
Netboot - p4bl0
http://netboot.xyz/
======
jamescun
NetBooting from the internet AND over HTTP? Sign me up!

Sarcasm aside, at the very least it would have been nice to see it use iPXE's
`imgtrust` and `imgverify` functionality, which I could then audit and load on
to a boot medium for netboot use.

~~~
alfiedotwtf
For any naysayers, there's no difference between this project and say
Hashicorps' images. You're either using upstream, or you're not. But yeah, you
probably want a cert.

To be honest, this looks like a cool project. I've always wanted a way to PXE
without having to need another host on the LAN.

------
gravypod
Running unsigned code from the internet? Have I woken up in crazy land today?
When did things like this become acceptable.

~~~
akerro
Run:

sh | wget
[http://www...something.com/install.sh](http://www...something.com/install.sh)

to install something automatically! Way too many projects do it, from my head:
rvm and oh-my-zsh.

~~~
bodyfour
No worse than "./configure && make && sudo make install"

~~~
viraptor
It's a bit different though. autoconf/automake is mostly autogenerated and
will prevent silly issues like accidental wiping of your drive
([https://github.com/MrMEEE/bumblebee-Old-and-
abbandoned/issue...](https://github.com/MrMEEE/bumblebee-Old-and-
abbandoned/issues/123)). Released packages will often have hashes either on
the website or as additional download. With git you can verify tags (provided
they're signed). You can compile&test package inside chroot before installing.
Etc. etc.

In theory, yes, `curl | sh` is the same as configure&make is the same as
downloading your initial iso image and installing the system from it. In
practice they have different risks associated with them.

~~~
bodyfour
Sure, autoconf is generated, but often develops have to add custom rules.. and
do it with arcane m4 macros to boot. I think they're similarly prone to
mistakes.

For nefarious purposes I actually think it's worse than the much-maligned
"curl|sh" scenario. I bet a reasonable number of people _will_ end up trying
to download the script, out of curiosity if nothing else. If it's doing
anything not straightforward, it would get attention. In contrast, who would
notice a line added to the middle of a 8000 line auto-generated configure
script?

~~~
viraptor
That wasn't my point. configure doesn't prevent malicious behaviour, but it
would prevent silly mistakes at install time. (unless you actively break out
of macro environment)

The point is, technically there isn't anything different between `curl | sh`
and installing a system from either a downloaded .iso or a mailed DVD. Both
run code from untrusted sources on your computer. But in practice they're very
different because of user behaviour and ability to validate data before
running. There's a whole spectrum in between and configure&make is somewhere
on it.

------
crackerjackmack
Netbooting isn't new. Insecure netbooting isn't new (ala netboot install USB's
per distro). Wrapping it up into a cohesive service is and it's awesome.

Going signed CA wouldn't be hard to do in this case at all, it's just part of
the build process actually but only gets you to to a trusted PXE+menu system.
After getting into the PXE menu a system could still hijack the upstream
kernel/initrd files.

Even freebsd netinstall (aka not limited to linux installers) is just http/ftp
without any package signing. The whole ecosystem probably needs to mature some
more in regards to verification that won't break downstream projects such as
this.

------
mercora
After boot.kernel.org and netboot.me seem dead now i like to see this kind of
thing available again. I acknowledge the threat of downloading these boot
images over the internet but think it is actually not that much different from
downloading the iso... from the internet. Sure, i could verify the image more
easily but i barely did this in the past. However the ability to verify the
the images would be nice though.

~~~
theantonym
Dev here. The project is just a bunch of iPXE scripts that understands how
each distro works and routes you to their hosted bits or a trusted mirror once
you select the image. I've tried to keep all of the code on Github and the
Travis CI deployment out in the open for that very reason. A project like this
needs to be highly visible in order to be trusted to a degree. I also have
things like image verification and https support on the list of things to do.

------
7373737373
Combining this with IPFS.io would be interesting. See
[https://github.com/zignig/astralboot](https://github.com/zignig/astralboot)

------
Mojah
I'm happy to see the PXE booting scene get a new revival. It's one of those
crucial services that's often neglected. It's also not a very "sexy" place to
do development in, but boy it's good to see a proper tool emerge.

Fyi, I first heard about Netboot via the cron.weekly newsletter last Sunday,
it seems to be a very new project that's only just been released:
[http://www.cronweekly.com/issue-11/](http://www.cronweekly.com/issue-11/)

------
mawalu
A short idea after seeing some people complaining about the security. Wouldn't
it be possible to host the IPXE scripts itself on gh-pages? That way the
hosting would be complete transparent and the .github.io domain would work
over SSL

------
HeadlessChild
Archlinux does the same thing for their releases.

[https://releng.archlinux.org/pxeboot/](https://releng.archlinux.org/pxeboot/)

------
jlgaddis
This is very cool and very useful to me as I'm currently in the process of
rebuilding our infrastructure (working on OpenBSD autoinstalls at the moment).
I'm gonna test this out very shortly although I'll be using it internally and
not over the Internet (for what should be obvious reasons), but it will
definitely simplify things for me. Thanks!

------
mwcampbell
Looks similar to boot.rackspace.com.

~~~
theantonym
Yeah, I originally wrote boot.rackspace.com. I built netboot.xyz based on a
lot of that original code, expanded what Operating Systems and Utilities it
supported, and wanted to make it a more open project for everyone to take
advantage of.

------
matt_wulfeck
This is a really neat idea security concerns aside. I have about 5 minutes USB
drives laying around with various OS versions. Sometimes I just want to you
with something (such as mint Linux) and this kind of thing is ideal! Thanks
dev, great work!

------
notlisted
The only thing I get from xyz domains is spam and viruses (I didn't click the
link).

~~~
therein
It is just a TLD, dude. Doesn't mean anything.

~~~
legulere
It means much: who is operating it and under which jurisdiction.

------
neeel
Sounds great

------
mcs_
Thanks

