Design and ToDos
See also: FreedomBox/ExampleProjects
This is the result of a brainstorm from the debconf team.
- enable people to reclaim their privacy and control of their data
- return to the peer to peer nature of the net (vs. tendency towards hierarchical organization)
- making a consumer product
- easy to use for everyone (pre-installed, easily configured, easily restored)
- inexpensive (dirt cheap)
use at home (expand: legal significance of 4th amendment context; non US-specific: Article 12 of the Universal Declaration of Human Rights)
- smooth transition from cloud services (e.g. social networks)
- secure routing
- generic and configurable
- want hardware makers to be enthusiastic about the project and not hide their specs
- Content Providers
- Service Providers
- Network Providers
- Device Makers
Gnupg, good old proven method to allow encrypting and signing your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. Usability considerations need to be considered.
WebID, draft definition of URI to defining "you" on the semantic web - i.e. works directly with FOAF, Sparql etc. Draft implementation seemlessly fallback to resolving via Webfinger if no FOAF data resolved.
OpenID, single sign-on
OAuth2, single sign-on plus authorization flows - IETF draft
- user info (metadata)
Webfinger, draft of a protocol for getting user info (metadata) associated with e-mail via HTTP
Fingerpoint, draft of a protocol for getting user info (metadata) associated with e-mail via HTTP - requires minimal implementation (need no processing beyond static http to serve an identity!) and works directly with FOAF and Sparql.
Areas of work / architecture
- project management tool
- hardware support
- IRC proxy (maybe even server?)
- statusnet instance
- Debian base with debconf pre-seeds for base systems (lenny?)
Config system (Config::Model?)
- Encrypted filesystem
- ARM CPU architecture support
- Zero-config installation to external USB and eSATA HDDs
- How is each box discovered and identified?
- Need some way of finding your mates
Most ISPs provide dynamic IPs. Would need to rely on external dynamic DNS service. (everyone else's Freedom boxes?)
possible solution: page kite
possible solution: unhosted
possible solution: p2p-dns modified to be cacheing and independent of .p2p TLD
- possible solution: set up a list of dyndns style services that freedombox will update with IP info. Good enough for most folks.
- Upstream bandwidth
- Very limited with typcial ADSL connections. How much of a problem is that if people keep downloading photos from it whilst you try to use the net?
- Coping with high demand
- Limited system resources mean popular hosted content (such as a popular social networking node) could easily make server unavailable
- How to cope with 'slashdotting'?
- If the box does mail then spam is a problem. Running spamassassin dramitically increases resource requirements on box
- Collective spam processing is effective because it is easy to identify mass-mailing. Would need to do this in distributed manner (razor-style?)
- There are other efficient solutions that decrease a lot the spam rate, see policyd or postgrey.
- Identity management
- Important to be able to identify yourself on various services so you know email and facebook and whatever IDs are all you, and should refer back to this FB for authentication. How do we do it? Is it needed in order to realise that an email addy is freedom-able and so signing/encryption can be used?
- Multiple identities needed e.g for two sites (e.g. home+college) or ID for FB and ID for mobile phone?
- Two boxes in one building (son/daughter brings FB home from college)
- Movable, transportable
- If a box is moved from one location to another and plugged in again, how does it continue to do what it was doing seamlessly?
- Storage: if it hosts all data one produces, plus backup from friends, it needs to house adequate storage, preferably commodity sata disks.
- For a purely online storage solution, this would be ok, but we would need a way to plug in or configure external storage. For example, I would want to plug in an external hard drive or configure it to use a NAS or a Eucalyptus cloud that someone I know operates.
Name of the project: Freedombox is apparently copyrighted, or at least the domain is taken by a company: http://freedombox.net.
- Critical security updates need to be applied quickly. Perhaps critical updates should be automatically and silently installed in order to minimise maintenance.
An existing unified interface for most aspects of server administration is Webmin. Perhaps a new (or modified) theme, minimising options and complexity, would be the simplest solution for the freedomBox remote GUI.
- set up a core/coordination team (ie. people that are actually going to work on this)
- What we need
- What we have
- How to contribute
- Who else is doing similar stuff
DebConf BoF Friday 9:30am 414 Schapiro
Alioth project (https://alioth.debian.org/projects/freedombox/)
IRC channel created on OFTC #freedombox irc://irc.oftc.net/#freedombox
- Vision stmt
- Add links/references
Next call: Saturday, December 9th at 14:00 UTC
Latest news: Stable FreedomBox images - 2017-08-05
This page is copyright its contributors and is licensed under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.