[Freedombox-discuss] In-the-cloud infrastructure and business involvement (was: distributed DNS)
On Tue, Mar 15, 2011 at 11:06:36PM +0000, Bjarni R?nar Einarsson wrote:
> On Tue, Mar 15, 2011 at 9:26 PM, Clint Adams <clint at debian.org> wrote:
> > On Tue, Mar 15, 2011 at 03:27:11PM +0000, Bjarni R?nar Einarsson wrote:
> > > Can that be done at all? Or should we assume that any infrastructure
> > > required by the FreedomBoxes will be managed and owned and run by the
> > > foundation? Deciding whether the project as a whole is business hostile
> > or
> > > not is a pretty fundamental question.
> > Personally, I think the only centralized infrastructure the
> > FreedomBoxes should need is the distribution of software security
> > updates, and that anything else should be regarded as a stopgap
> > measure as we move toward proper decentralization.
> I agree that that would be wonderful! And it's a worthy goal, and something
> to work towards. But I also don't think it is at all realistic given the
> tools we have to work with today and more importantly, I really don't think
> it's a good idea to throw out the entire existing set of Internet protocols
> and standards because they aren't compatible with this goal.
No one talks to leave the standards or Internet Protocol, but to build
smart privacy enhanced solutions on top of them, and replace the existing
infrastructure where it sucks when that's possible.
This was moglen's talk, to say that the FOSS community did build the
Internet (at some point), in a direction without having some of its
challenges in mind (privacy, fast development and everyday usage from
billions of people, gov interests in controlling internet...). And that
the FOSS community have the brains and capacity to overthrow this facts by
developing tools with this challenges in mind, such as the freedombox.
> Backwards compatibility with the existing standards of the Internet should
> not be a "stopgap" second choice, it should be a #1 priority, first class
> feature. Because without it, FreedomBox users will only be able to
> communicate with each other and it will become incredibly hard to build up
> the kind of network effects needed to get these devices widely distributed
> enough to help the average non-technical person. That's the ultimate goal,
> And as far as I can tell, such backwards compatibility is almost impossible
> to obtain without some help from "the cloud", and much of the help which is
> available, comes from commercial sources.
Assuming this sentence without defining what you mean by "service" is too
imprecise. If you talk about facebook, then yes backward compatibility is
a must, but we won't have much help from them. If you talk about the DNS
issue for example, I don't see the point.
> Should we not do that, and say "Here are three different
> > service providers you can choose from to sacrifice your
> > personal privacy to, but you are free because you have
> > choice," I think we are missing the point.
> I think if you design something that people can't use to actually
> communicate, then it will never go anywhere and will also miss the point.
> Anyway, I think you just made a straw-man argument - just because you
> receive help from the cloud, does not mean you have to sacrifice all your
> privacy at once.
> The obvious example is the routers that make up today's Internet. Although
> technically any (or all) of them could spy on your packets, if you make
> careful use of things like SSL or SSH or GPG or Tor (as appropriate), you
> can happily use these centralized routing devices without sacrificing your
> privacy or freedom. To varying degrees, things like SMTP relays, proxies
> and VPN providers *can* all be fine as well.
> In my opinion these are all clear examples of the types of "business" that
> FreedomBoxes could comfortably coexist with, services which are as close to
> being dumb pipes as possible, and are easily interchangeable so you don't
> get locked in.
> But the question still remains - assuming such things were useful and
> needed, would people want these services to be provided only by non-profits
> or volunteers, friends and family, or is there room for businesses as well?
> Most likely we're not really ready to answer that question yet, but I think
> it is one we should be thinking about.
"Room for business" is a bit vague. Do you mean having people doing
business on top of the freedombox? Having business participating in
freedombox's infrastructure? In the later, I guess we can let users
choose, but I totally agree with Clint and Ian on the way they see it, it
should contains big warnings, and offer reliable alternative solutions,
with clear sentence it's better to use the latter.
I personally won't give my private data to companies, it's far less
reliable to what we intend to build with the freedombox.