[Freedombox-discuss] FreedomBuddy to use Tor to resolve IP address of nodes?
On 05/01/13 16:12, Graham Burnside wrote:
> On 05/01/13 15:20, Jonas Smedegaard wrote:
>> Quoting Graham Burnside (2013-01-05 15:15:05)
>>> I've had a couple of hours recently to catch up on how freedombox is
>>> developing. I was reading through the debian wiki and noticed that the
>>> method being used to resolve the IP address of nodes in the network is
>>> via Tor hidden services.
>> It is true that some are discussing how to penetrate masquerading
>> firewalls and how to discover nodes. Also true that some find Tor
>> suitable for handling those issues, and actively explore that option.
>> Some of us, however, consider FreedomBox a project to mainstream
>> privacy-related functionality that is already mainstream among geeks.
>> With "mainstream among geeks" I people who install packages with
>> aptitude (or apt-get) and generally rely on Debian to provide sensible
>> defaults for those packages.
>> I believe Tor is only relevant to consider including into FreedomBox
>> when someone can provide sensible defaults for it which can be
>> integrated with the Debian packaging of Tor.
>> Until then, Tor is outside the scope of FreedomBox, in my opinion.
>> Don't get me wrong: Tor is a _very_ relevant tool, my point is that it
>> is not yet mature enough to mainstream among non-geeks, when not even
>> mainstream among geeks yet.
>> Same goes for any other exciting inventions - I do not mean to
>> fingerpoint Tor specifically, that just happen to be the one you
>> emphasize so I feel a need to "de-emphasize" it.
> I would have thought that the firewall penetration will be a non
> issue, the boxes will presumably be connecting via a IPsec VPN (Strong
> Swan)? In tunnelling mode this would allow NAT traversal. Finding your
> friend's box (node) is the problem, for which we must rely on some
> form of dynamic dns.
>>> I know that Tor is well tested, but is this not far too centralized a
>>> way of bootstrapping the networks? More so, is it not going to make a
>>> lot of people nervous about hosting a node on the network. It wouldn't
>>> take more than the mention of silkroad and CP in the mainstream media
>>> to taint the whole project.
>>> Has there been any discussion into alternatives? Such as running a
>>> basic xmpp client on each box, which periodically contacts your
>>> friends' boxes with its current IP address, encrypted and signed using
>>> PGP? The host freedombox JID could be distributed with public keys.
>>> This would allow anyone with a domain name to run a tracker for their
>>> friends' boxes, or to just use a free jabber server.
>> I find your idea interesting.
>> But please think of FreedomBox not as a box containing unique tools, but
>> as a box containing uniquely simple access to common tools.
>> ...which means specifically for your idea: Please implement your idea as
>> a common concept independent of FreedomBox, and when it gains some
>> traction then suggest that FreedomBox _also_ adopts that concept -
>> either at its core or perhaps as an option among several.
>> It is my understanding that those talking about Tor as core platform for
>> Freedombox, seek a high level of privacy, which is more complex to reach
>> reliably, and is not yet mainstream even among geeks.
>> I imagine that those seeking high level of privacy (read: secrecy and
>> stealth) would find it outragous that their box would act as a beacon
>> towards (most likely centralized, due to the issue of non-public IPs)
>> xmpp servers.
>> What I have not seen (please do correct me if simply I've missed it!) is
>> discussions taking into account the level of privacy needed, and being
>> realistic about which privacy levels are achievable at an early stage
>> reflecting what is already mainstream among geeks - which I call
>> FreedomBox 1.0.
>> - Jonas
> Tor does provide anonymity, it is also a central record for all
> machines connected
> see - https://metrics.torproject.org/exonerator.html
> As for unique tools, FreedomBuddy certainly the glue binding together
> common tools, but no more so than implementing a custom xmpp client
> with say python-jabberbot (in debian repo). XMPP works on a client
> server basis, so your IP is not being broadcast beyond your trusted
> XMPP and DNS servers. If you really need to be anonymous, connect to
> them over Tor.
> Now don't get me wrong, I'm a believer in decentralization, anonymity
> and net neutrality, I just don't think that fbx should be rolling out
> with Tor enabled in version 1.0 I think that it is a very useful
> tool, and when a critical mass is met alongside say, another Arab
> spring, then users should be urged to enable the service.
> - Graham
See basic example clients here -
"The code below will connect the client to the server and
authenticate. A base client in just 12 lines of code ? can you believe it?"
-------------- next part --------------
An HTML attachment was scrubbed...