|
||||||
|
pdfencoding=auto}
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
\ProvidesPackage{fibeamer/beamerthemefibeamer}[\fibeamer@version]
|
||||||
|
\newif\iffibeamer@fonts
|
||||||
|
\DeclareOptionBeamer{fonts}{\fibeamer@fontstrue}
|
||||||
|
\ExecuteOptionsBeamer{fonts}
|
||||||
|
\DeclareOptionBeamer{nofonts}{\fibeamer@fontsfalse}
|
||||||
|
\newif\iffibeamer@microtype
|
||||||
|
\DeclareOptionBeamer{microtype}{\fibeamer@microtypetrue}
|
||||||
|
\ExecuteOptionsBeamer{microtype}
|
||||||
|
\DeclareOptionBeamer{nomicrotype}{\fibeamer@microtypefalse}
|
||||||
|
\DeclareOptionBeamer{university}{\def\fibeamer@university{#1}}
|
||||||
|
\ExecuteOptionsBeamer{university=mu}
|
||||||
|
\DeclareOptionBeamer{faculty}{\def\fibeamer@faculty{#1}}
|
||||||
|
\ExecuteOptionsBeamer{faculty=fi}
|
||||||
|
\def\fibeamer@locale{%
|
||||||
|
% Babel / polyglossia detection
|
||||||
|
\ifx\languagename\undefined%
|
||||||
|
english\else\languagename\fi}
|
||||||
|
\DeclareOptionBeamer{locale}{%
|
||||||
|
\def\fibeamer@locale{#1}}
|
||||||
|
\def\fibeamer@logoLocale{\fibeamer@locale}
|
||||||
|
\DeclareOptionBeamer{logoLocale}{%
|
||||||
|
\def\fibeamer@logoLocale{#1}}
|
||||||
|
\DeclareOptionBeamer{basePath}{%
|
||||||
|
\ifx\fibeamer@empty#1\fibeamer@empty%
|
||||||
|
\def\fibeamer@basePath{}%
|
||||||
|
\else%
|
||||||
|
\def\fibeamer@basePath{#1/}%
|
||||||
|
\fi}
|
||||||
|
\ExecuteOptionsBeamer{basePath=fibeamer}
|
||||||
|
\def\fibeamer@subdir#1#2#3#4\empty{%
|
||||||
|
\ifx#1\empty% <empty> -> <basePath>
|
||||||
|
\fibeamer@basePath
|
||||||
|
\else
|
||||||
|
\if#1/%
|
||||||
|
\ifx#2\empty% / -> /
|
||||||
|
/%
|
||||||
|
\else% /<path> -> /<path>/
|
||||||
|
#1#2#3#4/%
|
||||||
|
\fi
|
||||||
|
\else
|
||||||
|
\if#1.%
|
||||||
|
\ifx#2\empty% . -> ./
|
||||||
|
./%
|
||||||
|
\else
|
||||||
|
\if#2.%
|
||||||
|
\ifx#3\empty% .. -> ../
|
||||||
|
../%
|
||||||
|
\else
|
||||||
|
\if#3/% ../<path> -> ../<path>/
|
||||||
|
../#4/%
|
||||||
|
\else
|
||||||
|
\fibeamer@basePath#1#2#3#4/%
|
||||||
|
\fi
|
||||||
|
\fi
|
||||||
|
\else
|
||||||
|
\if#2/% ./<path> -> ./<path>/
|
||||||
|
./#3#4/%
|
||||||
|
\else
|
||||||
|
\fibeamer@basePath#1#2#3#4/%
|
||||||
|
\fi
|
||||||
|
\fi
|
||||||
|
\fi
|
||||||
|
\else
|
||||||
|
\fibeamer@basePath#1#2#3#4/%
|
||||||
|
\fi
|
||||||
|
\fi
|
||||||
|
\fi}
|
||||||
|
\DeclareOptionBeamer{themePath}{%
|
||||||
|
\def\fibeamer@themePath{\fibeamer@subdir#1%
|
||||||
|
\empty\empty\empty\empty}}
|
||||||
|
\ExecuteOptionsBeamer{themePath=theme}
|
||||||
|
\DeclareOptionBeamer{logoPath}{%
|
||||||
|
\def\fibeamer@logoPath{\fibeamer@subdir#1%
|
||||||
|
\empty\empty\empty\empty}}
|
||||||
|
\ExecuteOptionsBeamer{logoPath=logo/\fibeamer@university}
|
||||||
|
\DeclareOptionBeamer{logo}{\def\fibeamer@logo{#1}}
|
||||||
|
\ExecuteOptionsBeamer{%
|
||||||
|
logo=\fibeamer@logoPath fibeamer-\fibeamer@university-%
|
||||||
|
\fibeamer@faculty-\fibeamer@logoLocale}
|
||||||
|
\DeclareOptionBeamer{fallbackLogo}{\def\fibeamer@fallbackLogo{#1}}
|
||||||
|
\def\fibeamer@fallbackLogo{%
|
||||||
|
\fibeamer@logoPath fibeamer-\fibeamer@university-%
|
||||||
|
\fibeamer@faculty-english}
|
||||||
|
\def\fibeamer@require#1{\IfFileExists{#1.sty}{%
|
||||||
|
\@ifpackageloaded{#1}{}{\RequirePackage{#1}}}{}}
|
||||||
|
\def\fibeamer@requireTheme#1{%
|
||||||
|
\fibeamer@require{\fibeamer@themePath beamer#1themefibeamer}
|
||||||
|
\fibeamer@require{\fibeamer@themePath\fibeamer@university%
|
||||||
|
/beamer#1themefibeamer-\fibeamer@university}
|
||||||
|
\fibeamer@require{\fibeamer@themePath\fibeamer@university%
|
||||||
|
/beamer#1themefibeamer-\fibeamer@university-\fibeamer@faculty}}
|
||||||
|
\fibeamer@require{etoolbox}
|
||||||
|
\newcommand\fibeamer@includeLogo[1][]{{
|
||||||
|
% See <http://tex.stackexchange.com/a/39987/70941>.
|
||||||
|
\patchcmd{\Gin@ii}% Make `\includegraphics` use `@fallbackLogo`.
|
||||||
|
{\begingroup}% <search>
|
||||||
|
{\begingroup\renewcommand{\@latex@error}[2]{%
|
||||||
|
\includegraphics[#1]\fibeamer@fallbackLogo}}% <replace>
|
||||||
|
{}% <success>
|
||||||
|
{}% <failure>
|
||||||
|
\includegraphics[#1]\fibeamer@logo}}
|
||||||
|
\def\fibeamer@patch#1#2{%
|
||||||
|
\def\fibeamer@patch@versions{#1}%
|
||||||
|
\def\fibeamer@patch@action{#2}%
|
||||||
|
\def\fibeamer@patch@next##1,{%
|
||||||
|
\def\fibeamer@patch@arg{##1}%
|
||||||
|
\def\fibeamer@patch@relax{\relax}%
|
||||||
|
\ifx\fibeamer@patch@arg\fibeamer@version@number
|
||||||
|
\def\fibeamer@patch@next####1\relax,{}%
|
||||||
|
\expandafter\fibeamer@patch@action
|
||||||
|
\expandafter\fibeamer@patch@next
|
||||||
|
\else\ifx\fibeamer@patch@arg\fibeamer@patch@relax\else
|
||||||
|
\expandafter\expandafter\expandafter\fibeamer@patch@next
|
||||||
|
\fi\fi}%
|
||||||
|
\expandafter\expandafter\expandafter\fibeamer@patch@next
|
||||||
|
\expandafter\fibeamer@patch@versions\expandafter,\relax,}
|
||||||
|
\ProcessOptionsBeamer
|
||||||
|
% Set up the microtypographic extensions
|
||||||
|
\iffibeamer@microtype
|
||||||
|
\RequirePackage{microtype}
|
||||||
|
\fi
|
||||||
|
\mode<presentation>
|
||||||
|
% Set up the fonts
|
||||||
|
\iffibeamer@fonts
|
||||||
|
\RequirePackage{ifthen}
|
||||||
|
\RequirePackage{ifxetex}
|
||||||
|
\RequirePackage{ifluatex}
|
||||||
|
\RequirePackage{lmodern}
|
||||||
|
\RequirePackage[sfdefault,lf]{carlito}
|
||||||
|
\renewcommand*\oldstylenums[1]{{\carlitoOsF #1}}
|
||||||
|
|
||||||
|
%% Load arev with scaling factor of .85
|
||||||
|
%% See <http://tex.stackexchange.com/a/181240/70941>
|
||||||
|
\DeclareFontFamily{OML}{zavm}{\skewchar\font=127 }
|
||||||
|
\DeclareFontShape{OML}{zavm}{m}{it}{<-> s*[.85] zavmri7m}{}
|
||||||
|
\DeclareFontShape{OML}{zavm}{b}{it}{<-> s*[.85] zavmbi7m}{}
|
||||||
|
\DeclareFontShape{OML}{zavm}{m}{sl}{<->ssub * zavm/m/it}{}
|
||||||
|
\DeclareFontShape{OML}{zavm}{bx}{it}{<->ssub * zavm/b/it}{}
|
||||||
|
\DeclareFontShape{OML}{zavm}{b}{sl}{<->ssub * zavm/b/it}{}
|
||||||
|
\DeclareFontShape{OML}{zavm}{bx}{sl}{<->ssub * zavm/b/sl}{}
|
||||||
|
|
||||||
|
\AtBeginDocument{
|
||||||
|
\SetSymbolFont{operators} {normal}{OT1}{zavm}{m}{n}
|
||||||
|
\SetSymbolFont{letters} {normal}{OML}{zavm}{m}{it}
|
||||||
|
\SetSymbolFont{symbols} {normal}{OMS}{zavm}{m}{n}
|
||||||
|
\SetSymbolFont{largesymbols}{normal}{OMX}{iwona}{m}{n}}
|
||||||
|
\RequirePackage[sans]{dsfont}
|
||||||
|
|
||||||
|
\ifthenelse{\boolean{xetex}\OR\boolean{luatex}}{
|
||||||
|
\RequirePackage{fontspec}
|
||||||
|
\setmonofont[Scale=0.85,Ligatures=TeX]{DejaVu Sans Mono}
|
||||||
|
}{
|
||||||
|
\usepackage[scaled=0.85]{DejaVuSansMono}
|
||||||
|
\RequirePackage[resetfonts]{cmap}
|
||||||
|
\RequirePackage[T1]{fontenc}
|
||||||
|
}
|
||||||
|
\RequirePackage{setspace}
|
||||||
|
\setstretch{1.15}
|
||||||
|
\fi
|
||||||
|
\mode
|
||||||
|
<all>
|
||||||
|
\fibeamer@requireTheme{color}
|
||||||
|
\fibeamer@requireTheme{font}
|
||||||
|
\fibeamer@requireTheme{inner}
|
||||||
|
\fibeamer@requireTheme{outer}
|
||||||
|
\endinput
|
||||||
|
%%
|
||||||
|
%% End of file `beamerthemefibeamer.sty'.
|
398
presentation/fi-lualatex.tex
Normal file
398
presentation/fi-lualatex.tex
Normal file
@ -0,0 +1,398 @@
|
|||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
%% I, the copyright holder of this work, release this work into the
|
||||||
|
%% public domain. This applies worldwide. In some countries this may
|
||||||
|
%% not be legally possible; if so: I grant anyone the right to use
|
||||||
|
%% this work for any purpose, without any conditions, unless such
|
||||||
|
%% conditions are required by law.
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
|
||||||
|
\documentclass{beamer}
|
||||||
|
\usetheme[faculty=fi]{fibeamer}
|
||||||
|
\usepackage{polyglossia} %% By using `czech` or `slovak` as the
|
||||||
|
\setmainlanguage{english} %% main locale instead of `english`, you
|
||||||
|
%% can typeset the presentation in either Czech or Slovak,
|
||||||
|
%% respectively.
|
||||||
|
\setotherlanguages{czech, slovak} %% The additional keys allow
|
||||||
|
%%
|
||||||
|
%% \begin{otherlanguage}{czech} ... \end{otherlanguage}
|
||||||
|
%% \begin{otherlanguage}{slovak} ... \end{otherlanguage}
|
||||||
|
%%
|
||||||
|
%% These macros specify information about the presentation
|
||||||
|
\title{Presentation Title} %% that will be typeset on the
|
||||||
|
\subtitle{Presentation Subtitle} %% title page.
|
||||||
|
\author{Author's Name}
|
||||||
|
%% These additional packages are used within the document:
|
||||||
|
\usepackage{ragged2e} % `\justifying` text
|
||||||
|
\usepackage{booktabs} % Tables
|
||||||
|
\usepackage{tabularx}
|
||||||
|
\usepackage{tikz} % Diagrams
|
||||||
|
\usetikzlibrary{calc, shapes, backgrounds}
|
||||||
|
\usepackage{amsmath, amssymb}
|
||||||
|
\usepackage{url} % `\url`s
|
||||||
|
\usepackage{listings} % Code listings
|
||||||
|
\frenchspacing
|
||||||
|
\begin{document}
|
||||||
|
\frame{\maketitle}
|
||||||
|
|
||||||
|
\AtBeginSection[]{% Print an outline at the beginning of sections
|
||||||
|
\begin{frame}<beamer>
|
||||||
|
\frametitle{Outline for Section \thesection}
|
||||||
|
\tableofcontents[currentsection]
|
||||||
|
\end{frame}}
|
||||||
|
|
||||||
|
\begin{darkframes}
|
||||||
|
\section{Dark Frames}
|
||||||
|
\subsection{Blind Text}
|
||||||
|
\begin{frame}{Jabberwocky}
|
||||||
|
\framesubtitle{Lewis Carroll}%
|
||||||
|
\begin{tikzpicture}[overlay,remember picture]
|
||||||
|
\node[anchor=south east,xshift=-30pt,yshift=35pt]
|
||||||
|
at (current page.south east) {
|
||||||
|
\includegraphics[width=35mm]{resources/jabberwocky-dark}
|
||||||
|
};
|
||||||
|
\end{tikzpicture}%
|
||||||
|
'Twas brillig, and the slithy toves\\
|
||||||
|
Did gyre and gimble in the wabe;\\
|
||||||
|
All mimsy were the borogoves,\\
|
||||||
|
And the mome raths outgrabe.\\\bigskip
|
||||||
|
|
||||||
|
“Beware the Jabberwock, my son!\\
|
||||||
|
The jaws that bite, the claws that catch!\\
|
||||||
|
Beware the Jubjub bird, and shun\\
|
||||||
|
The frumious Bandersnatch!”\\
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=lists]{Lists and locales}
|
||||||
|
\framesubtitle{Lorem ipsum dolor sit amet}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.5\textwidth}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Nulla nec lacinia odio. Curabitur urna tellus.
|
||||||
|
\begin{itemize}
|
||||||
|
\item Fusce id sodales dolor. Sed id metus dui.
|
||||||
|
\begin{itemize}
|
||||||
|
\item Cupio virtus licet mi vel feugiat.
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\column{.5\textwidth}
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Donec porta, risus porttitor egestas scelerisque video.
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Nunc non ante fringilla, manus potentis cario.
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Pellentesque servus morbi tristique.
|
||||||
|
\end{enumerate}
|
||||||
|
\end{enumerate}
|
||||||
|
\end{enumerate}
|
||||||
|
\end{columns}
|
||||||
|
\bigskip
|
||||||
|
\justifying
|
||||||
|
|
||||||
|
{\uselanguage{czech}Nechť již hříšné saxofony ďáblů
|
||||||
|
rozzvučí síň úděsnými tóny waltzu, tanga a quickstepu!}
|
||||||
|
{\uselanguage{slovak} Nezvyčajné kŕdle šťastných figliarskych
|
||||||
|
ďatľov učia pri kótovanom ústí Váhu mĺkveho koňa Waldemara
|
||||||
|
obžierať väč\-šie kusy exkluzívnej kôry.}
|
||||||
|
{\uselanguage{english}The quick, brown fox jumps over a lazy
|
||||||
|
dog. DJs flock by when MTV ax quiz prog. “Now fax quiz Jack!”}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Structuring Elements}
|
||||||
|
\begin{frame}[label=simmonshall]{Text blocks}
|
||||||
|
\framesubtitle{In plain, example, and \alert{alert} flavour}
|
||||||
|
\alert{This text} is highlighted.
|
||||||
|
|
||||||
|
\begin{block}{A plain block}
|
||||||
|
This is a plain block containing some \alert{highlighted text}.
|
||||||
|
\end{block}
|
||||||
|
\begin{exampleblock}{An example block}
|
||||||
|
This is an example block containing some \alert{highlighted text}.
|
||||||
|
\end{exampleblock}
|
||||||
|
\begin{alertblock}{An alert block}
|
||||||
|
This is an alert block containing some \alert{highlighted text}.
|
||||||
|
\end{alertblock}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=proof]{Definitions, theorems, and proofs}
|
||||||
|
\framesubtitle{All integers divide zero}
|
||||||
|
\begin{definition}
|
||||||
|
$\forall a,b\in\mathds{Z}: a\mid b\iff\exists c\in\mathds{Z}:a\cdot c=b$
|
||||||
|
\end{definition}
|
||||||
|
\begin{theorem}
|
||||||
|
$\forall a\in\mathds{Z}: a\mid 0$
|
||||||
|
\end{theorem}
|
||||||
|
\begin{proof}[Proof\nopunct]
|
||||||
|
$\forall a\in\mathds{Z}: a\cdot 0=0$
|
||||||
|
\end{proof}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Numerals and Mathematics}
|
||||||
|
\begin{frame}[label=math]{Numerals and Mathematics}
|
||||||
|
\framesubtitle{Formulae, equations, and expressions}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.20\textwidth}
|
||||||
|
1234567890
|
||||||
|
\column{.20\textwidth}
|
||||||
|
\oldstylenums{1234567890}
|
||||||
|
\column{.20\textwidth}
|
||||||
|
$\hat{x}$, $\check{x}$, $\tilde{a}$,
|
||||||
|
$\bar{a}$, $\dot{y}$, $\ddot{y}$
|
||||||
|
\column{.40\textwidth}
|
||||||
|
$\int \!\! \int f(x,y,z)\,\mathsf{d}x\mathsf{d}y\mathsf{d}z$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.5\textwidth}
|
||||||
|
$$\frac{1}{\displaystyle 1+
|
||||||
|
\frac{1}{\displaystyle 2+
|
||||||
|
\frac{1}{\displaystyle 3+x}}} +
|
||||||
|
\frac{1}{1+\frac{1}{2+\frac{1}{3+x}}}$$
|
||||||
|
\column{.5\textwidth}
|
||||||
|
$$F:\left| \begin{array}{ccc}
|
||||||
|
F''_{xx} & F''_{xy} & F'_x \\
|
||||||
|
F''_{yx} & F''_{yy} & F'_y \\
|
||||||
|
F'_x & F'_y & 0
|
||||||
|
\end{array}\right| = 0$$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.3\textwidth}
|
||||||
|
$$\mathop{\int \!\!\! \int}_{\mathbf{x} \in \mathds{R}^2}
|
||||||
|
\! \langle \mathbf{x},\mathbf{y}\rangle\,\mathsf{d}\mathbf{x}$$
|
||||||
|
\column{.33\textwidth}
|
||||||
|
$$\overline{\overline{a\alpha}^2+\underline{b\beta}
|
||||||
|
+\overline{\overline{d\delta}}}$$
|
||||||
|
\column{.37\textwidth}
|
||||||
|
$\left] 0,1\right[ + \lceil x \rfloor - \langle x,y\rangle$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.4\textwidth}
|
||||||
|
\begin{eqnarray*}
|
||||||
|
e^x &\approx& 1+x+x^2/2! + \\
|
||||||
|
&& {}+x^3/3! + x^4/4!
|
||||||
|
\end{eqnarray*}
|
||||||
|
\column{.6\textwidth}
|
||||||
|
$${n+1\choose k} = {n\choose k} + {n \choose k-1}$$
|
||||||
|
\end{columns}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Figures and Code Listings}
|
||||||
|
\begin{frame}[label=figs1]{Figures}
|
||||||
|
\framesubtitle{Tables, graphs, and images}
|
||||||
|
\begin{table}[!b]
|
||||||
|
{\carlitoTLF % Use monospaced lining figures
|
||||||
|
\begin{tabularx}{\textwidth}{Xrrr}
|
||||||
|
\textbf{Faculty} & \textbf{With \TeX} & \textbf{Total} &
|
||||||
|
\textbf{\%} \\
|
||||||
|
\toprule
|
||||||
|
Faculty of Informatics & 1\,716 & 2\,904 &
|
||||||
|
59.09 \\% 1433
|
||||||
|
Faculty of Science & 786 & 5\,275 &
|
||||||
|
14.90 \\% 1431
|
||||||
|
Faculty of $\genfrac{}{}{0pt}{}{\textsf{Economics and}}{%
|
||||||
|
\textsf{Administration}}$ & 64 & 4\,591 &
|
||||||
|
1.39 \\% 1456
|
||||||
|
Faculty of Arts & 69 & 10\,000 &
|
||||||
|
0.69 \\% 1421
|
||||||
|
Faculty of Medicine & 8 & 2\,014 &
|
||||||
|
0.40 \\% 1411
|
||||||
|
Faculty of Law & 15 & 4\,824 &
|
||||||
|
0.31 \\% 1422
|
||||||
|
Faculty of Education & 19 & 8\,219 &
|
||||||
|
0.23 \\% 1441
|
||||||
|
Faculty of Social Studies & 12 & 5\,599 &
|
||||||
|
0.21 \\% 1423
|
||||||
|
Faculty of Sports Studies & 3 & 2\,062 &
|
||||||
|
0.15 \\% 1451
|
||||||
|
\bottomrule
|
||||||
|
\end{tabularx}}
|
||||||
|
\caption{The distribution of theses written using \TeX\ during 2010--15 at MU}
|
||||||
|
\end{table}
|
||||||
|
\end{frame}
|
||||||
|
\begin{frame}[label=figs2]{Figures}
|
||||||
|
\framesubtitle{Tables, graphs, and images}
|
||||||
|
\begin{figure}[b]
|
||||||
|
\centering
|
||||||
|
% Flipping a coin
|
||||||
|
% Author: cis
|
||||||
|
\tikzset{
|
||||||
|
head/.style = {fill = none, label = center:\textsf{H}},
|
||||||
|
tail/.style = {fill = none, label = center:\textsf{T}}}
|
||||||
|
\scalebox{0.65}{\begin{tikzpicture}[
|
||||||
|
scale = 1.5, transform shape, thick,
|
||||||
|
every node/.style = {draw, circle, minimum size = 10mm},
|
||||||
|
grow = down, % alignment of characters
|
||||||
|
level 1/.style = {sibling distance=3cm},
|
||||||
|
level 2/.style = {sibling distance=4cm},
|
||||||
|
level 3/.style = {sibling distance=2cm},
|
||||||
|
level distance = 1.25cm
|
||||||
|
]
|
||||||
|
\node[shape = rectangle,
|
||||||
|
minimum width = 6cm, font = \sffamily] {Coin flipping}
|
||||||
|
child { node[shape = circle split, draw, line width = 1pt,
|
||||||
|
minimum size = 10mm, inner sep = 0mm, rotate = 30] (Start)
|
||||||
|
{ \rotatebox{-30}{H} \nodepart{lower} \rotatebox{-30}{T}}
|
||||||
|
child { node [head] (A) {}
|
||||||
|
child { node [head] (B) {}}
|
||||||
|
child { node [tail] (C) {}}
|
||||||
|
}
|
||||||
|
child { node [tail] (D) {}
|
||||||
|
child { node [head] (E) {}}
|
||||||
|
child { node [tail] (F) {}}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
% Filling the root (Start)
|
||||||
|
\begin{scope}[on background layer, rotate=30]
|
||||||
|
\fill[head] (Start.base) ([xshift = 0mm]Start.east) arc (0:180:5mm)
|
||||||
|
-- cycle;
|
||||||
|
\fill[tail] (Start.base) ([xshift = 0pt]Start.west) arc (180:360:5mm)
|
||||||
|
-- cycle;
|
||||||
|
\end{scope}
|
||||||
|
|
||||||
|
% Labels
|
||||||
|
\begin{scope}[nodes = {draw = none}]
|
||||||
|
\path (Start) -- (A) node [near start, left] {$0.5$};
|
||||||
|
\path (A) -- (B) node [near start, left] {$0.5$};
|
||||||
|
\path (A) -- (C) node [near start, right] {$0.5$};
|
||||||
|
\path (Start) -- (D) node [near start, right] {$0.5$};
|
||||||
|
\path (D) -- (E) node [near start, left] {$0.5$};
|
||||||
|
\path (D) -- (F) node [near start, right] {$0.5$};
|
||||||
|
\begin{scope}[nodes = {below = 11pt}]
|
||||||
|
\node [name = X] at (B) {$0.25$};
|
||||||
|
\node at (C) {$0.25$};
|
||||||
|
\node [name = Y] at (E) {$0.25$};
|
||||||
|
\node at (F) {$0.25$};
|
||||||
|
\end{scope}
|
||||||
|
\end{scope}
|
||||||
|
\end{tikzpicture}}
|
||||||
|
\caption{Tree of probabilities -- Flipping a coin\footnote[frame]{%
|
||||||
|
A derivative of a diagram from \url{texample.net} by cis, CC BY 2.5 licensed}}
|
||||||
|
\end{figure}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\defverbatim[colored]\sleepSort{
|
||||||
|
\begin{lstlisting}[language=C,tabsize=2]
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
// This is a comment
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
while (--c > 1 && !fork());
|
||||||
|
sleep(c = atoi(v[c]));
|
||||||
|
printf("%d\n", c);
|
||||||
|
wait(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
\end{lstlisting}}
|
||||||
|
\begin{frame}{Code listings}{An example source code in C}
|
||||||
|
\sleepSort
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Citations and Bibliography}
|
||||||
|
\begin{frame}[label=citations]{Citations}
|
||||||
|
\framesubtitle{\TeX, \LaTeX, and Beamer}
|
||||||
|
|
||||||
|
\justifying\TeX\ is a programming language for the typesetting
|
||||||
|
of documents. It was created by Donald Erwin Knuth in the late
|
||||||
|
1970s and it is documented in \emph{The \TeX
|
||||||
|
book}~\cite{knuth84}.
|
||||||
|
|
||||||
|
In the early 1980s, Leslie Lamport created the initial version
|
||||||
|
of \LaTeX, a high-level language on top of \TeX, which is
|
||||||
|
documented in \emph{\LaTeX : A Document Preparation
|
||||||
|
System}~\cite{lamport94}. There exists a healthy ecosystem of
|
||||||
|
packages that extend the base functionality of \LaTeX;
|
||||||
|
\emph{The \LaTeX\ Companion}~\cite{MG94} acts as a guide
|
||||||
|
through the ecosystem.
|
||||||
|
|
||||||
|
In 2003, Till Tantau created the initial version of Beamer, a
|
||||||
|
\LaTeX\ package for the creation of presentations. Beamer is
|
||||||
|
documented in the \emph{User's Guide to the Beamer
|
||||||
|
Class}~\cite{tantau04}.
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=bibliography]{Bibliography}
|
||||||
|
\framesubtitle{\TeX, \LaTeX, and Beamer}
|
||||||
|
\begin{thebibliography}{9}
|
||||||
|
\bibitem{knuth84}
|
||||||
|
Donald~E.~Knuth.
|
||||||
|
\emph{The \TeX book}.
|
||||||
|
Addison-Wesley, 1984.
|
||||||
|
\bibitem{lamport94}
|
||||||
|
Leslie~Lamport.
|
||||||
|
\emph{\LaTeX : A Document Preparation System}.
|
||||||
|
Addison-Wesley, 1986.
|
||||||
|
\bibitem{MG94}
|
||||||
|
M.~Goossens, F.~Mittelbach, and A.~Samarin.
|
||||||
|
\emph{The \LaTeX\ Companion}.
|
||||||
|
Addison-Wesley, 1994.
|
||||||
|
\bibitem{tantau04}
|
||||||
|
Till~Tantau.
|
||||||
|
\emph{User's Guide to the Beamer Class Version 3.01}.
|
||||||
|
Available at \url{http://latex-beamer.sourceforge.net}.
|
||||||
|
\bibitem{MS05}
|
||||||
|
A.~Mertz and W.~Slough.
|
||||||
|
Edited by B.~Beeton and K.~Berry.
|
||||||
|
\emph{Beamer by example} In TUGboat,
|
||||||
|
Vol. 26, No. 1., pp. 68-73.
|
||||||
|
\end{thebibliography}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\end{darkframes}
|
||||||
|
|
||||||
|
\section{Light Frames}
|
||||||
|
\subsection{Blind Text}
|
||||||
|
\begin{frame}{Jabberwocky}
|
||||||
|
\framesubtitle{Lewis Carroll}%
|
||||||
|
\begin{tikzpicture}[overlay,remember picture]
|
||||||
|
\node[anchor=south east,xshift=-30pt,yshift=35pt]
|
||||||
|
at (current page.south east) {
|
||||||
|
\includegraphics[width=35mm]{resources/jabberwocky-light}
|
||||||
|
};
|
||||||
|
\end{tikzpicture}%
|
||||||
|
'Twas brillig, and the slithy toves\\
|
||||||
|
Did gyre and gimble in the wabe;\\
|
||||||
|
All mimsy were the borogoves,\\
|
||||||
|
And the mome raths outgrabe.\\\bigskip
|
||||||
|
|
||||||
|
“Beware the Jabberwock, my son!\\
|
||||||
|
The jaws that bite, the claws that catch!\\
|
||||||
|
Beware the Jubjub bird, and shun\\
|
||||||
|
The frumious Bandersnatch!”\\
|
||||||
|
\end{frame}
|
||||||
|
\againframe{lists}
|
||||||
|
\subsection{Structuring Elements}
|
||||||
|
\againframe{simmonshall}
|
||||||
|
\againframe{proof}
|
||||||
|
\subsection{Numerals and Mathematics}
|
||||||
|
\againframe{math}
|
||||||
|
\subsection{Figures and Code Listings}
|
||||||
|
\againframe{figs1}
|
||||||
|
\againframe{figs2}
|
||||||
|
\defverbatim[colored]\sleepSort{
|
||||||
|
\begin{lstlisting}[language=C,tabsize=2]
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
// This is a comment
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
while (--c > 1 && !fork());
|
||||||
|
sleep(c = atoi(v[c]));
|
||||||
|
printf("%d\n", c);
|
||||||
|
wait(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
\end{lstlisting}}
|
||||||
|
\begin{frame}{Code listings}{An example source code in C}
|
||||||
|
\sleepSort
|
||||||
|
\end{frame}
|
||||||
|
\subsection{Citations and Bibliography}
|
||||||
|
\againframe{citations}
|
||||||
|
\againframe{bibliography}
|
||||||
|
\end{document}
|
401
presentation/fi-pdflatex.tex
Normal file
401
presentation/fi-pdflatex.tex
Normal file
@ -0,0 +1,401 @@
|
|||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
%% I, the copyright holder of this work, release this work into the
|
||||||
|
%% public domain. This applies worldwide. In some countries this may
|
||||||
|
%% not be legally possible; if so: I grant anyone the right to use
|
||||||
|
%% this work for any purpose, without any conditions, unless such
|
||||||
|
%% conditions are required by law.
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
|
||||||
|
\documentclass{beamer}
|
||||||
|
\usetheme[faculty=fi]{fibeamer}
|
||||||
|
\usepackage[utf8]{inputenc}
|
||||||
|
\usepackage[
|
||||||
|
main=english, %% By using `czech` or `slovak` as the main locale
|
||||||
|
%% instead of `english`, you can typeset the
|
||||||
|
%% presentation in either Czech or Slovak,
|
||||||
|
%% respectively.
|
||||||
|
czech, slovak %% The additional keys allow foreign texts to be
|
||||||
|
]{babel} %% typeset as follows:
|
||||||
|
%%
|
||||||
|
%% \begin{otherlanguage}{czech} ... \end{otherlanguage}
|
||||||
|
%% \begin{otherlanguage}{slovak} ... \end{otherlanguage}
|
||||||
|
%%
|
||||||
|
%% These macros specify information about the presentation
|
||||||
|
\title{Presentation Title} %% that will be typeset on the
|
||||||
|
\subtitle{Presentation Subtitle} %% title page.
|
||||||
|
\author{Author's Name}
|
||||||
|
%% These additional packages are used within the document:
|
||||||
|
\usepackage{ragged2e} % `\justifying` text
|
||||||
|
\usepackage{booktabs} % Tables
|
||||||
|
\usepackage{tabularx}
|
||||||
|
\usepackage{tikz} % Diagrams
|
||||||
|
\usetikzlibrary{calc, shapes, backgrounds}
|
||||||
|
\usepackage{amsmath, amssymb}
|
||||||
|
\usepackage{url} % `\url`s
|
||||||
|
\usepackage{listings} % Code listings
|
||||||
|
\frenchspacing
|
||||||
|
\begin{document}
|
||||||
|
\frame{\maketitle}
|
||||||
|
|
||||||
|
\AtBeginSection[]{% Print an outline at the beginning of sections
|
||||||
|
\begin{frame}<beamer>
|
||||||
|
\frametitle{Outline for Section \thesection}
|
||||||
|
\tableofcontents[currentsection]
|
||||||
|
\end{frame}}
|
||||||
|
|
||||||
|
\begin{darkframes}
|
||||||
|
\section{Dark Frames}
|
||||||
|
\subsection{Blind Text}
|
||||||
|
\begin{frame}{Jabberwocky}
|
||||||
|
\framesubtitle{Lewis Carroll}%
|
||||||
|
\begin{tikzpicture}[overlay,remember picture]
|
||||||
|
\node[anchor=south east,xshift=-30pt,yshift=35pt]
|
||||||
|
at (current page.south east) {
|
||||||
|
\includegraphics[width=35mm]{resources/jabberwocky-dark}
|
||||||
|
};
|
||||||
|
\end{tikzpicture}%
|
||||||
|
'Twas brillig, and the slithy toves\\
|
||||||
|
Did gyre and gimble in the wabe;\\
|
||||||
|
All mimsy were the borogoves,\\
|
||||||
|
And the mome raths outgrabe.\\\bigskip
|
||||||
|
|
||||||
|
“Beware the Jabberwock, my son!\\
|
||||||
|
The jaws that bite, the claws that catch!\\
|
||||||
|
Beware the Jubjub bird, and shun\\
|
||||||
|
The frumious Bandersnatch!”\\
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=lists]{Lists and locales}
|
||||||
|
\framesubtitle{Lorem ipsum dolor sit amet}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.5\textwidth}
|
||||||
|
\begin{itemize}
|
||||||
|
\item Nulla nec lacinia odio. Curabitur urna tellus.
|
||||||
|
\begin{itemize}
|
||||||
|
\item Fusce id sodales dolor. Sed id metus dui.
|
||||||
|
\begin{itemize}
|
||||||
|
\item Cupio virtus licet mi vel feugiat.
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\end{itemize}
|
||||||
|
\column{.5\textwidth}
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Donec porta, risus porttitor egestas scelerisque video.
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Nunc non ante fringilla, manus potentis cario.
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Pellentesque servus morbi tristique.
|
||||||
|
\end{enumerate}
|
||||||
|
\end{enumerate}
|
||||||
|
\end{enumerate}
|
||||||
|
\end{columns}
|
||||||
|
\bigskip
|
||||||
|
\justifying
|
||||||
|
|
||||||
|
{\uselanguage{czech}Nechť již hříšné saxofony ďáblů
|
||||||
|
rozzvučí síň úděsnými tóny waltzu, tanga a quickstepu!}
|
||||||
|
{\uselanguage{slovak} Nezvyčajné kŕdle šťastných figliarskych
|
||||||
|
ďatľov učia pri kótovanom ústí Váhu mĺkveho koňa Waldemara
|
||||||
|
obžierať väč\-šie kusy exkluzívnej kôry.}
|
||||||
|
{\uselanguage{english}The quick, brown fox jumps over a lazy
|
||||||
|
dog. DJs flock by when MTV ax quiz prog. “Now fax quiz Jack!”}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Structuring Elements}
|
||||||
|
\begin{frame}[label=simmonshall]{Text blocks}
|
||||||
|
\framesubtitle{In plain, example, and \alert{alert} flavour}
|
||||||
|
\alert{This text} is highlighted.
|
||||||
|
|
||||||
|
\begin{block}{A plain block}
|
||||||
|
This is a plain block containing some \alert{highlighted text}.
|
||||||
|
\end{block}
|
||||||
|
\begin{exampleblock}{An example block}
|
||||||
|
This is an example block containing some \alert{highlighted text}.
|
||||||
|
\end{exampleblock}
|
||||||
|
\begin{alertblock}{An alert block}
|
||||||
|
This is an alert block containing some \alert{highlighted text}.
|
||||||
|
\end{alertblock}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=proof]{Definitions, theorems, and proofs}
|
||||||
|
\framesubtitle{All integers divide zero}
|
||||||
|
\begin{definition}
|
||||||
|
$\forall a,b\in\mathds{Z}: a\mid b\iff\exists c\in\mathds{Z}:a\cdot c=b$
|
||||||
|
\end{definition}
|
||||||
|
\begin{theorem}
|
||||||
|
$\forall a\in\mathds{Z}: a\mid 0$
|
||||||
|
\end{theorem}
|
||||||
|
\begin{proof}[Proof\nopunct]
|
||||||
|
$\forall a\in\mathds{Z}: a\cdot 0=0$
|
||||||
|
\end{proof}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Numerals and Mathematics}
|
||||||
|
\begin{frame}[label=math]{Numerals and Mathematics}
|
||||||
|
\framesubtitle{Formulae, equations, and expressions}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.20\textwidth}
|
||||||
|
1234567890
|
||||||
|
\column{.20\textwidth}
|
||||||
|
\oldstylenums{1234567890}
|
||||||
|
\column{.20\textwidth}
|
||||||
|
$\hat{x}$, $\check{x}$, $\tilde{a}$,
|
||||||
|
$\bar{a}$, $\dot{y}$, $\ddot{y}$
|
||||||
|
\column{.40\textwidth}
|
||||||
|
$\int \!\! \int f(x,y,z)\,\mathsf{d}x\mathsf{d}y\mathsf{d}z$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.5\textwidth}
|
||||||
|
$$\frac{1}{\displaystyle 1+
|
||||||
|
\frac{1}{\displaystyle 2+
|
||||||
|
\frac{1}{\displaystyle 3+x}}} +
|
||||||
|
\frac{1}{1+\frac{1}{2+\frac{1}{3+x}}}$$
|
||||||
|
\column{.5\textwidth}
|
||||||
|
$$F:\left| \begin{array}{ccc}
|
||||||
|
F''_{xx} & F''_{xy} & F'_x \\
|
||||||
|
F''_{yx} & F''_{yy} & F'_y \\
|
||||||
|
F'_x & F'_y & 0
|
||||||
|
\end{array}\right| = 0$$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.3\textwidth}
|
||||||
|
$$\mathop{\int \!\!\! \int}_{\mathbf{x} \in \mathds{R}^2}
|
||||||
|
\! \langle \mathbf{x},\mathbf{y}\rangle\,\mathsf{d}\mathbf{x}$$
|
||||||
|
\column{.33\textwidth}
|
||||||
|
$$\overline{\overline{a\alpha}^2+\underline{b\beta}
|
||||||
|
+\overline{\overline{d\delta}}}$$
|
||||||
|
\column{.37\textwidth}
|
||||||
|
$\left] 0,1\right[ + \lceil x \rfloor - \langle x,y\rangle$
|
||||||
|
\end{columns}
|
||||||
|
\begin{columns}[onlytextwidth]
|
||||||
|
\column{.4\textwidth}
|
||||||
|
\begin{eqnarray*}
|
||||||
|
e^x &\approx& 1+x+x^2/2! + \\
|
||||||
|
&& {}+x^3/3! + x^4/4!
|
||||||
|
\end{eqnarray*}
|
||||||
|
\column{.6\textwidth}
|
||||||
|
$${n+1\choose k} = {n\choose k} + {n \choose k-1}$$
|
||||||
|
\end{columns}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Figures and Code Listings}
|
||||||
|
\begin{frame}[label=figs1]{Figures}
|
||||||
|
\framesubtitle{Tables, graphs, and images}
|
||||||
|
\begin{table}[!b]
|
||||||
|
{\carlitoTLF % Use monospaced lining figures
|
||||||
|
\begin{tabularx}{\textwidth}{Xrrr}
|
||||||
|
\textbf{Faculty} & \textbf{With \TeX} & \textbf{Total} &
|
||||||
|
\textbf{\%} \\
|
||||||
|
\toprule
|
||||||
|
Faculty of Informatics & 1\,716 & 2\,904 &
|
||||||
|
59.09 \\% 1433
|
||||||
|
Faculty of Science & 786 & 5\,275 &
|
||||||
|
14.90 \\% 1431
|
||||||
|
Faculty of $\genfrac{}{}{0pt}{}{\textsf{Economics and}}{%
|
||||||
|
\textsf{Administration}}$ & 64 & 4\,591 &
|
||||||
|
1.39 \\% 1456
|
||||||
|
Faculty of Arts & 69 & 10\,000 &
|
||||||
|
0.69 \\% 1421
|
||||||
|
Faculty of Medicine & 8 & 2\,014 &
|
||||||
|
0.40 \\% 1411
|
||||||
|
Faculty of Law & 15 & 4\,824 &
|
||||||
|
0.31 \\% 1422
|
||||||
|
Faculty of Education & 19 & 8\,219 &
|
||||||
|
0.23 \\% 1441
|
||||||
|
Faculty of Social Studies & 12 & 5\,599 &
|
||||||
|
0.21 \\% 1423
|
||||||
|
Faculty of Sports Studies & 3 & 2\,062 &
|
||||||
|
0.15 \\% 1451
|
||||||
|
\bottomrule
|
||||||
|
\end{tabularx}}
|
||||||
|
\caption{The distribution of theses written using \TeX\ during 2010--15 at MU}
|
||||||
|
\end{table}
|
||||||
|
\end{frame}
|
||||||
|
\begin{frame}[label=figs2]{Figures}
|
||||||
|
\framesubtitle{Tables, graphs, and images}
|
||||||
|
\begin{figure}[b]
|
||||||
|
\centering
|
||||||
|
% Flipping a coin
|
||||||
|
% Author: cis
|
||||||
|
\tikzset{
|
||||||
|
head/.style = {fill = none, label = center:\textsf{H}},
|
||||||
|
tail/.style = {fill = none, label = center:\textsf{T}}}
|
||||||
|
\scalebox{0.65}{\begin{tikzpicture}[
|
||||||
|
scale = 1.5, transform shape, thick,
|
||||||
|
every node/.style = {draw, circle, minimum size = 10mm},
|
||||||
|
grow = down, % alignment of characters
|
||||||
|
level 1/.style = {sibling distance=3cm},
|
||||||
|
level 2/.style = {sibling distance=4cm},
|
||||||
|
level 3/.style = {sibling distance=2cm},
|
||||||
|
level distance = 1.25cm
|
||||||
|
]
|
||||||
|
\node[shape = rectangle,
|
||||||
|
minimum width = 6cm, font = \sffamily] {Coin flipping}
|
||||||
|
child { node[shape = circle split, draw, line width = 1pt,
|
||||||
|
minimum size = 10mm, inner sep = 0mm, rotate = 30] (Start)
|
||||||
|
{ \rotatebox{-30}{H} \nodepart{lower} \rotatebox{-30}{T}}
|
||||||
|
child { node [head] (A) {}
|
||||||
|
child { node [head] (B) {}}
|
||||||
|
child { node [tail] (C) {}}
|
||||||
|
}
|
||||||
|
child { node [tail] (D) {}
|
||||||
|
child { node [head] (E) {}}
|
||||||
|
child { node [tail] (F) {}}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
% Filling the root (Start)
|
||||||
|
\begin{scope}[on background layer, rotate=30]
|
||||||
|
\fill[head] (Start.base) ([xshift = 0mm]Start.east) arc (0:180:5mm)
|
||||||
|
-- cycle;
|
||||||
|
\fill[tail] (Start.base) ([xshift = 0pt]Start.west) arc (180:360:5mm)
|
||||||
|
-- cycle;
|
||||||
|
\end{scope}
|
||||||
|
|
||||||
|
% Labels
|
||||||
|
\begin{scope}[nodes = {draw = none}]
|
||||||
|
\path (Start) -- (A) node [near start, left] {$0.5$};
|
||||||
|
\path (A) -- (B) node [near start, left] {$0.5$};
|
||||||
|
\path (A) -- (C) node [near start, right] {$0.5$};
|
||||||
|
\path (Start) -- (D) node [near start, right] {$0.5$};
|
||||||
|
\path (D) -- (E) node [near start, left] {$0.5$};
|
||||||
|
\path (D) -- (F) node [near start, right] {$0.5$};
|
||||||
|
\begin{scope}[nodes = {below = 11pt}]
|
||||||
|
\node [name = X] at (B) {$0.25$};
|
||||||
|
\node at (C) {$0.25$};
|
||||||
|
\node [name = Y] at (E) {$0.25$};
|
||||||
|
\node at (F) {$0.25$};
|
||||||
|
\end{scope}
|
||||||
|
\end{scope}
|
||||||
|
\end{tikzpicture}}
|
||||||
|
\caption{Tree of probabilities -- Flipping a coin\footnote[frame]{%
|
||||||
|
A derivative of a diagram from \url{texample.net} by cis, CC BY 2.5 licensed}}
|
||||||
|
\end{figure}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\defverbatim[colored]\sleepSort{
|
||||||
|
\begin{lstlisting}[language=C,tabsize=2]
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
// This is a comment
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
while (--c > 1 && !fork());
|
||||||
|
sleep(c = atoi(v[c]));
|
||||||
|
printf("%d\n", c);
|
||||||
|
wait(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
\end{lstlisting}}
|
||||||
|
\begin{frame}{Code listings}{An example source code in C}
|
||||||
|
\sleepSort
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\subsection{Citations and Bibliography}
|
||||||
|
\begin{frame}[label=citations]{Citations}
|
||||||
|
\framesubtitle{\TeX, \LaTeX, and Beamer}
|
||||||
|
|
||||||
|
\justifying\TeX\ is a programming language for the typesetting
|
||||||
|
of documents. It was created by Donald Erwin Knuth in the late
|
||||||
|
1970s and it is documented in \emph{The \TeX
|
||||||
|
book}~\cite{knuth84}.
|
||||||
|
|
||||||
|
In the early 1980s, Leslie Lamport created the initial version
|
||||||
|
of \LaTeX, a high-level language on top of \TeX, which is
|
||||||
|
documented in \emph{\LaTeX : A Document Preparation
|
||||||
|
System}~\cite{lamport94}. There exists a healthy ecosystem of
|
||||||
|
packages that extend the base functionality of \LaTeX;
|
||||||
|
\emph{The \LaTeX\ Companion}~\cite{MG94} acts as a guide
|
||||||
|
through the ecosystem.
|
||||||
|
|
||||||
|
In 2003, Till Tantau created the initial version of Beamer, a
|
||||||
|
\LaTeX\ package for the creation of presentations. Beamer is
|
||||||
|
documented in the \emph{User's Guide to the Beamer
|
||||||
|
Class}~\cite{tantau04}.
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\begin{frame}[label=bibliography]{Bibliography}
|
||||||
|
\framesubtitle{\TeX, \LaTeX, and Beamer}
|
||||||
|
\begin{thebibliography}{9}
|
||||||
|
\bibitem{knuth84}
|
||||||
|
Donald~E.~Knuth.
|
||||||
|
\emph{The \TeX book}.
|
||||||
|
Addison-Wesley, 1984.
|
||||||
|
\bibitem{lamport94}
|
||||||
|
Leslie~Lamport.
|
||||||
|
\emph{\LaTeX : A Document Preparation System}.
|
||||||
|
Addison-Wesley, 1986.
|
||||||
|
\bibitem{MG94}
|
||||||
|
M.~Goossens, F.~Mittelbach, and A.~Samarin.
|
||||||
|
\emph{The \LaTeX\ Companion}.
|
||||||
|
Addison-Wesley, 1994.
|
||||||
|
\bibitem{tantau04}
|
||||||
|
Till~Tantau.
|
||||||
|
\emph{User's Guide to the Beamer Class Version 3.01}.
|
||||||
|
Available at \url{http://latex-beamer.sourceforge.net}.
|
||||||
|
\bibitem{MS05}
|
||||||
|
A.~Mertz and W.~Slough.
|
||||||
|
Edited by B.~Beeton and K.~Berry.
|
||||||
|
\emph{Beamer by example} In TUGboat,
|
||||||
|
Vol. 26, No. 1., pp. 68-73.
|
||||||
|
\end{thebibliography}
|
||||||
|
\end{frame}
|
||||||
|
|
||||||
|
\end{darkframes}
|
||||||
|
|
||||||
|
\section{Light Frames}
|
||||||
|
\subsection{Blind Text}
|
||||||
|
\begin{frame}{Jabberwocky}
|
||||||
|
\framesubtitle{Lewis Carroll}%
|
||||||
|
\begin{tikzpicture}[overlay,remember picture]
|
||||||
|
\node[anchor=south east,xshift=-30pt,yshift=35pt]
|
||||||
|
at (current page.south east) {
|
||||||
|
\includegraphics[width=35mm]{resources/jabberwocky-light}
|
||||||
|
};
|
||||||
|
\end{tikzpicture}%
|
||||||
|
'Twas brillig, and the slithy toves\\
|
||||||
|
Did gyre and gimble in the wabe;\\
|
||||||
|
All mimsy were the borogoves,\\
|
||||||
|
And the mome raths outgrabe.\\\bigskip
|
||||||
|
|
||||||
|
“Beware the Jabberwock, my son!\\
|
||||||
|
The jaws that bite, the claws that catch!\\
|
||||||
|
Beware the Jubjub bird, and shun\\
|
||||||
|
The frumious Bandersnatch!”\\
|
||||||
|
\end{frame}
|
||||||
|
\againframe{lists}
|
||||||
|
\subsection{Structuring Elements}
|
||||||
|
\againframe{simmonshall}
|
||||||
|
\againframe{proof}
|
||||||
|
\subsection{Numerals and Mathematics}
|
||||||
|
\againframe{math}
|
||||||
|
\subsection{Figures and Code Listings}
|
||||||
|
\againframe{figs1}
|
||||||
|
\againframe{figs2}
|
||||||
|
\defverbatim[colored]\sleepSort{
|
||||||
|
\begin{lstlisting}[language=C,tabsize=2]
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
// This is a comment
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
while (--c > 1 && !fork());
|
||||||
|
sleep(c = atoi(v[c]));
|
||||||
|
printf("%d\n", c);
|
||||||
|
wait(0);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
\end{lstlisting}}
|
||||||
|
\begin{frame}{Code listings}{An example source code in C}
|
||||||
|
\sleepSort
|
||||||
|
\end{frame}
|
||||||
|
\subsection{Citations and Bibliography}
|
||||||
|
\againframe{citations}
|
||||||
|
\againframe{bibliography}
|
||||||
|
\end{document}
|
325
presentation/fibeamer/logo/mu/fibeamer-mu-fi-czech.pdf
Normal file
325
presentation/fibeamer/logo/mu/fibeamer-mu-fi-czech.pdf
Normal file
@ -0,0 +1,325 @@
|
|||||||
|
%PDF-1.5
%âãÏÓ
|
||||||
|
13 0 obj
<</Metadata 12 0 R/OCProperties<</D<</ON[15 0 R]/Order 16 0 R/RBGroups[]>>/OCGs[15 0 R]>>/Pages 1 0 R/Type/Catalog>>
endobj
12 0 obj
<</Length 11665/Subtype/XML/Type/Metadata>>stream
|
||||||
|
<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?>
|
||||||
|
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 5.1.2">
|
||||||
|
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
|
||||||
|
<rdf:Description rdf:about=""
|
||||||
|
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||||
|
xmlns:xmp="http://ns.adobe.com/xap/1.0/"
|
||||||
|
xmlns:xmpGImg="http://ns.adobe.com/xap/1.0/g/img/"
|
||||||
|
xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/"
|
||||||
|
xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#"
|
||||||
|
xmlns:stEvt="http://ns.adobe.com/xap/1.0/sType/ResourceEvent#"
|
||||||
|
xmlns:illustrator="http://ns.adobe.com/illustrator/1.0/"
|
||||||
|
xmlns:xmpTPg="http://ns.adobe.com/xap/1.0/t/pg/"
|
||||||
|
xmlns:stDim="http://ns.adobe.com/xap/1.0/sType/Dimensions#"
|
||||||
|
xmlns:xmpG="http://ns.adobe.com/xap/1.0/g/"
|
||||||
|
xmlns:pdf="http://ns.adobe.com/pdf/1.3/"
|
||||||
|
xmlns:ExtensisFontSense="http://www.extensis.com/meta/FontSense/"
|
||||||
|
dc:format="application/pdf"
|
||||||
|
xmp:MetadataDate="2015-10-28T18:56:46+01:00"
|
||||||
|
xmp:ModifyDate="2015-10-28T18:56:46+01:00"
|
||||||
|
xmp:CreateDate="2015-09-30T01:52:03+02:00"
|
||||||
|
xmp:CreatorTool="Adobe Illustrator CS6 (Macintosh)"
|
||||||
|
xmpMM:InstanceID="uuid:deba632b-54b7-3f40-9cd9-604d3925d62a"
|
||||||
|
xmpMM:DocumentID="xmp.did:F1771D32492068118083C138F3A478D6"
|
||||||
|
xmpMM:OriginalDocumentID="uuid:5D20892493BFDB11914A8590D31508C8"
|
||||||
|
xmpMM:RenditionClass="proof:pdf"
|
||||||
|
illustrator:StartupProfile="Print"
|
||||||
|
xmpTPg:HasVisibleOverprint="False"
|
||||||
|
xmpTPg:HasVisibleTransparency="False"
|
||||||
|
xmpTPg:NPages="1"
|
||||||
|
pdf:Producer="Adobe PDF library 10.01">
|
||||||
|
<dc:title>
|
||||||
|
<rdf:Alt>
|
||||||
|
<rdf:li xml:lang="x-default">mu-stitky-fakulty-cz</rdf:li>
|
||||||
|
</rdf:Alt>
|
||||||
|
</dc:title>
|
||||||
|
<xmp:Thumbnails>
|
||||||
|
<rdf:Alt>
|
||||||
|
<rdf:li
|
||||||
|
xmpGImg:width="256"
|
||||||
|
xmpGImg:height="168"
|
||||||
|
xmpGImg:format="JPEG"
|
||||||
|
xmpGImg:image="/9j/4AAQSkZJRgABAgEASABIAAD/7QAsUGhvdG9zaG9wIDMuMAA4QklNA+0AAAAAABAASAAAAAEA
AQBIAAAAAQAB/+4ADkFkb2JlAGTAAAAAAf/bAIQABgQEBAUEBgUFBgkGBQYJCwgGBggLDAoKCwoK
DBAMDAwMDAwQDA4PEA8ODBMTFBQTExwbGxscHx8fHx8fHx8fHwEHBwcNDA0YEBAYGhURFRofHx8f
Hx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8f/8AAEQgAqAEAAwER
AAIRAQMRAf/EAaIAAAAHAQEBAQEAAAAAAAAAAAQFAwIGAQAHCAkKCwEAAgIDAQEBAQEAAAAAAAAA
AQACAwQFBgcICQoLEAACAQMDAgQCBgcDBAIGAnMBAgMRBAAFIRIxQVEGE2EicYEUMpGhBxWxQiPB
UtHhMxZi8CRygvElQzRTkqKyY3PCNUQnk6OzNhdUZHTD0uIIJoMJChgZhJRFRqS0VtNVKBry4/PE
1OT0ZXWFlaW1xdXl9WZ2hpamtsbW5vY3R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo+Ck5SVlpeYmZ
qbnJ2en5KjpKWmp6ipqqusra6voRAAICAQIDBQUEBQYECAMDbQEAAhEDBCESMUEFURNhIgZxgZEy
obHwFMHR4SNCFVJicvEzJDRDghaSUyWiY7LCB3PSNeJEgxdUkwgJChgZJjZFGidkdFU38qOzwygp
0+PzhJSktMTU5PRldYWVpbXF1eX1RlZmdoaWprbG1ub2R1dnd4eXp7fH1+f3OEhYaHiImKi4yNjo
+DlJWWl5iZmpucnZ6fkqOkpaanqKmqq6ytrq+v/aAAwDAQACEQMRAD8A9U4q7FXYq7FXYq7FXYq7
FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX
Yq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXY
q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq
7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7
FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX
Yq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXY
q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq
7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7
FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX
Yq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXY
q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq
7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7
FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX
Yq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXY
q7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq
7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7
FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7F
XYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FXYq7FX//2Q=="/>
|
||||||
|
</rdf:Alt>
|
||||||
|
</xmp:Thumbnails>
|
||||||
|
<xmpMM:DerivedFrom
|
||||||
|
stRef:instanceID="uuid:8ccc8906-d3ac-2d4f-aaf4-ef8d96727138"
|
||||||
|
stRef:documentID="xmp.did:EC771D32492068118083C138F3A478D6"
|
||||||
|
stRef:originalDocumentID="uuid:5D20892493BFDB11914A8590D31508C8"
|
||||||
|
stRef:renditionClass="proof:pdf"/>
|
||||||
|
<xmpMM:History>
|
||||||
|
<rdf:Seq>
|
||||||
|
<rdf:li
|
||||||
|
stEvt:action="saved"
|
||||||
|
stEvt:instanceID="xmp.iid:07801174072068118083918EEDD18719"
|
||||||
|
stEvt:when="2015-08-24T03:11:31+02:00"
|
||||||
|
stEvt:softwareAgent="Adobe Illustrator CS6 (Macintosh)"
|
||||||
|
stEvt:changed="/"/>
|
||||||
|
<rdf:li
|
||||||
|
stEvt:action="saved"
|
||||||
|
stEvt:instanceID="xmp.iid:F1771D32492068118083C138F3A478D6"
|
||||||
|
stEvt:when="2015-09-30T01:51:58+02:00"
|
||||||
|
stEvt:softwareAgent="Adobe Illustrator CS6 (Macintosh)"
|
||||||
|
stEvt:changed="/"/>
|
||||||
|
</rdf:Seq>
|
||||||
|
</xmpMM:History>
|
||||||
|
<xmpTPg:MaxPageSize
|
||||||
|
stDim:w="79.999940"
|
||||||
|
stDim:h="31.999769"
|
||||||
|
stDim:unit="Millimeters"/>
|
||||||
|
<xmpTPg:SwatchGroups>
|
||||||
|
<rdf:Seq>
|
||||||
|
<rdf:li
|
||||||
|
xmpG:groupName="Výchozà skupina vzorků"
|
||||||
|
xmpG:groupType="0"/>
|
||||||
|
</rdf:Seq>
|
||||||
|
</xmpTPg:SwatchGroups>
|
||||||
|
<ExtensisFontSense:slug>
|
||||||
|
<rdf:Bag>
|
||||||
|
<rdf:li
|
||||||
|
ExtensisFontSense:Family="Syntax LT CE"
|
||||||
|
ExtensisFontSense:Version="001.000"
|
||||||
|
ExtensisFontSense:OutlineFileSize="0"
|
||||||
|
ExtensisFontSense:KerningChecksum="0"
|
||||||
|
ExtensisFontSense:Foundry="Linotype AG"
|
||||||
|
ExtensisFontSense:FontKind="OpenType - PS"
|
||||||
|
ExtensisFontSense:Checksum="3359954016"
|
||||||
|
ExtensisFontSense:PostScriptName="SyntaxLTCE-Bold"
|
||||||
|
ExtensisFontSense:FontSense_1.2_Checksum="3359954016"/>
|
||||||
|
<rdf:li
|
||||||
|
ExtensisFontSense:Family="Syntax LT CE"
|
||||||
|
ExtensisFontSense:Version="001.000"
|
||||||
|
ExtensisFontSense:OutlineFileSize="0"
|
||||||
|
ExtensisFontSense:KerningChecksum="0"
|
||||||
|
ExtensisFontSense:Foundry="Linotype AG"
|
||||||
|
ExtensisFontSense:FontKind="OpenType - PS"
|
||||||
|
ExtensisFontSense:Checksum="2133157911"
|
||||||
|
ExtensisFontSense:PostScriptName="SyntaxLTCE-Roman"
|
||||||
|
ExtensisFontSense:FontSense_1.2_Checksum="2133157911"/>
|
||||||
|
</rdf:Bag>
|
||||||
|
</ExtensisFontSense:slug>
|
||||||
|
</rdf:Description>
|
||||||
|
</rdf:RDF>
|
||||||
|
</x:xmpmeta>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<?xpacket end="w"?>
endstream
endobj
1 0 obj
<</Count 1/Kids[3 0 R]/Type/Pages>>
endobj
3 0 obj
<</ArtBox[0.000488281 3.54395 133.296 90.7051]/BleedBox[0.0 0.0 226.771 90.708]/Contents 17 0 R/LastModified(D:20151028185646+01'00')/MediaBox[0.0 0.0 226.771 90.708]/Parent 1 0 R/PieceInfo<</Illustrator 18 0 R>>/Resources<</ExtGState<</GS0 19 0 R>>/Properties<</MC0 15 0 R>>>>/Thumb 20 0 R/TrimBox[0.0 0.0 226.771 90.708]/Type/Page>>
endobj
17 0 obj
<</Filter/FlateDecode/Length 3442>>stream
|
||||||
|
H‰ÔWÛŽd9|ﯨè³NßýÊ"ñ„â<>h-Œ‹Äòÿ‘ö¹Tu5=»³Z¡‘¦u|Iç%2üÝŸ¾¿}÷ÇïÃíw¿ÿþönþï/ßýá/áö÷ÿ¼üûfúÅn¹l5þÚ6jë··5ýÇ—¼•‘0ú'G=Þ^mK6 |