[Freedombox-discuss] 'No sysadmin' is the key to Freedom Box
On 4 March 2011 11:14, John Gilmore <gnu at toad.com> wrote:
> I'm glad that people are thinking about ways to build distributed
> meshlike store-and-forward networks with replacement connectivity
> after a politician tries to "turn off" the Internet because the public
> will has become inconvenient for that politician. But...
See Libya as of a few hours ago :(
> Let's not put the cart before the horse. The first stage in this
> project should be to build a rock-solid reliable implementation of
> what already works. Cleaned up around the edges so that an ordinary
> human being can "sysadmin" it, running on super cheap dead simple mass
> market hardware. The essential insight of the freedom box is that you
> don't NEED an air-conditioned server room full of expensive stuff to
> run Internet services -- all you need is a $100 box and perhaps a $100
> disk drive for it. It's the "hundred dollar server" rather than the
> "hundred dollar laptop". But today you need to learn too much, and
> waste too much of your time, to run such a server -- even if the
> hardware and software was free.
My hundred dollar laptop makes quite a good $100 server :)
> This means we need to design and build a box that takes NO sysadmin.
> If it doesn't work, you power cycle it and see if it comes back in a
> few seconds. If that doesn't work, you bang it on the concrete a few
> times and plug it back in. If that doesn't work, you replace it.
The units need to be of a high, reliable build quality not throw away items.
Lets not add to land fill unnecessarily.
> One community that's building Linux-based boxes that work like that is
> the home-gateway market (DSL or cable to Ethernet and WiFi boxes).
> WRT54G, etc. So we know it can be done, at least with some kind of
> backup tech support available to call for repairs. We're 80% of
> the way there today; that's a great start.
The only linux box I've seen like that is the Tomato firmware. DD-WRT is
painful. OpenWRT is just like any other sys admin tool. Further, flashing is
just a pain and prone to failure. I'd say, other than the fact they're
running on cheap hardware, they're not a good example. They're 1st gen.
We're at least 2nd gen or even 3rd gen now with the likes of Amahi and, to
some degree, Zentyal.
> AFTER we get our version of those boxes working, then add the idiot
> proof web server, blog server, email server, xchat server, DNS server,
> VOIP server, etc. Again, all these things already work in data
> centers, they just need to run without sysadmin. We're halfway
> there already - that leaves "only 90%" of the work to be done.
I agree that the foundations need to be laid first. Too often they are not
done properly and the house on top is on shaky foundations. I have a number
of ideas in the area, some of which can be done now, others perhaps not just
yet for a few reasons:
- A minimal base should be provide with a generic enough path to allow many
combinations to live on top. Pick a core system. Decide on the language for
any glue (perl, bash, say, not perl, python, ruby, bash and ksh). Stick to
native code where possible. Sure, these fancy new language allow for rapid
development but they're are heavy weight. Document the base well. Self
document where possible.
- Got a yubikey? Yes? Use that for authentication either natively or via
OATH. Want a mesh? No problem. Select which one, click and go. Most
configuration will be already provided anyway, further questions can be
asked if they are needed. The Apple UI design principles of keeping it
simple and allowing only direct control of the necessary functionality is
perhaps a good model here. The app store might apply too (with out the $$$).
- Utilise configuration management. debconf
provides rudimentary configuration and is good for bootstrapping. Cfengine
seems idea for this, especially for small devices. It'll make changes and
migrate change back to their know good state. It can take user supplied data
and apply it across the system as necessary. The downside is the learning
curve, which is fierce for those of us developing with it. Further, it can
scale hugely meaning a network of person devices can coordinate themselves
and configure as required. Cfengine is also a good way of documenting the
system and its scope.
- Utilise containers to provide clean, secure environments, especially for
Internet facing services. Compromise of problem with one of these containers
means it can be destroyed and rebuilt without affecting the main system.
Cfengine can coordinate these too. Vserver may be an option although at
present there are no packages for ARM for this on squeeze. I don't know if
this is an architectural problem or just that there is no owner for it.
> Only after that stuff is up and solid in ten thousand homes, should we
> be trying to ship sysadmin-free encrypted peer to peer facebook and
> twitter. Because we don't even yet have those applications written
> for experts today. We're 1% of the way there. Let somebody else
> pound that into working shape first.
I agree 100% here.
> Ditto for peer-to-peer WiFi networking with your neighbors, backup
> UUCP store-and-forward Deep Space Network links, etc. Get it working
> in some nice expert test labs first -- they deploy it in some
> production geek centers for a few years -- don't bog down the freedom
> box project with it yet. Evolve from simple to complex.
Again, I agree. We should be targeting a basic framework. We do need goals
though. What will this device actually allow a user to do?
> Even if you ran an extra Ethernet cable over the back fence (or down
> the hall) to your neighbor, which is a simpler configuration and one
> that I recommend that we support in preference to crummy crowded WiFi,
> we STILL don't have software that knows how and when to use it to
> provide backup connectivity without sysadmin.
That's pretty easy. Linux has allowed this kind of fail over for some time.
> Build that! Give the
> hardware guys a reason to put a 2nd or 3rd separate Ethernet interface
> onto their $100 box.
Here here. Another option is 802.11q vlans, though I don't believe there is
an auto configuration mode for such things and they're not widely supported
on consumer hardware.
> In urban areas, an extra 100-ft Ethernet cable
> is all that most people will need to "mesh" with their neighbors.
> It'd run 100x as fast as WiFi, and the hardware tells you when it
> gets plugged in, so it doesn't need a configuration interface. Linux
> can route and NAT the packets just fine, it just doesn't know WHEN to.
> We're 10% of the way there.
Laying 100ft of cable in an urban area isn't trivial. Here in the UK there
may be planning permission issues, boundary issues and plenty of other
problems. Plus with a crap ethernet port they may not even reach 100m.
> The Freedom Box project will succeed or fail on whether it works
> "without sysadmin". If only trained sysadmins can figure out how to
> be free, the society won't be free. It's like the early days of the
> telephone, when they couldn't figure how to scale up the system
> without having every third person be a trained "Operator". Make the
> system operate itself. That's where the biggest amount of technical
> work needs to go. And not just in software -- though that's a very
> good start -- but in hardware and in user experience design. When
> millions can buy it and plug it in without training, then millions
> can be freed from central servers and central surveillance. Not before.
Again, I wholeheartedly agree. We have protocols already that can assist -
zeroconf, ipv6 autoconfig, SRV DNS records and a whole host of existing
protocols with establish solid software. They can be hooked in the samba,
netatalk, ftp to provide core service.
Shorewall is a nice firewall abstraction and easy to management via simple
text files which can automated. snort can provide IDS.
We, as the sysadmins providing the framework, can glue all of that together
in a secure, easy to use manner. It's pretty easy to abstract away the
details and we may find we do get the plug and play utopia. But as you say,
and I agree, we're barely down the road.
For me, if nothing else the Freedombox idea and project has spurred me on to
develop out my ideas, so it's made me that little bit more free already :)
-------------- next part --------------
An HTML attachment was scrubbed...