mikaeldice: I'll leave your hint to this.. somewhere on the system will be an administrative user who can access the security software to disable these protections; the system won't allow you to remove the last security administrator

mikaeldice: I hadn't, but it'll be taken into account now :D

mikaeldice: I'm open to suggestions

mikaeldice: I came here to try to find the best way to prove it's not a scam, the best I could come up with is escrow

mikaeldice: Not a scam.. when I do actually post the competition it'll be on the forums, and with an escrow for the BTC

mikaeldice: I can throw in 1 myself, plus whatever competitors add

mikaeldice: I'd go to 10 if my company would sponsor it, but I doubt they would

mikaeldice: true, but it lacks a certain panache.. I'd like to see a hot wallet sitting on a server with open root access for a month unmolested

mikaeldice: I dunno, the excitement of it. I want to show that a hot wallet can be secured

mikaeldice: Maybe I could have the initial 1 BTC held in escrow, to be given to someone who can force the webapp to display their own bitcoin address

mikaeldice: Maybe the webapp can sign a message every hour or something, but I don't know if that'll include the IP address where the message was signed

mikaeldice: But to go back to the original problem, I need a way to prove that the wallet is there to begin with

mikaeldice: I'd be keeping a keylogger record of everything so I can see how it's broken if it is broken. Maybe I could throw that up on the webapp for spectators

mikaeldice: I don't have that to throw around. But I could probably start a bitbet for spectators who don't have access.

mikaeldice: I'm not sure.. probably 1 BTC to start with, plus whatever challengers throw in

mikaeldice: kakobrekla, I'd leave it up for a month or so, maybe longer. A minimum of a month

mikaeldice: Yep, but I'll give you a hint, it involves kernel level protection

mikaeldice: I'd even make a little webapp that interacts with bitcoind so there's another vector for attack

mikaeldice: Nah, I could disable iptables

mikaeldice: But I need a way to prove that the wallet is there

mikaeldice: lol, truffles. It'd be a test of sorts, to prove the security software out. If it can hold up to an open invitation to the bitcoin community to try to break it, then I'd say it's relatively secure

mikaeldice: Maybe I'd throw something up on bitbet too.. that would be fun to watch

mikaeldice: Or maybe I'd just let it ride forever

mikaeldice: Each time someone buys the root login, the bitcoin would be added to the wallet for a total pot.. I'd keep it after a month if nobody could break the security

mikaeldice: But I need a provable way to show that the wallet is on that machine that they're given access to, or people will yell scam

mikaeldice: hostname/IP.. I'd probably use linux on EC2, then have the machine run a little program that interfaces with bitcoind and gives out the password whenever someone gives it a bitcoin

mikaeldice: I want to make a bet on the strength of the security software being used on the computer, that given the root password and an unencrypted wallet, that still nobody could steal the wallet

mikaeldice: There's an ip address encoded into a transaction, right? Maybe I can have the machine sign a message or something

mikaeldice: I'm trying to think of a way to prove that a wallet is on a specific machine

mikaeldice: I have access to one