Making XBMC tamper-proof
#1
Lightbulb 
I am setting up an xbmc media PC for my parents who do not know the first thing about computers (as in copy/paste is a difficult concept), and I need to make this thing impregnable to human error as much as possible. A reboot should solve most problems that they will ever encounter but I have something a bit more elaborate planned for more serious problems and maybe you all could help me work it out.

Currently I have a 60Gb SSD storing all the programs and system data, as well as other 2tb hard drives configured as file storage. I have a spare 60gb hard drive sitting around and what I had in mind was setting up a complete mirror image backup of the system drive on this hard drive,

setting up a USB button, something unmistakable like this:
http://www.uxcell.com/portable-gadget-em...39901.html

and using eventghost to trigger the backup hard drive to overwrite the system drive upon a press of that button.

Now I have some questions:

What programs will I need for this?
If some sort of malicious virus infects my system drive, what steps can I take to secure the backup drive?
Are there any other methods for making xbmc idiot proof that I havent considered?

Thanks
Reply
#2
in my experience, Windows XBMC and idiot proof do not match. Even could not make an windows XBMC work like 24/7 for months with something going bork.

Use Linux and a simple skin like xtv to hide all the non essential stuff
MBP late 2009 - TimeCapsule 2TB - Harmony One+ - Readynas NV+ 8TB RAID5 - Mac Mini late 2009 with 10.9.0 and VDA - Panasonic TX-PG420ES -
Reply
#3
If it's just a htpc, use openelec, password protect settings and use a skin that supports a kiosk mode.
Reply
#4
Not to start a Windows vs. Linux thread (go ahead if you guys want, but I stopped having those arguments a long time ago), but if the end user has a hard time with Windows, then Linux is not the answer I would point to Undecided

That said, to answer the original questions: First, forget about any ability to set up a mirrored drive that is impervious to any type of malware. Not going to happen if it's connected to the same machine. The only way you could do that is if you store it on a separate machine entirely. Some will argue that there is this and that, but if it is connected to the same machine there is no way to make it bullet proof.

Besides not being truly effective in the way you want it to be, it's also susceptible to hardware deterioration, corruption, and whatever accidents your parents may have. Personally, I would image the system after it is fully configured the way you want, burn it to a DVD and label it "Stick me in the DVD player when your TV stops working". There are a lot of great disk imaging products out there, but you are most likely going to want a commercial product that will offer a nice easy automated restore that either asks no questions of the users (i.e. your parents) OR can use a configuration file that you can set up in advance.

Alternatively, you could place the image on a USB thumb drive that you secretly duct tape to the bottom of their entertainment center and when you get that call, just tell them where to find it, stick it in, and reboot.
Reply
#5
gabbott Wrote:If it's just a htpc, use openelec, password protect settings and use a skin that supports a kiosk mode.

+1
Reply
#6
j114 Wrote:Not to start a Windows vs. Linux thread (go ahead if you guys want, but I stopped having those arguments a long time ago), but if the end user has a hard time with Windows, then Linux is not the answer I would point to Undecided

Openelec was designed to be an appliance, it's ultimate goal is to hide the OS away from the user therefore the user wouldn't have to deal with actually dealing with the underlying linux OS itself.

Shrug, to me seems less daunting than a windows setup when one is trying to make a foolproof box as possible and keep users from messing something up in the OS. I'd think the end goal is to keep it simple.
Reply
#7
j114 Wrote:Not to start a Windows vs. Linux thread (go ahead if you guys want, but I stopped having those arguments a long time ago), but if the end user has a hard time with Windows, then Linux is not the answer I would point to Undecided

I thought the whole point was to abstract the 'end user' from being able to screw anything up. As far as XBMC front end is concerned they look smell sound and taste the same in Windows and Linux.

Quote:That said, to answer the original questions: First, forget about any ability to set up a mirrored drive that is impervious to any type of malware. Not going to happen if it's connected to the same machine. The only way you could do that is if you store it on a separate machine entirely. Some will argue that there is this and that, but if it is connected to the same machine there is no way to make it bullet proof.

1) Install an OS with minimal Malware
2) dd if=/dev/sda of=/dev/sdb

Another vote for OpenELEC.tv. Other than a hardware failure it should boot up every time.
Code:
GRANT ALL PRIVILEGES ON `xbmc_%`.* TO 'xbmc'@'%';
IF you have a mysql problem, find one of the 4 dozen threads already open.
Reply

Logout Mark Read Team Forum Stats Members Help
Making XBMC tamper-proof0