Additional Considerations for Becoming a Steemit Witness

This a a response to the article @krnel published today describing his journey on becoming a Steemit witness.

Note that I am not a witness for Steemit, but I am a witness on BitShares, and this article is applicable to any graphene based blockchain. Some information was skipped over which I feel is very important, mainly that of selecting your VPS and the criteria you use to do so.

I do not wish to take away from @krnel's informative and useful article, I only wish to comment on it and offer additional information to consider. Seeing as he intends to document his journey in a series of articles, I do not wish to "steel his thunder" or hijack his efforts in any way. In fact, I may learn something from reading his series, especially when it comes to steem specific information.

---

This article will focus on what I believe is the most important omission, that being the criteria used to select a host platform:

1. The type of host (cloud, KVM, OpenVZ, XEN, VMWare or dedicated server)
2. The amount of RAM
3. OS version
4. Bandwidth
5. Diskspace
6. Location relative to other witnesses (to maximize decentralization)

Aside from item 6, the criteria above are ranked in order of importance and will directly influence the cost of your host. Item 6 can affect server cost, as market prices in different locations vary, often substantially. However location, which also includes the hosting company selected, is best chosen to optimize the decentralization of the Steem blockchain. Decentralization would suffer for example if a single company like Amazon or Digital Ocean were used by ALL witnesses, even if the servers were located in different datacenters around the planet; the single point of failure in that case is the hosting company itself.

Some of the criteria will also influence the security of your witness if you're not using a dedicated server, which is the most costly approach to take but is also the one that provides the greatest flexibility and control of your witness. Note that the type of host and the RAM it is configured with have the greatest impact on performance, with the amount of RAM directly contributing to the cost of your host.

As for security the biggest concern I see is in using a Windows system to set up the host. I regularly use Windows, Mac and Linux operating systems, but I never use Windows to access my witness or seed nodes, as I believe it's next to impossible to secure a windows box against threats such as key loggers. Not saying it can't be done but the risk to security increases with each additional application and interaction on the Internet a Windows system exercises. If you choose to use a Windows system to setup your host I recommend it be a machine you dedicate to witness maintenance and it be offline most of the time. You should also be careful of Micro$oft updates. Unfortunately Micr$soft has made what each update does difficult to obtain.

Another thing to consider for what type of system you use to setup your witness is the push in the last year or so that both Micro$oft and Apple are giving their operating systems away for free. This is a major change to the policies of both companies, and affects their approach to generating revenue / profits. Although I have no empirical evidence, I have much skepticism in what the motivation for that change was. Could it be to push functionality out to as many computers as possible to facilitate NSA eavesdropping? Is the government compensating these companies to incentivize such changes? One can see the major push for more "cloud" based services, which may provide more convenience but also takes away a huge amount of control users have over their own data and computing habits. Cloud based computing is just what the "Big Data" miners ordered, and I reject it until I become assured I have not given up control of my data and privacy.

Although Micr$oft has continued to improve its security over the years, it was not designed with security in mind. Its heritage originates from the days of MSDOS and Micr$oft has chosen to remain backward compatible in many respects to that ancient OS. The designs of Linux and Mac on the other hand have their roots in the UNIX operating system and is far more secure because of that. The easiest way to understand the difference is that Windows is built with open access to all resources as a baseline, and access is restricted by specification to limit it from that baseline. All UNIX variations such as Mac OSX and Linux start with a baseline that prohibits access to everything and alters that baseline by granting specific access by permission. You might say the UNIX design is based on an "authoritarian" model in comparison to Windows.

What are the minimal and recommended requirements for a Steemit witness node? I am not qualified to answer that, and furthermore it is a moving target as it is with all graphene blockchains. As adoption and the number of user accounts increase items like disk space and RAM may need to be adjusted, perhaps often depending on the rate of changes taking place or whether you choose to begin near the minimum end of the server resources or more towards the high end. Providing more initially will increase the time before you need to upgrade.

I encourage every potential witness to take their role seriously and consider what is best for the robustness, reliability and security of the Steem blockchain, and review their choices of hosting providers accordingly.