[Freedombox-discuss] Rouge Freedomboxes and government intervention
bertagaz at ptitcanardnoir.org writes:
> But well, live systems or encrypted filesystem are just workarounds on the
> "someone have physical access" issue, and both aren't a real solution, in
> the ages where cops can use devices that enable them to move a computer
> without shutting it down. And seems ram memory doesn't forget
> informations like we thought. ;)
Yeah, and all of the features that cope with the physical access
problems (ramdisk-only mode, physical access randomization *in* RAM,
etc.) add significantly to the system requirements, putting us well
beyond what the smallest of low-spec systems and plug 'puters at which
Freedombox is targeted.
>
> Anyway I don't believe that both use cases you describe are that
> exclusive, might be just an option to check to have this feature, and even
> then, the "silverlining" use case might still use it by default and find
> advantages to do so. Another -stealth option that might not be that hard
> to push in 1.0.
>
> bert.
No, I don't think they're exclusive vis-a-vis the distribution, either;
they're just rather different goals in terms of the installation and
administration of the system. The livecd/liveusb menu could offer
ramdisk mode or not, as well as Debian Live-based persistency for those
who don't want to install.
The only problem with Debian Live is that it makes upgrades (in
particular, security-critical kernel upgrades) a real pain. The only
way to replace the kernel on a Debian Live system is really to get a new
ISO--otherwise, hosting the Copy-On-Write filesystem in RAM, and even
allowing apt-get install to work there, is all supported by Debian
Live. GRML ( http://grml.org/ ) might be a good live system to look into
if you want to see all this stuff working on a debian base, and it also
includes a lot of the server and security tools that would probably end
up on a Freedombox.
Reply to: