[Freedombox-discuss] What my idea of the Freedombox concept is and how I plan to realize it
Hello all,
I want to share with folks what my idea for the freedombox is and how
I'm continuing to work on achieving that goal. I'm a systems guy and so
I am a very practical, feet on the ground kind of person. As such this
e-mail will be somewhat low level and tactical, hopefully that will lead
to some productive discourse. :)
I have thoroughly enjoyed the numerous deep, if not somewhat theoretical
conversations on this list about security,encryption,naming system
changes,p2p etc. I do have a test lab and am looking forward to playing
with this stuff as it comes into fruition.
To contribute to that , I'm currently thinking through how to utilize
things like GENODE for a trusted code base on the bottom and run various
pieces inside Debian guests. As I work more with that idea I'll post up
my adventures.
As for my idea of the FreedomBox:
In a nutshell I want to create a debian meta package called ownyourdata
and in one single apt-get command have it build,deploy,defend an
integrated free software stack that provides secure (anonymity,
defensibility), encrypted (storage and transit), sustainable (encrypted
local and friend cloud backups), federated (can't be an island) data
ownership capabilities.
This would make it available to anyone running a Debian system on
whatever hardware platform they
choose. It would also make it easy for anyone performing integration
tasks (tech savy folks setting this up for their social network,
hardware/software vendors that we might partner with, NGOs etc).
The overall meta package would consist of some sub meta packages:
dataown-web (LAMP frontend applications mentioned on my wiki. Easily re
mixed with whatever LAMP apps folks choose to substitute).
I've been working on this pieces for the past 18 months or so, and the
current incarnation of my idea is documented at
http://wiki.knownelement.com/index.php?title=Data_Ownership
That page covers the process of getting off the cloud and onto ones own
server. I've gotten all my data off the cloud, though I do utilize a
hosting provider, as I'm no longer interested in maintaining a
server/network farm at home for production use. :)
I am happy with the software choices I've used for that migration. It's
taken a few iterations to find the software I like. That's the beauty
of free software, having those choices and being able to easily change
between them.
I think most of us are already at this point (data migrated off of cloud
onto LAMP stack under various degrees of our control). I want to make a
debian package that can allow anyone to get to that same point very
quickly. I feel that I've used these packages enough that I can strongly
recommend them to other people.
dataown-backends Package up various support daemons (XMPP/LDAP/Gnump3d)
This is additional functionality that most people would want to utilize.
It's something that is on my very near term todo list for my own use.
Should be pretty easy to package up.
dataown-backups (Tahoe-lafs, maybe duplicity?)
This is where I am now focused. Working on bullet proof automatic,
network local backups using duplicity and dumping into a Tahoe-lafs
grid, as well as p2p cloud backups with friends utilizing Tahoe-lafs and
maybe Phanthom/n2n. It's certainly a work in progress. I'll keep track
of the work on my wiki at
http://wiki.knownelement.com/index.php?title=BlueJacket It's actually
proving to be a somewhat difficult problem to wrap my head around. Well
the problem is simple, but numerous solutions exist that require
detailed analysis.
Once I've got the backups solid I will move on to security work. I'm
hoping to post a complete write up on my backup solution by the end of
April.
Ideally I can create all 3 above packages sometime in May.
dataown-security (Kerberos/One Time Password generation
bits/TOR/Phanthom/I2P)
This is something that will require substantial attention, analysis,
testing, user feedback etc. In short I feel it's where the FreedomBox
will truly shine. I don't expect it to be easy, and in fact expect the
first beta incarnation to take 6 months or so. We can bring "enterprise
grade" security to everyone at a vastly lower cost (no additional cost
beyond hardware)/complexity then existing solutions.
What do folks think of this idea?
Reply to: