[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] Policy questions

> > > Sure, users are free to whatever with their FreedomBoxes - it is 
> > > Free Software.
> > 
> > People will install other non FreedomBox approved software. It would 
> > be nice if the FreedomBox has a software architecture that makes this 
> > as safe as possible.
> 
> FreedomBox is a Debian system with only FreedomBox-optimized software 
> installed.
> 
> Our users are non-technical end-users.  They will only install 
> FreedomBox-optimized software on their FreedomBox.  Because that is what 
> we tell them is safe.

What - no naughty users? ;-) Or companies that will try to persuade
users to install their "app" on the FreedomBox?

> > > You expect cloud companies to have done research in running 
> > > virtualization on crippled hardware without dedicated RNG or even 
> > > CPU virtualization support?
> > > 
> > 
> > Yes. Cloud companies are very security aware. CPU virtualization 
> > features are mostly there to improve performance, not security. The 
> > hardware of the FreedomBox is not crippled hardware. It is modest 
> > hardware for modest tasks. Cloud companies have more powerful 
> > hardware, but on this hardware they are running far more VM's. From my 
> > own experience i would say that a VM on my FreedomBox has roughly the 
> > same performance as a cloud VM.
> 
> 
> Well, you could argue that lack of a hardware Random Number Generator 
> (RNG) is related only to performance, not security, if always using 
> /dev/random (not /dev/urandom) and tolerating that the system freezes if 
> the random pool is depleeted.  But I dare say that is a lousy argument.

But most (non virtual) systems have no hardware RNG. I am using LXC as
virtualization technology. LXC shares the kernel between the VM's. Does
this mean i am getting "random" problems?

> > Diaspora is just an example. The problem here is that in order to 
> > mature some programs that we want to have on our FreedomBoxes need our 
> > platform to mature.
> 
> Yes. I agree.
> 
> But virtualization is an extreme, and you use somewhat the opposite 
> extreme as argument for your approach.  I then point out that instead of 
> fighting extremes with extremes, I find a more modest approach more 
> sensible.

I am trained as an engineer. I design systems with the "worst case" in
mind. 

> I dare say that your very approach of running virtualization on "modest 
> hardware" is experimental itself.  Quite interesting, but still.

Virtualization is widely used by the centralized services that dominate
the internet today. There are good reasons for this (not only security).
You may call my approach experimental (no problem with that), the
question is: is it the right approach? I belief it is, but i also belief
a system should be as simple as possible (but not simpler). I am looking
forward to the official FreedomBox architecture to compare with mine.

Rob van der Hoeven
http://freedomboxblog.nl
Reply to: