[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] [Freedom Box] Finding your FB box on the network

On Thu, Oct 14, 2010 at 03:01:09PM +0200, bertagaz at ptitcanardnoir.org wrote:
>On Thu, Oct 14, 2010 at 01:44:14PM +0200, Christian Br?dstrup wrote:
>> > But that'd suppose to have a configured network at boot, which 
>> > might accomplished with the 'ip' option pass to the kernel at boot, 
>> > but then should it be static IP or dhcp?
>> >
>>
>> I think most non-techs use a router with DHCP to access the internet. 
>> I could of course be wrong but in my experience it is the most common 
>> configuration.
>
>Yeah, but how does the user know what IP address his FB had by the DHCP 
>so that he can install it with the web interface? Zeroconf might be the 
>answer, but as I'm talking about using the debian installer, that'd 
>mean put avahi in it, which I'm not sure is feasable nor is a good 
>idea. Like what if a malicious user is on the network you're installing 
>the FB on. If he/she uses zeroconf too, that'd be problematic.

If security is a concern (and it is!), then we need some way of 
establishing a secure connection between the FreedomBox and its user.

Avoiding Zeroconf is security by obscurity: Malicious users of same 
network cannot simply query Zeroconf for FreedomBoxes but can still 
portscan the network.

I briefly proposed in an earlier post to implement a special "handshake" 
in the FreedomBox boot process.  Such routine could be added to the 
installer too - which means that handshake could be made to not require 
internet access, and thus be possible with a cross-over ethernet cable 
directly between the box and its user.

The result of that handshake should be (in addition to the box being in 
wipeout-myself mode) that either the user have been given a security 
token or (weaker) that the FreedomBox have collected some id of its 
user's machine - e.g. the MAC address.

My favorite would be that the security token was a WebID, i.e. a 
client-side SSL certificate (with some extra hints added to act as a 
semantic web user id too).  Tough part of this is to follow the 
documentation on generating WebID correctly - and make it work inside an 
install routines.  It should be pretty easy to then restrict web 
interfaces to only use SSL and only accept communication with those in 
possesion of that WebID.


In other words:
   * Let's make it dead easy to locate the FreedomBox
     (i.e. using ZeroConf and whatever is equivalent on Windoze)
   * Let's deal with security separately
     (i.e. let's solve that later, as another stack on top)


  - Jonas

-- 
  * Jonas Smedegaard - idealist & Internet-arkitekt
  * Tlf.: +45 40843136  Website: http://dr.jones.dk/

  [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20101014/30e5277d/attachment.pgp>
Reply to: