[Freedombox-discuss] In-the-cloud infrastructure and business involvement (was: distributed DNS)
On Wed, Mar 16, 2011 at 03:42:03PM +0000, Bjarni R?nar Einarsson wrote:
> On Wed, Mar 16, 2011 at 11:46 AM, <bertagaz at ptitcanardnoir.org> wrote:
> > On Tue, Mar 15, 2011 at 11:06:36PM +0000, Bjarni R?nar Einarsson wrote:
> > > On Tue, Mar 15, 2011 at 9:26 PM, Clint Adams <clint at debian.org> wrote:
> > >
> > > > Personally, I think the only centralized infrastructure the
> > > > FreedomBoxes should need is the distribution of software security
> > > > updates, and that anything else should be regarded as a stopgap
> > > > measure as we move toward proper decentralization.
> > >
> > > I agree that that would be wonderful! And it's a worthy goal, and
> > something
> > > to work towards. But I also don't think it is at all realistic given the
> > > tools we have to work with today and more importantly, I really don't
> > think
> > > it's a good idea to throw out the entire existing set of Internet
> > protocols
> > > and standards because they aren't compatible with this goal.
> > No one talks to leave the standards or Internet Protocol, but to build
> > smart privacy enhanced solutions on top of them, and replace the existing
> > infrastructure where it sucks when that's possible.
> I was responding to Clint's desire to need no cloud-based infrastructure
> aside from software updates. That will never happen if you want the boxes to
> be able to communicate with the existing Internet - at the very least there
> will be traditional DNS involved, and probably some e-mail helpers and
> proxies as well, XMPP servers, pubsubhubbub, etc. etc. Hopefully none of
> those will be centralized in the sense that everyone goes through the same
> provider and people have no choice, but help from the cloud will be needed.
Why would it be needed if the main idea is that each service is hosted on your
freedombox or the one of your friend, which helps a lot to bring back data
close to you, or in trusted places. Sure some pieces will be hard to get
rid off, like a registrar for the top level domain, but there are ways get
rid of a lot of this pieces.
> The common refrain of "your geekier friends will help you" is avoiding the
> issue, IMO. Not everybody has technical friends. And not everybody wants to
> rely on favors and goodwill for their Internet connectivity. :-P
This I guess this issue is more to build rock solid software together with an
understandable interface and smart configuration mechanism.
> This was moglen's talk, to say that the FOSS community did build the
> > Internet (at some point), in a direction without having some of its
> > challenges in mind (privacy, fast development and everyday usage from
> > billions of people, gov interests in controlling internet...). And that
> > the FOSS community have the brains and capacity to overthrow this facts by
> > developing tools with this challenges in mind, such as the freedombox.
> Moglen explicitly talked about using existing infrastructure, such as
> dynamic DNS, which is what prompted this discussion in the first place - the
> question of whether using existing providers was acceptable or not.
But I don't remember he neither explicitly told we should use this
centralized services such as the dynamic DNS one, but rather use better
thought and distributed implementations. Looks like we didn't understand
the same in his talks.
> "Room for business" is a bit vague. Do you mean having people doing
> > business on top of the freedombox? Having business participating in
> > freedombox's infrastructure?
> I mean explicitly founding a business to help FreedomBox users. Like
> founding a mail relay provider which promises to anonymize and discard logs
> and do it's best to not end up on spam black-lists (so FB users can reliably
> *send* e-mail), or a DNS provider that gives you a super-cheap name, but
> also promises to delegate it to whichever DNS servers you choose (so you can
> switch providers at will). Or a privacy-friendly IPv6 VPN service. Or an
> all-in-one virtual ISP which provides all these and more in one easy
> package. There are many, many services which could be provided from the
> cloud which could make FreedomBoxes much more powerful and viable in the
> short term.
So why leave the cloud then?
> Obviously no such ventures would or should be guaranteed business, and none
> should be granted exclusive or even preferred status - but if the project is
> openly hostile to such efforts and *only* wants to work with non-profit
> community efforts, then that's a pretty important thing to know up-front,
> isn't it?
Sure. This make me think of a correlation with the Tor project, which has
nodes run by volunteers only and is fine with that. And this is part of
its resilience against attack on privacy. I guess a lot of people
(including me) that are concerned by privacy think that business is by
essence almost incompatible with privacy. Mostly because business is far
more dependant on the govs than individuals, and that business on internet
is a lot based on dealing with user datas.
> I personally won't give my private data to companies, it's far less
> > reliable to what we intend to build with the freedombox.
> Companies that require you to give them your data and sacrifice privacy and
> freedom would obviously not be compatible with the project. That should go
> without saying. My point is, it is entirely possible to at least *imagine* a
> service provider who does all the right things. What then?
> One possible strategy for FreedomBox would be to encourage such things. The
> diametric opposite would be to just assume that money always corrupts and
> businesses simply can't be trusted.
> I'm cautiously on the pro-business side, but I understand others may feel
> differently. Or maybe people just don't see the need and it's too early for
> this discussion? It's food for thought anyway. :-)
I understand your position, but I don't really agree with it. If we are
only two interested in this discussion, we can fork on private mails I